Application Realms

ApplicationRealm

class cfxdb.mrealm.ApplicationRealm(oid: Optional[UUID] = None, label: Optional[str] = None, description: Optional[str] = None, tags: Optional[List[str]] = None, name: Optional[str] = None, status: Optional[int] = None, workergroup_oid: Optional[UUID] = None, webcluster_oid: Optional[UUID] = None, datamarket_oid: Optional[UUID] = None, changed: Optional[datetime64] = None, owner_oid: Optional[UUID] = None, _unknown: Optional[Any] = None)[source]

Bases: ConfigurationElement

Application realm database configuration object.

Parameters

  • oid – Object ID of application realm

  • label – Optional user label of application realm

  • description – Optional user description of application realm

  • tags – Optional list of user tags on application realm

  • name – Name of application realm

  • status – Status of application realm.

  • workergroup_oid – When running, router cluster worker group this application realm is running on.

  • webcluster_oid – When running, the web cluster to serve as a frontend layer for the application realm.

  • datamarket_oid – When this application realm is to be federated with nodes paired to a different management realm (master node) or run by different operators.

  • changed – Timestamp when the application realm was last changed

  • owner_oid – Owning user (object ID)

copy(other: ApplicationRealm, overwrite: bool = False)[source]

Copy over other object.

Parameters

  • other – Other application realm to copy data from.

  • overwrite – Overwrite members already set.

marshal() Dict[str, Any][source]

Marshal this object to a generic host language object.

static parse(data: Dict[str, Any]) ApplicationRealm[source]

Parse generic host language object into an object of this class.

Parameters

data – Generic host language object

Returns

New instance of this class.

class cfxdb.mrealmschema.ApplicationRealms(slot=None, compress=None, marshal=None, unmarshal=None)[source]

Bases: MapUuidCbor

Application realms defined for user application routing (arealm_oid -> arealm).

class cfxdb.mrealmschema.IndexApplicationRealmByName(slot=None, compress=None)[source]

Bases: MapStringUuid

Index of application realms by realm name (arealm_name -> arealm_oid).

class cfxdb.mrealmschema.IndexApplicationRealmByWebCluster(slot=None, compress=None)[source]

Bases: MapUuidStringUuid

Index of application realms by webclusters and realm names ((webcluster_oid, arealm_name) -> arealm_oid).

class cfxdb.mrealm.ApplicationRealmRoleAssociation(arealm_oid: Optional[UUID] = None, role_oid: Optional[UUID] = None, _unknown=None)[source]

Bases: object

Association of a role with an application realm.

marshal()[source]

Marshal this object to a generic host language object.

Returns

dict

static parse(data)[source]

Parse generic host language object into an object of this class.

Parameters

data (dict) – Generic host language object

Returns

instance of WebService

class cfxdb.mrealmschema.ApplicationRealmRoleAssociations(slot=None, compress=None, marshal=None, unmarshal=None)[source]

Bases: MapUuidUuidCbor

Association of a role with an application realm ((arealm_oid, role_oid) -> arealm_role_association).

Principal

class cfxdb.mrealmschema.Principal(oid: Optional[UUID] = None, label: Optional[str] = None, description: Optional[str] = None, tags: Optional[List[str]] = None, modified: Optional[int] = None, arealm_oid: Optional[UUID] = None, authid: Optional[str] = None, role_oid: Optional[UUID] = None, authextra: Optional[dict] = None, _unknown=None)[source]

Bases: ConfigurationElement

Principals created for use with WAMP authentication. A principal represents the identity an application client is authenticated to the application realm joined.

A principal must have at least one cfxdb.mrealmschema.Credential added. When an application client connects, it will offer an authmethod and request a realm and (usually) authid. When a matching cfxdb.mrealmschema.Credential is found, and authentication succeeds using that, the client will be authenticated under the cfxdb.mrealmschema.Principal associated with the credential.

Note

It is important to note that while the realm and authid requested by the client (and defined in the respective cfxdb.mrealmschema.Credential) will usually be identical to the realm and authid actually assigned (as defined in the cfxdb.mrealmschema.Principal associated with the credential), this is allowed to differ in general.

Parameters

  • oid – Object ID of principal

  • label – Optional user label of principal

  • description – Optional user description of principal

  • tags – Optional list of user tags on principal

  • modified – Timestamp when the principal was last modified

  • arealm_oid – ID of the application realm the authenticated principal will be joined to.

  • authid – WAMP authid of the principal, must be unique within the application realm at any moment in time.

  • role_oid – ID of the role the authenticated principal will be joined to the application realm.

  • authextra – Optional authextra information returned to the authenticating principal.

copy(other, overwrite=False)[source]

Copy over other object.

Parameters

other (instance of cfxdb.mrealm.Principal) – Other principal to copy data from.

Returns

marshal()[source]

Marshal this object to a generic host language object.

Returns

dict

static parse(data)[source]

Parse generic host language object into an object of this class.

Parameters

data (dict) – Generic host language object

Returns

instance of ManagementRealm

class cfxdb.mrealmschema.Principals(slot=None, compress=None, marshal=None, unmarshal=None)[source]

Bases: MapUuidCbor

Principals created for use with WAMP authentication (principal_oid -> principal).

class cfxdb.mrealmschema.IndexPrincipalByName(slot=None, compress=None)[source]

Bases: MapUuidStringUuid

Index of principals by application realms and principal names ((arealm_oid, principal_name) -> principal_oid).

Credential

class cfxdb.mrealmschema.Credential(oid: Optional[UUID] = None, created: Optional[datetime64] = None, authmethod: Optional[str] = None, authid: Optional[str] = None, realm: Optional[str] = None, authconfig: Optional[dict] = None, principal_oid: Optional[UUID] = None, _unknown=None)[source]

Bases: object

Credentials created for use with WAMP authentication.

Parameters

  • oid – Object ID of this credential object

  • created – Timestamp when credential was created.

  • authmethod – WAMP authentication method offered by the authenticating client.

  • realm – WAMP realm requested by the authenticating client.

  • authid – WAMP authid announced by the authenticating client.

  • authconfig – Authentication method specific configuration.

  • principal_oid – ID of the principal this credential resolves to upon successful authentication.

copy(other, overwrite=False)[source]

Copy over other object.

Parameters

other (instance of ManagementRealm) – Other credential to copy data from.

Returns

marshal()[source]

Marshal this object to a generic host language object.

Returns

dict

static parse(data)[source]

Parse generic host language object into an object of this class.

Parameters

data (dict) – Generic host language object

Returns

instance of ManagementRealm

class cfxdb.mrealmschema.Credentials(slot=None, compress=None, marshal=None, unmarshal=None)[source]

Bases: MapUuidCbor

Credentials created for use with WAMP authentication (credential_oid -> credential).

class cfxdb.mrealmschema.IndexCredentialsByAuth(slot=None, compress=None)[source]

Bases: MapStringStringStringUuid

Index of credentials by authentication method, realm name and authentication ID ((authmethod, realm_name, authid) -> credential_oid).

class cfxdb.mrealmschema.IndexCredentialsByPrincipal(slot=None, compress=None)[source]

Bases: MapUuidTimestampUuid

Index of credentials by principals and modification date ((principal_oid, modified) -> credential_oid).

Role

class cfxdb.mrealm.Role(oid: Optional[UUID] = None, label: Optional[str] = None, description: Optional[str] = None, tags: Optional[List[str]] = None, name: Optional[str] = None, created: Optional[datetime64] = None, owner: Optional[UUID] = None, _unknown=None)[source]

Bases: ConfigurationElement

Roles created for use with application-level authorization and permissions in application realms.

Parameters

  • oid – Object ID of role

  • label – Optional user label of role

  • description – Optional user description of role

  • tags – Optional list of user tags on role

  • name – Name of role

  • created – Timestamp when the role was created

  • owner – Owning user (object ID)

copy(other, overwrite=False)[source]

Copy over other object.

Parameters

other (instance of ManagementRealm) – Other role to copy data from.

Returns

marshal()[source]

Marshal this object to a generic host language object.

Returns

dict

static parse(data)[source]

Parse generic host language object into an object of this class.

Parameters

data (dict) – Generic host language object

Returns

instance of ManagementRealm

class cfxdb.mrealmschema.Roles(slot=None, compress=None, marshal=None, unmarshal=None)[source]

Bases: MapUuidCbor

Roles created for use with application-level authorization and permissions in application realms (role_oid -> role).

class cfxdb.mrealmschema.IndexRoleByName(slot=None, compress=None)[source]

Bases: MapStringUuid

Index of roles by role names (role_name -> role_oid).

Permission

class cfxdb.mrealm.Permission(oid: Optional[UUID] = None, label: Optional[str] = None, description: Optional[str] = None, tags: Optional[List[str]] = None, role_oid: Optional[UUID] = None, uri: Optional[str] = None, uri_check_level: Optional[int] = None, match: Optional[int] = None, allow_call: Optional[bool] = None, allow_register: Optional[bool] = None, allow_publish: Optional[bool] = None, allow_subscribe: Optional[bool] = None, disclose_caller: Optional[bool] = None, disclose_publisher: Optional[bool] = None, cache: Optional[bool] = None, created: Optional[datetime64] = None, owner: Optional[UUID] = None, _unknown=None)[source]

Bases: ConfigurationElement

Role permission database object.

Parameters

  • oid – Object ID of this permission object

  • label – Optional user label of permission

  • description – Optional user description of permission

  • tags – Optional list of user tags on permission

  • role_oid – Object ID of role this permission applies to.

  • uri – URI matched for permission.

  • created – Timestamp when the permission was created

  • owner – Owning user (object ID)

copy(other, overwrite=False)[source]

Copy over other object.

Parameters

other (instance of ManagementRealm) – Other permission to copy data from.

Returns

marshal()[source]

Marshal this object to a generic host language object.

Returns

dict

static parse(data)[source]

Parse generic host language object into an object of this class.

Parameters

data (dict) – Generic host language object

Returns

instance of ManagementRealm

class cfxdb.mrealmschema.Permissions(slot=None, compress=None, marshal=None, unmarshal=None)[source]

Bases: MapUuidCbor

Role permission database object (permission_oid -> permission).

class cfxdb.mrealmschema.IndexPermissionByUri(slot=None, compress=None)[source]

Bases: MapUuidStringUuid

Index of role permissions by roles and URIs ((role_oid, uri) -> permission_oid).