GitHub-only
WARNING: If you are reading this on GitHub, DON’T! Read the documentation at docs.plone.org so you have working references and proper formatting.
Users¶
Create user¶
To create a new user, use api.user.create()
.
If your portal is configured to use emails as usernames, you just need to pass in the email of the new user.
from plone import api
user = api.user.create(email='alice@plone.org')
Otherwise, you also need to pass in the username of the new user.
user = api.user.create(email='jane@plone.org', username='jane')
To set user properties when creating a new user, pass in a properties dict.
properties = dict(
fullname='Bob',
location='Munich',
)
user = api.user.create(
username='bob',
email='bob@plone.org',
properties=properties,
)
Besides user properties you can also specify a password for the new user. Otherwise a random 8-character alphanumeric password will be generated.
user = api.user.create(
username='noob',
email='noob@plone.org',
password='secret',
)
Get user¶
You can get a user with api.user.get()
.
from plone import api
user = api.user.get(username='bob')
User properties¶
Users have various properties set on them. This is how you get and set them, using the underlying APIs:
from plone import api
user = api.user.get(username='bob')
user.setMemberProperties(mapping={ 'location': 'Neverland', })
location = user.getProperty('location')
Get currently logged-in user¶
Getting the currently logged-in user is easy with api.user.get_current()
.
from plone import api
current = api.user.get_current()
Check if current user is anonymous¶
Sometimes you need to trigger or display some piece of information only for logged-in users.
It’s easy to use api.user.is_anonymous()
to do a basic check for it.
from plone import api
if not api.user.is_anonymous():
trigger = False
trigger = True
Get all users¶
Get all users in your portal with api.user.get_users()
.
from plone import api
users = api.user.get_users()
Get group’s users¶
If you set the groupname parameter, then api.user.get_users()
will return only users that are members of this group.
from plone import api
users = api.user.get_users(groupname='staff')
Delete user¶
To delete a user, use api.user.delete()
and pass in either the username or the user object you want to delete.
from plone import api
api.user.create(username='unwanted', email='unwanted@example.org')
api.user.delete(username='unwanted')
unwanted = api.user.create(username='unwanted', email='unwanted@example.org')
api.user.delete(user=unwanted)
Get user roles¶
The api.user.get_roles()
method is used for getting a user’s roles.
By default it returns site-wide roles.
from plone import api
roles = api.user.get_roles(username='jane')
If you pass in a content object, it will return local roles of the user in that particular context.
from plone import api
portal = api.portal.get()
blog = api.content.create(container=portal, type='Document', id='blog', title='My blog')
roles = api.user.get_roles(username='jane', obj=portal['blog'])
Get user permissions¶
The api.user.get_permissions()
method is used for getting user’s permissions.
By default it returns site root permissions.
from plone import api
mike = api.user.create(email='mike@plone.org', username='mike')
permissions = api.user.get_permissions(username='mike')
If you pass in a content object, it will return local permissions of the user in that particular context.
from plone import api
portal = api.portal.get()
folder = api.content.create(container=portal, type='Folder', id='folder_two', title='Folder Two')
permissions = api.user.get_permissions(username='mike', obj=portal['folder_two'])
Check user permission¶
Instead of getting all user permissions, you can check a single permission using the api.user.has_permission()
method.
By default it checks the permission on the site root.
from plone import api
adam = api.user.create(email='adam@plone.org', username='adam')
can_view = api.user.has_permission('View', username='adam')
If you pass in a content object, it will check the permission in that particular context.
from plone import api
portal = api.portal.get()
folder = api.content.create(container=portal, type='Folder', id='folder_hp', title='Folder')
can_view = api.user.has_permission('View', username='adam', obj=folder)
Grant roles to user¶
The api.user.grant_roles()
allows us to grant a list of roles to the user.
from plone import api
api.user.grant_roles(username='jane',
roles=['Reviewer', 'SiteAdministrator']
)
If you pass a content object or folder,
the roles are granted only on that context and not site-wide.
But all site-wide roles will also be returned by api.user.get_roles()
for this user on the given context.
from plone import api
folder = api.content.create(container=portal, type='Folder', id='folder_one', title='Folder One')
api.user.grant_roles(username='jane',
roles=['Editor', 'Contributor'],
obj=portal['folder_one']
)
Revoke roles from user¶
The api.user.revoke_roles()
allows us to revoke a list of roles from the user.
from plone import api
api.user.revoke_roles(username='jane', roles=['SiteAdministrator'])
If you pass a context object the local roles for that context will be removed.
from plone import api
folder = api.content.create(
container=portal,
type='Folder',
id='folder_three',
title='Folder Three'
)
api.user.grant_roles(
username='jane',
roles=['Editor', 'Contributor'],
obj=portal['folder_three'],
)
api.user.revoke_roles(
username='jane',
roles=['Editor'],
obj=portal['folder_three'],
)
Further reading¶
For more information on possible flags and usage options please see the full plone.api.user specification.