Source code for google.appengine.api.users

#!/usr/bin/env python
#
# Copyright 2007 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#





"""The User Python datastore class to be used as a datastore data type."""












import os
from google.appengine.api import apiproxy_stub_map
from google.appengine.api import user_service_pb
from google.appengine.runtime import apiproxy_errors


[docs]class Error(Exception): """Base User error type."""
[docs]class UserNotFoundError(Error): """No email argument was specified, and no user is logged in."""
[docs]class RedirectTooLongError(Error): """The generated redirect URL was too long."""
[docs]class NotAllowedError(Error): """The requested redirect URL is not allowed."""
[docs]class User(object): """Provides the email address, nickname, and ID for a user. A nickname is a human-readable string that uniquely identifies a Google user, akin to a username. For some users, this nickname is an email address, but for other users, a different nickname is used. A user could be a Google Accounts user or a federated login user. `federated_identity` and `federated_provider` are only avaliable for federated users. """ __user_id = None __federated_identity = None __federated_provider = None def __init__(self, email=None, _auth_domain=None, _user_id=None, federated_identity=None, federated_provider=None, _strict_mode=True): """Constructor. Args: email: An optional string of the user's email address. It defaults to the current user's email address. federated_identity: Federated identity of user. It defaults to the current user's federated identity. federated_provider: Federated provider URL of user. Raises: UserNotFoundError: If the user is not logged in and both `email` and `federated_identity` are empty. """ if _auth_domain is None: _auth_domain = os.environ.get('AUTH_DOMAIN') assert _auth_domain if email is None and federated_identity is None: email = os.environ.get('USER_EMAIL', email) _user_id = os.environ.get('USER_ID', _user_id) federated_identity = os.environ.get('FEDERATED_IDENTITY', federated_identity) federated_provider = os.environ.get('FEDERATED_PROVIDER', federated_provider) if email is None: email = '' if not email and not federated_identity and _strict_mode: raise UserNotFoundError self.__email = email self.__federated_identity = federated_identity self.__federated_provider = federated_provider self.__auth_domain = _auth_domain self.__user_id = _user_id or None
[docs] def nickname(self): """Returns the user's nickname. The nickname will be a unique, human readable identifier for this user with respect to this application. It will be an email address for some users, part of the email address for some users, and the federated identity for federated users who have not asserted an email address. Returns: The nickname of the user as a string. """ if (self.__email and self.__auth_domain and self.__email.endswith('@' + self.__auth_domain)): suffix_len = len(self.__auth_domain) + 1 return self.__email[:-suffix_len] elif self.__federated_identity: return self.__federated_identity else: return self.__email
[docs] def email(self): """Returns the user's email address.""" return self.__email
[docs] def user_id(self): """Obtains the user ID of the user. Returns: A permanent unique identifying string or `None`. If the email address was set explicity, this will return `None`. """ return self.__user_id
[docs] def auth_domain(self): """Obtains the user's authentication domain. Returns: A string containing the authentication domain. This method is internal and should not be used by client applications. """ return self.__auth_domain
[docs] def federated_identity(self): """Gets the user's federated identity. Returns: A string containing the federated identity of the user. If the user is not a federated user, `None` is returned. """ return self.__federated_identity
[docs] def federated_provider(self): """Gets the user's federated provider. Returns: A string containing the federated provider. If the user is not a federated user, `None` is returned. """ return self.__federated_provider
def __unicode__(self): return unicode(self.nickname()) def __str__(self): return str(self.nickname()) def __repr__(self): values = [] if self.__email: values.append("email='%s'" % self.__email) if self.__federated_identity: values.append("federated_identity='%s'" % self.__federated_identity) if self.__user_id: values.append("_user_id='%s'" % self.__user_id) return 'users.User(%s)' % ','.join(values) def __hash__(self): if self.__federated_identity: return hash((self.__federated_identity, self.__auth_domain)) else: return hash((self.__email, self.__auth_domain)) def __cmp__(self, other): if not isinstance(other, User): return NotImplemented if self.__federated_identity: return cmp((self.__federated_identity, self.__auth_domain), (other.__federated_identity, other.__auth_domain)) else: return cmp((self.__email, self.__auth_domain), (other.__email, other.__auth_domain))
[docs]def create_login_url(dest_url=None, _auth_domain=None, federated_identity=None): """Computes the login URL for redirection. Args: dest_url: String that is the desired final destination URL for the user once login is complete. If `dest_url` does not specify a host, the host from the current request is used. federated_identity: Triggers an OpenID login flow. If `federated_identity` is not specified, Google OpenID login will be used. Returns: Login URL as a string. If `federated_identity` is set, the returned string represents a federated login that uses the specified identity. If `federated_identity` is not set, the login URL will use Google Accounts. """ req = user_service_pb.CreateLoginURLRequest() resp = user_service_pb.CreateLoginURLResponse() if dest_url: req.set_destination_url(dest_url) else: req.set_destination_url('') if _auth_domain: req.set_auth_domain(_auth_domain) if federated_identity: req.set_federated_identity(federated_identity) try: apiproxy_stub_map.MakeSyncCall('user', 'CreateLoginURL', req, resp) except apiproxy_errors.ApplicationError, e: if (e.application_error == user_service_pb.UserServiceError.REDIRECT_URL_TOO_LONG): raise RedirectTooLongError elif (e.application_error == user_service_pb.UserServiceError.NOT_ALLOWED): raise NotAllowedError else: raise e return resp.login_url()
CreateLoginURL = create_login_url
[docs]def create_logout_url(dest_url, _auth_domain=None): """Computes the logout URL and specified destination URL for the request. This function works for both federated login applications and Google Accounts applications. Args: dest_url: String that is the desired final destination URL for the user after the user has logged out. If `dest_url` does not specify a host, the host from the current request is used. Returns: Logout URL as a string. """ req = user_service_pb.CreateLogoutURLRequest() resp = user_service_pb.CreateLogoutURLResponse() req.set_destination_url(dest_url) if _auth_domain: req.set_auth_domain(_auth_domain) try: apiproxy_stub_map.MakeSyncCall('user', 'CreateLogoutURL', req, resp) except apiproxy_errors.ApplicationError, e: if (e.application_error == user_service_pb.UserServiceError.REDIRECT_URL_TOO_LONG): raise RedirectTooLongError else: raise e return resp.logout_url()
CreateLogoutURL = create_logout_url
[docs]def get_current_user(): """Retrieves information associated with the user that is making a request. Returns: """ try: return User() except UserNotFoundError: return None
GetCurrentUser = get_current_user
[docs]def is_current_user_admin(): """Specifies whether the user making a request is an application admin. Because administrator status is not persisted in the datastore, `is_current_user_admin()` is a separate function rather than a member function of the `User` class. The status only exists for the user making the current request. Returns: `True` if the user is an administrator; all other user types return `False`. """ return (os.environ.get('USER_IS_ADMIN', '0')) == '1'
IsCurrentUserAdmin = is_current_user_admin

Send feedback about...

App Engine standard environment for Python