AdminService¶

class gafaelfawr.services.admin.AdminService(*, admin_store, admin_history_store, session, logger)¶

Bases: object

Manage the token administrators.

Parameters:

admin_store (AdminStore) – The backing store for token administrators.
admin_history_store (AdminHistoryStore) – The backing store for history of changes to token administrators.
session (async_scoped_session) – Database session.
logger (BoundLogger) – Logger to use for messages.

Methods Summary

`add_admin`(username, *, actor, ip_address)	Add a new administrator.
`add_initial_admins`(admins)	Add the initial admins if the database is not initialized.
`delete_admin`(username, *, actor, ip_address)	Delete an administrator.
`get_admins`()	Get the current administrators.

Methods Documentation

async add_admin(username, *, actor, ip_address)¶

Add a new administrator.

Parameters:

username (str) – The administrator to delete.
actor (str) – The person doing the deleting.
ip_address (str) – The IP address from which the request came.

Raises:

DuplicateAdminError – Raised if the specified user is already an admin.
PermissionDeniedError – Raised if the actor is not an admin.

Return type:

None

async add_initial_admins(admins)¶

Add the initial admins if the database is not initialized.

This should be called after database initialization to add the configured initial admins. The admin list will only be changed if it is currently empty.

Parameters:: admins (Iterable[str]) – Usernames of initial admins.
Return type:: None

async delete_admin(username, *, actor, ip_address)¶

Delete an administrator.

Parameters:

username (str) – The administrator to delete.
actor (str) – The person doing the deleting.
ip_address (str) – The IP address from which the request came.

Returns:

True if the administrator was found and deleted, False if they were not found.

Return type:

bool

Raises:

PermissionDeniedError – If the actor is not an admin.

async get_admins()¶

Get the current administrators.

Return type:: list[Admin]