Skip to content

SecurityService

SecurityService(rest)

Bases: ObjectService

Service to handle Security stuff

Source code in TM1py/Services/SecurityService.py 
22
23
def __init__(self, rest: RestService):
    super().__init__(rest)

add_user_to_groups(user_name, groups, **kwargs)

Parameters:

Name Type Description Default
user_name str

name of user

 required
groups Iterable[str]

iterable of groups

 required

Returns:

Type Description
Response

response
Source code in TM1py/Services/SecurityService.py 
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
@require_security_admin
def add_user_to_groups(self, user_name: str, groups: Iterable[str], **kwargs) -> Response:
    """

    :param user_name: name of user
    :param groups: iterable of groups
    :return: response
    """
    user_name = self.determine_actual_user_name(user_name, **kwargs)
    url = format_url("/Users('{}')", user_name)
    body = {
        "Name": user_name,
        "Groups@odata.bind": [
            format_url("Groups('{}')", self.determine_actual_group_name(group)) for group in groups
        ],
    }
    return self._rest.PATCH(url, json.dumps(body), **kwargs)

create_group(group_name, **kwargs)

Create a Security group in the TM1 Server

Parameters:

Name Type Description Default
group_name str
required

Returns:

Type Description
Response
Source code in TM1py/Services/SecurityService.py 
41
42
43
44
45
46
47
48
49
@require_security_admin
def create_group(self, group_name: str, **kwargs) -> Response:
    """Create a Security group in the TM1 Server

    :param group_name:
    :return:
    """
    url = "/Groups"
    return self._rest.POST(url, json.dumps({"Name": group_name}), **kwargs)

create_user(user, **kwargs)

Create a user on TM1 Server

Parameters:

Name Type Description Default
user User

instance of TM1py.User

 required

Returns:

Type Description
Response

response
Source code in TM1py/Services/SecurityService.py 
31
32
33
34
35
36
37
38
39
@require_security_admin
def create_user(self, user: User, **kwargs) -> Response:
    """Create a user on TM1 Server

    :param user: instance of TM1py.User
    :return: response
    """
    url = "/Users"
    return self._rest.POST(url, user.body, **kwargs)

delete_group(group_name, **kwargs)

Delete a group in the TM1 Server

Parameters:

Name Type Description Default
group_name str
required

Returns:

Type Description
Response
Source code in TM1py/Services/SecurityService.py 
101
102
103
104
105
106
107
108
109
110
@require_security_admin
def delete_group(self, group_name: str, **kwargs) -> Response:
    """Delete a group in the TM1 Server

    :param group_name:
    :return:
    """
    group_name = self.determine_actual_group_name(group_name, **kwargs)
    url = format_url("/Groups('{}')", group_name)
    return self._rest.DELETE(url, **kwargs)

delete_user(user_name, **kwargs)

Delete user on TM1 Server

Parameters:

Name Type Description Default
user_name str
required

Returns:

Type Description
Response

response
Source code in TM1py/Services/SecurityService.py 
90
91
92
93
94
95
96
97
98
99
@require_security_admin
def delete_user(self, user_name: str, **kwargs) -> Response:
    """Delete user on TM1 Server

    :param user_name:
    :return: response
    """
    user_name = self.determine_actual_user_name(user_name, **kwargs)
    url = format_url("/Users('{}')", user_name)
    return self._rest.DELETE(url, **kwargs)

determine_actual_group_name(group_name, **kwargs)

Source code in TM1py/Services/SecurityService.py 
28
29
def determine_actual_group_name(self, group_name: str, **kwargs) -> str:
    return self.determine_actual_object_name(object_class="Groups", object_name=group_name, **kwargs)

determine_actual_user_name(user_name, **kwargs)

Source code in TM1py/Services/SecurityService.py 
25
26
def determine_actual_user_name(self, user_name: str, **kwargs) -> str:
    return self.determine_actual_object_name(object_class="Users", object_name=user_name, **kwargs)

get_all_groups(**kwargs)

Get all groups from TM1 Server

Returns:

Type Description
List[str]

List of strings
Source code in TM1py/Services/SecurityService.py 
198
199
200
201
202
203
204
205
206
def get_all_groups(self, **kwargs) -> List[str]:
    """Get all groups from TM1 Server

    :return: List of strings
    """
    url = "/Groups?$select=Name"
    response = self._rest.GET(url, **kwargs)
    groups = [entry["Name"] for entry in response.json()["value"]]
    return groups

get_all_user_names(**kwargs)

Get all user names from TM1 Server

Returns:

Type Description

List of TM1py.User instances
Source code in TM1py/Services/SecurityService.py 
122
123
124
125
126
127
128
129
130
def get_all_user_names(self, **kwargs):
    """Get all user names from TM1 Server

    :return: List of TM1py.User instances
    """
    url = "/Users?select=Name"
    response = self._rest.GET(url, **kwargs)
    users = [user["Name"] for user in response.json()["value"]]
    return users

get_all_users(**kwargs)

Get all users from TM1 Server

Returns:

Type Description

List of TM1py.User instances
Source code in TM1py/Services/SecurityService.py 
112
113
114
115
116
117
118
119
120
def get_all_users(self, **kwargs):
    """Get all users from TM1 Server

    :return: List of TM1py.User instances
    """
    url = "/Users?$select=Name,FriendlyName,Password,Type,Enabled&$expand=Groups"
    response = self._rest.GET(url, **kwargs)
    users = [User.from_dict(user) for user in response.json()["value"]]
    return users

get_current_user(**kwargs)

Get user and group assignments of this session

Returns:

Type Description
User

instance of TM1py.User
Source code in TM1py/Services/SecurityService.py 
62
63
64
65
66
67
68
69
def get_current_user(self, **kwargs) -> User:
    """Get user and group assignments of this session

    :return: instance of TM1py.User
    """
    url = "/ActiveUser?$select=Name,FriendlyName,Password,Type,Enabled&$expand=Groups"
    response = self._rest.GET(url, **kwargs)
    return User.from_dict(response.json())

get_custom_security_groups(**kwargs)

Source code in TM1py/Services/SecurityService.py 
224
225
226
227
228
229
230
231
232
def get_custom_security_groups(self, **kwargs) -> List[str]:
    custom_groups = CaseAndSpaceInsensitiveSet(*self.get_all_groups(**kwargs))
    custom_groups.discard("Admin")
    custom_groups.discard("DataAdmin")
    custom_groups.discard("SecurityAdmin")
    custom_groups.discard("OperationsAdmin")
    custom_groups.discard("}tp_Everyone")

    return list(custom_groups)

get_groups(user_name, **kwargs)

Get the groups of a user in TM1 Server

Parameters:

Name Type Description Default
user_name str
required

Returns:

Type Description
List[str]

List of strings
Source code in TM1py/Services/SecurityService.py 
156
157
158
159
160
161
162
163
164
165
def get_groups(self, user_name: str, **kwargs) -> List[str]:
    """Get the groups of a user in TM1 Server

    :param user_name:
    :return: List of strings
    """
    user_name = self.determine_actual_user_name(user_name, **kwargs)
    url = format_url("/Users('{}')/Groups", user_name)
    response = self._rest.GET(url, **kwargs)
    return [group["Name"] for group in response.json()["value"]]

get_read_only_users(**kwargs)

Source code in TM1py/Services/SecurityService.py 
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
def get_read_only_users(self, **kwargs) -> List[str]:
    read_only_users = list()

    mdx = """
    SELECT
    {[}ClientProperties].[ReadOnlyUser]} ON COLUMNS,
    NON EMPTY {[}Clients].MEMBERS} ON ROWS
    FROM [}ClientProperties]
    """

    from TM1py import CellService

    cell_service = CellService(self._rest)

    users_with_flag = cell_service.execute_mdx_rows_and_values(mdx=mdx, element_unique_names=False, **kwargs)

    for row, values in users_with_flag.items():
        user = row[0]
        read_only = values[0]
        if read_only:
            read_only_users.append(user)
    return read_only_users

get_user(user_name, **kwargs)

Get user from TM1 Server

Parameters:

Name Type Description Default
user_name str
required

Returns:

Type Description
User

instance of TM1py.User
Source code in TM1py/Services/SecurityService.py 
51
52
53
54
55
56
57
58
59
60
def get_user(self, user_name: str, **kwargs) -> User:
    """Get user from TM1 Server

    :param user_name:
    :return: instance of TM1py.User
    """
    user_name = self.determine_actual_user_name(user_name, **kwargs)
    url = format_url("/Users('{}')?$select=Name,FriendlyName,Password,Type,Enabled&$expand=Groups", user_name)
    response = self._rest.GET(url, **kwargs)
    return User.from_dict(response.json())

get_user_names_from_group(group_name, **kwargs)

Get all users from group

Parameters:

Name Type Description Default
group_name str
required

Returns:

Type Description
List[str]

List of strings
Source code in TM1py/Services/SecurityService.py 
145
146
147
148
149
150
151
152
153
154
def get_user_names_from_group(self, group_name: str, **kwargs) -> List[str]:
    """Get all users from group

    :param group_name:
    :return: List of strings
    """
    url = format_url("/Groups('{}')?$expand=Users($expand=Groups)", group_name)
    response = self._rest.GET(url, **kwargs)
    users = [user["Name"] for user in response.json()["Users"]]
    return users

get_users_from_group(group_name, **kwargs)

Get all users from group

Parameters:

Name Type Description Default
group_name str
required

Returns:

Type Description

List of TM1py.User instances
Source code in TM1py/Services/SecurityService.py 
132
133
134
135
136
137
138
139
140
141
142
143
def get_users_from_group(self, group_name: str, **kwargs):
    """Get all users from group

    :param group_name:
    :return: List of TM1py.User instances
    """
    url = format_url(
        "/Groups('{}')?$expand=Users($select=Name,FriendlyName,Password,Type,Enabled;$expand=Groups)", group_name
    )
    response = self._rest.GET(url, **kwargs)
    users = [User.from_dict(user) for user in response.json()["Users"]]
    return users

group_exists(group_name, **kwargs)

Source code in TM1py/Services/SecurityService.py 
220
221
222
def group_exists(self, group_name: str, **kwargs) -> bool:
    url = format_url("/Groups('{}')", group_name)
    return self._exists(url, **kwargs)

remove_user_from_group(group_name, user_name, **kwargs)

Remove user from group in TM1 Server

Parameters:

Name Type Description Default
group_name str
required
user_name str
required

Returns:

Type Description
Response

response
Source code in TM1py/Services/SecurityService.py 
185
186
187
188
189
190
191
192
193
194
195
196
@require_security_admin
def remove_user_from_group(self, group_name: str, user_name: str, **kwargs) -> Response:
    """Remove user from group in TM1 Server

    :param group_name:
    :param user_name:
    :return: response
    """
    user_name = self.determine_actual_user_name(user_name, **kwargs)
    group_name = self.determine_actual_group_name(group_name, **kwargs)
    url = format_url("/Users('{}')/Groups?$id=Groups('{}')", user_name, group_name)
    return self._rest.DELETE(url, **kwargs)

security_refresh(**kwargs)

Source code in TM1py/Services/SecurityService.py 
208
209
210
211
212
213
214
@require_admin
def security_refresh(self, **kwargs) -> Response:
    from TM1py.Services import ProcessService

    ti = "SecurityRefresh;"
    process_service = ProcessService(self._rest)
    return process_service.execute_ti_code(ti, **kwargs)

update_user(user, **kwargs)

Update user on TM1 Server

Parameters:

Name Type Description Default
user User

instance of TM1py.User

 required

Returns:

Type Description
Response

response
Source code in TM1py/Services/SecurityService.py 
71
72
73
74
75
76
77
78
79
80
81
82
83
@require_security_admin
def update_user(self, user: User, **kwargs) -> Response:
    """Update user on TM1 Server

    :param user: instance of TM1py.User
    :return: response
    """
    user.name = self.determine_actual_user_name(user.name, **kwargs)
    for current_group in self.get_groups(user.name, **kwargs):
        if current_group not in user.groups:
            self.remove_user_from_group(current_group, user.name, **kwargs)
    url = format_url("/Users('{}')", user.name)
    return self._rest.PATCH(url, user.body, **kwargs)

update_user_password(user_name, password, **kwargs)

Source code in TM1py/Services/SecurityService.py 
85
86
87
88
def update_user_password(self, user_name: str, password: str, **kwargs) -> Response:
    url = format_url("/Users('{}')", user_name)
    body = {"Password": password}
    return self._rest.PATCH(url, json.dumps(body), **kwargs)

user_exists(user_name, **kwargs)

Source code in TM1py/Services/SecurityService.py 
216
217
218
def user_exists(self, user_name: str, **kwargs) -> bool:
    url = format_url("/Users('{}')", user_name)
    return self._exists(url, **kwargs)