class canaille.backends.models.Model[source]

Bases: object

Model abstract class.

attributes = ChainMap({})

Removes the current instance from the database.

classmethod fuzzy(query, attributes=None, **kwargs)[source]

Works like query() but attribute values loosely be matched.

classmethod get(identifier=None, **kwargs)[source]

Works like query() but return only one element or None if no item is matching.

property identifier

Returns a unique value that will be used to identify the model instance. This value will be used in URLs in canaille, so it should be unique and short.

classmethod query(**kwargs)[source]

Performs a query on the database and return a collection of instances. Parameters can be any valid attribute with the expected value:

>>> User.query(first_name="George")

If several arguments are passed, the methods only returns the model instances that return matches all the argument values:

>>> User.query(first_name="George", last_name="Abitbol")

If the argument value is a collection, the methods will return the models that matches any of the values:

>>> User.query(first_name=["George", "Jane"])

Cancels the unsaved modifications.

>>> user = User.get(user_name="george")
>>> user.display_name
>>> user.display_name = "Jane"
>>> user.display_name
>>> user.reload()
>>> user.display_name

Validates the current modifications in the database.


Assign a whole dict to the current instance. This is useful to update models based on forms.

>>> user = User.get(user_name="george")
>>> user.first_name
>>> user.update({
...     first_name="Jane",
...     last_name="Calamity",
... })
>>> user.first_name
class canaille.core.models.Group[source]

Bases: object

User model, based on the SCIM Group schema

description: str | None
display_name: str
id: str
members: List[User]
class canaille.core.models.User(*args, **kwargs)[source]

Bases: object

User model, based on the SCIM User schema

can_read(field: str)[source]
check_password(password: str) bool[source]

Checks if the password matches the user password in the database.

department: str | None
display_name: str | None
emails: List[str]
employee_number: str | None
family_name: str | None
formatted_address: str | None
formatted_name: str | None
classmethod get_from_login(login=None, **kwargs) User | None[source]
given_name: str | None
groups: List[Group]
has_password() bool[source]

Checks wether a password has been set for the user.

id: str
last_modified: datetime | None
locality: str | None
lock_date: datetime | None
property locked: bool

Wether the user account has been locked or has expired.

organization: str | None
password: str | None
phone_numbers: List[str]
photo: str | None
postal_code: str | None
property preferred_email
preferred_language: str | None
profile_url: str | None
region: str | None
set_password(password: str)[source]

Sets a password for the user.

street: str | None
title: str | None
user_name: str | None
class canaille.oidc.basemodels.AuthorizationCode[source]

Bases: Model

OpenID Connect temporary authorization code definition.

authorization_code_id: str
challenge: str | None
challenge_method: str | None
client: Client
code: str
id: str
issue_date: datetime
lifetime: int
nonce: str | None
redirect_uri: str | None
response_type: str | None
revokation_date: datetime
scope: List[str]
subject: User
class canaille.oidc.basemodels.Client[source]

Bases: Model

OpenID Connect client definition.

audience: List[Client]
client_id: str | None
client_id_issued_at: datetime | None
client_name: str | None
client_secret: str | None
client_secret_expires_at: datetime | None
client_uri: str | None
contacts: List[str]
description: str | None
grant_types: List[str]
id: str
jwk: str | None
jwks_uri: str | None
logo_uri: str | None
policy_uri: str | None
post_logout_redirect_uris: List[str]
preconsent: bool | None
redirect_uris: List[str]
response_types: List[str]
scope: List[str]
software_id: str | None
software_version: str | None
token_endpoint_auth_method: str | None
tos_uri: str | None
class canaille.oidc.basemodels.Consent[source]

Bases: Model

Long-term user consent to an application.

client: Client
consent_id: str
id: str
issue_date: datetime
revokation_date: datetime
scope: List[str]
subject: User
class canaille.oidc.basemodels.Token[source]

Bases: Model

OpenID Connect token definition.

access_token: str
audience: List[Client]
client: Client
id: str
issue_date: datetime
lifetime: int
refresh_token: str
revokation_date: datetime
scope: List[str]
subject: User
token_id: str
type: str