Safes
Main functions
- async add_member(self, safe: str, username: str, search_in: str = 'Vault', useAccounts: bool = False, retrieveAccounts: bool = False, listAccounts: bool = False, addAccounts: bool = False, updateAccountContent: bool = False, updateAccountProperties: bool = False, initiateCPMAccountManagementOperations: bool = False, specifyNextAccountContent: bool = False, renameAccounts: bool = False, deleteAccounts: bool = False, unlockAccounts: bool = False, manageSafe: bool = False, manageSafeMembers: bool = False, backupSafe: bool = False, viewAuditLog: bool = False, viewSafeMembers: bool = False, accessWithoutConfirmation: bool = False, createFolders: bool = False, deleteFolders: bool = False, moveAccountsAndFolders: bool = False, requestsAuthorizationLevel1: bool = False, requestsAuthorizationLevel2: bool = False)
Add a safe member
- Parameters:
safe – Name of the safe - Required
username – Name of the user or group to add - Required
search_in – The Vault or the domain of the user or group - Defaults to Vault - Optional
useAccounts – Use accounts but cannot view passwords. - Default: False - Optional
retrieveAccounts – Retrieve and view accounts in the Safe. - Default: False - Optional
listAccounts – View accounts list. - Default: False - Optional
addAccounts – Add accounts in the Safe. - Default: False - Optional
updateAccountContent – Update existing account content. - Default: False - Optional
updateAccountProperties – Update existing account properties. - Default: False - Optional
initiateCPMAccountManagementOperations – Initiate password management operations through CPM. - Default: False - Optional
specifyNextAccountContent – Specify the password that is used when the CPM changes the password value. - Default: False - Optional
renameAccounts – Rename existing accounts in the Safe. - Default: False - Optional
deleteAccounts – Delete existing passwords in the Safe. - Default: False - Optional
unlockAccounts – Unlock accounts that are locked by other users. - Default: False - Optional
manageSafe – Perform administrative tasks in the Safe (update properies, recover, delete) - Default: False - Optional
manageSafeMembers – Add and remove Safe members, and update their authorizations in the Safe. - Default: False - Optional
backupSafe – Create a backup of a Safe and its contents, and store it in another location. - Default: False - Optional
viewAuditLog – View account and user activity in the Safe. - Default: False - Optional
viewSafeMembers – View permissions of Safe members. - Default: False - Optional
accessWithoutConfirmation – Access the Safe without confirmation from authorized users. - Default: False - Optional
createFolders – Create folders in the Safe. - Default: False - Optional
deleteFolders – Delete folders in the Safe. - Default: False - Optional
moveAccountsAndFolders – Move accounts and folders in the Safe to different folders and subfolders. - Default: False - Optional
requestsAuthorizationLevel1 – Request Authorization Level 1. - Default: False - Optional
requestsAuthorizationLevel2 – Request Authorization Level 2. - Default: False - Optional
- Returns:
A dict with the result
- async add_member_profile(self, safe: str, username: str, profile: (<class 'str'>, <class 'dict'>))
This functions adds the “username” user (or group) to the given safe with a relevant profile
- Parameters:
safe – The safe name
username – the username or a group name
profile – must be one of “admin”, “use”, “show”, “audit”, “prov”, “manager”, “power” or “cpm”
- Returns:
boolean
- async remove_member(self, safe: str, username: str)
Remove a user or a group from a safe
- Parameters:
safe – The safe name
username – The user or group name
- Returns:
Boolean
- async exists(self, safename: str)
Whether a safe exists whose name is “safename”
- Parameters:
safename – name of the safe
- Returns:
Boolean
- async add(self, safe_name: str, description='', location='', olac=False, days=-1, versions=None, auto_purge=False, cpm=None, add_admins=True)
Creates a new safe
- Parameters:
safe_name – The name of the safe to create
description – The safe description
location – Safe location (must be an existing location)
olac – Enable OLAC for the safe (default to False)
days – days of retention
versions – number of versions
auto_purge – Whether to automatically purge files after the end of the Object History Retention Period defined in the Safe properties.
cpm – The name of the CPM user who will manage the new Safe.
add_admins – Add “Vaults Admin” group and Administrator user as safe owners
- Returns:
boolean
- async add_defaults_admin(self, safe_name)
Add “Vaults Admin” group and Administrator user as safe owners
- Parameters:
safe_name – Name of the safe
- Returns:
boolean
- async delete(self, safe_name)
Delete the safe
- Parameters:
safe_name – Name of the safe
- Returns:
Boolean
- async list_members(self, safe_name: str, filter_perm=None, details=False, raw=False)
List members of a safe, optionally those with specific perm
- Parameters:
raw – if True, return the API content directly (filter_perm and details are ignored)
details – If True, return a dict with more infos on each username
safe_name – Name of the safe
filter_perm – Specific perm, for example “ManageSafe”, refer to doc for more
- Returns:
list of all users, or list of users with specific perm
- async is_member_of(self, safe_name: str, username: str) bool
Whether the user is username of the safe
- Parameters:
safe_name – Name of the safe
username – Name of the user (or group)
- Returns:
boolean
- async search(self, query=None, include_accounts=False, details=False)
Search for a safe
- Parameters:
query – What to search - Default: None (retrieve all safes) - Optional
include_accounts – Add privileged accounts on the result - Default: False - Optional
details – Include additional safe details - Default: False - Optional
- Returns:
A list of dict with the result
- async get_safe_details(self, safename: str)
Get details of a given safe. We do a direct query instead of a search for efficiency.
- Returns:
A dict of the safe details
- async get_permissions(self, safename: str, username: str)
Get a user (or group) permissions
- Parameters:
safename – Name of the safe
username – Name of the user (or group)
- Returns:
list of permissions
- async rename(self, safename: str, new_name: str)
Rename a safe
Other functions
- async search_safe_iterator(self, query=None, include_accounts=False, extended_details=False) AsyncIterator
This function allow to search using one or more parameters and return list of address id
- Parameters:
query – free search
include_accounts – include safe’s accounts
- Returns:
an async iterator of json representation of safes
- async search_safe_paginate(self, page: int = 1, size_of_page: int = 100, search: str = None, include_accounts=False, extended_details=False)
Search safes in a paginated way
- Parameters:
search – free search
page – number of page
size_of_page – size of pages
include_accounts – include safe’s accounts
extended_details – add more details on the safe (may be very slow)
- Returns:
- async list(self, details=False)
List all safes (better use search)
- Returns:
A list of safes names
- async v1_get_safes(self)
Old way to retrieve safes, when the v2 operation fail
- Returns:
A list of safes