restauth-group manages groups in RestAuth. Groups are a powerful but simple way for managing permissions. A user can be a member in one or more groups, which grants her/him certain rights. Analogous concepts are used on many systems, such as Unix and Windows systems and most content management systems.
A group may itself also be a member of one or more groups, making it the subgroup of the groups of which it is a member, which are in turn called metagroups. A subgroup automatically inherits all memberships from all metagroups. This way you can easily grant users multiple memberships at once.
A group is associated with at most one service that uses RestAuth. A service can only see the groups associated with it. If a group is not associated with any service, the group can not be seen by any service, the only way to modify them is via this script.
Note that a group can be a member of any other group, even it is associated with a different service or none at all. A common use-case would be to have a metagroup called admin that is either not associated with any service or with some central management service. Any other services using RestAuth have their own admin group (which can each have a different name, whatever suits the service best), which are subgroups to the global admin group.
restauth-group [-h]
{add,ls,view,add-user,add-group,rm-user,rm-group,rm} ...
Use one of the commands (either add, add-group, add-user, list, rm, rm-group, rm-user or view) to perform the respective operation. Each command usually requires more arguments to it, see the respective section for arguments (and possible options) for each command.
To get an authoritative list of available commands, use:
restauth-group --help
If you want more information on a specific comannd, do:
restauth-group command --help
... or see the Available commands section below.
The following subsections never document the ‘-h’ parameter for clarity.
Add a new group.
Act as if restauth-group was the service named SERVICE. If ommitted, act on groups that are not associated with any service.
The name of the group.
Make a group a subgroup of another group. The subgroup will inherit all memberships from the parent group.
Act as if restauth-group was the service named SERVICE. If ommitted, act on groups that are not associated with any service.
Assume that the named subgroup is from SUBSERVICE.
The name of the group.
The name of the subgroup.
Add a user to a group.
Act as if restauth-group was the service named SERVICE. If ommitted, act on groups that are not associated with any service.
The name of the group.
The name of the user.
List all groups.
Act as if restauth-group was the service named SERVICE. If ommitted, act on groups that are not associated with any service.
Remove a group.
Act as if restauth-group was the service named SERVICE. If ommitted, act on groups that are not associated with any service.
The name of the group.
Remove a subgroup from a group. The subgroup will no longer inherit all memberships from a parent group.
Act as if restauth-group was the service named SERVICE. If ommitted, act on groups that are not associated with any service.
Assume that the named subgroup is from SUBSERVICE.
The name of the group.
The name of the subgroup.
Remove a user from a group.
Act as if restauth-group was the service named SERVICE. If ommitted, act on groups that are not associated with any service.
The name of the group.
The name of the user.
View details of a group.
Act as if restauth-group was the service named SERVICE. If ommitted, act on groups that are not associated with any service.
The name of the group.
The path to the Django settings module. If not set, RestAuth.settings is used, which should be fine in most cases. For more information, please read the Django documentation.
A semi-colon (‘;’) seperated list of additional directories to search for python modules. The RestAuth installation must be in the module search path for any commands to work. For more information, please read the official python documentation.