pycti.entities.opencti_user =========================== .. py:module:: pycti.entities.opencti_user Classes ------- .. autoapisummary:: pycti.entities.opencti_user.User Module Contents --------------- .. py:class:: User(opencti) Representation of a user on the OpenCTI platform Users can be member of multiple groups, from which its permissions (capabilities) are derived. Additionally, users are part of organisations, and sometimes administrating them (Enterprise edition). They have configured confidence, and an effective confidence (which might be set by the group). You can view the properties, session_properties, and me_properties attributes of a User object to view what attributes will be present in a User or MeUser object. :param opencti: instance of :py:class:`~pycti.api.opencti_api_client.OpenCTIApiClient` :type opencti: OpenCTIApiClient Initialize the User instance. :param opencti: OpenCTI API client instance :type opencti: OpenCTIApiClient .. py:attribute:: opencti .. py:attribute:: properties :value: Multiline-String .. raw:: html
Show Value .. code-block:: python """ id standard_id individual_id user_email firstname lastname name description language theme unit_system external restrict_delete account_status account_lock_after_date entity_type parent_types created_at updated_at unit_system submenu_show_icons submenu_auto_collapse monochrome_labels roles { id, name, description capabilities { id, name } capabilitiesInDraft { id, name } } groups { edges { node { id, name, description } } } objectOrganization { edges { node { id, is_inferred, name, description } } } administrated_organizations { id, name, description } user_confidence_level { max_confidence overrides { entity_type, max_confidence } } effective_confidence_level { max_confidence source { type object { ... on Group { id, name } } } overrides { entity_type, max_confidence source { type object { ... on Group { id, name } } } } } """ .. raw:: html
.. py:attribute:: tokens_properties :value: Multiline-String .. raw:: html
Show Value .. code-block:: python """ api_tokens { id name } """ .. raw:: html
.. py:attribute:: session_properties :value: Multiline-String .. raw:: html
Show Value .. code-block:: python """ sessions { id, created, ttl, originalMaxAge } """ .. raw:: html
.. py:attribute:: me_properties :value: Multiline-String .. raw:: html
Show Value .. code-block:: python """ id individual_id user_email firstname lastname name description theme language unit_system submenu_show_icons submenu_auto_collapse entity_type parent_types created_at updated_at objectOrganization { edges { node { id, name } } } administrated_organizations { id, name } capabilities { id, name, description } capabilitiesInDraft { id, name, description } groups { edges { node { id, name, description } } } effective_confidence_level { max_confidence source { type object { ... on Group { id, name } } } overrides { entity_type, max_confidence source { type object { ... on Group { id, name } } } } } """ .. raw:: html
.. py:method:: list(**kwargs) -> List[Dict] Search/list users on the platform Searches users given some conditions. Defaults to listing all users. :param first: Defaults to 500. Retrieve this number of results. :type first: int, optional :param after: Retrieves all results after the user with this ID. Ignored if None, empty, or if fetching all results, defaults to None. :type after: str, optional :param orderBy: Orders results by this field. Can be one of user, user_email, firstname, lastname, language, external, created_at, updated_at, or _score, defaults to "name". :type orderBy: str, optional :param orderMode: Ordering direction. Must be one of "asc" or "desc", defaults to "asc". :type orderMode: str, optional :param filters: OpenCTI API FilterGroup object. This is an advanced parameter. To learn more please search for the FilterGroup object in the OpenCTI GraphQL Playground, defaults to {}. :type filters: dict, optional :param search: String to search for when listing users, defaults to None. :type search: str, optional :param include_sessions: Whether or not to include a list of sessions with results, defaults to False. :type include_sessions: bool, optional :param customAttributes: Custom attributes to fetch from the GraphQL query :type customAttributes: str, optional :param getAll: Defaults to False. Whether or not to get all results from the search. If True then param first is ignored. :type getAll: bool, optional :param withPagination: Defaults to False. Whether to return pagination info with results. :type withPagination: bool, optional :return: Returns a list of users, sorted as specified. :rtype: list[dict] .. py:method:: read(**kwargs) -> Optional[Dict] Reads user details from the platform. :param id: ID of the user to fetch :type id: str, optional :param include_sessions: Whether or not to include a list of sessions for the given user, defaults to False. :type include_sessions: bool, optional :param include_tokens: Whether or not to include the user's API token, defaults to False. :type include_tokens: bool, optional :param customAttributes: Custom attributes to include instead of the defaults :type customAttribues: str, optional :param filters: Filters to apply to find a single user :type filters: dict, optional :param search: Search term to use to find a single user :type search: str, optional :return: Representation of the user as a Python dictionary. :rtype: Optional[Dict] .. py:method:: create(**kwargs) -> Optional[Dict] Creates a new user with basic details Note that when SSO is connected users generally do not need to be manually created. Additionally note that if there is no password passed to this function then a random password will be created and will not be returned. This is useful for creating service accounts and connector accounts. :param name: Name to assign to the user. :type name: str :param user_email: Email address for the user. :type user_email: str :param password: Password that should be assigned to the user. If one is not provided then a random one will be generated, defaults to None. :type password: str, optional :param firstname: First name of the user :type firstname: str, optional :param lastname: Last name of the user :type lastname: str, optional :param description: Description for the user :type description: str, optional :param language: Language the user should use :type language: str, optional :param theme: Theme to set for the user, either light or dark :type theme: str, optional :param objectOrganization: List of organization IDs to add the user to :type objectOgranization: List[str], optional :param account_status: The status of the account: Active, Expired, Inactive, or Locked :type account_status: str, optional :param account_lock_after_date: ISO 8901 of when account should be locked :type account_lock_after_date: str, optional :param unit_system: Unit system for the user, metric or imperial :type unit_system: str, optional :param submenu_show_icons: Defaults to False. Whether or not to show icons in submenus on the left hand menu bar in the UI :type submenu_show_icons: bool, optional :param submenu_auto_collaps: Defaults to False. Whether to auto- collapse the left hand menu bar in the UI :type submenu_auto_collapse: bool, optional :param monochrome_labels: Defaults to False. Whether to ignore colours and just show entity labels in monochrome. :type monochrome_labels: bool, optional :param groups: List of group IDs to add the user to :type groups: List[str], optional :param user_confidence_level: Confidence level object to assign to the user. This may not impact effective confidence depending on group membership. :type user_confidence_level: Dict :param include_token: Defaults to False. Whether to include the API token for the new user in the response. :type include_token: bool, optional :param customAttributes: Custom attributes to return for the user :type customAttributes: str, optional :return: Representation of the user without sessions or API token. :rtype: Optional[Dict] .. py:method:: delete(**kwargs) Deletes the given user from the platform. :param id: ID of the user to delete. :type id: str .. py:method:: me(**kwargs) -> Dict Reads the currently authenticated user. :param customAttributes: Custom attributes to return on the User :type customAttributes: str, optional :return: Representation of the user. :rtype: dict .. py:method:: update_field(**kwargs) -> Optional[Dict] Update a given user using fieldPatch :param id: ID of the user to update. :type id: str :param input: FieldPatchInput objects to edit user :type input: List[Dict] :param customAttributes: Custom attributes to return from the mutation :type customAttributes: str, optional :return: Representation of the user without sessions or API token. :rtype: Optional[Dict] .. py:method:: add_membership(**kwargs) -> Optional[Dict] Adds the user to a given group. :param id: User ID to add to the group. :type id: str :param group_id: Group ID to add the user to. :type group_id: str :return: Representation of the InternalRelationship :rtype: Optional[Dict] .. py:method:: delete_membership(**kwargs) -> Optional[Dict] Removes the user from the given group. :param id: User ID to remove from the group. :type id: str :param group_id: Group ID to remove the user from. :type group_id: str :return: Representation of the user without sessions or API token :rtype: Optional[Dict] .. py:method:: add_organization(**kwargs) -> Optional[Dict] Adds a user to an organization :param id: User ID to add to organization :type id: str :param organization_id: ID of organization to add to :type organization_id: str :return: Representation of user without sessions or API key :rtype: Optional[Dict] .. py:method:: delete_organization(**kwargs) -> Optional[Dict] Delete a user from an organization :param id: User ID to remove from organization :type id: str :param organization_id: ID of organization to remove from :type organization_id: str :return: Representation of user without sessions or API key :rtype: Optional[Dict] .. py:method:: remove_token(**kwargs) -> Optional[Dict] Remove an API token for the given user :param user_id: User ID to rotate API token for. :type user_d: str :param token_id: Token id to remove :type token_id: str .. py:method:: create_token(**kwargs) -> Optional[Dict] Create an API token for the given user :param user_id: User ID to rotate API token for. :type user_d: str :param token_name: Token name to give the token :type token_name: str :param token_duration: Token duration to give the token. Defaults to UNLIMITED. :type token_duration: str :return: Representation of token :rtype: Optional[Dict] .. py:method:: send_mail(**kwargs) Send an email to a user using a template. :param id: the user ID to send the email to :type id: str :param template_id: the email template ID to use :type template_id: str :return: None .. py:method:: process_multiple_fields(data) Process and normalize fields in user data. :param data: the user data dictionary to process :type data: dict :return: the processed user data with normalized fields :rtype: dict