Skip to content
This repository has been archived by the owner on Mar 31, 2020. It is now read-only.

3.3. Administering ArcGIS for Server site: security

Jump to bottom
AlexArcPy edited this page Apr 15, 2016 · 1 revision

In this page, we will learn how to manage security of the ArcGIS Server site. This includes searching through the existing security entities such as users and roles, creating new ones, and discovering the security settings of the site.

As we have learned earlier, this is the code you need to establish a connection to the ArcGIS Server (with administrator privileges):

from arcrest import AGSTokenSecurityHandler
from arcrest.manageags import AGSAdministration

ags_admin_url = r"http://localhost:6080/arcgis/admin"
ags_security_handler = AGSTokenSecurityHandler(username="psa",password="psa",org_url=ags_admin_url)
ags_obj = AGSAdministration(ags_admin_url, ags_security_handler)

>>> ags_obj.currentVersion
10.4

Now we need to "navigate" to the Security part of the ArcGIS Server Administrator Directory. In order to do that, we need to obtain a Security object which would give us access to all of the resources found there:

from arcrest.manageags._security import Security
ags_admin_security_url = r"http://localhost:6080/arcgis/admin/security"
security_obj = Security(ags_admin_security_url,ags_security_handler)

Here we had to import a class from the _security module and also specify the URL to the Security part of the Administrator Directory. Creating a Security object is no different than creating a AGSService or AGSAdministration objects.

Now you can manage the security of the ArcGIS Server site. Let's see if we can search for a specific user first:

security_obj.searchUsers(filter='jsmith')
>>>
{u'hasMore': False,
 u'users': [{u'description': u'',
             u'disabled': False,
             u'email': u'jsmith@company.com',
             u'fullname': u'John Smith',
             u'username': u'jsmith'}]}

With the Security object you will be able to retrieve the present users/roles, find out which roles a user belongs to, create new users/roles, remove existing ones and do many other things.

Let's build a workflow for adding multiple users from a csv file. To read the csv file, we could use the built-in module csv. Alternatively, you could use the unicodecsv external module that can handle the Unicode nicely.

import csv
csv_file = "users.csv"

#the contents of the users.csv file
#Username,Password,FullName,Description,Email
#jsmith,pa55w0rd,John Smith,,jsmith@company.com
#agreg,pa55w0rd,Alen Greg,,agreg@company.com
#hreames,pa55w0rd,Hew Reames,,hreames@company.com
#mlares,pa55w0rd,Mitch Lares,,mlares@company.com
#nburke,pa55w0rd,Nick Burke,,nburke@company.com

with open(csv_file,"rb") as f:
    reader = csv.DictReader(f)
    reader_rows = list(reader)

for row in reader_rows:
    print security_obj.addUser(username=row['Username'], password=row['Password'],
                               fullname=row['FullName'], description=row['Description'],
                               email=row['Email'])

For every added user, a {u'status': u'success'} should be printed. To get the users in the site, the getUsers() method is used:

>>> security_obj.getUsers()
{u'hasMore': False,
 u'users': [{u'description': u'',
             u'disabled': False,
             u'email': u'agreg@company.com',
             u'fullname': u'Alen Greg',
             u'username': u'agreg'},
...
            {u'description': u'',
             u'disabled': False,
             u'email': u'nburke@company.com',
             u'fullname': u'Nick Burke',
             u'username': u'nburke'}]}
Clone this wiki locally