Folder

class Folder(api)

Bases: FeatureBase

apply_workflow(folder, workflow)

Applies a workflow to a folder and all of its subordinate objects. However, a subordinate folder may block the workflow.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• workflow (Object | str) – Config Object or Distinguished Name (DN) of the workflow object.

block_workflow(folder, workflow)

Blocks a workflow on a folder and all of its subordinate objects. This prevents any parent folders from enforcing a workflow on this folder and its subordinate objects.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• workflow (Object | str) – Config Object or Distinguished Name (DN) of the workflow object.

clear_policy(folder, class_name, attributes)

If attributes are not provided, clears the policy attribute name along with all of its values on a folder. If attributes are provided, then only the corresponding policy attribute values will be cleared. No error is thrown if the attribute value doesn’t exist to begin with. If the same attribute name is defined in any ancestor folder, then this folder will inherit that setting.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• class_name (str) – TPP Class Name for the attributes being locked.

• attributes (dict | list[str]) –

  Two types are supported:

  • list of attribute names to be cleared entirely.

  • dict whose keys are attribute names and whose values are the values to be cleared from the attribute. If the attribute is left empty it is cleared.

create(name, parent_folder, description=None, contacts=None, log_server=None, engines=None, attributes=None, get_if_already_exists=True, create_path=False)

Parameters:

• name (str) – Name of the folder.

• parent_folder (Object | str) – Config Object or Distinguished Name (DN) of the parent folder.

• description (str) – Description of the policy folder.

• contacts (list[Identity | str]) – List of Identity Object or Prefixed Name of the contacts.

• log_server (Object | str) – Config Object or name of the log server.

• engines (list[Object | str]) – List of Config Object or names of the processing engines for this folder.

• attributes (dict) – Attributes pertaining to the folder itself and NOT any of the policyable options. In order to set engines on this folder, use set_engines(). In order to set policyable options on the folder, use write_policy().

• get_if_already_exists (bool) – If the objects already exists, just return it as is.

• create_path (bool) – If True then the whole path is created if it doesn’t exist.

Returns:

Config Object of the folder object.

delete(folder, recursive=True, delete_owners_from_secrets=True, concurrency=1)

Deletes the folder. The folder is, by default, deleted recursively. All deleted objects will also be removed from their secret associations. If the secret association is then orphaned, then it is deleted.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• recursive (bool) – If True, delete all objects recursively.

• delete_owners_from_secrets (bool) – If True, the owners will be removed from the associated secrets.

• concurrency (int) – If greater than one a thread pool of this size will be used to delete the owner from the secret store association. If delete_owners_from_secrets is False then this has no effect.

delete_engines(folder)

Deletes all processing engines from the folder.

Parameters:

folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

get(folder_dn, raise_error_if_not_exists=True)

Parameters:

• folder_dn (str) – Distinguished Name (DN) of the folder.

• raise_error_if_not_exists (bool) – Raise an exception if the object Distinguished Name (DN) does not exist.

Returns:

Config Object of the folder object.

get_engines(folder)

Parameters:

folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

Returns:

List of all Engine on the folder.

read_policy(folder, class_name, attribute_name)

Reads policy settings for the given folder, class name, and attribute name.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• class_name (str) – TPP Class Name for the attributes being locked.

• attribute_name (str) – The attribute name.

Returns:

A tuple of

• List of values

• Locked boolean

Return type:

Tuple[list[str], bool]

remove_blocked_workflow(folder, workflow)

Removes a blocked workflow from a folder.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• workflow (Object | str) – Config Object or Distinguished Name (DN) of the workflow object.

remove_workflow(folder, workflow)

Removes an applied workflow from a folder.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• workflow (Object | str) – Config Object or Distinguished Name (DN) of the workflow object.

search(object_name_pattern='*', object_types=None, recursive=True, starting_dn=None)

Searches for an object with the given object name pattern. The pattern is a regular expression. An object type can be supplied to specify the TPP object type, such as ‘X509 Certificate’. If a starting Distinguished Name (DN) is given without an object type, a search will be performed from the starting DN. This can improve the efficiency of this method. However, if both a starting DN and object type is provided, due to limitations of the WebSDK API, a search will be performed against the object type first, and then filtered by matches to the starting DN.

Parameters:

• object_name_pattern (str) – An expression for filtering DN matches.

• object_types (list[str]) – List of TPP Object Types (also called a Config Classes)

• recursive (bool) – Search sub-folders when True

• starting_dn (str) – DN of the folder to begin search

Returns:

A list of Config Object of the objects found.

set_engines(folder, engines, append_engines=False)

Sets engines as processing engines for the folder.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• engines (list[Object | str]) – List of engine Config Object or engine names listed in TPP.

• append_engines (bool) – If True, append engines to the current list on the folder. Otherwise overwrite the current setting.

update_policy(folder, class_name, attributes, locked)

Updates policy configurations on a folder.

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• class_name (str) – TPP Class Name for the attributes being locked.

• attributes (dict) – A dictionary of attribute name/value pairs where the name is the attribute name and the value is the attribute value.

• locked (bool) – Enforces the policy on all subordinate folders and objects.

write_policy(folder, class_name, attributes, locked)

Writes policy settings on a folder. In order to set engines on this folder, use set_engines(). In order to set custom field policies, use pyvenafi.tpp.features.custom_fields.CustomField.write_policy().

Parameters:

• folder (Object | str) – Config Object or Distinguished Name (DN) of the folder.

• class_name (str) – TPP Class Name for the attributes being locked.

• attributes (dict) – A dictionary of attribute name/value pairs where the name is the attribute name and the value is the attribute value.

• locked (bool) – Enforces the policy on all subordinate folders and objects.