How to use the kotti.security.get_principals function in Kotti

def principal_schema(base=PrincipalFull()):
    principals = get_principals()
    schema = base.clone()
    has_groups = True
    try:
        schema["groups"]
    except KeyError:
        has_groups = False
    if has_groups:
        all_groups = []
        for p in principals.search(name="group:*"):
            value = p.name.split("group:")[1]
            label = "{0}, {1}".format(p.title, value)
            all_groups.append(dict(value=value, label=label))
        schema["groups"]["group"].widget.values = all_groups
        schema["roles"].widget.values = [
            (n, ROLES[n].title) for n in USER_MANAGEMENT_ROLES
        ]

def user_delete(context, request):
    principals = get_principals()

    if "name" in request.params and request.params["name"]:
        user_or_group = request.params["name"]
        principal = principals.search(name=user_or_group).first()
        if principal is None:
            request.session.flash(_("User was not found."), "error")
        else:
            is_group = user_or_group.startswith("group:")
            principal_type = _("Group") if is_group else _("User")

            # We already coming from the confirmation page.
            if "delete" in request.POST:
                principals.__delitem__(principal.name)
                notify(UserDeleted(principal, request))
                request.session.flash(
                    _(

def search_principals(request, context=None, ignore=None, extra=()):
    flash = request.session.flash
    principals = get_principals()

    if ignore is None:
        ignore = set()

    entries = []
    for principal_name in extra:
        if principal_name not in ignore:
            p = principals[principal_name]
            entries.append((p, list_groups_ext(principal_name, context)))
            ignore.add(principal_name)

    postdata = request.POST
    if request.method == "POST" and request.is_xhr:
        postdata = request.json
    if "search" in postdata:
        if request.is_xhr:

def populate_users():
    """
    Create the admin user with the password from the ``kotti.secret`` option
    if there is no user with name 'admin' yet.
    """

    principals = get_principals()
    if "admin" not in principals:
        principals["admin"] = {
            "name": "admin",
            "password": get_settings()["kotti.secret"],
            "title": "Administrator",
            "groups": ["role:admin"],
        }

def name_new_validator(node, value):
    if get_principals().get(value.lower()) is not None:
        raise colander.Invalid(node, _("A user with that name already exists."))

def save_success(self, appstruct):
        if appstruct.get("password"):
            hashed = get_principals().hash_password(appstruct["password"])
            appstruct["password"] = hashed
        else:
            appstruct.pop("password", None)
        _massage_groups_in(appstruct)
        return super(UserManageFormView, self).save_success(appstruct)

def login(context, request):
    """ Login view.  Renders either the login or password forgot form templates
    or handles their form submission and redirects to came_from on success.

    :result: Either a redirect response or a dictionary passed to the template
             for rendering
    :rtype: pyramid.httpexceptions.HTTPFound or dict
    """

    principals = get_principals()

    came_from = request.params.get("came_from", request.resource_url(context))
    login, password = "", ""

    if "submit" in request.POST:
        login = request.params["login"].lower()
        password = request.params["password"]
        user = _find_user(login)

        if (
            user is not None
            and user.active
            and principals.validate_password(password, user.password)
        ):
            return get_settings()["kotti.login_success_callback"][0](
                request, user, came_from