3tears-agent-acl 0.14.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. 3tears_agent_acl-0.14.0/.gitignore +216 -0
  2. 3tears_agent_acl-0.14.0/LICENSE +21 -0
  3. 3tears_agent_acl-0.14.0/PKG-INFO +181 -0
  4. 3tears_agent_acl-0.14.0/README.md +159 -0
  5. 3tears_agent_acl-0.14.0/pyproject.toml +51 -0
  6. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/__init__.py +214 -0
  7. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/audit_vocabulary.py +122 -0
  8. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/authorize.py +366 -0
  9. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/builtin_roles.py +185 -0
  10. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/cache.py +558 -0
  11. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/collections.py +1775 -0
  12. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/entities.py +284 -0
  13. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/evaluator.py +954 -0
  14. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/invalidation.py +76 -0
  15. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/loader.py +152 -0
  16. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/loaders.py +227 -0
  17. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/py.typed +0 -0
  18. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/query_visibility.py +273 -0
  19. 3tears_agent_acl-0.14.0/src/threetears/agent/acl/types.py +421 -0
  20. 3tears_agent_acl-0.14.0/tests/__init__.py +1 -0
  21. 3tears_agent_acl-0.14.0/tests/unit/__init__.py +1 -0
  22. 3tears_agent_acl-0.14.0/tests/unit/_fake_loaders.py +199 -0
  23. 3tears_agent_acl-0.14.0/tests/unit/test_audit_vocabulary.py +100 -0
  24. 3tears_agent_acl-0.14.0/tests/unit/test_authorize.py +407 -0
  25. 3tears_agent_acl-0.14.0/tests/unit/test_builtin_roles.py +128 -0
  26. 3tears_agent_acl-0.14.0/tests/unit/test_cache.py +530 -0
  27. 3tears_agent_acl-0.14.0/tests/unit/test_collections.py +724 -0
  28. 3tears_agent_acl-0.14.0/tests/unit/test_evaluation.py +1132 -0
  29. 3tears_agent_acl-0.14.0/tests/unit/test_file_access.py +370 -0
  30. 3tears_agent_acl-0.14.0/tests/unit/test_introspection.py +555 -0
  31. 3tears_agent_acl-0.14.0/tests/unit/test_invalidation.py +81 -0
  32. 3tears_agent_acl-0.14.0/tests/unit/test_loaders.py +194 -0
  33. 3tears_agent_acl-0.14.0/tests/unit/test_query_visibility.py +263 -0
  34. 3tears_agent_acl-0.14.0/tests/unit/test_tool_eligibility_collections.py +244 -0
@@ -0,0 +1,216 @@
1
+ # Byte-compiled / optimized / DLL files
2
+ __pycache__/
3
+ *.py[codz]
4
+ *$py.class
5
+
6
+ # C extensions
7
+ *.so
8
+
9
+ # Distribution / packaging
10
+ .Python
11
+ build/
12
+ develop-eggs/
13
+ dist/
14
+ downloads/
15
+ eggs/
16
+ .eggs/
17
+ lib/
18
+ lib64/
19
+ parts/
20
+ sdist/
21
+ var/
22
+ wheels/
23
+ share/python-wheels/
24
+ *.egg-info/
25
+ .installed.cfg
26
+ *.egg
27
+ MANIFEST
28
+
29
+ # PyInstaller
30
+ # Usually these files are written by a python script from a template
31
+ # before PyInstaller builds the exe, so as to inject date/other infos into it.
32
+ *.manifest
33
+ *.spec
34
+
35
+ # Installer logs
36
+ pip-log.txt
37
+ pip-delete-this-directory.txt
38
+
39
+ # Unit test / coverage reports
40
+ htmlcov/
41
+ .tox/
42
+ .nox/
43
+ .coverage
44
+ .coverage.*
45
+ .cache
46
+ nosetests.xml
47
+ coverage.xml
48
+ *.cover
49
+ *.py.cover
50
+ .hypothesis/
51
+ .pytest_cache/
52
+ cover/
53
+
54
+ # Translations
55
+ *.mo
56
+ *.pot
57
+
58
+ # Django stuff:
59
+ *.log
60
+ local_settings.py
61
+ db.sqlite3
62
+ db.sqlite3-journal
63
+
64
+ # Flask stuff:
65
+ instance/
66
+ .webassets-cache
67
+
68
+ # Scrapy stuff:
69
+ .scrapy
70
+
71
+ # Sphinx documentation
72
+ docs/_build/
73
+
74
+ # PyBuilder
75
+ .pybuilder/
76
+ target/
77
+
78
+ # Jupyter Notebook
79
+ .ipynb_checkpoints
80
+
81
+ # IPython
82
+ profile_default/
83
+ ipython_config.py
84
+
85
+ # pyenv
86
+ # For a library or package, you might want to ignore these files since the code is
87
+ # intended to run in multiple environments; otherwise, check them in:
88
+ # .python-version
89
+
90
+ # pipenv
91
+ # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
92
+ # However, in case of collaboration, if having platform-specific dependencies or dependencies
93
+ # having no cross-platform support, pipenv may install dependencies that don't work, or not
94
+ # install all needed dependencies.
95
+ #Pipfile.lock
96
+
97
+ # UV
98
+ # Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
99
+ # This is especially recommended for binary packages to ensure reproducibility, and is more
100
+ # commonly ignored for libraries.
101
+ #uv.lock
102
+
103
+ # poetry
104
+ # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
105
+ # This is especially recommended for binary packages to ensure reproducibility, and is more
106
+ # commonly ignored for libraries.
107
+ # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
108
+ #poetry.lock
109
+ #poetry.toml
110
+
111
+ # pdm
112
+ # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
113
+ # pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
114
+ # https://pdm-project.org/en/latest/usage/project/#working-with-version-control
115
+ #pdm.lock
116
+ #pdm.toml
117
+ .pdm-python
118
+ .pdm-build/
119
+
120
+ # pixi
121
+ # Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
122
+ #pixi.lock
123
+ # Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
124
+ # in the .venv directory. It is recommended not to include this directory in version control.
125
+ .pixi
126
+
127
+ # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
128
+ __pypackages__/
129
+
130
+ # Celery stuff
131
+ celerybeat-schedule
132
+ celerybeat.pid
133
+
134
+ # SageMath parsed files
135
+ *.sage.py
136
+
137
+ # Environments
138
+ .env
139
+ .envrc
140
+ .venv
141
+ env/
142
+ venv/
143
+ ENV/
144
+ env.bak/
145
+ venv.bak/
146
+
147
+ # Spyder project settings
148
+ .spyderproject
149
+ .spyproject
150
+
151
+ # Rope project settings
152
+ .ropeproject
153
+
154
+ # mkdocs documentation
155
+ /site
156
+
157
+ # mypy
158
+ .mypy_cache/
159
+ .dmypy.json
160
+ dmypy.json
161
+
162
+ # Pyre type checker
163
+ .pyre/
164
+
165
+ # pytype static type analyzer
166
+ .pytype/
167
+
168
+ # Cython debug symbols
169
+ cython_debug/
170
+
171
+ # PyCharm
172
+ # JetBrains specific template is maintained in a separate JetBrains.gitignore that can
173
+ # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
174
+ # and can be added to the global gitignore or merged into this file. For a more nuclear
175
+ # option (not recommended) you can uncomment the following to ignore the entire idea folder.
176
+ #.idea/
177
+
178
+ # Abstra
179
+ # Abstra is an AI-powered process automation framework.
180
+ # Ignore directories containing user credentials, local state, and settings.
181
+ # Learn more at https://abstra.io/docs
182
+ .abstra/
183
+
184
+ # Visual Studio Code
185
+ # Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore
186
+ # that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
187
+ # and can be added to the global gitignore or merged into this file. However, if you prefer,
188
+ # you could uncomment the following to ignore the entire vscode folder
189
+ # .vscode/
190
+
191
+ # Ruff stuff:
192
+ .ruff_cache/
193
+
194
+ # PyPI configuration file
195
+ .pypirc
196
+
197
+ # Cursor
198
+ # Cursor is an AI-powered code editor. `.cursorignore` specifies files/directories to
199
+ # exclude from AI features like autocomplete and code analysis. Recommended for sensitive data
200
+ # refer to https://docs.cursor.com/context/ignore-files
201
+ .cursorignore
202
+ .cursorindexingignore
203
+
204
+ # Marimo
205
+ marimo/_static/
206
+ marimo/_lsp/
207
+ __marimo__/
208
+
209
+ # Claude Code local state
210
+ .claude/
211
+
212
+ # prawduct session evidence (local governance artifacts, never shipped)
213
+ .prawduct/
214
+
215
+ # macOS folder metadata
216
+ .DS_Store
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 Mark Pace
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
@@ -0,0 +1,181 @@
1
+ Metadata-Version: 2.4
2
+ Name: 3tears-agent-acl
3
+ Version: 0.14.0
4
+ Summary: shared rbac evaluator + cache for the 3tears platform: groups, roles, role assignments, evaluation trails
5
+ Project-URL: Repository, https://github.com/pacepace/3tears
6
+ Author: pace
7
+ License-Expression: MIT
8
+ License-File: LICENSE
9
+ Classifier: Development Status :: 3 - Alpha
10
+ Classifier: Framework :: AsyncIO
11
+ Classifier: Intended Audience :: Developers
12
+ Classifier: Programming Language :: Python :: 3
13
+ Classifier: Programming Language :: Python :: 3.14
14
+ Classifier: Topic :: Security
15
+ Classifier: Topic :: Software Development :: Libraries
16
+ Classifier: Typing :: Typed
17
+ Requires-Python: >=3.14
18
+ Requires-Dist: 3tears
19
+ Requires-Dist: 3tears-observe
20
+ Requires-Dist: pydantic>=2.0
21
+ Description-Content-Type: text/markdown
22
+
23
+ # 3tears-agent-acl
24
+
25
+ Shared RBAC primitives for the 3tears platform: evaluator, cache,
26
+ canonical Collections, loader adapters, and NATS invalidation
27
+ payload models.
28
+
29
+ ## Purpose
30
+
31
+ Single source of truth for "can actor do action on namespace" decisions
32
+ PLUS the persistence layer that feeds them. The same pure-Python
33
+ evaluator, canonical Collections, and loader adapters run in every
34
+ consuming application, so authorization answers are byte-identical
35
+ across processes and one set of unit tests covers every caller.
36
+
37
+ The Collections, loaders, and invalidation models are reusable across
38
+ any 3tears app. The package supersedes per-resource ACL code paths
39
+ (`namespace_grants`, workspace-specific checks, tool-access fnmatch
40
+ lists).
41
+
42
+ ## Public API
43
+
44
+ Exports (see `src/threetears/agent/acl/__init__.py`):
45
+
46
+ ### Evaluation
47
+
48
+ - `evaluate_decision(ctx, *, cache: AclCache) -> bool` -- fast yes/no
49
+ hot path. The cache is consulted for membership and per-namespace
50
+ contribution layers on every call, falling back to its loaders only
51
+ on cache miss; production hit rate against repeated authz checks
52
+ for the same `(actor, namespace)` is ~100% within the cache TTL.
53
+ - `evaluate_with_trail(ctx, *, cache) -> EvaluationResult` --
54
+ introspection path returning every
55
+ `(group, assignment, role) -> contributed_actions` chain plus
56
+ `limiting_side` for user×agent intersection queries. Uses the same
57
+ cache layers as `evaluate_decision`; trails are stored alongside
58
+ the action set so successive decision-mode and trail-mode calls
59
+ for the same actor + namespace serve from cache.
60
+ - `evaluate_file_access(*, namespace, user_id, agent_id, path,
61
+ direction, cache) -> bool` -- workspace path-glob gate; same cache
62
+ semantics.
63
+ - `authorize(*, namespace_collection, namespace_name, action,
64
+ user_id, agent_id, cache) -> EvaluationResult` -- canonical
65
+ authorization primitive every app's resource-typed wrapper
66
+ is built on. Looks up the namespace by name, runs
67
+ `evaluate_with_trail` through the cache, raises generic
68
+ `AccessDenied` on deny / `NamespaceNotFound` on missing row.
69
+ - `authorize_with_trail` -- variant returning `(result, ns_entity)`
70
+ for wrappers needing the entity.
71
+ - `AccessDenied` / `NamespaceNotFound` -- generic + namespace-miss
72
+ exception classes; per-resource wrappers subclass `AccessDenied`
73
+ to carry typed catching at endpoint code (e.g.
74
+ `MemoryAccessDenied`, `DatasourceAccessDenied`).
75
+ - `AclCache` -- three-layer in-process TTL cache
76
+ (`actor -> [GroupMembership]`, `(group_id, namespace_id) -> action_set
77
+ + trails`, `(group_id, namespace_type, customer_id) -> action_set
78
+ + trails`) with fine-grained invalidation hooks fired on
79
+ group-membership / role / assignment change. The `ActorMembershipEntry`
80
+ carries the full memberships tuple so the evaluator's
81
+ cross-customer + member-type filter runs against cached state.
82
+
83
+ ### Persistence
84
+
85
+ - `GroupCollection`, `GroupMemberCollection`, `RoleCollection`,
86
+ `RoleAssignmentCollection`, `NamespaceCollection` -- three-tier
87
+ `SchemaBackedCollection` subclasses fronting the canonical RBAC
88
+ tables (`groups`, `group_members`, `roles`, `role_assignments`,
89
+ `namespaces`). Schemas use canonical RBAC names with no
90
+ deploy-specific schema prefix; the prefix is set on the L3 pool's
91
+ `search_path`, not in the schema name on the Collection.
92
+ - `GroupEntity`, `GroupMemberEntity`, `RoleEntity`,
93
+ `RoleAssignmentEntity`, `NamespaceEntity` -- `BaseEntity`
94
+ subclasses; four use composite primary keys post-row_scope
95
+ partitioning (`(row_scope, id)` for groups / role_assignments /
96
+ namespaces; `(group_id, id)` for group_members).
97
+ - `CollectionMembershipLoader`, `CollectionGrantLoader` -- concrete
98
+ loader adapters satisfying the `MembershipLoader` /
99
+ `GrantLoader` Protocols, wired against the canonical Collections.
100
+
101
+ ### Invalidation
102
+
103
+ - `MembershipInvalidatePayload`, `AssignmentInvalidatePayload`,
104
+ `RoleInvalidatePayload` -- typed Pydantic models for the three
105
+ `{ns}.acl.*.invalidate` NATS subjects. Wire format is single-source:
106
+ every publisher (admin endpoints, agent self-mutations) and every
107
+ subscriber (cache subscribers in any consuming app) speaks
108
+ these models.
109
+
110
+ ### Value types & protocols
111
+
112
+ - Value types: `Group`, `GroupMembership`, `Role`, `RoleAssignment`,
113
+ `Namespace`, `EvaluationContext`, `EvaluationResult`, `Trail`.
114
+ - Enums: `ActorType`, `MemberType`, `ScopeType`, `LimitingSide`.
115
+ - I/O protocols: `GrantLoader`, `MembershipLoader` -- callers may
116
+ implement these against any persistence layer; the canonical
117
+ `Collection*Loader` adapters above are the reference impls.
118
+
119
+ ## Consuming the package from a 3tears app
120
+
121
+ Each app constructs the canonical Collections against its own L3
122
+ pool (direct asyncpg in a server-style deployment, NATS-proxied L3 in
123
+ each agent pod) and wires the canonical loader adapters + cache.
124
+ Deployment-specific admin query shapes (dynamic `list_by_filter` /
125
+ per-cardinality counts / multi-table discovery JOINs) live on
126
+ consuming-app subclasses.
127
+
128
+ ```python
129
+ from threetears.agent.acl import (
130
+ AclCache,
131
+ CollectionGrantLoader,
132
+ CollectionMembershipLoader,
133
+ EvaluationContext,
134
+ GroupCollection,
135
+ GroupMemberCollection,
136
+ NamespaceCollection,
137
+ RoleAssignmentCollection,
138
+ RoleCollection,
139
+ evaluate_decision,
140
+ )
141
+
142
+ # 1. construct Collections against your registry / L3 pool
143
+ group_collection = GroupCollection(registry=registry, config=core_config)
144
+ group_member_collection = GroupMemberCollection(registry=registry, config=core_config)
145
+ role_collection = RoleCollection(registry=registry, config=core_config)
146
+ role_assignment_collection = RoleAssignmentCollection(registry=registry, config=core_config)
147
+ namespace_collection = NamespaceCollection(registry=registry, config=core_config)
148
+
149
+ # 2. wire the canonical loaders
150
+ membership_loader = CollectionMembershipLoader(collection=group_member_collection)
151
+ grant_loader = CollectionGrantLoader(
152
+ assignment_collection=role_assignment_collection,
153
+ role_collection=role_collection,
154
+ group_collection=group_collection,
155
+ )
156
+
157
+ # 3. build the cache
158
+ cache = AclCache(
159
+ membership_loader=membership_loader,
160
+ grant_loader=grant_loader,
161
+ ttl_seconds=60,
162
+ )
163
+
164
+ # 4. evaluate
165
+ ctx = EvaluationContext(
166
+ namespace=target_namespace,
167
+ action="read",
168
+ user_id=user_id,
169
+ agent_id=agent_id,
170
+ )
171
+ allowed = await evaluate_decision(
172
+ ctx,
173
+ membership_loader=membership_loader,
174
+ grant_loader=grant_loader,
175
+ )
176
+ ```
177
+
178
+ Implicit ownership: if `namespace.owner_agent_id == ctx.agent_id`,
179
+ the agent side short-circuits to full permissions with no group
180
+ lookup or assignment query. Ownership is a property of the namespace
181
+ row, never a grant.
@@ -0,0 +1,159 @@
1
+ # 3tears-agent-acl
2
+
3
+ Shared RBAC primitives for the 3tears platform: evaluator, cache,
4
+ canonical Collections, loader adapters, and NATS invalidation
5
+ payload models.
6
+
7
+ ## Purpose
8
+
9
+ Single source of truth for "can actor do action on namespace" decisions
10
+ PLUS the persistence layer that feeds them. The same pure-Python
11
+ evaluator, canonical Collections, and loader adapters run in every
12
+ consuming application, so authorization answers are byte-identical
13
+ across processes and one set of unit tests covers every caller.
14
+
15
+ The Collections, loaders, and invalidation models are reusable across
16
+ any 3tears app. The package supersedes per-resource ACL code paths
17
+ (`namespace_grants`, workspace-specific checks, tool-access fnmatch
18
+ lists).
19
+
20
+ ## Public API
21
+
22
+ Exports (see `src/threetears/agent/acl/__init__.py`):
23
+
24
+ ### Evaluation
25
+
26
+ - `evaluate_decision(ctx, *, cache: AclCache) -> bool` -- fast yes/no
27
+ hot path. The cache is consulted for membership and per-namespace
28
+ contribution layers on every call, falling back to its loaders only
29
+ on cache miss; production hit rate against repeated authz checks
30
+ for the same `(actor, namespace)` is ~100% within the cache TTL.
31
+ - `evaluate_with_trail(ctx, *, cache) -> EvaluationResult` --
32
+ introspection path returning every
33
+ `(group, assignment, role) -> contributed_actions` chain plus
34
+ `limiting_side` for user×agent intersection queries. Uses the same
35
+ cache layers as `evaluate_decision`; trails are stored alongside
36
+ the action set so successive decision-mode and trail-mode calls
37
+ for the same actor + namespace serve from cache.
38
+ - `evaluate_file_access(*, namespace, user_id, agent_id, path,
39
+ direction, cache) -> bool` -- workspace path-glob gate; same cache
40
+ semantics.
41
+ - `authorize(*, namespace_collection, namespace_name, action,
42
+ user_id, agent_id, cache) -> EvaluationResult` -- canonical
43
+ authorization primitive every app's resource-typed wrapper
44
+ is built on. Looks up the namespace by name, runs
45
+ `evaluate_with_trail` through the cache, raises generic
46
+ `AccessDenied` on deny / `NamespaceNotFound` on missing row.
47
+ - `authorize_with_trail` -- variant returning `(result, ns_entity)`
48
+ for wrappers needing the entity.
49
+ - `AccessDenied` / `NamespaceNotFound` -- generic + namespace-miss
50
+ exception classes; per-resource wrappers subclass `AccessDenied`
51
+ to carry typed catching at endpoint code (e.g.
52
+ `MemoryAccessDenied`, `DatasourceAccessDenied`).
53
+ - `AclCache` -- three-layer in-process TTL cache
54
+ (`actor -> [GroupMembership]`, `(group_id, namespace_id) -> action_set
55
+ + trails`, `(group_id, namespace_type, customer_id) -> action_set
56
+ + trails`) with fine-grained invalidation hooks fired on
57
+ group-membership / role / assignment change. The `ActorMembershipEntry`
58
+ carries the full memberships tuple so the evaluator's
59
+ cross-customer + member-type filter runs against cached state.
60
+
61
+ ### Persistence
62
+
63
+ - `GroupCollection`, `GroupMemberCollection`, `RoleCollection`,
64
+ `RoleAssignmentCollection`, `NamespaceCollection` -- three-tier
65
+ `SchemaBackedCollection` subclasses fronting the canonical RBAC
66
+ tables (`groups`, `group_members`, `roles`, `role_assignments`,
67
+ `namespaces`). Schemas use canonical RBAC names with no
68
+ deploy-specific schema prefix; the prefix is set on the L3 pool's
69
+ `search_path`, not in the schema name on the Collection.
70
+ - `GroupEntity`, `GroupMemberEntity`, `RoleEntity`,
71
+ `RoleAssignmentEntity`, `NamespaceEntity` -- `BaseEntity`
72
+ subclasses; four use composite primary keys post-row_scope
73
+ partitioning (`(row_scope, id)` for groups / role_assignments /
74
+ namespaces; `(group_id, id)` for group_members).
75
+ - `CollectionMembershipLoader`, `CollectionGrantLoader` -- concrete
76
+ loader adapters satisfying the `MembershipLoader` /
77
+ `GrantLoader` Protocols, wired against the canonical Collections.
78
+
79
+ ### Invalidation
80
+
81
+ - `MembershipInvalidatePayload`, `AssignmentInvalidatePayload`,
82
+ `RoleInvalidatePayload` -- typed Pydantic models for the three
83
+ `{ns}.acl.*.invalidate` NATS subjects. Wire format is single-source:
84
+ every publisher (admin endpoints, agent self-mutations) and every
85
+ subscriber (cache subscribers in any consuming app) speaks
86
+ these models.
87
+
88
+ ### Value types & protocols
89
+
90
+ - Value types: `Group`, `GroupMembership`, `Role`, `RoleAssignment`,
91
+ `Namespace`, `EvaluationContext`, `EvaluationResult`, `Trail`.
92
+ - Enums: `ActorType`, `MemberType`, `ScopeType`, `LimitingSide`.
93
+ - I/O protocols: `GrantLoader`, `MembershipLoader` -- callers may
94
+ implement these against any persistence layer; the canonical
95
+ `Collection*Loader` adapters above are the reference impls.
96
+
97
+ ## Consuming the package from a 3tears app
98
+
99
+ Each app constructs the canonical Collections against its own L3
100
+ pool (direct asyncpg in a server-style deployment, NATS-proxied L3 in
101
+ each agent pod) and wires the canonical loader adapters + cache.
102
+ Deployment-specific admin query shapes (dynamic `list_by_filter` /
103
+ per-cardinality counts / multi-table discovery JOINs) live on
104
+ consuming-app subclasses.
105
+
106
+ ```python
107
+ from threetears.agent.acl import (
108
+ AclCache,
109
+ CollectionGrantLoader,
110
+ CollectionMembershipLoader,
111
+ EvaluationContext,
112
+ GroupCollection,
113
+ GroupMemberCollection,
114
+ NamespaceCollection,
115
+ RoleAssignmentCollection,
116
+ RoleCollection,
117
+ evaluate_decision,
118
+ )
119
+
120
+ # 1. construct Collections against your registry / L3 pool
121
+ group_collection = GroupCollection(registry=registry, config=core_config)
122
+ group_member_collection = GroupMemberCollection(registry=registry, config=core_config)
123
+ role_collection = RoleCollection(registry=registry, config=core_config)
124
+ role_assignment_collection = RoleAssignmentCollection(registry=registry, config=core_config)
125
+ namespace_collection = NamespaceCollection(registry=registry, config=core_config)
126
+
127
+ # 2. wire the canonical loaders
128
+ membership_loader = CollectionMembershipLoader(collection=group_member_collection)
129
+ grant_loader = CollectionGrantLoader(
130
+ assignment_collection=role_assignment_collection,
131
+ role_collection=role_collection,
132
+ group_collection=group_collection,
133
+ )
134
+
135
+ # 3. build the cache
136
+ cache = AclCache(
137
+ membership_loader=membership_loader,
138
+ grant_loader=grant_loader,
139
+ ttl_seconds=60,
140
+ )
141
+
142
+ # 4. evaluate
143
+ ctx = EvaluationContext(
144
+ namespace=target_namespace,
145
+ action="read",
146
+ user_id=user_id,
147
+ agent_id=agent_id,
148
+ )
149
+ allowed = await evaluate_decision(
150
+ ctx,
151
+ membership_loader=membership_loader,
152
+ grant_loader=grant_loader,
153
+ )
154
+ ```
155
+
156
+ Implicit ownership: if `namespace.owner_agent_id == ctx.agent_id`,
157
+ the agent side short-circuits to full permissions with no group
158
+ lookup or assignment query. Ownership is a property of the namespace
159
+ row, never a grant.
@@ -0,0 +1,51 @@
1
+ [build-system]
2
+ requires = ["hatchling"]
3
+ build-backend = "hatchling.build"
4
+
5
+ [project]
6
+ name = "3tears-agent-acl"
7
+ version = "0.14.0"
8
+ description = "shared rbac evaluator + cache for the 3tears platform: groups, roles, role assignments, evaluation trails"
9
+ readme = "README.md"
10
+ requires-python = ">=3.14"
11
+ authors = [{name = "pace"}]
12
+ license = "MIT"
13
+ license-files = ["LICENSE"]
14
+ classifiers = [
15
+ "Development Status :: 3 - Alpha",
16
+ "Framework :: AsyncIO",
17
+ "Intended Audience :: Developers",
18
+ "Programming Language :: Python :: 3",
19
+ "Programming Language :: Python :: 3.14",
20
+ "Topic :: Security",
21
+ "Topic :: Software Development :: Libraries",
22
+ "Typing :: Typed",
23
+ ]
24
+ dependencies = [
25
+ "3tears",
26
+ "3tears-observe",
27
+ "pydantic>=2.0",
28
+ ]
29
+
30
+ [project.urls]
31
+ Repository = "https://github.com/pacepace/3tears"
32
+
33
+ [tool.hatch.build.targets.wheel]
34
+ packages = ["src/threetears"]
35
+
36
+ [tool.uv.sources]
37
+ 3tears = { workspace = true }
38
+ 3tears-observe = { workspace = true }
39
+
40
+ [tool.mypy]
41
+ strict = true
42
+ mypy_path = "src"
43
+ packages = ["threetears.agent.acl"]
44
+ explicit_package_bases = true
45
+ ignore_missing_imports = true
46
+
47
+ [tool.pytest.ini_options]
48
+ asyncio_mode = "auto"
49
+ markers = [
50
+ "integration: integration tests requiring docker or real infra",
51
+ ]