PyPI - MindsDB - Versions diffs - 25.6.4.0__py3-none-any.whl → 25.7.1.0__py3-none-any.whl - Mend

MindsDB 25.6.4.0py3-none-any.whl → 25.7.1.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of MindsDB might be problematic. Click here for more details.

Files changed (46) hide show

mindsdb/utilities/config.py CHANGED Viewed

@@ -199,7 +199,8 @@ class Config:
             },
             "cache": {"type": "local"},
             "ml_task_queue": {"type": "local"},
-            "file_upload_domains": [],
+            "url_file_upload": {"enabled": True, "allowed_origins": [], "disallowed_origins": []},
+            "file_upload_domains": [],  # deprecated, use config[url_file_upload][allowed_origins] instead
             "web_crawling_allowed_sites": [],
             "cloud": False,
             "jobs": {"disable": False},
@@ -548,6 +549,16 @@ class Config:
                 "Use 'MINDSDB_HTTP_SERVER_TYPE' instead."
             )
+        file_upload_domains = self._config.get("file_upload_domains")
+        if isinstance(file_upload_domains, list) and len(file_upload_domains) > 0:
+            allowed_origins = self._config["url_file_upload"]["allowed_origins"]
+            if isinstance(allowed_origins, list) and len(allowed_origins) == 0:
+                self._config["url_file_upload"]["allowed_origins"] = file_upload_domains
+            logger.warning(
+                'Config option "file_upload_domains" is deprecated, '
+                'use config["url_file_upload"]["allowed_origins"] instead.'
+            )
         for env_name in ("MINDSDB_HTTP_SERVER_TYPE", "MINDSDB_DEFAULT_SERVER"):
             env_value = os.environ.get(env_name, "")
             if env_value.lower() not in ("waitress", "flask", "gunicorn", ""):

mindsdb/utilities/exception.py CHANGED Viewed

@@ -1,29 +1,69 @@
+from textwrap import indent
 class BaseEntityException(Exception):
     """Base exception for entitys errors
-        Attributes:
-            message (str): error message
-            entity_name (str): entity name
+    Attributes:
+        message (str): error message
+        entity_name (str): entity name
     """
     def __init__(self, message: str, entity_name: str = None) -> None:
         self.message = message
-        self.entity_name = entity_name or 'unknown'
+        self.entity_name = entity_name or "unknown"
     def __str__(self) -> str:
-        return f'{self.message}: {self.entity_name}'
+        return f"{self.message}: {self.entity_name}"
 class EntityExistsError(BaseEntityException):
     """Raise when entity exists, but should not"""
     def __init__(self, message: str = None, entity_name: str = None) -> None:
         if message is None:
-            message = 'Entity exists error'
+            message = "Entity exists error"
         super().__init__(message, entity_name)
 class EntityNotExistsError(BaseEntityException):
     """Raise when entity not exists, but should"""
     def __init__(self, message: str = None, entity_name: str = None) -> None:
         if message is None:
-            message = 'Entity does not exists error'
+            message = "Entity does not exists error"
         super().__init__(message, entity_name)
+def format_db_error_message(
+    db_name: str | None = None,
+    db_type: str | None = None,
+    db_error_msg: str | None = None,
+    failed_query: str | None = None,
+) -> str:
+    """Format the error message for the database query.
+    Args:
+        db_name (str | None): The name of the database.
+        db_type (str | None): The type of the database.
+        db_error_msg (str | None): The error message.
+        failed_query (str | None): The failed query.
+    Returns:
+        str: The formatted error message.
+    """
+    error_message = "Failed to execute external database query during query processing."
+    if db_name is not None or db_type is not None:
+        error_message += "\n\nDatabase Details:"
+        if db_name is not None:
+            error_message += f"\n- Name: {db_name}"
+        if db_type is not None:
+            error_message += f"\n- Type: {db_type}"
+    if db_error_msg is not None:
+        error_message += f"\n\nError:\n{indent(db_error_msg, '    ')}"
+    if failed_query is not None:
+        error_message += f"\n\nFailed Query:\n{indent(failed_query, '    ')}"
+    return error_message

mindsdb/utilities/security.py CHANGED Viewed

@@ -27,28 +27,71 @@ def clear_filename(filename: str) -> str:
     if not filename:
         return filename
-    badchars = '\\/:*?\"<>|'
+    badchars = '\\/:*?"<>|'
     for c in badchars:
-        filename = filename.replace(c, '')
+        filename = filename.replace(c, "")
     return filename
-def validate_urls(urls, allowed_urls):
+def _split_url(url: str) -> tuple[str, str]:
+    """
+    Splits the URL into scheme and netloc.
+    Args:
+        url (str): The URL to split.
+    Returns:
+        tuple[str, str]: The scheme and netloc of the URL.
+    Raises:
+        ValueError: If the URL does not include protocol and host name.
+    """
+    parsed_url = urlparse(url)
+    if not (parsed_url.scheme and parsed_url.netloc):
+        raise ValueError(f"URL must include protocol and host name: {url}")
+    return parsed_url.scheme.lower(), parsed_url.netloc.lower()
+def validate_urls(urls: str | list[str], allowed_urls: list[str], disallowed_urls: list[str] | None = None) -> bool:
     """
     Checks if the provided URL(s) is/are from an allowed host.
-    This function parses the URL(s) and checks the network location part (netloc)
+    This function parses the URL(s) and checks the origin (scheme + netloc)
     against a list of allowed hosts.
-    :param urls: The URL(s) to check. Can be a single URL (str) or a list of URLs (list).
-    :param allowed_urls: The list of allowed URLs.
-    :return bool:  True if the URL(s) is/are from an allowed host, False otherwise.
+    Examples:
+        validate_urls("http://site.com/file", ["site.com"]) -> Exception
+        validate_urls("https://site.com/file", ["https://site.com"]) -> True
+        validate_urls("http://site.com/file", ["https://site.com"]) -> False
+        validate_urls("https://site.com/file", ["https://example.com"]) -> False
+        validate_urls("site.com/file", ["https://site.com"]) -> Exception
+    Args:
+        urls (str | list[str]): The URL(s) to check. Can be a single URL (str) or a list of URLs (list).
+        allowed_urls (list[str]): The list of allowed URLs.
+        disallowed_urls (list[str]): The list of disallowed URLs. If provided, the function
+                                     will return False if the URL is in the disallowed list.
+    Returns:
+        bool: True if the URL(s) is/are from an allowed host and not in the disallowed list, False otherwise.
     """
-    allowed_netlocs = [urlparse(allowed_url).netloc for allowed_url in allowed_urls]
+    if disallowed_urls is None:
+        disallowed_urls = []
+    allowed_origins = [_split_url(url) for url in allowed_urls]
+    disallowed_origins = [_split_url(url) for url in disallowed_urls]
     if isinstance(urls, str):
         urls = [urls]
-    # Check if all provided URLs are from the allowed sites
-    valid = all(urlparse(url).netloc in allowed_netlocs for url in urls)
-    return valid
+    if allowed_origins:
+        for url in urls:
+            if _split_url(url) not in allowed_origins:
+                return False
+    if disallowed_origins:
+        for url in urls:
+            if _split_url(url) in disallowed_origins:
+                return False
+    return True

MindsDB 25.6.4.0__py3-none-any.whl → 25.7.1.0__py3-none-any.whl

Potentially problematic release.

MindsDB 25.6.4.0py3-none-any.whl → 25.7.1.0py3-none-any.whl