albert 1.11.1__py3-none-any.whl → 1.12.0__py3-none-any.whl

albert/__init__.py

@@ -4,4 +4,4 @@ from albert.core.auth.sso import AlbertSSOClient
 
 __all__ = ["Albert", "AlbertClientCredentials", "AlbertSSOClient"]
 
-__version__ = "1.11.1"
+__version__ = "1.12.0"

albert/collections/attachments.py

@@ -152,20 +152,30 @@ class AttachmentCollection(BaseCollection):
             The name of the file, by default ""
         upload_key : str | None, optional
             Override the storage key used when signing and uploading the file.
-            Defaults to the provided ``file_name``.
+            Defaults to ``{parent_id}/{note_id}/{file_name}``.
 
         Returns
         -------
         Note
             The created note.
         """
-        upload_name = upload_key or file_name
-        if not upload_name:
+        if not (upload_key or file_name):
             raise ValueError("A file name or upload key must be provided for attachment upload.")
 
-        file_type = mimetypes.guess_type(file_name or upload_name)[0]
-        file_collection = self._get_file_collection()
         note_collection = self._get_note_collection()
+        note = Note(
+            parent_id=parent_id,
+            note=note_text,
+        )
+        registered_note = note_collection.create(note=note)
+        if upload_key:
+            attachment_name = file_name or Path(upload_key).name
+            upload_name = upload_key
+        else:
+            attachment_name = file_name
+            upload_name = f"{parent_id}/{registered_note.id}/{file_name}"
+        file_type = mimetypes.guess_type(attachment_name or upload_name)[0]
+        file_collection = self._get_file_collection()
 
         file_collection.sign_and_upload_file(
             data=file_data,
@@ -176,16 +186,12 @@ class AttachmentCollection(BaseCollection):
         file_info = file_collection.get_by_name(
             name=upload_name, namespace=FileNamespace.RESULT.value
         )
-        note = Note(
-            parent_id=parent_id,
-            note=note_text,
-        )
-        registered_note = note_collection.create(note=note)
         self.attach_file_to_note(
             note_id=registered_note.id,
-            file_name=file_name or Path(upload_name).name,
+            file_name=attachment_name,
             file_key=file_info.name,
         )
+
         return note_collection.get_by_id(id=registered_note.id)
 
     @validate_call

albert/core/auth/_listener.py

@@ -31,6 +31,10 @@ class RequestHandler(BaseHTTPRequestHandler):
         status = "successful" if self.server.token else "failed (no token found)"
         self.send_response(200)
         self.send_header("Content-Type", "text/html")
+        self.send_header(
+            "Content-Security-Policy",
+            "default-src 'none'; frame-ancestors 'none'; base-uri 'none';",
+        )
         self.end_headers()
         self.wfile.write(
             f"""
@@ -38,8 +42,6 @@ class RequestHandler(BaseHTTPRequestHandler):
             <body>
                 <h1>Authentication {status}</h1>
                 <p>You can close this window now.</p>
-                <script>window.close()</script>
-                <button onclick="window.close()">Close Window</button>
             </body>
             </html>
             """.encode()

albert/utils/property_data.py

@@ -2,7 +2,10 @@
 
 from __future__ import annotations
 
+import ast
+import math
 import mimetypes
+import operator
 import re
 import uuid
 from collections.abc import Callable
@@ -573,6 +576,63 @@ def get_all_columns_used_in_calculations(*, first_row_data_column: list):
     return used_columns
 
 
+_ALLOWED_BINOPS = {
+    ast.Add: operator.add,
+    ast.Sub: operator.sub,
+    ast.Mult: operator.mul,
+    ast.Div: operator.truediv,
+    ast.Mod: operator.mod,
+    ast.Pow: operator.pow,
+}
+_ALLOWED_UNARYOPS = {
+    ast.UAdd: operator.pos,
+    ast.USub: operator.neg,
+}
+_ALLOWED_FUNCS: dict[str, tuple[Callable[..., float], int]] = {
+    "log10": (math.log10, 1),
+    "ln": (math.log, 1),
+    "sqrt": (math.sqrt, 1),
+    "pi": (lambda: math.pi, 0),
+}
+_ALLOWED_NAMES = {"pi": math.pi}
+
+
+def _safe_eval_math(*, expression: str) -> float:
+    """Safely evaluate supported math expressions."""
+    parsed = ast.parse(expression, mode="eval")
+
+    def _eval(node: ast.AST) -> float:
+        if isinstance(node, ast.Expression):
+            return _eval(node.body)
+        if isinstance(node, ast.Constant) and isinstance(node.value, (int | float)):
+            return node.value
+        if isinstance(node, ast.BinOp) and type(node.op) in _ALLOWED_BINOPS:
+            return _ALLOWED_BINOPS[type(node.op)](_eval(node.left), _eval(node.right))
+        if isinstance(node, ast.UnaryOp) and type(node.op) in _ALLOWED_UNARYOPS:
+            return _ALLOWED_UNARYOPS[type(node.op)](_eval(node.operand))
+        if isinstance(node, ast.Call):
+            if not isinstance(node.func, ast.Name):
+                raise ValueError("Unsupported function call.")
+            func_name = node.func.id
+            if func_name not in _ALLOWED_FUNCS:
+                raise ValueError("Unsupported function.")
+            if node.keywords:
+                raise ValueError("Keyword arguments are not supported.")
+            func, arity = _ALLOWED_FUNCS[func_name]
+            if len(node.args) != arity:
+                raise ValueError("Unsupported function arity.")
+            if arity == 0:
+                return func()
+            return func(_eval(node.args[0]))
+        if isinstance(node, ast.Name):
+            if node.id in _ALLOWED_NAMES:
+                return _ALLOWED_NAMES[node.id]
+            raise ValueError("Unsupported name.")
+        raise ValueError("Unsupported expression.")
+
+    return _eval(parsed)
+
+
 def evaluate_calculation(*, calculation: str, column_values: dict) -> float | None:
     """Evaluate a calculation expression against column values."""
     calculation = calculation.lstrip("=")
@@ -589,7 +649,7 @@ def evaluate_calculation(*, calculation: str, column_values: dict) -> float | No
             calculation = pattern.sub(repl, calculation)
 
         calculation = calculation.replace("^", "**")
-        return eval(calculation)
+        return _safe_eval_math(expression=calculation)
     except Exception as e:
         logger.info(
             "Error evaluating calculation '%s': %s. Likely do not have all values needed.",

{albert-1.11.1.dist-info → albert-1.12.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: albert
-Version: 1.11.1
+Version: 1.12.0
 Summary: The official Python SDK for the Albert Invent platform.
 Project-URL: Homepage, https://www.albertinvent.com/
 Project-URL: Documentation, https://docs.developer.albertinvent.com/albert-python

{albert-1.11.1.dist-info → albert-1.12.0.dist-info}/RECORD

@@ -1,9 +1,9 @@
-albert/__init__.py,sha256=XThh5N2xtwjr3MAIRabVZNb-albZ35TFqJUFVdg7js4,239
+albert/__init__.py,sha256=IxZK2r9lTXpOpps67inCsmcTp1mEgdAXXsoIgn-EO2c,239
 albert/client.py,sha256=9SUy9AJpnFEUlSfxvbP1gJI776WcOoZykgPHx0EcF8g,12038
 albert/exceptions.py,sha256=-oxOJGE0A__aPUhri3qqb5YQ5qanECcTqamS73vGajM,3172
 albert/collections/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 albert/collections/activities.py,sha256=vvV5-f9KH52HarVSzUNAL7o4hz9mKWEZiE1MreqiH1g,3373
-albert/collections/attachments.py,sha256=xhhdXxlVuQL_5K_rCKWlA-itr8yBMGfgkSaHrOtZfpw,9950
+albert/collections/attachments.py,sha256=Lq5q2sMUKMBargfCM7xqFMbaZLRNRvyhjCUT5sWdhUk,10169
 albert/collections/base.py,sha256=MwBHndy5mXHvieozseaT1YF_RDevJWYu4IFGpLCBfww,8590
 albert/collections/batch_data.py,sha256=esMttDTCY8TqSEOfMFQQ6Um_77Mf-SY3g75t1b6THjQ,3388
 albert/collections/btdataset.py,sha256=rhjO4RtGSzAZj4hgA4M9BKG-eyhl111IDwZr_JW4t_E,4461
@@ -51,7 +51,7 @@ albert/core/logging.py,sha256=sqNbIC3CZyaTyLnoV9mn0NCkxKH-jUNDJkAVMxgPSFY,820
 albert/core/pagination.py,sha256=aK8wUHknptP0lfLoNT5qsxlkR8UA0xXghZroFzgA2rY,4440
 albert/core/session.py,sha256=kCeTsjc4k-6bwqByc3R-tpG1ikvc17a_IRBKnflrCYY,3860
 albert/core/auth/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-albert/core/auth/_listener.py,sha256=Vinmz3vr2COjdN7tQHUz63J3COZZd9QAce9GBUJE2cM,2261
+albert/core/auth/_listener.py,sha256=0RJnqofGrAQWkQ_UMWzk68_wGkzLmeX07Yn6NqWAeck,2293
 albert/core/auth/_manager.py,sha256=g4PUxADWJTTfwEP0-ob33ckjU_6mrFOBA4MWxaulsv4,1061
 albert/core/auth/credentials.py,sha256=uaN4RFIUsnCKPHgLnaZbNe9p-hhEDMOU6naE6vSrp8M,4234
 albert/core/auth/sso.py,sha256=4NEDN8wVT1fXvPEEgJNj20VCb5P5XZqG_6b8ovmloMI,7526
@@ -115,9 +115,9 @@ albert/utils/_auth.py,sha256=YjzaGIzI9qP53nwdyE2Ezs-9UokzA38kgdE7Sxnyjd8,124
 albert/utils/_patch.py,sha256=e-bD2x6W3Wt4FaKFK477h3kZeyucn3DEB9m5DR7LzaA,24273
 albert/utils/data_template.py,sha256=AUwzfQ-I2HY-osq_Tme5KLwXfMzW2pJpiud7HAMh148,27874
 albert/utils/inventory.py,sha256=ViHxb62DVxniEJqOfD7Gf8HltLeCbq21y4rS1xkVRnY,5349
-albert/utils/property_data.py,sha256=US_5PYZu2Yv3CmAuWMQfYztjSIgNaRrCz9SsVzLOGcw,22906
+albert/utils/property_data.py,sha256=xb0CZAh_0zFiN5yQwcw3Mjk4En8MxMrJF9DKQI19UhM,25074
 albert/utils/tasks.py,sha256=ejhXD9yQR_ReDKLJ3k8ZxWxkYl-Mta_4OPXrz_lQiBI,19878
-albert-1.11.1.dist-info/METADATA,sha256=zKrAC_yzs9_KXp7OBa74BBLLIwkl1Zw9fKlbAZmyoMw,15427
-albert-1.11.1.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-albert-1.11.1.dist-info/licenses/LICENSE,sha256=S7_vRdIhQmG7PmTlU8-BCCveuEcFZ6_3IUVdcoaJMuA,11348
-albert-1.11.1.dist-info/RECORD,,
+albert-1.12.0.dist-info/METADATA,sha256=fPc1wDNv8rwCKP4RMRMyrmEx9-tShO2r8UuRPMr7yw0,15427
+albert-1.12.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+albert-1.12.0.dist-info/licenses/LICENSE,sha256=S7_vRdIhQmG7PmTlU8-BCCveuEcFZ6_3IUVdcoaJMuA,11348
+albert-1.12.0.dist-info/RECORD,,