amsdal 0.3.0__cp311-cp311-macosx_10_9_universal2.whl → 0.3.2__cp311-cp311-macosx_10_9_universal2.whl

amsdal/__about__.py

@@ -1,4 +1,4 @@
 # SPDX-FileCopyrightText: 2023-present
 #
 # SPDX-License-Identifier: AMSDAL End User License Agreement
-__version__ = '0.3.0'
+__version__ = '0.3.2'

amsdal/contrib/auth/lifecycle/consumer.py

@@ -2,6 +2,7 @@ import logging
 from typing import Any
 
 import jwt
+from amsdal_data.transactions.decorators import async_transaction
 from amsdal_data.transactions.decorators import transaction
 from amsdal_models.classes.helpers.reference_loader import ReferenceLoader
 from amsdal_models.classes.model import Model
@@ -70,6 +71,54 @@ class CheckAndCreateSuperUserConsumer(LifecycleConsumer):
         instance.save(force_insert=True)
         logger.info('Super user created successfully')
 
+    @async_transaction
+    async def on_event_async(self) -> None:  # type: ignore[override]
+        """
+        Checks for the existence of a super user and creates one if necessary.
+
+        This method ensures that a super user exists by checking the email and password
+        in the authentication settings. If the super user does not exist, it creates one
+        with the necessary permissions.
+        """
+        from amsdal.contrib.auth.settings import auth_settings
+        from models.contrib.permission import Permission  # type: ignore[import-not-found]
+        from models.contrib.user import User  # type: ignore[import-not-found]
+
+        logger.info('Ensure super user exists')
+
+        if not (auth_settings.ADMIN_USER_EMAIL and auth_settings.ADMIN_USER_PASSWORD):
+            logger.info('Email / password missing for super user - skipping')
+            return
+
+        user = (
+            await User.objects.filter(email=auth_settings.ADMIN_USER_EMAIL, _address__object_version=Versions.LATEST)
+            .get_or_none()
+            .aexecute()
+        )
+        if user is not None:
+            logger.info('Super user already exists - skipping')
+            return
+
+        logger.info("Super user doesn't exist - creating now")
+
+        access_all_permission = (
+            await Permission.objects.filter(
+                model='*',
+                action='*',
+                _address__object_version=Versions.LATEST,
+            )
+            .get()
+            .aexecute()
+        )
+
+        instance = User(
+            email=auth_settings.ADMIN_USER_EMAIL,
+            password=auth_settings.ADMIN_USER_PASSWORD,
+            permissions=[access_all_permission],
+        )
+        await instance.asave(force_insert=True)
+        logger.info('Super user created successfully')
+
 
 class AuthenticateUserConsumer(LifecycleConsumer):
     """
@@ -120,6 +169,46 @@ class AuthenticateUserConsumer(LifecycleConsumer):
 
         authentication_info.user = user
 
+    async def on_event_async(self, auth_header: str, authentication_info: Any) -> None:
+        """
+        Authenticates the user using the provided JWT token.
+
+        This method decodes the JWT token from the authorization header and retrieves
+        the corresponding user from the database. If the token is invalid or expired,
+        it raises an `AuthenticationError`.
+
+        Args:
+            auth_header (str): The JWT token from the authorization header.
+            authentication_info (Any): The authentication information object to update with the user.
+        """
+        from amsdal.contrib.auth.settings import auth_settings
+        from models.contrib.user import User  # type: ignore[import-not-found]
+
+        authentication_info.user = None
+        email: str | None
+
+        try:
+            jwt_payload = jwt.decode(
+                auth_header,
+                auth_settings.AUTH_JWT_KEY,  # type: ignore[arg-type]
+                algorithms=['HS256'],
+            )
+            email = jwt_payload['email']
+        except jwt.ExpiredSignatureError as exc:
+            logger.error('Auth token expired. Defaulting to anonymous user.')
+
+            msg = 'Auth token has expired.'
+            raise AuthenticationError(msg) from exc
+        except Exception as exc:
+            logger.error('Auth token decode failure. Defaulting to anonymous user.')
+
+            msg = 'Failed to decode auth token.'
+            raise AuthenticationError(msg) from exc
+
+        user = await User.objects.filter(email=email, _address__object_version=Versions.LATEST).get_or_none().aexecute()
+
+        authentication_info.user = user
+
 
 class CheckPermissionConsumer(LifecycleConsumer):
     """
@@ -155,6 +244,32 @@ class CheckPermissionConsumer(LifecycleConsumer):
             elif required_permission.action == 'delete':
                 permissions_info.has_delete_permission = False
 
+    async def _async_prepopulate_default_permissions(self, object_class: type[Model], permissions_info: Any) -> None:
+        from amsdal.contrib.auth.settings import auth_settings
+        from models.contrib.permission import Permission  # type: ignore[import-not-found]
+
+        permissions_info.has_read_permission = not auth_settings.REQUIRE_DEFAULT_AUTHORIZATION
+        permissions_info.has_create_permission = (
+            (not auth_settings.REQUIRE_DEFAULT_AUTHORIZATION) if object_class.__name__ != 'LoginSession' else True
+        )
+        permissions_info.has_update_permission = not auth_settings.REQUIRE_DEFAULT_AUTHORIZATION
+        permissions_info.has_delete_permission = not auth_settings.REQUIRE_DEFAULT_AUTHORIZATION
+
+        required_permissions = await Permission.objects.filter(
+            model=object_class.__name__,
+            _address__object_version=Versions.LATEST,
+        ).aexecute()
+
+        for required_permission in required_permissions:
+            if required_permission.action == 'read':
+                permissions_info.has_read_permission = False
+            elif required_permission.action == 'create':
+                permissions_info.has_create_permission = False
+            elif required_permission.action == 'update':
+                permissions_info.has_update_permission = False
+            elif required_permission.action == 'delete':
+                permissions_info.has_delete_permission = False
+
     def _check_class_permissions(self, object_class: type[Model], user: Any, permissions_info: Any) -> None:
         if hasattr(object_class, 'has_permission'):
             for action in ['read', 'create', 'update', 'delete']:
@@ -185,6 +300,36 @@ class CheckPermissionConsumer(LifecycleConsumer):
                 permissions_info.has_update_permission = True
                 permissions_info.has_delete_permission = True
 
+    async def _async_check_class_permissions(self, object_class: type[Model], user: Any, permissions_info: Any) -> None:
+        if hasattr(object_class, 'has_permission'):
+            for action in ['read', 'create', 'update', 'delete']:
+                setattr(permissions_info, f'has_{action}_permission', object_class.has_permission(user, action))
+
+        if not user or not getattr(user, 'permissions', None):
+            return
+
+        user_permissions = [
+            await ReferenceLoader(p).aload_reference() if isinstance(p, Reference) else p for p in user.permissions
+        ]
+
+        for user_permission in user_permissions:
+            if user_permission.model not in [object_class.__name__, '*']:
+                continue
+
+            if user_permission.action == 'read':
+                permissions_info.has_read_permission = True
+            elif user_permission.action == 'create':
+                permissions_info.has_create_permission = True
+            elif user_permission.action == 'update':
+                permissions_info.has_update_permission = True
+            elif user_permission.action == 'delete':
+                permissions_info.has_delete_permission = True
+            elif user_permission.action == '*':
+                permissions_info.has_read_permission = True
+                permissions_info.has_create_permission = True
+                permissions_info.has_update_permission = True
+                permissions_info.has_delete_permission = True
+
     def _check_object_permissions(self, obj: Model, user: Any, permissions_info: Any) -> None:
         if hasattr(obj, 'has_object_permission'):
             for action in ['read', 'update', 'delete']:
@@ -220,3 +365,30 @@ class CheckPermissionConsumer(LifecycleConsumer):
 
         if obj:
             self._check_object_permissions(obj, user, permissions_info)
+
+    async def on_event_async(
+        self,
+        object_class: type[Model],
+        user: Any,
+        access_types: list[Any],  # noqa: ARG002
+        permissions_info: Any,
+        obj: Model | None = None,
+    ) -> None:
+        """
+        Main method to check permissions for a given user and object.
+
+        This method prepopulates default permissions, checks class-level permissions,
+        and object-level permissions for the given user and object.
+
+        Args:
+            object_class (type[Model]): The class of the object to check permissions for.
+            user (Any): The user to check permissions for.
+            access_types (list[Any]): The list of access types to check.
+            permissions_info (Any): The permissions information object to update.
+            obj (Model | None): The object to check permissions for, if any.
+        """
+        await self._async_prepopulate_default_permissions(object_class, permissions_info)
+        await self._async_check_class_permissions(object_class, user, permissions_info)
+
+        if obj:
+            self._check_object_permissions(obj, user, permissions_info)

amsdal/contrib/auth/lifecycle/consumer.pyi

@@ -17,6 +17,14 @@ class CheckAndCreateSuperUserConsumer(LifecycleConsumer):
         """
         Checks for the existence of a super user and creates one if necessary.
 
+        This method ensures that a super user exists by checking the email and password
+        in the authentication settings. If the super user does not exist, it creates one
+        with the necessary permissions.
+        """
+    async def on_event_async(self) -> None:
+        """
+        Checks for the existence of a super user and creates one if necessary.
+
         This method ensures that a super user exists by checking the email and password
         in the authentication settings. If the super user does not exist, it creates one
         with the necessary permissions.
@@ -38,6 +46,18 @@ class AuthenticateUserConsumer(LifecycleConsumer):
         the corresponding user from the database. If the token is invalid or expired,
         it raises an `AuthenticationError`.
 
+        Args:
+            auth_header (str): The JWT token from the authorization header.
+            authentication_info (Any): The authentication information object to update with the user.
+        """
+    async def on_event_async(self, auth_header: str, authentication_info: Any) -> None:
+        """
+        Authenticates the user using the provided JWT token.
+
+        This method decodes the JWT token from the authorization header and retrieves
+        the corresponding user from the database. If the token is invalid or expired,
+        it raises an `AuthenticationError`.
+
         Args:
             auth_header (str): The JWT token from the authorization header.
             authentication_info (Any): The authentication information object to update with the user.
@@ -51,7 +71,9 @@ class CheckPermissionConsumer(LifecycleConsumer):
     and object-level permissions for a given user and object.
     """
     def _prepopulate_default_permissions(self, object_class: type[Model], permissions_info: Any) -> None: ...
+    async def _async_prepopulate_default_permissions(self, object_class: type[Model], permissions_info: Any) -> None: ...
     def _check_class_permissions(self, object_class: type[Model], user: Any, permissions_info: Any) -> None: ...
+    async def _async_check_class_permissions(self, object_class: type[Model], user: Any, permissions_info: Any) -> None: ...
     def _check_object_permissions(self, obj: Model, user: Any, permissions_info: Any) -> None: ...
     def on_event(self, object_class: type[Model], user: Any, access_types: list[Any], permissions_info: Any, obj: Model | None = None) -> None:
         """
@@ -60,6 +82,20 @@ class CheckPermissionConsumer(LifecycleConsumer):
         This method prepopulates default permissions, checks class-level permissions,
         and object-level permissions for the given user and object.
 
+        Args:
+            object_class (type[Model]): The class of the object to check permissions for.
+            user (Any): The user to check permissions for.
+            access_types (list[Any]): The list of access types to check.
+            permissions_info (Any): The permissions information object to update.
+            obj (Model | None): The object to check permissions for, if any.
+        """
+    async def on_event_async(self, object_class: type[Model], user: Any, access_types: list[Any], permissions_info: Any, obj: Model | None = None) -> None:
+        """
+        Main method to check permissions for a given user and object.
+
+        This method prepopulates default permissions, checks class-level permissions,
+        and object-level permissions for the given user and object.
+
         Args:
             object_class (type[Model]): The class of the object to check permissions for.
             user (Any): The user to check permissions for.

amsdal/contrib/auth/models/login_session/hooks/pre_init.py

@@ -3,9 +3,10 @@ from datetime import timedelta
 from datetime import timezone
 from typing import Any
 
-import bcrypt
+# import bcrypt
 import jwt
-from amsdal_utils.models.enums import Versions
+
+# from amsdal_utils.models.enums import Versions
 
 
 def pre_init(self, *, is_new_object: bool, kwargs: dict[str, Any]) -> None:  # type: ignore[no-untyped-def]  # noqa: ARG001
@@ -41,17 +42,20 @@ def pre_init(self, *, is_new_object: bool, kwargs: dict[str, Any]) -> None:  # t
 
     lowercased_email = email.lower()
 
-    from models.contrib.user import User  # type: ignore[import-not-found]
+    # from models.contrib.user import User  # type: ignore[import-not-found]
 
-    user = User.objects.filter(email=lowercased_email, _address__object_version=Versions.LATEST).get_or_none().execute()
+    # user = User.objects.filter(
+    #     email=lowercased_email,
+    #     _address__object_version=Versions.LATEST
+    # ).get_or_none().execute()
 
-    if not user:
-        msg = 'Invalid email / password'
-        raise AuthenticationError(msg)
+    # if not user:
+    #     msg = 'Invalid email / password'
+    #     raise AuthenticationError(msg)
 
-    if not bcrypt.checkpw(password.encode('utf-8') if isinstance(password, str) else password, user.password):
-        msg = 'Invalid email / password'
-        raise AuthenticationError(msg)
+    # if not bcrypt.checkpw(password.encode('utf-8') if isinstance(password, str) else password, user.password):
+    #     msg = 'Invalid email / password'
+    #     raise AuthenticationError(msg)
 
     kwargs['password'] = 'validated'
     expiration_time = datetime.now(tz=timezone.utc) + timedelta(seconds=auth_settings.AUTH_TOKEN_EXPIRATION)

amsdal/contrib/frontend_configs/lifecycle/consumer.py

@@ -240,3 +240,48 @@ class ProcessResponseConsumer(LifecycleConsumer):
                 )
             else:
                 response['control'] = populate_frontend_config_with_values(get_default_control(class_name), values)
+
+    async def on_event_async(
+        self,
+        request: Any,
+        response: dict[str, Any],
+    ) -> None:
+        """
+        Handles the event by extracting the class name and values from the request and response,
+        and populates the frontend configuration accordingly.
+
+        Args:
+            request (Any): The request object containing query and path parameters.
+            response (dict[str, Any]): The response dictionary to be processed.
+
+        Returns:
+            None
+        """
+        from models.contrib.frontend_model_config import FrontendModelConfig  # type: ignore[import-not-found]
+
+        class_name = None
+        values = {}
+        if hasattr(request, 'query_params') and 'class_name' in request.query_params:
+            class_name = request.query_params['class_name']
+
+        if hasattr(request, 'path_params') and 'address' in request.path_params:
+            class_name = Address.from_string(request.path_params['address']).class_name
+            values = get_values_from_response(response)
+
+        if class_name and isinstance(response, dict):
+            config = (
+                await FrontendModelConfig.objects.all()
+                .first(
+                    class_name=class_name,
+                    _metadata__is_deleted=False,
+                    _address__object_version=Versions.LATEST,
+                )
+                .aexecute()
+            )
+
+            if config and config.control:
+                response['control'] = populate_frontend_config_with_values(
+                    config.control.model_dump(exclude_none=True), values
+                )
+            else:
+                response['control'] = populate_frontend_config_with_values(get_default_control(class_name), values)

amsdal/contrib/frontend_configs/lifecycle/consumer.pyi

@@ -77,6 +77,18 @@ class ProcessResponseConsumer(LifecycleConsumer):
         Handles the event by extracting the class name and values from the request and response,
         and populates the frontend configuration accordingly.
 
+        Args:
+            request (Any): The request object containing query and path parameters.
+            response (dict[str, Any]): The response dictionary to be processed.
+
+        Returns:
+            None
+        """
+    async def on_event_async(self, request: Any, response: dict[str, Any]) -> None:
+        """
+        Handles the event by extracting the class name and values from the request and response,
+        and populates the frontend configuration accordingly.
+
         Args:
             request (Any): The request object containing query and path parameters.
             response (dict[str, Any]): The response dictionary to be processed.

amsdal/fixtures/manager.pyi

@@ -116,3 +116,105 @@ class FixturesManager:
             None
         """
     def _process_file_fixture(self, file_path: Path, file_key: str) -> None: ...
+
+class AsyncFixturesManager:
+    """
+    Manager class for handling fixture data.
+
+    This class is responsible for loading, processing, and applying fixture data
+    to the database. It supports nested object construction, data processing,
+    and file fixture handling.
+    """
+    fixtures_path: Incomplete
+    fixtures: Incomplete
+    _created_cache: Incomplete
+    data_to_process: Incomplete
+    _class_manager: Incomplete
+    _config_manager: Incomplete
+    _schema_manager: Incomplete
+    def __init__(self, fixtures_path: Path, class_manager: ClassManager, config_manager: AmsdalConfigManager, schema_manager: SchemaManager) -> None: ...
+    def load_fixtures(self) -> None:
+        """
+        Loads fixture data from the specified path.
+
+        This method reads fixture data from a JSON file located at the `fixtures_path`.
+        It populates the `fixtures` dictionary with the loaded data, where each fixture
+        is indexed by its external ID.
+
+        Returns:
+            None
+        """
+    def construct_nested_object(self, external_id: Any) -> Any:
+        """
+        Constructs a nested object reference from the given external ID.
+
+        This method takes an external ID and constructs a nested object reference
+        dictionary. If the external ID is a dictionary containing an '_object_id' key,
+        it extracts the ID. If the external ID is not a string or integer, it returns
+        the external ID as is.
+
+        Args:
+            external_id (Any): The external ID to construct the nested object reference from.
+
+        Returns:
+            Any: A dictionary representing the nested object reference or the original
+            external ID if it is not a string or integer.
+        """
+    def _process_object_data(self, model_properties: dict[str, PropertyData], data: dict[str, Any]) -> dict[str, Any]: ...
+    def _process_object_value(self, field_configuration: PropertyData | DictSchema | TypeData, value: Any) -> Any: ...
+    async def process_fixture_object_data(self, class_name: str, external_id: str, data: dict[str, Any]) -> None:
+        """
+        Processes and saves fixture object data to the database.
+
+        This method takes the class name, external ID, and data dictionary of a fixture object,
+        processes the data according to the class schema, and saves the object to the database.
+        If the object already exists, it updates the existing object with the new data.
+
+        Args:
+            class_name (str): The name of the class to which the fixture object belongs.
+            external_id (str): The external ID of the fixture object.
+            data (dict[str, Any]): The data dictionary of the fixture object.
+
+        Returns:
+            None
+        """
+    async def process_fixture(self, fixture: dict[str, Any]) -> None:
+        """
+        Processes a single fixture and adds it to the processing queue.
+
+        This method takes a fixture dictionary, checks if the fixture already exists in the database,
+        and either updates the existing fixture or creates a new one. It then adds the fixture data
+        to the processing queue for further processing.
+
+        Args:
+            fixture (dict[str, Any]): The fixture dictionary containing the external ID, class name,
+            and data of the fixture.
+
+        Returns:
+            None
+        """
+    async def apply_fixtures(self) -> None:
+        """
+        Applies all loaded fixtures to the database.
+
+        This method processes each fixture in the `fixtures` dictionary in the order
+        specified by their 'order' value. It calls the `process_fixture` method for
+        each fixture and then processes the data in the processing queue.
+
+        Returns:
+            None
+        """
+    async def _process_data(self) -> None: ...
+    async def apply_file_fixtures(self) -> None:
+        """
+        Applies file fixtures from the specified directory.
+
+        This method processes file fixtures located in the 'files' directory adjacent to the
+        `fixtures_path`. It iterates through each file, reads its content, and processes it
+        as a fixture. If the file fixture already exists in the database, it updates the
+        existing fixture; otherwise, it creates a new one.
+
+        Returns:
+            None
+        """
+    async def _process_file_fixture(self, file_path: Path, file_key: str) -> None: ...