bt-cli 0.4.13__py3-none-any.whl

bt_cli/entitle/commands/users.py

@@ -0,0 +1,123 @@
+"""User commands for Entitle."""
+
+from typing import Optional
+
+import httpx
+import typer
+
+from ..client.base import get_client
+from ...core.output import console, print_table, print_json, print_error, print_api_error
+
+app = typer.Typer(no_args_is_help=True, help="Manage users")
+
+
+@app.command("list")
+def list_users(
+    search: Optional[str] = typer.Option(None, "--search", "-s", help="Search by email or name"),
+    limit: int = typer.Option(100, "--limit", "-l", help="Maximum results to return"),
+    output: str = typer.Option("table", "--output", "-o", help="Output format: table, json"),
+) -> None:
+    """List users in Entitle.
+
+    Examples:
+        bt entitle users list
+        bt entitle users list -s "john"
+        bt entitle users list -l 50 -o json
+    """
+    try:
+        with get_client() as client:
+            data = client.list_users(search=search, limit=limit)
+
+        if output == "json":
+            print_json(data)
+        else:
+            # Format for display - combine givenName/familyName, format date
+            display_data = []
+            for user in data:
+                given = user.get("givenName", "") or ""
+                family = user.get("familyName", "") or ""
+                name = f"{given} {family}".strip() or "-"
+                created = user.get("createdAt", "")
+                if created:
+                    created = created[:10]  # Just the date part
+                display_data.append({
+                    "id": user.get("id"),
+                    "email": user.get("email"),
+                    "name": name,
+                    "created": created,
+                })
+
+            print_table(
+                display_data,
+                [("ID", "id"), ("Email", "email"), ("Name", "name"), ("Created", "created")],
+                title="Users",
+            )
+    except httpx.HTTPStatusError as e:
+        print_api_error(e, "list users")
+        raise typer.Exit(1)
+    except httpx.RequestError as e:
+        print_api_error(e, "list users")
+        raise typer.Exit(1)
+    except Exception as e:
+        print_api_error(e, "list users")
+        raise typer.Exit(1)
+
+
+@app.command("get")
+def get_user(
+    search: str = typer.Argument(..., help="User email or name to search for"),
+    output: str = typer.Option("table", "--output", "-o", help="Output format: table, json"),
+) -> None:
+    """Find and display a user by email or name.
+
+    Note: The Entitle API doesn't support getting users by ID directly.
+    This command searches for users matching the provided email or name.
+
+    Examples:
+        bt entitle users get john@example.com
+        bt entitle users get "John Smith"
+    """
+    try:
+        with get_client() as client:
+            data = client.list_users(search=search, limit=10)
+
+        if not data:
+            console.print(f"[yellow]No users found matching '{search}'[/yellow]")
+            raise typer.Exit(1)
+
+        if output == "json":
+            print_json(data)
+        else:
+            # Show matching users
+            display_data = []
+            for user in data:
+                given = user.get("givenName", "") or ""
+                family = user.get("familyName", "") or ""
+                name = f"{given} {family}".strip() or "-"
+                created = user.get("createdAt", "")
+                if created:
+                    created = created[:10]
+                display_data.append({
+                    "id": user.get("id"),
+                    "email": user.get("email"),
+                    "name": name,
+                    "created": created,
+                })
+
+            print_table(
+                display_data,
+                [("ID", "id"), ("Email", "email"), ("Name", "name"), ("Created", "created")],
+                title=f"Users matching '{search}'",
+            )
+
+    except httpx.HTTPStatusError as e:
+        print_api_error(e, "find user")
+        raise typer.Exit(1)
+    except httpx.RequestError as e:
+        print_api_error(e, "find user")
+        raise typer.Exit(1)
+    except typer.Exit:
+        raise
+    except Exception as e:
+        print_api_error(e, "find user")
+        raise typer.Exit(1)

bt_cli/entitle/commands/workflows.py

@@ -0,0 +1,187 @@
+"""Workflow commands for Entitle."""
+
+from typing import Optional
+
+import httpx
+import typer
+
+from ..client.base import get_client
+from ...core.output import console, print_table, print_json, print_error, print_api_error
+
+app = typer.Typer(no_args_is_help=True, help="Manage workflows")
+
+
+def _summarize_workflow(workflow: dict) -> str:
+    """Generate a short description of a workflow based on its rules."""
+    rules = workflow.get("rules", [])
+    if not rules:
+        return "No rules defined"
+
+    # Check first rule's approval type
+    first_rule = rules[0]
+    approval_flow = first_rule.get("approvalFlow", {})
+    steps = approval_flow.get("steps", [])
+
+    if not steps:
+        return "No approval steps"
+
+    # Check if auto-approve
+    first_step = steps[0]
+    entities = first_step.get("approvalEntities", [])
+    if entities and entities[0].get("type") == "Automatic":
+        duration = first_rule.get("underDuration", 0)
+        hours = duration // 3600
+        return f"Auto-approve (≤{hours}h)"
+
+    # Count steps and approvers
+    if len(steps) == 1:
+        return f"Single approver ({len(entities)} options)"
+    else:
+        return f"Multi-step ({len(steps)} steps)"
+
+
+@app.command("list")
+def list_workflows(
+    search: Optional[str] = typer.Option(None, "--search", "-s", help="Search filter"),
+    output: str = typer.Option("table", "--output", "-o", help="Output format: table, json"),
+) -> None:
+    """List all workflows with details."""
+    try:
+        with get_client() as client:
+            # List API only returns id/name, fetch full details
+            workflows_list = client.list_workflows(search=search)
+
+            data = []
+            for wf in workflows_list:
+                wf_id = wf.get("id")
+                if wf_id:
+                    response = client.get_workflow(wf_id)
+                    full_wf = response.get("result", response)
+                    data.append(full_wf)
+
+        if output == "json":
+            print_json(data)
+        else:
+            # Format for display
+            display_data = []
+            for wf in data:
+                rules = wf.get("rules", [])
+                display_data.append({
+                    "id": wf.get("id"),
+                    "name": wf.get("name"),
+                    "type": _summarize_workflow(wf),
+                    "rules": len(rules),
+                })
+
+            print_table(
+                display_data,
+                [("ID", "id"), ("Name", "name"), ("Type", "type"), ("Rules", "rules")],
+                title="Workflows",
+            )
+    except httpx.HTTPStatusError as e:
+        print_api_error(e, "list workflows")
+        raise typer.Exit(1)
+    except httpx.RequestError as e:
+        print_api_error(e, "list workflows")
+        raise typer.Exit(1)
+    except Exception as e:
+        print_api_error(e, "list workflows")
+        raise typer.Exit(1)
+
+
+@app.command("get")
+def get_workflow(
+    workflow_id: str = typer.Argument(..., help="Workflow ID"),
+    output: str = typer.Option("table", "--output", "-o", help="Output format: table, json"),
+) -> None:
+    """Get a workflow by ID with full details."""
+    try:
+        with get_client() as client:
+            response = client.get_workflow(workflow_id)
+
+        workflow = response.get("result", response)
+
+        if output == "json":
+            print_json(response)
+        else:
+            from rich.panel import Panel
+            from rich.table import Table
+
+            name = workflow.get("name", "")
+            wf_id = workflow.get("id", "")
+            rules = workflow.get("rules", [])
+
+            console.print(Panel(
+                f"[bold]{name}[/bold]\n\n"
+                f"[dim]Type:[/dim] {_summarize_workflow(workflow)}\n"
+                f"[dim]Rules:[/dim] {len(rules)}",
+                title="Workflow Details",
+                subtitle=f"ID: {wf_id}",
+            ))
+
+            # Rules table
+            if rules:
+                for i, rule in enumerate(rules, 1):
+                    duration = rule.get("underDuration", 0)
+                    hours = duration // 3600 if duration else 0
+
+                    console.print(f"\n[bold cyan]Rule {i}[/bold cyan]" +
+                                  (f" (≤{hours}h)" if duration else ""))
+
+                    approval_flow = rule.get("approvalFlow", {})
+                    steps = approval_flow.get("steps", [])
+
+                    if steps:
+                        table = Table(show_header=True, header_style="bold")
+                        table.add_column("Step", style="dim", width=6)
+                        table.add_column("Approvers", style="green")
+                        table.add_column("Notified", style="yellow")
+                        table.add_column("Operator", style="cyan")
+
+                        for j, step in enumerate(steps, 1):
+                            approvers = step.get("approvalEntities", [])
+                            notified = step.get("notifiedEntities", [])
+                            operator = step.get("operator", "")
+
+                            # Format approvers
+                            approver_list = []
+                            for a in approvers:
+                                a_type = a.get("type", "")
+                                entity = a.get("entity")
+                                if entity:
+                                    approver_list.append(f"{a_type}: {entity.get('name', entity.get('email', ''))}")
+                                else:
+                                    approver_list.append(a_type)
+
+                            # Format notified
+                            notified_list = []
+                            for n in notified:
+                                n_type = n.get("type", "")
+                                entity = n.get("entity")
+                                if entity:
+                                    notified_list.append(f"{n_type}: {entity.get('name', entity.get('email', ''))}")
+                                else:
+                                    notified_list.append(n_type)
+
+                            table.add_row(
+                                str(j),
+                                "\n".join(approver_list) or "-",
+                                "\n".join(notified_list) or "-",
+                                operator or "-",
+                            )
+
+                        console.print(table)
+                    else:
+                        console.print("[yellow]No approval steps defined[/yellow]")
+            else:
+                console.print("\n[yellow]No rules defined[/yellow]")
+
+    except httpx.HTTPStatusError as e:
+        print_api_error(e, "get workflow")
+        raise typer.Exit(1)
+    except httpx.RequestError as e:
+        print_api_error(e, "get workflow")
+        raise typer.Exit(1)
+    except Exception as e:
+        print_api_error(e, "get workflow")
+        raise typer.Exit(1)

bt_cli/entitle/models/__init__.py

@@ -0,0 +1,31 @@
+"""Pydantic models for Entitle API responses."""
+
+from .common import (
+    EntityRef,
+    UserRef,
+    PaginatedResponse,
+)
+from .integration import Integration
+from .resource import Resource
+from .role import Role
+from .bundle import Bundle
+from .workflow import Workflow, WorkflowRule, ApprovalFlow
+from .user import User
+from .permission import Permission
+from .policy import Policy
+
+__all__ = [
+    "EntityRef",
+    "UserRef",
+    "PaginatedResponse",
+    "Integration",
+    "Resource",
+    "Role",
+    "Bundle",
+    "Workflow",
+    "WorkflowRule",
+    "ApprovalFlow",
+    "User",
+    "Permission",
+    "Policy",
+]

bt_cli/entitle/models/bundle.py

@@ -0,0 +1,28 @@
+"""Bundle model."""
+
+from typing import Any, Optional
+from pydantic import BaseModel, ConfigDict
+
+from entitle_admin.models.common import EntityRef
+
+
+class Bundle(BaseModel):
+    """Entitle bundle (cross-application permission package)."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    name: str
+    description: Optional[str] = None
+    category: Optional[str] = None
+    tags: Optional[list[str]] = None
+    workflow: Optional[EntityRef] = None
+    roles: Optional[list[EntityRef]] = None
+    allowed_durations: Optional[list[int]] = None
+    created_at: Optional[str] = None
+    updated_at: Optional[str] = None
+
+    @classmethod
+    def from_api(cls, data: dict[str, Any]) -> "Bundle":
+        """Create from API response."""
+        return cls.model_validate(data)

bt_cli/entitle/models/common.py

@@ -0,0 +1,37 @@
+"""Common models used across the API."""
+
+from typing import Any, Generic, Optional, TypeVar
+from pydantic import BaseModel, ConfigDict
+
+
+class EntityRef(BaseModel):
+    """Reference to an entity by ID."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    name: Optional[str] = None
+
+
+class UserRef(BaseModel):
+    """Reference to a user."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: Optional[str] = None
+    email: Optional[str] = None
+    name: Optional[str] = None
+
+
+T = TypeVar("T")
+
+
+class PaginatedResponse(BaseModel, Generic[T]):
+    """Paginated API response."""
+
+    model_config = ConfigDict(extra="allow")
+
+    data: list[T]
+    total: Optional[int] = None
+    offset: Optional[int] = None
+    limit: Optional[int] = None

bt_cli/entitle/models/integration.py

@@ -0,0 +1,30 @@
+"""Integration model."""
+
+from typing import Any, Optional
+from pydantic import BaseModel, ConfigDict
+
+from entitle_admin.models.common import EntityRef, UserRef
+
+
+class Integration(BaseModel):
+    """Entitle integration (connection to external application)."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    name: str
+    application: Optional[str] = None
+    owner: Optional[UserRef] = None
+    workflow: Optional[EntityRef] = None
+    allowed_durations: Optional[list[int]] = None
+    allow_creating_accounts: Optional[bool] = None
+    allow_changing_account_permissions: Optional[bool] = None
+    readonly: Optional[bool] = None
+    maintainers: Optional[list[UserRef]] = None
+    created_at: Optional[str] = None
+    updated_at: Optional[str] = None
+
+    @classmethod
+    def from_api(cls, data: dict[str, Any]) -> "Integration":
+        """Create from API response."""
+        return cls.model_validate(data)

bt_cli/entitle/models/permission.py

@@ -0,0 +1,27 @@
+"""Permission model."""
+
+from typing import Any, Optional
+from pydantic import BaseModel, ConfigDict
+
+from entitle_admin.models.common import EntityRef, UserRef
+
+
+class Permission(BaseModel):
+    """Entitle permission (granted access)."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    user: Optional[UserRef] = None
+    role: Optional[EntityRef] = None
+    resource: Optional[EntityRef] = None
+    integration: Optional[EntityRef] = None
+    status: Optional[str] = None
+    granted_at: Optional[str] = None
+    expires_at: Optional[str] = None
+    created_at: Optional[str] = None
+
+    @classmethod
+    def from_api(cls, data: dict[str, Any]) -> "Permission":
+        """Create from API response."""
+        return cls.model_validate(data)

bt_cli/entitle/models/policy.py

@@ -0,0 +1,25 @@
+"""Policy model."""
+
+from typing import Any, Optional
+from pydantic import BaseModel, ConfigDict
+
+from entitle_admin.models.common import EntityRef
+
+
+class Policy(BaseModel):
+    """Entitle policy (birthright permissions based on group membership)."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    in_groups: Optional[list[EntityRef]] = None
+    roles: Optional[list[EntityRef]] = None
+    bundles: Optional[list[EntityRef]] = None
+    sort_order: Optional[int] = None
+    created_at: Optional[str] = None
+    updated_at: Optional[str] = None
+
+    @classmethod
+    def from_api(cls, data: dict[str, Any]) -> "Policy":
+        """Create from API response."""
+        return cls.model_validate(data)

bt_cli/entitle/models/resource.py

@@ -0,0 +1,29 @@
+"""Resource model."""
+
+from typing import Any, Optional
+from pydantic import BaseModel, ConfigDict
+
+from entitle_admin.models.common import EntityRef, UserRef
+
+
+class Resource(BaseModel):
+    """Entitle resource (target system or asset)."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    name: str
+    integration: Optional[EntityRef] = None
+    requestable: Optional[bool] = None
+    owner: Optional[UserRef] = None
+    workflow: Optional[EntityRef] = None
+    allowed_durations: Optional[list[int]] = None
+    maintainers: Optional[list[UserRef]] = None
+    user_defined_tags: Optional[list[str]] = None
+    created_at: Optional[str] = None
+    updated_at: Optional[str] = None
+
+    @classmethod
+    def from_api(cls, data: dict[str, Any]) -> "Resource":
+        """Create from API response."""
+        return cls.model_validate(data)

bt_cli/entitle/models/role.py

@@ -0,0 +1,28 @@
+"""Role model."""
+
+from typing import Any, Optional
+from pydantic import BaseModel, ConfigDict
+
+from entitle_admin.models.common import EntityRef
+
+
+class Role(BaseModel):
+    """Entitle role (permission set within a resource)."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    name: str
+    resource: Optional[EntityRef] = None
+    requestable: Optional[bool] = None
+    allowed_durations: Optional[list[int]] = None
+    workflow: Optional[EntityRef] = None
+    prerequisite_permissions: Optional[list[EntityRef]] = None
+    virtualized_role: Optional[bool] = None
+    created_at: Optional[str] = None
+    updated_at: Optional[str] = None
+
+    @classmethod
+    def from_api(cls, data: dict[str, Any]) -> "Role":
+        """Create from API response."""
+        return cls.model_validate(data)

bt_cli/entitle/models/user.py

@@ -0,0 +1,24 @@
+"""User model."""
+
+from typing import Any, Optional
+from pydantic import BaseModel, ConfigDict
+
+
+class User(BaseModel):
+    """Entitle user."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    email: Optional[str] = None
+    name: Optional[str] = None
+    first_name: Optional[str] = None
+    last_name: Optional[str] = None
+    status: Optional[str] = None
+    created_at: Optional[str] = None
+    updated_at: Optional[str] = None
+
+    @classmethod
+    def from_api(cls, data: dict[str, Any]) -> "User":
+        """Create from API response."""
+        return cls.model_validate(data)

bt_cli/entitle/models/workflow.py

@@ -0,0 +1,55 @@
+"""Workflow model."""
+
+from typing import Any, Optional
+from pydantic import BaseModel, ConfigDict
+
+from entitle_admin.models.common import EntityRef
+
+
+class ApprovalEntity(BaseModel):
+    """Entity that can approve requests."""
+
+    model_config = ConfigDict(extra="allow")
+
+    type: str  # "Automatic", "User", "Group", etc.
+    id: Optional[str] = None
+    name: Optional[str] = None
+
+
+class ApprovalFlow(BaseModel):
+    """Single step in approval flow."""
+
+    model_config = ConfigDict(extra="allow")
+
+    approval_entities: list[ApprovalEntity] = []
+    operator: Optional[str] = None  # "and" or "or"
+    sort_order: Optional[int] = None
+
+
+class WorkflowRule(BaseModel):
+    """Rule within a workflow."""
+
+    model_config = ConfigDict(extra="allow")
+
+    any_schedule: Optional[bool] = None
+    schedules: Optional[list[EntityRef]] = None
+    for_groups: Optional[list[EntityRef]] = None
+    duration: Optional[int] = None  # max duration in seconds
+    approval_flow: Optional[list[ApprovalFlow]] = None
+
+
+class Workflow(BaseModel):
+    """Entitle workflow (approval process)."""
+
+    model_config = ConfigDict(extra="allow")
+
+    id: str
+    name: str
+    rules: Optional[list[WorkflowRule]] = None
+    created_at: Optional[str] = None
+    updated_at: Optional[str] = None
+
+    @classmethod
+    def from_api(cls, data: dict[str, Any]) -> "Workflow":
+        """Create from API response."""
+        return cls.model_validate(data)

bt_cli/epmw/__init__.py

@@ -0,0 +1 @@
+"""EPM Windows CLI module."""

bt_cli/epmw/client/__init__.py

@@ -0,0 +1,5 @@
+"""EPMW client module."""
+
+from .base import EPMWClient, get_client
+
+__all__ = ["EPMWClient", "get_client"]