data-syncmaster 0.1.3__tar.gz → 0.1.5__tar.gz

{data_syncmaster-0.1.3 → data_syncmaster-0.1.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: data-syncmaster
-Version: 0.1.3
+Version: 0.1.5
 Summary: Syncmaster REST API + Worker
 License: Apache-2.0
 Keywords: Syncmaster,REST,API,Worker,Replication
@@ -29,16 +29,16 @@ Provides-Extra: backend
 Provides-Extra: worker
 Requires-Dist: alembic (>=1.11.1,<2.0.0) ; extra == "backend"
 Requires-Dist: asyncpg (>=0.29.0,<0.30.0) ; extra == "backend"
-Requires-Dist: celery (>=5.3.3,<6.0.0)
+Requires-Dist: celery (>=5.3.3,<6.0.0) ; extra == "backend" or extra == "worker"
 Requires-Dist: fastapi (>=0.110.0,<0.111.0) ; extra == "backend"
 Requires-Dist: onetl[spark] (>=0.10.2,<0.11.0) ; extra == "worker"
 Requires-Dist: psycopg2-binary (>=2.9.7,<3.0.0) ; extra == "worker"
-Requires-Dist: pydantic (>=2.6.4,<3.0.0)
-Requires-Dist: pydantic-settings (>=2.2.1,<3.0.0)
-Requires-Dist: python-jose[cryptography] (>=3.3.0,<4.0.0)
-Requires-Dist: python-multipart (>=0.0.9,<0.0.10)
-Requires-Dist: sqlalchemy (>=2.0.18,<3.0.0)
-Requires-Dist: sqlalchemy-utils (>=0.41.1,<0.42.0)
+Requires-Dist: pydantic (>=2.7.0,<3.0.0)
+Requires-Dist: pydantic-settings (>=2.2.1,<3.0.0) ; extra == "backend" or extra == "worker"
+Requires-Dist: python-jose[cryptography] (>=3.3.0,<4.0.0) ; extra == "backend"
+Requires-Dist: python-multipart (>=0.0.9,<0.0.10) ; extra == "backend"
+Requires-Dist: sqlalchemy (>=2.0.18,<3.0.0) ; extra == "backend" or extra == "worker"
+Requires-Dist: sqlalchemy-utils (>=0.41.1,<0.42.0) ; extra == "backend" or extra == "worker"
 Requires-Dist: uvicorn (>=0.29.0,<0.30.0) ; extra == "backend"
 Project-URL: CI/CD, https://github.com/MobileTeleSystems/syncmaster/actions
 Project-URL: Documentation, https://syncmaster.readthedocs.io

{data_syncmaster-0.1.3 → data_syncmaster-0.1.5}/pyproject.toml

@@ -1,6 +1,10 @@
+[build-system]
+requires = ["poetry-core"]
+build-backend = "poetry.core.masonry.api"
+
 [tool.poetry]
 name = "data-syncmaster"
-version = "0.1.3"
+version = "0.1.5"
 license = "Apache-2.0"
 description = "Syncmaster REST API + Worker"
 authors = ["DataOps.ETL <onetools@mts.ru>"]
@@ -43,29 +47,40 @@ exclude = [
 
 [tool.poetry.dependencies]
 python = "^3.11"
-sqlalchemy = "^2.0.18"
-sqlalchemy-utils = "^0.41.1"
-pydantic = "^2.6.4"
-python-jose = {extras = ["cryptography"], version = "^3.3.0"}
-python-multipart = "^0.0.9"
-celery = "^5.3.3"
-onetl = {version = "^0.10.2", extras = ["spark"]}
-psycopg2-binary = {version = "^2.9.7", optional = true }
-fastapi = {version = "^0.110.0", optional = true}
-uvicorn = {version = "^0.29.0", optional = true }
-alembic = {version = "^1.11.1", optional = true }
-asyncpg = {version = "^0.29.0", optional = true }
-pydantic-settings = "^2.2.1"
+pydantic = "^2.7.0"
+pydantic-settings = { version = "^2.2.1", optional = true }
+sqlalchemy = { version = "^2.0.18", optional = true }
+sqlalchemy-utils = { version = "^0.41.1", optional = true }
+fastapi = { version = "^0.110.0", optional = true}
+uvicorn = { version = "^0.29.0", optional = true }
+alembic = { version = "^1.11.1", optional = true }
+asyncpg = { version = "^0.29.0", optional = true }
+python-jose = { version = "^3.3.0", extras = ["cryptography"], optional = true }
+python-multipart = { version = "^0.0.9", optional = true }
+celery = { version = "^5.3.3", optional = true }
+onetl = { version = "^0.10.2", extras = ["spark"], optional = true }
+psycopg2-binary = { version = "^2.9.7", optional = true }
 
 [tool.poetry.extras]
 backend = [
-    "alembic",
-    "asyncpg",
+    "pydantic-settings",
+    "sqlalchemy",
+    "sqlalchemy-utils",
     "fastapi",
     "uvicorn",
+    "alembic",
+    "asyncpg",
+    "python-multipart",
+    "python-jose",
+    # migrations only
+    "celery",
 ]
 
 worker = [
+    "pydantic-settings",
+    "sqlalchemy",
+    "sqlalchemy-utils",
+    "celery",
     "onetl",
     "psycopg2-binary",
 ]
@@ -95,9 +110,23 @@ platformdirs = "4.2.0"
 sqlalchemy = {extras = ["mypy"], version = "^2.0.18"}
 types-python-jose = "^3.3.4.7"
 
-[build-system]
-requires = ["poetry-core"]
-build-backend = "poetry.core.masonry.api"
+[tool.poetry.group.docs.dependencies]
+autodoc-pydantic = {version = "^2.0.1", python = ">=3.8"}
+numpydoc = {version = "^1.6.0", python = ">=3.8"}
+sphinx = [
+  {version = "^7.1.2", python = ">=3.8"},
+  {version = "^7.2.6", python = ">=3.9"},
+]
+furo = {version = "^2024.1.29", python = ">=3.8"}
+sphinx-copybutton = {version = "^0.5.2", python = ">=3.8"}
+sphinxcontrib-towncrier = {version = "^0.4.0a0", python = ">=3.8"}
+towncrier = {version = "^23.11.0", python = ">=3.8"}
+sphinx-issues = {version = ">=3.0.1,<5.0.0", python = ">=3.8"}
+sphinx-design = {version = "^0.5.0", python = ">=3.8"}
+sphinx-favicon = {version = "^1.0.1", python = ">=3.8"}
+sphinx-argparse = {version = "^0.4.0", python = ">=3.8"}
+# uncomment after https://github.com/zqmillet/sphinx-plantuml/pull/4
+# sphinx-plantuml = {version = "^1.0.0", python = ">=3.8"}
 
 [tool.black]
 line-length = 120
@@ -197,27 +226,6 @@ exclude_lines = [
   "def downgrade\\(\\)",
 ]
 
-
-
-
-[tool.poetry.group.docs.dependencies]
-autodoc-pydantic = {version = "^2.0.1", python = ">=3.8"}
-numpydoc = {version = "^1.6.0", python = ">=3.8"}
-sphinx = [
-  {version = "^7.1.2", python = ">=3.8"},
-  {version = "^7.2.6", python = ">=3.9"},
-]
-furo = {version = "^2024.1.29", python = ">=3.8"}
-sphinx-copybutton = {version = "^0.5.2", python = ">=3.8"}
-sphinxcontrib-towncrier = {version = "^0.4.0a0", python = ">=3.8"}
-towncrier = {version = "^23.11.0", python = ">=3.8"}
-sphinx-issues = {version = ">=3.0.1,<5.0.0", python = ">=3.8"}
-sphinx-design = {version = "^0.5.0", python = ">=3.8"}
-sphinx-favicon = {version = "^1.0.1", python = ">=3.8"}
-sphinx-argparse = {version = "^0.4.0", python = ">=3.8"}
-# uncomment after https://github.com/zqmillet/sphinx-plantuml/pull/4
-# sphinx-plantuml = {version = "^1.0.0", python = ">=3.8"}
-
 [tool.towncrier]
 name = "Syncmaster"
 package = "syncmaster"

{data_syncmaster-0.1.3 → data_syncmaster-0.1.5}/syncmaster/__init__.py

@@ -1,6 +1,6 @@
 # SPDX-FileCopyrightText: 2023-2024 MTS (Mobile Telesystems)
 # SPDX-License-Identifier: Apache-2.0
 
-_raw_version = "0.1.3"
+_raw_version = "0.1.5"
 # version always contain only release number like 0.0.1
 __version__ = ".".join(_raw_version.split(".")[:3])  # noqa: WPS410

{data_syncmaster-0.1.3 → data_syncmaster-0.1.5}/syncmaster/backend/__init__.py

@@ -54,3 +54,7 @@ def application_factory(settings: Settings) -> FastAPI:
     )
 
     return application
+
+
+def get_application() -> FastAPI:
+    return application_factory(settings=Settings())

{data_syncmaster-0.1.3 → data_syncmaster-0.1.5}/syncmaster/backend/api/v1/connections.py

@@ -1,10 +1,8 @@
 # SPDX-FileCopyrightText: 2023-2024 MTS (Mobile Telesystems)
 # SPDX-License-Identifier: Apache-2.0
-import asyncio
 from typing import get_args
 
 from fastapi import APIRouter, Depends, Query, status
-from pydantic import SecretStr
 
 from syncmaster.backend.api.deps import UnitOfWorkMarker
 from syncmaster.backend.services import UnitOfWork, get_user
@@ -59,19 +57,17 @@ async def read_connections(
     items: list[ReadConnectionSchema] = []
 
     if pagination.items:
-        creds = await asyncio.gather(
-            *[unit_of_work.credentials.get_for_connection(connection_id=item.id) for item in pagination.items]
-        )
+        credentials = await unit_of_work.credentials.read_bulk([item.id for item in pagination.items])
         items = [
             ReadConnectionSchema(
                 id=item.id,
                 group_id=item.group_id,
                 name=item.name,
                 description=item.description,
-                auth_data=creds[n_item],
+                auth_data=credentials.get(item.id, None),
                 data=item.data,
             )
-            for n_item, item in enumerate(pagination.items)
+            for item in pagination.items
         ]
 
     return ConnectionPageSchema(
@@ -106,33 +102,27 @@ async def create_connection(
     if group_permission < Permission.WRITE:
         raise ActionNotAllowedError
 
-    data = connection_data.data.dict()
-    auth_data = connection_data.auth_data.dict()
-
-    # Trick to serialize SecretStr to JSON
-    for k, v in auth_data.items():
-        if isinstance(v, SecretStr):
-            auth_data[k] = v.get_secret_value()
     async with unit_of_work:
         connection = await unit_of_work.connection.create(
             name=connection_data.name,
             description=connection_data.description,
             group_id=connection_data.group_id,
-            data=data,
+            data=connection_data.data.dict(),
         )
 
-        await unit_of_work.credentials.add_to_connection(
+        await unit_of_work.credentials.create(
             connection_id=connection.id,
-            data=auth_data,
+            data=connection_data.auth_data.dict(),
         )
 
+    credentials = await unit_of_work.credentials.read(connection.id)
     return ReadConnectionSchema(
         id=connection.id,
         group_id=connection.group_id,
         name=connection.name,
         description=connection.description,
         data=connection.data,
-        auth_data=auth_data,
+        auth_data=credentials,
     )
 
 
@@ -155,12 +145,9 @@ async def read_connection(
     if resource_role == Permission.NONE:
         raise ConnectionNotFoundError
 
-    connection = await unit_of_work.connection.read_by_id(connection_id=connection_id)
-
+    connection = await unit_of_work.connection.read_by_id(connection_id)
     try:
-        credentials = await unit_of_work.credentials.get_for_connection(
-            connection_id=connection.id,
-        )
+        credentials = await unit_of_work.credentials.read(connection.id)
     except AuthDataNotFoundError:
         credentials = None
 
@@ -177,7 +164,7 @@ async def read_connection(
 @router.patch("/connections/{connection_id}")
 async def update_connection(
     connection_id: int,
-    connection_data: UpdateConnectionSchema,
+    changes: UpdateConnectionSchema,
     current_user: User = Depends(get_user(is_active=True)),
     unit_of_work: UnitOfWork = Depends(UnitOfWorkMarker),
 ) -> ReadConnectionSchema:
@@ -195,25 +182,25 @@ async def update_connection(
     async with unit_of_work:
         connection = await unit_of_work.connection.update(
             connection_id=connection_id,
-            name=connection_data.name,
-            description=connection_data.description,
-            connection_data=connection_data.data.dict(exclude={"auth_data"}) if connection_data.data else {},
+            name=changes.name,
+            description=changes.description,
+            data=changes.data.dict(exclude={"auth_data"}) if changes.data else {},
         )
 
-        if connection_data.auth_data:
+        if changes.auth_data:
             await unit_of_work.credentials.update(
                 connection_id=connection_id,
-                credential_data=connection_data.auth_data.dict(),
+                data=changes.auth_data.dict(),
             )
 
-    auth_data = await unit_of_work.credentials.get_for_connection(connection_id)
+    credentials = await unit_of_work.credentials.read(connection_id)
     return ReadConnectionSchema(
         id=connection.id,
         group_id=connection.group_id,
         name=connection.name,
         description=connection.description,
         data=connection.data,
-        auth_data=auth_data,
+        auth_data=credentials,
     )
 
 
@@ -227,28 +214,26 @@ async def delete_connection(
         user=current_user,
         resource_id=connection_id,
     )
-
     if resource_role == Permission.NONE:
         raise ConnectionNotFoundError
 
     if resource_role < Permission.DELETE:
         raise ActionNotAllowedError
 
-    connection = await unit_of_work.connection.read_by_id(connection_id=connection_id)
+    connection = await unit_of_work.connection.read_by_id(connection_id)
+    transfers = await unit_of_work.transfer.list_by_connection_id(connection.id)
+    if transfers:
+        raise ConnectionDeleteError(
+            f"The connection has an associated transfers. Number of the connected transfers: {len(transfers)}",
+        )
 
-    transfers = await unit_of_work.transfer.list_by_connection_id(conn_id=connection.id)
     async with unit_of_work:
-        if not transfers:
-            await unit_of_work.connection.delete(connection_id=connection_id)
+        await unit_of_work.connection.delete(connection_id)
 
-            return StatusResponseSchema(
-                ok=True,
-                status_code=status.HTTP_200_OK,
-                message="Connection was deleted",
-            )
-
-    raise ConnectionDeleteError(
-        f"The connection has an associated transfers. Number of the connected transfers: {len(transfers)}",
+    return StatusResponseSchema(
+        ok=True,
+        status_code=status.HTTP_200_OK,
+        message="Connection was deleted",
     )
 
 
@@ -259,24 +244,20 @@ async def copy_connection(
     current_user: User = Depends(get_user(is_active=True)),
     unit_of_work: UnitOfWork = Depends(UnitOfWorkMarker),
 ) -> StatusResponseSchema:
-    target_source_rules = await asyncio.gather(
-        unit_of_work.connection.get_resource_permission(
-            user=current_user,
-            resource_id=connection_id,
-        ),
-        unit_of_work.connection.get_group_permission(
-            user=current_user,
-            group_id=copy_connection_data.new_group_id,
-        ),
+    resource_role = await unit_of_work.connection.get_resource_permission(
+        user=current_user,
+        resource_id=connection_id,
     )
-    resource_role, target_group_role = target_source_rules
+    if resource_role == Permission.NONE:
+        raise ConnectionNotFoundError
 
     if copy_connection_data.remove_source and resource_role < Permission.DELETE:
         raise ActionNotAllowedError
 
-    if resource_role == Permission.NONE:
-        raise ConnectionNotFoundError
-
+    target_group_role = await unit_of_work.connection.get_group_permission(
+        user=current_user,
+        group_id=copy_connection_data.new_group_id,
+    )
     if target_group_role == Permission.NONE:
         raise GroupNotFoundError
 
@@ -291,7 +272,7 @@ async def copy_connection(
         )
 
         if copy_connection_data.remove_source:
-            await unit_of_work.connection.delete(connection_id=connection_id)
+            await unit_of_work.connection.delete(connection_id)
 
     return StatusResponseSchema(
         ok=True,

{data_syncmaster-0.1.3 → data_syncmaster-0.1.5}/syncmaster/backend/api/v1/router.py

@@ -6,7 +6,7 @@ from syncmaster.backend.api.v1.auth.router import router as auth_router
 from syncmaster.backend.api.v1.connections import router as connection_router
 from syncmaster.backend.api.v1.groups import router as group_router
 from syncmaster.backend.api.v1.queue import router as queue_router
-from syncmaster.backend.api.v1.transfers.router import router as transfer_router
+from syncmaster.backend.api.v1.transfers import router as transfer_router
 from syncmaster.backend.api.v1.users import router as user_router
 
 router = APIRouter(prefix="/v1")

data_syncmaster-0.1.3/syncmaster/backend/api/v1/transfers/router.py → data_syncmaster-0.1.5/syncmaster/backend/api/v1/transfers.py

@@ -1,14 +1,10 @@
 # SPDX-FileCopyrightText: 2023-2024 MTS (Mobile Telesystems)
 # SPDX-License-Identifier: Apache-2.0
-import asyncio
 
 from fastapi import APIRouter, Depends, Query, status
 from kombu.exceptions import KombuError
 
 from syncmaster.backend.api.deps import UnitOfWorkMarker
-from syncmaster.backend.api.v1.transfers.utils import (
-    process_file_transfer_directory_path,
-)
 from syncmaster.backend.services import UnitOfWork, get_user
 from syncmaster.db.models import Status, User
 from syncmaster.db.utils import Permission
@@ -79,16 +75,11 @@ async def create_transfer(
         user=current_user,
         group_id=transfer_data.group_id,
     )
-
     if group_permission < Permission.WRITE:
         raise ActionNotAllowedError
 
-    target_connection = await unit_of_work.connection.read_by_id(
-        connection_id=transfer_data.target_connection_id,
-    )
-    source_connection = await unit_of_work.connection.read_by_id(
-        connection_id=transfer_data.source_connection_id,
-    )
+    target_connection = await unit_of_work.connection.read_by_id(transfer_data.target_connection_id)
+    source_connection = await unit_of_work.connection.read_by_id(transfer_data.source_connection_id)
     queue = await unit_of_work.queue.read_by_id(transfer_data.queue_id)
 
     if (
@@ -115,8 +106,6 @@ async def create_transfer(
     if transfer_data.group_id != queue.group_id:
         raise DifferentTransferAndQueueGroupError
 
-    transfer_data = process_file_transfer_directory_path(transfer_data)  # type: ignore
-
     async with unit_of_work:
         transfer = await unit_of_work.transfer.create(
             group_id=transfer_data.group_id,
@@ -158,44 +147,39 @@ async def copy_transfer(
     current_user: User = Depends(get_user(is_active=True)),
     unit_of_work: UnitOfWork = Depends(UnitOfWorkMarker),
 ) -> StatusCopyTransferResponseSchema:
-    # Check: user can copy transfer
-    target_source_transfer_rules = await asyncio.gather(
-        unit_of_work.transfer.get_resource_permission(
-            user=current_user,
-            resource_id=transfer_id,
-        ),
-        unit_of_work.transfer.get_group_permission(
-            user=current_user,
-            group_id=transfer_data.new_group_id,
-        ),
+    resource_role = await unit_of_work.transfer.get_resource_permission(
+        user=current_user,
+        resource_id=transfer_id,
     )
-    resource_role, target_group_role = target_source_transfer_rules
-
     if resource_role == Permission.NONE:
         raise TransferNotFoundError
 
-    if target_group_role < Permission.WRITE:
-        raise ActionNotAllowedError
-
     # Check: user can delete transfer
     if transfer_data.remove_source and resource_role < Permission.DELETE:
         raise ActionNotAllowedError
 
+    target_group_role = await unit_of_work.transfer.get_group_permission(
+        user=current_user,
+        group_id=transfer_data.new_group_id,
+    )
+    if target_group_role < Permission.WRITE:
+        raise ActionNotAllowedError
+
     transfer = await unit_of_work.transfer.read_by_id(transfer_id=transfer_id)
+
     # Check: user can copy connection
-    target_source_connection_rules = await asyncio.gather(
-        unit_of_work.connection.get_resource_permission(
-            user=current_user,
-            resource_id=transfer.source_connection_id,
-        ),
-        unit_of_work.connection.get_resource_permission(
-            user=current_user,
-            resource_id=transfer.target_connection_id,
-        ),
+    source_connection_role = await unit_of_work.connection.get_resource_permission(
+        user=current_user,
+        resource_id=transfer.source_connection_id,
     )
-    source_connection_role, target_connection_role = target_source_connection_rules
+    if source_connection_role == Permission.NONE:
+        raise ConnectionNotFoundError
 
-    if source_connection_role == Permission.NONE or target_connection_role == Permission.NONE:
+    target_connection_role = await unit_of_work.connection.get_resource_permission(
+        user=current_user,
+        resource_id=transfer.target_connection_id,
+    )
+    if target_connection_role == Permission.NONE:
         raise ConnectionNotFoundError
 
     # Check: new queue exists
@@ -316,8 +300,6 @@ async def update_transfer(
             params_type=transfer_data.source_params.type,
         )
 
-    transfer_data = process_file_transfer_directory_path(transfer_data)  # type: ignore
-
     async with unit_of_work:
         transfer = await unit_of_work.transfer.update(
             transfer=transfer,

{data_syncmaster-0.1.3 → data_syncmaster-0.1.5}/syncmaster/db/repositories/connection.py

@@ -81,19 +81,19 @@ class ConnectionRepository(RepositoryWithOwner[Connection]):
         connection_id: int,
         name: str | None,
         description: str | None,
-        connection_data: dict[str, Any],
+        data: dict[str, Any],
     ) -> Connection:
         try:
             connection = await self.read_by_id(connection_id=connection_id)
             for key in connection.data:
-                if key not in connection_data or connection_data[key] is None:
-                    connection_data[key] = connection.data[key]
+                data[key] = data.get(key, None) or connection.data[key]
+
             return await self._update(
                 Connection.id == connection_id,
                 Connection.is_deleted.is_(False),
                 name=name or connection.name,
                 description=description or connection.description,
-                data=connection_data,
+                data=data,
             )
         except IntegrityError as e:
             self._raise_error(e)

{data_syncmaster-0.1.3 → data_syncmaster-0.1.5}/syncmaster/db/repositories/credentials_repository.py

@@ -4,7 +4,7 @@ from __future__ import annotations
 
 from typing import NoReturn
 
-from sqlalchemy import ScalarResult, delete, insert, select
+from sqlalchemy import ScalarResult, insert, select
 from sqlalchemy.exc import DBAPIError, IntegrityError, NoResultFound
 from sqlalchemy.ext.asyncio import AsyncSession
 
@@ -26,7 +26,7 @@ class CredentialsRepository(Repository[AuthData]):
         super().__init__(model=model, session=session)
         self._settings = settings
 
-    async def get_for_connection(
+    async def read(
         self,
         connection_id: int,
     ) -> dict:
@@ -37,7 +37,15 @@ class CredentialsRepository(Repository[AuthData]):
         except NoResultFound as e:
             raise AuthDataNotFoundError(f"Connection id = {connection_id}") from e
 
-    async def add_to_connection(self, connection_id: int, data: dict) -> AuthData:
+    async def read_bulk(
+        self,
+        connection_ids: list[int],
+    ) -> dict[int, dict]:
+        query = select(AuthData).where(AuthData.connection_id.in_(connection_ids))
+        result: ScalarResult[AuthData] = await self._session.scalars(query)
+        return {item.connection_id: decrypt_auth_data(item.value, settings=self._settings) for item in result}
+
+    async def create(self, connection_id: int, data: dict) -> AuthData:
         query = (
             insert(AuthData)
             .values(
@@ -54,31 +62,18 @@ class CredentialsRepository(Repository[AuthData]):
             await self._session.flush()
             return result.one()
 
-    async def delete_from_connection(self, connection_id: int) -> AuthData:
-        query = delete(AuthData).where(AuthData.connection_id == connection_id).returning(AuthData)
-
-        try:
-            result: ScalarResult[AuthData] = await self._session.scalars(query)
-        except IntegrityError as e:
-            self._raise_error(e)
-        else:
-            await self._session.flush()
-            return result.one()
-
     async def update(
         self,
         connection_id: int,
-        credential_data: dict,
+        data: dict,
     ) -> AuthData:
-        creds = await self.get_for_connection(connection_id)
+        creds = await self.read(connection_id)
         try:
             for key in creds:
-                if key not in credential_data or credential_data[key] is None:
-                    credential_data[key] = creds[key]
-
+                data[key] = data.get(key, None) or creds[key]
             return await self._update(
                 AuthData.connection_id == connection_id,
-                value=encrypt_auth_data(value=credential_data, settings=self._settings),
+                value=encrypt_auth_data(value=data, settings=self._settings),
             )
         except IntegrityError as e:
             self._raise_error(e)

data_syncmaster-0.1.5/syncmaster/db/repositories/utils.py

@@ -0,0 +1,37 @@
+# SPDX-FileCopyrightText: 2023-2024 MTS (Mobile Telesystems)
+# SPDX-License-Identifier: Apache-2.0
+import json
+
+from cryptography.fernet import Fernet
+from pydantic import SecretStr
+
+from syncmaster.config import Settings
+
+
+def decrypt_auth_data(
+    value: str,
+    settings: Settings,
+) -> dict:
+    decryptor = Fernet(settings.CRYPTO_KEY)
+    decrypted = decryptor.decrypt(value)
+    return json.loads(decrypted)
+
+
+def _json_default(value):
+    if isinstance(value, SecretStr):
+        return value.get_secret_value()
+
+
+def encrypt_auth_data(
+    value: dict,
+    settings: Settings,
+) -> str:
+    encryptor = Fernet(settings.CRYPTO_KEY)
+    serialized = json.dumps(
+        value,
+        ensure_ascii=False,
+        sort_keys=True,
+        default=_json_default,
+    )
+    encrypted = encryptor.encrypt(serialized.encode("utf-8"))
+    return encrypted.decode("utf-8")