PyPI - ethyca-fides - Versions diffs - 2.63.0rc3__py2.py3-none-any.whl → 2.63.1__py2.py3-none-any.whl - Mend

ethyca-fides 2.63.0rc3py2.py3-none-any.whl → 2.63.1py2.py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (129) hide show

fides/api/alembic/migrations/versions/5efcdf18438e_add_manual_task_tables.py ADDED Viewed

@@ -0,0 +1,160 @@
+"""add manual task tables
+Revision ID: 5efcdf18438e
+Revises: c586a56c25e7
+Create Date: 2025-06-04 17:24:00.300170
+"""
+import sqlalchemy as sa
+from alembic import op
+from sqlalchemy.dialects import postgresql
+from sqlalchemy.sql import func
+# revision identifiers, used by Alembic.
+revision = "5efcdf18438e"
+down_revision = "c586a56c25e7"
+branch_labels = None
+depends_on = None
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table(
+        "manual_task",
+        sa.Column("id", sa.String(), nullable=False),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=func.now(),
+        ),
+        sa.Column(
+            "updated_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=func.now(),
+        ),
+        sa.Column(
+            "task_type", sa.String(), nullable=False, server_default="privacy_request"
+        ),
+        sa.Column("parent_entity_id", sa.String(), nullable=False),
+        sa.Column("parent_entity_type", sa.String(), nullable=False),
+        sa.Column("due_date", sa.DateTime(timezone=True), nullable=True),
+        sa.PrimaryKeyConstraint("id"),
+        sa.UniqueConstraint(
+            "parent_entity_id",
+            "parent_entity_type",
+            name="uq_manual_task_parent_entity",
+        ),
+    )
+    op.create_table(
+        "manual_task_reference",
+        sa.Column("id", sa.String(), nullable=False),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=func.now(),
+        ),
+        sa.Column(
+            "updated_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=func.now(),
+        ),
+        sa.Column("task_id", sa.String(), nullable=False),
+        sa.Column("reference_id", sa.String(), nullable=False),
+        sa.Column("reference_type", sa.String(), nullable=False),
+        sa.ForeignKeyConstraint(
+            ["task_id"],
+            ["manual_task.id"],
+            ondelete="CASCADE",
+        ),
+        sa.PrimaryKeyConstraint("id"),
+    )
+    op.create_table(
+        "manual_task_log",
+        sa.Column("id", sa.String(), nullable=False),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=func.now(),
+        ),
+        sa.Column(
+            "updated_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=func.now(),
+        ),
+        sa.Column("task_id", sa.String(), nullable=False),
+        sa.Column("config_id", sa.String(), nullable=True),
+        sa.Column("instance_id", sa.String(), nullable=True),
+        sa.Column("status", sa.String(), nullable=False),
+        sa.Column("message", sa.String(), nullable=True),
+        sa.Column("details", postgresql.JSONB(astext_type=sa.Text()), nullable=True),
+        sa.ForeignKeyConstraint(
+            ["task_id"],
+            ["manual_task.id"],
+            ondelete="CASCADE",
+        ),
+        sa.PrimaryKeyConstraint("id"),
+    )
+    # Create indexes for manual_task
+    op.create_index("ix_manual_task_task_type", "manual_task", ["task_type"])
+    op.create_index(
+        "ix_manual_task_parent_entity",
+        "manual_task",
+        ["parent_entity_type", "parent_entity_id"],
+    )
+    op.create_index("ix_manual_task_due_date", "manual_task", ["due_date"])
+    # Create indexes for manual_task_reference
+    op.create_index(
+        "ix_manual_task_reference_task_id", "manual_task_reference", ["task_id"]
+    )
+    op.create_index(
+        "ix_manual_task_reference_reference",
+        "manual_task_reference",
+        ["reference_id", "reference_type"],
+    )
+    # Create indexes for manual_task_log
+    op.create_index("ix_manual_task_log_task_id", "manual_task_log", ["task_id"])
+    op.create_index("ix_manual_task_log_config_id", "manual_task_log", ["config_id"])
+    op.create_index(
+        "ix_manual_task_log_instance_id", "manual_task_log", ["instance_id"]
+    )
+    op.create_index("ix_manual_task_log_status", "manual_task_log", ["status"])
+    op.create_index("ix_manual_task_log_created_at", "manual_task_log", ["created_at"])
+    # ### end Alembic commands ###
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    # Drop indexes first
+    op.drop_index("ix_manual_task_log_created_at", table_name="manual_task_log")
+    op.drop_index("ix_manual_task_log_status", table_name="manual_task_log")
+    op.drop_index("ix_manual_task_log_instance_id", table_name="manual_task_log")
+    op.drop_index("ix_manual_task_log_config_id", table_name="manual_task_log")
+    op.drop_index("ix_manual_task_log_task_id", table_name="manual_task_log")
+    op.drop_index(
+        "ix_manual_task_reference_reference", table_name="manual_task_reference"
+    )
+    op.drop_index(
+        "ix_manual_task_reference_task_id", table_name="manual_task_reference"
+    )
+    op.drop_index("ix_manual_task_due_date", table_name="manual_task")
+    op.drop_index("ix_manual_task_parent_entity", table_name="manual_task")
+    op.drop_index("ix_manual_task_task_type", table_name="manual_task")
+    # Then drop tables
+    op.drop_table("manual_task_log")
+    op.drop_table("manual_task_reference")
+    op.drop_table("manual_task")
+    # ### end Alembic commands ###

fides/api/api/v1/endpoints/privacy_request_endpoints.py CHANGED Viewed

@@ -75,6 +75,7 @@ from fides.api.models.privacy_request import (
     ProvidedIdentity,
     RequestTask,
 )
+from fides.api.models.worker_task import ExecutionLogStatus
 from fides.api.oauth.utils import (
     verify_callback_oauth_policy_pre_webhook,
     verify_callback_oauth_pre_approval_webhook,
@@ -91,7 +92,6 @@ from fides.api.schemas.privacy_request import (
     CheckpointActionRequired,
     DenyPrivacyRequests,
     ExecutionLogDetailResponse,
-    ExecutionLogStatus,
     FilteredPrivacyRequestResults,
     LogEntry,
     ManualWebhookData,
@@ -1940,16 +1940,16 @@ def request_task_async_callback(
     ]:
         raise HTTPException(
             status_code=HTTP_400_BAD_REQUEST,
-            detail=f"Callback failed. Cannot queue {request_task.action_type.value} task '{request_task.id}' with privacy request status '{privacy_request.status.value}'",
+            detail=f"Callback failed. Cannot queue {request_task.action_type} task '{request_task.id}' with privacy request status '{privacy_request.status.value}'",
         )
     if request_task.status != ExecutionLogStatus.awaiting_processing:
         raise HTTPException(
             status_code=HTTP_400_BAD_REQUEST,
-            detail=f"Callback failed. Cannot queue {request_task.action_type.value} task '{request_task.id}' with request task status '{request_task.status.value}'",
+            detail=f"Callback failed. Cannot queue {request_task.action_type} task '{request_task.id}' with request task status '{request_task.status.value}'",
         )
     logger.info(
         "Callback received for {} task {} {}",
-        request_task.action_type.value,
+        request_task.action_type,
         request_task.collection_address,
         request_task.id,
     )

fides/api/db/base.py CHANGED Viewed

@@ -16,7 +16,11 @@ from fides.api.models.custom_connector_template import CustomConnectorTemplate
 from fides.api.models.custom_report import CustomReport
 from fides.api.models.datasetconfig import DatasetConfig
 from fides.api.models.db_cache import DBCache
-from fides.api.models.detection_discovery import MonitorConfig, StagedResource
+from fides.api.models.detection_discovery.core import MonitorConfig, StagedResource
+from fides.api.models.detection_discovery.monitor_task import (
+    MonitorTask,
+    MonitorTaskExecutionLog,
+)
 from fides.api.models.experience_notices import ExperienceNotices
 from fides.api.models.fides_cloud import FidesCloud
 from fides.api.models.fides_user import FidesUser
@@ -27,6 +31,8 @@ from fides.api.models.fides_user_respondent_email_verification import (
 )
 from fides.api.models.identity_salt import IdentitySalt
 from fides.api.models.location_regulation_selections import LocationRegulationSelections
+from fides.api.models.manual_tasks.manual_task import ManualTask, ManualTaskReference
+from fides.api.models.manual_tasks.manual_task_log import ManualTaskLog
 from fides.api.models.manual_webhook import AccessManualWebhook
 from fides.api.models.messaging import MessagingConfig
 from fides.api.models.messaging_template import MessagingTemplate

fides/api/models/connectionconfig.py CHANGED Viewed

@@ -23,7 +23,7 @@ from fides.api.schemas.saas.saas_config import SaaSConfig
 from fides.config import CONFIG
 if TYPE_CHECKING:
-    from fides.api.models.detection_discovery import MonitorConfig
+    from fides.api.models.detection_discovery.core import MonitorConfig
     from fides.api.schemas.connection_configuration.enums.system_type import SystemType

fides/api/models/detection_discovery/__init__.py ADDED Viewed

@@ -0,0 +1,35 @@
+from .core import (
+    DiffStatus,
+    MonitorConfig,
+    MonitorExecution,
+    MonitorFrequency,
+    SharedMonitorConfig,
+    StagedResource,
+    StagedResourceAncestor,
+    fetch_staged_resources_by_type_query,
+)
+from .monitor_task import (
+    MonitorTask,
+    MonitorTaskExecutionLog,
+    MonitorTaskType,
+    TaskRunType,
+    create_monitor_task_with_execution_log,
+    update_monitor_task_with_execution_log,
+)
+__all__ = [
+    "DiffStatus",
+    "MonitorConfig",
+    "MonitorExecution",
+    "MonitorFrequency",
+    "SharedMonitorConfig",
+    "StagedResource",
+    "StagedResourceAncestor",
+    "fetch_staged_resources_by_type_query",
+    "MonitorTask",
+    "MonitorTaskExecutionLog",
+    "MonitorTaskType",
+    "TaskRunType",
+    "create_monitor_task_with_execution_log",
+    "update_monitor_task_with_execution_log",
+]

fides/api/models/detection_discovery/monitor_task.py ADDED Viewed

@@ -0,0 +1,162 @@
+from __future__ import annotations
+from enum import Enum
+from typing import List, Optional
+from sqlalchemy import ARRAY, Column
+from sqlalchemy import Enum as SQLAlchemyEnum
+from sqlalchemy import ForeignKey, String
+from sqlalchemy.dialects.postgresql import JSONB
+from sqlalchemy.orm import Session, relationship
+from fides.api.db.base_class import Base, FidesBase  # type: ignore[attr-defined]
+from fides.api.models.detection_discovery.core import MonitorConfig
+from fides.api.models.worker_task import (
+    ExecutionLogStatus,
+    TaskExecutionLog,
+    WorkerTask,
+)
+class MonitorTaskType(Enum):
+    """
+    Types of tasks that can be executed by a worker.
+    """
+    DETECTION = "detection"
+    CLASSIFICATION = "classification"
+    PROMOTION = "promotion"
+    REMOVAL_PROMOTION = "removal_promotion"
+class MonitorTask(WorkerTask, Base):
+    """
+    A monitor task executed by a worker.
+    """
+    # celery_id is used to track task executions. While MonitorTask.id remains constant,
+    # celery_id changes with each execution or retry of the task, allowing us to track
+    # the current execution state while maintaining a stable reference to the original task.
+    celery_id = Column(
+        String(255), unique=True, nullable=False, default=FidesBase.generate_uuid
+    )
+    task_arguments = Column(JSONB, nullable=True)  # To be able to rerun the task
+    # Contains info, warning, or error messages
+    message = Column(String)
+    monitor_config_id = Column(
+        String,
+        ForeignKey(MonitorConfig.id_field_path, ondelete="CASCADE"),
+        index=True,
+        nullable=False,
+    )
+    staged_resource_urns = Column(ARRAY(String), nullable=True)
+    child_resource_urns = Column(ARRAY(String), nullable=True)
+    monitor_config = relationship(MonitorConfig, cascade="all, delete")
+    execution_logs = relationship(
+        "MonitorTaskExecutionLog", back_populates="monitor_task", cascade="all, delete"
+    )
+    @classmethod
+    def allowed_action_types(cls) -> List[str]:
+        return [e.value for e in MonitorTaskType]
+class TaskRunType(Enum):
+    """
+    Type of task run.
+    """
+    MANUAL = "manual"
+    SYSTEM = "system"
+class MonitorTaskExecutionLog(TaskExecutionLog, Base):
+    """
+    Stores the individual execution logs associated with a MonitorTask.
+    """
+    # This celery_id preserves the specific execution ID for historical tracking,
+    # unlike MonitorTask.celery_id which is updated with each execution.
+    # This allows us to maintain a complete history of all task execution attempts.
+    celery_id = Column(String(255), nullable=False)
+    monitor_task_id = Column(
+        String,
+        ForeignKey(MonitorTask.id_field_path, ondelete="CASCADE"),
+        index=True,
+        nullable=False,
+    )
+    run_type = Column(
+        SQLAlchemyEnum(TaskRunType), nullable=False, default=TaskRunType.SYSTEM
+    )
+    monitor_task = relationship("MonitorTask", back_populates="execution_logs")
+def create_monitor_task_with_execution_log(
+    db: Session, monitor_task_data: dict
+) -> MonitorTask:
+    """
+    Creates a monitor task with an execution log.
+    The default status is pending for the task and pending for the execution log.
+    """
+    status = ExecutionLogStatus.pending
+    task_record = MonitorTask(  # type: ignore
+        status=status.value,
+        **monitor_task_data,
+    )
+    db.add(task_record)
+    db.flush()
+    execution_log = MonitorTaskExecutionLog(  # type: ignore
+        monitor_task=task_record, celery_id=task_record.celery_id, status=status
+    )
+    db.add(execution_log)
+    db.commit()
+    db.refresh(task_record)
+    return task_record
+def update_monitor_task_with_execution_log(
+    db: Session,
+    status: ExecutionLogStatus,
+    task_record: Optional[MonitorTask] = None,
+    celery_id: Optional[str] = None,
+    message: Optional[str] = None,
+    run_type: TaskRunType = TaskRunType.SYSTEM,
+) -> MonitorTask:
+    """
+    Updates a monitor task with an execution log.
+    It must be either celery_id or task_record. If it doesn't receive a celery_id, it's assumed a new one needs to be created because a new run is about to be performed.
+    If it receives a celery_id, it means it only needs to update the status of an existing run. It can receive task_record to avoid querying the database again to get it.
+    """
+    if not celery_id and not task_record:
+        raise ValueError("Either celery_id or task_record must be provided")
+    if celery_id and not task_record:
+        task_record = MonitorTask.get_by(db=db, field="celery_id", value=celery_id)
+        if not task_record:
+            raise ValueError(f"Could not find MonitorTask with celery_id {celery_id}")
+    assert task_record is not None  # help type checker understand the control flow
+    if not celery_id:
+        celery_id = task_record.generate_uuid()
+        task_record.celery_id = celery_id
+    task_record.status = status.value  # type: ignore
+    task_record.message = message
+    MonitorTaskExecutionLog(  # type: ignore
+        monitor_task=task_record,
+        status=status,
+        message=message,
+        celery_id=celery_id,
+        run_type=run_type,
+    )
+    db.commit()
+    db.refresh(task_record)
+    return task_record

fides/api/models/field_types/__init__.py ADDED Viewed

@@ -0,0 +1,5 @@
+from .encrypted_large_data import EncryptedLargeDataDescriptor
+__all__ = [
+    "EncryptedLargeDataDescriptor",
+]

fides/api/models/field_types/encrypted_large_data.py ADDED Viewed

@@ -0,0 +1,151 @@
+from datetime import datetime
+from typing import Any, Optional, Type
+from loguru import logger
+from fides.api.api.deps import get_autoclose_db_session
+from fides.api.schemas.external_storage import ExternalStorageMetadata
+from fides.api.service.external_data_storage import (
+    ExternalDataStorageError,
+    ExternalDataStorageService,
+)
+from fides.api.util.data_size import LARGE_DATA_THRESHOLD_BYTES, calculate_data_size
+class EncryptedLargeDataDescriptor:
+    """
+    A Python descriptor for database fields with encrypted external storage fallback.
+    See the original implementation for detailed docstrings.
+    """
+    def __init__(
+        self,
+        field_name: str,
+        empty_default: Optional[Any] = None,
+        threshold_bytes: Optional[int] = None,
+    ):
+        self.field_name = field_name
+        self.private_field = f"_{field_name}"
+        self.empty_default = empty_default if empty_default is not None else []
+        self.threshold_bytes = threshold_bytes or LARGE_DATA_THRESHOLD_BYTES
+        self.model_class: Optional[str] = None
+        self.name: Optional[str] = None
+    # Descriptor protocol helpers
+    def __set_name__(
+        self, owner: Type, name: str
+    ) -> None:  # noqa: D401 (docstring in orig file)
+        self.name = name
+        self.model_class = owner.__name__
+    def _generate_storage_path(self, instance: Any) -> str:
+        instance_id = getattr(instance, "id", None)
+        if not instance_id:
+            raise ValueError(f"Instance {instance} must have an 'id' attribute")
+        timestamp = datetime.utcnow().strftime("%Y%m%d-%H%M%S-%f")
+        return f"{self.model_class}/{instance_id}/{self.field_name}/{timestamp}.txt"
+    def __get__(self, instance: Any, owner: Type) -> Any:  # noqa: D401
+        if instance is None:
+            return self
+        raw_data = getattr(instance, self.private_field)
+        if raw_data is None:
+            return None
+        if isinstance(raw_data, dict) and "storage_type" in raw_data:
+            logger.info(
+                f"Reading {self.model_class}.{self.field_name} from external storage "
+                f"({raw_data.get('storage_type')})"
+            )
+            try:
+                metadata = ExternalStorageMetadata.model_validate(raw_data)
+                data = self._retrieve_external_data(metadata)
+                record_count = len(data) if isinstance(data, list) else "N/A"
+                logger.info(
+                    f"Successfully retrieved {self.model_class}.{self.field_name} "
+                    f"from external storage (records: {record_count})"
+                )
+                return data if data is not None else self.empty_default
+            except Exception as e:  # pylint: disable=broad-except
+                logger.error(
+                    f"Failed to retrieve {self.model_class}.{self.field_name} "
+                    f"from external storage: {str(e)}"
+                )
+                raise ExternalDataStorageError(
+                    f"Failed to retrieve {self.field_name}: {str(e)}"
+                ) from e
+        else:
+            return raw_data
+    def __set__(self, instance: Any, value: Any) -> None:  # noqa: D401
+        if not value:
+            self._cleanup_external_data(instance)
+            setattr(instance, self.private_field, self.empty_default)
+            return
+        try:
+            current_data = self.__get__(instance, type(instance))
+            if current_data == value:
+                return
+        except Exception:  # pylint: disable=broad-except
+            pass
+        data_size = calculate_data_size(value)
+        if data_size > self.threshold_bytes:
+            logger.info(
+                f"{self.model_class}.{self.field_name}: Data size ({data_size:,} bytes) "
+                f"exceeds threshold ({self.threshold_bytes:,} bytes), storing externally"
+            )
+            self._cleanup_external_data(instance)
+            metadata = self._store_external_data(instance, value)
+            setattr(instance, self.private_field, metadata.model_dump())
+        else:
+            self._cleanup_external_data(instance)
+            setattr(instance, self.private_field, value)
+    # External storage helpers
+    def _store_external_data(self, instance: Any, data: Any) -> ExternalStorageMetadata:
+        storage_path = self._generate_storage_path(instance)
+        with get_autoclose_db_session() as session:
+            metadata = ExternalDataStorageService.store_data(
+                db=session,
+                storage_path=storage_path,
+                data=data,
+            )
+            logger.info(
+                f"Stored {self.model_class}.{self.field_name} to external storage: {storage_path}"
+            )
+            return metadata
+    @staticmethod
+    def _retrieve_external_data(metadata: ExternalStorageMetadata) -> Any:  # noqa: D401
+        with get_autoclose_db_session() as session:
+            return ExternalDataStorageService.retrieve_data(
+                db=session,
+                metadata=metadata,
+            )
+    def _cleanup_external_data(self, instance: Any) -> None:  # noqa: D401
+        raw_data = getattr(instance, self.private_field, None)
+        if isinstance(raw_data, dict) and "storage_type" in raw_data:
+            try:
+                metadata = ExternalStorageMetadata.model_validate(raw_data)
+                with get_autoclose_db_session() as session:
+                    ExternalDataStorageService.delete_data(
+                        db=session,
+                        metadata=metadata,
+                    )
+                logger.info(
+                    f"Cleaned up external storage for {self.model_class}.{self.field_name}: "
+                    f"{metadata.file_key}"
+                )
+            except Exception as e:  # pylint: disable=broad-except
+                logger.warning(
+                    f"Failed to cleanup external {self.field_name}: {str(e)}"
+                )
+    # Public helper
+    def cleanup(self, instance: Any) -> None:  # noqa: D401
+        self._cleanup_external_data(instance)

fides/api/models/manual_tasks/__init__.py ADDED Viewed

@@ -0,0 +1,8 @@
+from fides.api.models.manual_tasks.manual_task import ManualTask, ManualTaskReference
+from fides.api.models.manual_tasks.manual_task_log import ManualTaskLog
+__all__ = [
+    "ManualTask",
+    "ManualTaskReference",
+    "ManualTaskLog",
+]

ethyca-fides 2.63.0rc3__py2.py3-none-any.whl → 2.63.1__py2.py3-none-any.whl

ethyca-fides 2.63.0rc3py2.py3-none-any.whl → 2.63.1py2.py3-none-any.whl