PyPI - ethyca-fides - Versions diffs - 2.68.1b0__py2.py3-none-any.whl → 2.68.1b2__py2.py3-none-any.whl - Mend

ethyca-fides 2.68.1b0py2.py3-none-any.whl → 2.68.1b2py2.py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of ethyca-fides might be problematic. Click here for more details.

Files changed (131) hide show

fides/data/sample_project/docker-compose.yml CHANGED Viewed

@@ -87,7 +87,7 @@ services:
   fides-db:
     container_name: fides-db
-    image: postgres:12
+    image: postgres:16
     healthcheck:
       test: ["CMD-SHELL", "pg_isready -U postgres"]
       interval: 15s
@@ -104,14 +104,14 @@ services:
   redis:
     container_name: fides-redis
-    image: redis:6.2-alpine
+    image: redis:8.0-alpine
     command: redis-server --requirepass redispassword
     ports:
       - "7379:6379"
   postgres-test:
     container_name: fides-postgres-example-db
-    image: postgres:12
+    image: postgres:16
     healthcheck:
       test: ["CMD-SHELL", "pg_isready -U postgres"]
       interval: 15s

fides/service/taxonomy/__init__.py ADDED Viewed

File without changes

fides/service/taxonomy/handlers/__init__.py ADDED Viewed

@@ -0,0 +1,11 @@
+"""
+Taxonomy handlers package.
+"""
+from .base import TaxonomyHandler
+from .legacy_handler import LegacyTaxonomyHandler
+__all__ = [
+    "TaxonomyHandler",
+    "LegacyTaxonomyHandler",
+]

fides/service/taxonomy/handlers/base.py ADDED Viewed

@@ -0,0 +1,42 @@
+"""
+Base taxonomy handler and core validation functions.
+"""
+from abc import ABC, abstractmethod
+from typing import Any, Dict, List, Optional, Type
+from sqlalchemy.orm import Session
+from fides.api.db.base_class import FidesBase
+class TaxonomyHandler(ABC):
+    """Abstract handler for taxonomy CRUD operations."""
+    def __init__(self, db: Session, taxonomy_type: str):
+        self.db = db
+        self.taxonomy_type = taxonomy_type
+    @abstractmethod
+    def get_model(self) -> Type[FidesBase]:
+        pass
+    @abstractmethod
+    def get_elements(self, active_only: bool, parent_key: Optional[str]) -> List[Any]:
+        pass
+    @abstractmethod
+    def get_element(self, fides_key: str) -> Optional[Any]:
+        pass
+    @abstractmethod
+    def create_element(self, element_data: Dict) -> Any:
+        pass
+    @abstractmethod
+    def update_element(self, fides_key: str, element_data: Dict) -> Optional[Any]:
+        pass
+    @abstractmethod
+    def delete_element(self, fides_key: str) -> None:
+        pass

fides/service/taxonomy/handlers/legacy_handler.py ADDED Viewed

@@ -0,0 +1,95 @@
+"""
+Legacy taxonomy handler for DataCategory, DataUse, and DataSubject models.
+"""
+from typing import Dict, List, Optional, Type, Union
+from sqlalchemy.orm import Query, Session
+from fides.api.models.sql_models import (  # type:ignore[attr-defined]
+    DataCategory,
+    DataSubject,
+    DataUse,
+)
+from .base import TaxonomyHandler
+class LegacyTaxonomyHandler(TaxonomyHandler):
+    """Handler for legacy taxonomy models (DataCategory, DataUse, DataSubject)."""
+    def __init__(self, db: Session, taxonomy_type: str) -> None:
+        super().__init__(db, taxonomy_type)
+        self.models = {
+            "data_categories": DataCategory,
+            "data_uses": DataUse,
+            "data_subjects": DataSubject,
+        }
+        if taxonomy_type not in self.models:
+            raise ValueError(
+                f"Taxonomy type '{taxonomy_type}' not supported. Supported types: {list(self.models.keys())}"
+            )
+    def get_elements(
+        self, active_only: bool, parent_key: Optional[str]
+    ) -> List[Union[DataCategory, DataUse, DataSubject]]:
+        model_class = self.get_model()
+        query = self._build_query(model_class, active_only, parent_key)
+        return query.all()
+    def get_element(
+        self, fides_key: str
+    ) -> Optional[Union[DataCategory, DataUse, DataSubject]]:
+        model_class = self.get_model()
+        element = (
+            self.db.query(model_class)
+            .filter(model_class.fides_key == fides_key)
+            .first()
+        )
+        return element
+    def create_element(
+        self, element_data: Dict
+    ) -> Union[DataCategory, DataUse, DataSubject]:
+        model_class = self.get_model()
+        element = model_class.create(self.db, data=element_data)
+        return element
+    def update_element(
+        self, fides_key: str, element_data: Dict
+    ) -> Optional[Union[DataCategory, DataUse, DataSubject]]:
+        model_class = self.get_model()
+        element = (
+            self.db.query(model_class)
+            .filter(model_class.fides_key == fides_key)
+            .first()
+        )
+        if not element:
+            return None
+        return element.update(db=self.db, data=element_data)
+    def delete_element(self, fides_key: str) -> None:
+        model_class = self.get_model()
+        element = (
+            self.db.query(model_class)
+            .filter(model_class.fides_key == fides_key)
+            .first()
+        )
+        if element:
+            self.db.delete(element)
+    def get_model(self) -> Type[Union[DataCategory, DataUse, DataSubject]]:
+        return self.models[self.taxonomy_type]
+    def _build_query(
+        self, model_class: Type, active_only: bool, parent_key: Optional[str]
+    ) -> Query:
+        query = self.db.query(model_class)
+        if active_only:
+            query = query.filter(model_class.active.is_(True))
+        if parent_key and hasattr(model_class, "parent_key"):
+            query = query.filter(model_class.parent_key == parent_key)
+        return query

fides/service/taxonomy/taxonomy_service.py ADDED Viewed

@@ -0,0 +1,261 @@
+"""
+Service layer for taxonomy management (data_categories, data_uses, data_subjects).
+"""
+from typing import Any, Dict, List, Literal, Optional, Union, overload
+from sqlalchemy import or_
+from sqlalchemy.orm import Session
+from fides.api.models.sql_models import (  # type:ignore[attr-defined]
+    DataCategory,
+    DataSubject,
+    DataUse,
+)
+from fides.api.models.taxonomy import TaxonomyUsage
+from .handlers import LegacyTaxonomyHandler, TaxonomyHandler
+from .utils import (
+    activate_taxonomy_parents,
+    check_for_taxonomy_reactivation,
+    deactivate_taxonomy_node_and_descendants,
+    generate_taxonomy_fides_key,
+    handle_taxonomy_reactivation,
+    validate_default_taxonomy_restrictions,
+    validate_parent_key_exists,
+)
+class TaxonomyService:
+    """
+    Taxonomy service for managing Fides taxonomy elements.
+    Provides CRUD operations for data_categories, data_uses, and data_subjects.
+    """
+    # Most of the main methods in this service have a type-specific overload to help with type hints
+    def __init__(self, db: Session):
+        self.db = db
+    @overload
+    def get_elements(
+        self,
+        taxonomy_type: Literal["data_categories"],
+        active_only: bool = True,
+        parent_key: Optional[str] = None,
+    ) -> List[DataCategory]: ...
+    @overload
+    def get_elements(
+        self,
+        taxonomy_type: Literal["data_uses"],
+        active_only: bool = True,
+        parent_key: Optional[str] = None,
+    ) -> List[DataUse]: ...
+    @overload
+    def get_elements(
+        self,
+        taxonomy_type: Literal["data_subjects"],
+        active_only: bool = True,
+        parent_key: Optional[str] = None,
+    ) -> List[DataSubject]: ...
+    def get_elements(
+        self,
+        taxonomy_type: str,
+        active_only: bool = True,
+        parent_key: Optional[str] = None,
+    ) -> List[Union[DataCategory, DataUse, DataSubject]]:
+        """Get elements for a taxonomy type."""
+        return self._get_handler(taxonomy_type).get_elements(active_only, parent_key)
+    @overload
+    def get_element(
+        self, taxonomy_type: Literal["data_categories"], fides_key: str
+    ) -> Optional[DataCategory]: ...
+    @overload
+    def get_element(
+        self, taxonomy_type: Literal["data_uses"], fides_key: str
+    ) -> Optional[DataUse]: ...
+    @overload
+    def get_element(
+        self, taxonomy_type: Literal["data_subjects"], fides_key: str
+    ) -> Optional[DataSubject]: ...
+    def get_element(self, taxonomy_type: str, fides_key: str) -> Optional[Any]:
+        """Get a single element by fides_key."""
+        return self._get_handler(taxonomy_type).get_element(fides_key)
+    @overload
+    def create_element(
+        self, taxonomy_type: Literal["data_categories"], element_data: Dict
+    ) -> DataCategory: ...
+    @overload
+    def create_element(
+        self, taxonomy_type: Literal["data_uses"], element_data: Dict
+    ) -> DataUse: ...
+    @overload
+    def create_element(
+        self, taxonomy_type: Literal["data_subjects"], element_data: Dict
+    ) -> DataSubject: ...
+    def create_element(
+        self, taxonomy_type: str, element_data: Dict
+    ) -> Union[DataCategory, DataUse, DataSubject]:
+        """Create a new taxonomy element."""
+        # Generate fides_key if not provided
+        processed_data = element_data.copy()
+        if not processed_data.get("fides_key") and processed_data.get("name"):
+            handler = self._get_handler(taxonomy_type)
+            processed_data["fides_key"] = generate_taxonomy_fides_key(
+                taxonomy_type,
+                processed_data["name"],
+                processed_data.get("parent_key"),
+                handler,
+            )
+        # Centralized validation before delegation
+        self._validate_element_data(processed_data, taxonomy_type, action="create")
+        return self._get_handler(taxonomy_type).create_element(processed_data)
+    @overload
+    def update_element(
+        self,
+        taxonomy_type: Literal["data_categories"],
+        fides_key: str,
+        element_data: Dict,
+    ) -> Optional[DataCategory]: ...
+    @overload
+    def update_element(
+        self, taxonomy_type: Literal["data_uses"], fides_key: str, element_data: Dict
+    ) -> Optional[DataUse]: ...
+    @overload
+    def update_element(
+        self,
+        taxonomy_type: Literal["data_subjects"],
+        fides_key: str,
+        element_data: Dict,
+    ) -> Optional[DataSubject]: ...
+    def update_element(
+        self, taxonomy_type: str, fides_key: str, element_data: Dict
+    ) -> Optional[Any]:
+        """Update an existing taxonomy element."""
+        # Get the existing element for validation
+        handler = self._get_handler(taxonomy_type)
+        existing_element = handler.get_element(fides_key)
+        self._validate_element_data(
+            element_data,
+            taxonomy_type,
+            existing_element=existing_element,
+            action="update",
+        )
+        # Update the element via handler
+        updated_element = handler.update_element(fides_key, element_data)
+        # Handle hierarchical activation/deactivation logic at service level
+        if updated_element and "active" in element_data:
+            if element_data["active"]:
+                activate_taxonomy_parents(updated_element, self.db)
+            else:
+                # Cascade down - deactivate current node and children
+                deactivate_taxonomy_node_and_descendants(updated_element, self.db)
+            # Ensure hierarchical updates are visible across sessions
+            # The model's own update() commits, but parent/child mutations above
+            # only flush by design. Commit here so other sessions (e.g., API tests)
+            # can observe the propagated changes immediately.
+            self.db.commit()
+            # Refresh the updated element to return the latest state
+            self.db.refresh(updated_element)
+        return updated_element
+    def delete_element(self, taxonomy_type: str, fides_key: str) -> None:
+        """Delete a taxonomy element."""
+        # First, remove any TaxonomyUsage rows that reference this element
+        # as either the source or the target element. There is no DB cascade
+        # for these relationships by design, so this cleanup is handled here.
+        self.db.query(TaxonomyUsage).filter(
+            or_(
+                TaxonomyUsage.source_element_key == fides_key,
+                TaxonomyUsage.target_element_key == fides_key,
+            )
+        ).delete(synchronize_session=False)
+        # Then delete the element itself via the appropriate handler
+        self._get_handler(taxonomy_type).delete_element(fides_key)
+        self.db.commit()
+    @overload
+    def create_or_update_element(
+        self, taxonomy_type: Literal["data_categories"], element_data: Dict
+    ) -> DataCategory: ...
+    @overload
+    def create_or_update_element(
+        self, taxonomy_type: Literal["data_uses"], element_data: Dict
+    ) -> DataUse: ...
+    @overload
+    def create_or_update_element(
+        self, taxonomy_type: Literal["data_subjects"], element_data: Dict
+    ) -> DataSubject: ...
+    def create_or_update_element(self, taxonomy_type: str, element_data: Dict) -> Any:
+        """
+        Create or update a taxonomy element.
+        If the element is deactivated, it will be updated and re-activated, along with its parents.
+        This method provides compatibility with the existing generic_overrides endpoint pattern.
+        """
+        # Check for reactivation case centrally
+        handler = self._get_handler(taxonomy_type)
+        reactivation_element = check_for_taxonomy_reactivation(
+            self.db, taxonomy_type, element_data, handler
+        )
+        if reactivation_element:
+            return handle_taxonomy_reactivation(
+                self.db, taxonomy_type, reactivation_element, element_data, handler
+            )
+        return self.create_element(taxonomy_type, element_data)  # type: ignore[call-overload]
+    def _get_handler(self, taxonomy_type: str) -> TaxonomyHandler:
+        """Get the handler for taxonomy operations."""
+        return LegacyTaxonomyHandler(self.db, taxonomy_type)
+    def _validate_element_data(
+        self,
+        element_data: Dict,
+        taxonomy_type: str,
+        existing_element: Optional[Union[DataCategory, DataUse, DataSubject]] = None,
+        action: str = "create",
+    ) -> None:
+        """
+        Centralized validation for taxonomy elements.
+        This runs before delegation to ensure consistent validation across all handlers.
+        """
+        # Validate default taxonomy restrictions for taxonomy elements
+        if action == "create":
+            validate_default_taxonomy_restrictions(element_data, action="create")
+        elif action == "update" and existing_element:
+            validate_default_taxonomy_restrictions(
+                element_data, resource=existing_element, action="update"
+            )
+        # Validate parent_key exists if provided
+        if "parent_key" in element_data and element_data["parent_key"]:
+            handler = self._get_handler(taxonomy_type)
+            validate_parent_key_exists(
+                taxonomy_type, element_data["parent_key"], handler
+            )

fides/service/taxonomy/utils.py ADDED Viewed

@@ -0,0 +1,160 @@
+from typing import Any, Dict, Optional, Union
+from sqlalchemy.orm import Session
+from fides.api.common_exceptions import ValidationError
+from fides.api.db.base_class import get_key_from_data
+from fides.api.models.sql_models import (  # type:ignore[attr-defined]
+    DataCategory,
+    DataSubject,
+    DataUse,
+)
+from fides.api.util.errors import ForbiddenIsDefaultTaxonomyError
+# Core validation functions for taxonomy operations
+def activate_taxonomy_parents(
+    resource: Union[DataCategory, DataUse, DataSubject],
+    db: Session,
+) -> None:
+    """
+    Activates parents to match newly-active taxonomy node.
+    """
+    parent = resource.parent
+    if parent:
+        parent.active = True
+        db.flush()
+        activate_taxonomy_parents(parent, db)
+def deactivate_taxonomy_node_and_descendants(
+    resource: Union[DataCategory, DataUse, DataSubject],
+    db: Session,
+) -> None:
+    """
+    Recursively de-activates all descendants of a given taxonomy node.
+    """
+    resource.active = False
+    db.flush()
+    children = resource.children
+    for child in children:
+        # Deactivate current child
+        child.active = False
+        db.flush()
+        # Recursively deactivate all descendants of this child
+        deactivate_taxonomy_node_and_descendants(child, db)
+def validate_default_taxonomy_restrictions(
+    data: Dict,
+    resource: Optional[Union[DataCategory, DataUse, DataSubject]] = None,
+    action: str = "create",
+) -> None:
+    """
+    Validate restrictions on default taxonomy elements.
+    """
+    # For creation, check if trying to create with is_default=True
+    if action == "create" and data.get("is_default"):
+        raise ForbiddenIsDefaultTaxonomyError(
+            "taxonomy", data.get("fides_key", "unknown"), action="create"
+        )
+    # For updates, check if trying to modify is_default field
+    if action == "update" and resource:
+        # Only check if is_default is explicitly present in the data and is being changed
+        if "is_default" in data and hasattr(resource, "is_default"):
+            if data["is_default"] != resource.is_default:
+                raise ForbiddenIsDefaultTaxonomyError(
+                    "resource",
+                    data.get("fides_key", resource.fides_key),
+                    action="modify",
+                )
+def validate_parent_key_exists(
+    taxonomy_type: str, parent_key: str, handler: Any
+) -> None:
+    """
+    Validate that the parent_key exists in the same taxonomy type.
+    This prevents IntegrityError at the database level by validating at application level.
+    """
+    if not parent_key:
+        return
+    parent_element = handler.get_element(parent_key)
+    if not parent_element:
+        raise ValidationError(
+            f"Parent with key '{parent_key}' not found in taxonomy '{taxonomy_type}'"
+        )
+def generate_taxonomy_fides_key(
+    taxonomy_type: str,
+    name: str,
+    parent_key: Optional[str] = None,
+    handler: Optional[Any] = None,
+) -> str:
+    """
+    Generate a fides_key from a name for taxonomy elements.
+    """
+    # Get the actual model class name for key generation
+    if handler and hasattr(handler, "get_model"):
+        model_class = handler.get_model()
+        fides_key = get_key_from_data({"name": name}, model_class.__name__)
+    else:
+        # Fallback to using taxonomy_type
+        fides_key = get_key_from_data({"name": name}, taxonomy_type)
+    # Add parent prefix if this is not a root level taxonomy node
+    if parent_key:
+        fides_key = f"{parent_key}.{fides_key}"
+    return fides_key
+def check_for_taxonomy_reactivation(
+    db: Session, taxonomy_type: str, element_data: Dict, handler: Any
+) -> Optional[Any]:
+    """
+    Check if this is a reactivation case for existing disabled elements.
+    Returns the disabled element if it exists and should be reactivated.
+    """
+    # Only check for reactivation if no fides_key is provided but name is
+    if element_data.get("fides_key") or not element_data.get("name"):
+        return None
+    # Check the specific model table for disabled elements
+    model_class = handler.get_model()
+    disabled_element = (
+        db.query(model_class)
+        .filter(
+            model_class.active.is_(False),
+            model_class.name == element_data["name"],
+        )
+        .first()
+    )
+    return disabled_element
+def handle_taxonomy_reactivation(
+    db: Session, taxonomy_type: str, element: Any, element_data: Dict, handler: Any
+) -> Any:
+    """
+    Handle reactivation of a disabled taxonomy element.
+    """
+    # Generate fides_key if not provided (needed for reactivation)
+    updated_data = element_data.copy()
+    if not updated_data.get("fides_key") and updated_data.get("name"):
+        updated_data["fides_key"] = generate_taxonomy_fides_key(
+            taxonomy_type, updated_data["name"], updated_data.get("parent_key"), handler
+        )
+    # Ensure it's marked as active and activate parents accordingly
+    updated_data["active"] = True
+    activate_taxonomy_parents(element, db)
+    # Update the element with new data
+    element.update(db, data=updated_data)
+    return element

fides/ui-build/static/admin/404.html CHANGED Viewed

	@@ -1 +1 @@
1	- <!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width"/><meta name="next-head-count" content="2"/><link data-next-font="" rel="preconnect" href="/" crossorigin="anonymous"/><link rel="preload" href="/_next/static/css/~~e1628f15dd5f019b~~.css" as="style"/><link rel="stylesheet" href="/_next/static/css/~~e1628f15dd5f019b~~.css" data-n-g=""/><noscript data-n-css=""></noscript><script defer="" nomodule="" src="/_next/static/chunks/polyfills-42372ed130431b0a.js"></script><script src="/_next/static/chunks/webpack-69658aeaf6155d89.js" defer=""></script><script src="/_next/static/chunks/framework-c92fc3344e6fd165.js" defer=""></script><script src="/_next/static/chunks/main-090643377c8254e6.js" defer=""></script><script src="/_next/static/chunks/pages/_app-~~65723cd4b8fc36ac~~.js" defer=""></script><script src="/_next/static/chunks/pages/404-9174cdb70126c2c5.js" defer=""></script><script src="/_next/static/~~JLiYN-Wiw1kNc_8IVythJ~~/_buildManifest.js" defer=""></script><script src="/_next/static/~~JLiYN-Wiw1kNc_8IVythJ~~/_ssgManifest.js" defer=""></script><style>.data-ant-cssinjs-cache-path{content:"";}</style></head><body><div id="__next"><div style="height:100%;display:flex"></div></div><script id="__NEXT_DATA__" type="application/json">{"props":{"pageProps":{}},"page":"/404","query":{},"buildId":"~~JLiYN-Wiw1kNc_8IVythJ~~","nextExport":true,"autoExport":true,"isFallback":false,"scriptLoader":[]}</script></body></html>
1	+ <!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width"/><meta name="next-head-count" content="2"/><link data-next-font="" rel="preconnect" href="/" crossorigin="anonymous"/><link rel="preload" href="/_next/static/css/a72179b1754aadd3.css" as="style"/><link rel="stylesheet" href="/_next/static/css/a72179b1754aadd3.css" data-n-g=""/><noscript data-n-css=""></noscript><script defer="" nomodule="" src="/_next/static/chunks/polyfills-42372ed130431b0a.js"></script><script src="/_next/static/chunks/webpack-69658aeaf6155d89.js" defer=""></script><script src="/_next/static/chunks/framework-c92fc3344e6fd165.js" defer=""></script><script src="/_next/static/chunks/main-090643377c8254e6.js" defer=""></script><script src="/_next/static/chunks/pages/_app-2c10f6b217b7978b.js" defer=""></script><script src="/_next/static/chunks/pages/404-9174cdb70126c2c5.js" defer=""></script><script src="/_next/static/qvk5eMANVfwYkdURE7fgG/_buildManifest.js" defer=""></script><script src="/_next/static/qvk5eMANVfwYkdURE7fgG/_ssgManifest.js" defer=""></script><style>.data-ant-cssinjs-cache-path{content:"";}</style></head><body><div id="__next"><div style="height:100%;display:flex"></div></div><script id="__NEXT_DATA__" type="application/json">{"props":{"pageProps":{}},"page":"/404","query":{},"buildId":"qvk5eMANVfwYkdURE7fgG","nextExport":true,"autoExport":true,"isFallback":false,"scriptLoader":[]}</script></body></html>

ethyca-fides 2.68.1b0__py2.py3-none-any.whl → 2.68.1b2__py2.py3-none-any.whl

Potentially problematic release.

ethyca-fides 2.68.1b0py2.py3-none-any.whl → 2.68.1b2py2.py3-none-any.whl