huly-cli 0.1.0__py3-none-any.whl

huly_cli/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.1.0"

huly_cli/auth.py

@@ -0,0 +1,174 @@
+"""Authentication logic for Huly CLI."""
+
+from __future__ import annotations
+
+import time
+
+import httpx
+
+from huly_cli.config import AuthCache, HulyConfig, load_auth, save_auth
+from huly_cli.errors import AuthError
+
+
+async def login(config: HulyConfig) -> AuthCache:
+    """Perform full auth flow and cache tokens.
+
+    Steps:
+    1. POST /_accounts → login → account_token
+    2. POST /_accounts with account_token → selectWorkspace → workspace_token + workspace_id
+    3. POST /_accounts with account_token → getUserWorkspaces → workspace_uuid
+    4. GET /_transactor/api/v1/account/{workspace_id} → account_id
+    5. Verify with ping
+    """
+    if not config.email:
+        raise AuthError("Email is required for login. Set HULY_EMAIL env var.")
+    if not config.password:
+        raise AuthError("Password is required for login. Set HULY_PASSWORD env var.")
+    if not config.workspace:
+        raise AuthError("Workspace is required for login. Set HULY_WORKSPACE env var.")
+
+    accounts_url = f"{config.url}/_accounts"
+    transactor_base = f"{config.url}/_transactor"
+
+    async with httpx.AsyncClient(timeout=30.0) as http:
+        # Step 1: Login
+        resp = await http.post(
+            accounts_url,
+            json={"id": "1", "method": "login", "params": [config.email, config.password]},
+        )
+        resp.raise_for_status()
+        body = resp.json()
+        if "error" in body:
+            raise AuthError(f"Login failed: {body['error']}")
+        account_token: str = body["result"]["token"]
+
+        # Step 2: Select workspace
+        resp = await http.post(
+            accounts_url,
+            headers={"Authorization": f"Bearer {account_token}"},
+            json={
+                "id": "2",
+                "method": "selectWorkspace",
+                "params": [config.workspace, "external"],
+            },
+        )
+        resp.raise_for_status()
+        body = resp.json()
+        if "error" in body:
+            raise AuthError(f"Select workspace failed: {body['error']}")
+        ws_result = body["result"]
+        workspace_token: str = ws_result["token"]
+        workspace_id: str = ws_result["workspaceId"]
+
+        # Step 3: Get workspace UUID via getUserWorkspaces
+        resp = await http.post(
+            accounts_url,
+            headers={"Authorization": f"Bearer {account_token}"},
+            json={"id": "3", "method": "getUserWorkspaces", "params": []},
+        )
+        resp.raise_for_status()
+        body = resp.json()
+        if "error" in body:
+            raise AuthError(f"getUserWorkspaces failed: {body['error']}")
+        workspace_uuid = ""
+        for ws in body.get("result", []):
+            if ws.get("workspaceUrl") == config.workspace:
+                workspace_uuid = ws.get("uuid", "")
+                break
+        if not workspace_uuid:
+            raise AuthError(
+                f"Could not find UUID for workspace '{config.workspace}' in getUserWorkspaces response."
+            )
+
+        # Step 4: Get account ID
+        resp = await http.get(
+            f"{transactor_base}/api/v1/account/{workspace_id}",
+            headers={"Authorization": f"Bearer {workspace_token}"},
+        )
+        resp.raise_for_status()
+        account_data = resp.json()
+        # account endpoint returns the account object; _id is the account ID
+        account_id: str = account_data.get("_id", account_data.get("id", ""))
+
+        # Step 5: Ping to verify
+        ping_resp = await http.get(
+            f"{transactor_base}/api/v1/ping/{workspace_id}",
+            headers={"Authorization": f"Bearer {workspace_token}"},
+        )
+        ping_resp.raise_for_status()
+
+    auth = AuthCache(
+        account_token=account_token,
+        workspace_token=workspace_token,
+        workspace_id=workspace_id,
+        workspace_uuid=workspace_uuid,
+        email=config.email,
+        workspace_slug=config.workspace,
+        account_id=account_id,
+        cached_at=time.time(),
+    )
+    save_auth(auth)
+    return auth
+
+
+async def _ping(config: HulyConfig, auth: AuthCache) -> bool:
+    """Ping the transactor to verify the cached token is still valid."""
+    transactor_base = f"{config.url}/_transactor"
+    try:
+        async with httpx.AsyncClient(timeout=10.0) as http:
+            resp = await http.get(
+                f"{transactor_base}/api/v1/ping/{auth.workspace_id}",
+                headers={"Authorization": f"Bearer {auth.workspace_token}"},
+            )
+            return resp.status_code == 200
+    except Exception:
+        return False
+
+
+async def ensure_auth(config: HulyConfig) -> AuthCache:
+    """Return valid auth — use cache if fresh, otherwise re-login."""
+    cached = load_auth()
+    if cached is not None:
+        if await _ping(config, cached):
+            return cached
+        # Token stale — re-login if we have credentials
+        if not config.email or not config.password:
+            raise AuthError(
+                "Cached token is invalid and no credentials available to re-authenticate. "
+                "Run 'huly auth login'."
+            )
+    elif not config.email or not config.password:
+        raise AuthError("Not authenticated. Run 'huly auth login'.")
+
+    return await login(config)
+
+
+async def check_auth_status(config: HulyConfig) -> dict:
+    """Return a dict describing current auth status."""
+    import time as time_mod
+
+    cached = load_auth()
+    if cached is None:
+        return {"authenticated": False, "email": None, "workspace": None, "token_age": None}
+
+    is_valid = await _ping(config, cached)
+    age_seconds = time_mod.time() - cached.cached_at
+    return {
+        "authenticated": is_valid,
+        "email": cached.email,
+        "workspace": cached.workspace_slug,
+        "workspace_id": cached.workspace_id,
+        "workspace_uuid": cached.workspace_uuid,
+        "token_age_seconds": int(age_seconds),
+        "token_age_human": _humanize_age(age_seconds),
+    }
+
+
+def _humanize_age(seconds: float) -> str:
+    if seconds < 60:
+        return f"{int(seconds)}s"
+    if seconds < 3600:
+        return f"{int(seconds // 60)}m"
+    if seconds < 86400:
+        return f"{int(seconds // 3600)}h"
+    return f"{int(seconds // 86400)}d"

huly_cli/client.py

@@ -0,0 +1,319 @@
+"""HTTP client for Huly Transactor + Collaborator APIs."""
+
+from __future__ import annotations
+
+import json as json_mod
+import time
+import urllib.parse
+from typing import Any
+
+import httpx
+
+from huly_cli.config import AuthCache, HulyConfig
+from huly_cli.errors import AuthError, RateLimitError, ServerError
+from huly_cli.output import print_warning
+
+
+class HulyClient:
+    def __init__(self, config: HulyConfig, auth: AuthCache) -> None:
+        self._config = config
+        self._auth = auth
+        self._transactor_base = f"{config.url}/_transactor"
+        self._http = httpx.AsyncClient(
+            base_url=self._transactor_base,
+            headers={"Authorization": f"Bearer {auth.workspace_token}"},
+            timeout=30.0,
+        )
+
+    async def find_all(
+        self,
+        class_id: str,
+        query: dict[str, Any] | None = None,
+        options: dict[str, Any] | None = None,
+    ) -> list[dict[str, Any]]:
+        """Query documents via POST /api/v1/find-all/{workspace_id}."""
+        query = query or {}
+        body = {
+            "_class": class_id,
+            "query": query,
+            "options": options or {},
+        }
+        resp = await self._http.post(
+            f"/api/v1/find-all/{self._auth.workspace_id}",
+            json=body,
+        )
+        data = self._handle_response(resp)
+        return self._normalize_find_all_result(class_id, query, data)
+
+    async def tx(self, transaction: dict[str, Any]) -> dict[str, Any]:
+        """Execute a transaction via POST /api/v1/tx/{workspace_id}."""
+        transaction = dict(transaction)
+        transaction.setdefault("modifiedBy", self._auth.account_id)
+        transaction.setdefault("modifiedOn", int(time.time() * 1000))
+        resp = await self._http.post(
+            f"/api/v1/tx/{self._auth.workspace_id}",
+            json=transaction,
+        )
+        return self._handle_response(resp)
+
+    async def ping(self) -> bool:
+        """GET /api/v1/ping/{workspace_id} — returns True if server responds OK."""
+        try:
+            resp = await self._http.get(f"/api/v1/ping/{self._auth.workspace_id}")
+            return resp.status_code == 200
+        except Exception:
+            return False
+
+    async def get_account(self) -> dict[str, Any]:
+        """GET /api/v1/account/{workspace_id} — current user account info."""
+        resp = await self._http.get(f"/api/v1/account/{self._auth.workspace_id}")
+        return self._handle_response(resp)
+
+    # ── Collaborator RPC ──────────────────────────────────────────────────────
+
+    async def get_content(
+        self, class_id: str, object_id: str, field: str, blob_ref: str
+    ) -> str | None:
+        """Fetch entity content ProseMirror JSON via Collaborator RPC.
+
+        Works for any entity class and field, e.g.:
+          - class_id="tracker:class:Issue", field="description"
+          - class_id="document:class:Document", field="content"
+        """
+        doc_id = self._build_doc_id(class_id, object_id, field)
+        url = f"{self._config.url}/_collaborator/rpc/{doc_id}"
+        try:
+            async with httpx.AsyncClient(timeout=15.0) as http:
+                resp = await http.post(
+                    url,
+                    headers={
+                        "Authorization": f"Bearer {self._auth.workspace_token}",
+                        "Content-Type": "application/json",
+                    },
+                    json={"method": "getContent", "payload": {"source": blob_ref}},
+                )
+                if resp.status_code != 200:
+                    print_warning(f"getContent returned HTTP {resp.status_code}: {resp.text[:200]}")
+                    return None
+                data = resp.json()
+                content = data.get("content", {}).get(field)
+                if content is None:
+                    return None
+                if isinstance(content, (dict, list)):
+                    return json_mod.dumps(content)
+                return str(content)
+        except Exception as e:
+            print_warning(f"getContent error: {e}")
+            return None
+
+    async def create_content(
+        self,
+        class_id: str,
+        object_id: str,
+        field: str,
+        markup_json: str,
+        *,
+        warn_on_error: bool = True,
+    ) -> str | None:
+        """Create entity content via Collaborator RPC and return its blob ref."""
+        doc_id = self._build_doc_id(class_id, object_id, field)
+        url = f"{self._config.url}/_collaborator/rpc/{doc_id}"
+        try:
+            async with httpx.AsyncClient(timeout=15.0) as http:
+                resp = await http.post(
+                    url,
+                    headers={
+                        "Authorization": f"Bearer {self._auth.workspace_token}",
+                        "Content-Type": "application/json",
+                    },
+                    json={
+                        "method": "createContent",
+                        "payload": {
+                            "content": {field: markup_json},
+                        },
+                    },
+                )
+                if resp.status_code != 200:
+                    if warn_on_error:
+                        print_warning(
+                            f"createContent failed (HTTP {resp.status_code}): {resp.text[:200]}"
+                        )
+                    return None
+                data = resp.json()
+                blob_ref = data.get("content", {}).get(field)
+                if blob_ref is None:
+                    return None
+                return str(blob_ref)
+        except Exception as e:
+            if warn_on_error:
+                print_warning(f"createContent error: {e}")
+            return None
+
+    async def set_content(
+        self,
+        class_id: str,
+        object_id: str,
+        field: str,
+        blob_ref: str,
+        markup_json: str,
+        *,
+        warn_on_error: bool = True,
+    ) -> bool:
+        """Update entity content via Collaborator RPC.
+
+        Works for any entity class and field.
+        """
+        doc_id = self._build_doc_id(class_id, object_id, field)
+        url = f"{self._config.url}/_collaborator/rpc/{doc_id}"
+        try:
+            async with httpx.AsyncClient(timeout=15.0) as http:
+                resp = await http.post(
+                    url,
+                    headers={
+                        "Authorization": f"Bearer {self._auth.workspace_token}",
+                        "Content-Type": "application/json",
+                    },
+                    json={
+                        "method": "updateContent",
+                        "payload": {
+                            "source": blob_ref,
+                            "content": {field: markup_json},
+                        },
+                    },
+                )
+                if resp.status_code != 200:
+                    if warn_on_error:
+                        print_warning(
+                            f"updateContent failed (HTTP {resp.status_code}): {resp.text[:200]}"
+                        )
+                    return False
+                return True
+        except Exception as e:
+            if warn_on_error:
+                print_warning(f"updateContent error: {e}")
+            return False
+
+    async def get_description(self, issue_id: str, blob_ref: str) -> str | None:
+        """Fetch issue description ProseMirror JSON via Collaborator RPC.
+
+        Thin wrapper around get_content for tracker:class:Issue / description.
+        """
+        return await self.get_content("tracker:class:Issue", issue_id, "description", blob_ref)
+
+    async def create_description(
+        self,
+        issue_id: str,
+        markup_json: str,
+        *,
+        warn_on_error: bool = True,
+    ) -> str | None:
+        """Create issue description content and return the blob ref."""
+        return await self.create_content(
+            "tracker:class:Issue",
+            issue_id,
+            "description",
+            markup_json,
+            warn_on_error=warn_on_error,
+        )
+
+    async def set_description(
+        self,
+        issue_id: str,
+        blob_ref: str,
+        markup_json: str,
+        *,
+        warn_on_error: bool = True,
+    ) -> bool:
+        """Update issue description via Collaborator RPC.
+
+        Thin wrapper around set_content for tracker:class:Issue / description.
+        """
+        return await self.set_content(
+            "tracker:class:Issue",
+            issue_id,
+            "description",
+            blob_ref,
+            markup_json,
+            warn_on_error=warn_on_error,
+        )
+
+    def _build_doc_id(self, class_id: str, object_id: str, field: str) -> str:
+        """URL-encode the collaborator document ID for any entity class and field."""
+        raw = f"{self._auth.workspace_uuid}|{class_id}|{object_id}|{field}"
+        return urllib.parse.quote(raw, safe="")
+
+    # ── Response handling ─────────────────────────────────────────────────────
+
+    def _handle_response(self, resp: httpx.Response) -> dict[str, Any]:
+        if resp.status_code in (401, 403):
+            raise AuthError(
+                f"Authentication failed (HTTP {resp.status_code}). Run 'huly auth login'."
+            )
+        if resp.status_code == 429:
+            retry_after = float(
+                resp.headers.get("Retry-After") or resp.headers.get("Retry-After-ms", 0)
+            )
+            if retry_after > 1000:
+                retry_after /= 1000  # convert ms to seconds
+            raise RateLimitError("Rate limit exceeded.", retry_after=retry_after)
+        if resp.status_code >= 500:
+            raise ServerError(f"Server error (HTTP {resp.status_code}): {resp.text[:200]}")
+        resp.raise_for_status()
+        try:
+            return resp.json()
+        except Exception:
+            return {}
+
+    def _normalize_find_all_result(
+        self,
+        class_id: str,
+        query: dict[str, Any],
+        data: dict[str, Any] | list[dict[str, Any]],
+    ) -> list[dict[str, Any]]:
+        """Mirror the upstream REST client normalization for `find-all`.
+
+        The platform client restores scalar query values that may be omitted in
+        filtered results and resolves lookup references using the response's
+        `lookupMap`.
+        """
+        if isinstance(data, dict):
+            lookup_map = data.pop("lookupMap", None)
+            rows = data.get("value", [])
+        else:
+            lookup_map = None
+            rows = data
+
+        if not isinstance(rows, list):
+            return []
+
+        if isinstance(lookup_map, dict):
+            for row in rows:
+                if not isinstance(row, dict):
+                    continue
+                lookup = row.get("$lookup")
+                if not isinstance(lookup, dict):
+                    continue
+                for key, value in list(lookup.items()):
+                    if isinstance(value, list):
+                        lookup[key] = [lookup_map.get(item) for item in value]
+                    else:
+                        lookup[key] = lookup_map.get(value)
+
+        for row in rows:
+            if not isinstance(row, dict):
+                continue
+            if row.get("_class") is None:
+                row["_class"] = class_id
+            for key, value in query.items():
+                if isinstance(value, (str, int, bool)) and row.get(key) is None:
+                    row[key] = value
+
+        return rows
+
+    # ── Context manager ───────────────────────────────────────────────────────
+
+    async def __aenter__(self) -> HulyClient:
+        return self
+
+    async def __aexit__(self, *args: Any) -> None:
+        await self._http.aclose()

huly_cli/commands/auth_cmd.py

@@ -0,0 +1,94 @@
+"""Auth commands: login, status."""
+
+from __future__ import annotations
+
+import asyncio
+import sys
+from typing import Annotated
+
+import typer
+
+from huly_cli.auth import check_auth_status, login
+from huly_cli.config import load_config, save_config
+from huly_cli.errors import AuthError
+from huly_cli.output import print_error, print_item, print_success
+
+app = typer.Typer(help="Authentication commands.", no_args_is_help=True)
+
+
+@app.command("login")
+def auth_login(
+    ctx: typer.Context,
+    email: Annotated[
+        str | None,
+        typer.Option("--email", "-e", help="Huly account email.", envvar="HULY_EMAIL"),
+    ] = None,
+    password: Annotated[
+        str | None,
+        typer.Option(
+            "--password",
+            "-p",
+            help="Huly account password.",
+            envvar="HULY_PASSWORD",
+        ),
+    ] = None,
+) -> None:
+    """Log in to Huly and cache authentication tokens."""
+    overrides: dict = ctx.obj or {}
+    config = load_config(
+        url_override=overrides.get("url"),
+        workspace_override=overrides.get("workspace"),
+    )
+
+    # Resolve email
+    resolved_email = email or config.email
+    if not resolved_email:
+        if sys.stdin.isatty():
+            resolved_email = typer.prompt("Email")
+        else:
+            raise AuthError("Email required. Set --email or HULY_EMAIL env var.")
+
+    # Resolve password
+    resolved_password = password or config.password
+    if not resolved_password:
+        if sys.stdin.isatty():
+            resolved_password = typer.prompt("Password", hide_input=True)
+        else:
+            raise AuthError("Password required. Set --password or HULY_PASSWORD env var.")
+
+    # Resolve workspace
+    if not config.workspace:
+        if sys.stdin.isatty():
+            config.workspace = typer.prompt("Workspace slug", default="efs")
+        else:
+            raise AuthError("Workspace required. Set HULY_WORKSPACE env var.")
+
+    config.email = resolved_email
+    config.password = resolved_password
+
+    try:
+        auth = asyncio.run(login(config))
+    except AuthError as e:
+        print_error(e.message)
+        raise typer.Exit(2) from e
+    except Exception as e:
+        print_error(f"Login failed: {e}")
+        raise typer.Exit(1) from e
+
+    save_config(config)
+    print_success(
+        f"Logged in as [bold]{auth.email}[/bold] to workspace [bold]{auth.workspace_slug}[/bold]"
+    )
+
+
+@app.command("status")
+def auth_status(ctx: typer.Context) -> None:
+    """Show current authentication status."""
+    overrides: dict = ctx.obj or {}
+    config = load_config(
+        url_override=overrides.get("url"),
+        workspace_override=overrides.get("workspace"),
+    )
+
+    result = asyncio.run(check_auth_status(config))
+    print_item(result, title="Auth Status")