PyPI - infrahub-server - Versions diffs - 1.1.6__py3-none-any.whl → 1.2.0rc0__py3-none-any.whl - Mend

infrahub-server 1.1.6py3-none-any.whl → 1.2.0rc0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (346) hide show

infrahub/api/artifact.py +16 -4
infrahub/api/dependencies.py +8 -0
infrahub/api/oauth2.py +0 -1
infrahub/api/oidc.py +0 -1
infrahub/api/query.py +18 -7
infrahub/api/schema.py +32 -6
infrahub/api/transformation.py +12 -5
infrahub/{message_bus/messages/check_artifact_create.py → artifacts/models.py} +2 -4
infrahub/{message_bus/operations/check/artifact.py → artifacts/tasks.py} +26 -25
infrahub/cli/__init__.py +0 -2
infrahub/cli/db.py +6 -7
infrahub/cli/events.py +8 -3
infrahub/cli/git_agent.py +9 -7
infrahub/cli/tasks.py +4 -6
infrahub/computed_attribute/tasks.py +63 -17
infrahub/computed_attribute/triggers.py +90 -0
infrahub/config.py +1 -1
infrahub/context.py +39 -0
infrahub/core/account.py +5 -8
infrahub/core/attribute.py +53 -21
infrahub/core/branch/models.py +4 -4
infrahub/core/branch/tasks.py +89 -130
infrahub/core/changelog/__init__.py +0 -0
infrahub/core/changelog/diff.py +232 -0
infrahub/core/changelog/models.py +488 -0
infrahub/core/constants/__init__.py +19 -2
infrahub/core/constants/infrahubkind.py +1 -0
infrahub/core/diff/combiner.py +12 -8
infrahub/core/diff/coordinator.py +49 -70
infrahub/core/diff/data_check_synchronizer.py +86 -7
infrahub/core/diff/enricher/aggregated.py +3 -3
infrahub/core/diff/enricher/cardinality_one.py +2 -7
infrahub/core/diff/enricher/hierarchy.py +5 -3
infrahub/core/diff/enricher/labels.py +14 -4
infrahub/core/diff/enricher/path_identifier.py +3 -9
infrahub/core/diff/enricher/summary_counts.py +3 -1
infrahub/core/diff/merger/merger.py +8 -4
infrahub/core/diff/model/path.py +47 -29
infrahub/core/diff/query/all_conflicts.py +6 -3
infrahub/core/diff/query/artifact.py +1 -1
infrahub/core/diff/query/delete_query.py +1 -1
infrahub/core/diff/query/diff_get.py +3 -2
infrahub/core/diff/query/diff_summary.py +1 -1
infrahub/core/diff/query/field_specifiers.py +3 -1
infrahub/core/diff/query/field_summary.py +3 -2
infrahub/core/diff/query/filters.py +12 -1
infrahub/core/diff/query/get_conflict_query.py +1 -1
infrahub/core/diff/query/has_conflicts_query.py +6 -3
infrahub/core/diff/query/merge.py +3 -3
infrahub/core/diff/query/{drop_tracking_id.py → merge_tracking_id.py} +4 -4
infrahub/core/diff/query/roots_metadata.py +9 -2
infrahub/core/diff/query/save.py +151 -66
infrahub/core/diff/query/summary_counts_enricher.py +220 -0
infrahub/core/diff/query/time_range_query.py +3 -2
infrahub/core/diff/query/update_conflict_query.py +1 -1
infrahub/core/diff/query_parser.py +49 -24
infrahub/core/diff/repository/deserializer.py +24 -25
infrahub/core/diff/repository/repository.py +76 -20
infrahub/core/diff/tasks.py +9 -8
infrahub/core/enums.py +1 -1
infrahub/core/integrity/object_conflict/conflict_recorder.py +1 -1
infrahub/core/ipam/reconciler.py +1 -1
infrahub/core/ipam/tasks.py +2 -3
infrahub/core/manager.py +18 -13
infrahub/core/merge.py +5 -2
infrahub/core/migrations/graph/m001_add_version_to_graph.py +1 -1
infrahub/core/migrations/graph/m002_attribute_is_default.py +2 -2
infrahub/core/migrations/graph/m003_relationship_parent_optional.py +2 -2
infrahub/core/migrations/graph/m004_add_attr_documentation.py +1 -1
infrahub/core/migrations/graph/m005_add_rel_read_only.py +1 -1
infrahub/core/migrations/graph/m006_add_rel_on_delete.py +1 -1
infrahub/core/migrations/graph/m007_add_rel_allow_override.py +1 -1
infrahub/core/migrations/graph/m008_add_human_friendly_id.py +1 -1
infrahub/core/migrations/graph/m009_add_generate_profile_attr.py +1 -1
infrahub/core/migrations/graph/m010_add_generate_profile_attr_generic.py +1 -1
infrahub/core/migrations/graph/m011_remove_profile_relationship_schema.py +2 -2
infrahub/core/migrations/graph/m012_convert_account_generic.py +12 -23
infrahub/core/migrations/graph/m013_convert_git_password_credential.py +7 -11
infrahub/core/migrations/graph/m014_remove_index_attr_value.py +2 -2
infrahub/core/migrations/graph/m015_diff_format_update.py +1 -1
infrahub/core/migrations/graph/m016_diff_delete_bug_fix.py +1 -1
infrahub/core/migrations/graph/m017_add_core_profile.py +1 -1
infrahub/core/migrations/graph/m018_uniqueness_nulls.py +2 -2
infrahub/core/migrations/query/attribute_add.py +1 -1
infrahub/core/migrations/query/attribute_rename.py +1 -1
infrahub/core/migrations/query/delete_element_in_schema.py +1 -1
infrahub/core/migrations/query/node_duplicate.py +1 -1
infrahub/core/migrations/query/relationship_duplicate.py +1 -1
infrahub/core/migrations/query/schema_attribute_update.py +1 -1
infrahub/core/migrations/schema/node_attribute_remove.py +1 -1
infrahub/core/migrations/schema/node_remove.py +1 -1
infrahub/core/migrations/schema/tasks.py +5 -5
infrahub/core/migrations/shared.py +4 -4
infrahub/core/models.py +7 -8
infrahub/core/node/__init__.py +161 -40
infrahub/core/node/base.py +1 -1
infrahub/core/node/constraints/grouped_uniqueness.py +9 -2
infrahub/core/node/delete_validator.py +4 -4
infrahub/core/node/ipam.py +13 -8
infrahub/core/node/permissions.py +4 -0
infrahub/core/node/resource_manager/ip_prefix_pool.py +8 -5
infrahub/core/node/standard.py +3 -5
infrahub/core/property.py +1 -1
infrahub/core/protocols.py +4 -0
infrahub/core/protocols_base.py +4 -2
infrahub/core/query/__init__.py +2 -5
infrahub/core/query/attribute.py +9 -9
infrahub/core/query/branch.py +5 -5
infrahub/core/query/delete.py +1 -1
infrahub/core/query/diff.py +45 -7
infrahub/core/query/ipam.py +4 -4
infrahub/core/query/node.py +19 -14
infrahub/core/query/relationship.py +10 -11
infrahub/core/query/resource_manager.py +13 -11
infrahub/core/query/standard_node.py +6 -6
infrahub/core/query/task.py +3 -3
infrahub/core/query/task_log.py +1 -1
infrahub/core/query/utils.py +5 -5
infrahub/core/registry.py +0 -2
infrahub/core/relationship/constraints/count.py +1 -1
infrahub/core/relationship/constraints/peer_kind.py +1 -1
infrahub/core/relationship/model.py +66 -26
infrahub/core/schema/__init__.py +6 -4
infrahub/core/schema/basenode_schema.py +1 -3
infrahub/core/schema/definitions/core.py +14 -2
infrahub/core/schema/definitions/internal.py +16 -0
infrahub/core/schema/generated/genericnode_schema.py +5 -0
infrahub/core/schema/generated/node_schema.py +5 -0
infrahub/core/schema/generic_schema.py +5 -1
infrahub/core/schema/manager.py +45 -42
infrahub/core/schema/node_schema.py +4 -0
infrahub/core/schema/profile_schema.py +4 -0
infrahub/core/schema/relationship_schema.py +2 -2
infrahub/core/schema/schema_branch.py +248 -14
infrahub/core/schema/template_schema.py +36 -0
infrahub/core/task/user_task.py +7 -5
infrahub/core/timestamp.py +1 -1
infrahub/core/utils.py +3 -2
infrahub/core/validators/attribute/choices.py +1 -1
infrahub/core/validators/attribute/enum.py +1 -1
infrahub/core/validators/attribute/kind.py +1 -1
infrahub/core/validators/attribute/length.py +1 -1
infrahub/core/validators/attribute/optional.py +1 -1
infrahub/core/validators/attribute/regex.py +1 -1
infrahub/core/validators/attribute/unique.py +1 -1
infrahub/core/validators/checks_runner.py +37 -0
infrahub/core/validators/node/generate_profile.py +1 -1
infrahub/core/validators/node/hierarchy.py +1 -1
infrahub/core/validators/query.py +1 -1
infrahub/core/validators/relationship/count.py +1 -1
infrahub/core/validators/relationship/optional.py +1 -1
infrahub/core/validators/relationship/peer.py +1 -1
infrahub/core/validators/tasks.py +8 -6
infrahub/core/validators/uniqueness/query.py +20 -17
infrahub/database/__init__.py +15 -2
infrahub/database/memgraph.py +1 -1
infrahub/dependencies/builder/constraint/grouped/node_runner.py +0 -2
infrahub/dependencies/builder/diff/combiner.py +1 -1
infrahub/dependencies/builder/diff/conflicts_enricher.py +1 -1
infrahub/dependencies/builder/diff/coordinator.py +0 -2
infrahub/dependencies/builder/diff/deserializer.py +1 -1
infrahub/dependencies/builder/diff/enricher/summary_counts.py +1 -1
infrahub/events/branch_action.py +47 -21
infrahub/events/group_action.py +73 -0
infrahub/events/models.py +159 -51
infrahub/events/node_action.py +74 -8
infrahub/events/repository_action.py +8 -8
infrahub/events/schema_action.py +21 -8
infrahub/generators/tasks.py +12 -13
infrahub/git/base.py +3 -5
infrahub/git/constants.py +0 -1
infrahub/git/integrator.py +36 -35
infrahub/git/repository.py +7 -8
infrahub/git/tasks.py +43 -107
infrahub/git_credential/helper.py +2 -3
infrahub/graphql/analyzer.py +572 -11
infrahub/graphql/app.py +34 -26
infrahub/graphql/auth/query_permission_checker/anonymous_checker.py +5 -5
infrahub/graphql/auth/query_permission_checker/default_branch_checker.py +4 -4
infrahub/graphql/auth/query_permission_checker/merge_operation_checker.py +4 -4
infrahub/graphql/auth/query_permission_checker/object_permission_checker.py +28 -35
infrahub/graphql/auth/query_permission_checker/super_admin_checker.py +5 -5
infrahub/graphql/enums.py +1 -1
infrahub/graphql/initialization.py +5 -1
infrahub/graphql/loaders/node.py +2 -2
infrahub/graphql/manager.py +59 -54
infrahub/graphql/mutations/account.py +20 -13
infrahub/graphql/mutations/artifact_definition.py +16 -12
infrahub/graphql/mutations/branch.py +61 -40
infrahub/graphql/mutations/computed_attribute.py +19 -13
infrahub/graphql/mutations/diff.py +37 -9
infrahub/graphql/mutations/diff_conflict.py +9 -8
infrahub/graphql/mutations/graphql_query.py +19 -11
infrahub/graphql/mutations/ipam.py +21 -19
infrahub/graphql/mutations/main.py +197 -44
infrahub/graphql/mutations/menu.py +8 -8
infrahub/graphql/mutations/proposed_change.py +36 -28
infrahub/graphql/mutations/relationship.py +302 -105
infrahub/graphql/mutations/repository.py +41 -35
infrahub/graphql/mutations/resource_manager.py +26 -26
infrahub/graphql/mutations/schema.py +51 -33
infrahub/graphql/mutations/tasks.py +16 -10
infrahub/graphql/parser.py +1 -1
infrahub/graphql/permissions.py +6 -4
infrahub/graphql/queries/account.py +22 -18
infrahub/graphql/queries/branch.py +6 -4
infrahub/graphql/queries/diff/tree.py +48 -42
infrahub/graphql/queries/event.py +112 -0
infrahub/graphql/queries/internal.py +3 -3
infrahub/graphql/queries/ipam.py +23 -18
infrahub/graphql/queries/relationship.py +11 -10
infrahub/graphql/queries/resource_manager.py +43 -27
infrahub/graphql/queries/search.py +9 -8
infrahub/graphql/queries/status.py +12 -9
infrahub/graphql/queries/task.py +11 -9
infrahub/graphql/resolvers/resolver.py +69 -43
infrahub/graphql/resolvers/single_relationship.py +16 -10
infrahub/graphql/schema.py +2 -0
infrahub/graphql/subscription/__init__.py +1 -1
infrahub/graphql/subscription/events.py +1 -1
infrahub/graphql/subscription/graphql_query.py +8 -8
infrahub/graphql/types/branch.py +2 -2
infrahub/graphql/types/common.py +6 -1
infrahub/graphql/types/enums.py +2 -0
infrahub/graphql/types/event.py +100 -0
infrahub/graphql/types/interface.py +2 -2
infrahub/graphql/types/node.py +3 -3
infrahub/graphql/types/permission.py +2 -2
infrahub/graphql/types/relationship.py +3 -3
infrahub/graphql/types/standard_node.py +9 -11
infrahub/graphql/utils.py +28 -182
infrahub/groups/tasks.py +2 -3
infrahub/lock.py +1 -1
infrahub/menu/constants.py +1 -0
infrahub/menu/generator.py +14 -3
infrahub/menu/menu.py +116 -127
infrahub/menu/models.py +4 -4
infrahub/message_bus/messages/__init__.py +0 -4
infrahub/message_bus/messages/event_branch_merge.py +3 -0
infrahub/message_bus/messages/request_proposedchange_pipeline.py +2 -0
infrahub/message_bus/operations/__init__.py +3 -5
infrahub/message_bus/operations/check/__init__.py +2 -2
infrahub/message_bus/operations/check/generator.py +1 -3
infrahub/message_bus/operations/check/repository.py +1 -1
infrahub/message_bus/operations/event/branch.py +7 -3
infrahub/message_bus/operations/event/schema.py +1 -1
infrahub/message_bus/operations/finalize/validator.py +1 -1
infrahub/message_bus/operations/git/file.py +2 -2
infrahub/message_bus/operations/git/repository.py +1 -1
infrahub/message_bus/operations/requests/__init__.py +0 -2
infrahub/message_bus/operations/requests/generator_definition.py +1 -1
infrahub/message_bus/operations/requests/proposed_change.py +26 -11
infrahub/message_bus/operations/requests/repository.py +2 -2
infrahub/message_bus/operations/send/echo.py +1 -1
infrahub/message_bus/types.py +1 -1
infrahub/permissions/__init__.py +2 -1
infrahub/permissions/types.py +26 -0
infrahub/pools/prefix.py +29 -165
infrahub/prefect_server/__init__.py +0 -0
infrahub/prefect_server/app.py +18 -0
infrahub/prefect_server/database.py +20 -0
infrahub/prefect_server/events.py +28 -0
infrahub/prefect_server/models.py +46 -0
infrahub/proposed_change/models.py +15 -1
infrahub/proposed_change/tasks.py +173 -35
infrahub/pytest_plugin.py +4 -4
infrahub/server.py +12 -11
infrahub/services/__init__.py +147 -62
infrahub/services/adapters/cache/__init__.py +7 -5
infrahub/services/adapters/cache/nats.py +40 -22
infrahub/services/adapters/cache/redis.py +0 -4
infrahub/services/adapters/event/__init__.py +10 -18
infrahub/services/adapters/http/__init__.py +0 -5
infrahub/services/adapters/http/httpx.py +22 -15
infrahub/services/adapters/message_bus/__init__.py +23 -6
infrahub/services/adapters/message_bus/local.py +8 -6
infrahub/services/adapters/message_bus/nats.py +12 -6
infrahub/services/adapters/message_bus/rabbitmq.py +22 -9
infrahub/services/adapters/workflow/__init__.py +11 -8
infrahub/services/adapters/workflow/local.py +28 -7
infrahub/services/adapters/workflow/worker.py +23 -7
infrahub/services/component.py +38 -35
infrahub/services/scheduler.py +32 -29
infrahub/storage.py +2 -4
infrahub/task_manager/constants.py +1 -1
infrahub/task_manager/event.py +182 -0
infrahub/task_manager/models.py +125 -1
infrahub/task_manager/task.py +1 -1
infrahub/tasks/artifact.py +14 -16
infrahub/tasks/registry.py +1 -1
infrahub/tasks/telemetry.py +13 -14
infrahub/transformations/tasks.py +3 -5
infrahub/trigger/__init__.py +0 -0
infrahub/trigger/catalogue.py +15 -0
infrahub/trigger/constants.py +9 -0
infrahub/trigger/models.py +69 -0
infrahub/trigger/tasks.py +85 -0
infrahub/types.py +1 -1
infrahub/utils.py +1 -1
infrahub/webhook/constants.py +0 -2
infrahub/webhook/models.py +8 -2
infrahub/webhook/tasks.py +20 -73
infrahub/webhook/triggers.py +20 -0
infrahub/workers/infrahub_async.py +36 -25
infrahub/workers/utils.py +63 -0
infrahub/workflows/catalogue.py +13 -37
infrahub/workflows/initialization.py +6 -8
infrahub/workflows/models.py +3 -5
infrahub/workflows/utils.py +1 -1
infrahub_sdk/ctl/check.py +3 -3
infrahub_sdk/ctl/cli_commands.py +11 -10
infrahub_sdk/ctl/exceptions.py +0 -6
infrahub_sdk/ctl/exporter.py +1 -1
infrahub_sdk/ctl/generator.py +5 -5
infrahub_sdk/ctl/importer.py +3 -2
infrahub_sdk/ctl/menu.py +1 -1
infrahub_sdk/ctl/object.py +1 -1
infrahub_sdk/ctl/repository.py +23 -15
infrahub_sdk/ctl/schema.py +2 -2
infrahub_sdk/ctl/utils.py +4 -3
infrahub_sdk/ctl/validate.py +2 -1
infrahub_sdk/exceptions.py +6 -0
infrahub_sdk/generator.py +3 -0
infrahub_sdk/node.py +2 -2
infrahub_sdk/schema/__init__.py +14 -2
infrahub_sdk/schema/main.py +7 -0
infrahub_sdk/utils.py +11 -1
infrahub_sdk/yaml.py +2 -3
{infrahub_server-1.1.6.dist-info → infrahub_server-1.2.0rc0.dist-info}/METADATA +46 -12
{infrahub_server-1.1.6.dist-info → infrahub_server-1.2.0rc0.dist-info}/RECORD +338 -321
infrahub_testcontainers/container.py +14 -6
infrahub_testcontainers/docker-compose.test.yml +24 -5
infrahub_testcontainers/haproxy.cfg +43 -0
infrahub_testcontainers/helpers.py +85 -1
infrahub/core/branch/constants.py +0 -2
infrahub/graphql/query.py +0 -52
infrahub/message_bus/messages/request_artifactdefinition_check.py +0 -17
infrahub/message_bus/operations/requests/artifact_definition.py +0 -148
infrahub/schema/constants.py +0 -1
infrahub/schema/tasks.py +0 -76
infrahub/services/adapters/database/__init__.py +0 -9
infrahub_sdk/ctl/_file.py +0 -13
/infrahub/{schema → artifacts}/__init__.py +0 -0
{infrahub_server-1.1.6.dist-info → infrahub_server-1.2.0rc0.dist-info}/LICENSE.txt +0 -0
{infrahub_server-1.1.6.dist-info → infrahub_server-1.2.0rc0.dist-info}/WHEEL +0 -0
{infrahub_server-1.1.6.dist-info → infrahub_server-1.2.0rc0.dist-info}/entry_points.txt +0 -0

infrahub/graphql/app.py CHANGED Viewed

@@ -76,8 +76,6 @@ if TYPE_CHECKING:
     from .auth.query_permission_checker.checker import GraphQLQueryPermissionChecker
-# pylint: disable=unused-argument,raise-missing-from
 GQL_CONNECTION_ACK = "connection_ack"
 GQL_CONNECTION_ERROR = "connection_error"
@@ -208,13 +206,32 @@ class InfrahubGraphQLApp:
         graphql_params = await prepare_graphql_params(
             db=db, branch=branch, at=at, account_session=account_session, request=request
         )
+        schema_branch = db.schema.get_schema_branch(name=branch.name)
         analyzed_query = InfrahubGraphQLQueryAnalyzer(
             query=query,
+            schema_branch=schema_branch,
             query_variables=variable_values,
             schema=graphql_params.schema,
             operation_name=operation_name,
             branch=branch,
         )
+        # if the query contains some mutation, it's not currently supported to set AT manually
+        if analyzed_query.contains_mutation:
+            graphql_params.context.at = Timestamp()
+        elif at and branch.schema_changed_at and Timestamp(branch.schema_changed_at) > Timestamp(at):
+            schema_branch = await registry.schema.load_schema_from_db(db=db, branch=branch, at=Timestamp(at))
+            db.add_schema(name=branch.name, schema=schema_branch)
+            analyzed_query = InfrahubGraphQLQueryAnalyzer(
+                query=query,
+                schema_branch=schema_branch,
+                query_variables=variable_values,
+                schema=graphql_params.schema,
+                operation_name=operation_name,
+                branch=branch,
+            )
         await self._evaluate_permissions(
             db=db,
             request=request,
@@ -224,13 +241,6 @@ class InfrahubGraphQLApp:
             branch=branch,
         )
-        # if the query contains some mutation, it's not currently supported to set AT manually
-        if analyzed_query.contains_mutation:
-            graphql_params.context.at = Timestamp()
-        elif at and branch.schema_changed_at and Timestamp(branch.schema_changed_at) > Timestamp(at):
-            schema_branch = await registry.schema.load_schema_from_db(db=db, branch=branch, at=Timestamp(at))
-            db.add_schema(name=branch.name, schema=schema_branch)
         if operation_name == "IntrospectionQuery":
             nbr_object_in_schema = len(graphql_params.schema.type_map)
             self.logger.debug(
@@ -272,17 +282,15 @@ class InfrahubGraphQLApp:
         GRAPHQL_QUERY_HEIGHT_METRICS.labels(**labels).observe(await analyzed_query.calculate_height())
         # GRAPHQL_QUERY_VARS_METRICS.labels(**labels).observe(len(analyzed_query.variables))
         GRAPHQL_TOP_LEVEL_QUERIES_METRICS.labels(**labels).observe(analyzed_query.nbr_queries)
-        GRAPHQL_QUERY_OBJECTS_METRICS.labels(**labels).observe(
-            len(await analyzed_query.get_models_in_use(types=graphql_params.context.types))
-        )
+        GRAPHQL_QUERY_OBJECTS_METRICS.labels(**labels).observe(len(analyzed_query.query_report.impacted_models))
-        valid, errors = analyzed_query.is_valid
-        if not valid:
+        _, errors = analyzed_query.is_valid
+        if errors:
             GRAPHQL_QUERY_ERRORS_METRICS.labels(**labels).observe(len(errors))
         return json_response
-    def _set_labels(self, request: Request, branch: Branch, query: InfrahubGraphQLQueryAnalyzer) -> dict[str, Any]:
+    def _set_labels(self, request: Request, branch: Branch, query: InfrahubGraphQLQueryAnalyzer) -> dict[str, Any]:  # noqa: ARG002
         return {
             "type": "mutation" if query.contains_mutation else "query",
             "branch": branch.name,
@@ -293,7 +301,7 @@ class InfrahubGraphQLApp:
     async def _evaluate_permissions(
         self,
-        request: Request,
+        request: Request,  # noqa: ARG002
         db: InfrahubDatabase,
         query: InfrahubGraphQLQueryAnalyzer,
         query_parameters: GraphqlParams,
@@ -450,7 +458,7 @@ class InfrahubGraphQLApp:
             async for result in asyncgen:
                 payload = {"data": result.data}
                 await websocket.send_json({"type": GQL_DATA, "id": operation_id, "payload": payload})
-        except Exception as error:  # pylint: disable=broad-exception-caught
+        except Exception as error:
             if not isinstance(error, GraphQLError):
                 self.logger.error("An exception occurred in resolvers", exc_info=error)
                 error = GraphQLError(str(error), original_error=error)
@@ -471,8 +479,8 @@ async def _get_operation_from_request(request: Request) -> Union[dict[str, Any],
     if content_type == "application/json":
         try:
             return cast(Union[dict[str, Any], list[Any]], await request.json())
-        except (TypeError, ValueError):
-            raise ValueError("Request body is not a valid JSON")
+        except (TypeError, ValueError) as err:
+            raise ValueError("Request body is not a valid JSON") from err
     elif content_type == "multipart/form-data":
         return await _get_operation_from_multipart(request)
     else:
@@ -482,24 +490,24 @@ async def _get_operation_from_request(request: Request) -> Union[dict[str, Any],
 async def _get_operation_from_multipart(request: Request) -> Union[dict[str, Any], list[Any]]:
     try:
         request_body = await request.form()
-    except Exception:
-        raise ValueError("Request body is not a valid multipart/form-data")
+    except Exception as err:
+        raise ValueError("Request body is not a valid multipart/form-data") from err
     try:
         operations_value = request_body.get("operations")
         operations_data = operations_value if isinstance(operations_value, str) else ""
         operations = ujson.loads(operations_data)
-    except (TypeError, ValueError):
-        raise ValueError("'operations' must be a valid JSON")
-    if not isinstance(operations, (dict, list)):
+    except (TypeError, ValueError) as err:
+        raise ValueError("'operations' must be a valid JSON") from err
+    if not isinstance(operations, dict | list):
         raise ValueError("'operations' field must be an Object or an Array")
     try:
         map_value = request_body.get("map")
         map_data = map_value if isinstance(map_value, str) else ""
         name_path_map = ujson.loads(map_data)
-    except (TypeError, ValueError):
-        raise ValueError("'map' field must be a valid JSON")
+    except (TypeError, ValueError) as err:
+        raise ValueError("'map' field must be a valid JSON") from err
     if not isinstance(name_path_map, dict):
         raise ValueError("'map' field must be an Object")

infrahub/graphql/auth/query_permission_checker/anonymous_checker.py CHANGED Viewed

@@ -14,16 +14,16 @@ class AnonymousGraphQLPermissionChecker(GraphQLQueryPermissionCheckerInterface):
     def __init__(self, anonymous_access_allowed_func: Callable[[], bool]) -> None:
         self.anonymous_access_allowed_func = anonymous_access_allowed_func
-    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:
+    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:  # noqa: ARG002
         return not account_session.authenticated
     async def check(
         self,
-        db: InfrahubDatabase,
-        account_session: AccountSession,
+        db: InfrahubDatabase,  # noqa: ARG002
+        account_session: AccountSession,  # noqa: ARG002
         analyzed_query: InfrahubGraphQLQueryAnalyzer,
-        query_parameters: GraphqlParams,
-        branch: Branch,
+        query_parameters: GraphqlParams,  # noqa: ARG002
+        branch: Branch,  # noqa: ARG002
     ) -> CheckerResolution:
         if not self.anonymous_access_allowed_func() or analyzed_query.contains_mutation:
             raise AuthorizationError("Authentication is required to perform this operation")

infrahub/graphql/auth/query_permission_checker/default_branch_checker.py CHANGED Viewed

@@ -25,16 +25,16 @@ class DefaultBranchPermissionChecker(GraphQLQueryPermissionCheckerInterface):
         "InfrahubAccountTokenDelete",
     ]
-    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:
+    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:  # noqa: ARG002
         return config.SETTINGS.main.allow_anonymous_access or account_session.authenticated
     async def check(
         self,
-        db: InfrahubDatabase,
-        account_session: AccountSession,
+        db: InfrahubDatabase,  # noqa: ARG002
+        account_session: AccountSession,  # noqa: ARG002
         analyzed_query: InfrahubGraphQLQueryAnalyzer,
         query_parameters: GraphqlParams,
-        branch: Branch,
+        branch: Branch,  # noqa: ARG002
     ) -> CheckerResolution:
         operates_on_default_branch = analyzed_query.branch is None or analyzed_query.branch.name in (
             GLOBAL_BRANCH_NAME,

infrahub/graphql/auth/query_permission_checker/merge_operation_checker.py CHANGED Viewed

@@ -17,16 +17,16 @@ class MergeBranchPermissionChecker(GraphQLQueryPermissionCheckerInterface):
         action=GlobalPermissions.MERGE_BRANCH.value, decision=PermissionDecision.ALLOW_ALL.value
     )
-    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:
+    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:  # noqa: ARG002
         return config.SETTINGS.main.allow_anonymous_access or account_session.authenticated
     async def check(
         self,
-        db: InfrahubDatabase,
-        account_session: AccountSession,
+        db: InfrahubDatabase,  # noqa: ARG002
+        account_session: AccountSession,  # noqa: ARG002
         analyzed_query: InfrahubGraphQLQueryAnalyzer,
         query_parameters: GraphqlParams,
-        branch: Branch,
+        branch: Branch,  # noqa: ARG002
     ) -> CheckerResolution:
         if "BranchMerge" in [operation.name for operation in analyzed_query.operations]:
             query_parameters.context.active_permissions.raise_for_permission(permission=self.permission_required)

infrahub/graphql/auth/query_permission_checker/object_permission_checker.py CHANGED Viewed

@@ -18,16 +18,16 @@ from .interface import CheckerResolution, GraphQLQueryPermissionCheckerInterface
 class ObjectPermissionChecker(GraphQLQueryPermissionCheckerInterface):
     """Checker that makes sure a user account can perform some action on some kind of objects."""
-    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:
+    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:  # noqa: ARG002
         return config.SETTINGS.main.allow_anonymous_access or account_session.authenticated
     async def check(
         self,
-        db: InfrahubDatabase,
-        account_session: AccountSession,
+        db: InfrahubDatabase,  # noqa: ARG002
+        account_session: AccountSession,  # noqa: ARG002
         analyzed_query: InfrahubGraphQLQueryAnalyzer,
         query_parameters: GraphqlParams,
-        branch: Branch,
+        branch: Branch,  # noqa: ARG002
     ) -> CheckerResolution:
         required_decision = (
             PermissionDecisionFlag.ALLOW_DEFAULT
@@ -36,34 +36,27 @@ class ObjectPermissionChecker(GraphQLQueryPermissionCheckerInterface):
             else PermissionDecisionFlag.ALLOW_OTHER
         )
-        kinds = await analyzed_query.get_models_in_use(types=query_parameters.context.types)
-        # Identify which operations are performed. As we don't have a mapping between kinds and the
-        # operation we currently require permissions all defined permissions for all objects
-        # within the GraphQL query / mutation
-        actions: set[str] = set()
-        for operation in analyzed_query.operations:
-            for kind in kinds:
-                if operation.name and operation.name.startswith(kind):
-                    # An empty string after prefix removal means a query to "view"
-                    query_action = operation.name[len(kind) :].lower() or "view"
-                    if query_action == "upsert":
-                        # Require both create and update for Upsert mutations
-                        actions.add("create")
-                        actions.add("update")
-                    else:
-                        actions.add(query_action)
-        # Infer required permissions from the kind/operation map
         permissions: list[ObjectPermission] = []
-        for action in actions:
-            for kind in kinds:
+        for kind, object_access in analyzed_query.query_report.requested_read.items():
+            if object_access.attributes or object_access.relationships:
+                extracted_words = extract_camelcase_words(kind)
+                permissions.append(
+                    ObjectPermission(
+                        namespace=extracted_words[0],
+                        name="".join(extracted_words[1:]),
+                        action="view",
+                        decision=required_decision,
+                    )
+                )
+        for kind, requested_permissions in analyzed_query.query_report.kind_action_map.items():
+            for requested_permission in requested_permissions:
                 extracted_words = extract_camelcase_words(kind)
                 permissions.append(
                     ObjectPermission(
                         namespace=extracted_words[0],
                         name="".join(extracted_words[1:]),
-                        action=action.lower(),
+                        action=requested_permission.value,
                         decision=required_decision,
                     )
                 )
@@ -83,19 +76,19 @@ class AccountManagerPermissionChecker(GraphQLQueryPermissionCheckerInterface):
         action=GlobalPermissions.MANAGE_ACCOUNTS.value, decision=PermissionDecision.ALLOW_ALL.value
     )
-    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:
+    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:  # noqa: ARG002
         return config.SETTINGS.main.allow_anonymous_access or account_session.authenticated
     async def check(
         self,
         db: InfrahubDatabase,
-        account_session: AccountSession,
+        account_session: AccountSession,  # noqa: ARG002
         analyzed_query: InfrahubGraphQLQueryAnalyzer,
         query_parameters: GraphqlParams,
         branch: Branch,
     ) -> CheckerResolution:
         is_account_operation = False
-        kinds = await analyzed_query.get_models_in_use(types=query_parameters.context.types)
+        kinds = analyzed_query.query_report.impacted_models
         operation_names = [operation.name for operation in analyzed_query.operations]
         for kind in kinds:
@@ -127,19 +120,19 @@ class PermissionManagerPermissionChecker(GraphQLQueryPermissionCheckerInterface)
         action=GlobalPermissions.MANAGE_PERMISSIONS.value, decision=PermissionDecision.ALLOW_ALL.value
     )
-    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:
+    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:  # noqa: ARG002
         return config.SETTINGS.main.allow_anonymous_access or account_session.authenticated
     async def check(
         self,
         db: InfrahubDatabase,
-        account_session: AccountSession,
+        account_session: AccountSession,  # noqa: ARG002
         analyzed_query: InfrahubGraphQLQueryAnalyzer,
         query_parameters: GraphqlParams,
         branch: Branch,
     ) -> CheckerResolution:
         is_permission_operation = False
-        kinds = await analyzed_query.get_models_in_use(types=query_parameters.context.types)
+        kinds = analyzed_query.query_report.impacted_models
         for kind in kinds:
             schema = get_schema(db=db, branch=branch, node_schema=kind)
@@ -168,19 +161,19 @@ class RepositoryManagerPermissionChecker(GraphQLQueryPermissionCheckerInterface)
         action=GlobalPermissions.MANAGE_REPOSITORIES.value, decision=PermissionDecision.ALLOW_ALL.value
     )
-    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:
+    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:  # noqa: ARG002
         return config.SETTINGS.main.allow_anonymous_access or account_session.authenticated
     async def check(
         self,
         db: InfrahubDatabase,
-        account_session: AccountSession,
+        account_session: AccountSession,  # noqa: ARG002
         analyzed_query: InfrahubGraphQLQueryAnalyzer,
         query_parameters: GraphqlParams,
         branch: Branch,
     ) -> CheckerResolution:
         is_repository_operation = False
-        kinds = await analyzed_query.get_models_in_use(types=query_parameters.context.types)
+        kinds = analyzed_query.query_report.impacted_models
         for kind in kinds:
             schema = get_schema(db=db, branch=branch, node_schema=kind)

infrahub/graphql/auth/query_permission_checker/super_admin_checker.py CHANGED Viewed

@@ -17,16 +17,16 @@ class SuperAdminPermissionChecker(GraphQLQueryPermissionCheckerInterface):
         action=GlobalPermissions.SUPER_ADMIN.value, decision=PermissionDecision.ALLOW_ALL.value
     )
-    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:
+    async def supports(self, db: InfrahubDatabase, account_session: AccountSession, branch: Branch) -> bool:  # noqa: ARG002
         return config.SETTINGS.main.allow_anonymous_access or account_session.authenticated
     async def check(
         self,
-        db: InfrahubDatabase,
-        account_session: AccountSession,
-        analyzed_query: InfrahubGraphQLQueryAnalyzer,
+        db: InfrahubDatabase,  # noqa: ARG002
+        account_session: AccountSession,  # noqa: ARG002
+        analyzed_query: InfrahubGraphQLQueryAnalyzer,  # noqa: ARG002
         query_parameters: GraphqlParams,
-        branch: Branch,
+        branch: Branch,  # noqa: ARG002
     ) -> CheckerResolution:
         return (
             CheckerResolution.TERMINATE

infrahub/graphql/enums.py CHANGED Viewed

@@ -6,7 +6,7 @@ import graphene
 from infrahub.core.enums import generate_python_enum
 from infrahub.core.schema import AttributeSchema, MainSchemaTypes
-ENUM_NAME_REGEX = re.compile("[_a-zA-Z0-9]+")
+ENUM_NAME_REGEX = re.compile(r"[_a-zA-Z0-9]+")
 def get_enum_attribute_type_name(node_schema: MainSchemaTypes, attr_schema: AttributeSchema) -> str:

infrahub/graphql/initialization.py CHANGED Viewed

@@ -5,6 +5,7 @@ from typing import TYPE_CHECKING
 from starlette.background import BackgroundTasks
+from infrahub.context import InfrahubContext
 from infrahub.core import registry
 from infrahub.core.timestamp import Timestamp
 from infrahub.exceptions import InitializationError
@@ -35,9 +36,9 @@ class GraphqlContext:
     branch: Branch
     types: dict
     single_relationship_resolver: SingleRelationshipResolver
+    service: InfrahubServices | None = None
     at: Timestamp | None = None
     related_node_ids: set | None = None
-    service: InfrahubServices | None = None
     account_session: AccountSession | None = None
     permissions: PermissionManager | None = None
     background: BackgroundTasks | None = None
@@ -70,6 +71,9 @@ class GraphqlContext:
             return self.service
         raise InitializationError("GraphQLContext doesn't contain a service")
+    def get_context(self) -> InfrahubContext:
+        return InfrahubContext.init(branch=self.branch, account=self.active_account_session)
 async def prepare_graphql_params(
     db: InfrahubDatabase,

infrahub/graphql/loaders/node.py CHANGED Viewed

@@ -50,7 +50,7 @@ class NodeDataLoader(DataLoader[str, Node | None]):
         self.query_params = query_params
         self.db = db
-    async def batch_load_fn(self, keys: list[Any]) -> list[Node | None]:  # pylint: disable=method-hidden
+    async def batch_load_fn(self, keys: list[Any]) -> list[Node | None]:
         async with self.db.start_session() as db:
             nodes_by_id = await NodeManager.get_many(
                 db=db,
@@ -75,7 +75,7 @@ def to_frozen_set(to_freeze: dict[str, Any]) -> frozenset:
     for k, v in to_freeze.items():
         if isinstance(v, dict):
             freezing_dict[k] = to_frozen_set(v)
-        elif isinstance(v, (list, set)):
+        elif isinstance(v, list | set):
             freezing_dict[k] = frozenset(v)
         else:
             freezing_dict[k] = v

infrahub-server 1.1.6__py3-none-any.whl → 1.2.0rc0__py3-none-any.whl

infrahub-server 1.1.6py3-none-any.whl → 1.2.0rc0py3-none-any.whl