ipulse-shared-core-ftredge 26.1.1__tar.gz → 27.1.1__tar.gz

{ipulse_shared_core_ftredge-26.1.1/src/ipulse_shared_core_ftredge.egg-info → ipulse_shared_core_ftredge-27.1.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ipulse_shared_core_ftredge
-Version: 26.1.1
+Version: 27.1.1
 Summary: Shared Core models and Logger util for the Pulse platform project. Using AI for financial advisory and investment management.
 Home-page: https://github.com/TheFutureEdge/ipulse_shared_core
 Author: Russlan Ramdowar

{ipulse_shared_core_ftredge-26.1.1 → ipulse_shared_core_ftredge-27.1.1}/setup.py

@@ -3,7 +3,7 @@ from setuptools import setup, find_packages
 
 setup(
     name='ipulse_shared_core_ftredge',
-    version='26.1.1',
+    version='27.1.1',
     package_dir={'': 'src'},  # Specify the source directory
     packages=find_packages(where='src'),  # Look for packages in 'src'
     install_requires=[

{ipulse_shared_core_ftredge-26.1.1 → ipulse_shared_core_ftredge-27.1.1}/src/ipulse_shared_core_ftredge/dependencies/authz_for_apis.py

@@ -1,14 +1,13 @@
 import os
 import logging
-import asyncio
 from typing import Optional, Iterable, Dict, Any, List
 from datetime import datetime, timedelta, timezone
 import httpx
 from fastapi import HTTPException, Request
+from ipulse_shared_base_ftredge import ApprovalStatus
 from ipulse_shared_core_ftredge.exceptions import ServiceError, ResourceNotFoundError
 from ipulse_shared_core_ftredge.models import UserStatus
 from ipulse_shared_core_ftredge.services import UserCoreService
-from ipulse_shared_base_ftredge import ApprovalStatus
 
 # Cache TTL constant
 USERSTATUS_CACHE_TTL = 60 # 60 seconds
@@ -63,12 +62,13 @@ class UserStatusCache:
 userstatus_cache = UserStatusCache()
 
 # Replace the logger dependency with a standard logger
-logger = logging.getLogger(__name__)
+_module_logger = logging.getLogger(__name__)
 
 async def get_userstatus(
     user_uid: str,
     user_core_service: UserCoreService,
-    force_fresh: bool = False
+    force_fresh: bool = False,
+    logger: Optional[logging.Logger] = None
 ) -> tuple[UserStatus, bool]:
     """
     Lightweight fetch of user status with caching.
@@ -78,10 +78,12 @@ async def get_userstatus(
         user_uid: User ID to fetch status for
         user_core_service: UserCoreService for data retrieval
         force_fresh: Whether to bypass cache
+        logger: Optional logger instance to use.
 
     Returns:
         Tuple of (UserStatus object, whether cache was used)
     """
+    log = logger if logger else _module_logger
     cache_used = False
 
     # Check cache first unless forced fresh
@@ -109,7 +111,7 @@ async def get_userstatus(
                 raise ValueError(f"Expected UserStatus object or dict, got {type(status_obj)}")
 
     except Exception as e:
-        logger.error(f"Error fetching user status via UserCoreService: {str(e)}")
+        log.error(f"Error fetching user status via UserCoreService: {str(e)}")
         raise ServiceError(
             operation="fetching user status for authz via UserCoreService",
             error=e,
@@ -134,11 +136,12 @@ def _validate_resource_fields(fields: Dict[str, Any]) -> List[str]:
     }
     return list(valid_fields.keys())
 
-async def extract_request_fields(request: Request) -> Optional[List[str]]:
+async def extract_request_fields(request: Request, logger: Optional[logging.Logger] = None) -> Optional[List[str]]:
     """
     Extract fields from request body for both PATCH and POST methods.
     For GET and DELETE methods, return None as they typically don't have a body.
     """
+    log = logger if logger else _module_logger
     # Skip body extraction for GET and DELETE requests
     if request.method.upper() in ["GET", "DELETE", "HEAD", "OPTIONS"]:
         return None
@@ -161,7 +164,7 @@ async def extract_request_fields(request: Request) -> Optional[List[str]]:
         return None
 
     except Exception as e:
-        logger.warning(f"Could not extract fields from request body: {str(e)}")
+        log.warning(f"Could not extract fields from request body: {str(e)}")
         return None  # Return None instead of raising an error
 
 # Main authorization function with configurable timeout
@@ -169,6 +172,7 @@ async def authorizeAPIRequest(
     request: Request,
     user_core_service: UserCoreService,  # UserCoreService instance for better integration
     request_resource_fields: Optional[Iterable[str]] = None,
+    logger: Optional[logging.Logger] = None
 
 ) -> Dict[str, Any]:
     """
@@ -179,6 +183,7 @@ async def authorizeAPIRequest(
         request: The incoming request
         user_core_service: UserCoreService instance for better integration
         request_resource_fields: Fields being accessed/modified in the request
+        logger: Optional logger instance to use.
 
     Returns:
         Authorization result containing decision details
@@ -186,18 +191,19 @@ async def authorizeAPIRequest(
     Raises:
         HTTPException: For authorization failures (403) or service errors (500)
     """
+    log = logger if logger else _module_logger
     opa_decision = None
     try:
         # Extract fields for both PATCH and POST if not provided
         if not request_resource_fields:
-            request_resource_fields = await extract_request_fields(request)
+            request_resource_fields = await extract_request_fields(request, logger=log)
 
         # Extract request context and Firebase user claims
         firebase_user = request.state.user
-        logger.debug(f"Firebase user: {firebase_user}")
+        log.debug(f"Firebase user: {firebase_user}")
         user_uid = firebase_user.get('uid')
         if not user_uid:
-            logger.debug(f"Authorization denied for {request.method} {request.url.path}: No user UID found")
+            log.debug(f"Authorization denied for {request.method} {request.url.path}: No user UID found")
             raise HTTPException(
                 status_code=403,
                 detail="Not authorized to access this resource"
@@ -214,10 +220,11 @@ async def authorizeAPIRequest(
             user_uid=user_uid,
             user_core_service=user_core_service,
             force_fresh=force_fresh,
+            logger=log
         )
 
         # Perform comprehensive review and cleanup synchronously to ensure accurate auth data
-        logger.debug(f"Comprehensive review for userstatus : {user_status_obj} during authz")
+        log.debug(f"Comprehensive review for userstatus : {user_status_obj} during authz")
         if user_core_service:
             try:
                 review_result = await user_core_service.review_and_clean_active_subscription_credits_and_permissions(
@@ -228,10 +235,10 @@ async def authorizeAPIRequest(
                     clean_expired_permissions=True,
                     review_credits=True
                 )
-                logger.debug(f"Review result for userstatus : {review_result} during authz")
+                log.debug(f"Review result for userstatus : {review_result} during authz")
                 # Refresh user status after comprehensive review if any actions were taken
                 if review_result.get('actions_taken'):
-                    logger.info(f"Auth middleware performed comprehensive review for user {user_uid}: {review_result['actions_taken']}")
+                    log.info(f"Authz middleware performed comprehensive review for user {user_uid}: {review_result['actions_taken']}")
                     # Use the updated UserStatus returned from the review function
                     if 'updated_userstatus' in review_result:
                         user_status_obj = review_result['updated_userstatus']
@@ -241,7 +248,7 @@ async def authorizeAPIRequest(
                         userstatus_cache.set(user_uid, user_status_obj)
 
             except Exception as e:
-                logger.warning(f"Comprehensive review failed for user {user_uid} during auth: {str(e)}")
+                log.warning(f"Comprehensive review failed for user {user_uid} during auth: {str(e)}")
                 # Continue with existing status if review fails
 
         # Get valid permissions after comprehensive review
@@ -299,17 +306,17 @@ async def authorizeAPIRequest(
                 )
 
                 if response.status_code != 200:
-                    logger.error(f"OPA authorization failed: {response.text}")
+                    log.error(f"OPA authorization failed: {response.text}")
                     raise HTTPException(
                         status_code=500,
                         detail="Authorization service error"
                     )
 
                 result = response.json()
-
+                log.debug(f"OPA response: {result}")
                 # Handle OPA response format
                 if "result" not in result:
-                    logger.warning("OPA response missing 'result' field")
+                    log.warning("OPA response missing 'result' field")
                     raise HTTPException(
                         status_code=500,
                         detail="Authorization service error: OPA response format unexpected"
@@ -320,14 +327,14 @@ async def authorizeAPIRequest(
 
                 # Handle authorization denial
                 if not allow:
-                    logger.debug(f"Authorization denied for {request.method} {request.url.path}")
+                    log.debug(f"Authorization denied for {request.method} {request.url.path}")
                     raise HTTPException(
                         status_code=403,
                         detail=f"Not authorized to {request.method} {request.url.path}"
                     )
 
             except httpx.RequestError as e:
-                logger.error(f"Failed to connect to OPA: {str(e)}")
+                log.error(f"Failed to connect to OPA: {str(e)}")
                 raise HTTPException(
                     status_code=500,
                     detail="Authorization service temporarily unavailable"
@@ -346,7 +353,7 @@ async def authorizeAPIRequest(
         raise
     except Exception as e:
         # Only log unexpected errors at ERROR level
-        logger.error(f"Unexpected error during authorization for {request.method} {request.url.path}: {str(e)}")
+        log.error(f"Unexpected error during authorization for {request.method} {request.url.path}: {str(e)}")
         raise HTTPException(
             status_code=500,
             detail="Internal authorization error"

{ipulse_shared_core_ftredge-26.1.1 → ipulse_shared_core_ftredge-27.1.1/src/ipulse_shared_core_ftredge.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ipulse_shared_core_ftredge
-Version: 26.1.1
+Version: 27.1.1
 Summary: Shared Core models and Logger util for the Pulse platform project. Using AI for financial advisory and investment management.
 Home-page: https://github.com/TheFutureEdge/ipulse_shared_core
 Author: Russlan Ramdowar

{ipulse_shared_core_ftredge-26.1.1 → ipulse_shared_core_ftredge-27.1.1}/src/ipulse_shared_core_ftredge.egg-info/SOURCES.txt

@@ -54,6 +54,7 @@ src/ipulse_shared_core_ftredge/services/user/userauth_operations.py
 src/ipulse_shared_core_ftredge/services/user/userprofile_operations.py
 src/ipulse_shared_core_ftredge/services/user/userstatus_operations.py
 src/ipulse_shared_core_ftredge/utils/__init__.py
+src/ipulse_shared_core_ftredge/utils/authz_credit_extraction.py
 src/ipulse_shared_core_ftredge/utils/custom_json_encoder.py
 src/ipulse_shared_core_ftredge/utils/json_encoder.py
 tests/test_shared_cache.py