ipulse-shared-core-ftredge 9.1.1__tar.gz → 11.1.1__tar.gz

{ipulse_shared_core_ftredge-9.1.1/src/ipulse_shared_core_ftredge.egg-info → ipulse_shared_core_ftredge-11.1.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ipulse_shared_core_ftredge
-Version: 9.1.1
+Version: 11.1.1
 Summary: Shared Core models and Logger util for the Pulse platform project. Using AI for financial advisory and investment management.
 Home-page: https://github.com/TheFutureEdge/ipulse_shared_core
 Author: Russlan Ramdowar

{ipulse_shared_core_ftredge-9.1.1 → ipulse_shared_core_ftredge-11.1.1}/setup.py

@@ -3,7 +3,7 @@ from setuptools import setup, find_packages
 
 setup(
     name='ipulse_shared_core_ftredge',
-    version='9.1.1',
+    version='11.1.1',
     package_dir={'': 'src'},  # Specify the source directory
     packages=find_packages(where='src'),  # Look for packages in 'src'
     install_requires=[

{ipulse_shared_core_ftredge-9.1.1 → ipulse_shared_core_ftredge-11.1.1}/src/ipulse_shared_core_ftredge/__init__.py

@@ -9,4 +9,4 @@ from .models import ( UserAuth, UserProfile,Subscription,
 from .services import (BaseFirestoreService,BaseServiceException, ResourceNotFoundError, AuthorizationError,
                             ValidationError)
 
-from .utils import (CustomJSONEncoder)
+from .utils import (EnsureJSONEncoderCompatibility)

{ipulse_shared_core_ftredge-9.1.1 → ipulse_shared_core_ftredge-11.1.1}/src/ipulse_shared_core_ftredge/dependencies/authz_for_apis.py

@@ -2,16 +2,19 @@ import os
 import logging
 from typing import Optional, Iterable, Dict, Any, List
 from datetime import datetime, timedelta, timezone
+import json
 import httpx
 from fastapi import HTTPException, Request
 from google.cloud import firestore
 from ipulse_shared_core_ftredge.services import ServiceError, AuthorizationError, ResourceNotFoundError
 from ipulse_shared_core_ftredge.models import UserStatus
+from ipulse_shared_core_ftredge.utils.json_encoder import convert_to_json_serializable
 
 # Constants
 USERS_STATUS_COLLECTION_NAME = UserStatus.get_collection_name()
 USERS_STATUS_DOC_REF = "userstatus_"
 CACHE_TTL = 60 # 60 seconds
+
 class UserStatusCache:
     """Manages user status caching with dynamic invalidation"""
     def __init__(self):
@@ -175,41 +178,78 @@ async def authorizeAPIRequest(
                 additional_info={"path": str(request.url)}
             )
 
-
         # Determine if we need fresh status
         force_fresh = _should_force_fresh_status(request)
         userstatus, cache_used = await get_userstatus(user_uid, db, force_fresh=force_fresh)
 
-        # Prepare authorization input
-        auth_input = {
+        # Prepare authorization input that matches OPA expectations
+        # Extract required values from user status
+        primary_usertype = userstatus.get("primary_usertype")
+        secondary_usertypes = userstatus.get("secondary_usertypes", [])
+
+        # Extract IAM domain permissions
+        iam_domain_permissions = userstatus.get("iam_domain_permissions", {})
+
+        # Format the authz_input to match what the OPA policies expect
+        authz_input = {
             "api_url": request.url.path,
             "requestor": {
                 "uid": user_uid,
-                "usertypes": request.state.user.get("usertypes"),
-                "email_verified": request.state.user.get("email_verified"),
-                "iam_groups": userstatus.get("iam_groups"),
-                "subscriptions": userstatus.get("subscriptions"),
-                "sbscrptn_based_insight_credits": userstatus.get("sbscrptn_based_insight_credits"),
-                "extra_insight_credits": userstatus.get("extra_insight_credits")
+                "primary_usertype": primary_usertype,
+                "secondary_usertypes": secondary_usertypes,
+                "usertypes": [primary_usertype] + secondary_usertypes if primary_usertype else secondary_usertypes,
+                "email_verified": request.state.user.get("email_verified", False),
+                "iam_domain_permissions": iam_domain_permissions,
+                "sbscrptn_based_insight_credits": userstatus.get("sbscrptn_based_insight_credits", 0),
+                "extra_insight_credits": userstatus.get("extra_insight_credits", 0)
             },
             "method": request.method.lower(),
             "request_resource_fields": request_resource_fields
         }
 
-        ####!!!!!!!!!! OPA call
+        # Convert any non-serializable objects to JSON serializable format
+        # Using the unified utility from utils
+        json_safe_authz_input = convert_to_json_serializable(authz_input)
+
         # Query OPA
         opa_url = f"{os.getenv('OPA_SERVER_URL', 'http://localhost:8181')}{os.getenv('OPA_DECISION_PATH', '/v1/data/http/authz/ingress/decision')}"
         logger.debug(f"Attempting to connect to OPA at: {opa_url}")
-        logger.debug(f"Authorization input: {auth_input}")
+        logger.debug(f"Authorization input: {authz_input}")
+
         async with httpx.AsyncClient() as client:
             try:
                 response = await client.post(
                     opa_url,
-                    json={"input": auth_input},
+                    json={"input": json_safe_authz_input},
                     timeout=5.0  # 5 seconds timeout
                 )
                 logger.debug(f"OPA Response Status: {response.status_code}")
                 logger.debug(f"OPA Response Body: {response.text}")
+
+                if response.status_code != 200:
+                    logger.error(f"OPA authorization failed: {response.text}")
+                    raise HTTPException(
+                        status_code=500,
+                        detail="Authorization service error"
+                    )
+
+                result = response.json()
+                logger.debug(f"Parsed OPA response: {result}")
+
+                if not result.get("result", {}).get("allow", False):
+                    logger.error(f"Authorization denied: {result}")
+                    raise AuthorizationError(
+                        action=f"{request.method} {request.url.path}",
+                        additional_info={
+                            "user_uid": user_uid,
+                            "resource_fields": request_resource_fields,
+                            "opa_decision": result.get("result", {})
+                        }
+                    )
+
+                # Extract credit check information from the OPA response
+                credit_check = result.get("result", {}).get("credit_check", {})
+
             except httpx.RequestError as e:
                 logger.error(f"Failed to connect to OPA: {str(e)}")
                 raise ServiceError(
@@ -221,39 +261,21 @@ async def authorizeAPIRequest(
                         "connection_error": str(e)
                     }
                 ) from e
-            if response.status_code != 200:
-                logger.error(f"OPA authorization failed: {response.text}")
-                raise HTTPException(
-                    status_code=500,
-                    detail="Authorization service error"
-                )
-
-            result = response.json()
-            if not result.get("result", {}).get("allow", False):
-                raise AuthorizationError(
-                    action=f"{request.method} {request.url.path}",
-                    additional_info={
-                        "user_uid": user_uid,
-                        "resource_fields": request_resource_fields
-                    }
-                )
-
-            # Extract credit check information from the OPA response
-            credit_check = {}
-            if "credit_check" in result.get("result", {}):
-                credit_check = result["result"]["credit_check"]
 
         # More descriptive metadata about the data freshness
         return {
             "used_cached_status": cache_used,
             "required_fresh_status": force_fresh,
             "status_retrieved_at": datetime.now(timezone.utc).isoformat(),
-            "credit_check": credit_check
+            "credit_check": credit_check,
+            "allow_all_fields": result.get("result", {}).get("allow_all_fields", False),
+            "allowed_fields": result.get("result", {}).get("allowed_fields", [])
         }
 
     except (AuthorizationError, ResourceNotFoundError):
         raise
     except Exception as e:
+        logger.exception(f"Exception in authorizeAPIRequest: {e}")
         raise ServiceError(
             operation="API authorization",
             error=e,

{ipulse_shared_core_ftredge-9.1.1 → ipulse_shared_core_ftredge-11.1.1}/src/ipulse_shared_core_ftredge/models/base_api_response.py

@@ -3,7 +3,7 @@ import datetime as dt
 import json
 from pydantic import BaseModel, ConfigDict
 from fastapi.responses import JSONResponse
-from ipulse_shared_core_ftredge.utils import CustomJSONEncoder
+from ipulse_shared_core_ftredge.utils.json_encoder import EnsureJSONEncoderCompatibility, convert_to_json_serializable
 
 
 T = TypeVar('T')
@@ -27,7 +27,7 @@ class PaginatedAPIResponse(BaseAPIResponse, Generic[T]):
 
 class CustomJSONResponse(JSONResponse):
     def render(self, content) -> bytes:
-        # Handle Pydantic models to exclude computed fields
+        # First preprocess content with our utility function
         if isinstance(content, dict) and "data" in content and hasattr(content["data"], "model_dump"):
             # If content["data"] is a Pydantic model, use model_dump with exclude_unset=True
             # and exclude_computed=True to prevent serialization of computed fields
@@ -37,12 +37,15 @@ class CustomJSONResponse(JSONResponse):
                 exclude_computed=True
             )
 
-        # Use the CustomJSONEncoder for serialization
+        # Now convert all problematic types to JSON serializable values
+        json_safe_content = convert_to_json_serializable(content)
+
+        # Use the CustomJSONEncoder for additional safety
         return json.dumps(
-            content,
+            json_safe_content,
             ensure_ascii=False,
             allow_nan=False,
             indent=None,
             separators=(",", ":"),
-            default=CustomJSONEncoder().default
+            cls=EnsureJSONEncoderCompatibility
         ).encode("utf-8")

{ipulse_shared_core_ftredge-9.1.1 → ipulse_shared_core_ftredge-11.1.1}/src/ipulse_shared_core_ftredge/models/subscription.py

@@ -90,7 +90,7 @@ class Subscription(BaseDataModel):
     )
 
     # IAM permissions structure
-    iam_domain_permissions: Dict[str, Dict[str, List[str]]] = Field(
+    default_iam_domain_permissions: Dict[str, Dict[str, List[str]]] = Field(
         ...,  # Required field, no default
         description="IAM domain permissions granted by this subscription (domain -> IAM unit type -> list of unit references)"
     )

{ipulse_shared_core_ftredge-9.1.1 → ipulse_shared_core_ftredge-11.1.1}/src/ipulse_shared_core_ftredge/models/user_profile.py

@@ -16,7 +16,7 @@ class UserProfile(BaseDataModel):
     model_config = ConfigDict(frozen=False, extra="forbid")  # Allow field modification
 
     # Class constants
-    VERSION: ClassVar[float] = 5.0  # Incremented version for primary_user_type addition
+    VERSION: ClassVar[float] = 5.0  # Incremented version for primary_usertype addition
     DOMAIN: ClassVar[str] = "_".join(list_as_lower_strings(Layer.PULSE_APP, Module.CORE.name, Subject.USER.name))
     OBJ_REF: ClassVar[str] = "userprofile"
 
@@ -36,14 +36,14 @@ class UserProfile(BaseDataModel):
         description="User UID from Firebase Auth"
     )
 
-    # Added primary_user_type field for main role categorization
-    primary_user_type: str = Field(
+    # Added primary_usertype field for main role categorization
+    primary_usertype: str = Field(
         ...,
         description="Primary user type (e.g., customer, internal, admin, superadmin)"
     )
 
-    # Renamed user_types to secondary_user_types
-    secondary_user_types: List[str] = Field(
+    # Renamed user_types to secondary_usertypes
+    secondary_usertypes: List[str] = Field(
         default_factory=list,
         description="List of secondary user types"
     )

{ipulse_shared_core_ftredge-9.1.1 → ipulse_shared_core_ftredge-11.1.1}/src/ipulse_shared_core_ftredge/models/user_status.py

@@ -68,14 +68,14 @@ class UserStatus(BaseDataModel):
         description="User UID from Firebase Auth"
     )
 
-    # Added primary_user_type field for main role categorization
-    primary_user_type: str = Field(
+    # Added primary_usertype field for main role categorization
+    primary_usertype: str = Field(
         ...,
         description="Primary user type (e.g., customer, internal, admin, superadmin)"
     )
 
-    # Renamed user_types to secondary_user_types
-    secondary_user_types: List[str] = Field(
+    # Renamed user_types to secondary_usertypes
+    secondary_usertypes: List[str] = Field(
         default_factory=list,
         description="List of secondary user types/roles"
     )
@@ -321,7 +321,7 @@ class UserStatus(BaseDataModel):
         """
         added_count = 0
 
-        for domain, permissions_by_type in subscription.iam_domain_permissions.items():
+        for domain, permissions_by_type in subscription.default_iam_domain_permissions.items():
             for iam_unit_type_str, iam_unit_refs in permissions_by_type.items():
                 # Convert string to enum if needed for internal processing
                 try:
@@ -484,7 +484,7 @@ class UserStatus(BaseDataModel):
             validity_time_unit=validity_time_unit,
             auto_renew=plan_data.get("plan_auto_renewal", False),
             status=SubscriptionStatus.ACTIVE,
-            iam_domain_permissions=iam_domain_permissions,
+            default_iam_domain_permissions=iam_domain_permissions,
             fallback_plan_id=plan_data.get("fallback_plan_id_if_current_plan_expired"),
             price_paid_usd=plan_data.get("plan_per_cycle_price_usd") or 0.0,
             created_by=source,
@@ -501,14 +501,14 @@ class UserStatus(BaseDataModel):
 
     @staticmethod
     def fetch_user_status_defaults(firestore_client,
-                                   primary_user_type: str,
+                                   primary_usertype: str,
                                    collection: str = "papp_core_configs_user") -> Dict[str, Any]:
         """
         Fetch user status defaults from Firestore.
 
         Args:
             firestore_client: Initialized Firestore client
-            primary_user_type: Primary type of user (customer, internal, admin, etc)
+            primary_usertype: Primary type of user (customer, internal, admin, etc)
             collection: Collection name for user status defaults
 
         Returns:
@@ -531,7 +531,7 @@ class UserStatus(BaseDataModel):
 
             # Look for defaults with format "{user_type}_defaults_{version}"
             for key in data.keys():
-                if key.startswith(f"{primary_user_type}_defaults_"):
+                if key.startswith(f"{primary_usertype}_defaults_"):
                     try:
                         version = int(key.split("_")[-1])
                         if version > latest_version:

ipulse_shared_core_ftredge-11.1.1/src/ipulse_shared_core_ftredge/utils/__init__.py

@@ -0,0 +1 @@
+from .json_encoder import EnsureJSONEncoderCompatibility

ipulse_shared_core_ftredge-11.1.1/src/ipulse_shared_core_ftredge/utils/json_encoder.py

@@ -0,0 +1,62 @@
+import json
+from datetime import datetime
+from enum import Enum
+from google.cloud.firestore_v1._helpers import DatetimeWithNanoseconds
+from google.api_core import datetime_helpers
+
+class EnsureJSONEncoderCompatibility(json.JSONEncoder):
+    """Custom JSON encoder that handles Firestore datetime types and other non-serializable objects."""
+    def default(self, obj):
+        # Handle datetime types
+        if isinstance(obj, (datetime, DatetimeWithNanoseconds, datetime_helpers.DatetimeWithNanoseconds)):
+            return obj.isoformat()
+        # Handle enum types
+        elif isinstance(obj, Enum):
+            return obj.value
+        # Handle pydantic models
+        elif hasattr(obj, 'model_dump'):
+            return obj.model_dump()
+        # Default behavior for other types
+        return super().default(obj)
+
+def convert_to_json_serializable(obj):
+    """
+    Recursively convert objects to JSON serializable format.
+    Handles datetime objects, Enums, and nested structures.
+
+    Args:
+        obj: Any Python object that might contain non-serializable types
+
+    Returns:
+        The object with all non-serializable types converted to serializable ones
+    """
+    # Handle None
+    if obj is None:
+        return None
+
+    # Handle datetime objects (including Firestore's DatetimeWithNanoseconds)
+    if hasattr(obj, 'isoformat'):
+        return obj.isoformat()
+
+    # Handle Enum values
+    elif isinstance(obj, Enum):
+        return obj.value
+
+    # Handle dictionaries
+    elif isinstance(obj, dict):
+        return {key: convert_to_json_serializable(value) for key, value in obj.items()}
+
+    # Handle lists and tuples
+    elif isinstance(obj, (list, tuple)):
+        return [convert_to_json_serializable(item) for item in obj]
+
+    # Handle sets
+    elif isinstance(obj, set):
+        return [convert_to_json_serializable(item) for item in obj]
+
+    # Handle Pydantic models and other objects with model_dump method
+    elif hasattr(obj, 'model_dump'):
+        return convert_to_json_serializable(obj.model_dump())
+
+    # Return primitive types as-is
+    return obj

{ipulse_shared_core_ftredge-9.1.1 → ipulse_shared_core_ftredge-11.1.1/src/ipulse_shared_core_ftredge.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ipulse_shared_core_ftredge
-Version: 9.1.1
+Version: 11.1.1
 Summary: Shared Core models and Logger util for the Pulse platform project. Using AI for financial advisory and investment management.
 Home-page: https://github.com/TheFutureEdge/ipulse_shared_core
 Author: Russlan Ramdowar

ipulse_shared_core_ftredge-9.1.1/src/ipulse_shared_core_ftredge/utils/__init__.py

@@ -1 +0,0 @@
-from .json_encoder import CustomJSONEncoder

ipulse_shared_core_ftredge-9.1.1/src/ipulse_shared_core_ftredge/utils/json_encoder.py

@@ -1,13 +0,0 @@
-import json
-from datetime import datetime
-from google.cloud.firestore_v1._helpers import DatetimeWithNanoseconds
-from google.api_core import datetime_helpers
-
-class CustomJSONEncoder(json.JSONEncoder):
-    """Custom JSON encoder that handles Firestore datetime types."""
-    def default(self, obj):
-        if isinstance(obj, (datetime, DatetimeWithNanoseconds)):
-            return obj.isoformat()
-        if isinstance(obj, datetime_helpers.DatetimeWithNanoseconds):
-            return obj.isoformat()
-        return super().default(obj)