jaaql-middleware-python 4.33.8__tar.gz → 4.33.10__tar.gz

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: jaaql-middleware-python
-Version: 4.33.8
+Version: 4.33.10
 Summary: The jaaql package, allowing for rapid development and deployment of RESTful HTTP applications
 Home-page: https://github.com/JAAQL/JAAQL-middleware-python
 Author: Software Quality Measurement and Improvement bv

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/constants.py

@@ -208,5 +208,5 @@ ROLE__postgres = "postgres"
 
 PROTOCOL__postgres = "postgresql://"
 
-VERSION = "4.33.8"
+VERSION = "4.33.10"
 

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/db/db_utils.py

@@ -116,11 +116,14 @@ def execute_supplied_statement(db_interface, query: str, parameters: dict = None
 
 def force_singleton(data, as_objects: bool = False, singleton_code: int = None, singleton_message: str = None):
     was_no_singleton = False
+    original_count = 1
     if as_objects:
         if len(data) != 1:
+            original_count = len(data)
             was_no_singleton = True
     else:
         if len(data["rows"]) != 1:
+            original_count = len(data["rows"])
             was_no_singleton = True
         if len(data["rows"]) != 0:
             data["rows"] = data["rows"][0]
@@ -129,7 +132,7 @@ def force_singleton(data, as_objects: bool = False, singleton_code: int = None,
         err = ERR__expected_single_row % len(data)
         if singleton_message is not None:
             err = singleton_message
-        raise HttpSingletonStatusException(err, singleton_code)
+        raise HttpSingletonStatusException(err, singleton_code, original_count)
 
     return data[0] if as_objects else data
 

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/documentation/documentation_internal.py

@@ -1,3 +1,4 @@
+from jaaql.documentation.documentation_public import ARG_RES__query
 from jaaql.openapi.swagger_documentation import *
 from jaaql.constants import *
 from jaaql.mvc.generated_queries import *
@@ -478,4 +479,92 @@ DOCUMENTATION__procedures = SwaggerDocumentation(
             )
         ]
     )
+)
+
+ARG_RES__id_token_hint = SwaggerArgumentResponse(
+	name="id_token_hint",
+	description="Optional ID Token previously issued to the user; recommended for OIDC RP-initiated logout.",
+	arg_type=str,
+	required=False,
+    condition="Recommended",
+	example=["eyJ..."]
+)
+
+DOCUMENTATION__oidc_begin_logout = SwaggerDocumentation(
+	tags="oidc",
+	security=False,
+	methods=SwaggerMethod(
+		name="Begin OIDC logout",
+		description="Clears the app session, sets a logout state cookie, and redirects the browser to the OP end-session endpoint. After logout, the OP redirects to /api/oidc/post-logout.",
+		method=REST__GET,
+		arguments=[
+			ARG_RES__tenant,
+			ARG_RES__provider,
+			ARG_RES__application,
+			ARG_RES__schema,
+			ARG_RES__redirect_uri,
+			ARG_RES__id_token_hint
+		],
+		response=SwaggerFlatResponse(
+			description="Redirect",
+			code=HTTPStatus.FOUND,
+			body="You are being redirected to the identity server for logout..."
+		)
+	)
+)
+
+DOCUMENTATION__oidc_post_logout = SwaggerDocumentation(
+	tags="oidc",
+	security=False,
+	methods=SwaggerMethod(
+		name="OIDC post-logout redirect",
+		description="Receives the OP redirect after logout, validates state, clears the cookie, and redirects to the final app URL.",
+		method=REST__GET,
+		arguments=SwaggerArgumentResponse(
+			name="state",
+			description="Opaque state returned by the OP; must match the value set at logout start.",
+			arg_type=str,
+			example=["y3nvJ..."]
+		),
+		response=SwaggerFlatResponse(
+			description="Redirect",
+			code=HTTPStatus.FOUND,
+			body="You are being redirected back to your place in the app..."
+		)
+	)
+)
+
+DOCUMENTATION__security_event = SwaggerDocumentation(
+    tags="security",
+    methods=SwaggerMethod(
+        name="Action security event",
+        description="Executes a security event",
+        method=REST__POST,
+        body=[
+            ARG_RES__application,
+            SwaggerArgumentResponse(
+                name=KG__security_event__name,
+                description="The name of the security event",
+                arg_type=str,
+                example=["add-user"]
+            ),
+            SwaggerArgumentResponse(
+                name=KG__security_event__type,
+                description="The name of the security event",
+                arg_type=str,
+                example=["add-user"]
+            ),
+            SwaggerArgumentResponse(
+                name=KEY__parameters,
+                description="Any parameters to pass to the underlying function",
+                arg_type=ARG_RESP__allow_all
+            ),
+            SwaggerArgumentResponse(
+                name="explicit_types",
+                description="Explicit types for parameters",
+                arg_type=ARG_RESP__allow_all
+            )
+        ],
+        response=RES__allow_all
+    )
 )

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/documentation/documentation_public.py

@@ -76,20 +76,6 @@ DOCUMENTATION__create_account_batch = SwaggerDocumentation(
     )
 )
 
-DOCUMENTATION__password = SwaggerDocumentation(
-    tags="Account",
-    methods=SwaggerMethod(
-        method=REST__POST,
-        name="Change password",
-        description="Will change the logged in users password to the new one",
-        body=[
-            rename_arg(ARG_RES__password, KEY__old_password, "The old password for the user"),
-            ARG_RES__password
-        ],
-        response=RES__oauth_token
-    )
-)
-
 ARG_RES__event_application = SwaggerArgumentResponse(
     name=KG__security_event__application,
     description="The application of the dispatcher",
@@ -112,31 +98,6 @@ ARG_RES__query = SwaggerArgumentResponse(
     required=True
 )
 
-ARG_RES__event_lock = SwaggerArgumentResponse(
-    name=KG__security_event__event_lock,
-    description="A key that is used to reference a security event",
-    arg_type=str,
-    example="0aff271e-bf0a-463b-b234-f558abd70edd"
-)
-
-ARG_RES__security_event_unlock_key = SwaggerArgumentResponse(
-    name=KG__security_event__unlock_key,
-    description="The unlock key",
-    required=False,
-    condition="Are you using a key to unlock or a code",
-    arg_type=str,
-    example="c9a941d5-2aea-4b96-967b-32a01e889d03"
-)
-
-ARG_RES__security_event_unlock_code = SwaggerArgumentResponse(
-    name=KG__security_event__unlock_code,
-    description="The unlock code",
-    required=False,
-    condition="Are you using a key to unlock or a code",
-    arg_type=str,
-    example="ABC123"
-)
-
 ARG_RES__oauth_token = SwaggerArgumentResponse(
     name=KEY__oauth_token,
     description="An auth token",
@@ -144,51 +105,6 @@ ARG_RES__oauth_token = SwaggerArgumentResponse(
     example=EXAMPLE__jwt
 )
 
-DOCUMENTATION__reset_password = SwaggerDocumentation(
-    tags="Reset Password",
-    security=False,
-    methods=[
-        SwaggerMethod(
-            name="Request an password reset",
-            description="Requests a password reset, sending an email to the user (or if the email template does not contain "
-            "the reset code, they will then need to be approved by an admin).",
-            method=REST__POST,
-            body=[
-                ARG_RES__username,
-                ARG_RES__parameters,
-                ARG_RES__event_application,
-                SwaggerArgumentResponse(
-                    name=KEY__reset_password_template,
-                    description="The template to send if the user is already signed up",
-                    required=False,
-                    condition="Should an email be sent or the default be used",
-                    arg_type=str,
-                    example=KG__application__default_r_et
-                ),
-                SwaggerArgumentResponse(
-                    name=KEY__unregistered_user_reset_password_template,
-                    description="The template to send if the user hasn't signed up",
-                    required=False,
-                    condition="Should an email be sent or the default be used",
-                    arg_type=str,
-                    example=KG__application__default_u_et
-                )
-            ],
-            response=[
-                SwaggerResponse(
-                    description="Reset password response",
-                    response=ARG_RES__event_lock
-                ),
-                SwaggerFlatResponse(
-                    description=ERR__too_many_reset_requests,
-                    code=HTTPStatus.TOO_MANY_REQUESTS,
-                    body=ERR__too_many_reset_requests
-                )
-            ]
-        )
-    ]
-)
-
 DOCUMENTATION__emails = SwaggerDocumentation(
     tags="Emails",
     security=True,
@@ -209,156 +125,6 @@ DOCUMENTATION__emails = SwaggerDocumentation(
     )
 )
 
-DOCUMENTATION__sign_up = SwaggerDocumentation(
-    tags="sign_up",
-    # Explicitly set sign up to true to enforce design decision. We use the attempted insert of the current user (which can be the public user) as security
-    # If the insert fails then the user cannot sign up
-    security=False,
-    methods=[
-        SwaggerMethod(
-            name="Signs up to the Platform",
-            description="Requests an invitation, sending an email to the user.",
-            method=REST__POST,
-            body=[
-                ARG_RES__username,
-                set_nullable(ARG_RES__password, "Is the user going through an unconfirmed signup"),
-                ARG_RES__parameters,
-                ARG_RES__remember_me,
-                ARG_RES__query,
-                ARG_RES__event_application,
-                SwaggerArgumentResponse(
-                    name=KEY__sign_up_template,
-                    description="The template to send if the user hasn't signed up",
-                    required=False,
-                    condition="Should an email be sent or the default be used",
-                    arg_type=str,
-                    example=KG__application__default_s_et
-                ),
-                SwaggerArgumentResponse(
-                    name=KEY__already_signed_up_template,
-                    description="The template to send if the user is already signed up",
-                    required=False,
-                    condition="Should an email be sent or the default be used",
-                    arg_type=str,
-                    example=KG__application__default_a_et
-                )
-            ],
-            response=RES__allow_all
-        )
-    ]
-)
-
-DOCUMENTATION__resend_sign_up = SwaggerDocumentation(
-    tags="sign_up",
-    security=True,
-    methods=[
-        SwaggerMethod(
-            name="Resend sign up email",
-            description="Allows an unconfirmed user to resend themselves a signup email when they are logged in.",
-            method=REST__POST,
-            body=[
-                ARG_RES__event_application,
-                SwaggerArgumentResponse(
-                    name=KEY__sign_up_template,
-                    description="The template to send if the user hasn't signed up",
-                    required=False,
-                    condition="Should an email be sent or the default be used",
-                    arg_type=str,
-                    example=KG__application__default_s_et
-                ),
-                SwaggerArgumentResponse(
-                    name=KEY__already_signed_up_template,
-                    description="The template to send if the user is already signed up",
-                    required=False,
-                    condition="Should an email be sent or the default be used",
-                    arg_type=str,
-                    example=KG__application__default_a_et
-                )
-            ],
-            response=RES__allow_all
-        )
-    ]
-)
-
-DOCUMENTATION__invite = SwaggerDocumentation(
-    tags="invite",
-    # Explicitly set sign up to true to enforce design decision. We use the attempted insert of the current user (which can be the public user) as security
-    # If the insert fails then the user cannot sign up
-    security=True,
-    methods=[
-        SwaggerMethod(
-            name="Request an invitation",
-            description="Requests an invitation, sending an email to the user (or if the email template does not contain "
-            "the unlock code, they will then need to be approved by an admin).",
-            method=REST__POST,
-            body=[
-                set_nullable(ARG_RES__username, "Potentially if the user is not known"),
-                ARG_RES__parameters,
-                ARG_RES__event_application,
-                SwaggerArgumentResponse(
-                    name=KEY__sign_up_template,
-                    description="The template to send if the user hasn't signed up",
-                    required=False,
-                    condition="Should an email be sent or the default be used",
-                    arg_type=str,
-                    example=KG__application__default_s_et
-                ),
-                SwaggerArgumentResponse(
-                    name=KEY__already_signed_up_template,
-                    description="The template to send if the user is already signed up",
-                    required=False,
-                    condition="Should an email be sent or the default be used",
-                    arg_type=str,
-                    example=KG__application__default_a_et
-                )
-            ],
-            response=RES__allow_all
-        )
-    ]
-)
-
-from jaaql.mvc.handmade_queries import EMAIL_TYPE__signup
-
-DOCUMENTATION__security_event = SwaggerDocumentation(
-    tags="Security Event",
-    security=False,
-    methods=[
-        SwaggerMethod(
-            name="Check Event and Key",
-            description="Checks a security event is unused and that the key is valid",
-            method=REST__POST,
-            body=[
-                set_nullable(ARG_RES__event_lock, "Just the unlock key can be provided"),
-                ARG_RES__security_event_unlock_key,
-                ARG_RES__security_event_unlock_code
-            ],
-            response=SwaggerFlatResponse(
-                description="Will receive the type of the description if unlock code is correct",
-                body=EMAIL_TYPE__signup
-            )
-        ),
-        SwaggerMethod(
-            name="Finish Security Event",
-            description="Finishes the security event, supplying a password which can either be a new password or your login password, if using the "
-            "already signed up flow",
-            method=REST__PUT,
-            body=[
-                set_nullable(ARG_RES__event_lock, "Just the unlock key can be provided"),
-                ARG_RES__security_event_unlock_key,
-                ARG_RES__security_event_unlock_code,
-                set_nullable(ARG_RES__password, "only if it's required")
-            ],
-            response=SwaggerResponse(
-                description="Signup parameters",
-                response=[
-                    ARG_RES__parameters,
-                    ARG_RES__username
-                ]
-            )
-        )
-    ]
-)
-
 ARG_RES__proc = [
     SwaggerArgumentResponse(
         name=KG__remote_procedure__application,

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/exceptions/http_status_exception.py

@@ -28,9 +28,11 @@ class HttpStatusException(Exception):
 
 
 class HttpSingletonStatusException(HttpStatusException):
-    def __init__(self, message: str, response_code: int = HTTPStatus.UNPROCESSABLE_ENTITY):
+    def __init__(self, message: str, response_code: int = HTTPStatus.UNPROCESSABLE_ENTITY, actual_count: int = 1):
         super().__init__(message, response_code)
 
+        self.actual_count = actual_count
+
 
 class JaaqlInterpretableHandledError(Exception):
     def __init__(self, error_code: int, http_response_code: int,

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/generated_constants.py

@@ -268,7 +268,7 @@ class Constraints(Enum):
     DatabaseUserRegistryProviderTenantDatabaseKey = "database_user_registry_provider_tenant_database_key"
     AccountIdKey = "account_id_key"
     ValidatedIpAddressUuidKey = "validated_ip_address_uuid_key"
-    SecurityEventApplicationEventLockKey = "security_event_application_event_lock_key"
+    SecurityEventApplicationNameTypeKey = "security_event_application_name_type_key"
     HandledErrorCodeKey = "handled_error_code_key"
     PgBaseExceptionNameKey = "pg_base_exception_name_key"
     PgErrorClassCodeKey = "pg_error_class_code_key"

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/interpreter/interpret_jaaql.py

@@ -612,8 +612,6 @@ GROUP BY CH.column_name, CH.data_type, CH.udt_name, CH.domain_name;"""
             return PYFORMAT_str
         elif isinstance(value, list):
             return PYFORMAT_str
-        elif isinstance(value, list):
-            return PYFORMAT_str
         elif type(value).__name__ == "date":
             return PYFORMAT_str
         elif isinstance(value, Decimal):

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/mvc/controller.py

@@ -1,3 +1,5 @@
+from jaaql.mvc.exception_queries import SECURITY_EVENT_TYPE__create, SECURITY_EVENT_TYPE__delete, \
+    SECURITY_EVENT_TYPE__reset
 from jaaql.mvc.model import JAAQLModel
 from jaaql.mvc.base_controller import BaseJAAQLController
 from jaaql.documentation.documentation_internal import *
@@ -93,10 +95,6 @@ class JAAQLController(BaseJAAQLController):
         def prepare(http_inputs: dict, account_id: str):
             return self.model.fetch_domains(http_inputs, account_id)
 
-        @self.publish_route('/account/password', DOCUMENTATION__password)
-        def password(account_id: str, username: str, ip_address: str, is_the_anonymous_user: bool, http_inputs: dict):
-            return self.model.add_my_account_password(account_id, username, ip_address, is_the_anonymous_user, **http_inputs)
-
         @self.publish_route('/submit', DOCUMENTATION__submit)
         def submit(http_inputs: dict, account_id: str, verification_hook: queue.Queue, ip_address: str):
             return self.model.submit(http_inputs, account_id, verification_hook=verification_hook, ip_address=ip_address)
@@ -113,37 +111,29 @@ class JAAQLController(BaseJAAQLController):
         def clean(connection: DBInterface):
             self.model.clean(connection)
 
+        @self.publish_route('/security-event', DOCUMENTATION__security_event)
+        def security_event(http_inputs: dict, account_id: str):
+            security_event = security_event__select(self.model.jaaql_lookup_connection, http_inputs[KEY__application],
+                                                    name=http_inputs[KG__security_event__name],
+                                                    type=http_inputs[KG__security_event__type])
+            http_inputs["email"] = http_inputs[KEY__parameters]["email"]
+            if security_event[KG__security_event__type] == SECURITY_EVENT_TYPE__create:
+                return self.model.security_event__create_user(http_inputs, account_id, security_event)
+            elif security_event[KG__security_event__type] == SECURITY_EVENT_TYPE__delete:
+                return self.model.security_event__delete_user(http_inputs, account_id, security_event)
+            elif security_event[KG__security_event__type] == SECURITY_EVENT_TYPE__reset:
+                return self.model.security_event__reset_user_password(http_inputs, account_id, security_event)
+            else:
+                raise HttpStatusException("Invalid security event type")
+
         @self.publish_route('/internal/dispatchers', DOCUMENTATION__dispatchers)
         def dispatchers(connection: DBInterface, http_inputs: dict):
             self.model.attach_dispatcher_credentials(connection, http_inputs)
 
-        @self.publish_route('/invite', DOCUMENTATION__invite)
-        def invite(http_inputs: dict, account_id: str, is_the_anonymous_user: bool):
-            return self.model.invite(http_inputs, account_id, is_the_anonymous_user)
-
-        @self.publish_route('/sign-up', DOCUMENTATION__sign_up)
-        def sign_up(http_inputs: dict, ip_address: str, response: JAAQLResponse):
-            return self.model.sign_up(http_inputs, ip_address, response)
-
-        @self.publish_route('/sign-up-resend', DOCUMENTATION__resend_sign_up)
-        def sign_up_resend(http_inputs: dict, account_id: str, username: str):
-            return self.model.resend_signup_email(http_inputs, account_id, username)
-
         @self.publish_route('/email', DOCUMENTATION__emails)
         def send_email(is_the_anonymous_user: bool, account_id: str, http_inputs: dict, username: str, auth_token: str):
             return self.model.send_email(is_the_anonymous_user, account_id, http_inputs, username, auth_token)
 
-        @self.publish_route('/account/reset-password', DOCUMENTATION__reset_password)
-        def reset_password(http_inputs: dict):
-            return self.model.reset_password(http_inputs)
-
-        @self.publish_route('/security-event', DOCUMENTATION__security_event)
-        def security_event(http_inputs: dict):
-            if self.is_post():
-                return self.model.check_security_event_key_and_security_event_is_unlocked(http_inputs)
-            else:
-                return self.model.finish_security_event(http_inputs)
-
         @self.publish_route('/cron', DOCUMENTATION__cron)
         def cron(ip_address: str):
             self.model.execute_cron_jobs(ip_address)
@@ -201,3 +191,16 @@ class JAAQLController(BaseJAAQLController):
         @self.publish_route('/rendered_documents', DOCUMENTATION__rendered_document)
         def documents(http_inputs: dict):
             return self.model.fetch_document_stream(http_inputs)
+
+        @self.publish_route('/oidc/logout', DOCUMENTATION__oidc_begin_logout)
+        def begin_oidc_logout(http_inputs: dict, response: JAAQLResponse):
+            # inputs: application, tenant, provider, optional schema, redirect_uri, optional id_token_hint
+            self.model.begin_oidc_logout(http_inputs, response)
+
+        @self.publish_route('/oidc/post-logout', DOCUMENTATION__oidc_post_logout)
+        def finish_oidc_logout(http_inputs: dict, response: JAAQLResponse):
+            # KC returns ?state=... here; validate against cookie and bounce to final app URL
+            self.model.finish_oidc_logout(
+                {"state": http_inputs["state"], "oidc_cookie": request.cookies.get(COOKIE_OIDC)},
+                response
+            )

{jaaql_middleware_python-4.33.8 → jaaql_middleware_python-4.33.10}/jaaql/mvc/exception_queries.py

@@ -1,5 +1,5 @@
 """
-This script was generated from jaaql.exceptions.fxli at 2025-05-21, 11:25:44
+This script was generated from jaaql.exceptions.fxli at 2025-11-05, 14:24:08
 """
 
 from jaaql.utilities.crypt_utils import get_repeatable_salt
@@ -190,69 +190,19 @@ QUERY___add_or_update_validated_ip_address = "INSERT INTO validated_ip_address (
 QUERY__fetch_application_schemas = "SELECT S.name, S.database, (A.default_schema = S.name) as is_default, A.is_live FROM application_schema S INNER JOIN application A ON A.name = S.application WHERE S.application = :application"
 KEY__is_default = "is_default"
 
-QUERY__count_security_events_of_type_in_24hr_window = """
-    SELECT
-        COUNT(*) as count
-    FROM security_event S
-    INNER JOIN email_template E ON E.name = S.email_template AND E.application = S.application
-    WHERE E.type IN (:type_one, :type_two) AND ((:account::postgres_role is not null AND account = :account) OR (:fake_account::encrypted__jaaql_username is not null AND fake_account = :fake_account)) AND (creation_timestamp + interval '24 hour') > current_timestamp
-"""
-
-
-def count_for_security_event(
-    connection: DBInterface, encryption_key: bytes, vault_repeatable_salt: str,
-    type_one: str, type_two: str,
-    account, fake_account=None
-):
-    return execute_supplied_statement_singleton(
-        connection, QUERY__count_security_events_of_type_in_24hr_window, {
-            "type_one": type_one, "type_two": type_two,
-            KG__security_event__account: account,
-            KG__security_event__fake_account: fake_account
-        }, as_objects=True, encryption_key=encryption_key, encrypt_parameters=[KG__security_event__fake_account],
-        encryption_salts={KG__security_event__fake_account: get_repeatable_salt(vault_repeatable_salt, fake_account)}
-    )[KEY__count]
-
 
 RPC_ACCESS__private = "P"
 RPC_ACCESS__public = "U"
 RPC_ACCESS__webhook = "W"
 
+SECURITY_EVENT_TYPE__create = "C"
+SECURITY_EVENT_TYPE__delete = "D"
+SECURITY_EVENT_TYPE__reset = "R"
+
 KEY__type_one = "type_one"
 KEY__type_two = "type_two"
 
-EMAIL_TYPE__signup = "S"
-EMAIL_TYPE__already_signed_up = "A"
-EMAIL_TYPE__reset_password = "R"
-EMAIL_TYPE__unregistered_password_reset = "U"
-EMAIL_TYPE__general = "G"
-
-KEY__key_fits = "key_fits"
-QUERY__check_security_event_unlock = """
-    UPDATE
-        security_event S
-    SET
-        wrong_key_attempt_count = S.wrong_key_attempt_count + (case when (S.unlock_code = :unlock_code OR S.unlock_key = :unlock_key OR S.wrong_key_attempt_count >= 3) then 0 else 1 end)
-    FROM application A
-    WHERE
-        S.application = A.name AND
-        (S.event_lock = :event_lock OR S.unlock_key = :unlock_key) AND S.finish_timestamp is null AND
-        S.creation_timestamp + (A.unlock_key_validity_period || ' seconds')::interval > current_timestamp
-    RETURNING S.*, A.unlock_code_validity_period, (S.unlock_code = :unlock_code OR S.unlock_key = :unlock_key) as key_fits
-"""
-
 
-def check_security_event_unlock(
-    connection: DBInterface, event_lock, unlock_code,
-    unlock_key, singleton_code: int = None, singleton_message: str = None
-):
-    return execute_supplied_statement_singleton(
-        connection, QUERY__check_security_event_unlock, {
-            KG__security_event__event_lock: event_lock,
-            KG__security_event__unlock_code: unlock_code,
-            KG__security_event__unlock_key: unlock_key
-        }, as_objects=True, singleton_code=singleton_code, singleton_message=singleton_message
-    )
 
 
 QUERY__fetch_document_templates_for_email_template = """