js7-client-python 2.0.1__py3-none-any.whl

js7/client/action/helper/decrypt_action.py

@@ -0,0 +1,82 @@
+import os
+import subprocess
+from pathlib import Path
+from typing import Optional, Union
+
+
+def decrypt_action(
+    java_bin_path: Union[Path, str],
+    key_file_path: Union[Path, str],
+    key_password: Optional[str],
+    in_string: Optional[str],
+    in_file: Optional[Union[Path, str]],
+    out_path: Optional[Union[Path, str]],
+) -> str:
+
+    BASE_DIR = Path(__file__).resolve().parent
+    java_lib_path = (BASE_DIR.parent.parent.parent / "java" / "lib").resolve()
+
+    java_bin_path = Path(java_bin_path)
+    key_file_path = Path(key_file_path)
+    in_file = Path(in_file) if in_file else None
+    out_path = Path(out_path) if out_path else None
+
+    if not java_lib_path.exists():
+        raise ValueError(f"Java lib path not found: {java_lib_path}.")
+
+    if not key_file_path.exists():
+        raise ValueError(f"'key_file_path' does not exist: {key_file_path}.")
+
+    if not in_string and not in_file:
+        raise ValueError("Either 'in_string' or 'in_file' must be provided.")
+
+    if in_file:
+        if not in_file.exists():
+            raise ValueError(f"'in_file' does not exist: {in_file}.")
+        if in_file.is_dir():
+            raise ValueError("'in_file' must be a file path, not a directory.")
+
+    sep = ";" if os.name == "nt" else ":"
+
+    classpath = (
+        f"{java_lib_path}/patches/*{sep}"
+        f"{java_lib_path}/sos/*{sep}"
+        f"{java_lib_path}/3rd-party/*{sep}"
+        f"{java_lib_path}/stdout"
+    )
+
+    cmd = [
+        str(java_bin_path),
+        "-classpath",
+        classpath,
+        "com.sos.commons.encryption.executable.Decrypt",
+        f"--key={key_file_path}",
+    ]
+
+    if key_password:
+        cmd.append(f"--key-password={key_password}")
+
+    if in_string:
+        # Removes "enc:" if present
+        clean_string = in_string.removeprefix("enc:")
+        cmd.append(f"--in={clean_string}")
+
+    if in_file:
+        cmd.append(f"--infile={in_file}")
+
+    if out_path:
+        if out_path.exists() and out_path.is_dir():
+            raise ValueError("'out_path' must be a file path, not a directory.")
+        cmd.append(f"--outfile={out_path}")
+
+    try:
+        result = subprocess.run(
+            cmd,
+            capture_output=True,
+            text=True,
+            check=True,
+        )
+    except subprocess.CalledProcessError as e:
+        raise RuntimeError(f"Decrypt failed: {e.stderr}")
+
+    return result.stdout.strip()

js7/client/action/helper/encrypt_action.py

@@ -0,0 +1,87 @@
+import os
+import subprocess
+from pathlib import Path
+from typing import Optional, Union
+
+
+def encrypt_action(
+    java_bin_path: Union[Path, str],
+    cert_file_path: Union[Path, str],
+    in_string: Optional[str] = None,
+    in_file: Optional[Union[Path, str]] = None,
+    out_path: Optional[Union[Path, str]] = None,
+) -> str:
+
+    BASE_DIR = Path(__file__).resolve().parent
+    java_lib_path = (BASE_DIR.parent.parent.parent / "java" / "lib").resolve()
+
+    java_bin_path = Path(java_bin_path)
+    cert_file_path = Path(cert_file_path)
+    in_file = Path(in_file) if in_file else None
+    out_path = Path(out_path) if out_path else None
+
+    # --- Validate ---
+    if not java_lib_path.exists():
+        raise ValueError(f"Java lib path not found: {java_lib_path}.")
+
+    if not cert_file_path.exists():
+        raise ValueError(f"'cert_file_path' does not exist: {cert_file_path}.")
+
+    if not in_string and not in_file:
+        raise ValueError("Either 'in_string' or 'in_file' must be provided.")
+
+    if in_string and in_file:
+        raise ValueError("Only one of 'in_string' or 'in_file' may be provided.")
+
+    if in_file:
+        if not in_file.exists():
+            raise ValueError(f"'in_file' does not exist: {in_file}.")
+        if in_file.is_dir():
+            raise ValueError("'in_file' must be a file path, not a directory.")
+
+    sep = ";" if os.name == "nt" else ":"
+
+    classpath = (
+        f"{java_lib_path}/patches/*{sep}"
+        f"{java_lib_path}/sos/*{sep}"
+        f"{java_lib_path}/3rd-party/*{sep}"
+        f"{java_lib_path}/stdout"
+    )
+
+    cmd = [
+        str(java_bin_path),
+        "-classpath",
+        classpath,
+        "com.sos.commons.encryption.executable.Encrypt",
+        f"--cert={cert_file_path}",
+    ]
+
+    # --- Input ---
+    if in_string:
+        cmd.append(f"--in={in_string}")
+
+    if in_file:
+        cmd.append(f"--infile={in_file}")
+
+    # --- Output ---
+    if out_path:
+        if out_path.exists() and out_path.is_dir():
+            raise ValueError("'out_path' must be a file path, not a directory.")
+        cmd.append(f"--outfile={out_path}")
+
+    # --- Execution ---
+    try:
+        result = subprocess.run(
+            cmd,
+            capture_output=True,
+            text=True,
+            check=True,
+        )
+    except subprocess.CalledProcessError as e:
+        raise RuntimeError(
+            f"Encrypt failed:\nSTDOUT:\n{e.stdout}\nSTDERR:\n{e.stderr}"
+        )
+
+    output = result.stdout.strip().split()[0]
+
+    return "enc:" + output

js7/client/action/iam/block_account_action.py

@@ -0,0 +1,71 @@
+from typing import Optional
+
+from ...context import Context
+from ....model.public.client.common.audit_log import AuditLog
+from ....model.private.api.endpoint import EndpointCall
+from ....model.private.http.joc.joc_v_2_8_2 import (
+    AuditParams as AuditParams_V_2_8_2,
+    OK as OK_V_2_8_2,
+    BlockedAccount as BlockedAccount_V_2_8_2
+)
+
+from ....util.check_matching_version import check_matching_version
+
+
+def block_account_action(
+    *,
+    context: Context,
+    account_name: str,
+    comment: Optional[str],
+    audit_log: Optional[AuditLog]
+) -> bool:
+
+    if check_matching_version(min="2.6.5", max="2.8.3", check=context.version):
+        request_data = _build_v_2_8_2_request(
+            account_name=account_name,
+            comment=comment,
+            audit_log=audit_log
+        )
+    else:
+        raise RuntimeError(f"Version {context.version} is not compatible with building the request.")
+    
+    # Calls the dispatcher for the matching JOC version
+    result = context.joc_api.dispatch(endpoint_id="iam/blockedAccount/store", call=EndpointCall(
+        http_service=context.http_service,
+        access_token=context.auth_provider.login(),
+        payload=request_data,
+        options=None,
+    ))
+    
+    if isinstance(result, OK_V_2_8_2):
+        return bool(result.ok)
+    
+    raise RuntimeError(f"Unexpected response type: {type(result).__name__}")
+
+#---------------------#
+# Build 2.8.2 request #
+#---------------------#
+def _build_v_2_8_2_request(
+    *,
+    account_name: str,
+    comment: Optional[str],
+    audit_log: Optional[AuditLog]
+) -> BlockedAccount_V_2_8_2:
+    
+    # Validate: account_name
+    if not account_name:
+        raise ValueError("'account_name' is required.")
+    
+    # Build: audit_log 
+    res_audit_log = AuditParams_V_2_8_2(
+        ticket_link=audit_log.ticket_link,
+        comment=audit_log.comment,
+        time_spent=audit_log.time_spent
+    ) if audit_log else None
+    
+    # Result
+    return BlockedAccount_V_2_8_2(
+        account_name=account_name,
+        audit_log=res_audit_log,
+        comment=comment,
+    )

js7/client/action/iam/change_account_password_action.py

@@ -0,0 +1,96 @@
+from typing import Optional
+
+from ...context import Context
+from ....model.public.client.common.audit_log import AuditLog
+from ....model.private.api.endpoint import EndpointCall
+from ....model.private.http.joc.joc_v_2_8_2 import (
+    AuditParams as AuditParams_V_2_8_2,
+    OK as OK_V_2_8_2,
+    AccountChangePassword as AccountChangePassword_V_2_8_2
+)
+
+from ....util.check_matching_version import check_matching_version
+
+
+def change_account_password_action(
+    *,
+    context: Context,
+    identity_service_name: str,
+    account_name: str,
+    account_password: str,
+    new_account_password: str,
+    force_password_change: bool,
+    audit_log: Optional[AuditLog]
+) -> bool:
+
+    if check_matching_version(min="2.6.5", max="2.8.3", check=context.version):
+        request_data = _build_v_2_8_2_request(
+            identity_service_name=identity_service_name,
+            account_name=account_name,
+            account_password=account_password,
+            new_account_password=new_account_password,
+            force_password_change=force_password_change,
+            audit_log=audit_log
+        )
+    else:
+        raise RuntimeError(f"Version {context.version} is not compatible with building the request.")
+    
+    # Calls the dispatcher for the matching JOC version
+    result = context.joc_api.dispatch(endpoint_id="iam/account/changepassword", call=EndpointCall(
+        http_service=context.http_service,
+        access_token=context.auth_provider.login(),
+        payload=request_data,
+        options=None,
+    ))
+    
+    if isinstance(result, OK_V_2_8_2):
+        return bool(result.ok)
+    
+    raise RuntimeError(f"Unexpected response type: {type(result).__name__}")
+
+#---------------------#
+# Build 2.8.2 request #
+#---------------------#
+def _build_v_2_8_2_request(
+    *,
+    identity_service_name: str,
+    account_name: str,
+    account_password: str,
+    new_account_password: str,
+    force_password_change: bool,
+    audit_log: Optional[AuditLog]
+) -> AccountChangePassword_V_2_8_2:
+
+    # Validate: identity_service_name
+    if not identity_service_name:
+        raise ValueError("'identity_service_name' is required.")
+    
+    # Validate: account_name
+    if not account_name:
+        raise ValueError("'account_name' is required.")
+    
+    # Validate: account_password
+    if not account_password:
+        raise ValueError("'account_password' is required.")
+    
+    # Validate: new_account_password
+    if not new_account_password:
+        raise ValueError("'new_account_password' is required.")
+    
+    # Build: audit_log 
+    res_audit_log = AuditParams_V_2_8_2(
+        ticket_link=audit_log.ticket_link,
+        comment=audit_log.comment,
+        time_spent=audit_log.time_spent
+    ) if audit_log else None
+    
+    # Result
+    return AccountChangePassword_V_2_8_2(
+        identity_service_name=identity_service_name,
+        account_name=account_name,
+        old_password=account_password,
+        password=new_account_password,
+        repeated_password=new_account_password,
+        force_password_change=force_password_change,
+        audit_log=res_audit_log
+    )

js7/client/action/iam/disable_accounts_action.py

@@ -0,0 +1,75 @@
+from typing import List, Optional
+
+from ...context import Context
+from ....model.public.client.common.audit_log import AuditLog
+from ....model.private.api.endpoint import EndpointCall
+from ....model.private.http.joc.joc_v_2_8_2 import (
+    AuditParams as AuditParams_V_2_8_2,
+    OK as OK_V_2_8_2,
+    AccountNamesFilter as AccountNamesFilter_V_2_8_2
+)
+
+from ....util.check_matching_version import check_matching_version
+
+
+def disable_accounts_action(
+    *,
+    context: Context,
+    identity_service_name: str,
+    account_names: List[str],
+    audit_log: Optional[AuditLog]
+) -> bool:
+
+    if check_matching_version(min="2.6.5", max="2.8.3", check=context.version):
+        request_data = _build_v_2_8_2_request(
+            identity_service_name=identity_service_name,
+            account_names=account_names,
+            audit_log=audit_log
+        )
+    else:
+        raise RuntimeError(f"Version {context.version} is not compatible with building the request.")
+    
+    # Calls the dispatcher for the matching JOC version
+    result = context.joc_api.dispatch(endpoint_id="iam/accounts/disable", call=EndpointCall(
+        http_service=context.http_service,
+        access_token=context.auth_provider.login(),
+        payload=request_data,
+        options=None,
+    ))
+    
+    if isinstance(result, OK_V_2_8_2):
+        return bool(result.ok)
+    
+    raise RuntimeError(f"Unexpected response type: {type(result).__name__}")
+
+#---------------------#
+# Build 2.8.2 request #
+#---------------------#
+def _build_v_2_8_2_request(
+    *,
+    identity_service_name: str,
+    account_names: List[str],
+    audit_log: Optional[AuditLog]
+) -> AccountNamesFilter_V_2_8_2:
+
+    # Validate: identity_service_name
+    if not identity_service_name:
+        raise ValueError("'identity_service_name' is required.")
+    
+    # Validate: account_name
+    if not account_names:
+        raise ValueError("At least one account name in 'account_names' is required.")
+    
+    # Build: audit_log 
+    res_audit_log = AuditParams_V_2_8_2(
+        ticket_link=audit_log.ticket_link,
+        comment=audit_log.comment,
+        time_spent=audit_log.time_spent
+    ) if audit_log else None
+    
+    # Result
+    return AccountNamesFilter_V_2_8_2(
+        identity_service_name=identity_service_name,
+        account_names=account_names,
+        audit_log=res_audit_log
+    )

js7/client/action/iam/enable_accounts_action.py

@@ -0,0 +1,75 @@
+from typing import List, Optional
+
+from ...context import Context
+from ....model.public.client.common.audit_log import AuditLog
+from ....model.private.api.endpoint import EndpointCall
+from ....model.private.http.joc.joc_v_2_8_2 import (
+    AuditParams as AuditParams_V_2_8_2,
+    OK as OK_V_2_8_2,
+    AccountNamesFilter as AccountNamesFilter_V_2_8_2
+)
+
+from ....util.check_matching_version import check_matching_version
+
+
+def enable_accounts_action(
+    *,
+    context: Context,
+    identity_service_name: str,
+    account_names: List[str],
+    audit_log: Optional[AuditLog]
+) -> bool:
+
+    if check_matching_version(min="2.6.5", max="2.8.3", check=context.version):
+        request_data = _build_v_2_8_2_request(
+            identity_service_name=identity_service_name,
+            account_names=account_names,
+            audit_log=audit_log
+        )
+    else:
+        raise RuntimeError(f"Version {context.version} is not compatible with building the request.")
+    
+    # Calls the dispatcher for the matching JOC version
+    result = context.joc_api.dispatch(endpoint_id="iam/accounts/enable", call=EndpointCall(
+        http_service=context.http_service,
+        access_token=context.auth_provider.login(),
+        payload=request_data,
+        options=None,
+    ))
+    
+    if isinstance(result, OK_V_2_8_2):
+        return bool(result.ok)
+    
+    raise RuntimeError(f"Unexpected response type: {type(result).__name__}")
+
+#---------------------#
+# Build 2.8.2 request #
+#---------------------#
+def _build_v_2_8_2_request(
+    *,
+    identity_service_name: str,
+    account_names: List[str],
+    audit_log: Optional[AuditLog]
+) -> AccountNamesFilter_V_2_8_2:
+
+    # Validate: identity_service_name
+    if not identity_service_name:
+        raise ValueError("'identity_service_name' is required.")
+    
+    # Validate: account_name
+    if not account_names:
+        raise ValueError("At least one account name in 'account_names' is required.")
+    
+    # Build: audit_log 
+    res_audit_log = AuditParams_V_2_8_2(
+        ticket_link=audit_log.ticket_link,
+        comment=audit_log.comment,
+        time_spent=audit_log.time_spent
+    ) if audit_log else None
+    
+    # Result
+    return AccountNamesFilter_V_2_8_2(
+        identity_service_name=identity_service_name,
+        account_names=account_names,
+        audit_log=res_audit_log
+    )

js7/client/action/iam/get_account_permissions_action.py

@@ -0,0 +1,75 @@
+from typing import Any, Dict, Optional
+
+from ...context import Context
+from ....model.public.client.common.audit_log import AuditLog
+from ....model.private.api.endpoint import EndpointCall
+from ....model.private.http.joc.joc_v_2_8_2 import (
+    AccountFilter as AccountFilter_V_2_8_2,
+    Accounts as Accounts_V_2_8_2,
+    AuditParams as AuditParams_V_2_8_2,
+)
+
+from ....util.check_matching_version import check_matching_version
+
+
+def get_account_permissions_action(
+    *, 
+    context: Context,
+    identity_service_name: str,
+    account_name: str,
+    audit_log: Optional[AuditLog]
+) -> Dict[str, Any]:
+
+    if check_matching_version(min="2.6.5", max="2.8.3", check=context.version):
+        request_data = _build_v_2_8_2_request(
+            identity_service_name=identity_service_name,
+            account_name=account_name,
+            audit_log=audit_log
+        )
+    else:
+        raise RuntimeError(f"Version {context.version} is not compatible with building the request.")
+    
+    # Calls the dispatcher for the matching JOC version
+    result = context.joc_api.dispatch(endpoint_id="iam/account/permissions", call=EndpointCall(
+        http_service=context.http_service,
+        access_token=context.auth_provider.login(),
+        payload=request_data,
+        options=None,
+    ))
+    
+    if isinstance(result, Accounts_V_2_8_2):
+        return result.model_dump(mode="json")
+    
+    raise RuntimeError(f"Unexpected response type: {type(result).__name__}")
+
+#---------------------#
+# Build 2.8.2 request #
+#---------------------#
+def _build_v_2_8_2_request(
+    *,
+    identity_service_name: str,
+    account_name: str,
+    audit_log: Optional[AuditLog]
+) -> AccountFilter_V_2_8_2:
+
+    # Validate: identity_service_name
+    if not identity_service_name:
+        raise ValueError("'identity_service_name' is required.")
+    
+    # Validate: account_name
+    if not account_name:
+        raise ValueError("'account_name' is required.")
+
+    # Build: audit_log 
+    res_audit_log = AuditParams_V_2_8_2(
+        ticket_link=audit_log.ticket_link,
+        comment=audit_log.comment,
+        time_spent=audit_log.time_spent
+    ) if audit_log else None
+    
+    # Result
+    return AccountFilter_V_2_8_2(
+        identity_service_name=identity_service_name,
+        account_name=account_name,
+        audit_log=res_audit_log
+    )

js7/client/action/iam/get_accounts_action.py

@@ -0,0 +1,76 @@
+from typing import List, Optional
+
+from ...context import Context
+from ....model.private.api.endpoint import EndpointCall
+from ....model.public.client.common.accounts import Account
+from ....model.private.http.joc.joc_v_2_8_2 import (
+    AccountListFilter as AccountListFilter_V_2_8_2,
+    Accounts as Accounts_V_2_8_2
+)
+
+from ....util.check_matching_version import check_matching_version
+
+
+def get_accounts_action(
+    *, 
+    context: Context,
+    identity_service_name: str,
+    filter_account_name: Optional[str],
+    filter_enabled: bool,
+    filter_disabled: bool
+) -> List[Account]:
+
+    if check_matching_version(min="2.6.5", max="2.8.3", check=context.version):
+        request_data = _build_v_2_8_2_request(
+            identity_service_name=identity_service_name,
+            filter_account_name=filter_account_name,
+            filter_enabled=filter_enabled,
+            filter_disabled=filter_disabled
+        )
+    else:
+        raise RuntimeError(f"Version {context.version} is not compatible with building the request.")
+    
+    # Calls the dispatcher for the matching JOC version
+    result = context.joc_api.dispatch(endpoint_id="iam/accounts", call=EndpointCall(
+        http_service=context.http_service,
+        access_token=context.auth_provider.login(),
+        payload=request_data,
+        options=None,
+    ))
+    
+    if isinstance(result, Accounts_V_2_8_2):
+        return [
+            Account(
+                account_name=a.account_name,
+                disabled=a.disabled,
+                force_password_change=a.force_password_change,
+                identity_service_name=a.identity_service_name,
+                roles=a.roles
+            )
+            for a in result.account_items
+        ] if result.account_items else []
+    
+    raise RuntimeError(f"Unexpected response type: {type(result).__name__}")
+
+#---------------------#
+# Build 2.8.2 request #
+#---------------------#
+def _build_v_2_8_2_request(
+    *,
+    identity_service_name: str,
+    filter_account_name: Optional[str],
+    filter_enabled: bool,
+    filter_disabled: bool
+) -> AccountListFilter_V_2_8_2:
+
+    # Validate: identity_service_name
+    if not identity_service_name:
+        raise ValueError("'identity_service_name' is required.")
+
+    # Result
+    return AccountListFilter_V_2_8_2(
+        account_name=filter_account_name,
+        disabled=filter_disabled,
+        enabled=filter_enabled,
+        identity_service_name=identity_service_name
+    )