kailash 0.6.0__py3-none-any.whl → 0.6.2__py3-none-any.whl

kailash/nodes/admin/transaction_utils.py

@@ -0,0 +1,244 @@
+"""Transaction utilities for admin nodes to handle timing and persistence issues.
+
+This module provides utilities to handle common transaction and timing issues
+encountered in admin node operations, particularly around user creation,
+role assignment, and permission checks.
+"""
+
+import logging
+import time
+from typing import Any, Callable, Dict, Optional, TypeVar
+
+from kailash.sdk_exceptions import NodeExecutionError, NodeValidationError
+
+logger = logging.getLogger(__name__)
+
+T = TypeVar("T")
+
+
+class TransactionHelper:
+    """Helper class for handling database transaction timing and persistence issues."""
+
+    def __init__(self, db_node, max_retries: int = 3, retry_delay: float = 0.1):
+        """
+        Initialize transaction helper.
+
+        Args:
+            db_node: Database node instance (SQLDatabaseNode)
+            max_retries: Maximum number of retries for transient failures
+            retry_delay: Delay between retries in seconds
+        """
+        self.db_node = db_node
+        self.max_retries = max_retries
+        self.retry_delay = retry_delay
+
+    def execute_with_retry(self, operation: Callable[[], T], operation_name: str) -> T:
+        """
+        Execute a database operation with retry logic.
+
+        Args:
+            operation: Function that performs the database operation
+            operation_name: Description of the operation for logging
+
+        Returns:
+            Result of the operation
+
+        Raises:
+            NodeExecutionError: If operation fails after all retries
+        """
+        last_exception = None
+
+        for attempt in range(self.max_retries):
+            try:
+                result = operation()
+                if attempt > 0:
+                    logger.info(f"{operation_name} succeeded on attempt {attempt + 1}")
+                return result
+            except Exception as e:
+                last_exception = e
+                if attempt < self.max_retries - 1:
+                    logger.warning(
+                        f"{operation_name} failed on attempt {attempt + 1}, retrying: {e}"
+                    )
+                    time.sleep(self.retry_delay * (2**attempt))  # Exponential backoff
+                else:
+                    logger.error(
+                        f"{operation_name} failed after {self.max_retries} attempts: {e}"
+                    )
+
+        raise NodeExecutionError(
+            f"{operation_name} failed after {self.max_retries} attempts: {last_exception}"
+        )
+
+    def verify_operation_success(
+        self,
+        verification_query: str,
+        expected_result: Any,
+        operation_name: str,
+        timeout_seconds: float = 5.0,
+    ) -> bool:
+        """
+        Verify that a database operation was successful by checking the result.
+
+        Args:
+            verification_query: SQL query to verify the operation
+            expected_result: Expected result from the verification query
+            operation_name: Description of the operation for logging
+            timeout_seconds: Maximum time to wait for verification
+
+        Returns:
+            True if verification succeeds
+
+        Raises:
+            NodeValidationError: If verification fails after timeout
+        """
+        start_time = time.time()
+
+        while time.time() - start_time < timeout_seconds:
+            try:
+                result = self.db_node.run(
+                    query=verification_query, result_format="dict"
+                )
+                data = result.get("data", [])
+
+                if data and len(data) > 0:
+                    # Operation was successful
+                    logger.debug(f"{operation_name} verification succeeded")
+                    return True
+
+            except Exception as e:
+                logger.debug(f"{operation_name} verification error: {e}")
+
+            # Wait before retrying
+            time.sleep(0.05)  # 50ms
+
+        raise NodeValidationError(
+            f"{operation_name} verification failed after {timeout_seconds}s"
+        )
+
+    def create_user_with_verification(
+        self, user_data: Dict[str, Any], tenant_id: str
+    ) -> Dict[str, Any]:
+        """
+        Create a user and verify the creation was successful.
+
+        Args:
+            user_data: User data dictionary
+            tenant_id: Tenant ID
+
+        Returns:
+            User creation result
+        """
+        user_id = user_data.get("user_id")
+
+        def create_operation():
+            # Perform the user creation
+            from .user_management import UserManagementNode
+
+            user_mgmt = UserManagementNode(database_url=self.db_node.connection_string)
+            return user_mgmt.run(
+                operation="create_user", user_data=user_data, tenant_id=tenant_id
+            )
+
+        # Execute creation with retry
+        result = self.execute_with_retry(
+            create_operation, f"User creation for {user_id}"
+        )
+
+        # Verify user was created
+        verification_query = """
+            SELECT user_id FROM users
+            WHERE user_id = $1 AND tenant_id = $2
+        """
+
+        self.verify_operation_success(
+            verification_query,
+            user_id,
+            f"User {user_id} creation verification",
+            timeout_seconds=2.0,
+        )
+
+        return result
+
+    def assign_role_with_verification(
+        self, user_id: str, role_id: str, tenant_id: str
+    ) -> Dict[str, Any]:
+        """
+        Assign a role to a user and verify the assignment was successful.
+
+        Args:
+            user_id: User ID
+            role_id: Role ID
+            tenant_id: Tenant ID
+
+        Returns:
+            Role assignment result
+        """
+
+        def assign_operation():
+            from .role_management import RoleManagementNode
+
+            role_mgmt = RoleManagementNode(database_url=self.db_node.connection_string)
+            return role_mgmt.run(
+                operation="assign_user",
+                user_id=user_id,
+                role_id=role_id,
+                tenant_id=tenant_id,
+            )
+
+        # Execute assignment with retry
+        result = self.execute_with_retry(
+            assign_operation, f"Role assignment {role_id} to {user_id}"
+        )
+
+        # Verify role was assigned
+        verification_query = """
+            SELECT user_id, role_id FROM user_role_assignments
+            WHERE user_id = $1 AND role_id = $2 AND tenant_id = $3 AND is_active = true
+        """
+
+        self.verify_operation_success(
+            verification_query,
+            {"user_id": user_id, "role_id": role_id},
+            f"Role assignment {role_id} to {user_id} verification",
+            timeout_seconds=2.0,
+        )
+
+        return result
+
+
+def with_transaction_retry(max_retries: int = 3, retry_delay: float = 0.1):
+    """
+    Decorator to add retry logic to admin node operations.
+
+    Args:
+        max_retries: Maximum number of retries
+        retry_delay: Initial delay between retries
+    """
+
+    def decorator(func):
+        def wrapper(*args, **kwargs):
+            last_exception = None
+
+            for attempt in range(max_retries):
+                try:
+                    return func(*args, **kwargs)
+                except Exception as e:
+                    last_exception = e
+                    if attempt < max_retries - 1:
+                        logger.warning(
+                            f"{func.__name__} failed on attempt {attempt + 1}, retrying: {e}"
+                        )
+                        time.sleep(retry_delay * (2**attempt))
+                    else:
+                        logger.error(
+                            f"{func.__name__} failed after {max_retries} attempts: {e}"
+                        )
+
+            raise NodeExecutionError(
+                f"{func.__name__} failed after {max_retries} attempts: {last_exception}"
+            )
+
+        return wrapper
+
+    return decorator

kailash/nodes/admin/user_management.py

@@ -25,6 +25,8 @@ from enum import Enum
 from typing import Any, Dict, List, Optional, Set, Union
 from uuid import uuid4
 
+import bcrypt
+
 from kailash.nodes.base import Node, NodeParameter, register_node
 from kailash.nodes.data import SQLDatabaseNode
 from kailash.sdk_exceptions import NodeExecutionError, NodeValidationError
@@ -32,6 +34,25 @@ from kailash.sdk_exceptions import NodeExecutionError, NodeValidationError
 from .schema_manager import AdminSchemaManager
 
 
+def hash_password(password: str) -> str:
+    """Hash password using bcrypt with salt."""
+    if not password:
+        return ""
+    salt = bcrypt.gensalt()
+    hashed = bcrypt.hashpw(password.encode("utf-8"), salt)
+    return hashed.decode("utf-8")
+
+
+def verify_password(password: str, hashed: str) -> bool:
+    """Verify password against bcrypt hash."""
+    if not password or not hashed:
+        return False
+    try:
+        return bcrypt.checkpw(password.encode("utf-8"), hashed.encode("utf-8"))
+    except Exception:
+        return False
+
+
 def parse_datetime(value: Union[str, datetime, None]) -> Optional[datetime]:
     """Parse datetime from various formats."""
     if value is None:
@@ -496,7 +517,7 @@ class UserManagementNode(Node):
                     user.user_id,
                     user.email,
                     user.username,
-                    inputs.get("password_hash"),
+                    hash_password(inputs.get("password", "")),
                     user.first_name,
                     user.last_name,
                     user.display_name,
@@ -509,12 +530,15 @@ class UserManagementNode(Node):
                 ],
             )
 
-            # Get the created user to return complete data
-            created_user = self._get_user_by_id(user.user_id, tenant_id)
+            # Return the user data that was successfully inserted
+            # Add timestamps that would be set by the database
+            user_dict = user.to_dict()
+            user_dict["created_at"] = datetime.now(UTC).isoformat()
+            user_dict["updated_at"] = datetime.now(UTC).isoformat()
 
             return {
                 "result": {
-                    "user": created_user.to_dict(),
+                    "user": user_dict,
                     "operation": "create_user",
                     "timestamp": datetime.now(UTC).isoformat(),
                 }
@@ -918,7 +942,8 @@ class UserManagementNode(Node):
         """Set user password hash."""
         user_id = inputs["user_id"]
         tenant_id = inputs["tenant_id"]
-        password_hash = inputs["password_hash"]
+        password = inputs.get("password", "")
+        password_hash = hash_password(password)
 
         update_query = """
         UPDATE users
@@ -964,9 +989,13 @@ class UserManagementNode(Node):
         for i, user_data in enumerate(users_data):
             try:
                 # Create each user individually for better error handling
+                # Extract password from user_data if present
+                user_data_copy = user_data.copy()
+                password = user_data_copy.pop("password", "")
                 create_inputs = {
                     "operation": "create_user",
-                    "user_data": user_data,
+                    "user_data": user_data_copy,
+                    "password": password,
                     "tenant_id": tenant_id,
                     "database_config": inputs["database_config"],
                 }
@@ -1370,7 +1399,7 @@ class UserManagementNode(Node):
         user_id = result["data"][0]["user_id"]
 
         # Update password
-        password_hash = hashlib.sha256(new_password.encode()).hexdigest()
+        password_hash = hash_password(new_password)
         update_query = """
         UPDATE users
         SET password_hash = :password_hash,
@@ -1441,9 +1470,8 @@ class UserManagementNode(Node):
 
         user_data = result["data"][0]
         stored_hash = user_data["password_hash"]
-        provided_hash = hashlib.sha256(password.encode()).hexdigest()
 
-        if stored_hash != provided_hash:
+        if not verify_password(password, stored_hash):
             return {"authenticated": False, "message": "Invalid password"}
 
         if user_data["status"] != "active":

kailash/nodes/ai/ai_providers.py

@@ -387,10 +387,16 @@ class OllamaProvider(UnifiedAIProvider):
             return self._available
 
         try:
+            import os
+
             import ollama
 
+            # Check with environment-configured host if available
+            host = os.getenv("OLLAMA_BASE_URL") or os.getenv("OLLAMA_HOST")
+            client = ollama.Client(host=host) if host else ollama.Client()
+
             # Check if Ollama is running
-            ollama.list()
+            client.list()
             self._available = True
         except Exception:
             self._available = False
@@ -409,6 +415,9 @@ class OllamaProvider(UnifiedAIProvider):
                     * temperature, max_tokens, top_p, top_k, repeat_penalty
                     * seed, stop, num_ctx, num_batch, num_thread
                     * tfs_z, typical_p, mirostat, mirostat_tau, mirostat_eta
+                backend_config (dict): Backend configuration including:
+                    * host (str): Ollama host URL (default: from env or http://localhost:11434)
+                    * port (int): Ollama port (if provided, will be appended to host)
 
         Returns:
             Dict containing the standardized response.
@@ -418,6 +427,28 @@ class OllamaProvider(UnifiedAIProvider):
 
             model = kwargs.get("model", "llama3.1:8b-instruct-q8_0")
             generation_config = kwargs.get("generation_config", {})
+            backend_config = kwargs.get("backend_config", {})
+
+            # Configure Ollama client with custom host if provided
+            if backend_config:
+                host = backend_config.get("host", "localhost")
+                port = backend_config.get("port")
+                if port:
+                    # Construct full URL if port is provided
+                    host = (
+                        f"http://{host}:{port}"
+                        if not host.startswith("http")
+                        else f"{host}:{port}"
+                    )
+                elif backend_config.get("base_url"):
+                    host = backend_config["base_url"]
+                self._client = ollama.Client(host=host)
+            elif self._client is None:
+                # Use default client
+                import os
+
+                host = os.getenv("OLLAMA_BASE_URL") or os.getenv("OLLAMA_HOST")
+                self._client = ollama.Client(host=host) if host else ollama.Client()
 
             # Map generation_config to Ollama options
             options = {
@@ -482,7 +513,7 @@ class OllamaProvider(UnifiedAIProvider):
                     processed_messages.append(msg)
 
             # Call Ollama
-            response = ollama.chat(
+            response = self._client.chat(
                 model=model, messages=processed_messages, options=options
             )
 
@@ -522,16 +553,37 @@ class OllamaProvider(UnifiedAIProvider):
         Supported kwargs:
         - model (str): Ollama model name (default: "snowflake-arctic-embed2")
         - normalize (bool): Normalize embeddings to unit length
+        - backend_config (dict): Backend configuration (host, port, base_url)
         """
         try:
             import ollama
 
             model = kwargs.get("model", "snowflake-arctic-embed2")
             normalize = kwargs.get("normalize", False)
+            backend_config = kwargs.get("backend_config", {})
+
+            # Configure Ollama client if not already configured
+            if backend_config and not hasattr(self, "_client"):
+                host = backend_config.get("host", "localhost")
+                port = backend_config.get("port")
+                if port:
+                    host = (
+                        f"http://{host}:{port}"
+                        if not host.startswith("http")
+                        else f"{host}:{port}"
+                    )
+                elif backend_config.get("base_url"):
+                    host = backend_config["base_url"]
+                self._client = ollama.Client(host=host)
+            elif not hasattr(self, "_client") or self._client is None:
+                import os
+
+                host = os.getenv("OLLAMA_BASE_URL") or os.getenv("OLLAMA_HOST")
+                self._client = ollama.Client(host=host) if host else ollama.Client()
 
             embeddings = []
             for text in texts:
-                response = ollama.embeddings(model=model, prompt=text)
+                response = self._client.embeddings(model=model, prompt=text)
                 embedding = response.get("embedding", [])
 
                 if normalize and embedding:

kailash/nodes/ai/llm_agent.py

@@ -853,6 +853,62 @@ class LLMAgentNode(Node):
             "loaded_from": "mock_storage",
         }
 
+    def _run_async_in_sync_context(self, coro):
+        """
+        Run async coroutine in a synchronous context, handling existing event loops.
+
+        This helper method detects if an event loop is already running and handles
+        the execution appropriately to avoid "RuntimeError: This event loop is already running".
+
+        Args:
+            coro: The coroutine to execute
+
+        Returns:
+            The result of the coroutine execution
+
+        Raises:
+            TimeoutError: If the operation times out (30 seconds)
+            Exception: Any exception raised by the coroutine
+        """
+        import asyncio
+
+        try:
+            # Check if there's already a running event loop
+            loop = asyncio.get_running_loop()
+            # If we're here, there's a running loop - create a new thread
+            import threading
+
+            result = None
+            exception = None
+
+            def run_in_thread():
+                nonlocal result, exception
+                try:
+                    # Create new event loop in thread
+                    new_loop = asyncio.new_event_loop()
+                    asyncio.set_event_loop(new_loop)
+                    try:
+                        result = new_loop.run_until_complete(coro)
+                    finally:
+                        new_loop.close()
+                except Exception as e:
+                    exception = e
+
+            thread = threading.Thread(target=run_in_thread)
+            thread.start()
+            thread.join(timeout=30)  # 30 second timeout
+
+            if thread.is_alive():
+                raise TimeoutError("MCP operation timed out after 30 seconds")
+
+            if exception:
+                raise exception
+            return result
+
+        except RuntimeError:
+            # No running event loop, use asyncio.run()
+            return asyncio.run(coro)
+
     def _retrieve_mcp_context(
         self, mcp_servers: list[dict], mcp_context: list[str]
     ) -> list[dict[str, Any]]:
@@ -939,14 +995,14 @@ class LLMAgentNode(Node):
                 for server_config in mcp_servers:
                     try:
                         # List resources from server
-                        resources = asyncio.run(
+                        resources = self._run_async_in_sync_context(
                             self._mcp_client.list_resources(server_config)
                         )
 
                         # Read specific resources if requested
                         for uri in mcp_context:
                             try:
-                                resource_data = asyncio.run(
+                                resource_data = self._run_async_in_sync_context(
                                     self._mcp_client.read_resource(server_config, uri)
                                 )
 
@@ -1014,17 +1070,48 @@ class LLMAgentNode(Node):
                                     }
                                 )
 
+                    except TimeoutError as e:
+                        self.logger.warning(
+                            f"MCP server '{server_config.get('name', 'unknown')}' timed out after 30 seconds: {e}"
+                        )
+                        # Fall back to mock for this server
+                        context_data.append(
+                            {
+                                "uri": f"mcp://{server_config.get('name', 'unknown')}/fallback",
+                                "content": "MCP server timed out - using fallback content. Check if the server is running and accessible.",
+                                "source": server_config.get("name", "unknown"),
+                                "retrieved_at": datetime.now().isoformat(),
+                                "relevance_score": 0.5,
+                                "metadata": {
+                                    "error": "timeout",
+                                    "error_message": str(e),
+                                },
+                            }
+                        )
                     except Exception as e:
-                        self.logger.debug(f"MCP server connection failed: {e}")
+                        error_type = type(e).__name__
+                        self.logger.error(
+                            f"MCP server '{server_config.get('name', 'unknown')}' connection failed ({error_type}): {e}"
+                        )
+
+                        # Provide helpful error messages based on exception type
+                        if "coroutine" in str(e).lower() and "await" in str(e).lower():
+                            self.logger.error(
+                                "This appears to be an async/await issue. Please report this bug to the Kailash SDK team."
+                            )
+
                         # Fall back to mock for this server
                         context_data.append(
                             {
                                 "uri": f"mcp://{server_config.get('name', 'unknown')}/fallback",
-                                "content": "Connection failed, using fallback content",
+                                "content": f"Connection failed ({error_type}) - using fallback content. Error: {str(e)}",
                                 "source": server_config.get("name", "unknown"),
                                 "retrieved_at": datetime.now().isoformat(),
                                 "relevance_score": 0.5,
-                                "metadata": {"error": str(e)},
+                                "metadata": {
+                                    "error": error_type,
+                                    "error_message": str(e),
+                                },
                             }
                         )
 
@@ -1032,11 +1119,17 @@ class LLMAgentNode(Node):
                 if context_data:
                     return context_data
 
-            except ImportError:
+            except ImportError as e:
                 # MCPClient not available, fall back to mock
+                self.logger.info(
+                    "MCP client not available. Install the MCP SDK with 'pip install mcp' to use real MCP servers."
+                )
                 pass
             except Exception as e:
-                self.logger.debug(f"MCP retrieval error: {e}")
+                self.logger.error(
+                    f"Unexpected error in MCP retrieval: {type(e).__name__}: {e}"
+                )
+                self.logger.info("Falling back to mock MCP implementation.")
 
         # Fallback to mock implementation
         for uri in mcp_context:
@@ -1089,8 +1182,6 @@ class LLMAgentNode(Node):
 
         if use_real_mcp:
             try:
-                import asyncio
-
                 from kailash.mcp import MCPClient
 
                 # Initialize MCP client if not already done
@@ -1101,7 +1192,7 @@ class LLMAgentNode(Node):
                 for server_config in mcp_servers:
                     try:
                         # Discover tools asynchronously
-                        tools = asyncio.run(
+                        tools = self._run_async_in_sync_context(
                             self._mcp_client.discover_tools(server_config)
                         )
 
@@ -1131,16 +1222,27 @@ class LLMAgentNode(Node):
                                     {"type": "function", "function": function_def}
                                 )
 
+                    except TimeoutError as e:
+                        self.logger.warning(
+                            f"Tool discovery timed out for MCP server '{server_config.get('name', 'unknown')}': {e}"
+                        )
                     except Exception as e:
-                        self.logger.debug(
-                            f"Failed to discover tools from {server_config.get('name', 'unknown')}: {e}"
+                        error_type = type(e).__name__
+                        self.logger.error(
+                            f"Failed to discover tools from '{server_config.get('name', 'unknown')}' ({error_type}): {e}"
                         )
 
             except ImportError:
                 # MCPClient not available, use mock tools
+                self.logger.info(
+                    "MCP client not available for tool discovery. Install with 'pip install mcp' for real MCP tools."
+                )
                 pass
             except Exception as e:
-                self.logger.debug(f"MCP tool discovery error: {e}")
+                self.logger.error(
+                    f"Unexpected error in MCP tool discovery: {type(e).__name__}: {e}"
+                )
+                self.logger.info("Using mock tools as fallback.")
 
         # If no real tools discovered, provide minimal generic tools
         if not discovered_tools: