matchbox-db 0.8.0__tar.gz → 0.8.2.dev56__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.github/workflows/ci.yml +16 -1
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.pre-commit-config.yaml +1 -1
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/PKG-INFO +1 -1
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/factories/index.md +1 -11
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/contributing.md +19 -1
- matchbox_db-0.8.2.dev56/docs/server/cli.md +59 -0
- matchbox_db-0.8.2.dev56/docs/server/permissions.md +45 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/server/risks.md +5 -7
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/environments/development.env +8 -7
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/justfile +0 -2
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/mkdocs.yml +1 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/pyproject.toml +5 -3
- matchbox_db-0.8.2.dev56/src/matchbox/client/_handler/__init__.py +88 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/_handler/admin.py +39 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/_handler/auth.py +24 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/_handler/collections.py +329 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/_handler/eval.py +68 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/_handler/groups.py +59 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/_handler/main.py +133 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/_handler/query.py +104 -0
- matchbox_db-0.8.0/src/matchbox/client/cli/server.py → matchbox_db-0.8.2.dev56/src/matchbox/client/cli/admin.py +7 -11
- matchbox_db-0.8.2.dev56/src/matchbox/client/cli/annotations.py +33 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/cli/auth.py +23 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/cli/collections.py +137 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/app.py +0 -20
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/run.py +2 -10
- matchbox_db-0.8.2.dev56/src/matchbox/client/cli/groups.py +138 -0
- matchbox_db-0.8.2.dev56/src/matchbox/client/cli/main.py +54 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/dags.py +14 -3
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/eval/samples.py +5 -13
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/queries.py +0 -2
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/dtos.py +32 -8
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/eval.py +0 -1
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/exceptions.py +64 -2
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/factories/scenarios.py +239 -28
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/logging.py +48 -18
- matchbox_db-0.8.2.dev56/src/matchbox/server/api/dependencies.py +322 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/api/main.py +39 -29
- matchbox_db-0.8.2.dev56/src/matchbox/server/api/routers/auth.py +45 -0
- matchbox_db-0.8.0/src/matchbox/server/api/routers/collection.py → matchbox_db-0.8.2.dev56/src/matchbox/server/api/routers/collections.py +155 -23
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/api/routers/eval.py +29 -5
- matchbox_db-0.8.2.dev56/src/matchbox/server/api/routers/groups.py +121 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/base.py +91 -8
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/adapter/admin.py +81 -250
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/adapter/collections.py +32 -9
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/adapter/eval.py +35 -28
- matchbox_db-0.8.2.dev56/src/matchbox/server/postgresql/adapter/groups.py +202 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/adapter/main.py +6 -0
- matchbox_db-0.8.2.dev56/src/matchbox/server/postgresql/alembic/versions/ecb39d1cc5c2_add_not_distinct_nulls_to_permissions_.py +45 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/justfile +1 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/orm.py +102 -20
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/utils/db.py +68 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/uploads.py +11 -2
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox_db.egg-info/PKG-INFO +1 -1
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox_db.egg-info/SOURCES.txt +24 -4
- matchbox_db-0.8.2.dev56/src/matchbox_db.egg-info/entry_points.txt +3 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/cli/eval/test_app.py +0 -3
- matchbox_db-0.8.2.dev56/test/client/cli/test_admin.py +32 -0
- matchbox_db-0.8.2.dev56/test/client/cli/test_collections.py +150 -0
- matchbox_db-0.8.2.dev56/test/client/cli/test_groups.py +107 -0
- matchbox_db-0.8.2.dev56/test/client/cli/test_main.py +142 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/test_dags.py +69 -5
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/test_eval.py +2 -11
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/test_handler.py +9 -41
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/test_models.py +2 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/test_queries.py +9 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/factories/test_scenarios.py +12 -3
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/test_eval.py +5 -7
- matchbox_db-0.8.2.dev56/test/e2e/test_e2e_cli.py +164 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/e2e/test_e2e_dag.py +2 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/e2e/test_e2e_evaluation.py +7 -4
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/e2e/test_e2e_methodologies.py +10 -2
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/fixtures/client.py +9 -3
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/fixtures/db.py +28 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/scripts/authorisation.py +15 -1
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/scripts/eval.py +0 -1
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/adapter/test_adapter_admin.py +317 -224
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/adapter/test_adapter_collections.py +121 -6
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/adapter/test_adapter_eval.py +19 -19
- matchbox_db-0.8.2.dev56/test/server/adapter/test_adapter_groups.py +285 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/adapter/test_adapter_main.py +1 -0
- matchbox_db-0.8.2.dev56/test/server/api/routes/test_routes_auth.py +520 -0
- matchbox_db-0.8.0/test/server/api/routes/test_routes_collection.py → matchbox_db-0.8.2.dev56/test/server/api/routes/test_routes_collections.py +143 -3
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/api/routes/test_routes_eval.py +2 -5
- matchbox_db-0.8.2.dev56/test/server/api/routes/test_routes_groups.py +154 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/api/routes/test_routes_resolution.py +8 -8
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/uv.lock +8 -7
- matchbox_db-0.8.0/docs/server/cli.md +0 -50
- matchbox_db-0.8.0/src/matchbox/client/_handler.py +0 -582
- matchbox_db-0.8.0/src/matchbox/client/cli/auth.py +0 -15
- matchbox_db-0.8.0/src/matchbox/client/cli/main.py +0 -27
- matchbox_db-0.8.0/src/matchbox/server/api/dependencies.py +0 -193
- matchbox_db-0.8.0/src/matchbox/server/api/routers/auth.py +0 -87
- matchbox_db-0.8.0/src/matchbox_db.egg-info/entry_points.txt +0 -2
- matchbox_db-0.8.0/test/client/cli/test_main.py +0 -94
- matchbox_db-0.8.0/test/server/api/routes/test_routes_auth.py +0 -162
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.github/dependabot.yml +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.github/pull_request_template.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.github/workflows/codeql.yml +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.github/workflows/prerelease.yml +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.github/workflows/release.yml +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.gitignore +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.vscode/launch.json +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/.vscode/settings.json +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/CODEOWNERS +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/LICENSE +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/README.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docker-compose.yml +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/client/dags.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/client/eval.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/client/index.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/client/locations.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/client/models.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/client/queries.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/client/results.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/client/sources.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/arrow.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/db.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/dtos.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/eval.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/exceptions.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/factories/entities.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/factories/models.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/factories/scenarios.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/factories/sources.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/hash.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/index.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/logging.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/common/transform.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/server/api.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/server/backends/postgresql.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/server/index.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/api/server/uploads.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/assets/matchbox-icon-dark.png +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/assets/matchbox-icon.svg +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/assets/matchbox-logo-dark.svg +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/assets/matchbox-logo-light.svg +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/client/dag-interactive.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/client/evaluation.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/client/explore-dags.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/client/install.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/client/link-data.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/client/look-up.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/index.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/server/concepts.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/server/install.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/stylesheets/extra.css +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/docs/use-cases.md +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/environments/containers.env +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/environments/sample_client.env +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/environments/sample_server.env +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/setup.cfg +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/_settings.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/modals.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/styles.tcss +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/widgets/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/widgets/assignment.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/widgets/styling.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/cli/eval/widgets/table.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/eval/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/locations.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/comparison.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/dedupers/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/dedupers/base.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/dedupers/naive.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/linkers/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/linkers/base.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/linkers/deterministic.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/linkers/splinklinker.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/linkers/weighteddeterministic.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/models/models.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/results.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/client/sources.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/arrow.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/datatypes.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/db.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/factories/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/factories/dags.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/factories/entities.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/factories/models.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/factories/sources.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/hash.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/common/transform.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/Dockerfile +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/api/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/api/routers/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/api/static/favicon.png +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/api/static/swagger-ui-bundle.js +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/api/static/swagger-ui.css +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/.gitkeep +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/adapter/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/adapter/query.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/env.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/script.py.mako +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/05cc4181a0ad_removed_source_key_reference_and_added_.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/13095b44ff09_add_user_model_groups_and_permissions_.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/1907c34cfa1f_create_tables_given_schema.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/3754ae042254_move_orm_to_root_leaf_contains_structure.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/3dfe29cecf2f_migrate_to_sql_first_insertion_logic.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/40a8e5ed48f2_create_schema_without_tables.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/4a7c35f86405_move_sourceconfigs_from_sourceaddress_.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/58ee4e19fb7d_add_tag_to_judgement.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/7a2d1b10ac0f_switch_from_location_uri_to_name.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/83b134a86713_simplify_resolution_naming_and_hashing.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/8c7f757b1046_remove_human_resolution_type.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/95c0b5c23446_renaming_sources_to_source_config.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/ae63f79f6b39_renamed_sourcecolumns_to_sourcefields.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/b38d61ab11cc_add_index_to_the_clustersourcekey_table.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/b694eb292dea_add_an_index_to_the_probabilities_.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/beba75a24962_add_pkspace_table.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/c4cb937d00f4_add_modelconfigs.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/c774fd4b69f8_add_upload_stage_to_resolutions.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/dd0c3a9ecdf9_add_migrations_for_first_eval_tables.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/e4122bdf9b0d_renamed_primary_keys_to_just_keys.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/f3c9279437f4_add_content_hash_to_resolutions.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic/versions/f500f7d832fe_adds_collections_and_versions_to_scope_.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/alembic.ini +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/db.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/mixin.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/utils/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/utils/insert.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/utils/query.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox/server/postgresql/utils/results.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox_db.egg-info/dependency_links.txt +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox_db.egg-info/requires.txt +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/src/matchbox_db.egg-info/top_level.txt +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/cli/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/cli/eval/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/cli/eval/test_widgets.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/models/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/models/methodologies/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/models/methodologies/test_dedupers_deterministic.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/models/methodologies/test_linkers_deterministic.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/models/methodologies/test_linkers_probabilistic.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/models/test_comparison.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/test_locations.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/test_results.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/client/test_sources.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/factories/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/factories/test_entity_factory.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/factories/test_linked_factory.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/factories/test_model_factory.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/factories/test_probability_generation.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/factories/test_source_factory.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/factories/test_testkit_dag.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/test_datatypes.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/test_dto.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/test_hash.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/test_results.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/common/test_transform.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/conftest.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/fixtures/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/justfile +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/adapter/test_adapter_query.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/api/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/api/routes/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/api/routes/test_routes_main.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/postgresql/__init__.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/postgresql/test_pg_core.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/postgresql/test_pg_migrations.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/postgresql/test_pg_sql.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/server/test_uploads.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/test/utils.py +0 -0
- {matchbox_db-0.8.0 → matchbox_db-0.8.2.dev56}/trufflehog-exclude.txt +0 -0
|
@@ -55,6 +55,21 @@ jobs:
|
|
|
55
55
|
- name: Copy environment variables
|
|
56
56
|
run: cp environments/development.env .env
|
|
57
57
|
|
|
58
|
+
- name: Generate test keys
|
|
59
|
+
run: |
|
|
60
|
+
uv run test/scripts/authorisation.py keygen > /tmp/keys.json
|
|
61
|
+
|
|
62
|
+
echo "MB__DEV__PRIVATE_KEY=\"$(jq -r '.private_key' /tmp/keys.json)\"" >> .env
|
|
63
|
+
|
|
64
|
+
echo "MB__SERVER__PUBLIC_KEY=\"$(jq -r '.public_key' /tmp/keys.json)\"" >> .env
|
|
65
|
+
|
|
66
|
+
echo "MB__CLIENT__JWT=$(jq -r .private_key /tmp/keys.json | \
|
|
67
|
+
uv run test/scripts/authorisation.py jwt \
|
|
68
|
+
--sub e9ba93b3-e4d5-4dee-868c-d011116142bd \
|
|
69
|
+
--api-root https://localhost:8000/ \
|
|
70
|
+
--expiry 999999 | \
|
|
71
|
+
tr -d '\n')" >> .env
|
|
72
|
+
|
|
58
73
|
- name: Run databases and API
|
|
59
74
|
run: docker compose --env-file .env --env-file environments/containers.env up -d --wait
|
|
60
75
|
|
|
@@ -132,4 +147,4 @@ jobs:
|
|
|
132
147
|
|
|
133
148
|
steps:
|
|
134
149
|
- name: CI success
|
|
135
|
-
run: echo "All CI checks passed!"
|
|
150
|
+
run: echo "All CI checks passed!"
|
|
@@ -31,7 +31,7 @@ repos:
|
|
|
31
31
|
|
|
32
32
|
# Mandatory internal hooks
|
|
33
33
|
- repo: https://github.com/uktrade/github-standards
|
|
34
|
-
rev: v1.
|
|
34
|
+
rev: v1.3.0 # update periodically with pre-commit autoupdate
|
|
35
35
|
hooks:
|
|
36
36
|
- id: run-security-scan
|
|
37
37
|
verbose: false
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: matchbox-db
|
|
3
|
-
Version: 0.8.
|
|
3
|
+
Version: 0.8.2.dev56
|
|
4
4
|
Summary: A framework for orchestrating and comparing data linking and deduplication methodologies.
|
|
5
5
|
Author: Department for Business and Trade
|
|
6
6
|
Project-URL: Documentation, https://uktrade.github.io/matchbox/
|
|
@@ -221,17 +221,7 @@ def test_my_adapter_function(my_backend_adapter):
|
|
|
221
221
|
|
|
222
222
|
The scenario system is cached, so subsequent runs of the same scenario are significantly faster.
|
|
223
223
|
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
The following built-in scenarios are available. They are built on top of each other, so `link` includes all the steps from `dedupe`, which includes `index`, and so on.
|
|
227
|
-
|
|
228
|
-
* **`bare`**: Creates a set of linked sources and writes them to the data warehouse, but does not interact with the matchbox backend.
|
|
229
|
-
* **`index`**: Takes the `bare` scenario and indexes all the sources in the matchbox backend.
|
|
230
|
-
* **`dedupe`**: Takes the `index` scenario and adds perfectly deduplicated models for each source.
|
|
231
|
-
* **`probabilistic_dedupe`**: Like `dedupe`, but the models produce probabilistic scores rather than perfect matches.
|
|
232
|
-
* **`link`**: Takes the `dedupe` scenario and adds linking models between the deduplicated sources, culminating in a `final_join` resolution.
|
|
233
|
-
* **`alt_dedupe`**: A specialised scenario with two alternative deduplication models for the same source.
|
|
234
|
-
* **`convergent`**: A specialised scenario where two different sources index to almost identical data.
|
|
224
|
+
See [the scenarios API][matchbox.common.factories.scenarios] for a full list of available scenarios.
|
|
235
225
|
|
|
236
226
|
### Creating new scenarios
|
|
237
227
|
|
|
@@ -11,6 +11,24 @@ This document describes how you can get started with developing Matchbox.
|
|
|
11
11
|
|
|
12
12
|
Set up environment variables by creating a `.env` file under project directory. See [`/environments/development.env`](https://github.com/uktrade/matchbox/blob/main/environments/development.env) for sensible defaults, which should work as is with the Docker Compose set-up and the tests.
|
|
13
13
|
|
|
14
|
+
Generate dummy public/private keys and a JWT for local testing. The below will add the required variables to the bottom of your `.env` file.
|
|
15
|
+
|
|
16
|
+
```shell
|
|
17
|
+
uv run test/scripts/authorisation.py keygen > /tmp/keys.json
|
|
18
|
+
|
|
19
|
+
echo "MB__DEV__PRIVATE_KEY=\"$(jq -r '.private_key' /tmp/keys.json)\"" >> .env
|
|
20
|
+
|
|
21
|
+
echo "MB__SERVER__PUBLIC_KEY=\"$(jq -r '.public_key' /tmp/keys.json)\"" >> .env
|
|
22
|
+
|
|
23
|
+
echo "MB__CLIENT__JWT=$(jq -r .private_key /tmp/keys.json | \
|
|
24
|
+
uv run test/scripts/authorisation.py jwt \
|
|
25
|
+
--sub e9ba93b3-e4d5-4dee-868c-d011116142bd \
|
|
26
|
+
--email test@example.org \
|
|
27
|
+
--api-root https://localhost:8000/ \
|
|
28
|
+
--expiry 999999 | \
|
|
29
|
+
tr -d '\n')" >> .env
|
|
30
|
+
```
|
|
31
|
+
|
|
14
32
|
This project is managed by [uv](https://docs.astral.sh/uv/), linted and formated with [ruff](https://docs.astral.sh/ruff/), and tested with [pytest](https://docs.pytest.org/en/stable/). [Docker](https://www.docker.com) is used for local development. Documentation is build using [mkdocs](https://www.mkdocs.org).
|
|
15
33
|
|
|
16
34
|
To install all dependencies for this project, run:
|
|
@@ -184,4 +202,4 @@ We suggest using tools like [`wayneashleyberry/gh-act`](https://github.com/wayne
|
|
|
184
202
|
gh act update --pin
|
|
185
203
|
```
|
|
186
204
|
|
|
187
|
-
You will still need to independently verify that the new pins are safe.
|
|
205
|
+
You will still need to independently verify that the new pins are safe.
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
# Command line interface
|
|
2
|
+
|
|
3
|
+
Matchbox comes with a command line interface (CLI) that allows users to perform certain management tasks.
|
|
4
|
+
|
|
5
|
+
To run the CLI:
|
|
6
|
+
|
|
7
|
+
```shell
|
|
8
|
+
mbx [OPTIONS] COMMAND [ARGS]
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
To get help:
|
|
12
|
+
|
|
13
|
+
```shell
|
|
14
|
+
mbx --help
|
|
15
|
+
```
|
|
16
|
+
|
|
17
|
+
To get help on specific commands:
|
|
18
|
+
|
|
19
|
+
```shell
|
|
20
|
+
mbx COMMAND --help
|
|
21
|
+
```
|
|
22
|
+
|
|
23
|
+
## How do I?
|
|
24
|
+
|
|
25
|
+
### Bootstrap Matchbox
|
|
26
|
+
|
|
27
|
+
The first user is always the system admin. As soon as you run the server for the first time, log in to automatically be added to the admins group.
|
|
28
|
+
|
|
29
|
+
```
|
|
30
|
+
mbx login
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
### Manage permissions
|
|
34
|
+
|
|
35
|
+
Permissions are defined between groups and resources. To manage groups:
|
|
36
|
+
|
|
37
|
+
```shell
|
|
38
|
+
mbx groups
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
For example, to manage permissions on a collection resource, see its related commands:
|
|
42
|
+
|
|
43
|
+
```shell
|
|
44
|
+
mbx collections -c COLLECTION permissions
|
|
45
|
+
mbx collections -c COLLECTION grant -g GROUP -p PERMISSION
|
|
46
|
+
mbx collections -c COLLECTION revoke -g GROUP -p PERMISSION
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
See [permissions](permissions.md) for more information.
|
|
50
|
+
|
|
51
|
+
### Delete orphans
|
|
52
|
+
|
|
53
|
+
When resolutions are modified or deleted, it is possible that the database ends up having clusters which are not related to any table containing sources, models or evaluations. These clusters are considered orphaned, and they should be deleted regularly to reduce bloat.
|
|
54
|
+
|
|
55
|
+
```shell
|
|
56
|
+
mbx admin prune
|
|
57
|
+
```
|
|
58
|
+
|
|
59
|
+
This command will print the number of orphaned clusters deleted.
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
!!! warning
|
|
2
|
+
Permissions are an experimental feature in Matchbox. Disable them with `MB__SERVER__AUTHORISATION=False`.
|
|
3
|
+
|
|
4
|
+
They currently assume an external identity provider uses a public, private and JWT generated elsewhere, and places them into the Matchbox client and server environments.
|
|
5
|
+
|
|
6
|
+
Matchbox uses a Role-Based Access Control (RBAC) system to manage security. Permissions are granted to **Groups**, and **Users** are assigned membership in those groups.
|
|
7
|
+
|
|
8
|
+
## Bootstrapping
|
|
9
|
+
|
|
10
|
+
When a Matchbox server is first deployed, it has no admins. To bootstrap setup:
|
|
11
|
+
|
|
12
|
+
```shell
|
|
13
|
+
mbx login
|
|
14
|
+
```
|
|
15
|
+
|
|
16
|
+
* The **first user** to log in is automatically assigned to the **admins** group
|
|
17
|
+
* This user becomes the initial system administrator
|
|
18
|
+
* All subsequent users are treated as standard users
|
|
19
|
+
|
|
20
|
+
Bootstrap as soon as the server is deployed. If you boostrap and aren't made admin, either:
|
|
21
|
+
|
|
22
|
+
* Delete the database and try again
|
|
23
|
+
* Contact whoever became the admin user is to add you to the admin group
|
|
24
|
+
|
|
25
|
+
## Defaults
|
|
26
|
+
|
|
27
|
+
* **admins**: Members of this group have full control over the system
|
|
28
|
+
* **public**: Every user who logs in is automatically added to the `public` group. This ensures baseline access control for all authenticated users
|
|
29
|
+
|
|
30
|
+
## Permission hierarchy
|
|
31
|
+
|
|
32
|
+
Permissions in Matchbox are hierarchical. Possessing a higher-level permission automatically grants all lower-level permissions for that resource.
|
|
33
|
+
|
|
34
|
+
| Level | Capability | Includes |
|
|
35
|
+
| :--- | :--- | :--- |
|
|
36
|
+
| **Admin** | Manage permissions, delete resources, full control. | Read, Write |
|
|
37
|
+
| **Write** | Create and modify data (e.g., upload sources, run models). | Read |
|
|
38
|
+
| **Read** | View data, configurations, and results. | *None* |
|
|
39
|
+
|
|
40
|
+
### Resources
|
|
41
|
+
|
|
42
|
+
Permissions are applied to specific resources:
|
|
43
|
+
|
|
44
|
+
* **System**: Permissions apply to the system as a whole, such as group creation or dumping the database
|
|
45
|
+
* **Collection**: Permissions apply only to a specific named collection, such as read access to the "finance" collection
|
|
@@ -2,8 +2,8 @@ This page contains a list of known data and security caveats determined by the c
|
|
|
2
2
|
|
|
3
3
|
## Sensitive data sources
|
|
4
4
|
|
|
5
|
-
!!!
|
|
6
|
-
Matchbox allows
|
|
5
|
+
!!! warning
|
|
6
|
+
Matchbox allows users with **read** permission on a collection to view all identifier values in that collection's indexed datasets.
|
|
7
7
|
|
|
8
8
|
### What's usually safe
|
|
9
9
|
|
|
@@ -26,12 +26,10 @@ Problems arise when:
|
|
|
26
26
|
!!! tip
|
|
27
27
|
Do not use Matchbox to index sources where the key fields are sensitive data.
|
|
28
28
|
|
|
29
|
-
Future versions of Matchbox will address this limitation by introducing an authorisation mechanism.
|
|
30
|
-
|
|
31
29
|
## Table metadata
|
|
32
30
|
|
|
33
|
-
!!!
|
|
34
|
-
Matchbox allows
|
|
31
|
+
!!! warning
|
|
32
|
+
Matchbox allows users with **read** permission to see the **list of fields** and extract-transform logic of an indexed source.
|
|
35
33
|
|
|
36
34
|
!!! tip
|
|
37
35
|
Avoid indexing sources where the **field names** or **structure** are considered sensitive.
|
|
@@ -44,7 +42,7 @@ Future versions of Matchbox will address this limitation by introducing an autho
|
|
|
44
42
|
**Example**:
|
|
45
43
|
|
|
46
44
|
* A source from `RelationalDBLocation` stores SQL queries used during indexing.
|
|
47
|
-
* If an automated pipeline reuses these queries, a malicious user could inject harmful SQL (e.g., `DROP DATABASE`).
|
|
45
|
+
* If an automated pipeline reuses these queries, a malicious user with **write** permission could inject harmful SQL (e.g., `DROP DATABASE`).
|
|
48
46
|
|
|
49
47
|
Matchbox performs **basic validation**, but **cannot guarantee query safety**.
|
|
50
48
|
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
## COPY THIS FILE to .env in the project root ##
|
|
2
|
+
## See conttributing.md for instructions on setting keys and JWTs ##
|
|
2
3
|
|
|
3
4
|
# Port configuration for Docker Compose
|
|
4
5
|
# If you change these values, you might have to update a corresponding
|
|
@@ -12,9 +13,8 @@ MB__DEV__WAREHOUSE_PORT=7654
|
|
|
12
13
|
MB__DEV__POSTGRES_BACKEND_PORT=5432
|
|
13
14
|
MB__DEV__REDIS_PORT=6379
|
|
14
15
|
MB__DEV__FLOWER_PORT=5555
|
|
15
|
-
#
|
|
16
|
-
#
|
|
17
|
-
MB__DEV__PRIVATE_KEY=-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEIPMJVIQACD9QNGi0219FHyDQUk8OUP1vkGwkdsis58hZ\n-----END PRIVATE KEY-----\n
|
|
16
|
+
# See contributing.md for instructions on setting
|
|
17
|
+
# MB__DEV__PRIVATE_KEY=
|
|
18
18
|
|
|
19
19
|
# Client configuration
|
|
20
20
|
MB__CLIENT__API_ROOT=http://localhost:8000
|
|
@@ -22,20 +22,21 @@ MB__CLIENT__TIMEOUT=10
|
|
|
22
22
|
MB__CLIENT__RETRY_DELAY=2
|
|
23
23
|
MB__CLIENT__USER=scott.mcgregor
|
|
24
24
|
MB__CLIENT__BATCH_SIZE=250_000
|
|
25
|
+
# See contributing.md for instructions on setting
|
|
26
|
+
# MB__CLIENT__JWT=
|
|
25
27
|
|
|
26
28
|
# Server configuration for when the API is run outside of Docker
|
|
27
29
|
# e.g. when running in a debugger, or when checking local DB migrations
|
|
28
30
|
MB__SERVER__LOG_LEVEL=INFO
|
|
29
31
|
MB__SERVER__BATCH_SIZE=250_000
|
|
30
32
|
MB__SERVER__BACKEND_TYPE=postgres
|
|
31
|
-
MB__SERVER__AUTHORISATION=
|
|
33
|
+
MB__SERVER__AUTHORISATION=True
|
|
32
34
|
|
|
33
35
|
MB__SERVER__TASK_RUNNER=celery
|
|
34
36
|
MB__SERVER__REDIS_URI=redis://localhost:6379/0
|
|
35
37
|
MB__SERVER__UPLOADS_EXPIRY_MINUTES=10_080
|
|
36
|
-
#
|
|
37
|
-
#
|
|
38
|
-
MB__SERVER__PUBLIC_KEY=-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAg6Jqls79JB04WSlqMkP5ta9gD62t5DyKNj0v6fWCemg=\n-----END PUBLIC KEY-----\n
|
|
38
|
+
# See contributing.md for instructions on setting
|
|
39
|
+
# MB__SERVER__PUBLIC_KEY=
|
|
39
40
|
|
|
40
41
|
MB__SERVER__DATASTORE__HOST=localhost
|
|
41
42
|
MB__SERVER__DATASTORE__PORT=9000
|
|
@@ -74,7 +74,8 @@ typing = [
|
|
|
74
74
|
]
|
|
75
75
|
|
|
76
76
|
[project.scripts]
|
|
77
|
-
matchbox = "matchbox.client.cli.main:
|
|
77
|
+
matchbox = "matchbox.client.cli.main:run"
|
|
78
|
+
mbx = "matchbox.client.cli.main:run"
|
|
78
79
|
|
|
79
80
|
[project.urls]
|
|
80
81
|
"Documentation" = "https://uktrade.github.io/matchbox/"
|
|
@@ -86,7 +87,7 @@ build-backend = "setuptools.build_meta"
|
|
|
86
87
|
|
|
87
88
|
# Presence enables setuptools-scm
|
|
88
89
|
[tool.setuptools_scm]
|
|
89
|
-
|
|
90
|
+
fallback_version = "0.0.0"
|
|
90
91
|
|
|
91
92
|
[tool.uv]
|
|
92
93
|
default-groups = ["dev", "typing"]
|
|
@@ -96,7 +97,8 @@ constraint-dependencies = [
|
|
|
96
97
|
"urllib3>=2.6.3",
|
|
97
98
|
"werkzeug>=3.1.5",
|
|
98
99
|
"setuptools-scm>=9.2.0",
|
|
99
|
-
"filelock>=3.20.
|
|
100
|
+
"filelock>=3.20.3",
|
|
101
|
+
"virtualenv>=20.36.1",
|
|
100
102
|
]
|
|
101
103
|
|
|
102
104
|
[tool.ruff]
|
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
"""Functions abstracting the interaction with the server API."""
|
|
2
|
+
|
|
3
|
+
from matchbox.client._handler.admin import (
|
|
4
|
+
count_backend_items,
|
|
5
|
+
delete_orphans,
|
|
6
|
+
)
|
|
7
|
+
from matchbox.client._handler.auth import auth_status, login
|
|
8
|
+
from matchbox.client._handler.collections import (
|
|
9
|
+
create_collection,
|
|
10
|
+
create_resolution,
|
|
11
|
+
create_run,
|
|
12
|
+
delete_collection,
|
|
13
|
+
delete_resolution,
|
|
14
|
+
delete_run,
|
|
15
|
+
get_collection,
|
|
16
|
+
get_collection_permissions,
|
|
17
|
+
get_resolution,
|
|
18
|
+
get_resolution_stage,
|
|
19
|
+
get_results,
|
|
20
|
+
get_run,
|
|
21
|
+
grant_collection_permission,
|
|
22
|
+
list_collections,
|
|
23
|
+
revoke_collection_permission,
|
|
24
|
+
set_data,
|
|
25
|
+
set_run_default,
|
|
26
|
+
set_run_mutable,
|
|
27
|
+
update_resolution,
|
|
28
|
+
)
|
|
29
|
+
from matchbox.client._handler.eval import (
|
|
30
|
+
download_eval_data,
|
|
31
|
+
sample_for_eval,
|
|
32
|
+
send_eval_judgement,
|
|
33
|
+
)
|
|
34
|
+
from matchbox.client._handler.groups import (
|
|
35
|
+
add_user_to_group,
|
|
36
|
+
create_group,
|
|
37
|
+
delete_group,
|
|
38
|
+
get_group,
|
|
39
|
+
list_groups,
|
|
40
|
+
remove_user_from_group,
|
|
41
|
+
)
|
|
42
|
+
from matchbox.client._handler.main import healthcheck
|
|
43
|
+
from matchbox.client._handler.query import match, query
|
|
44
|
+
|
|
45
|
+
__all__ = [
|
|
46
|
+
# auth
|
|
47
|
+
"auth_status",
|
|
48
|
+
"login",
|
|
49
|
+
# admin
|
|
50
|
+
"count_backend_items",
|
|
51
|
+
"delete_orphans",
|
|
52
|
+
# groups
|
|
53
|
+
"add_user_to_group",
|
|
54
|
+
"create_group",
|
|
55
|
+
"delete_group",
|
|
56
|
+
"get_group",
|
|
57
|
+
"list_groups",
|
|
58
|
+
"remove_user_from_group",
|
|
59
|
+
# main
|
|
60
|
+
"healthcheck",
|
|
61
|
+
# eval
|
|
62
|
+
"download_eval_data",
|
|
63
|
+
"sample_for_eval",
|
|
64
|
+
"send_eval_judgement",
|
|
65
|
+
# query
|
|
66
|
+
"query",
|
|
67
|
+
"match",
|
|
68
|
+
# collections
|
|
69
|
+
"create_collection",
|
|
70
|
+
"create_resolution",
|
|
71
|
+
"create_run",
|
|
72
|
+
"delete_collection",
|
|
73
|
+
"delete_resolution",
|
|
74
|
+
"delete_run",
|
|
75
|
+
"get_collection",
|
|
76
|
+
"get_collection_permissions",
|
|
77
|
+
"get_resolution",
|
|
78
|
+
"get_resolution_stage",
|
|
79
|
+
"get_results",
|
|
80
|
+
"get_run",
|
|
81
|
+
"grant_collection_permission",
|
|
82
|
+
"list_collections",
|
|
83
|
+
"revoke_collection_permission",
|
|
84
|
+
"set_data",
|
|
85
|
+
"set_run_default",
|
|
86
|
+
"set_run_mutable",
|
|
87
|
+
"update_resolution",
|
|
88
|
+
]
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"""Admin functions for the client handler."""
|
|
2
|
+
|
|
3
|
+
from matchbox.client._handler.main import CLIENT, http_retry, url_params
|
|
4
|
+
from matchbox.common.dtos import (
|
|
5
|
+
BackendCountableType,
|
|
6
|
+
ResourceOperationStatus,
|
|
7
|
+
)
|
|
8
|
+
from matchbox.common.logging import logger
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
@http_retry
|
|
12
|
+
def count_backend_items(
|
|
13
|
+
entity: BackendCountableType | None = None,
|
|
14
|
+
) -> dict[str, int]:
|
|
15
|
+
"""Count the number of various entities in the backend."""
|
|
16
|
+
if entity is not None and entity not in BackendCountableType:
|
|
17
|
+
raise ValueError(
|
|
18
|
+
f"Invalid entity type: {entity}. "
|
|
19
|
+
f"Must be one of {list(BackendCountableType)} "
|
|
20
|
+
)
|
|
21
|
+
|
|
22
|
+
log_prefix = "Backend count"
|
|
23
|
+
logger.debug("Counting", prefix=log_prefix)
|
|
24
|
+
|
|
25
|
+
res = CLIENT.get("/database/count", params=url_params({"entity": entity}))
|
|
26
|
+
|
|
27
|
+
counts = res.json()
|
|
28
|
+
logger.debug(f"Counts: {counts}", prefix=log_prefix)
|
|
29
|
+
|
|
30
|
+
return counts
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
@http_retry
|
|
34
|
+
def delete_orphans() -> ResourceOperationStatus:
|
|
35
|
+
"""Delete orphaned clusters."""
|
|
36
|
+
logger.debug("Deleting orphans")
|
|
37
|
+
|
|
38
|
+
res = CLIENT.delete("/database/orphans")
|
|
39
|
+
return ResourceOperationStatus.model_validate(res.json())
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
"""Authentication functions for the client handler."""
|
|
2
|
+
|
|
3
|
+
from matchbox.client._handler.main import CLIENT, http_retry
|
|
4
|
+
from matchbox.common.dtos import (
|
|
5
|
+
AuthStatusResponse,
|
|
6
|
+
LoginResponse,
|
|
7
|
+
)
|
|
8
|
+
from matchbox.common.logging import logger
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
@http_retry
|
|
12
|
+
def login() -> LoginResponse:
|
|
13
|
+
"""Log into Matchbox."""
|
|
14
|
+
logger.debug("Login attempt using JWT")
|
|
15
|
+
response = CLIENT.post("/auth/login")
|
|
16
|
+
return LoginResponse.model_validate(response.json())
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
@http_retry
|
|
20
|
+
def auth_status() -> AuthStatusResponse:
|
|
21
|
+
"""Check authentication status."""
|
|
22
|
+
logger.debug("Checking authentication status")
|
|
23
|
+
response = CLIENT.get("/auth/status")
|
|
24
|
+
return AuthStatusResponse.model_validate(response.json())
|