PyPI - moat-kv - Versions diffs - 0.70.22__py3-none-any.whl → 0.70.23__py3-none-any.whl - Mend

moat-kv 0.70.22py3-none-any.whl → 0.70.23py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

moat/kv/__init__.py +1 -0
moat/kv/_cfg.yaml +97 -0
moat/kv/_main.py +6 -9
moat/kv/client.py +34 -50
moat/kv/code.py +10 -3
moat/kv/codec.py +1 -0
moat/kv/config.py +2 -0
moat/kv/data.py +8 -7
moat/kv/errors.py +17 -9
moat/kv/exceptions.py +1 -7
moat/kv/model.py +16 -24
moat/kv/runner.py +38 -35
moat/kv/server.py +86 -90
moat/kv/types.py +5 -8
{moat_kv-0.70.22.dist-info → moat_kv-0.70.23.dist-info}/METADATA +15 -18
moat_kv-0.70.23.dist-info/RECORD +19 -0
{moat_kv-0.70.22.dist-info → moat_kv-0.70.23.dist-info}/WHEEL +1 -1
moat_kv-0.70.23.dist-info/licenses/LICENSE.txt +14 -0
moat/kv/_config.yaml +0 -98
moat/kv/actor/__init__.py +0 -97
moat/kv/actor/deletor.py +0 -137
moat/kv/auth/__init__.py +0 -446
moat/kv/auth/_test.py +0 -172
moat/kv/auth/password.py +0 -232
moat/kv/auth/root.py +0 -56
moat/kv/backend/__init__.py +0 -66
moat/kv/backend/mqtt.py +0 -74
moat/kv/backend/serf.py +0 -44
moat/kv/command/__init__.py +0 -1
moat/kv/command/acl.py +0 -174
moat/kv/command/auth.py +0 -258
moat/kv/command/code.py +0 -306
moat/kv/command/codec.py +0 -190
moat/kv/command/data.py +0 -274
moat/kv/command/dump/__init__.py +0 -141
moat/kv/command/error.py +0 -156
moat/kv/command/internal.py +0 -257
moat/kv/command/job.py +0 -438
moat/kv/command/log.py +0 -52
moat/kv/command/server.py +0 -115
moat/kv/command/type.py +0 -203
moat/kv/mock/__init__.py +0 -97
moat/kv/mock/mqtt.py +0 -164
moat/kv/mock/serf.py +0 -253
moat/kv/mock/tracer.py +0 -65
moat/kv/obj/__init__.py +0 -636
moat/kv/obj/command.py +0 -246
moat_kv-0.70.22.dist-info/LICENSE +0 -3
moat_kv-0.70.22.dist-info/LICENSE.APACHE2 +0 -202
moat_kv-0.70.22.dist-info/LICENSE.MIT +0 -20
moat_kv-0.70.22.dist-info/RECORD +0 -49
{moat_kv-0.70.22.dist-info → moat_kv-0.70.23.dist-info}/top_level.txt +0 -0

moat/kv/auth/__init__.py DELETED Viewed

@@ -1,446 +0,0 @@
-# moat.kv.auth
-# template for authorization
-"""
-This set of modules authenticates users.
-A submodule is expected to export a "load(type:str, make:bool, server:bool)"
-method that returns a class.
-It must recognize, at minimum:
-* load("stream", server:bool):
-  A filter used for logging in a user.
-* load("user", server:bool, make:bool)
-  A class used to represent the user, or a way to create/manipulate a user record.
-The client process is:
-* create a user:
-  * Create a :class:`BaseUserMaker` by calling :meth:`BaseUserMaker.build`
-    with a record conforming to its schema.
-  * Export that and save it to the server, at (None,"auth","user",NAME).
-* modify a user:
-  * Call :class:`BaseUserMaker.import` with the value from the server.
-* Log in:
-  * Create a :class:`BaseUser` by calling :meth:`BaseUserMaker.build`
-    with a record conforming to its schema.
-  * Call :meth:`BaseUser.auth`.
-The server process is:
-* create a user:
-  * The server intercepts the write call and uses the data to call
-    :meth:`BaseServerAuthMaker.build`.
-  * It calls :meth:`BaseServerMaker.save` and stores the actual result.
-* modify a user:
-  * the server calls :meth:`BaseServerAuth.read` with the stored data,
-    then sends a record created with :meth:`BaseServerAuth.save` to the client.
-* verify a user:
-  * The server calls :meth:`BaseServerAuth.read` with the stored data.
-  * The server calls :meth:`BaseServerAuth.auth` with the record from the client.
-"""
-import io
-from importlib import import_module
-import jsonschema
-from moat.util import NotGiven, Path, attrdict, split_arg, yload
-from ..client import Client, NoData
-from ..exceptions import NoAuthModuleError
-from ..model import Entry
-from ..server import ServerClient, StreamCommand
-from ..types import ACLFinder, NullACL
-# Empty schema
-null_schema = {"type": "object", "additionalProperties": False}
-# Additional schema data for specific types
-add_schema = {
-    "user": {
-        "acl": {
-            "type": "object",
-            "additionalProperties": False,
-            "properties": {"key": {type: "string", "minLength": 1}},
-        },
-        "conv": {
-            "type": "object",
-            "additionalProperties": False,
-            "properties": {"key": {type: "string", "minLength": 1}},
-        },
-    }
-}
-def loader(method: str, typ: str, *a, **k):
-    m = method
-    if "." not in m:
-        m = "moat.kv.auth." + m
-    cls = import_module(m).load(typ, *a, **k)
-    cls._auth_method = method
-    cls._auth_typ = typ
-    cls.aux_schemas = add_schema.get(typ, null_schema)
-    return cls
-def gen_auth(s: str):
-    """
-    Generate auth data from parameters or YAML file (if first char is '=').
-    """
-    if not isinstance(s, str):
-        return s  # called twice. Oh well.
-    m, *p = s.split()
-    if len(p) == 0 and m[0] == "=":
-        with io.open(m[1:], "r", encoding="utf-8") as f:
-            kw = yload(f)
-            m = kw.pop("type")
-    else:
-        kw = {}
-        for pp in p:
-            split_arg(pp, kw)
-    try:
-        m = loader(m, "user", server=False)
-    except ModuleNotFoundError:
-        raise NoAuthModuleError(m) from None
-    return m.build(kw)
-def load(typ: str, *, make: bool = False, server: bool):
-    """
-    This procedure is used to load and return a user management class.
-    Arguments:
-        typ: the type of module to load.
-        make: flag that the caller wants a record-generating, not a
-              record-using class.
-        server: flag that the class is to be used on the server, not on the
-                client.
-    Types:
-        stream: the filter used for authorizing the user.
-        user: represents a user record.
-    """
-    raise NotImplementedError("You need to implement me")  # pragma: no cover
-async def null_server_login(stream):
-    return stream
-async def null_client_login(stream, user: "BaseClientAuth"):  # pylint: disable=unused-argument
-    return stream
-def _load_example(typ: str, make: bool, server: bool):  # pragma: no cover
-    """example code for :proc:`load`"""
-    if typ == "client":
-        if server:
-            return null_server_login
-        else:
-            return null_client_login
-    if typ != "user":
-        raise NotImplementedError("This module only handles users")
-    if server:
-        if make:
-            return BaseServerAuthMaker
-        else:
-            return BaseServerAuth
-    else:
-        if make:
-            return BaseClientAuthMaker
-        else:
-            return BaseClientAuth
-class _AuthLoaded:
-    # This class is mainly there to appease pylint
-    _auth_method = None
-class BaseClientAuth(_AuthLoaded):
-    """
-    This class is used for creating a data record which authenticates a user.
-    The schema verifies the input to :meth:`build`.
-    """
-    schema = null_schema
-    def __init__(self, **data):
-        jsonschema.validate(instance=data, schema=type(self).schema)
-        for k, v in data.items():
-            setattr(self, k, v)
-    @classmethod
-    def build(cls, user):
-        """
-        Create a user record from the data conforming to this schema.
-        """
-        return cls(**user)
-    @property
-    def ident(self):
-        """Some user identifier.
-        Required so that the server can actually find the record.
-        """
-        return "*"
-    async def auth(self, client: Client, chroot=()):
-        """
-        Authorizes this record with the server.
-        """
-        try:
-            await client._request(
-                action="auth",
-                typ=self._auth_method,
-                iter=False,
-                chroot=chroot,
-                ident=self.ident,
-                data=self.auth_data(),
-            )
-        except NoData:
-            pass
-    def auth_data(self):
-        """
-        Additional data for the initial auth message.
-        Does NOT include 'ident', that gets added explicitly by :meth:`auth`.
-        """
-        return {}
-class BaseClientAuthMaker(_AuthLoaded):
-    """
-    This class is used for creating a data record which describes a user record.
-    While :class:`BaseClientAuth` is used solely for authentication,
-    this class is used to represent the server's user data.
-    The schema verifies the input to :meth:`build`.
-    """
-    gen_schema = null_schema
-    mod_schema = null_schema
-    _chain = None
-    def __init__(self, _initial=True, **data):
-        if _initial:
-            jsonschema.validate(instance=data, schema=type(self).gen_schema)
-        else:
-            jsonschema.validate(instance=data, schema=type(self).mod_schema)
-        for k, v in data.items():
-            setattr(self, k, v)
-    @classmethod
-    def build(cls, user, _initial=True):
-        """
-        Create a user record from the data conforming to this schema.
-        """
-        return cls(**user, _initial=_initial)
-    def export(self):
-        """Return the data required to re-create the user via :meth:`build`."""
-        return {}  # pragma: no cover
-    @property
-    def ident(self):
-        """The identifier for this user.
-        Required so that the server can actually find the record.
-        """
-        return "*"  # pragma: no cover
-    @classmethod
-    async def recv(cls, client: Client, ident: str, _kind="user", _initial=True):
-        """Read this user from the server.
-        Sample code …
-        """
-        # pragma: no cover
-        res = await client._request(
-            "auth_get",
-            typ=cls._auth_method,
-            kind=_kind,
-            ident=ident,
-            nchain=0 if _initial else 2,
-        )
-        self = cls(_initial=_initial)
-        self._chain = res.chain
-        return self
-    async def send(self, client: Client, _kind="user"):
-        """Send this user to the server."""
-        try:
-            await client._request(
-                "auth_set",
-                iter=False,
-                typ=type(self)._auth_method,
-                kind=_kind,
-                ident=self.ident,
-                chain=self._chain,
-                data=self.send_data(),
-            )
-        except NoData:
-            pass
-    def send_data(self):
-        return {}
-class BaseServerAuth(_AuthLoaded):
-    """
-    This class is used on the server to represent / verify a user.
-    The schema verifies whatever data the associated ``ClientAuth`` initially sends.
-    """
-    schema = null_schema.copy()
-    schema["additionalProperties"] = True
-    is_super_root = False
-    can_create_subtree = False
-    can_auth_read = False
-    can_auth_write = False
-    def __init__(self, data: dict = {}):  # pylint: disable=dangerous-default-value
-        if data:
-            for k, v in data.items():
-                setattr(self, k, v)
-    @classmethod
-    def load(cls, data: Entry):
-        """Create a ServerAuth object from existing stored data"""
-        return cls(data.data)
-    async def auth(self, cmd: StreamCommand, data):  # pylint: disable=unused-argument
-        """Verify that @data authenticates this user."""
-        jsonschema.validate(instance=data.get("data", {}), schema=type(self).schema)
-    def aux_conv(self, data: Entry, root: Entry):
-        from ..types import ConvNull
-        try:
-            data = data["conv"].data["key"]
-            res, _ = root.follow_acl(
-                Path(None, "conv", data), create=False, nulls_ok=True
-            )
-            return res
-        except (KeyError, AttributeError):
-            return ConvNull
-    def aux_acl(self, data: Entry, root: Entry):
-        try:
-            data = data["acl"].data["key"]
-            if data == "*":
-                return NullACL
-            acl, _ = root.follow_acl(
-                Path(None, "acl", data), create=False, nulls_ok=True
-            )
-            return ACLFinder(acl)
-        except (KeyError, AttributeError):
-            return NullACL
-    def info(self):
-        """
-        Return whatever public data the user might want to have displayed.
-        This includes information to identify the user, but not anything
-        that'd be suitable for verifying or even faking authorization.
-        """
-        return {}
-    async def check_read(self, *path, client: ServerClient, data=None):  # pylint: disable=unused-argument
-        """Check that this user may read the element at this location.
-        This method may modify the data.
-        """
-        return data
-    async def check_write(self, *path, client: ServerClient, data=None):  # pylint: disable=unused-argument
-        """Check that this user may write the element at this location.
-        This method may modify the data.
-        """
-        return data
-class RootServerUser(BaseServerAuth):
-    """The default user when no auth is required
-    Interim record. TODO: create a separate ACL thing.
-    """
-    is_super_root = True
-    can_create_subtree = True
-    can_auth_read = True
-    can_auth_write = True
-class BaseServerAuthMaker(_AuthLoaded):
-    """
-    This class is used on the server to verify the transmitted user record
-    and to store it in MoaT-KV.
-    The schema verifies the data from the client.
-    """
-    schema = null_schema
-    aux_schemas = None  # set by the loader
-    def __init__(self, chain=None, data=None):
-        if data is not None and data is not NotGiven:
-            for k, v in data.items():
-                setattr(self, k, v)
-        self._chain = chain
-    @classmethod
-    def load(cls, data: Entry):
-        """Read the user data from MoaT-KV"""
-        return cls(chain=data.chain, data=data.data)
-    @classmethod
-    async def recv(
-        cls,
-        cmd: StreamCommand,
-        data: attrdict,  # pylint: disable=unused-argument
-    ) -> "BaseServerAuthMaker":
-        """Create/update a new user by reading the record from the client"""
-        dt = data.get("data", None) or {}
-        jsonschema.validate(instance=dt, schema=cls.schema)
-        self = cls(chain=data["chain"], data=dt)
-        return self
-    @property
-    def ident(self):
-        """The record to store this user under."""
-        return "*"
-    def save(self):
-        """Return a record to represent this user, suitable for saving to MoaT-KV"""
-        # does NOT contain "ident" or "chain"!
-        return {}
-    async def send(self, cmd: StreamCommand):  # pylint: disable=unused-argument
-        """Send a record to the client, possibly multi-step / secured / whatever"""
-        res = {}
-        res["chain"] = self._chain.serialize() if self._chain else None
-        return res

moat/kv/auth/_test.py DELETED Viewed

@@ -1,172 +0,0 @@
-#
-"""
-Test auth method.
-Does not limit anything, allows everything.
-"""
-import logging
-log = logging.getLogger(__name__)
-from ..client import Client
-from . import (
-    BaseClientAuth,
-    BaseClientAuthMaker,
-    BaseServerAuthMaker,
-    RootServerUser,
-    null_client_login,
-    null_server_login,
-)
-def load(typ: str, *, make: bool = False, server: bool):
-    if typ == "client":
-        if server:
-            return null_server_login
-        else:
-            return null_client_login
-    if typ != "user":
-        raise NotImplementedError("This module only handles users")
-    if server:
-        if make:
-            return ServerUserMaker
-        else:
-            return ServerUser
-    else:
-        if make:
-            return ClientUserMaker
-        else:
-            return ClientUser
-class ServerUserMaker(BaseServerAuthMaker):
-    name = None
-    @property
-    def ident(self):
-        return self.name
-    # Overly-complicated methods of exchanging the user name
-    @classmethod
-    async def recv(cls, cmd, data):
-        await cmd.send(step="GiveName")
-        msg = await cmd.recv()
-        assert msg.step == "HasName"
-        self = cls()
-        self.name = msg.name
-        return self
-    async def send(self, cmd):
-        await cmd.send(step="SendWant")
-        msg = await cmd.recv()
-        assert msg.step == "WantName"
-        await cmd.send(
-            step="SendName", name=self.name, chain=self._chain.serialize(nchain=3)
-        )
-        msg = await cmd.recv()
-    # Annoying methods to read+save the user name from/to KV
-    @classmethod
-    def load(cls, data):
-        self = super().load(data)
-        self.name = data.name
-        return self
-class ServerUser(RootServerUser):
-    pass
-class ClientUserMaker(BaseClientAuthMaker):
-    gen_schema = dict(
-        type="object",
-        additionalProperties=False,
-        properties=dict(
-            name=dict(type="string", minLength=1, pattern="^[a-zA-Z][a-zA-Z0-9_]*$")
-        ),
-        required=["name"],
-    )
-    mod_schema = dict(
-        type="object",
-        additionalProperties=False,
-        properties=dict(
-            name=dict(type="string", minLength=1, pattern="^[a-zA-Z][a-zA-Z0-9_]*$")
-        ),
-        # required=[],
-    )
-    name = None
-    @property
-    def ident(self):
-        return self.name
-    # Overly-complicated methods of exchanging the user name
-    @classmethod
-    async def recv(cls, client: Client, ident: str, _kind: str = "user", _initial=True):
-        """Read a record representing a user from the server."""
-        async with client._stream(
-            action="auth_get",
-            typ=cls._auth_method,
-            kind=_kind,
-            ident=ident,
-            stream=True,
-            nchain=0 if _initial else 2,
-        ) as s:
-            m = await s.recv()
-            assert m.step == "SendWant", m
-            await s.send(step="WantName")
-            m = await s.recv()
-            assert m.step == "SendName", m
-            assert m.name == ident
-            self = cls(name=m.name, _initial=_initial)
-            self._chain = m.chain
-            return self
-    async def send(self, client: Client, _kind="user"):
-        """Send a record representing this user to the server."""
-        async with client._stream(
-            action="auth_set",
-            typ=type(self)._auth_method,
-            kind=_kind,
-            ident=self.ident,
-            stream=True,
-        ) as s:
-            # we could initially send the ident but don't here, for testing
-            m = await s.recv()
-            assert m.step == "GiveName", m
-            await s.send(step="HasName", name=self.name, chain=self._chain)
-            m = await s.recv()
-            assert m.chain.prev is None
-    def export(self):
-        """Return the data required to re-create the user via :meth:`build`."""
-        return {"name": self.name}
-class ClientUser(BaseClientAuth):
-    name = None
-    schema = dict(
-        type="object",
-        additionalProperties=False,
-        properties=dict(
-            name=dict(type="string", minLength=1, pattern="^[a-zA-Z][a-zA-Z0-9_]*$")
-        ),
-        required=["name"],
-    )
-    _name = None
-    @property
-    def ident(self):
-        return self.name
-    @classmethod
-    def build(cls, user):
-        self = super().build(user)
-        self.name = user["name"]
-        return self

moat-kv 0.70.22__py3-none-any.whl → 0.70.23__py3-none-any.whl

moat-kv 0.70.22py3-none-any.whl → 0.70.23py3-none-any.whl