nlbone 0.4.0__py3-none-any.whl → 0.4.2__py3-none-any.whl

nlbone/adapters/auth/__init__.py

@@ -1 +1 @@
-from .keycloak import KeycloakAuthService
+from .keycloak import KeycloakAuthService

nlbone/adapters/auth/keycloak.py

@@ -1,7 +1,8 @@
 from keycloak import KeycloakOpenID
 from keycloak.exceptions import KeycloakAuthenticationError
+
+from nlbone.config.settings import Settings, get_settings, is_production_env
 from nlbone.core.ports.auth import AuthService
-from nlbone.config.settings import Settings, get_settings
 
 
 class KeycloakAuthService(AuthService):
@@ -13,8 +14,12 @@ class KeycloakAuthService(AuthService):
             realm_name=s.KEYCLOAK_REALM_NAME,
             client_secret_key=s.KEYCLOAK_CLIENT_SECRET.get_secret_value().strip(),
         )
+        self.bypass = not is_production_env()
 
     def has_access(self, token, permissions):
+        if self.bypass:
+            return True
+
         try:
             result = self.keycloak_openid.has_uma_access(token, permissions=permissions)
             return result.is_authorized

nlbone/adapters/db/__init__.py

@@ -1,3 +1,4 @@
-from .sqlalchemy.engine import init_async_engine, async_session, async_ping, init_sync_engine, sync_session, sync_ping
-from .sqlalchemy import get_paginated_response, apply_pagination
-from .sqlalchemy.base import Base
+from .postgres import apply_pagination, get_paginated_response
+from .postgres.base import Base
+from .postgres.engine import async_ping, async_session, init_async_engine, init_sync_engine, sync_ping, sync_session
+import nlbone.adapters.db.postgres.audit

nlbone/adapters/db/postgres/__init__.py

@@ -0,0 +1,4 @@
+from .engine import async_ping, async_session, init_async_engine, init_sync_engine, sync_ping, sync_session
+from .query_builder import apply_pagination, get_paginated_response
+from .repository import AsyncSqlAlchemyRepository, SqlAlchemyRepository
+from .uow import AsyncSqlAlchemyUnitOfWork, SqlAlchemyUnitOfWork

nlbone/adapters/db/postgres/audit.py

@@ -0,0 +1,148 @@
+import uuid
+from datetime import date, datetime
+from typing import Any
+from sqlalchemy import event, inspect as sa_inspect
+from sqlalchemy.orm import Session as SASession
+from enum import Enum as _Enum
+from decimal import Decimal
+
+from nlbone.core.domain.models import AuditLog
+from nlbone.utils.context import current_context_dict
+
+DEFAULT_EXCLUDE = {"updated_at", "created_at"}
+DEFAULT_ENABLED = False
+DEFAULT_OPS = {"INSERT", "UPDATE", "DELETE"}
+
+
+def _get_ops_for(obj) -> set[str]:
+    ops = getattr(obj, "__audit_ops__", None)
+    if ops is None:
+        return set(DEFAULT_OPS)
+    return {str(op).upper() for op in ops}
+
+
+def _is_audit_disabled(obj) -> bool:
+    if getattr(obj, "__audit_disable__", False):
+        return True
+    if hasattr(obj, "__audit_enable__") and not getattr(obj, "__audit_enable__"):
+        return True
+    return False
+
+
+def _is_op_enabled(obj, op: str) -> bool:
+    if _is_audit_disabled(obj):
+        return False
+    return op.upper() in _get_ops_for(obj)
+
+
+def _ser(val):
+    if isinstance(val, (date, datetime)):
+        return val.isoformat()
+    # UUID
+    if isinstance(val, uuid.UUID):
+        return str(val)
+    # Enum
+    if isinstance(val, _Enum):
+        return val.value
+    if isinstance(val, Decimal):
+        return str(val)
+    if isinstance(val, set):
+        return list(val)
+    return val
+
+
+def _entity_name(obj: Any) -> str:
+    return getattr(getattr(obj, "__table__", None), "name", None) or getattr(obj, "__tablename__",
+                                                                             None) or obj.__class__.__name__
+
+
+def _entity_id(obj: Any) -> str:
+    insp = sa_inspect(obj)
+    if insp.identity and len(insp.identity) == 1:
+        return _ser(insp.identity[0])
+    for pk in insp.mapper.primary_key:
+        v = getattr(obj, pk.key)
+        if v is not None:
+            return _ser(v)
+    return _ser(getattr(obj, "id", "?"))
+
+
+def _changes_for_update(obj: any) -> dict[str, dict[str, any]]:
+    changes = {}
+    insp = sa_inspect(obj)
+    exclude = set(getattr(obj, "__audit_exclude__", set())) | DEFAULT_EXCLUDE
+
+    for col in insp.mapper.column_attrs:
+        key = col.key
+        if key in exclude:
+            continue
+
+        try:
+            state = insp.attrs[key]
+        except KeyError:
+            continue
+
+        hist = state.history                 # History object
+        if hist.has_changes():
+            old = hist.deleted[0] if hist.deleted else None
+            new = hist.added[0] if hist.added else None
+            if old != new:
+                changes[key] = {"old": _ser(old), "new": _ser(new)}
+    return changes
+@event.listens_for(SASession, "before_flush")
+def before_flush(session: SASession, flush_context, instances):
+    entries = session.info.setdefault("_audit_entries", [])
+
+    # INSERT
+    for obj in session.new:
+        if isinstance(obj, AuditLog) or not _is_op_enabled(obj, "INSERT"):
+            continue
+        insp = sa_inspect(obj)
+        exclude = set(getattr(obj, "__audit_exclude__", set())) | DEFAULT_EXCLUDE
+        row = {}
+        for col_attr in insp.mapper.column_attrs:
+            key = col_attr.key
+            if key in exclude:
+                continue
+            row[key] = _ser(getattr(obj, key, None))
+        entries.append({
+            "obj": obj,
+            "op": "INSERT",
+            "changes": {k: {"old": None, "new": v} for k, v in row.items()}
+        })
+
+    # UPDATE
+    for obj in session.dirty:
+        if isinstance(obj, AuditLog) or not _is_op_enabled(obj, "UPDATE"):
+            continue
+        if session.is_modified(obj, include_collections=False):
+            ch = _changes_for_update(obj)
+            if ch:
+                entries.append({"obj": obj, "op": "UPDATE", "changes": ch})
+
+    # DELETE
+    for obj in session.deleted:
+        if isinstance(obj, AuditLog) or not _is_op_enabled(obj, "DELETE"):
+            continue
+        entries.append({"obj": obj, "op": "DELETE", "changes": None})
+
+
+@event.listens_for(SASession, "after_flush_postexec")
+def after_flush_postexec(session: SASession, flush_context):
+    entries = session.info.pop("_audit_entries", [])
+    if not entries:
+        return
+    ctx = current_context_dict()
+    for e in entries:
+        obj = e["obj"]
+        al = AuditLog(
+            entity=_entity_name(obj),
+            entity_id=str(_entity_id(obj)),
+            operation=e["op"],
+            changes=e.get("changes"),
+            actor_id=ctx.get("user_id"),
+            request_id=ctx.get("request_id"),
+            ip=ctx.get("ip"),
+            user_agent=ctx.get("user_agent"),
+        )
+        session.add(al)

nlbone/adapters/db/{sqlalchemy → postgres}/base.py

@@ -1,5 +1,3 @@
 from sqlalchemy.orm import declarative_base
 
 Base = declarative_base()
-
-

nlbone/adapters/db/{sqlalchemy → postgres}/engine.py

@@ -1,16 +1,15 @@
 from contextlib import asynccontextmanager, contextmanager
-from typing import Generator, Optional, Any, AsyncGenerator
+from typing import Any, AsyncGenerator, Generator, Optional
 
 from sqlalchemy import create_engine, text
 from sqlalchemy.engine import Engine
-from sqlalchemy.orm import Session, sessionmaker
-
 from sqlalchemy.ext.asyncio import (
     AsyncEngine,
     AsyncSession,
     async_sessionmaker,
     create_async_engine,
 )
+from sqlalchemy.orm import Session, sessionmaker
 
 from nlbone.config.settings import get_settings
 
@@ -117,12 +116,14 @@ def sync_ping() -> None:
     with eng.connect() as conn:
         conn.execute(text("SELECT 1"))
 
+
 def get_async_session_factory() -> async_sessionmaker[AsyncSession]:
     if _async_session_factory is None:
         init_async_engine()
     assert _async_session_factory is not None
     return _async_session_factory
 
+
 def get_sync_session_factory() -> sessionmaker[Session]:
     if _sync_session_factory is None:
         init_sync_engine()

nlbone/adapters/db/{sqlalchemy → postgres}/query_builder.py

@@ -1,12 +1,22 @@
-from typing import Union, Callable, Any, Optional, Type, Sequence
+from typing import Any, Callable, Optional, Sequence, Type, Union
 
 from sqlalchemy import asc, desc, or_
+from sqlalchemy.dialects.postgresql import ENUM as PGEnum
+from sqlalchemy.orm import Query, Session
 from sqlalchemy.orm.interfaces import LoaderOption
 from sqlalchemy.sql.sqltypes import (
-    String, Text, Integer, BigInteger, SmallInteger, Numeric, Float, Boolean, Enum as SAEnum
+    BigInteger,
+    Boolean,
+    Float,
+    Integer,
+    Numeric,
+    SmallInteger,
+    String,
+    Text,
+)
+from sqlalchemy.sql.sqltypes import (
+    Enum as SAEnum,
 )
-from sqlalchemy.orm import Session, Query
-from sqlalchemy.dialects.postgresql import ENUM as PGEnum
 
 from nlbone.interfaces.api.exceptions import UnprocessableEntityException
 from nlbone.interfaces.api.pagination import PaginateRequest, PaginateResponse
@@ -122,12 +132,16 @@ def _apply_filters(pagination, entity, query):
                 return float(v)
             # Booleans
             if isinstance(coltype, Boolean):
-                if isinstance(v, bool): return v
-                if isinstance(v, (int, float)): return bool(v)
+                if isinstance(v, bool):
+                    return v
+                if isinstance(v, (int, float)):
+                    return bool(v)
                 if isinstance(v, str):
                     vl = v.strip().lower()
-                    if vl in {"true", "1", "yes", "y", "t"}: return True
-                    if vl in {"false", "0", "no", "n", "f"}: return False
+                    if vl in {"true", "1", "yes", "y", "t"}:
+                        return True
+                    if vl in {"false", "0", "no", "n", "f"}:
+                        return False
                 return None
             # fallback
             return v
@@ -215,7 +229,8 @@ def _serialize_item(item: Any, output_cls: OutputType) -> Any:
     try:
         obj = output_cls(item)  # type: ignore[call-arg]
         try:
-            from dataclasses import is_dataclass, asdict
+            from dataclasses import asdict, is_dataclass
+
             if is_dataclass(obj):
                 return asdict(obj)
         except Exception:
@@ -252,5 +267,6 @@ def get_paginated_response(
         data = [output_cls.model_validate(r, from_attributes=True).model_dump() for r in rows]
     else:
         data = rows
-    return PaginateResponse(total_count=total_count, data=data, limit=pagination.limit,
-                            offset=pagination.offset).to_dict()
+    return PaginateResponse(
+        total_count=total_count, data=data, limit=pagination.limit, offset=pagination.offset
+    ).to_dict()

nlbone/adapters/db/{sqlalchemy → postgres}/repository.py

@@ -1,10 +1,12 @@
 from __future__ import annotations
-from typing import Generic, Iterable, Optional, Type, TypeVar, List
+
+from typing import Generic, Iterable, List, Optional, Type, TypeVar
 
 from sqlalchemy import select
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.orm import Session
-from nlbone.core.ports.repo import Repository, AsyncRepository
+
+from nlbone.core.ports.repo import AsyncRepository, Repository
 
 T = TypeVar("T")
 

nlbone/adapters/db/{sqlalchemy → postgres}/schema.py

@@ -1,18 +1,17 @@
-
 import importlib
 from typing import Sequence
 
-from nlbone.adapters.db.sqlalchemy.base import Base
-from nlbone.adapters.db.sqlalchemy.engine import init_async_engine, init_sync_engine
+from nlbone.adapters.db.postgres.base import Base
+from nlbone.adapters.db.postgres.engine import init_async_engine, init_sync_engine
 
+DEFAULT_MODEL_MODULES: Sequence[str] = ()
 
-DEFAULT_MODEL_MODULES: Sequence[str] = (
-)
 
 def import_model_modules(modules: Sequence[str] | None = None) -> None:
-    for m in (modules or DEFAULT_MODEL_MODULES):
+    for m in modules or DEFAULT_MODEL_MODULES:
         importlib.import_module(m)
 
+
 # --------- Async (SQLAlchemy 2.x) ----------
 async def init_db_async(model_modules: Sequence[str] | None = None) -> None:
     """Create tables using AsyncEngine (dev/test). Prefer Alembic in prod."""
@@ -21,9 +20,10 @@ async def init_db_async(model_modules: Sequence[str] | None = None) -> None:
     async with engine.begin() as conn:
         await conn.run_sync(Base.metadata.create_all)
 
+
 # --------- Sync ----------
 def init_db_sync(model_modules: Sequence[str] | None = None) -> None:
     """Create tables using Sync Engine (dev/test). Prefer Alembic in prod."""
     import_model_modules(model_modules)
     engine = init_sync_engine()
-    Base.metadata.create_all(bind=engine)
+    Base.metadata.create_all(bind=engine)

nlbone/adapters/db/{sqlalchemy → postgres}/uow.py

@@ -2,10 +2,11 @@ from __future__ import annotations
 
 from typing import Optional
 
-from sqlalchemy.ext.asyncio import async_sessionmaker, AsyncSession
+from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker
 from sqlalchemy.orm import Session, sessionmaker
-from nlbone.core.ports.uow import UnitOfWork
+
 from nlbone.core.ports.uow import AsyncUnitOfWork as AsyncUnitOfWorkPort
+from nlbone.core.ports.uow import UnitOfWork
 
 
 class SqlAlchemyUnitOfWork(UnitOfWork):

nlbone/adapters/db/redis/client.py

@@ -0,0 +1,22 @@
+import redis
+
+from nlbone.config.settings import get_settings
+
+
+class RedisClient:
+    _client: redis.Redis | None = None
+
+    @classmethod
+    def get_client(cls) -> redis.Redis:
+        if cls._client is None:
+            cls._client = redis.from_url(
+                get_settings().REDIS_URL,
+                decode_responses=True
+            )
+        return cls._client
+
+    @classmethod
+    def close(cls):
+        if cls._client is not None:
+            cls._client.close()
+            cls._client = None

nlbone/adapters/http_clients/uploadchi.py

@@ -1,4 +1,5 @@
 from __future__ import annotations
+
 import json
 from typing import Any, Optional
 from urllib.parse import urlparse, urlunparse
@@ -6,8 +7,8 @@ from urllib.parse import urlparse, urlunparse
 import httpx
 import requests
 
-from nlbone.core.ports.files import FileServicePort
 from nlbone.config.settings import get_settings
+from nlbone.core.ports.files import FileServicePort
 
 
 class UploadchiError(RuntimeError):
@@ -28,8 +29,9 @@ def _auth_headers(token: str | None) -> dict[str, str]:
     return {"Authorization": f"Bearer {token}"} if token else {}
 
 
-def _build_list_query(limit: int, offset: int, filters: dict[str, Any] | None, sort: list[tuple[str, str]] | None) -> \
-        dict[str, Any]:
+def _build_list_query(
+    limit: int, offset: int, filters: dict[str, Any] | None, sort: list[tuple[str, str]] | None
+) -> dict[str, Any]:
     q: dict[str, Any] = {"limit": limit, "offset": offset}
     if filters:
         q["filters"] = json.dumps(filters)
@@ -55,8 +57,12 @@ def _normalize_https_base(url: str) -> str:
 
 
 class UploadchiClient(FileServicePort):
-    def __init__(self, base_url: Optional[str] = None, timeout_seconds: Optional[float] = None,
-                 client: httpx.Client | None = None) -> None:
+    def __init__(
+        self,
+        base_url: Optional[str] = None,
+        timeout_seconds: Optional[float] = None,
+        client: httpx.Client | None = None,
+    ) -> None:
         s = get_settings()
         self._base_url = _normalize_https_base(base_url or str(s.UPLOADCHI_BASE_URL))
         self._timeout = timeout_seconds or float(s.HTTP_TIMEOUT_SECONDS)
@@ -65,8 +71,9 @@ class UploadchiClient(FileServicePort):
     def close(self) -> None:
         self._client.close()
 
-    def upload_file(self, file_bytes: bytes, filename: str, params: dict[str, Any] | None = None,
-                    token: str | None = None) -> dict:
+    def upload_file(
+        self, file_bytes: bytes, filename: str, params: dict[str, Any] | None = None, token: str | None = None
+    ) -> dict:
         tok = _resolve_token(token)
         files = {"file": (filename, file_bytes)}
         data = (params or {}).copy()
@@ -77,13 +84,22 @@ class UploadchiClient(FileServicePort):
 
     def commit_file(self, file_id: int, client_id: str, token: str | None = None) -> None:
         tok = _resolve_token(token)
-        r = self._client.post(f"{self._base_url}/{file_id}/commit", headers=_auth_headers(tok),
-                              params={"client_id": client_id} if client_id else None)
+        r = self._client.post(
+            f"{self._base_url}/{file_id}/commit",
+            headers=_auth_headers(tok),
+            params={"client_id": client_id} if client_id else None,
+        )
         if r.status_code not in (204, 200):
             raise UploadchiError(r.status_code, r.text)
 
-    def list_files(self, limit: int = 10, offset: int = 0, filters: dict[str, Any] | None = None,
-                   sort: list[tuple[str, str]] | None = None, token: str | None = None) -> dict:
+    def list_files(
+        self,
+        limit: int = 10,
+        offset: int = 0,
+        filters: dict[str, Any] | None = None,
+        sort: list[tuple[str, str]] | None = None,
+        token: str | None = None,
+    ) -> dict:
         tok = _resolve_token(token)
         q = _build_list_query(limit, offset, filters, sort)
         r = self._client.get(self._base_url, params=q, headers=_auth_headers(tok))

nlbone/adapters/http_clients/uploadchi_async.py

@@ -1,22 +1,35 @@
 from __future__ import annotations
-from typing import Any, Optional, AsyncIterator
+
+from typing import Any, AsyncIterator, Optional
+
 import httpx
 
-from nlbone.core.ports.files import AsyncFileServicePort
 from nlbone.config.settings import get_settings
+from nlbone.core.ports.files import AsyncFileServicePort
+
 from .uploadchi import UploadchiError, _auth_headers, _build_list_query, _filename_from_cd, _resolve_token
 
+
 class UploadchiAsyncClient(AsyncFileServicePort):
-    def __init__(self, base_url: Optional[str] = None, timeout_seconds: Optional[float] = None, client: httpx.AsyncClient | None = None) -> None:
+    def __init__(
+        self,
+        base_url: Optional[str] = None,
+        timeout_seconds: Optional[float] = None,
+        client: httpx.AsyncClient | None = None,
+    ) -> None:
         s = get_settings()
         self._base_url = base_url or str(s.UPLOADCHI_BASE_URL)
         self._timeout = timeout_seconds or float(s.HTTP_TIMEOUT_SECONDS)
-        self._client = client or httpx.AsyncClient(base_url=self._base_url, timeout=self._timeout, follow_redirects=True)
+        self._client = client or httpx.AsyncClient(
+            base_url=self._base_url, timeout=self._timeout, follow_redirects=True
+        )
 
     async def aclose(self) -> None:
         await self._client.aclose()
 
-    async def upload_file(self, file_bytes: bytes, filename: str, params: dict[str, Any] | None = None, token: str | None = None) -> dict:
+    async def upload_file(
+        self, file_bytes: bytes, filename: str, params: dict[str, Any] | None = None, token: str | None = None
+    ) -> dict:
         tok = _resolve_token(token)
         files = {"file": (filename, file_bytes)}
         data = (params or {}).copy()
@@ -27,11 +40,20 @@ class UploadchiAsyncClient(AsyncFileServicePort):
 
     async def commit_file(self, file_id: int, client_id: str, token: str | None = None) -> None:
         tok = _resolve_token(token)
-        r = await self._client.post(f"/{file_id}/commit", headers=_auth_headers(tok), params={"client_id": client_id} if client_id else None)
+        r = await self._client.post(
+            f"/{file_id}/commit", headers=_auth_headers(tok), params={"client_id": client_id} if client_id else None
+        )
         if r.status_code not in (204, 200):
             raise UploadchiError(r.status_code, await r.aread())
 
-    async def list_files(self, limit: int = 10, offset: int = 0, filters: dict[str, Any] | None = None, sort: list[tuple[str, str]] | None = None, token: str | None = None) -> dict:
+    async def list_files(
+        self,
+        limit: int = 10,
+        offset: int = 0,
+        filters: dict[str, Any] | None = None,
+        sort: list[tuple[str, str]] | None = None,
+        token: str | None = None,
+    ) -> dict:
         tok = _resolve_token(token)
         q = _build_list_query(limit, offset, filters, sort)
         r = await self._client.get("", params=q, headers=_auth_headers(tok))

nlbone/adapters/messaging/event_bus.py

@@ -1,9 +1,12 @@
 from __future__ import annotations
+
 from collections import defaultdict
 from typing import Callable, Dict, Iterable, List
+
 from nlbone.core.domain.base import DomainEvent
 from nlbone.core.ports.event_bus import EventBusPort
 
+
 class InMemoryEventBus(EventBusPort):
     def __init__(self) -> None:
         self._handlers: Dict[str, List[Callable[[DomainEvent], None]]] = defaultdict(list)

nlbone/adapters/percolation/__init__.py

@@ -0,0 +1 @@
+from .connection import get_es_client

nlbone/adapters/percolation/connection.py

@@ -0,0 +1,12 @@
+from elasticsearch import Elasticsearch
+
+from nlbone.config.settings import get_settings
+
+setting = get_settings()
+
+def get_es_client():
+    es = Elasticsearch(
+        setting.ELASTIC_PERCOLATE_URL,
+        basic_auth=(setting.ELASTIC_PERCOLATE_USER, setting.ELASTIC_PERCOLATE_PASS.get_secret_value().strip())
+    )
+    return es