opa-python-client 2.0.1__tar.gz → 2.0.3__tar.gz

{opa_python_client-2.0.1 → opa_python_client-2.0.3}/PKG-INFO

@@ -1,8 +1,7 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.3
 Name: opa-python-client
-Version: 2.0.1
+Version: 2.0.3
 Summary: Client for connection to the OPA service
-Home-page: https://github.com/Turall/OPA-python-client
 License: MIT
 Author: Tural Muradov
 Author-email: tural.muradoov@gmail.com
@@ -21,6 +20,8 @@ Classifier: Programming Language :: Python :: 3 :: Only
 Requires-Dist: aiofiles (>=24.1.0,<25.0.0)
 Requires-Dist: aiohttp[speedups] (>=3.10.9,<4.0.0)
 Requires-Dist: requests (>=2.32.3,<3.0.0)
+Requires-Dist: urllib3 (>=2.5.0,<3.0.0)
+Project-URL: Homepage, https://github.com/Turall/OPA-python-client
 Project-URL: Repository, https://github.com/Turall/OPA-python-client
 Description-Content-Type: text/markdown
 
@@ -380,31 +381,7 @@ await client.delete_data('users')
 
 #### Check Permission (Policy Evaluation)
 
-You can evaluate policies with input data using `check_permission`.
-
-- **Synchronous**:
-
-```python
-input_data = {"user": "admin"}
-policy_name = 'example_policy'
-rule_name = 'allow'
-
-result = client.check_permission(input_data, policy_name, rule_name)
-print(result)
-```
-
-- **Asynchronous**:
-
-```python
-input_data = {"user": "admin"}
-policy_name = 'example_policy'
-rule_name = 'allow'
-
-result = await client.check_permission(input_data, policy_name, rule_name)
-print(result)
-```
-
-Queries a package rule with the given input data
+Evaluate a rule from a known package path. This is the **recommended method** for evaluating OPA decisions.
 
 ```python
 
@@ -448,6 +425,39 @@ print(await client.query_rule(input_data=check_data, package_path="play", rule_n
 
 ```
 
+You can evaluate policies with input data using `check_permission`.
+### ⚠️ Deprecated: `check_permission()`
+
+This method introspects the policy AST to construct a query path dynamically. It introduces unnecessary overhead and is **not recommended** for production use.
+
+- **Synchronous**:
+
+```python
+input_data = {"user": "admin"}
+policy_name = 'example_policy'
+rule_name = 'allow'
+
+result = client.check_permission(input_data, policy_name, rule_name)
+print(result)
+```
+> 🔥 Prefer `query_rule()` instead for better performance and maintainability.
+
+### ⚠️ Deprecated: `check_permission()`
+
+- **Asynchronous**:
+
+```python
+input_data = {"user": "admin"}
+policy_name = 'example_policy'
+rule_name = 'allow'
+
+result = await client.check_permission(input_data, policy_name, rule_name)
+print(result)
+```
+> 🔥 Prefer `query_rule()` instead for better performance and maintainability.
+
+
+
 ### Ad-hoc Queries
 
 Execute ad-hoc queries directly:

{opa_python_client-2.0.1 → opa_python_client-2.0.3}/README.md

@@ -354,31 +354,7 @@ await client.delete_data('users')
 
 #### Check Permission (Policy Evaluation)
 
-You can evaluate policies with input data using `check_permission`.
-
-- **Synchronous**:
-
-```python
-input_data = {"user": "admin"}
-policy_name = 'example_policy'
-rule_name = 'allow'
-
-result = client.check_permission(input_data, policy_name, rule_name)
-print(result)
-```
-
-- **Asynchronous**:
-
-```python
-input_data = {"user": "admin"}
-policy_name = 'example_policy'
-rule_name = 'allow'
-
-result = await client.check_permission(input_data, policy_name, rule_name)
-print(result)
-```
-
-Queries a package rule with the given input data
+Evaluate a rule from a known package path. This is the **recommended method** for evaluating OPA decisions.
 
 ```python
 
@@ -422,6 +398,39 @@ print(await client.query_rule(input_data=check_data, package_path="play", rule_n
 
 ```
 
+You can evaluate policies with input data using `check_permission`.
+### ⚠️ Deprecated: `check_permission()`
+
+This method introspects the policy AST to construct a query path dynamically. It introduces unnecessary overhead and is **not recommended** for production use.
+
+- **Synchronous**:
+
+```python
+input_data = {"user": "admin"}
+policy_name = 'example_policy'
+rule_name = 'allow'
+
+result = client.check_permission(input_data, policy_name, rule_name)
+print(result)
+```
+> 🔥 Prefer `query_rule()` instead for better performance and maintainability.
+
+### ⚠️ Deprecated: `check_permission()`
+
+- **Asynchronous**:
+
+```python
+input_data = {"user": "admin"}
+policy_name = 'example_policy'
+rule_name = 'allow'
+
+result = await client.check_permission(input_data, policy_name, rule_name)
+print(result)
+```
+> 🔥 Prefer `query_rule()` instead for better performance and maintainability.
+
+
+
 ### Ad-hoc Queries
 
 Execute ad-hoc queries directly:

{opa_python_client-2.0.1 → opa_python_client-2.0.3}/opa_client/__init__.py

@@ -11,7 +11,7 @@ def create_opa_client(async_mode=False, *args, **kwargs):
 		return OpaClient(*args, **kwargs)
 
 
-__version__ = "2.0.1"
+__version__ = "2.0.3"
 __author__ = "Tural Muradov"
 __license__ = "MIT"
 

{opa_python_client-2.0.1 → opa_python_client-2.0.3}/opa_client/base.py

@@ -23,6 +23,7 @@ class BaseClient:
 		ssl: bool = False,
 		cert: Optional[Union[str, tuple]] = None,
 		headers: Optional[dict] = None,
+		retries: int = 2,
 		timeout: float = 1.5,
 	):
 		if not isinstance(port, int):
@@ -34,6 +35,7 @@ class BaseClient:
 		self.ssl = ssl
 		self.cert = cert
 		self.timeout = timeout
+		self.retries = retries
 
 		self.schema = "https://" if ssl else "http://"
 		self.root_url = f"{self.schema}{self.host}:{self.port}/{self.version}"
@@ -41,8 +43,6 @@ class BaseClient:
 		self.headers = headers
 
 		self._session = None  # Will be initialized in the subclass
-		self.retries = 2
-		self.timeout = 1.5
 
 	def _build_url(
 		self, path: str, query_params: Dict[str, str] = None

{opa_python_client-2.0.1 → opa_python_client-2.0.3}/opa_client/opa.py

@@ -1,6 +1,6 @@
-import json
 import os
 import threading
+import warnings
 from typing import Dict, Optional
 from urllib.parse import urlencode
 
@@ -62,7 +62,9 @@ class OpaClient(BaseClient):
 		session.mount("https://", adapter)
 
 		if self.ssl:
-			session.verify = self.cert
+			session.verify = self.ssl
+		if self.cert:
+			session.cert = self.cert
 
 		return session
 
@@ -202,7 +204,9 @@ class OpaClient(BaseClient):
 		    bool: True if the policy was successfully updated.
 		"""
 		if not os.path.isfile(filepath):
-			raise FileError(f"'{filepath}' is not a valid file")
+			raise FileError(
+				"file_not_found", f"'{filepath}' is not a valid file"
+			)
 
 		with open(filepath, "r", encoding="utf-8") as file:
 			policy_str = file.read()
@@ -300,7 +304,9 @@ class OpaClient(BaseClient):
 		policy_raw = policy.get("result", {}).get("raw", "")
 
 		if not policy_raw:
-			raise PolicyNotFoundError("Policy content is empty")
+			raise PolicyNotFoundError(
+				"resource_not_found", "Policy content is empty"
+			)
 
 		full_path = os.path.join(path or "", filename)
 
@@ -309,7 +315,9 @@ class OpaClient(BaseClient):
 				file.write(policy_raw)
 			return True
 		except OSError as e:
-			raise PathNotFoundError(f"Failed to write to '{full_path}'") from e
+			raise PathNotFoundError(
+				"path_not_found", f"Failed to write to '{full_path}'"
+			) from e
 
 	def get_policy(self, policy_name: str) -> dict:
 		"""
@@ -384,6 +392,11 @@ class OpaClient(BaseClient):
 		Returns:
 		    dict: The result of the permission check.
 		"""
+		warnings.warn(
+			"check_permission is deprecated and will be removed in a future release. Use `query_rule` instead.",
+			DeprecationWarning,
+			stacklevel=2
+    	)
 		policy = self.get_policy(policy_name)
 		ast = policy.get("result", {}).get("ast", {})
 		package_path = "/".join(
@@ -395,7 +408,8 @@ class OpaClient(BaseClient):
 
 		if rule_name not in rules:
 			raise CheckPermissionError(
-				f"Rule '{rule_name}' not found in policy '{policy_name}'"
+				"resource_not_found",
+				f"Rule '{rule_name}' not found in policy '{policy_name}'",
 			)
 
 		url = f"{self.root_url}/{package_path}/{rule_name}"

{opa_python_client-2.0.1 → opa_python_client-2.0.3}/opa_client/opa_async.py

@@ -1,5 +1,5 @@
 import asyncio
-import json
+import warnings
 import os
 import ssl
 from typing import Dict, Optional, Union
@@ -50,9 +50,6 @@ class AsyncOpaClient:
 		headers: Optional[dict] = None,
 		timeout: float = 1.5,
 	):
-		if not isinstance(port, int):
-			raise TypeError("The port must be an integer")
-
 		self.host = host.strip()
 		self.port = port
 		self.version = version
@@ -221,9 +218,8 @@ class AsyncOpaClient:
 		) as response:
 			if response.status == 200:
 				return True
-			else:
-				error = await response.json()
-				raise RegoParseError(error.get("code"), error.get("message"))
+			error = await response.json()
+			raise RegoParseError(error.get("code"), error.get("message"))
 
 	async def update_policy_from_file(
 		self, filepath: str, endpoint: str
@@ -426,6 +422,11 @@ class AsyncOpaClient:
 		Returns:
 		    dict: The result of the permission check.
 		"""
+		warnings.warn(
+					"check_permission is deprecated and will be removed in a future release. Use `query_rule` instead.",
+					DeprecationWarning,
+					stacklevel=2
+				)
 		policy = await self.get_policy(policy_name)
 		ast = policy.get("result", {}).get("ast", {})
 		package_path = "/".join(

{opa_python_client-2.0.1 → opa_python_client-2.0.3}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "opa-python-client"
-version = "2.0.1"
+version = "2.0.3"
 description = "Client for connection to the OPA service"
 authors = ["Tural Muradov <tural.muradoov@gmail.com>"]
 license = "MIT"
@@ -25,6 +25,7 @@ python = "^3.9"
 requests = "^2.32.3"
 aiohttp = {extras = ["speedups"], version = "^3.10.9"}
 aiofiles = "^24.1.0"
+urllib3 = "^2.5.0"
 
 [tool.poetry.group.dev.dependencies]
 pytest = "^8.3.3"