opensees-cli 0.1.0a1__py3-none-any.whl

opensees_cli/__init__.py

@@ -0,0 +1,3 @@
+"""OpenSees CLI — run structural simulations in the cloud."""
+
+__version__ = "0.1.0a1"

opensees_cli/admin.py

@@ -0,0 +1,170 @@
+"""Admin CLI commands."""
+
+from typing import Optional
+
+import typer
+from rich.console import Console
+from rich.table import Table
+
+from opensees_cli import api
+from opensees_cli.auth import _to_local, print_quota
+
+console = Console()
+app = typer.Typer(
+    help="Admin operations (requires admin privileges).",
+)
+
+
+@app.callback(invoke_without_command=True)
+def _admin_callback(ctx: typer.Context) -> None:
+    api.require_login()
+    if ctx.invoked_subcommand is None:
+        typer.echo(ctx.get_help())
+        raise typer.Exit(0)
+
+
+@app.command("list-users")
+def list_users():
+    """List all registered users."""
+    try:
+        r = api.get("/admin/users")
+    except api.ApiError as e:
+        console.print(f"[red]{e.message}[/red]")
+        raise typer.Exit(1)
+
+    users = r.get("users", [])
+    if not users:
+        console.print("[dim]No users found.[/dim]")
+        return
+
+    table = Table(title=f"Users ({len(users)})")
+    table.add_column("Email", style="cyan")
+    table.add_column("Status")
+    table.add_column("Enabled")
+    table.add_column("Admin")
+    table.add_column("Last Login")
+    table.add_column("Last Activity")
+    table.add_column("CLI Version")
+
+    for u in users:
+        enabled = "[green]yes[/green]" if u.get("enabled") else "[red]no[/red]"
+        admin = "[yellow]yes[/yellow]" if u.get("is_admin") else "no"
+        table.add_row(
+            u.get("email", ""),
+            u.get("status", ""),
+            enabled,
+            admin,
+            u.get("last_login_at", "") or "-",
+            u.get("last_activity_at", "") or "-",
+            u.get("last_cli_version", "") or "-",
+        )
+    console.print(table)
+
+
+@app.command("disable-user")
+def disable_user(email: Optional[str] = typer.Option(None, "--email", "-e")):
+    """Disable a user account (prevents login)."""
+    if not email:
+        email = typer.prompt("Email to disable")
+    try:
+        r = api.post("/admin/disable-user", {"email": email})
+        console.print(f"[green]{r.get('message', 'User disabled.')}[/green]")
+    except api.ApiError as e:
+        console.print(f"[red]{e.message}[/red]")
+        raise typer.Exit(1)
+
+
+@app.command("enable-user")
+def enable_user(email: Optional[str] = typer.Option(None, "--email", "-e")):
+    """Re-enable a disabled user account."""
+    if not email:
+        email = typer.prompt("Email to enable")
+    try:
+        r = api.post("/admin/enable-user", {"email": email})
+        console.print(f"[green]{r.get('message', 'User enabled.')}[/green]")
+    except api.ApiError as e:
+        console.print(f"[red]{e.message}[/red]")
+        raise typer.Exit(1)
+
+
+@app.command("delete-user")
+def delete_user(email: Optional[str] = typer.Option(None, "--email", "-e")):
+    """Permanently delete a user account."""
+    if not email:
+        email = typer.prompt("Email to delete")
+
+    confirmed = typer.confirm(f"Permanently delete {email}? This cannot be undone")
+    if not confirmed:
+        console.print("[dim]Cancelled.[/dim]")
+        raise typer.Exit(0)
+
+    try:
+        r = api.post("/admin/delete-user", {"email": email})
+        console.print(f"[green]{r.get('message', 'User deleted.')}[/green]")
+    except api.ApiError as e:
+        console.print(f"[red]{e.message}[/red]")
+        raise typer.Exit(1)
+
+
+@app.command("user-info")
+def user_info(email: Optional[str] = typer.Option(None, "--email", "-e")):
+    """Show a user's account details and quota."""
+    if not email:
+        email = typer.prompt("Email")
+    try:
+        r = api.post("/admin/user-info", {"email": email})
+    except api.ApiError as e:
+        console.print(f"[red]{e.message}[/red]")
+        raise typer.Exit(1)
+
+    console.print(f"  Email:        [bold]{r.get('email', '')}[/bold]")
+    console.print(f"  Admin:        {'[yellow]yes[/yellow]' if r.get('is_admin') else 'no'}")
+    console.print(f"  Enabled:      {'[green]yes[/green]' if r.get('is_enabled') else '[red]no[/red]'}")
+    if r.get("created_at"):
+        console.print(f"  Member since: {_to_local(r['created_at'])}")
+    if r.get("last_login_at"):
+        console.print(f"  Last login:   {_to_local(r['last_login_at'])}")
+    if r.get("last_activity_at"):
+        console.print(f"  Last active:  {_to_local(r['last_activity_at'])}")
+    if r.get("last_cli_version"):
+        console.print(f"  CLI version:  {r['last_cli_version']}")
+    if r.get("last_ip"):
+        console.print(f"  Last IP:      {r['last_ip']}")
+
+    q = r.get("quota")
+    if q:
+        console.print()
+        print_quota(q)
+
+
+@app.command("set-quota")
+def set_quota(
+    email: Optional[str] = typer.Option(None, "--email", "-e"),
+    concurrent: Optional[int] = typer.Option(None, "--concurrent", "-c", help="Max concurrent tasks"),
+    tasks: Optional[int] = typer.Option(None, "--tasks", help="Max tasks per analysis"),
+    runtime: Optional[int] = typer.Option(None, "--runtime", "-r", help="Max monthly runtime in seconds"),
+    storage: Optional[int] = typer.Option(None, "--storage", "-s", help="Max monthly storage in bytes"),
+):
+    """Update a user's quota limits."""
+    if not email:
+        email = typer.prompt("Email")
+    if concurrent is None and tasks is None and runtime is None and storage is None:
+        console.print("Provide at least one of --concurrent, --tasks, --runtime, or --storage.")
+        raise typer.Exit(0)
+
+    body: dict = {"email": email}
+    if concurrent is not None:
+        body["max_concurrent_runs"] = concurrent
+    if tasks is not None:
+        body["max_tasks_per_analysis"] = tasks
+    if runtime is not None:
+        body["max_monthly_runtime"] = runtime
+    if storage is not None:
+        body["max_monthly_storage"] = storage
+
+    try:
+        r = api.post("/admin/set-quota", body)
+        console.print(f"[green]{r.get('message', 'Quota updated.')}[/green]")
+    except api.ApiError as e:
+        console.print(f"[red]{e.message}[/red]")
+        raise typer.Exit(1)

opensees_cli/api.py

@@ -0,0 +1,170 @@
+"""HTTP client for the OpenSees CLI REST API.
+
+Handles auth headers and automatic token refresh on 401.
+"""
+
+from typing import Any, Dict, Optional
+
+import httpx
+
+from opensees_cli import __version__
+from opensees_cli.config import (
+    get_access_token,
+    get_api_url,
+    get_refresh_token,
+    load_credentials,
+    save_credentials,
+)
+
+TIMEOUT = 30.0
+
+
+class ApiError(Exception):
+    def __init__(self, message: str, status: int = 0, code: Optional[str] = None):
+        self.message = message
+        self.status = status
+        self.code = code
+        super().__init__(message)
+
+
+def _not_logged_in() -> None:
+    """Print a login prompt and exit."""
+    from rich.console import Console
+    c = Console()
+    c.print("Not logged in. To get started:\n")
+    c.print("  [bold]ops auth signup[/bold]    Create a new account")
+    c.print("  [bold]ops auth login[/bold]     Log in to an existing account")
+    raise SystemExit(0)
+
+
+def require_login() -> None:
+    """Exit early if the user has no stored credentials."""
+    if not load_credentials() or not load_credentials().get("access_token"):
+        _not_logged_in()
+
+
+def require_no_login() -> None:
+    """Exit early if the user is already logged in."""
+    from rich.console import Console
+    creds = load_credentials()
+    if creds and creds.get("access_token"):
+        Console().print(
+            f"Already logged in as [bold]{creds.get('email', '')}[/bold]. "
+            "Run [bold]ops auth logout[/bold] first."
+        )
+        raise SystemExit(0)
+
+
+def _url(path: str) -> str:
+    return f"{get_api_url().rstrip('/')}{path}"
+
+
+def _headers(token: Optional[str] = None) -> Dict[str, str]:
+    h: Dict[str, str] = {"Content-Type": "application/json", "User-Agent": f"opensees-cli/{__version__}"}
+    if token is not None:
+        if token:
+            h["Authorization"] = f"Bearer {token}"
+        return h
+    creds = load_credentials() or {}
+    id_tok = creds.get("id_token")
+    access_tok = creds.get("access_token")
+    if id_tok:
+        h["Authorization"] = f"Bearer {id_tok}"
+    if access_tok:
+        h["X-Access-Token"] = access_tok
+    return h
+
+
+def _parse(resp: httpx.Response) -> Dict[str, Any]:
+    try:
+        data = resp.json()
+    except Exception:
+        if resp.status_code >= 400:
+            raise ApiError(f"HTTP {resp.status_code}", resp.status_code)
+        return {}
+    if resp.status_code >= 400:
+        raise ApiError(
+            data.get("error", f"HTTP {resp.status_code}"),
+            resp.status_code,
+            data.get("code"),
+        )
+    return data
+
+
+def _try_refresh() -> bool:
+    rt = get_refresh_token()
+    if not rt:
+        return False
+    try:
+        data = post("/auth/refresh", {"refresh_token": rt}, auth=False)
+        creds = load_credentials() or {}
+        save_credentials(
+            access_token=data["access_token"],
+            refresh_token=creds.get("refresh_token", rt),
+            id_token=data.get("id_token"),
+            email=creds.get("email"),
+            is_admin=creds.get("is_admin", False),
+        )
+        return True
+    except Exception:
+        return False
+
+
+def post(path: str, body: Dict[str, Any], auth: bool = True) -> Dict[str, Any]:
+    hdrs = _headers() if auth else _headers(token="")
+    resp = httpx.post(_url(path), json=body, headers=hdrs, timeout=TIMEOUT)
+    if resp.status_code == 401 and auth:
+        if _try_refresh():
+            resp = httpx.post(_url(path), json=body, headers=_headers(), timeout=TIMEOUT)
+        else:
+            _not_logged_in()
+    return _parse(resp)
+
+
+def get(path: str, params: Optional[Dict[str, Any]] = None) -> Dict[str, Any]:
+    resp = httpx.get(_url(path), params=params, headers=_headers(), timeout=TIMEOUT)
+    if resp.status_code == 401:
+        if _try_refresh():
+            resp = httpx.get(_url(path), params=params, headers=_headers(), timeout=TIMEOUT)
+        else:
+            _not_logged_in()
+    return _parse(resp)
+
+
+def upload_file(presigned_url: str, file_bytes: bytes, content_type: str = "text/x-python") -> None:
+    """Upload raw bytes to a remote URL."""
+    resp = httpx.put(
+        presigned_url,
+        content=file_bytes,
+        headers={"Content-Type": content_type},
+        timeout=60.0,
+        follow_redirects=True,
+    )
+    if not (200 <= resp.status_code < 300):
+        raise ApiError(f"Upload failed (HTTP {resp.status_code})", resp.status_code)
+
+
+def fetch_s3_range(presigned_url: str, start_byte: int = 0) -> tuple[bytes, bool]:
+    """GET bytes from a presigned S3 URL using Range header.
+
+    Returns (data, is_complete):
+      - data: bytes from start_byte onward (empty if object doesn't exist yet)
+      - is_complete: False if the object doesn't exist (404) or range is unsatisfiable
+    """
+    headers = {}
+    if start_byte > 0:
+        headers["Range"] = f"bytes={start_byte}-"
+    try:
+        resp = httpx.get(presigned_url, headers=headers, timeout=10.0)
+    except httpx.TimeoutException:
+        return b"", False
+    except httpx.RequestError:
+        return b"", False
+    if resp.status_code == 404 or resp.status_code == 403:
+        return b"", False
+    if resp.status_code == 416:
+        # Range not satisfiable — no new data since last read
+        return b"", True
+    if resp.status_code in (200, 206):
+        return resp.content, True
+    return b"", False