pangea-sdk 6.0.0__py3-none-any.whl → 6.1.0__py3-none-any.whl

pangea/__init__.py

@@ -1,4 +1,4 @@
-__version__ = "6.0.0"
+__version__ = "6.1.0"
 
 from pangea.asyncio.request import PangeaRequestAsync
 from pangea.config import PangeaConfig

pangea/asyncio/services/authn.py

@@ -2,14 +2,17 @@
 # Author: Pangea Cyber Corporation
 from __future__ import annotations
 
-from typing import Dict, List, Optional, Union
+from typing import Dict, List, Literal, Optional, Union
 
 import pangea.services.authn.models as m
 from pangea.asyncio.services.base import ServiceBaseAsync
 from pangea.config import PangeaConfig
 from pangea.response import PangeaResponse, PangeaResponseResult
 
-SERVICE_NAME = "authn"
+__all__ = ["AuthNAsync"]
+
+
+_SERVICE_NAME = "authn"
 
 
 class AuthNAsync(ServiceBaseAsync):
@@ -35,7 +38,7 @@ class AuthNAsync(ServiceBaseAsync):
         authn = AuthNAsync(token=PANGEA_TOKEN, config=authn_config)
     """
 
-    service_name = SERVICE_NAME
+    service_name = _SERVICE_NAME
 
     def __init__(
         self,
@@ -65,7 +68,7 @@ class AuthNAsync(ServiceBaseAsync):
         self.agreements = AuthNAsync.AgreementsAsync(token, config, logger_name=logger_name)
 
     class SessionAsync(ServiceBaseAsync):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -162,7 +165,7 @@ class AuthNAsync(ServiceBaseAsync):
             )
 
     class ClientAsync(ServiceBaseAsync):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -222,7 +225,7 @@ class AuthNAsync(ServiceBaseAsync):
             return await self.request.post("v2/client/jwks", m.ClientJWKSResult, {})
 
         class SessionAsync(ServiceBaseAsync):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -359,7 +362,7 @@ class AuthNAsync(ServiceBaseAsync):
                 )
 
         class PasswordAsync(ServiceBaseAsync):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -419,7 +422,7 @@ class AuthNAsync(ServiceBaseAsync):
                 return await self.request.post("v2/user/password/expire", PangeaResponseResult, {"id": user_id})
 
         class TokenAsync(ServiceBaseAsync):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -456,7 +459,7 @@ class AuthNAsync(ServiceBaseAsync):
                 )
 
     class UserAsync(ServiceBaseAsync):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -667,7 +670,7 @@ class AuthNAsync(ServiceBaseAsync):
             return await self.request.post("v2/user/list", m.UserListResult, data=input.model_dump(exclude_none=True))
 
         class InvitesAsync(ServiceBaseAsync):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -739,7 +742,7 @@ class AuthNAsync(ServiceBaseAsync):
                 )
 
         class AuthenticatorsAsync(ServiceBaseAsync):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -821,7 +824,7 @@ class AuthNAsync(ServiceBaseAsync):
                 )
 
         class ProfileAsync(ServiceBaseAsync):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -905,8 +908,57 @@ class AuthNAsync(ServiceBaseAsync):
                     "v2/user/profile/update", m.UserProfileUpdateResult, data=input.model_dump(exclude_none=True)
                 )
 
+        class GroupAsync(ServiceBaseAsync):
+            service_name = _SERVICE_NAME
+
+            def __init__(
+                self,
+                token: str,
+                config: PangeaConfig | None = None,
+                logger_name: str = "pangea",
+            ) -> None:
+                super().__init__(token, config, logger_name=logger_name)
+
+            async def assign(self, user_id: str, group_ids: list[str]) -> PangeaResponse[PangeaResponseResult]:
+                """
+                Assign groups to a user
+
+                Add a list of groups to a specified user
+
+                OperationId: authn_post_v2_user_group_assign
+                """
+                return await self.request.post(
+                    "v2/user/group/assign",
+                    data={"id": user_id, "group_ids": group_ids},
+                    result_class=m.PangeaResponseResult,
+                )
+
+            async def remove(self, user_id: str, group_id: str) -> PangeaResponse[PangeaResponseResult]:
+                """
+                Remove a group assigned to a user
+
+                Remove a group assigned to a user
+
+                OperationId: authn_post_v2_user_group_remove
+                """
+                return await self.request.post(
+                    "v2/user/group/remove",
+                    data={"id": user_id, "group_id": group_id},
+                    result_class=m.PangeaResponseResult,
+                )
+
+            async def list(self, user_id: str) -> PangeaResponse[m.GroupList]:
+                """
+                List of groups assigned to a user
+
+                Return a list of ids for groups assigned to a user
+
+                OperationId: authn_post_v2_user_group_list
+                """
+                return await self.request.post("v2/user/group/list", data={"id": user_id}, result_class=m.GroupList)
+
     class FlowAsync(ServiceBaseAsync):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -1052,7 +1104,7 @@ class AuthNAsync(ServiceBaseAsync):
             )
 
     class AgreementsAsync(ServiceBaseAsync):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -1201,3 +1253,108 @@ class AuthNAsync(ServiceBaseAsync):
             return await self.request.post(
                 "v2/agreements/update", m.AgreementUpdateResult, data=input.model_dump(exclude_none=True)
             )
+
+    class GroupAsync(ServiceBaseAsync):
+        service_name = _SERVICE_NAME
+
+        def __init__(
+            self,
+            token: str,
+            config: PangeaConfig | None = None,
+            logger_name: str = "pangea",
+        ) -> None:
+            super().__init__(token, config, logger_name=logger_name)
+
+        async def create(
+            self, name: str, type: str, *, description: str | None = None, attributes: dict[str, str] | None = None
+        ) -> PangeaResponse[m.GroupInfo]:
+            """
+            Create a new group
+
+            Create a new group
+
+            OperationId: authn_post_v2_group_create
+            """
+            return await self.request.post(
+                "v2/group/create",
+                data={"name": name, "type": type, "description": description, "attributes": attributes},
+                result_class=m.GroupInfo,
+            )
+
+        async def delete(self, id: str) -> PangeaResponse[PangeaResponseResult]:
+            """
+            Delete a group
+
+            Delete a group
+
+            OperationId: authn_post_v2_group_delete
+            """
+            return await self.request.post("v2/group/delete", data={"id": id}, result_class=PangeaResponseResult)
+
+        async def get(self, id: str) -> PangeaResponse[m.GroupInfo]:
+            """
+            Get group information
+
+            Look up a group by ID and return its information.
+
+            OperationId: authn_post_v2_group_get
+            """
+            return await self.request.post("v2/group/get", data={"id": id}, result_class=m.GroupInfo)
+
+        async def list(
+            self,
+            *,
+            filter: m.GroupsFilter | None = None,
+            last: str | None = None,
+            order: Literal["asc", "desc"] | None = None,
+            order_by: Literal["id", "created_at", "updated_at", "name", "type"] | None = None,
+            size: int | None = None,
+        ) -> PangeaResponse[m.GroupList]:
+            """
+            List groups
+
+            Look up groups by name, type, or attributes.
+            """
+            return await self.request.post(
+                "v2/group/list",
+                data={"filter": filter, "last": last, "order": order, "order_by": order_by, "size": size},
+                result_class=m.GroupList,
+            )
+
+        async def list_users(
+            self, id: str, *, last: str | None = None, size: int | None = None
+        ) -> PangeaResponse[m.GroupUserList]:
+            """
+            List of users assigned to a group
+
+            Return a list of ids for users assigned to a group
+
+            OperationId: authn_post_v2_group_user_list
+            """
+            return await self.request.post(
+                "v2/group/user/list",
+                data={"id": id, "last": last, "size": size},
+                result_class=m.GroupUserList,
+            )
+
+        async def update(
+            self,
+            id: str,
+            *,
+            name: str | None = None,
+            description: str | None = None,
+            type: str | None = None,
+            attributes: dict[str, str] | None = None,
+        ) -> PangeaResponse[m.GroupInfo]:
+            """
+            Update group information
+
+            Update group information
+
+            OperationId: authn_post_v2_group_update
+            """
+            return await self.request.post(
+                "v2/group/update",
+                data={"id": id, "name": name, "description": description, "type": type, "attributes": attributes},
+                result_class=m.GroupInfo,
+            )

pangea/asyncio/services/authz.py

@@ -3,7 +3,7 @@
 
 from __future__ import annotations
 
-from typing import Any, Dict, List, Optional
+from typing import Any
 
 from pangea.asyncio.services.base import ServiceBaseAsync
 from pangea.config import PangeaConfig
@@ -73,14 +73,14 @@ class AuthZAsync(ServiceBaseAsync):
 
         super().__init__(token, config, logger_name, config_id=config_id)
 
-    async def tuple_create(self, tuples: List[Tuple]) -> PangeaResponse[TupleCreateResult]:
+    async def tuple_create(self, tuples: list[Tuple]) -> PangeaResponse[TupleCreateResult]:
         """Create tuples.
 
         Create tuples in the AuthZ Service. The request will fail if there is no schema
         or the tuples do not validate against the schema.
 
         Args:
-            tuples (List[Tuple]): List of tuples to be created.
+            tuples: Tuples to be created.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -110,10 +110,10 @@ class AuthZAsync(ServiceBaseAsync):
     async def tuple_list(
         self,
         filter: TupleListFilter,
-        size: Optional[int] = None,
-        last: Optional[str] = None,
-        order: Optional[ItemOrder] = None,
-        order_by: Optional[TupleOrderBy] = None,
+        size: int | None = None,
+        last: str | None = None,
+        order: ItemOrder | None = None,
+        order_by: TupleOrderBy | None = None,
     ) -> PangeaResponse[TupleListResult]:
         """List tuples.
 
@@ -122,11 +122,11 @@ class AuthZAsync(ServiceBaseAsync):
         is empty it will return all the tuples.
 
         Args:
-            filter (TupleListFilter): The filter for listing tuples.
-            size (Optional[int]): The size of the result set. Default is None.
-            last (Optional[str]): The last token from a previous response. Default is None.
-            order (Optional[ItemOrder]): Order results asc(ending) or desc(ending).
-            order_by (Optional[TupleOrderBy]): Which field to order results by.
+            filter: The filter for listing tuples.
+            size: The size of the result set. Default is None.
+            last: The last token from a previous response. Default is None.
+            order: Order results asc(ending) or desc(ending).
+            order_by: Which field to order results by.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -144,13 +144,13 @@ class AuthZAsync(ServiceBaseAsync):
         )
         return await self.request.post("v1/tuple/list", TupleListResult, data=input_data.model_dump(exclude_none=True))
 
-    async def tuple_delete(self, tuples: List[Tuple]) -> PangeaResponse[TupleDeleteResult]:
+    async def tuple_delete(self, tuples: list[Tuple]) -> PangeaResponse[TupleDeleteResult]:
         """Delete tuples.
 
         Delete tuples in the AuthZ Service.
 
         Args:
-            tuples (List[Tuple]): List of tuples to be deleted.
+            tuples: Tuples to be deleted.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -182,8 +182,8 @@ class AuthZAsync(ServiceBaseAsync):
         resource: Resource,
         action: str,
         subject: Subject,
-        debug: Optional[bool] = None,
-        attributes: Optional[Dict[str, Any]] = None,
+        debug: bool | None = None,
+        attributes: dict[str, Any] | None = None,
     ) -> PangeaResponse[CheckResult]:
         """Perform a check request.
 
@@ -192,9 +192,9 @@ class AuthZAsync(ServiceBaseAsync):
         Args:
             resource (Resource): The resource to check.
             action (str): The action to check.
-            subject (Subject): The subject to check.
-            debug (Optional[bool]): Setting this value to True will provide a detailed analysis of the check.
-            attributes (Optional[Dict[str, Any]]): Additional attributes for the check.
+            subject: The subject to check.
+            debug: Setting this value to True will provide a detailed analysis of the check.
+            attributes: Additional attributes for the check.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -217,7 +217,7 @@ class AuthZAsync(ServiceBaseAsync):
         return await self.request.post("v1/check", CheckResult, data=input_data.model_dump(exclude_none=True))
 
     async def list_resources(
-        self, type: str, action: str, subject: Subject, attributes: Optional[Dict[str, Any]] = None
+        self, type: str, action: str, subject: Subject, attributes: dict[str, Any] | None = None
     ) -> PangeaResponse[ListResourcesResult]:
         """List resources.
 
@@ -225,10 +225,10 @@ class AuthZAsync(ServiceBaseAsync):
         type that the subject has access to the action with.
 
         Args:
-            type (str): The type to filter resources.
-            action (str): The action to filter resources.
-            subject (Subject): The subject to filter resources.
-            attributes (Optional[Dict[str, Any]]): A JSON object of attribute data.
+            type: The type to filter resources.
+            action: The action to filter resources.
+            subject: The subject to filter resources.
+            attributes: A JSON object of attribute data.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -252,7 +252,7 @@ class AuthZAsync(ServiceBaseAsync):
         )
 
     async def list_subjects(
-        self, resource: Resource, action: str, attributes: Optional[Dict[str, Any]] = None
+        self, resource: Resource, action: str, attributes: dict[str, Any] | None = None
     ) -> PangeaResponse[ListSubjectsResult]:
         """List subjects.
 
@@ -260,9 +260,9 @@ class AuthZAsync(ServiceBaseAsync):
         access to the action for the given resource.
 
         Args:
-            resource (Resource): The resource to filter subjects.
-            action (str): The action to filter subjects.
-            attributes (Optional[Dict[str, Any]]): A JSON object of attribute data.
+            resource: The resource to filter subjects.
+            action: The action to filter subjects.
+            attributes: A JSON object of attribute data.
 
         Raises:
             PangeaAPIException: If an API Error happens.

pangea/services/authn/authn.py

@@ -2,14 +2,17 @@
 # Author: Pangea Cyber Corporation
 from __future__ import annotations
 
-from typing import Dict, List, Optional, Union
+from typing import Dict, List, Literal, Optional, Union
 
 import pangea.services.authn.models as m
 from pangea.config import PangeaConfig
 from pangea.response import PangeaResponse, PangeaResponseResult
 from pangea.services.base import ServiceBase
 
-SERVICE_NAME = "authn"
+__all__ = ["AuthN"]
+
+
+_SERVICE_NAME = "authn"
 
 
 class AuthN(ServiceBase):
@@ -35,7 +38,7 @@ class AuthN(ServiceBase):
         authn = AuthN(token=PANGEA_TOKEN, config=authn_config)
     """
 
-    service_name = SERVICE_NAME
+    service_name = _SERVICE_NAME
 
     def __init__(
         self,
@@ -63,9 +66,10 @@ class AuthN(ServiceBase):
         self.client = AuthN.Client(token, config, logger_name=logger_name)
         self.session = AuthN.Session(token, config, logger_name=logger_name)
         self.agreements = AuthN.Agreements(token, config, logger_name=logger_name)
+        self.group = AuthN.Group(token, config, logger_name=logger_name)
 
     class Session(ServiceBase):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -161,7 +165,7 @@ class AuthN(ServiceBase):
             )
 
     class Client(ServiceBase):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -221,7 +225,7 @@ class AuthN(ServiceBase):
             return self.request.post("v2/client/jwks", m.ClientJWKSResult, {})
 
         class Session(ServiceBase):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -359,7 +363,7 @@ class AuthN(ServiceBase):
                 )
 
         class Password(ServiceBase):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -419,7 +423,7 @@ class AuthN(ServiceBase):
                 return self.request.post("v2/user/password/expire", PangeaResponseResult, {"id": user_id})
 
         class Token(ServiceBase):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -456,18 +460,19 @@ class AuthN(ServiceBase):
                 )
 
     class User(ServiceBase):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
-            token,
-            config=None,
-            logger_name="pangea",
-        ):
+            token: str,
+            config: PangeaConfig | None = None,
+            logger_name: str = "pangea",
+        ) -> None:
             super().__init__(token, config, logger_name=logger_name)
             self.profile = AuthN.User.Profile(token, config, logger_name=logger_name)
             self.authenticators = AuthN.User.Authenticators(token, config, logger_name=logger_name)
             self.invites = AuthN.User.Invites(token, config, logger_name=logger_name)
+            self.group = AuthN.User.Group(token, config, logger_name=logger_name)
 
         def create(
             self,
@@ -663,7 +668,7 @@ class AuthN(ServiceBase):
             return self.request.post("v2/user/list", m.UserListResult, data=input.model_dump(exclude_none=True))
 
         class Invites(ServiceBase):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -735,7 +740,7 @@ class AuthN(ServiceBase):
                 )
 
         class Authenticators(ServiceBase):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -817,7 +822,7 @@ class AuthN(ServiceBase):
                 )
 
         class Profile(ServiceBase):
-            service_name = SERVICE_NAME
+            service_name = _SERVICE_NAME
 
             def __init__(
                 self,
@@ -901,8 +906,57 @@ class AuthN(ServiceBase):
                     "v2/user/profile/update", m.UserProfileUpdateResult, data=input.model_dump(exclude_none=True)
                 )
 
+        class Group(ServiceBase):
+            service_name = _SERVICE_NAME
+
+            def __init__(
+                self,
+                token: str,
+                config: PangeaConfig | None = None,
+                logger_name: str = "pangea",
+            ) -> None:
+                super().__init__(token, config, logger_name=logger_name)
+
+            def assign(self, user_id: str, group_ids: list[str]) -> PangeaResponse[PangeaResponseResult]:
+                """
+                Assign groups to a user
+
+                Add a list of groups to a specified user
+
+                OperationId: authn_post_v2_user_group_assign
+                """
+                return self.request.post(
+                    "v2/user/group/assign",
+                    data={"id": user_id, "group_ids": group_ids},
+                    result_class=m.PangeaResponseResult,
+                )
+
+            def remove(self, user_id: str, group_id: str) -> PangeaResponse[PangeaResponseResult]:
+                """
+                Remove a group assigned to a user
+
+                Remove a group assigned to a user
+
+                OperationId: authn_post_v2_user_group_remove
+                """
+                return self.request.post(
+                    "v2/user/group/remove",
+                    data={"id": user_id, "group_id": group_id},
+                    result_class=m.PangeaResponseResult,
+                )
+
+            def list(self, user_id: str) -> PangeaResponse[m.GroupList]:
+                """
+                List of groups assigned to a user
+
+                Return a list of ids for groups assigned to a user
+
+                OperationId: authn_post_v2_user_group_list
+                """
+                return self.request.post("v2/user/group/list", data={"id": user_id}, result_class=m.GroupList)
+
     class Flow(ServiceBase):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -1042,7 +1096,7 @@ class AuthN(ServiceBase):
             return self.request.post("v2/flow/update", m.FlowUpdateResult, data=input.model_dump(exclude_none=True))
 
     class Agreements(ServiceBase):
-        service_name = SERVICE_NAME
+        service_name = _SERVICE_NAME
 
         def __init__(
             self,
@@ -1192,3 +1246,108 @@ class AuthN(ServiceBase):
             return self.request.post(
                 "v2/agreements/update", m.AgreementUpdateResult, data=input.model_dump(exclude_none=True)
             )
+
+    class Group(ServiceBase):
+        service_name = _SERVICE_NAME
+
+        def __init__(
+            self,
+            token: str,
+            config: PangeaConfig | None = None,
+            logger_name: str = "pangea",
+        ) -> None:
+            super().__init__(token, config, logger_name=logger_name)
+
+        def create(
+            self, name: str, type: str, *, description: str | None = None, attributes: dict[str, str] | None = None
+        ) -> PangeaResponse[m.GroupInfo]:
+            """
+            Create a new group
+
+            Create a new group
+
+            OperationId: authn_post_v2_group_create
+            """
+            return self.request.post(
+                "v2/group/create",
+                data={"name": name, "type": type, "description": description, "attributes": attributes},
+                result_class=m.GroupInfo,
+            )
+
+        def delete(self, id: str) -> PangeaResponse[PangeaResponseResult]:
+            """
+            Delete a group
+
+            Delete a group
+
+            OperationId: authn_post_v2_group_delete
+            """
+            return self.request.post("v2/group/delete", data={"id": id}, result_class=PangeaResponseResult)
+
+        def get(self, id: str) -> PangeaResponse[m.GroupInfo]:
+            """
+            Get group information
+
+            Look up a group by ID and return its information.
+
+            OperationId: authn_post_v2_group_get
+            """
+            return self.request.post("v2/group/get", data={"id": id}, result_class=m.GroupInfo)
+
+        def list(
+            self,
+            *,
+            filter: m.GroupsFilter | None = None,
+            last: str | None = None,
+            order: Literal["asc", "desc"] | None = None,
+            order_by: Literal["id", "created_at", "updated_at", "name", "type"] | None = None,
+            size: int | None = None,
+        ) -> PangeaResponse[m.GroupList]:
+            """
+            List groups
+
+            Look up groups by name, type, or attributes.
+            """
+            return self.request.post(
+                "v2/group/list",
+                data={"filter": filter, "last": last, "order": order, "order_by": order_by, "size": size},
+                result_class=m.GroupList,
+            )
+
+        def list_users(
+            self, id: str, *, last: str | None = None, size: int | None = None
+        ) -> PangeaResponse[m.GroupUserList]:
+            """
+            List of users assigned to a group
+
+            Return a list of ids for users assigned to a group
+
+            OperationId: authn_post_v2_group_user_list
+            """
+            return self.request.post(
+                "v2/group/user/list",
+                data={"id": id, "last": last, "size": size},
+                result_class=m.GroupUserList,
+            )
+
+        def update(
+            self,
+            id: str,
+            *,
+            name: str | None = None,
+            description: str | None = None,
+            type: str | None = None,
+            attributes: dict[str, str] | None = None,
+        ) -> PangeaResponse[m.GroupInfo]:
+            """
+            Update group information
+
+            Update group information
+
+            OperationId: authn_post_v2_group_update
+            """
+            return self.request.post(
+                "v2/group/update",
+                data={"id": id, "name": name, "description": description, "type": type, "attributes": attributes},
+                result_class=m.GroupInfo,
+            )

pangea/services/authn/models.py

@@ -939,3 +939,97 @@ class AgreementUpdateRequest(APIRequestModel):
 
 class AgreementUpdateResult(AgreementInfo):
     pass
+
+
+class GroupInfo(PangeaResponseResult):
+    """A group and its information"""
+
+    id: str
+    name: str
+    type: str
+
+    description: Optional[str] = None
+    attributes: Optional[Dict[str, str]] = None
+    created_at: Optional[str] = None
+    updated_at: Optional[str] = None
+
+
+class GroupsFilter(APIRequestModel):
+    """Search filter for groups"""
+
+    created_at: Optional[str] = None
+    """Only records where created_at equals this value."""
+
+    created_at__gt: Optional[str] = None
+    """Only records where created_at is greater than this value."""
+
+    created_at__gte: Optional[str] = None
+    """Only records where created_at is greater than or equal to this value."""
+
+    created_at__lt: Optional[str] = None
+    """Only records where created_at is less than this value."""
+
+    created_at__lte: Optional[str] = None
+    """Only records where created_at is less than or equal to this value."""
+
+    created_at__contains: Optional[str] = None
+    """Only records where created_at includes this value."""
+
+    id: Optional[str] = None
+    """Only records where id equals this value."""
+
+    id__contains: Optional[List[str]] = None
+    """Only records where id includes each substring."""
+
+    id__in: Optional[List[str]] = None
+    """Only records where id equals one of the provided substrings."""
+
+    name: Optional[str] = None
+    """Only records where name equals this value."""
+
+    name__contains: Optional[List[str]] = None
+    """Only records where name includes each substring."""
+
+    name__in: Optional[List[str]] = None
+    """Only records where name equals one of the provided substrings."""
+
+    type: Optional[str] = None
+    """Only records where type equals this value."""
+
+    type__contains: Optional[List[str]] = None
+    """Only records where type includes each substring."""
+
+    type__in: Optional[List[str]] = None
+    """Only records where type equals one of the provided substrings."""
+
+    updated_at: Optional[str] = None
+    """Only records where updated_at equals this value."""
+
+    updated_at__gt: Optional[str] = None
+    """Only records where updated_at is greater than this value."""
+
+    updated_at__gte: Optional[str] = None
+    """Only records where updated_at is greater than or equal to this value."""
+
+    updated_at__lt: Optional[str] = None
+    """Only records where updated_at is less than this value."""
+
+    updated_at__lte: Optional[str] = None
+    """Only records where updated_at is less than or equal to this value."""
+
+    updated_at__contains: Optional[str] = None
+    """Only records where updated_at includes this value."""
+
+
+class GroupList(PangeaResponseResult):
+    groups: List[GroupInfo]
+    """List of matching groups"""
+
+    count: int
+    last: Optional[str] = None
+
+
+class GroupUserList(PangeaResponseResult):
+    users: List[User]
+    count: int
+    last: Optional[str] = None

pangea/services/authz.py

@@ -51,6 +51,8 @@ class Tuple(PangeaResponseResult):
     resource: Resource
     relation: str
     subject: Subject
+    expires_at: Optional[str] = None
+    """A time in ISO-8601 format"""
 
 
 class TupleCreateRequest(APIRequestModel):
@@ -63,23 +65,51 @@ class TupleCreateResult(PangeaResponseResult):
 
 class TupleListFilter(APIRequestModel):
     resource_type: Optional[str] = None
+    """Only records where resource type equals this value."""
     resource_type__contains: Optional[List[str]] = None
+    """Only records where resource type includes each substring."""
     resource_type__in: Optional[List[str]] = None
+    """Only records where resource type equals one of the provided substrings."""
     resource_id: Optional[str] = None
+    """Only records where resource id equals this value."""
     resource_id__contains: Optional[List[str]] = None
+    """Only records where resource id includes each substring."""
     resource_id__in: Optional[List[str]] = None
+    """Only records where resource id equals one of the provided substrings."""
     relation: Optional[str] = None
+    """Only records where relation equals this value."""
     relation__contains: Optional[List[str]] = None
+    """Only records where relation includes each substring."""
     relation__in: Optional[List[str]] = None
+    """Only records where relation equals one of the provided substrings."""
     subject_type: Optional[str] = None
+    """Only records where subject type equals this value."""
     subject_type__contains: Optional[List[str]] = None
+    """Only records where subject type includes each substring."""
     subject_type__in: Optional[List[str]] = None
+    """Only records where subject type equals one of the provided substrings."""
     subject_id: Optional[str] = None
+    """Only records where subject id equals this value."""
     subject_id__contains: Optional[List[str]] = None
+    """Only records where subject id includes each substring."""
     subject_id__in: Optional[List[str]] = None
+    """Only records where subject id equals one of the provided substrings."""
     subject_action: Optional[str] = None
+    """Only records where subject action equals this value."""
     subject_action__contains: Optional[List[str]] = None
+    """Only records where subject action includes each substring."""
     subject_action__in: Optional[List[str]] = None
+    """Only records where subject action equals one of the provided substrings."""
+    expires_at: Optional[str] = None
+    """Only records where expires_at equals this value."""
+    expires_at__gt: Optional[str] = None
+    """Only records where expires_at is greater than this value."""
+    expires_at__gte: Optional[str] = None
+    """Only records where expires_at is greater than or equal to this value."""
+    expires_at__lt: Optional[str] = None
+    """Only records where expires_at is less than this value."""
+    expires_at__lte: Optional[str] = None
+    """Only records where expires_at is less than or equal to this value."""
 
 
 class TupleListRequest(APIRequestModel):
@@ -109,7 +139,9 @@ class CheckRequest(APIRequestModel):
     action: str
     subject: Subject
     debug: Optional[bool] = None
+    """In the event of an allowed check, return a path that granted access."""
     attributes: Optional[Dict[str, Any]] = None
+    """A JSON object of attribute data."""
 
 
 class DebugPath(APIResponseModel):
@@ -145,6 +177,8 @@ class ListSubjectsRequest(APIRequestModel):
     resource: Resource
     action: str
     attributes: Optional[Dict[str, Any]] = None
+    debug: Optional[bool] = None
+    """Return a path for each found subject"""
 
 
 class ListSubjectsResult(PangeaResponseResult):
@@ -194,14 +228,14 @@ class AuthZ(ServiceBase):
 
         super().__init__(token, config, logger_name, config_id=config_id)
 
-    def tuple_create(self, tuples: List[Tuple]) -> PangeaResponse[TupleCreateResult]:
+    def tuple_create(self, tuples: list[Tuple]) -> PangeaResponse[TupleCreateResult]:
         """Create tuples.
 
         Create tuples in the AuthZ Service. The request will fail if there is no schema
         or the tuples do not validate against the schema.
 
         Args:
-            tuples (List[Tuple]): List of tuples to be created.
+            tuples: Tuples to be created.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -229,10 +263,10 @@ class AuthZ(ServiceBase):
     def tuple_list(
         self,
         filter: TupleListFilter,
-        size: Optional[int] = None,
-        last: Optional[str] = None,
-        order: Optional[ItemOrder] = None,
-        order_by: Optional[TupleOrderBy] = None,
+        size: int | None = None,
+        last: str | None = None,
+        order: ItemOrder | None = None,
+        order_by: TupleOrderBy | None = None,
     ) -> PangeaResponse[TupleListResult]:
         """List tuples.
 
@@ -241,11 +275,11 @@ class AuthZ(ServiceBase):
         is empty it will return all the tuples.
 
         Args:
-            filter (TupleListFilter): The filter for listing tuples.
-            size (Optional[int]): The size of the result set. Default is None.
-            last (Optional[str]): The last token from a previous response. Default is None.
-            order (Optional[ItemOrder]): Order results asc(ending) or desc(ending).
-            order_by (Optional[TupleOrderBy]): Which field to order results by.
+            filter: The filter for listing tuples.
+            size: The size of the result set. Default is None.
+            last: The last token from a previous response. Default is None.
+            order: Order results asc(ending) or desc(ending).
+            order_by: Which field to order results by.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -263,13 +297,13 @@ class AuthZ(ServiceBase):
         )
         return self.request.post("v1/tuple/list", TupleListResult, data=input_data.model_dump(exclude_none=True))
 
-    def tuple_delete(self, tuples: List[Tuple]) -> PangeaResponse[TupleDeleteResult]:
+    def tuple_delete(self, tuples: list[Tuple]) -> PangeaResponse[TupleDeleteResult]:
         """Delete tuples.
 
         Delete tuples in the AuthZ Service.
 
         Args:
-            tuples (List[Tuple]): List of tuples to be deleted.
+            tuples: Tuples to be deleted.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -299,19 +333,19 @@ class AuthZ(ServiceBase):
         resource: Resource,
         action: str,
         subject: Subject,
-        debug: Optional[bool] = None,
-        attributes: Optional[Dict[str, Any]] = None,
+        debug: bool | None = None,
+        attributes: dict[str, Any] | None = None,
     ) -> PangeaResponse[CheckResult]:
         """Perform a check request.
 
         Check if a subject has permission to perform an action on the resource.
 
         Args:
-            resource (Resource): The resource to check.
-            action (str): The action to check.
-            subject (Subject): The subject to check.
-            debug (Optional[bool]): Setting this value to True will provide a detailed analysis of the check.
-            attributes (Optional[Dict[str, Any]]): Additional attributes for the check.
+            resource: The resource to check.
+            action: The action to check.
+            subject: The subject to check.
+            debug: In the event of an allowed check, return a path that granted access.
+            attributes: Additional attributes for the check.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -334,7 +368,7 @@ class AuthZ(ServiceBase):
         return self.request.post("v1/check", CheckResult, data=input_data.model_dump(exclude_none=True))
 
     def list_resources(
-        self, type: str, action: str, subject: Subject, attributes: Optional[Dict[str, Any]] = None
+        self, type: str, action: str, subject: Subject, attributes: dict[str, Any] | None = None
     ) -> PangeaResponse[ListResourcesResult]:
         """List resources.
 
@@ -342,10 +376,10 @@ class AuthZ(ServiceBase):
         type that the subject has access to the action with.
 
         Args:
-            type (str): The type to filter resources.
-            action (str): The action to filter resources.
-            subject (Subject): The subject to filter resources.
-            attributes (Optional[Dict[str, Any]]): A JSON object of attribute data.
+            type: The type to filter resources.
+            action: The action to filter resources.
+            subject: The subject to filter resources.
+            attributes: A JSON object of attribute data.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -369,7 +403,7 @@ class AuthZ(ServiceBase):
         )
 
     def list_subjects(
-        self, resource: Resource, action: str, attributes: Optional[Dict[str, Any]] = None
+        self, resource: Resource, action: str, attributes: dict[str, Any] | None = None, *, debug: bool | None = None
     ) -> PangeaResponse[ListSubjectsResult]:
         """List subjects.
 
@@ -377,9 +411,10 @@ class AuthZ(ServiceBase):
         access to the action for the given resource.
 
         Args:
-            resource (Resource): The resource to filter subjects.
-            action (str): The action to filter subjects.
-            attributes (Optional[Dict[str, Any]]): A JSON object of attribute data.
+            resource: The resource to filter subjects.
+            action: The action to filter subjects.
+            attributes: A JSON object of attribute data.
+            debug: Return a path for each found subject.
 
         Raises:
             PangeaAPIException: If an API Error happens.
@@ -396,5 +431,5 @@ class AuthZ(ServiceBase):
             )
         """
 
-        input_data = ListSubjectsRequest(resource=resource, action=action, attributes=attributes)
+        input_data = ListSubjectsRequest(resource=resource, action=action, attributes=attributes, debug=debug)
         return self.request.post("v1/list-subjects", ListSubjectsResult, data=input_data.model_dump(exclude_none=True))

{pangea_sdk-6.0.0.dist-info → pangea_sdk-6.1.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: pangea-sdk
-Version: 6.0.0
+Version: 6.1.0
 Summary: Pangea API SDK
 License: MIT
 Keywords: Pangea,SDK,Audit

{pangea_sdk-6.0.0.dist-info → pangea_sdk-6.1.0.dist-info}/RECORD

@@ -1,12 +1,12 @@
-pangea/__init__.py,sha256=WlZa15dkqzwfQrtPRyiGS0sYP9wBJcaBvWFl_kcNUjs,246
+pangea/__init__.py,sha256=SsSFodzFjA5wp7MeTcC2YDLJyt4DeR98QUsA7pVkhf0,246
 pangea/asyncio/__init__.py,sha256=kjEMkqMQ521LlMSu5jn3_WgweyArwVZ2C-s3x7mR6Pk,45
 pangea/asyncio/file_uploader.py,sha256=wI7epib7Rc5jtZw4eJ1L1SlmutDG6CPv59C8N2UPhtY,1436
 pangea/asyncio/request.py,sha256=lpLY-o405r3-VUfrAE5uxYxI8UjM4hjPqUzAUtOGE5o,18040
 pangea/asyncio/services/__init__.py,sha256=L6Tdhjfx_ZECHskhLMPaCcOefi-r-imw6q_zlU4j-FY,464
 pangea/asyncio/services/ai_guard.py,sha256=rFksT8LQkyioW3QOq4fLCEZbW5SXiYWpWjLbVovRouE,6294
 pangea/asyncio/services/audit.py,sha256=Ue3KDmTn-a2KsqlzxbakLQJAWiRyLaJrYVi1hO7a6sw,26030
-pangea/asyncio/services/authn.py,sha256=rPeLJweL8mYH_t4ebcQn4n_Wglr3kClKNnCXNCimZU4,46622
-pangea/asyncio/services/authz.py,sha256=B_0_nhDMJcjNpjpCx3Vi2LDRhlmfV9325GKbUZ8reos,10025
+pangea/asyncio/services/authn.py,sha256=apa0kcxmSXH2ChJbTYVFvXTB4cn69cN9O7tW_jOXy_w,52100
+pangea/asyncio/services/authz.py,sha256=ocImj2g-P9wAo6CqAvZs7YR4wOTUAx0ZWmenKh6HwLk,9691
 pangea/asyncio/services/base.py,sha256=vRFVcO_uEAGJte3OUUBLD43RoiiFB1vC7SPyN6yEMoA,3158
 pangea/asyncio/services/embargo.py,sha256=ctzj3kip6xos-Eu3JuOskrCGYC8T3JlsgAopZHiPSXM,3068
 pangea/asyncio/services/file_scan.py,sha256=PLG1O-PL4Yk9uY9D6NbMrZ5LHg70Z311s7bFe46UMZA,7108
@@ -34,9 +34,9 @@ pangea/services/audit/exceptions.py,sha256=bhVuYe4ammacOVxwg98CChxvwZf5FKgR2Dcgq
 pangea/services/audit/models.py,sha256=1h1B9eSYQMYG3f8WNi1UcDX2-impRrET_ErjJYUnj7M,14678
 pangea/services/audit/signing.py,sha256=5A4hvPtpfP2kMz8bsiiKUACriXbh5dv9gb_rbqiUtuI,5583
 pangea/services/audit/util.py,sha256=Zq1qvfeplYfhCP_ud5YMvntSB0UvnCdsuYbOzZkHbjg,7620
-pangea/services/authn/authn.py,sha256=cZKl2Ixc6HwHnkRecpSaAGTQUgaZUtxfLa0T3S03HMs,45478
-pangea/services/authn/models.py,sha256=HH5su6jx3O9AwVGzASXZ99-eIWjgXEP5LhIVdewM13s,22394
-pangea/services/authz.py,sha256=bB0ZEUuXLT7Xjs5kZef1hZK6Du6VUusHe5aekNaxamw,12746
+pangea/services/authn/authn.py,sha256=AkGyjGz5eHpMkxMn0F-xP94DCV7Ai88yaI4pSqAQ_qc,51021
+pangea/services/authn/models.py,sha256=EOoseAWVhr7Gy2HHqxqtvyUNimoi6OVc-x9OMxEeRX8,25253
+pangea/services/authz.py,sha256=fOPucOMdoYee5B4FXYgM8d6HHUeGg8QwiyTfKcD1JCk,14581
 pangea/services/base.py,sha256=43pWQcR9CeT4sGzgctF3Sy4M_h7DaUzkuZD2Z7CcDUU,3845
 pangea/services/embargo.py,sha256=9Wfku4td5ORaIENKmnGmS5jxJJIRfWp6Q51L36Jsy0I,3897
 pangea/services/file_scan.py,sha256=QiO80uKqB_BnAOiYQKznXfxpa5j40qqETE3-zBRT_QE,7813
@@ -55,6 +55,6 @@ pangea/services/vault/vault.py,sha256=ow-Zm7PYzfWIfUcA4UNnpeL2DHfZM4C7inRDmNR3zQ
 pangea/tools.py,sha256=icHduOfZLi02UYdGb5Xl1fQqu-PBRB4tiDPT_nL2Q8E,6380
 pangea/utils.py,sha256=dZ6MwFVEWXUgXvvDg-k6JnvVfsgslvtaBd7ez7afrqk,4983
 pangea/verify_audit.py,sha256=nSP17OzoSPdvezRExwfcf45H8ZPZnxZu-CbEp3qFJO0,17354
-pangea_sdk-6.0.0.dist-info/METADATA,sha256=X9QYxYoEw53LK2rdWTOvEs9I24--d27P7Xeft4DTGzM,6886
-pangea_sdk-6.0.0.dist-info/WHEEL,sha256=fGIA9gx4Qxk2KDKeNJCbOEwSrmLtjWCwzBz351GyrPQ,88
-pangea_sdk-6.0.0.dist-info/RECORD,,
+pangea_sdk-6.1.0.dist-info/METADATA,sha256=PaLI_RGtc8TJeHm1gv4Mg7sYe8vK1zwEdDHVm_8hr1Y,6886
+pangea_sdk-6.1.0.dist-info/WHEEL,sha256=fGIA9gx4Qxk2KDKeNJCbOEwSrmLtjWCwzBz351GyrPQ,88
+pangea_sdk-6.1.0.dist-info/RECORD,,