pangea-sdk 6.2.0b2__py3-none-any.whl → 6.4.0__py3-none-any.whl

pangea/asyncio/services/audit.py

@@ -8,10 +8,7 @@ from __future__ import annotations
 
 import datetime
 from collections.abc import Mapping
-from typing import Any, Dict, Iterable, List, Optional, Sequence, Union, cast, overload
-
-from pydantic import TypeAdapter
-from typing_extensions import Literal
+from typing import Any, Dict, Iterable, List, Optional, Sequence, Union
 
 import pangea.exceptions as pexc
 from pangea.asyncio.services.base import ServiceBaseAsync
@@ -20,13 +17,11 @@ from pangea.response import PangeaResponse, PangeaResponseResult
 from pangea.services.audit.audit import AuditBase
 from pangea.services.audit.exceptions import AuditException
 from pangea.services.audit.models import (
-    AuditSchema,
     DownloadFormat,
     DownloadRequest,
     DownloadResult,
     Event,
     ExportRequest,
-    ForwardingConfiguration,
     LogBulkResult,
     LogResult,
     PublishedRoot,
@@ -39,9 +34,6 @@ from pangea.services.audit.models import (
     SearchRequest,
     SearchResultOutput,
     SearchResultRequest,
-    ServiceConfig,
-    ServiceConfigFilter,
-    ServiceConfigListResult,
 )
 from pangea.services.audit.util import format_datetime
 
@@ -603,298 +595,6 @@ class AuditAsync(ServiceBaseAsync, AuditBase):
         )
         return await self.request.post("v1/download_results", DownloadResult, data=input.model_dump(exclude_none=True))
 
-    async def get_service_config(self, config_id: str) -> PangeaResponse[ServiceConfig]:
-        """
-        Get a service config.
-
-        OperationId: audit_post_v1beta_config
-
-        Args:
-            id: The config ID
-        """
-
-        response = await self.request.post("v1beta/config", PangeaResponseResult, data={"id": config_id})
-        response.result = TypeAdapter(ServiceConfig).validate_python(response.json["result"])
-        return cast(PangeaResponse[ServiceConfig], response)
-
-    @overload
-    async def create_service_config(
-        self,
-        version: Literal[1],
-        name: str,
-        *,
-        cold_query_result_retention: str | None = None,
-        hot_storage: str | None = None,
-        query_result_retention: str | None = None,
-        redact_service_config_id: str | None = None,
-        redaction_fields: Sequence[str] | None = None,
-        retention: str | None = None,
-        vault_key_id: str | None = None,
-        vault_service_config_id: str | None = None,
-        vault_sign: bool | None = None,
-    ) -> PangeaResponse[ServiceConfig]:
-        """
-        Create a v1 service config.
-
-        OperationId: audit_post_v1beta_config_create
-
-        Args:
-            name: Configuration name
-            cold_query_result_retention: Retention window for cold query result / state information.
-            hot_storage: Retention window to keep audit logs in hot storage.
-            query_result_retention: Length of time to preserve server-side query result caching.
-            redact_service_config_id: A redact service config that will be used to redact PII from logs.
-            redaction_fields: Fields to perform redaction against.
-            retention: Retention window to store audit logs.
-            vault_key_id: ID of the Vault key used for signing. If missing, use a default Audit key.
-            vault_service_config_id: A vault service config that will be used to sign logs.
-            vault_sign: Enable/disable event signing.
-        """
-
-    @overload
-    async def create_service_config(
-        self,
-        version: Literal[2],
-        name: str,
-        *,
-        schema: AuditSchema,
-        cold_query_result_retention: str | None = None,
-        forwarding_configuration: ForwardingConfiguration | None = None,
-        hot_storage: str | None = None,
-        query_result_retention: str | None = None,
-        redact_service_config_id: str | None = None,
-        retention: str | None = None,
-        vault_key_id: str | None = None,
-        vault_service_config_id: str | None = None,
-        vault_sign: bool | None = None,
-    ) -> PangeaResponse[ServiceConfig]:
-        """
-        Create a v2 service config.
-
-        OperationId: audit_post_v1beta_config_create
-
-        Args:
-            name: Configuration name
-            schema: Audit log field configuration. Only settable at create time.
-            cold_query_result_retention: Retention window for cold query result / state information.
-            forwarding_configuration: Configuration for forwarding audit logs to external systems.
-            hot_storage: Retention window to keep audit logs in hot storage.
-            query_result_retention: Length of time to preserve server-side query result caching.
-            redact_service_config_id: A redact service config that will be used to redact PII from logs.
-            retention: Retention window to store audit logs.
-            vault_key_id: ID of the Vault key used for signing. If missing, use a default Audit key.
-            vault_service_config_id: A vault service config that will be used to sign logs.
-            vault_sign: Enable/disable event signing.
-        """
-
-    @overload
-    async def create_service_config(
-        self,
-        version: Literal[3],
-        name: str,
-        *,
-        schema: AuditSchema,
-        cold_storage: str | None = None,
-        hot_storage: str | None = None,
-        warm_storage: str | None = None,
-        redact_service_config_id: str | None = None,
-        vault_service_config_id: str | None = None,
-        vault_key_id: str | None = None,
-        vault_sign: bool | None = None,
-        forwarding_configuration: ForwardingConfiguration | None = None,
-    ) -> PangeaResponse[ServiceConfig]:
-        """
-        Create a v3 service config.
-
-        OperationId: audit_post_v1beta_config_create
-
-        Args:
-            name: Configuration name
-            schema: Audit log field configuration. Only settable at create time.
-            cold_storage: Retention window for logs in cold storage. Deleted afterwards.
-            hot_storage: Retention window for logs in hot storage. Migrated to warm, cold, or deleted afterwards.
-            warm_storage: Retention window for logs in warm storage. Migrated to cold or deleted afterwards.
-            redact_service_config_id: A redact service config that will be used to redact PII from logs.
-            vault_service_config_id: A vault service config that will be used to sign logs.
-            vault_key_id: ID of the Vault key used for signing. If missing, use a default Audit key.
-            vault_sign: Enable/disable event signing.
-            forwarding_configuration: Configuration for forwarding audit logs to external systems.
-        """
-
-    async def create_service_config(
-        self,
-        version: Literal[1, 2, 3],
-        name: str,
-        *,
-        cold_query_result_retention: str | None = None,
-        cold_storage: str | None = None,
-        forwarding_configuration: ForwardingConfiguration | None = None,
-        hot_storage: str | None = None,
-        query_result_retention: str | None = None,
-        redact_service_config_id: str | None = None,
-        redaction_fields: Sequence[str] | None = None,
-        retention: str | None = None,
-        schema: AuditSchema | None = None,
-        vault_key_id: str | None = None,
-        vault_service_config_id: str | None = None,
-        vault_sign: bool | None = None,
-        warm_storage: str | None = None,
-    ) -> PangeaResponse[ServiceConfig]:
-        """
-        Create a service config.
-
-        OperationId: audit_post_v1beta_config_create
-
-        Args:
-            name: Configuration name
-            cold_query_result_retention: Retention window for cold query result / state information.
-            cold_storage: Retention window for logs in cold storage. Deleted afterwards.
-            forwarding_configuration: Configuration for forwarding audit logs to external systems.
-            hot_storage: Retention window to keep audit logs in hot storage.
-            query_result_retention: Length of time to preserve server-side query result caching.
-            redact_service_config_id: A redact service config that will be used to redact PII from logs.
-            redaction_fields: Fields to perform redaction against.
-            retention: Retention window to store audit logs.
-            schema: Audit log field configuration. Only settable at create time.
-            vault_key_id: ID of the Vault key used for signing. If missing, use a default Audit key.
-            vault_service_config_id: A vault service config that will be used to sign logs.
-            vault_sign: Enable/disable event signing.
-            warm_storage: Retention window for logs in warm storage. Migrated to cold or deleted afterwards.
-        """
-
-        response = await self.request.post(
-            "v1beta/config/create",
-            PangeaResponseResult,
-            data={
-                "cold_query_result_retention": cold_query_result_retention,
-                "cold_storage": cold_storage,
-                "forwarding_configuration": forwarding_configuration,
-                "hot_storage": hot_storage,
-                "name": name,
-                "query_result_retention": query_result_retention,
-                "redact_service_config_id": redact_service_config_id,
-                "redaction_fields": redaction_fields,
-                "retention": retention,
-                "schema": schema,
-                "vault_key_id": vault_key_id,
-                "vault_service_config_id": vault_service_config_id,
-                "vault_sign": vault_sign,
-                "warm_storage": warm_storage,
-                "version": version,
-            },
-        )
-        response.result = TypeAdapter(ServiceConfig).validate_python(response.json["result"])
-        return cast(PangeaResponse[ServiceConfig], response)
-
-    async def update_service_config(
-        self,
-        config_id: str,
-        *,
-        name: str,
-        updated_at: datetime.datetime,
-        # Optionals.
-        cold_query_result_retention: str | None = None,
-        cold_storage: str | None = None,
-        forwarding_configuration: ForwardingConfiguration | None = None,
-        hot_storage: str | None = None,
-        query_result_retention: str | None = None,
-        redact_service_config_id: str | None = None,
-        retention: str | None = None,
-        schema: AuditSchema | None = None,
-        vault_key_id: str | None = None,
-        vault_service_config_id: str | None = None,
-        vault_sign: bool | None = None,
-        warm_storage: str | None = None,
-    ) -> PangeaResponse[ServiceConfig]:
-        """
-        Update a service config.
-
-        OperationId: audit_post_v1beta_config_update
-
-        Args:
-            id: The config ID
-            name: Configuration name
-            updated_at: The DB timestamp when this config was last updated at
-            cold_query_result_retention: Retention window for cold query result / state information.
-            cold_storage: Retention window for logs in cold storage. Deleted afterwards.
-            forwarding_configuration: Configuration for forwarding audit logs to external systems
-            hot_storage: Retention window to keep audit logs in hot storage
-            query_result_retention: Length of time to preserve server-side query result caching
-            redact_service_config_id: A redact service config that will be used to redact PII from logs
-            retention: Retention window to store audit logs
-            schema: Audit log field configuration
-            vault_key_id: ID of the Vault key used for signing. If missing, use a default Audit key.
-            vault_service_config_id: A vault service config that will be used to sign logs
-            vault_sign: Enable/disable event signing
-            warm_storage: Retention window for logs in warm storage. Migrated to cold or deleted afterwards.
-        """
-
-        response = await self.request.post(
-            "v1beta/config/update",
-            PangeaResponseResult,
-            data={
-                "id": config_id,
-                "name": name,
-                "updated_at": updated_at,
-                # Optionals.
-                "cold_query_result_retention": cold_query_result_retention,
-                "cold_storage": cold_storage,
-                "forwarding_configuration": forwarding_configuration,
-                "hot_storage": hot_storage,
-                "query_result_retention": query_result_retention,
-                "redact_service_config_id": redact_service_config_id,
-                "retention": retention,
-                "schema": schema,
-                "vault_key_id": vault_key_id,
-                "vault_service_config_id": vault_service_config_id,
-                "vault_sign": vault_sign,
-                "warm_storage": warm_storage,
-            },
-        )
-        response.result = TypeAdapter(ServiceConfig).validate_python(response.json["result"])
-        return cast(PangeaResponse[ServiceConfig], response)
-
-    async def delete_service_config(self, config_id: str) -> PangeaResponse[ServiceConfig]:
-        """
-        Delete a service config.
-
-        OperationId: audit_post_v1beta_config_delete
-
-        Args:
-            id: The config ID
-        """
-
-        response = await self.request.post("v1beta/config/delete", PangeaResponseResult, data={"id": config_id})
-        response.result = TypeAdapter(ServiceConfig).validate_python(response.json["result"])
-        return cast(PangeaResponse[ServiceConfig], response)
-
-    async def list_service_configs(
-        self,
-        *,
-        filter: ServiceConfigFilter | None = None,
-        last: str | None = None,
-        order: Literal["asc", "desc"] | None = None,
-        order_by: Literal["id", "created_at", "updated_at"] | None = None,
-        size: int | None = None,
-    ) -> PangeaResponse[ServiceConfigListResult]:
-        """
-        List service configs.
-
-        OperationId: audit_post_v1beta_config_list
-
-        Args:
-            last: Reflected value from a previous response to obtain the next page of results.
-            order: Order results asc(ending) or desc(ending).
-            order_by: Which field to order results by.
-            size: Maximum results to include in the response.
-        """
-
-        return await self.request.post(
-            "v1beta/config/list",
-            ServiceConfigListResult,
-            data={"filter": filter, "last": last, "order": order, "order_by": order_by, "size": size},
-        )
-
     async def update_published_roots(self, result: SearchResultOutput):
         """Fetches series of published root hashes from Arweave
 

pangea/asyncio/services/authn.py

@@ -6,6 +6,7 @@
 
 from __future__ import annotations
 
+from collections.abc import Mapping
 from typing import Dict, List, Literal, Optional, Union
 
 import pangea.services.authn.models as m
@@ -436,7 +437,7 @@ class AuthNAsync(ServiceBaseAsync):
             ) -> None:
                 super().__init__(token, config, logger_name=logger_name)
 
-            async def check(self, token: str) -> PangeaResponse[m.ClientTokenCheckResult]:
+            async def check(self, token: m.Token) -> PangeaResponse[m.ClientTokenCheckResult]:
                 """
                 Check a token
 
@@ -445,7 +446,7 @@ class AuthNAsync(ServiceBaseAsync):
                 OperationId: authn_post_v2_client_token_check
 
                 Args:
-                    token (str): A token value
+                    token: A token value
 
                 Returns:
                     A PangeaResponse with a token and its information in the response.result field.
@@ -453,14 +454,11 @@ class AuthNAsync(ServiceBaseAsync):
                         [API Documentation](https://pangea.cloud/docs/api/authn/flow#/v2/client/token/check-post).
 
                 Examples:
-                    response = authn.client.token_endpoints.check(
+                    response = await authn.client.token_endpoints.check(
                         token="ptu_wuk7tvtpswyjtlsx52b7yyi2l7zotv4a",
                     )
                 """
-                input = m.ClientTokenCheckRequest(token=token)
-                return await self.request.post(
-                    "v2/client/token/check", m.ClientTokenCheckResult, data=input.model_dump(exclude_none=True)
-                )
+                return await self.request.post("v2/client/token/check", m.ClientTokenCheckResult, data={"token": token})
 
     class UserAsync(ServiceBaseAsync):
         service_name = _SERVICE_NAME
@@ -479,7 +477,7 @@ class AuthNAsync(ServiceBaseAsync):
         async def create(
             self,
             email: str,
-            profile: m.Profile,
+            profile: Mapping[str, str],
             *,
             username: str | None = None,
         ) -> PangeaResponse[m.UserCreateResult]:
@@ -870,7 +868,7 @@ class AuthNAsync(ServiceBaseAsync):
 
             async def update(
                 self,
-                profile: m.Profile,
+                profile: Mapping[str, str],
                 id: str | None = None,
                 email: str | None = None,
                 *,

pangea/asyncio/services/authz.py

@@ -3,13 +3,15 @@
 
 from __future__ import annotations
 
+from collections.abc import Mapping, Sequence
 from typing import Any
 
 from pangea.asyncio.services.base import ServiceBaseAsync
 from pangea.config import PangeaConfig
 from pangea.response import PangeaResponse
 from pangea.services.authz import (
-    CheckRequest,
+    BulkCheckRequestItem,
+    BulkCheckResult,
     CheckResult,
     ItemOrder,
     ListResourcesRequest,
@@ -19,7 +21,6 @@ from pangea.services.authz import (
     Resource,
     Subject,
     Tuple,
-    TupleCreateRequest,
     TupleCreateResult,
     TupleDeleteRequest,
     TupleDeleteResult,
@@ -73,7 +74,7 @@ class AuthZAsync(ServiceBaseAsync):
 
         super().__init__(token, config, logger_name, config_id=config_id)
 
-    async def tuple_create(self, tuples: list[Tuple]) -> PangeaResponse[TupleCreateResult]:
+    async def tuple_create(self, tuples: Sequence[Tuple]) -> PangeaResponse[TupleCreateResult]:
         """Create tuples.
 
         Create tuples in the AuthZ Service. The request will fail if there is no schema
@@ -102,10 +103,7 @@ class AuthZAsync(ServiceBaseAsync):
             )
         """
 
-        input_data = TupleCreateRequest(tuples=tuples)
-        return await self.request.post(
-            "v1/tuple/create", TupleCreateResult, data=input_data.model_dump(exclude_none=True)
-        )
+        return await self.request.post("v1/tuple/create", TupleCreateResult, data={"tuples": tuples})
 
     async def tuple_list(
         self,
@@ -190,8 +188,8 @@ class AuthZAsync(ServiceBaseAsync):
         Check if a subject has permission to perform an action on the resource.
 
         Args:
-            resource (Resource): The resource to check.
-            action (str): The action to check.
+            resource: The resource to check.
+            action: The action to check.
             subject: The subject to check.
             debug: Setting this value to True will provide a detailed analysis of the check.
             attributes: Additional attributes for the check.
@@ -213,8 +211,44 @@ class AuthZAsync(ServiceBaseAsync):
             )
         """
 
-        input_data = CheckRequest(resource=resource, action=action, subject=subject, debug=debug, attributes=attributes)
-        return await self.request.post("v1/check", CheckResult, data=input_data.model_dump(exclude_none=True))
+        return await self.request.post(
+            "v1/check",
+            CheckResult,
+            data={"resource": resource, "action": action, "subject": subject, "debug": debug, "attributes": attributes},
+        )
+
+    async def bulk_check(
+        self,
+        checks: Sequence[BulkCheckRequestItem],
+        *,
+        debug: bool | None = None,
+        attributes: Mapping[str, Any] | None = None,
+    ) -> PangeaResponse[BulkCheckResult]:
+        """Perform a bulk check request
+
+        Perform multiple checks in a single request to see if a subjects have
+        permission to do actions on the resources.
+
+        Args:
+            checks: Check requests to perform.
+            debug: In the event of an allowed check, return a path that granted access.
+            attributes: A JSON object of attribute data.
+
+        Examples:
+            await authz.bulk_check(
+                checks=[
+                    BulkCheckRequestItem(
+                        resource=Resource(type="file", id="file_1"),
+                        action="read",
+                        subject=Subject(type="user", id="user_1", action="read"),
+                    )
+                ]
+            )
+        """
+
+        return await self.request.post(
+            "v1/check/bulk", BulkCheckResult, data={"checks": checks, "debug": debug, "attributes": attributes}
+        )
 
     async def list_resources(
         self, type: str, action: str, subject: Subject, attributes: dict[str, Any] | None = None

pangea/asyncio/services/intel.py

@@ -3,9 +3,10 @@
 
 # TODO: Modernize.
 # ruff: noqa: UP006, UP035
+from __future__ import annotations
 
 import hashlib
-from typing import List, Optional
+from typing import List, Literal, Optional
 
 import pangea.services.intel as m
 from pangea.asyncio.services.base import ServiceBaseAsync
@@ -77,11 +78,11 @@ class FileIntelAsync(ServiceBaseAsync):
 
     async def hash_reputation_bulk(
         self,
-        hashes: List[str],
-        hash_type: str,
-        provider: Optional[str] = None,
-        verbose: Optional[bool] = None,
-        raw: Optional[bool] = None,
+        hashes: list[str],
+        hash_type: Literal["sha256", "sha", "md5"],
+        provider: Literal["reversinglabs", "crowdstrike"] | None = None,
+        verbose: bool | None = None,
+        raw: bool | None = None,
     ) -> PangeaResponse[m.FileReputationBulkResult]:
         """
         Reputation check
@@ -89,11 +90,11 @@ class FileIntelAsync(ServiceBaseAsync):
         Retrieve hash-based file reputation from a provider, including an optional detailed report.
 
         Args:
-            hashes (List[str]): The hash of each file to be looked up
-            hash_type (str): One of "sha256", "sha", "md5"
-            provider (str, optional): Use reputation data from these providers: "reversinglabs" or "crowdstrike"
-            verbose (bool, optional): Echo the API parameters in the response
-            raw (bool, optional): Include raw data from this provider
+            hashes: The hash of each file to be looked up
+            hash_type: One of "sha256", "sha", "md5"
+            provider: Use reputation data from these providers: "reversinglabs" or "crowdstrike"
+            verbose: Echo the API parameters in the response
+            raw: Include raw data from this provider
 
         Raises:
             PangeaAPIException: If an API Error happens
@@ -101,12 +102,8 @@ class FileIntelAsync(ServiceBaseAsync):
         Returns:
             A PangeaResponse where the sanctioned source(s) are in the
                 response.result field.  Available response fields can be found in our [API documentation](https://pangea.cloud/docs/api/file-intel).
-
-        Examples:
-            FIXME:
-
         """
-        input = m.FileReputationBulkRequest(  # type: ignore[call-arg]
+        input = m.FileReputationBulkRequest(
             hashes=hashes, hash_type=hash_type, verbose=verbose, raw=raw, provider=provider
         )
         return await self.request.post(
@@ -158,8 +155,8 @@ class FileIntelAsync(ServiceBaseAsync):
 
     async def filepath_reputation_bulk(
         self,
-        filepaths: List[str],
-        provider: Optional[str] = None,
+        filepaths: list[str],
+        provider: Literal["reversinglabs", "crowdstrike"] | None = None,
         verbose: Optional[bool] = None,
         raw: Optional[bool] = None,
     ) -> PangeaResponse[m.FileReputationBulkResult]:
@@ -172,10 +169,10 @@ class FileIntelAsync(ServiceBaseAsync):
         OperationId: file_intel_post_v1_reputation
 
         Args:
-            filepaths (List[str]): The path list to the files to be looked up
-            provider (str, optional): Use reputation data from these providers: "reversinglabs" or "crowdstrike"
-            verbose (bool, optional): Echo the API parameters in the response
-            raw (bool, optional): Include raw data from this provider
+            filepaths: The path list to the files to be looked up
+            provider: Use reputation data from these providers: "reversinglabs" or "crowdstrike"
+            verbose: Echo the API parameters in the response
+            raw: Include raw data from this provider
 
         Raises:
             PangeaAPIException: If an API Error happens
@@ -183,9 +180,6 @@ class FileIntelAsync(ServiceBaseAsync):
         Returns:
             A PangeaResponse where the sanctioned source(s) are in the
                 response.result field.  Available response fields can be found in our [API documentation](https://pangea.cloud/docs/api/file-intel).
-
-        Examples:
-            FIXME:
         """
         hashes = []
         for filepath in filepaths:
@@ -321,7 +315,7 @@ class DomainIntelAsync(ServiceBaseAsync):
                 provider="whoisxml",
             )
         """
-        input = m.DomainWhoIsRequest(domain=domain, verbose=verbose, provider=provider, raw=raw)  # type: ignore[call-arg]
+        input = m.DomainWhoIsRequest(domain=domain, verbose=verbose, provider=provider, raw=raw)
         return await self.request.post("v1/whois", m.DomainWhoIsResult, data=input.model_dump(exclude_none=True))