synapse 2.176.0__py311-none-any.whl → 2.177.0__py311-none-any.whl

synapse/lib/storm.py

@@ -12,6 +12,7 @@ import synapse.telepath as s_telepath
 import synapse.datamodel as s_datamodel
 
 import synapse.lib.ast as s_ast
+import synapse.lib.auth as s_auth
 import synapse.lib.base as s_base
 import synapse.lib.chop as s_chop
 import synapse.lib.coro as s_coro
@@ -28,7 +29,6 @@ import synapse.lib.msgpack as s_msgpack
 import synapse.lib.spooled as s_spooled
 import synapse.lib.version as s_version
 import synapse.lib.hashitem as s_hashitem
-import synapse.lib.hiveauth as s_hiveauth
 import synapse.lib.stormctrl as s_stormctrl
 import synapse.lib.stormtypes as s_stormtypes
 
@@ -1066,7 +1066,7 @@ stormcmds = (
                 $lib.view.del($view.iden)
                 $lib.layer.del($layriden)
             } else {
-                $view.wipeLayer()
+                $view.swapLayer()
             }
             $lib.print("View merged: {iden}", iden=$cmdopts.iden)
         ''',
@@ -1831,7 +1831,7 @@ class Runtime(s_base.Base):
 
     '''
 
-    _admin_reason = s_hiveauth._allowedReason(True, isadmin=True)
+    _admin_reason = s_auth._allowedReason(True, isadmin=True)
     async def __anit__(self, query, snap, opts=None, user=None, root=None):
 
         await s_base.Base.__anit__(self)
@@ -3728,6 +3728,8 @@ class MergeCmd(Cmd):
         pars = Cmd.getArgParser(self)
         pars.add_argument('--apply', default=False, action='store_true',
                           help='Execute the merge changes.')
+        pars.add_argument('--wipe', default=False, action='store_true',
+                          help='Replace the top layer in the view with a fresh layer.')
         pars.add_argument('--no-tags', default=False, action='store_true',
                           help='Do not merge tags/tagprops or syn:tag nodes.')
         pars.add_argument('--only-tags', default=False, action='store_true',
@@ -3801,13 +3803,15 @@ class MergeCmd(Cmd):
         layr1 = runt.snap.view.layers[1].iden
 
         if not allows['forms'] and sode.get('valu') is not None:
-            runt.confirm(('node', 'del', node.form.name), gateiden=layr0)
+            if not self.opts.wipe:
+                runt.confirm(('node', 'del', node.form.name), gateiden=layr0)
             runt.confirm(('node', 'add', node.form.name), gateiden=layr1)
 
         if not allows['props']:
             for name in sode.get('props', {}).keys():
                 prop = node.form.prop(name)
-                runt.confirmPropDel(prop, layriden=layr0)
+                if not self.opts.wipe:
+                    runt.confirmPropDel(prop, layriden=layr0)
                 runt.confirmPropSet(prop, layriden=layr1)
 
         if not allows['tags']:
@@ -3818,7 +3822,8 @@ class MergeCmd(Cmd):
                 if valu != (None, None):
                     tagadds.append(tag)
                     tagperm = tuple(tag.split('.'))
-                    runt.confirm(('node', 'tag', 'del') + tagperm, gateiden=layr0)
+                    if not self.opts.wipe:
+                        runt.confirm(('node', 'tag', 'del') + tagperm, gateiden=layr0)
                     runt.confirm(('node', 'tag', 'add') + tagperm, gateiden=layr1)
                 else:
                     tags.append((len(tag), tag))
@@ -3830,22 +3835,26 @@ class MergeCmd(Cmd):
 
                 tagadds.append(tag)
                 tagperm = tuple(tag.split('.'))
-                runt.confirm(('node', 'tag', 'del') + tagperm, gateiden=layr0)
+                if not self.opts.wipe:
+                    runt.confirm(('node', 'tag', 'del') + tagperm, gateiden=layr0)
                 runt.confirm(('node', 'tag', 'add') + tagperm, gateiden=layr1)
 
             for tag in sode.get('tagprops', {}).keys():
                 tagperm = tuple(tag.split('.'))
-                runt.confirm(('node', 'tag', 'del') + tagperm, gateiden=layr0)
+                if not self.opts.wipe:
+                    runt.confirm(('node', 'tag', 'del') + tagperm, gateiden=layr0)
                 runt.confirm(('node', 'tag', 'add') + tagperm, gateiden=layr1)
 
         if not allows['ndata']:
             async for name in runt.snap.view.layers[0].iterNodeDataKeys(node.buid):
-                runt.confirm(('node', 'data', 'pop', name), gateiden=layr0)
+                if not self.opts.wipe:
+                    runt.confirm(('node', 'data', 'pop', name), gateiden=layr0)
                 runt.confirm(('node', 'data', 'set', name), gateiden=layr1)
 
         if not allows['edges']:
             async for verb in runt.snap.view.layers[0].iterNodeEdgeVerbsN1(node.buid):
-                runt.confirm(('node', 'edge', 'del', verb), gateiden=layr0)
+                if not self.opts.wipe:
+                    runt.confirm(('node', 'edge', 'del', verb), gateiden=layr0)
                 runt.confirm(('node', 'edge', 'add', verb), gateiden=layr1)
 
     async def execStormCmd(self, runt, genr):
@@ -3854,6 +3863,11 @@ class MergeCmd(Cmd):
             mesg = 'You may only merge nodes in forked views'
             raise s_exc.CantMergeView(mesg=mesg)
 
+        if self.opts.wipe:
+            mesg = 'merge --wipe requires view admin'
+            runt.reqAdmin(gateiden=runt.snap.view.iden, mesg=mesg)
+            runt.confirm(('layer', 'del'), gateiden=runt.snap.view.layers[0].iden)
+
         notags = self.opts.no_tags
         onlytags = self.opts.only_tags
         doapply = self.opts.apply
@@ -3867,18 +3881,27 @@ class MergeCmd(Cmd):
         doperms = doapply and not (runt.isAdmin(gateiden=layr0.iden) and runt.isAdmin(gateiden=layr1.iden))
 
         if doperms:
-            allows = {
-                'forms': runt.user.allowed(('node', 'del'), gateiden=layr0.iden, deepdeny=True) and
-                         runt.user.allowed(('node', 'add'), gateiden=layr1.iden, deepdeny=True),
-                'props': runt.user.allowed(('node', 'prop', 'del'), gateiden=layr0.iden, deepdeny=True) and
-                         runt.user.allowed(('node', 'prop', 'set'), gateiden=layr1.iden, deepdeny=True),
-                'tags': runt.user.allowed(('node', 'tag', 'del'), gateiden=layr0.iden, deepdeny=True) and
-                        runt.user.allowed(('node', 'tag', 'add'), gateiden=layr1.iden, deepdeny=True),
-                'ndata': runt.user.allowed(('node', 'data', 'pop'), gateiden=layr0.iden, deepdeny=True) and
-                         runt.user.allowed(('node', 'data', 'set'), gateiden=layr1.iden, deepdeny=True),
-                'edges': runt.user.allowed(('node', 'edge', 'del'), gateiden=layr0.iden, deepdeny=True) and
-                         runt.user.allowed(('node', 'edge', 'add'), gateiden=layr1.iden, deepdeny=True),
-            }
+            if not self.opts.wipe:
+                allows = {
+                    'forms': runt.user.allowed(('node', 'del'), gateiden=layr0.iden, deepdeny=True) and
+                             runt.user.allowed(('node', 'add'), gateiden=layr1.iden, deepdeny=True),
+                    'props': runt.user.allowed(('node', 'prop', 'del'), gateiden=layr0.iden, deepdeny=True) and
+                             runt.user.allowed(('node', 'prop', 'set'), gateiden=layr1.iden, deepdeny=True),
+                    'tags': runt.user.allowed(('node', 'tag', 'del'), gateiden=layr0.iden, deepdeny=True) and
+                            runt.user.allowed(('node', 'tag', 'add'), gateiden=layr1.iden, deepdeny=True),
+                    'ndata': runt.user.allowed(('node', 'data', 'pop'), gateiden=layr0.iden, deepdeny=True) and
+                             runt.user.allowed(('node', 'data', 'set'), gateiden=layr1.iden, deepdeny=True),
+                    'edges': runt.user.allowed(('node', 'edge', 'del'), gateiden=layr0.iden, deepdeny=True) and
+                             runt.user.allowed(('node', 'edge', 'add'), gateiden=layr1.iden, deepdeny=True),
+                }
+            else:
+                allows = {
+                    'forms': runt.user.allowed(('node', 'add'), gateiden=layr1.iden, deepdeny=True),
+                    'props': runt.user.allowed(('node', 'prop', 'set'), gateiden=layr1.iden, deepdeny=True),
+                    'tags': runt.user.allowed(('node', 'tag', 'add'), gateiden=layr1.iden, deepdeny=True),
+                    'ndata': runt.user.allowed(('node', 'data', 'set'), gateiden=layr1.iden, deepdeny=True),
+                    'edges': runt.user.allowed(('node', 'edge', 'add'), gateiden=layr1.iden, deepdeny=True),
+                }
 
             doperms = not all(allows.values())
 
@@ -3966,7 +3989,8 @@ class MergeCmd(Cmd):
                             if name == '.created':
                                 if doapply:
                                     protonode.props['.created'] = valu
-                                    subs.append((s_layer.EDIT_PROP_DEL, (name, valu, stortype), ()))
+                                    if not self.opts.wipe:
+                                        subs.append((s_layer.EDIT_PROP_DEL, (name, valu, stortype), ()))
                                 continue
 
                             isset = False
@@ -3990,7 +4014,8 @@ class MergeCmd(Cmd):
                             await runt.printf(f'{nodeiden} {form}:{name} = {valurepr}')
                         else:
                             await protonode.set(name, valu)
-                            subs.append((s_layer.EDIT_PROP_DEL, (name, valu, stortype), ()))
+                            if not self.opts.wipe:
+                                subs.append((s_layer.EDIT_PROP_DEL, (name, valu, stortype), ()))
 
                 if doapply and protonode is None:
                     protonode = await editor.addNode(form, node.ndef[1], norminfo={})
@@ -4009,7 +4034,8 @@ class MergeCmd(Cmd):
                             await runt.printf(f'{nodeiden} {form}#{tag}{valurepr}')
                         else:
                             await protonode.addTag(tag, valu)
-                            subs.append((s_layer.EDIT_TAG_DEL, (tag, valu), ()))
+                            if not self.opts.wipe:
+                                subs.append((s_layer.EDIT_TAG_DEL, (tag, valu), ()))
 
                     for tag, tagdict in sode.get('tagprops', {}).items():
 
@@ -4022,7 +4048,8 @@ class MergeCmd(Cmd):
                                 await runt.printf(f'{nodeiden} {form}#{tag}:{prop} = {valurepr}')
                             else:
                                 await protonode.setTagProp(tag, prop, valu)
-                                subs.append((s_layer.EDIT_TAGPROP_DEL, (tag, prop, valu, stortype), ()))
+                                if not self.opts.wipe:
+                                    subs.append((s_layer.EDIT_TAGPROP_DEL, (tag, prop, valu, stortype), ()))
 
                 if not onlytags or form == 'syn:tag':
 
@@ -4032,7 +4059,8 @@ class MergeCmd(Cmd):
                             await runt.printf(f'{nodeiden} {form} DATA {name} = {valurepr}')
                         else:
                             await protonode.setData(name, valu)
-                            subs.append((s_layer.EDIT_NODEDATA_DEL, (name, valu), ()))
+                            if not self.opts.wipe:
+                                subs.append((s_layer.EDIT_NODEDATA_DEL, (name, valu), ()))
 
                     async for edge in s_coro.pause(layr0.iterNodeEdgesN1(node.buid)):
                         name, dest = edge
@@ -4040,9 +4068,10 @@ class MergeCmd(Cmd):
                             await runt.printf(f'{nodeiden} {form} +({name})> {dest}')
                         else:
                             await protonode.addEdge(name, dest)
-                            subs.append((s_layer.EDIT_EDGE_DEL, edge, ()))
+                            if not self.opts.wipe:
+                                subs.append((s_layer.EDIT_EDGE_DEL, edge, ()))
 
-                if delnode:
+                if delnode and not self.opts.wipe:
                     subs.append((s_layer.EDIT_NODE_DEL, valu, ()))
 
                 if doapply:
@@ -4057,6 +4086,9 @@ class MergeCmd(Cmd):
                 runt.snap.clearCachedNode(node.buid)
                 yield await runt.snap.getNodeByBuid(node.buid), path
 
+            if doapply and self.opts.wipe:
+                await runt.snap.view.swapLayer()
+
 class MoveNodesCmd(Cmd):
     '''
     Move storage nodes between layers.

synapse/lib/stormlib/aha.py

@@ -486,7 +486,7 @@ The ready column indicates that a service has entered into the realtime change w
                     if $svcinfo.online {
                         $nexusOffset = $_getNexus($name)
                     } else {
-                        $nexusOffset = 'Service is not online. Will not attempt to retrieve its nexus offset.'
+                        $nexusOffset = '<offline>'
                     }
                 }
                 $name=$name.ljust(45)

synapse/lib/stormlib/auth.py

@@ -633,7 +633,7 @@ class UserProfile(s_stormtypes.Prim):
     async def deref(self, name):
         name = await s_stormtypes.tostr(name)
         self.runt.confirm(('auth', 'user', 'get', 'profile', name))
-        return copy.deepcopy(await self.runt.snap.core.getUserProfInfo(self.valu, name))
+        return await self.runt.snap.core.getUserProfInfo(self.valu, name)
 
     async def setitem(self, name, valu):
         name = await s_stormtypes.tostr(name)
@@ -654,7 +654,7 @@ class UserProfile(s_stormtypes.Prim):
 
     async def value(self):
         self.runt.confirm(('auth', 'user', 'get', 'profile'))
-        return copy.deepcopy(await self.runt.snap.core.getUserProfile(self.valu))
+        return await self.runt.snap.core.getUserProfile(self.valu)
 
 @s_stormtypes.registry.registerType
 class UserJson(s_stormtypes.Prim):
@@ -807,7 +807,7 @@ class UserVars(s_stormtypes.Prim):
 
     async def deref(self, name):
         name = await s_stormtypes.tostr(name)
-        return copy.deepcopy(await self.runt.snap.core.getUserVarValu(self.valu, name))
+        return await self.runt.snap.core.getUserVarValu(self.valu, name)
 
     async def setitem(self, name, valu):
         name = await s_stormtypes.tostr(name)
@@ -821,7 +821,7 @@ class UserVars(s_stormtypes.Prim):
 
     async def iter(self):
         async for name, valu in self.runt.snap.core.iterUserVars(self.valu):
-            yield name, copy.deepcopy(valu)
+            yield name, valu
             await asyncio.sleep(0)
 
 @s_stormtypes.registry.registerType
@@ -1596,6 +1596,181 @@ class LibAuth(s_stormtypes.Lib):
         perm = await s_stormtypes.toprim(perm)
         return self.runt.snap.core.getPermDef(perm)
 
+@s_stormtypes.registry.registerType
+class StormUserVarsDict(s_stormtypes.Prim):
+    '''
+    A Storm Primitive that maps the HiveDict interface to a user vars dictionary.
+    '''
+    _storm_locals = (
+        {'name': 'get', 'desc': 'Get the value for a user var.',
+         'type': {'type': 'function', '_funcname': '_get',
+                  'args': (
+                      {'name': 'name', 'type': 'str', 'desc': 'The name of the var.', },
+                      {'name': 'default', 'type': 'prim', 'default': None,
+                       'desc': 'The default value to return if not set.', },
+                  ),
+                  'returns': {'type': 'prim', 'desc': 'The requested value.', }}},
+        {'name': 'pop', 'desc': 'Remove a user var value.',
+         'type': {'type': 'function', '_funcname': '_pop',
+                  'args': (
+                      {'name': 'name', 'type': 'str', 'desc': 'The name of the var.', },
+                      {'name': 'default', 'type': 'prim', 'default': None,
+                       'desc': 'The default value to return if not set.', },
+                  ),
+                  'returns': {'type': 'prim', 'desc': 'The requested value.', }}},
+        {'name': 'set', 'desc': 'Set a user var value.',
+         'type': {'type': 'function', '_funcname': '_set',
+                  'args': (
+                      {'name': 'name', 'type': 'str', 'desc': 'The name of the var to set.', },
+                      {'name': 'valu', 'type': 'prim', 'desc': 'The value to store.', },
+                  ),
+                  'returns': {'type': ['null', 'prim'],
+                              'desc': 'Old value of the var if it was previously set, or none.', }}},
+        {'name': 'list', 'desc': 'List the vars and their values.',
+         'type': {'type': 'function', '_funcname': '_list',
+                  'returns': {'type': 'list', 'desc': 'A list of tuples containing var, value pairs.', }}},
+    )
+    _storm_typename = 'user:vars:dict'
+    _ismutable = True
+
+    def __init__(self, runt, valu, path=None):
+        s_stormtypes.Prim.__init__(self, valu, path=path)
+        self.runt = runt
+        self.locls.update(self.getObjLocals())
+
+    def getObjLocals(self):
+        return {
+            'get': self._get,
+            'pop': self._pop,
+            'set': self._set,
+            'list': self._list,
+        }
+
+    @s_stormtypes.stormfunc(readonly=True)
+    async def _get(self, name, default=None):
+        name = await s_stormtypes.tostr(name)
+        return await self.runt.snap.core.getUserVarValu(self.valu, name, default=default)
+
+    async def _pop(self, name, default=None):
+        name = await s_stormtypes.tostr(name)
+        return await self.runt.snap.core.popUserVarValu(self.valu, name, default=default)
+
+    async def _set(self, name, valu):
+        if not isinstance(name, str):
+            mesg = 'The name of a variable must be a string.'
+            raise s_exc.StormRuntimeError(mesg=mesg, name=name)
+
+        name = await s_stormtypes.tostr(name)
+        oldv = await self.runt.snap.core.getUserVarValu(self.valu, name)
+
+        valu = await s_stormtypes.toprim(valu)
+
+        await self.runt.snap.core.setUserVarValu(self.valu, name, valu)
+        return oldv
+
+    @s_stormtypes.stormfunc(readonly=True)
+    async def _list(self):
+        valu = await self.value()
+        return list(valu.items())
+
+    async def iter(self):
+        async for name, valu in self.runt.snap.core.iterUserVars(self.valu):
+            yield name, valu
+            await asyncio.sleep(0)
+
+    async def value(self):
+        varz = {}
+        async for key, valu in self.runt.snap.core.iterUserVars(self.valu):
+            varz[key] = valu
+            await asyncio.sleep(0)
+
+        return varz
+
+@s_stormtypes.registry.registerType
+class StormUserProfileDict(s_stormtypes.Prim):
+    '''
+    A Storm Primitive that maps the HiveDict interface to a user profile dictionary.
+    '''
+    _storm_locals = (
+        {'name': 'get', 'desc': 'Get a user profile value.',
+         'type': {'type': 'function', '_funcname': '_get',
+                  'args': (
+                      {'name': 'name', 'type': 'str', 'desc': 'The name of the user profile value.', },
+                      {'name': 'default', 'type': 'prim', 'default': None,
+                       'desc': 'The default value to return if not set.', },
+                  ),
+                  'returns': {'type': 'prim', 'desc': 'The requested value.', }}},
+        {'name': 'pop', 'desc': 'Remove a user profile value.',
+         'type': {'type': 'function', '_funcname': '_pop',
+                  'args': (
+                      {'name': 'name', 'type': 'str', 'desc': 'The name of the user profile value.', },
+                      {'name': 'default', 'type': 'prim', 'default': None,
+                       'desc': 'The default value to return if not set.', },
+                  ),
+                  'returns': {'type': 'prim', 'desc': 'The requested value.', }}},
+        {'name': 'set', 'desc': 'Set a user profile value.',
+         'type': {'type': 'function', '_funcname': '_set',
+                  'args': (
+                      {'name': 'name', 'type': 'str', 'desc': 'The name of the user profile value to set.', },
+                      {'name': 'valu', 'type': 'prim', 'desc': 'The value to store.', },
+                  ),
+                  'returns': {'type': ['null', 'prim'],
+                              'desc': 'Old value if it was previously set, or none.', }}},
+        {'name': 'list', 'desc': 'List the user profile vars and their values.',
+         'type': {'type': 'function', '_funcname': '_list',
+                  'returns': {'type': 'list', 'desc': 'A list of tuples containing var, value pairs.', }}},
+    )
+    _storm_typename = 'user:profile:dict'
+    _ismutable = True
+
+    def __init__(self, runt, valu, path=None):
+        s_stormtypes.Prim.__init__(self, valu, path=path)
+        self.runt = runt
+        self.locls.update(self.getObjLocals())
+
+    def getObjLocals(self):
+        return {
+            'get': self._get,
+            'pop': self._pop,
+            'set': self._set,
+            'list': self._list,
+        }
+
+    @s_stormtypes.stormfunc(readonly=True)
+    async def _get(self, name, default=None):
+        name = await s_stormtypes.tostr(name)
+        return await self.runt.snap.core.getUserProfInfo(self.valu, name, default=default)
+
+    async def _pop(self, name, default=None):
+        name = await s_stormtypes.tostr(name)
+        return await self.runt.snap.core.popUserProfInfo(self.valu, name, default=default)
+
+    async def _set(self, name, valu):
+        if not isinstance(name, str):
+            mesg = 'The name of a variable must be a string.'
+            raise s_exc.StormRuntimeError(mesg=mesg, name=name)
+
+        name = await s_stormtypes.tostr(name)
+        oldv = await self.runt.snap.core.getUserProfInfo(self.valu, name)
+
+        valu = await s_stormtypes.toprim(valu)
+
+        await self.runt.snap.core.setUserProfInfo(self.valu, name, valu)
+        return oldv
+
+    @s_stormtypes.stormfunc(readonly=True)
+    async def _list(self):
+        valu = await self.value()
+        return list(valu.items())
+
+    async def iter(self):
+        async for name, valu in self.runt.snap.core.iterUserProfInfo(self.valu):
+            yield name, valu
+            await asyncio.sleep(0)
+
+    async def value(self):
+        return await self.runt.snap.core.getUserProfile(self.valu)
+
 @s_stormtypes.registry.registerLib
 class LibUser(s_stormtypes.Lib):
     '''
@@ -1614,10 +1789,10 @@ class LibUser(s_stormtypes.Lib):
                   ),
                   'returns': {'type': 'boolean',
                               'desc': 'True if the user has the requested permission, false otherwise.', }}},
-        {'name': 'vars', 'desc': "Get a Hive dictionary representing the current user's persistent variables.",
-         'type': 'hive:dict', },
-        {'name': 'profile', 'desc': "Get a Hive dictionary representing the current user's profile information.",
-         'type': 'hive:dict', },
+        {'name': 'vars', 'desc': "Get a dictionary representing the current user's persistent variables.",
+         'type': 'auth:user:vars', },
+        {'name': 'profile', 'desc': "Get a dictionary representing the current user's profile information.",
+         'type': 'auth:user:profile', },
         {'name': 'iden', 'desc': 'The user GUID for the current storm user.', 'type': 'str'},
     )
     _storm_lib_path = ('user', )
@@ -1632,9 +1807,9 @@ class LibUser(s_stormtypes.Lib):
     def addLibFuncs(self):
         super().addLibFuncs()
         self.locls.update({
-            'vars': s_stormtypes.StormHiveDict(self.runt, self.runt.user.vars),
+            'vars': StormUserVarsDict(self.runt, self.runt.user.iden),
             'json': UserJson(self.runt, self.runt.user.iden),
-            'profile': s_stormtypes.StormHiveDict(self.runt, self.runt.user.profile),
+            'profile': StormUserProfileDict(self.runt, self.runt.user.iden),
         })
 
     @s_stormtypes.stormfunc(readonly=True)

synapse/lib/stormlib/cortex.py

@@ -20,8 +20,21 @@ stormcmds = [
         'storm': '''
         $apis = $lib.cortex.httpapi.list()
         if $apis {
-            $header = 'order iden                             owner                auth  runas  path'
-            $lib.print($header)
+            $config = (({
+                "separators": {
+                    'data:row': ''
+                },
+                "columns": [
+                    {'name': 'order', 'width': 5},
+                    {'name': 'iden', 'width': 32},
+                    {'name': 'owner', 'width': 20},
+                    {'name': 'auth', 'width': 5},
+                    {'name': 'runas', 'width': 6},
+                    {'name': 'path'},
+                ]
+            }))
+            $printer = $lib.tabular.printer($config)
+            $lib.print($printer.header())
             for ($n, $api) in $lib.iters.enum($apis) {
                 try {
                     $user = $api.owner.name
@@ -29,9 +42,7 @@ stormcmds = [
                     $user = `No user found ({$err.info.user})`
                 }
                 $auth = `{$api.authenticated}`
-                $order = `{$n}`
-                $mesg=`{$order.ljust(5)} {$api.iden} {$user.ljust(20)} {$auth.ljust(5)} {$api.runas.ljust(6)} {$api.path}`
-                $lib.print($mesg)
+                $lib.print($printer.row(($n, $api.iden, $user, $auth, $api.runas, $api.path)))
             }
         } else {
             $lib.print('No Extended HTTP API endpoints are registered.')

synapse/lib/stormlib/gen.py

@@ -136,6 +136,34 @@ class LibGen(s_stormtypes.Lib):
                       {'name': 'name', 'type': 'str', 'desc': 'The name of the place.'},
                   ),
                   'returns': {'type': 'node', 'desc': 'A geo:place node with the given name.'}}},
+        {'name': 'fileBytesBySha256',
+         'desc': 'Returns a file:bytes node by SHA256, adding the node if it does not exist.',
+         'type': {'type': 'function', '_funcname': '_storm_query',
+                  'args': (
+                      {'name': 'sha256', 'type': ['str', 'hash:sha256'], 'desc': 'The SHA256 fingerprint for the file:bytes node.'},
+                      {'name': 'try', 'type': 'boolean', 'default': False,
+                       'desc': 'Type normalization will fail silently instead of raising an exception.'},
+                  ),
+                  'returns': {'type': 'node', 'desc': 'A file:bytes node with the given SHA256.'}}},
+        {'name': 'cryptoX509CertBySha256',
+         'desc': 'Returns a crypto:x509:cert node by SHA256, adding the node if it does not exist.',
+         'type': {'type': 'function', '_funcname': '_storm_query',
+                  'args': (
+                      {'name': 'sha256', 'type': ['str', 'hash:sha256'], 'desc': 'The SHA256 fingerprint for the certificate.'},
+                      {'name': 'try', 'type': 'boolean', 'default': False,
+                       'desc': 'Type normalization will fail silently instead of raising an exception.'},
+                  ),
+                  'returns': {'type': 'node', 'desc': 'A crypto:x509:cert node with the given SHA256.'}}},
+        {'name': 'inetTlsServerCertByServerAndSha256',
+         'desc': 'Returns an inet:tls:servercert node by server and SHA256, adding the node if it does not exist.',
+         'type': {'type': 'function', '_funcname': '_storm_query',
+                  'args': (
+                      {'name': 'server', 'type': ['str', 'inet:server'], 'desc': 'The server associated with the x509 certificate.'},
+                      {'name': 'sha256', 'type': ['str', 'hash:sha256'], 'desc': 'The SHA256 fingerprint for the certificate.'},
+                      {'name': 'try', 'type': 'boolean', 'default': False,
+                       'desc': 'Type normalization will fail silently instead of raising an exception.'},
+                  ),
+                  'returns': {'type': 'node', 'desc': 'An inet:tls:servercert node with the given server and SHA256.'}}},
     )
     _storm_lib_path = ('gen',)
 
@@ -425,6 +453,58 @@ class LibGen(s_stormtypes.Lib):
             [ geo:place=(gen, name, $geoname) :name=$geoname ]
             return($node)
         }
+
+        function fileBytesBySha256(sha256, try=$lib.false) {
+            ($ok, $sha256) = $__maybeCast($try, hash:sha256, $sha256)
+            if (not $ok) { return() }
+
+            file:bytes=$sha256
+            return($node)
+
+            file:bytes:sha256=$sha256
+            return($node)
+
+            [ file:bytes=$sha256 ]
+            return($node)
+        }
+
+        function cryptoX509CertBySha256(sha256, try=$lib.false) {
+            ($ok, $sha256) = $__maybeCast($try, hash:sha256, $sha256)
+            if (not $ok) { return() }
+
+            $guid = $lib.guid(valu=$sha256)
+
+            // Try to lift crypto:x509:cert by guid
+            crypto:x509:cert=$guid
+            return($node)
+
+            // Try to lift crypto:x509:cert by sha256
+            crypto:x509:cert:sha256=$sha256
+            return($node)
+
+            // Try to lift crypto:x509:cert by file
+            file:bytes:sha256=$sha256 -> crypto:x509:cert:file
+            { -:sha256 [ :sha256 = $sha256 ] }
+            return($node)
+
+            // Create a new crypto:x509:cert with file and sha256
+            [ crypto:x509:cert=$guid
+                :file = $fileBytesBySha256($sha256)
+                :sha256 = $sha256
+            ]
+            return($node)
+        }
+
+        function inetTlsServerCertByServerAndSha256(server, sha256, try=$lib.false) {
+            ($ok, $server) = $__maybeCast($try, inet:server, $server)
+            if (not $ok) { return() }
+
+            $crypto = $cryptoX509CertBySha256($sha256, try=$try)
+            if (not $crypto) { return() }
+
+            [ inet:tls:servercert=($server, $crypto) ]
+            return($node)
+        }
     '''
 
 stormcmds = (