tai-api 0.2.2__tar.gz → 0.2.4__tar.gz

{tai_api-0.2.2 → tai_api-0.2.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: tai-api
-Version: 0.2.2
+Version: 0.2.4
 Summary: 
 License-File: LICENSE
 Author: MateoSaezMata
@@ -20,8 +20,8 @@ Requires-Dist: jinja2 (>=3.1.0,<4.0.0)
 Requires-Dist: pydantic (>=2.0.0,<3.0.0)
 Requires-Dist: python-jose (>=3.5.0,<4.0.0)
 Requires-Dist: tai-alphi (>=1.0.4,<2.0.0)
-Requires-Dist: tai-keycloak (>=0.1.13,<0.2.0)
-Requires-Dist: tai-sql (>=0.3.45,<0.4.0)
+Requires-Dist: tai-keycloak (>=0.1.14,<0.2.0)
+Requires-Dist: tai-sql (>=0.3.48,<0.4.0)
 Requires-Dist: uvicorn[standard] (>=0.30.0,<0.31.0)
 Description-Content-Type: text/markdown
 

{tai_api-0.2.2 → tai_api-0.2.4}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "tai-api"
-version = "0.2.2"
+version = "0.2.4"
 description = ""
 authors = ["MateoSaezMata <msaez@triplealpha.in>"]
 readme = "README.md"
@@ -8,7 +8,7 @@ readme = "README.md"
 [tool.poetry.dependencies]
 python = "^3.10"
 fastapi = {extras = ["standard"], version = "^0.116.1"}
-tai-sql = "^0.3.45"
+tai-sql = "^0.3.48"
 jinja2 = "^3.1.0"
 pydantic = "^2.0.0"
 uvicorn = {extras = ["standard"], version = "^0.30.0"}
@@ -16,7 +16,7 @@ tai-alphi = "^1.0.4"
 asyncpg = "^0.30.0"
 python-jose = "^3.5.0"
 fastapi-mcp = "^0.4.0"
-tai-keycloak = "^0.1.13"
+tai-keycloak = "^0.1.14"
 click = "^8.3.0"
 
 [tool.poetry.scripts]

{tai_api-0.2.2 → tai_api-0.2.4}/tai_api/cli/commands/cmd_auth/main.py

@@ -48,18 +48,18 @@ def set_auth():
         else:
             click.echo("❌ Opción no válida. Por favor selecciona 1 o 2.")
     
-    # Verificar configuración de tai-sql
-    sqlconfig = sqlpm.get_project_config()
-    if not sqlconfig:
-        click.echo("❌ No se encontró la configuración de tai-sql.", err=True)
-        click.echo("   Asegúrate de haber inicializado el proyecto con tai-sql init.", err=True)
-        sys.exit(1)
-    
-    # Establecer esquema por defecto si existe
-    if sqlpm.config.default_schema:
-        sqlpm.set_current_schema(sqlconfig.default_schema)
-    
     if auth_type == "database":
+
+        # Verificar configuración de tai-sql
+        sqlconfig = sqlpm.get_project_config()
+        if not sqlconfig:
+            click.echo("❌ No se encontró la configuración de tai-sql.", err=True)
+            click.echo("   Asegúrate de haber inicializado el proyecto con tai-sql init.", err=True)
+            sys.exit(1)
+        
+        # Establecer esquema por defecto si existe
+        if sqlpm.config.default_schema:
+            sqlpm.set_current_schema(sqlconfig.default_schema)
         
         # Verificar que existe información de la base de datos
         if not sqlpm.db or not sqlpm.db.tables:
@@ -135,6 +135,14 @@ def set_auth():
             sys.exit(1)
 
         if pm.config.has_routers:
+
+            # Verificar configuración de tai-sql
+            sqlconfig = sqlpm.get_project_config()
+            if not sqlconfig:
+                click.echo("❌ No se encontró la configuración de tai-sql.", err=True)
+                click.echo("   Asegúrate de haber inicializado el proyecto con tai-sql init.", err=True)
+                sys.exit(1)
+
             for schema_name in sqlpm.discover_schemas():
                 sqlpm.set_current_schema(schema_name)
                 click.echo(f"Ejecutando: {click.style(RoutersGenerator.__name__, bold=True)}")

{tai_api-0.2.2 → tai_api-0.2.4}/tai_api/cli/commands/cmd_init/resources/__init__.py

@@ -30,11 +30,6 @@ from .responses import (
     PaginatedResponse
 )
 
-from .decorators import (
-    document_api_response,
-    document_paginated_response
-)
-
 from .handlers import setup_exception_handlers
 
 from .mcp import set_mcp
@@ -46,11 +41,7 @@ __all__ = [
     "PaginationMeta",
     "APIResponse",
     "PaginatedResponse",
-    
-    # Decoradores de documentación
-    "document_api_response",
-    "document_paginated_response",
-    
+
     # Excepciones
     "APIException",
     "ErrorCode", 

{tai_api-0.2.2 → tai_api-0.2.4}/tai_api/cli/commands/cmd_init/resources/handlers.py

@@ -73,7 +73,8 @@ async def insufficient_permissions_handler(request: Request, exc: UnAuthorizedEx
 
     api_error = APIError(
         code=ErrorCode.INSUFFICIENT_PERMISSIONS,
-        message="Permisos insuficientes para acceder al recurso"
+        message=exc.message,
+        details=exc.details
     )
     
     response = APIResponse.error(api_error)

{tai_api-0.2.2 → tai_api-0.2.4}/tai_api/generators/auth/keycloak.py

@@ -87,8 +87,8 @@ class AuthKeycloakGenerator:
         context = {
             'project_name': pm.config.name,
             'resources_import_path': pm.config.resources_import_path,
-            'crud_import_path': pm.config.crud_import_path,
         }
+        
         login_content = login_template.render(**context)
         keycloak_content = keycloak_template.render(**context)
 

{tai_api-0.2.2 → tai_api-0.2.4}/tai_api/generators/auth/templates/kc/dependencies.py.j2

@@ -74,8 +74,12 @@ def requires_permissions(action: Literal['admin', 'read', 'write', 'update', 'de
         token: Annotated[AccessToken, Depends(validate_token)]
     ) -> AccessToken:
 
-        # Construir el permiso requerido en formato recurso:acción
-        required_perm = f"{resource}:{action}"
+        # Resolver el permiso 'sudo'
+        if 'sudo' in token.api_roles:
+            return token
+
+        # Construir el permiso requerido en formato recurso-acción
+        required_perm = f"{resource}-{action}"
 
         # Validar que el token tenga el permiso requerido
         if required_perm not in token.api_roles:

{tai_api-0.2.2 → tai_api-0.2.4}/tai_api/generators/auth/templates/kc/keycloak_router.py.j2

@@ -4,14 +4,13 @@ Generado automáticamente por tai-api set-auth
 
 Este módulo contiene endpoints para la gestión de usuarios en Keycloak.
 """
-from tai_keycloak import User
+from tai_keycloak import User, Group, RLSAttribute
 from fastapi import APIRouter, Depends
 from typing import List
 from api.resources import APIResponse, PaginatedResponse
-from {{ crud_import_path }} import *
 
 from .dependencies import requires_permissions
-from .utils import raise_if_exception, KeycloakDep, RLSAttribute
+from .utils import raise_if_exception, KeycloakDep
 
 kc_router = APIRouter(tags=["Keycloak"], dependencies=[Depends(requires_permissions('admin', 'keycloak'))])
 
@@ -56,7 +55,7 @@ async def list_users(
         message=f"Usuarios obtenidos exitosamente"
     )
 
-@kc_router.get("/role", response_model=APIResponse[List[User]])
+@kc_router.get("/role", response_model=APIResponse[List[Group]])
 async def list_roles(
     kc: KeycloakDep
 ):
@@ -83,17 +82,17 @@ async def get_user(
         message="Usuario obtenido exitosamente"
     )
 
-@kc_router.patch("/user", response_model=APIResponse[User])
+@kc_router.patch("/user/{username}", response_model=APIResponse[User])
 async def update_user(
+    username: str,
     user: User,
     kc: KeycloakDep
 ):
     """
-    Actualizar detalles del usuario
-    NOTA: El objeto user debe incluir el username.
+    Actualizar atributos de un usuario en Keycloak
     """
 
-    result = raise_if_exception(await kc.user.update(user))
+    result = raise_if_exception(await kc.user.update(username, user))
 
     return APIResponse.success(
         data=result.data,
@@ -153,29 +152,23 @@ async def remove_role_from_user(
 # ============ Endpoints de Atributos RLS (Row Level Security) ============
 # Métodos disponibles: add_attribute, remove_attribute
 
-@kc_router.post("/user/{username}/rls", response_model=APIResponse[bool])
-async def add_rls_condition(
+@kc_router.put("/user/{username}/rls", response_model=APIResponse[bool])
+async def set_rls(
     username: str,
-    rls_attribute: RLSAttribute,
+    rls_attributes: List[RLSAttribute],
     kc: KeycloakDep
 ):
     """Definir el RLS para un usuario para seguridad a nivel de fila"""
 
-    raise_if_exception(await kc.user.add_attribute(username, f'rls.{rls_attribute.table}.{rls_attribute.field}', rls_attribute.values))
+    raise_if_exception(await kc.user.set_attributes(username, rls_attributes))
 
     return APIResponse.success(
         data=True,
-        message="Atributo RLS agregado exitosamente",
-        meta={
-            "username": username,
-            "table": rls_attribute.table,
-            "field": rls_attribute.field,
-            "values": rls_attribute.values,
-        }
+        message="Atributos RLS agregado exitosamente"
     )
 
 @kc_router.get("/user/{username}/rls", response_model=APIResponse[List[RLSAttribute]])
-async def get_current_rls_conditions(
+async def get_rls(
     username: str,
     kc: KeycloakDep
 ):
@@ -186,35 +179,9 @@ async def get_current_rls_conditions(
 
     raise_if_exception(result)
 
-    current_rls = []
-
-    for rls, values in result.data.attributes.items():
-        _, table, field = rls.split('.', 2)
-        current_rls.append(RLSAttribute(table=table, field=field, values=values))
-
     return APIResponse.success(
-        data=current_rls,
+        data=result.data.attributes,
         message="Atributos RLS obtenidos exitosamente",
         meta={"username": username}
     )
 
-@kc_router.delete("/user/{username}/rls", response_model=APIResponse[bool])
-async def delete_rls_condition(
-    username: str,
-    rls_attribute: RLSAttribute,
-    kc: KeycloakDep
-):
-    """Eliminar valores de atributos RLS de un usuario"""
-
-    raise_if_exception(await kc.user.remove_attribute(username, f'rls.{rls_attribute.table}.{rls_attribute.field}', rls_attribute.values))
-
-    return APIResponse.success(
-        data=True,
-        message="Atributo RLS eliminado exitosamente",
-        meta={
-            "username": username,
-            "table": rls_attribute.table,
-            "field": rls_attribute.field,
-            "values": rls_attribute.values,
-        }
-    )

{tai_api-0.2.2 → tai_api-0.2.4}/tai_api/generators/auth/templates/kc/utils.py.j2

@@ -12,12 +12,6 @@ from typing import List
 from tai_keycloak.service.dtos import OperationResult
 from api.resources import APIException, ErrorCode
 
-class RLSAttribute(BaseModel):
-    table: str
-    field: str
-    values: str | List[str]
-
-
 class LoginRequest(BaseModel):
     """Modelo para solicitud de login"""
     username: str

{tai_api-0.2.2 → tai_api-0.2.4}/tai_api/generators/routers/templates/router_template.py.j2

@@ -151,13 +151,26 @@ async def {{ model.tablename }}_find_many(
     {% endfor %}
     {% endif %}
     """
+    {% if with_keycloak %}
+    rls = [
+        RLS(
+            target_model=sqlalchemy_table_mapper.get(table),
+            target_column=col_name,
+            values=values
+        ) for table, conditions in (token.rls or {}).items()
+        for col_name, values in conditions.items()
+    ]
+    {% endif %}
+
     result = await api.{{ model.tablename }}.find_many(
         limit=limit,
         offset=offset,
         order_by=order_by,
         order=order,
         {{ macros.asing_parameters(model).rstrip('\n') | indent(8) }}
-        includes=includes
+        includes=includes,
+        {% if with_keycloak %}        rls=rls or None{% endif %}
+        
     )
     
     # Obtener el total para metadatos de paginación si es necesario
@@ -338,12 +351,25 @@ async def {{ model.tablename }}_find(
         raise ValidationException("{{ column.name }} debe ser mayor a 0", "{{ column.name }}")
     {% endif %}
     {% endfor %}
+
+    {% if with_keycloak %}
+    rls = [
+        RLS(
+            target_model=sqlalchemy_table_mapper.get(table),
+            target_column=col_name,
+            values=values
+        ) for table, conditions in (token.rls or {}).items()
+        for col_name, values in conditions.items()
+    ]
+    {% endif %}
     
     result = await api.{{ model.tablename }}.find(
         {% for column in model.columns if column.args.get('primary_key', False) %}
         {{ column.name }}={{ column.name }},
         {% endfor %}
-        includes=includes
+        includes=includes,
+        {% if with_keycloak %}        rls=rls or None{% endif %}
+
     )
     
     if result is None: