zenml-nightly 0.75.0.dev20250312__py3-none-any.whl → 0.75.0.dev20250313__py3-none-any.whl

zenml/zen_server/routers/models_endpoints.py

@@ -13,38 +13,36 @@
 #  permissions and limitations under the License.
 """Endpoint definitions for models."""
 
-from typing import Union
+from typing import Optional, Union
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, Security
 
 from zenml.constants import (
     API,
-    MODEL_VERSIONS,
     MODELS,
     VERSION_1,
 )
 from zenml.models import (
     ModelFilter,
+    ModelRequest,
     ModelResponse,
     ModelUpdate,
-    ModelVersionFilter,
-    ModelVersionResponse,
     Page,
 )
 from zenml.zen_server.auth import AuthContext, authorize
 from zenml.zen_server.exceptions import error_response
 from zenml.zen_server.feature_gate.endpoint_utils import report_decrement
 from zenml.zen_server.rbac.endpoint_utils import (
+    verify_permissions_and_create_entity,
     verify_permissions_and_delete_entity,
     verify_permissions_and_get_entity,
     verify_permissions_and_list_entities,
     verify_permissions_and_update_entity,
 )
 from zenml.zen_server.rbac.models import ResourceType
-from zenml.zen_server.rbac.utils import (
-    dehydrate_page,
-    get_allowed_resource_ids,
+from zenml.zen_server.routers.workspaces_endpoints import (
+    router as workspace_router,
 )
 from zenml.zen_server.utils import (
     handle_exceptions,
@@ -64,9 +62,45 @@ router = APIRouter(
 )
 
 
+@router.post(
+    "",
+    responses={401: error_response, 409: error_response, 422: error_response},
+)
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.post(
+    "/{workspace_name_or_id}" + MODELS,
+    responses={401: error_response, 409: error_response, 422: error_response},
+    deprecated=True,
+    tags=["models"],
+)
+@handle_exceptions
+def create_model(
+    model: ModelRequest,
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
+    _: AuthContext = Security(authorize),
+) -> ModelResponse:
+    """Creates a model.
+
+    Args:
+        model: Model to create.
+        workspace_name_or_id: Optional name or ID of the workspace.
+
+    Returns:
+        The created model.
+    """
+    if workspace_name_or_id:
+        workspace = zen_store().get_workspace(workspace_name_or_id)
+        model.workspace = workspace.id
+
+    return verify_permissions_and_create_entity(
+        request_model=model,
+        create_method=zen_store().create_model,
+    )
+
+
 @router.get(
     "",
-    response_model=Page[ModelResponse],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -95,20 +129,19 @@ def list_models(
 
 
 @router.get(
-    "/{model_name_or_id}",
-    response_model=ModelResponse,
+    "/{model_id}",
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
 def get_model(
-    model_name_or_id: Union[str, UUID],
+    model_id: UUID,
     hydrate: bool = True,
     _: AuthContext = Security(authorize),
 ) -> ModelResponse:
     """Get a model by name or ID.
 
     Args:
-        model_name_or_id: The name or ID of the model to get.
+        model_id: The ID of the model to get.
         hydrate: Flag deciding whether to hydrate the output model(s)
             by including metadata fields in the response.
 
@@ -116,13 +149,12 @@ def get_model(
         The model with the given name or ID.
     """
     return verify_permissions_and_get_entity(
-        id=model_name_or_id, get_method=zen_store().get_model, hydrate=hydrate
+        id=model_id, get_method=zen_store().get_model, hydrate=hydrate
     )
 
 
 @router.put(
     "/{model_id}",
-    response_model=ModelResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -149,21 +181,21 @@ def update_model(
 
 
 @router.delete(
-    "/{model_name_or_id}",
+    "/{model_id}",
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
 def delete_model(
-    model_name_or_id: Union[str, UUID],
+    model_id: UUID,
     _: AuthContext = Security(authorize),
 ) -> None:
-    """Delete a model by name or ID.
+    """Delete a model by ID.
 
     Args:
-        model_name_or_id: The name or ID of the model to delete.
+        model_id: The ID of the model to delete.
     """
     model = verify_permissions_and_delete_entity(
-        id=model_name_or_id,
+        id=model_id,
         get_method=zen_store().get_model,
         delete_method=zen_store().delete_model,
     )
@@ -171,52 +203,3 @@ def delete_model(
     if server_config().feature_gate_enabled:
         if ResourceType.MODEL in server_config().reportable_resources:
             report_decrement(ResourceType.MODEL, resource_id=model.id)
-
-
-#################
-# Model Versions
-#################
-
-
-@router.get(
-    "/{model_name_or_id}" + MODEL_VERSIONS,
-    response_model=Page[ModelVersionResponse],
-    responses={401: error_response, 404: error_response, 422: error_response},
-)
-@handle_exceptions
-def list_model_versions(
-    model_name_or_id: Union[str, UUID],
-    model_version_filter_model: ModelVersionFilter = Depends(
-        make_dependable(ModelVersionFilter)
-    ),
-    hydrate: bool = False,
-    auth_context: AuthContext = Security(authorize),
-) -> Page[ModelVersionResponse]:
-    """Get model versions according to query filters.
-
-    This endpoint serves the purpose of allowing scoped filtering by model_id.
-
-    Args:
-        model_name_or_id: The name or ID of the model to list in.
-        model_version_filter_model: Filter model used for pagination, sorting,
-            filtering.
-        hydrate: Flag deciding whether to hydrate the output model(s)
-            by including metadata fields in the response.
-        auth_context: The authentication context.
-
-    Returns:
-        The model versions according to query filters.
-    """
-    allowed_model_ids = get_allowed_resource_ids(
-        resource_type=ResourceType.MODEL
-    )
-    model_version_filter_model.configure_rbac(
-        authenticated_user_id=auth_context.user.id, model_id=allowed_model_ids
-    )
-
-    model_versions = zen_store().list_model_versions(
-        model_name_or_id=model_name_or_id,
-        model_version_filter_model=model_version_filter_model,
-        hydrate=hydrate,
-    )
-    return dehydrate_page(model_versions)

zenml/zen_server/routers/pipeline_builds_endpoints.py

@@ -13,6 +13,7 @@
 #  permissions and limitations under the License.
 """Endpoint definitions for builds."""
 
+from typing import Optional, Union
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, Security
@@ -21,16 +22,21 @@ from zenml.constants import API, PIPELINE_BUILDS, VERSION_1
 from zenml.models import (
     Page,
     PipelineBuildFilter,
+    PipelineBuildRequest,
     PipelineBuildResponse,
 )
 from zenml.zen_server.auth import AuthContext, authorize
 from zenml.zen_server.exceptions import error_response
 from zenml.zen_server.rbac.endpoint_utils import (
+    verify_permissions_and_create_entity,
     verify_permissions_and_delete_entity,
     verify_permissions_and_get_entity,
     verify_permissions_and_list_entities,
 )
 from zenml.zen_server.rbac.models import ResourceType
+from zenml.zen_server.routers.workspaces_endpoints import (
+    router as workspace_router,
+)
 from zenml.zen_server.utils import (
     handle_exceptions,
     make_dependable,
@@ -44,30 +50,79 @@ router = APIRouter(
 )
 
 
+@router.post(
+    "",
+    responses={401: error_response, 409: error_response, 422: error_response},
+)
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.post(
+    "/{workspace_name_or_id}" + PIPELINE_BUILDS,
+    responses={401: error_response, 409: error_response, 422: error_response},
+    deprecated=True,
+    tags=["builds"],
+)
+@handle_exceptions
+def create_build(
+    build: PipelineBuildRequest,
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
+    _: AuthContext = Security(authorize),
+) -> PipelineBuildResponse:
+    """Creates a build, optionally in a specific workspace.
+
+    Args:
+        build: Build to create.
+        workspace_name_or_id: Optional name or ID of the workspace.
+
+    Returns:
+        The created build.
+    """
+    if workspace_name_or_id:
+        workspace = zen_store().get_workspace(workspace_name_or_id)
+        build.workspace = workspace.id
+
+    return verify_permissions_and_create_entity(
+        request_model=build,
+        create_method=zen_store().create_build,
+    )
+
+
 @router.get(
     "",
-    response_model=Page[PipelineBuildResponse],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.get(
+    "/{workspace_name_or_id}" + PIPELINE_BUILDS,
+    responses={401: error_response, 404: error_response, 422: error_response},
+    deprecated=True,
+    tags=["builds"],
+)
 @handle_exceptions
 def list_builds(
     build_filter_model: PipelineBuildFilter = Depends(
         make_dependable(PipelineBuildFilter)
     ),
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
     hydrate: bool = False,
     _: AuthContext = Security(authorize),
 ) -> Page[PipelineBuildResponse]:
-    """Gets a list of builds.
+    """Gets a list of builds, optionally filtered by workspace.
 
     Args:
         build_filter_model: Filter model used for pagination, sorting,
             filtering.
+        workspace_name_or_id: Optional name or ID of the workspace to filter by.
         hydrate: Flag deciding whether to hydrate the output model(s)
             by including metadata fields in the response.
 
     Returns:
-        List of build objects.
+        List of build objects matching the filter criteria.
     """
+    if workspace_name_or_id:
+        build_filter_model.workspace = workspace_name_or_id
+
     return verify_permissions_and_list_entities(
         filter_model=build_filter_model,
         resource_type=ResourceType.PIPELINE_BUILD,
@@ -78,7 +133,6 @@ def list_builds(
 
 @router.get(
     "/{build_id}",
-    response_model=PipelineBuildResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions

zenml/zen_server/routers/pipeline_deployments_endpoints.py

@@ -13,6 +13,7 @@
 #  permissions and limitations under the License.
 """Endpoint definitions for deployments."""
 
+from typing import Optional, Union
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, Security
@@ -21,16 +22,21 @@ from zenml.constants import API, PIPELINE_DEPLOYMENTS, VERSION_1
 from zenml.models import (
     Page,
     PipelineDeploymentFilter,
+    PipelineDeploymentRequest,
     PipelineDeploymentResponse,
 )
 from zenml.zen_server.auth import AuthContext, authorize
 from zenml.zen_server.exceptions import error_response
 from zenml.zen_server.rbac.endpoint_utils import (
+    verify_permissions_and_create_entity,
     verify_permissions_and_delete_entity,
     verify_permissions_and_get_entity,
     verify_permissions_and_list_entities,
 )
 from zenml.zen_server.rbac.models import ResourceType
+from zenml.zen_server.routers.workspaces_endpoints import (
+    router as workspace_router,
+)
 from zenml.zen_server.utils import (
     handle_exceptions,
     make_dependable,
@@ -46,30 +52,79 @@ router = APIRouter(
 )
 
 
+@router.post(
+    "",
+    responses={401: error_response, 409: error_response, 422: error_response},
+)
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.post(
+    "/{workspace_name_or_id}" + PIPELINE_DEPLOYMENTS,
+    responses={401: error_response, 409: error_response, 422: error_response},
+    deprecated=True,
+    tags=["deployments"],
+)
+@handle_exceptions
+def create_deployment(
+    deployment: PipelineDeploymentRequest,
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
+    _: AuthContext = Security(authorize),
+) -> PipelineDeploymentResponse:
+    """Creates a deployment.
+
+    Args:
+        deployment: Deployment to create.
+        workspace_name_or_id: Optional name or ID of the workspace.
+
+    Returns:
+        The created deployment.
+    """
+    if workspace_name_or_id:
+        workspace = zen_store().get_workspace(workspace_name_or_id)
+        deployment.workspace = workspace.id
+
+    return verify_permissions_and_create_entity(
+        request_model=deployment,
+        create_method=zen_store().create_deployment,
+    )
+
+
 @router.get(
     "",
-    response_model=Page[PipelineDeploymentResponse],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.get(
+    "/{workspace_name_or_id}" + PIPELINE_DEPLOYMENTS,
+    responses={401: error_response, 404: error_response, 422: error_response},
+    deprecated=True,
+    tags=["deployments"],
+)
 @handle_exceptions
 def list_deployments(
     deployment_filter_model: PipelineDeploymentFilter = Depends(
         make_dependable(PipelineDeploymentFilter)
     ),
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
     hydrate: bool = False,
     _: AuthContext = Security(authorize),
 ) -> Page[PipelineDeploymentResponse]:
-    """Gets a list of deployment.
+    """Gets a list of deployments, optionally filtered by workspace.
 
     Args:
         deployment_filter_model: Filter model used for pagination, sorting,
             filtering.
+        workspace_name_or_id: Optional name or ID of the workspace to filter by.
         hydrate: Flag deciding whether to hydrate the output model(s)
             by including metadata fields in the response.
 
     Returns:
-        List of deployment objects.
+        List of deployment objects matching the filter criteria.
     """
+    if workspace_name_or_id:
+        deployment_filter_model.workspace = workspace_name_or_id
+
     return verify_permissions_and_list_entities(
         filter_model=deployment_filter_model,
         resource_type=ResourceType.PIPELINE_DEPLOYMENT,
@@ -80,7 +135,6 @@ def list_deployments(
 
 @router.get(
     "/{deployment_id}",
-    response_model=PipelineDeploymentResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions

zenml/zen_server/routers/pipelines_endpoints.py

@@ -13,6 +13,7 @@
 #  permissions and limitations under the License.
 """Endpoint definitions for pipelines."""
 
+from typing import Optional, Union
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, Security
@@ -26,6 +27,7 @@ from zenml.constants import (
 from zenml.models import (
     Page,
     PipelineFilter,
+    PipelineRequest,
     PipelineResponse,
     PipelineRunFilter,
     PipelineRunResponse,
@@ -33,14 +35,20 @@ from zenml.models import (
 )
 from zenml.zen_server.auth import AuthContext, authorize
 from zenml.zen_server.exceptions import error_response
-from zenml.zen_server.feature_gate.endpoint_utils import report_decrement
+from zenml.zen_server.feature_gate.endpoint_utils import (
+    report_decrement,
+)
 from zenml.zen_server.rbac.endpoint_utils import (
+    verify_permissions_and_create_entity,
     verify_permissions_and_delete_entity,
     verify_permissions_and_get_entity,
     verify_permissions_and_list_entities,
     verify_permissions_and_update_entity,
 )
 from zenml.zen_server.rbac.models import ResourceType
+from zenml.zen_server.routers.workspaces_endpoints import (
+    router as workspace_router,
+)
 from zenml.zen_server.utils import (
     handle_exceptions,
     make_dependable,
@@ -55,29 +63,88 @@ router = APIRouter(
 )
 
 
+@router.post(
+    "",
+    responses={401: error_response, 409: error_response, 422: error_response},
+)
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.post(
+    "/{workspace_name_or_id}" + PIPELINES,
+    responses={401: error_response, 409: error_response, 422: error_response},
+    deprecated=True,
+    tags=["pipelines"],
+)
+@handle_exceptions
+def create_pipeline(
+    pipeline: PipelineRequest,
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
+    _: AuthContext = Security(authorize),
+) -> PipelineResponse:
+    """Creates a pipeline, optionally in a specific workspace.
+
+    Args:
+        pipeline: Pipeline to create.
+        workspace_name_or_id: Optional name or ID of the workspace.
+
+    Returns:
+        The created pipeline.
+    """
+    if workspace_name_or_id:
+        workspace = zen_store().get_workspace(workspace_name_or_id)
+        pipeline.workspace = workspace.id
+
+    # We limit pipeline namespaces, not pipeline versions
+    skip_entitlements = (
+        zen_store().count_pipelines(
+            PipelineFilter(name=pipeline.name, workspace=pipeline.workspace)
+        )
+        > 0
+    )
+
+    return verify_permissions_and_create_entity(
+        request_model=pipeline,
+        create_method=zen_store().create_pipeline,
+        skip_entitlements=skip_entitlements,
+    )
+
+
 @router.get(
     "",
     responses={401: error_response, 404: error_response, 422: error_response},
 )
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.get(
+    "/{workspace_name_or_id}" + PIPELINES,
+    responses={401: error_response, 404: error_response, 422: error_response},
+    deprecated=True,
+    tags=["pipelines"],
+)
 @handle_exceptions
 def list_pipelines(
     pipeline_filter_model: PipelineFilter = Depends(
         make_dependable(PipelineFilter)
     ),
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
     hydrate: bool = False,
     _: AuthContext = Security(authorize),
 ) -> Page[PipelineResponse]:
-    """Gets a list of pipelines.
+    """Gets a list of pipelines, optionally filtered by workspace.
 
     Args:
         pipeline_filter_model: Filter model used for pagination, sorting,
             filtering.
+        workspace_name_or_id: Optional name or ID of the workspace to filter by.
         hydrate: Flag deciding whether to hydrate the output model(s)
             by including metadata fields in the response.
 
     Returns:
-        List of pipeline objects.
+        List of pipeline objects matching the filter criteria.
     """
+    if workspace_name_or_id:
+        pipeline_filter_model.workspace = workspace_name_or_id
+
     return verify_permissions_and_list_entities(
         filter_model=pipeline_filter_model,
         resource_type=ResourceType.PIPELINE,
@@ -160,7 +227,9 @@ def delete_pipeline(
 
     should_decrement = (
         ResourceType.PIPELINE in server_config().reportable_resources
-        and zen_store().count_pipelines(PipelineFilter(name=pipeline.name))
+        and zen_store().count_pipelines(
+            PipelineFilter(name=pipeline.name, workspace=pipeline.workspace.id)
+        )
         == 0
     )
     if should_decrement:

zenml/zen_server/routers/plugin_endpoints.py

@@ -81,7 +81,6 @@ def list_flavors(
 
 @plugin_router.get(
     "/{name}",
-    response_model=BasePluginFlavorResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions

zenml/zen_server/routers/run_metadata_endpoints.py

@@ -0,0 +1,99 @@
+#  Copyright (c) ZenML GmbH 2025. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at:
+#
+#       https://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+#  or implied. See the License for the specific language governing
+#  permissions and limitations under the License.
+"""Endpoint definitions for run metadata."""
+
+from typing import Any, List, Optional, Union
+from uuid import UUID
+
+from fastapi import APIRouter, Security
+
+from zenml.constants import API, RUN_METADATA, VERSION_1
+from zenml.enums import MetadataResourceTypes
+from zenml.models import RunMetadataRequest
+from zenml.zen_server.auth import AuthContext, authorize
+from zenml.zen_server.exceptions import error_response
+from zenml.zen_server.rbac.models import Action
+from zenml.zen_server.rbac.utils import (
+    batch_verify_permissions_for_models,
+    verify_permission_for_model,
+)
+from zenml.zen_server.routers.workspaces_endpoints import (
+    router as workspace_router,
+)
+from zenml.zen_server.utils import handle_exceptions, zen_store
+
+router = APIRouter(
+    prefix=API + VERSION_1 + RUN_METADATA,
+    tags=["run_metadata"],
+    responses={401: error_response, 403: error_response},
+)
+
+
+@router.post(
+    "",
+    responses={401: error_response, 409: error_response, 422: error_response},
+)
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.post(
+    "/{workspace_name_or_id}" + RUN_METADATA,
+    responses={401: error_response, 409: error_response, 422: error_response},
+    deprecated=True,
+    tags=["run_metadata"],
+)
+@handle_exceptions
+def create_run_metadata(
+    run_metadata: RunMetadataRequest,
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
+    auth_context: AuthContext = Security(authorize),
+) -> None:
+    """Creates run metadata.
+
+    Args:
+        run_metadata: The run metadata to create.
+        workspace_name_or_id: Optional name or ID of the workspace.
+        auth_context: Authentication context.
+
+    Raises:
+        RuntimeError: If the resource type is not supported.
+    """
+    if workspace_name_or_id:
+        workspace = zen_store().get_workspace(workspace_name_or_id)
+        run_metadata.workspace = workspace.id
+
+    run_metadata.user = auth_context.user.id
+
+    verify_models: List[Any] = []
+    for resource in run_metadata.resources:
+        if resource.type == MetadataResourceTypes.PIPELINE_RUN:
+            verify_models.append(zen_store().get_run(resource.id))
+        elif resource.type == MetadataResourceTypes.STEP_RUN:
+            verify_models.append(zen_store().get_run_step(resource.id))
+        elif resource.type == MetadataResourceTypes.ARTIFACT_VERSION:
+            verify_models.append(zen_store().get_artifact_version(resource.id))
+        elif resource.type == MetadataResourceTypes.MODEL_VERSION:
+            verify_models.append(zen_store().get_model_version(resource.id))
+        elif resource.type == MetadataResourceTypes.SCHEDULE:
+            verify_models.append(zen_store().get_schedule(resource.id))
+        else:
+            raise RuntimeError(f"Unknown resource type: {resource.type}")
+
+    batch_verify_permissions_for_models(
+        models=verify_models,
+        action=Action.UPDATE,
+    )
+
+    verify_permission_for_model(model=run_metadata, action=Action.CREATE)
+
+    zen_store().create_run_metadata(run_metadata)