zenml-nightly 0.75.0.dev20250312__py3-none-any.whl → 0.75.0.dev20250313__py3-none-any.whl

zenml/zen_server/routers/service_accounts_endpoints.py

@@ -67,7 +67,6 @@ router = APIRouter(
 
 @router.post(
     "",
-    response_model=ServiceAccountResponse,
     responses={
         401: error_response,
         409: error_response,
@@ -89,14 +88,12 @@ def create_service_account(
     """
     return verify_permissions_and_create_entity(
         request_model=service_account,
-        resource_type=ResourceType.SERVICE_ACCOUNT,
         create_method=zen_store().create_service_account,
     )
 
 
 @router.get(
     "/{service_account_name_or_id}",
-    response_model=ServiceAccountResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -124,7 +121,6 @@ def get_service_account(
 
 @router.get(
     "",
-    response_model=Page[ServiceAccountResponse],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -156,7 +152,6 @@ def list_service_accounts(
 
 @router.put(
     "/{service_account_name_or_id}",
-    response_model=ServiceAccountResponse,
     responses={
         401: error_response,
         404: error_response,
@@ -214,7 +209,6 @@ def delete_service_account(
 
 @router.post(
     "/{service_account_id}" + API_KEYS,
-    response_model=APIKeyResponse,
     responses={401: error_response, 409: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -233,18 +227,26 @@ def create_api_key(
     Returns:
         The created API key.
     """
+
+    def create_api_key_wrapper(
+        api_key: APIKeyRequest,
+    ) -> APIKeyResponse:
+        return zen_store().create_api_key(
+            service_account_id=service_account_id,
+            api_key=api_key,
+        )
+
     service_account = zen_store().get_service_account(service_account_id)
-    verify_permission_for_model(service_account, action=Action.UPDATE)
-    created_api_key = zen_store().create_api_key(
-        service_account_id=service_account_id,
-        api_key=api_key,
+
+    return verify_permissions_and_create_entity(
+        request_model=api_key,
+        create_method=create_api_key_wrapper,
+        surrogate_models=[service_account],
     )
-    return created_api_key
 
 
 @router.get(
     "/{service_account_id}" + API_KEYS + "/{api_key_name_or_id}",
-    response_model=APIKeyResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -278,7 +280,6 @@ def get_api_key(
 
 @router.get(
     "/{service_account_id}" + API_KEYS,
-    response_model=Page[APIKeyResponse],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -313,7 +314,6 @@ def list_api_keys(
 
 @router.put(
     "/{service_account_id}" + API_KEYS + "/{api_key_name_or_id}",
-    response_model=APIKeyResponse,
     responses={401: error_response, 409: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -348,7 +348,6 @@ def update_api_key(
     + API_KEYS
     + "/{api_key_name_or_id}"
     + API_KEY_ROTATE,
-    response_model=APIKeyResponse,
     responses={401: error_response, 409: error_response, 422: error_response},
 )
 @handle_exceptions

zenml/zen_server/routers/service_connectors_endpoints.py

@@ -13,7 +13,7 @@
 #  permissions and limitations under the License.
 """Endpoint definitions for service connectors."""
 
-from typing import List, Optional
+from typing import List, Optional, Union
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, Security
@@ -22,6 +22,7 @@ from zenml.constants import (
     API,
     SERVICE_CONNECTOR_CLIENT,
     SERVICE_CONNECTOR_FULL_STACK,
+    SERVICE_CONNECTOR_RESOURCES,
     SERVICE_CONNECTOR_TYPES,
     SERVICE_CONNECTOR_VERIFY,
     SERVICE_CONNECTORS,
@@ -44,6 +45,7 @@ from zenml.service_connectors.service_connector_utils import (
 from zenml.zen_server.auth import AuthContext, authorize
 from zenml.zen_server.exceptions import error_response
 from zenml.zen_server.rbac.endpoint_utils import (
+    verify_permissions_and_create_entity,
     verify_permissions_and_delete_entity,
     verify_permissions_and_list_entities,
     verify_permissions_and_update_entity,
@@ -57,6 +59,9 @@ from zenml.zen_server.rbac.utils import (
     verify_permission,
     verify_permission_for_model,
 )
+from zenml.zen_server.routers.workspaces_endpoints import (
+    router as workspace_router,
+)
 from zenml.zen_server.utils import (
     handle_exceptions,
     make_dependable,
@@ -76,31 +81,73 @@ types_router = APIRouter(
 )
 
 
+@router.post(
+    "",
+    responses={401: error_response, 409: error_response, 422: error_response},
+)
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.post(
+    "/{workspace_name_or_id}" + SERVICE_CONNECTORS,
+    responses={401: error_response, 409: error_response, 422: error_response},
+    deprecated=True,
+    tags=["service_connectors"],
+)
+@handle_exceptions
+def create_service_connector(
+    connector: ServiceConnectorRequest,
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
+    _: AuthContext = Security(authorize),
+) -> ServiceConnectorResponse:
+    """Creates a service connector.
+
+    Args:
+        connector: Service connector to register.
+        workspace_name_or_id: Optional name or ID of the workspace.
+
+    Returns:
+        The created service connector.
+    """
+    return verify_permissions_and_create_entity(
+        request_model=connector,
+        create_method=zen_store().create_service_connector,
+    )
+
+
 @router.get(
     "",
-    response_model=Page[ServiceConnectorResponse],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.get(
+    "/{workspace_name_or_id}" + SERVICE_CONNECTORS,
+    responses={401: error_response, 404: error_response, 422: error_response},
+    deprecated=True,
+    tags=["service_connectors"],
+)
 @handle_exceptions
 def list_service_connectors(
     connector_filter_model: ServiceConnectorFilter = Depends(
         make_dependable(ServiceConnectorFilter)
     ),
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
     expand_secrets: bool = True,
     hydrate: bool = False,
     _: AuthContext = Security(authorize),
 ) -> Page[ServiceConnectorResponse]:
-    """Get a list of all service connectors for a specific type.
+    """Get a list of all service connectors, optionally filtered by workspace.
 
     Args:
         connector_filter_model: Filter model used for pagination, sorting,
             filtering
+        workspace_name_or_id: Optional name or ID of the workspace to filter by.
         expand_secrets: Whether to expand secrets or not.
         hydrate: Flag deciding whether to hydrate the output model(s)
             by including metadata fields in the response.
 
     Returns:
-        Page with list of service connectors for a specific type.
+        Page with list of service connectors matching the filter criteria.
     """
     connectors = verify_permissions_and_list_entities(
         filter_model=connector_filter_model,
@@ -143,7 +190,6 @@ def list_service_connectors(
 
 @router.get(
     "/{connector_id}",
-    response_model=ServiceConnectorResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -186,7 +232,6 @@ def get_service_connector(
 
 @router.put(
     "/{connector_id}",
-    response_model=ServiceConnectorResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -235,7 +280,6 @@ def delete_service_connector(
 
 @router.post(
     SERVICE_CONNECTOR_VERIFY,
-    response_model=ServiceConnectorResourcesModel,
     responses={401: error_response, 409: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -259,9 +303,7 @@ def validate_and_verify_service_connector_config(
         The list of resources that the service connector configuration has
         access to.
     """
-    verify_permission(
-        resource_type=ResourceType.SERVICE_CONNECTOR, action=Action.CREATE
-    )
+    verify_permission_for_model(model=connector, action=Action.CREATE)
 
     return zen_store().verify_service_connector_config(
         service_connector=connector,
@@ -269,9 +311,52 @@ def validate_and_verify_service_connector_config(
     )
 
 
+@router.get(
+    SERVICE_CONNECTOR_RESOURCES,
+    responses={401: error_response, 404: error_response, 422: error_response},
+)
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.get(
+    "/{workspace_name_or_id}" + SERVICE_CONNECTOR_RESOURCES,
+    responses={401: error_response, 404: error_response, 422: error_response},
+    deprecated=True,
+    tags=["service_connectors"],
+)
+@handle_exceptions
+def list_service_connector_resources(
+    filter_model: ServiceConnectorFilter = Depends(
+        make_dependable(ServiceConnectorFilter)
+    ),
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
+    auth_context: AuthContext = Security(authorize),
+) -> List[ServiceConnectorResourcesModel]:
+    """List resources that can be accessed by service connectors.
+
+    Args:
+        filter_model: The filter model to use when fetching service
+            connectors.
+        workspace_name_or_id: Optional name or ID of the workspace.
+        auth_context: Authentication context.
+
+    Returns:
+        The matching list of resources that available service
+        connectors have access to.
+    """
+    allowed_ids = get_allowed_resource_ids(
+        resource_type=ResourceType.SERVICE_CONNECTOR
+    )
+    filter_model.configure_rbac(
+        authenticated_user_id=auth_context.user.id, id=allowed_ids
+    )
+
+    return zen_store().list_service_connector_resources(
+        filter_model=filter_model,
+    )
+
+
 @router.put(
     "/{connector_id}" + SERVICE_CONNECTOR_VERIFY,
-    response_model=ServiceConnectorResourcesModel,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -313,7 +398,6 @@ def validate_and_verify_service_connector(
 
 @router.get(
     "/{connector_id}" + SERVICE_CONNECTOR_CLIENT,
-    response_model=ServiceConnectorResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -351,7 +435,6 @@ def get_service_connector_client(
 
 @types_router.get(
     "",
-    response_model=List[ServiceConnectorTypeModel],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -382,7 +465,6 @@ def list_service_connector_types(
 
 @types_router.get(
     "/{connector_type}",
-    response_model=ServiceConnectorTypeModel,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions

zenml/zen_server/routers/service_endpoints.py

@@ -13,6 +13,7 @@
 #  permissions and limitations under the License.
 """Endpoint definitions for services."""
 
+from typing import Optional, Union
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, Security
@@ -35,6 +36,9 @@ from zenml.zen_server.rbac.endpoint_utils import (
     verify_permissions_and_update_entity,
 )
 from zenml.zen_server.rbac.models import ResourceType
+from zenml.zen_server.routers.workspaces_endpoints import (
+    router as workspace_router,
+)
 from zenml.zen_server.utils import (
     handle_exceptions,
     make_dependable,
@@ -50,32 +54,43 @@ router = APIRouter(
 
 @router.post(
     "",
-    response_model=ServiceResponse,
     responses={401: error_response, 422: error_response},
 )
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.post(
+    "/{workspace_name_or_id}" + SERVICES,
+    responses={401: error_response, 409: error_response, 422: error_response},
+    deprecated=True,
+    tags=["services"],
+)
 @handle_exceptions
 def create_service(
     service: ServiceRequest,
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
     _: AuthContext = Security(authorize),
 ) -> ServiceResponse:
     """Creates a new service.
 
     Args:
-        service: The model containing the attributes of the new service.
+        service: The service to create.
+        workspace_name_or_id: Optional name or ID of the workspace.
 
     Returns:
-        The created service object.
+        The created service.
     """
+    if workspace_name_or_id:
+        workspace = zen_store().get_workspace(workspace_name_or_id)
+        service.workspace = workspace.id
+
     return verify_permissions_and_create_entity(
         request_model=service,
         create_method=zen_store().create_service,
-        resource_type=ResourceType.SERVICE,
     )
 
 
 @router.get(
     "",
-    response_model=Page[ServiceResponse],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -105,7 +120,6 @@ def list_services(
 
 @router.get(
     "/{service_id}",
-    response_model=ServiceResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -133,7 +147,6 @@ def get_service(
 
 @router.put(
     "/{service_id}",
-    response_model=ServiceResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions

zenml/zen_server/routers/stack_components_endpoints.py

@@ -13,7 +13,7 @@
 #  permissions and limitations under the License.
 """Endpoint definitions for stack components."""
 
-from typing import List
+from typing import List, Optional, Union
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, Security
@@ -22,6 +22,7 @@ from zenml.constants import API, COMPONENT_TYPES, STACK_COMPONENTS, VERSION_1
 from zenml.enums import StackComponentType
 from zenml.models import (
     ComponentFilter,
+    ComponentRequest,
     ComponentResponse,
     ComponentUpdate,
     Page,
@@ -29,6 +30,7 @@ from zenml.models import (
 from zenml.zen_server.auth import AuthContext, authorize
 from zenml.zen_server.exceptions import error_response
 from zenml.zen_server.rbac.endpoint_utils import (
+    verify_permissions_and_create_entity,
     verify_permissions_and_delete_entity,
     verify_permissions_and_get_entity,
     verify_permissions_and_list_entities,
@@ -36,6 +38,9 @@ from zenml.zen_server.rbac.endpoint_utils import (
 )
 from zenml.zen_server.rbac.models import Action, ResourceType
 from zenml.zen_server.rbac.utils import verify_permission_for_model
+from zenml.zen_server.routers.workspaces_endpoints import (
+    router as workspace_router,
+)
 from zenml.zen_server.utils import (
     handle_exceptions,
     make_dependable,
@@ -55,29 +60,88 @@ types_router = APIRouter(
 )
 
 
+@router.post(
+    "",
+    responses={401: error_response, 409: error_response, 422: error_response},
+)
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.post(
+    "/{workspace_name_or_id}" + STACK_COMPONENTS,
+    responses={401: error_response, 409: error_response, 422: error_response},
+    deprecated=True,
+    tags=["stack_components"],
+)
+@handle_exceptions
+def create_stack_component(
+    component: ComponentRequest,
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
+    _: AuthContext = Security(authorize),
+) -> ComponentResponse:
+    """Creates a stack component, optionally in a specific workspace.
+
+    Args:
+        component: Stack component to register.
+        workspace_name_or_id: Optional name or ID of the workspace.
+
+    Returns:
+        The created stack component.
+    """
+    if component.connector:
+        service_connector = zen_store().get_service_connector(
+            component.connector
+        )
+        verify_permission_for_model(service_connector, action=Action.READ)
+
+    from zenml.stack.utils import validate_stack_component_config
+
+    validate_stack_component_config(
+        configuration_dict=component.configuration,
+        flavor=component.flavor,
+        component_type=component.type,
+        zen_store=zen_store(),
+        # We allow custom flavors to fail import on the server side.
+        validate_custom_flavors=False,
+    )
+
+    return verify_permissions_and_create_entity(
+        request_model=component,
+        create_method=zen_store().create_stack_component,
+    )
+
+
 @router.get(
     "",
-    response_model=Page[ComponentResponse],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
+# TODO: the workspace scoped endpoint is only kept for dashboard compatibility
+# and can be removed after the migration
+@workspace_router.get(
+    "/{workspace_name_or_id}" + STACK_COMPONENTS,
+    responses={401: error_response, 404: error_response, 422: error_response},
+    deprecated=True,
+    tags=["stack_components"],
+)
 @handle_exceptions
 def list_stack_components(
     component_filter_model: ComponentFilter = Depends(
         make_dependable(ComponentFilter)
     ),
+    workspace_name_or_id: Optional[Union[str, UUID]] = None,
     hydrate: bool = False,
     _: AuthContext = Security(authorize),
 ) -> Page[ComponentResponse]:
-    """Get a list of all stack components for a specific type.
+    """Get a list of all stack components, optionally filtered by workspace.
 
     Args:
         component_filter_model: Filter model used for pagination, sorting,
             filtering.
+        workspace_name_or_id: Optional name or ID of the workspace to filter by.
         hydrate: Flag deciding whether to hydrate the output model(s)
             by including metadata fields in the response.
 
     Returns:
-        List of stack components for a specific type.
+        List of stack components matching the filter criteria.
     """
     return verify_permissions_and_list_entities(
         filter_model=component_filter_model,
@@ -89,7 +153,6 @@ def list_stack_components(
 
 @router.get(
     "/{component_id}",
-    response_model=ComponentResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -117,7 +180,6 @@ def get_stack_component(
 
 @router.put(
     "/{component_id}",
-    response_model=ComponentResponse,
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions
@@ -185,7 +247,6 @@ def deregister_stack_component(
 
 @types_router.get(
     "",
-    response_model=List[str],
     responses={401: error_response, 404: error_response, 422: error_response},
 )
 @handle_exceptions