zenml-nightly 0.75.0.dev20250312__py3-none-any.whl → 0.75.0.dev20250314__py3-none-any.whl

zenml/models/v2/core/secret.py

@@ -13,43 +13,52 @@
 #  permissions and limitations under the License.
 """Models representing secrets."""
 
-from datetime import datetime
-from typing import Any, ClassVar, Dict, List, Optional, Union
+from typing import (
+    TYPE_CHECKING,
+    ClassVar,
+    Dict,
+    List,
+    Optional,
+    Type,
+    TypeVar,
+)
 
 from pydantic import Field, SecretStr
 
 from zenml.constants import STR_FIELD_MAX_LENGTH
-from zenml.enums import (
-    GenericFilterOps,
-    LogicalOperators,
-    SecretScope,
-    SorterOps,
-)
 from zenml.models.v2.base.base import BaseUpdate
+from zenml.models.v2.base.filter import AnyQuery
 from zenml.models.v2.base.scoped import (
-    WorkspaceScopedFilter,
-    WorkspaceScopedRequest,
-    WorkspaceScopedResponse,
-    WorkspaceScopedResponseBody,
-    WorkspaceScopedResponseMetadata,
-    WorkspaceScopedResponseResources,
+    UserScopedFilter,
+    UserScopedRequest,
+    UserScopedResponse,
+    UserScopedResponseBody,
+    UserScopedResponseMetadata,
+    UserScopedResponseResources,
 )
 from zenml.utils.secret_utils import PlainSerializedSecretStr
 
+if TYPE_CHECKING:
+    from zenml.zen_stores.schemas.base_schemas import BaseSchema
+
+    AnySchema = TypeVar("AnySchema", bound=BaseSchema)
+
 # ------------------ Request Model ------------------
 
 
-class SecretRequest(WorkspaceScopedRequest):
-    """Request models for secrets."""
+class SecretRequest(UserScopedRequest):
+    """Request model for secrets."""
 
-    ANALYTICS_FIELDS: ClassVar[List[str]] = ["scope"]
+    ANALYTICS_FIELDS: ClassVar[List[str]] = ["private"]
 
     name: str = Field(
         title="The name of the secret.",
         max_length=STR_FIELD_MAX_LENGTH,
     )
-    scope: SecretScope = Field(
-        SecretScope.WORKSPACE, title="The scope of the secret."
+    private: bool = Field(
+        False,
+        title="Whether the secret is private. A private secret is only "
+        "accessible to the user who created it.",
     )
     values: Dict[str, Optional[PlainSerializedSecretStr]] = Field(
         default_factory=dict, title="The values stored in this secret."
@@ -78,17 +87,19 @@ class SecretRequest(WorkspaceScopedRequest):
 
 
 class SecretUpdate(BaseUpdate):
-    """Secret update model."""
+    """Update model for secrets."""
 
-    ANALYTICS_FIELDS: ClassVar[List[str]] = ["scope"]
+    ANALYTICS_FIELDS: ClassVar[List[str]] = ["private"]
 
     name: Optional[str] = Field(
         title="The name of the secret.",
         max_length=STR_FIELD_MAX_LENGTH,
         default=None,
     )
-    scope: Optional[SecretScope] = Field(
-        default=None, title="The scope of the secret."
+    private: Optional[bool] = Field(
+        default=None,
+        title="Whether the secret is private. A private secret is only "
+        "accessible to the user who created it.",
     )
     values: Optional[Dict[str, Optional[PlainSerializedSecretStr]]] = Field(
         title="The values stored in this secret.",
@@ -113,33 +124,37 @@ class SecretUpdate(BaseUpdate):
 # ------------------ Response Model ------------------
 
 
-class SecretResponseBody(WorkspaceScopedResponseBody):
+class SecretResponseBody(UserScopedResponseBody):
     """Response body for secrets."""
 
-    scope: SecretScope = Field(
-        SecretScope.WORKSPACE, title="The scope of the secret."
+    private: bool = Field(
+        False,
+        title="Whether the secret is private. A private secret is only "
+        "accessible to the user who created it.",
     )
     values: Dict[str, Optional[PlainSerializedSecretStr]] = Field(
         default_factory=dict, title="The values stored in this secret."
     )
 
 
-class SecretResponseMetadata(WorkspaceScopedResponseMetadata):
+class SecretResponseMetadata(UserScopedResponseMetadata):
     """Response metadata for secrets."""
 
 
-class SecretResponseResources(WorkspaceScopedResponseResources):
-    """Class for all resource models associated with the secret entity."""
+class SecretResponseResources(UserScopedResponseResources):
+    """Response resources for secrets."""
 
 
 class SecretResponse(
-    WorkspaceScopedResponse[
-        SecretResponseBody, SecretResponseMetadata, SecretResponseResources
+    UserScopedResponse[
+        SecretResponseBody,
+        SecretResponseMetadata,
+        SecretResponseResources,
     ]
 ):
     """Response model for secrets."""
 
-    ANALYTICS_FIELDS: ClassVar[List[str]] = ["scope"]
+    ANALYTICS_FIELDS: ClassVar[List[str]] = ["private"]
 
     name: str = Field(
         title="The name of the secret.",
@@ -147,7 +162,7 @@ class SecretResponse(
     )
 
     def get_hydrated_version(self) -> "SecretResponse":
-        """Get the hydrated version of this workspace.
+        """Get the hydrated version of this secret.
 
         Returns:
             an instance of the same entity with the metadata field attached.
@@ -159,13 +174,13 @@ class SecretResponse(
     # Body and metadata properties
 
     @property
-    def scope(self) -> SecretScope:
-        """The `scope` property.
+    def private(self) -> bool:
+        """The `private` property.
 
         Returns:
             the value of the property.
         """
-        return self.get_body().scope
+        return self.get_body().private
 
     @property
     def values(self) -> Dict[str, Optional[SecretStr]]:
@@ -240,11 +255,11 @@ class SecretResponse(
 # ------------------ Filter Model ------------------
 
 
-class SecretFilter(WorkspaceScopedFilter):
-    """Model to enable advanced filtering of all Secrets."""
+class SecretFilter(UserScopedFilter):
+    """Model to enable advanced secret filtering."""
 
     FILTER_EXCLUDE_FIELDS: ClassVar[List[str]] = [
-        *WorkspaceScopedFilter.FILTER_EXCLUDE_FIELDS,
+        *UserScopedFilter.FILTER_EXCLUDE_FIELDS,
         "values",
     ]
 
@@ -252,103 +267,54 @@ class SecretFilter(WorkspaceScopedFilter):
         default=None,
         description="Name of the secret",
     )
-    scope: Optional[Union[SecretScope, str]] = Field(
+    private: Optional[bool] = Field(
         default=None,
-        description="Scope in which to filter secrets",
-        union_mode="left_to_right",
+        description="Whether to filter secrets by private status",
     )
 
-    @staticmethod
-    def _get_filtering_value(value: Optional[Any]) -> str:
-        """Convert the value to a string that can be used for lexicographical filtering and sorting.
+    def apply_filter(
+        self,
+        query: AnyQuery,
+        table: Type["AnySchema"],
+    ) -> AnyQuery:
+        """Applies the filter to a query.
 
         Args:
-            value: The value to convert.
+            query: The query to which to apply the filter.
+            table: The query table.
 
         Returns:
-            The value converted to string format that can be used for
-            lexicographical sorting and filtering.
+            The query with filter applied.
         """
-        if value is None:
-            return ""
-        str_value = str(value)
-        if isinstance(value, datetime):
-            str_value = value.strftime("%Y-%m-%d %H:%M:%S")
-        return str_value
-
-    def secret_matches(self, secret: SecretResponse) -> bool:
-        """Checks if a secret matches the filter criteria.
-
-        Args:
-            secret: The secret to check.
+        # The secret user scoping works a bit differently than the other
+        # scoped filters. We have to filter out all private secrets that are
+        # not owned by the current user.
+        if not self.scope_user:
+            return super().apply_filter(query=query, table=table)
+
+        scope_user = self.scope_user
+
+        # First we apply the inherited filters without the user scoping
+        # applied.
+        self.scope_user = None
+        query = super().apply_filter(query=query, table=table)
+        self.scope_user = scope_user
+
+        # Then we apply the user scoping filter.
+        if self.scope_user:
+            from sqlmodel import and_, or_
+
+            query = query.where(
+                or_(
+                    and_(
+                        getattr(table, "user_id") == self.scope_user,
+                        getattr(table, "private") == True,  # noqa: E712
+                    ),
+                    getattr(table, "private") == False,  # noqa: E712
+                )
+            )
 
-        Returns:
-            True if the secret matches the filter criteria, False otherwise.
-        """
-        for filter in self.list_of_filters:
-            column_value: Optional[Any] = None
-            if filter.column == "workspace_id":
-                column_value = secret.workspace.id
-            elif filter.column == "user_id":
-                column_value = secret.user.id if secret.user else None
-            else:
-                column_value = getattr(secret, filter.column)
-
-            # Convert the values to strings for lexicographical comparison.
-            str_column_value = self._get_filtering_value(column_value)
-            str_filter_value = self._get_filtering_value(filter.value)
-
-            # Compare the lexicographical values according to the operation.
-            if filter.operation == GenericFilterOps.EQUALS:
-                result = str_column_value == str_filter_value
-            elif filter.operation == GenericFilterOps.CONTAINS:
-                result = str_filter_value in str_column_value
-            elif filter.operation == GenericFilterOps.STARTSWITH:
-                result = str_column_value.startswith(str_filter_value)
-            elif filter.operation == GenericFilterOps.ENDSWITH:
-                result = str_column_value.endswith(str_filter_value)
-            elif filter.operation == GenericFilterOps.GT:
-                result = str_column_value > str_filter_value
-            elif filter.operation == GenericFilterOps.GTE:
-                result = str_column_value >= str_filter_value
-            elif filter.operation == GenericFilterOps.LT:
-                result = str_column_value < str_filter_value
-            elif filter.operation == GenericFilterOps.LTE:
-                result = str_column_value <= str_filter_value
-
-            # Exit early if the result is False for AND, and True for OR
-            if self.logical_operator == LogicalOperators.AND:
-                if not result:
-                    return False
-            else:
-                if result:
-                    return True
-
-        # If we get here, all filters have been checked and the result is
-        # True for AND, and False for OR
-        if self.logical_operator == LogicalOperators.AND:
-            return True
         else:
-            return False
+            query = query.where(getattr(table, "private") == False)  # noqa: E712
 
-    def sort_secrets(
-        self, secrets: List[SecretResponse]
-    ) -> List[SecretResponse]:
-        """Sorts a list of secrets according to the filter criteria.
-
-        Args:
-            secrets: The list of secrets to sort.
-
-        Returns:
-            The sorted list of secrets.
-        """
-        column, sort_op = self.sorting_params
-        sorted_secrets = sorted(
-            secrets,
-            key=lambda secret: self._get_filtering_value(
-                getattr(secret, column)
-            ),
-            reverse=sort_op == SorterOps.DESCENDING,
-        )
-
-        return sorted_secrets
+        return query

zenml/models/v2/core/server_settings.py

@@ -26,7 +26,7 @@ from zenml.models.v2.base.base import (
     BaseResponseBody,
     BaseResponseMetadata,
     BaseResponseResources,
-    BaseZenModel,
+    BaseUpdate,
 )
 
 # ------------------ Base Model ------------------
@@ -34,7 +34,7 @@ from zenml.models.v2.base.base import (
 # ------------------ Update Model ------------------
 
 
-class ServerSettingsUpdate(BaseZenModel):
+class ServerSettingsUpdate(BaseUpdate):
     """Model for updating server settings."""
 
     server_name: Optional[str] = Field(

zenml/models/v2/core/service.py

@@ -27,22 +27,25 @@ from typing import (
 )
 from uuid import UUID
 
-from pydantic import BaseModel, ConfigDict, Field
+from pydantic import ConfigDict, Field
 from sqlalchemy.sql.elements import ColumnElement
 
 from zenml.constants import STR_FIELD_MAX_LENGTH
+from zenml.models.v2.base.base import BaseUpdate
 from zenml.models.v2.base.scoped import (
-    WorkspaceScopedFilter,
-    WorkspaceScopedRequest,
-    WorkspaceScopedResponse,
-    WorkspaceScopedResponseBody,
-    WorkspaceScopedResponseMetadata,
-    WorkspaceScopedResponseResources,
+    ProjectScopedFilter,
+    ProjectScopedRequest,
+    ProjectScopedResponse,
+    ProjectScopedResponseBody,
+    ProjectScopedResponseMetadata,
+    ProjectScopedResponseResources,
 )
 from zenml.services.service_status import ServiceState
 from zenml.services.service_type import ServiceType
 
 if TYPE_CHECKING:
+    from zenml.models.v2.core.model_version import ModelVersionResponse
+    from zenml.models.v2.core.pipeline_run import PipelineRunResponse
     from zenml.zen_stores.schemas import BaseSchema
 
     AnySchema = TypeVar("AnySchema", bound=BaseSchema)
@@ -50,7 +53,7 @@ if TYPE_CHECKING:
 # ------------------ Request Model ------------------
 
 
-class ServiceRequest(WorkspaceScopedRequest):
+class ServiceRequest(ProjectScopedRequest):
     """Request model for services."""
 
     name: str = Field(
@@ -101,10 +104,9 @@ class ServiceRequest(WorkspaceScopedRequest):
         default=None,
         title="The model version id linked to the service.",
     )
-    pipeline_run_id: Optional[Union[UUID, str]] = Field(
+    pipeline_run_id: Optional[UUID] = Field(
         default=None,
-        description="By the event source this trigger is attached to.",
-        union_mode="left_to_right",
+        title="The pipeline run id linked to the service.",
     )
 
     # TODO: In Pydantic v2, the `model_` is a protected namespaces for all
@@ -119,7 +121,7 @@ class ServiceRequest(WorkspaceScopedRequest):
 # ------------------ Update Model ------------------
 
 
-class ServiceUpdate(BaseModel):
+class ServiceUpdate(BaseUpdate):
     """Update model for stack components."""
 
     name: Optional[str] = Field(
@@ -176,7 +178,7 @@ class ServiceUpdate(BaseModel):
 # ------------------ Response Model ------------------
 
 
-class ServiceResponseBody(WorkspaceScopedResponseBody):
+class ServiceResponseBody(ProjectScopedResponseBody):
     """Response body for services."""
 
     service_type: ServiceType = Field(
@@ -198,7 +200,7 @@ class ServiceResponseBody(WorkspaceScopedResponseBody):
     )
 
 
-class ServiceResponseMetadata(WorkspaceScopedResponseMetadata):
+class ServiceResponseMetadata(ProjectScopedResponseMetadata):
     """Response metadata for services."""
 
     service_source: Optional[str] = Field(
@@ -227,12 +229,29 @@ class ServiceResponseMetadata(WorkspaceScopedResponseMetadata):
     )
 
 
-class ServiceResponseResources(WorkspaceScopedResponseResources):
+class ServiceResponseResources(ProjectScopedResponseResources):
     """Class for all resource models associated with the service entity."""
 
+    pipeline_run: Optional["PipelineRunResponse"] = Field(
+        default=None,
+        title="The pipeline run associated with the service.",
+    )
+    model_version: Optional["ModelVersionResponse"] = Field(
+        default=None,
+        title="The model version associated with the service.",
+    )
+
+    # TODO: In Pydantic v2, the `model_` is a protected namespaces for all
+    #  fields defined under base models. If not handled, this raises a warning.
+    #  It is possible to suppress this warning message with the following
+    #  configuration, however the ultimate solution is to rename these fields.
+    #  Even though they do not cause any problems right now, if we are not
+    #  careful we might overwrite some fields protected by pydantic.
+    model_config = ConfigDict(protected_namespaces=())
+
 
 class ServiceResponse(
-    WorkspaceScopedResponse[
+    ProjectScopedResponse[
         ServiceResponseBody, ServiceResponseMetadata, ServiceResponseResources
     ]
 ):
@@ -363,18 +382,30 @@ class ServiceResponse(
         """
         return self.get_body().state
 
+    @property
+    def pipeline_run(self) -> Optional["PipelineRunResponse"]:
+        """The `pipeline_run` property.
 
-# ------------------ Filter Model ------------------
+        Returns:
+            the value of the property.
+        """
+        return self.get_resources().pipeline_run
+
+    @property
+    def model_version(self) -> Optional["ModelVersionResponse"]:
+        """The `model_version` property.
 
+        Returns:
+            the value of the property.
+        """
+        return self.get_resources().model_version
+
+
+# ------------------ Filter Model ------------------
 
-class ServiceFilter(WorkspaceScopedFilter):
-    """Model to enable advanced filtering of services.
 
-    The Service needs additional scoping. As such the `_scope_user` field
-    can be set to the user that is doing the filtering. The
-    `generate_filter()` method of the baseclass is overwritten to include the
-    scoping.
-    """
+class ServiceFilter(ProjectScopedFilter):
+    """Model to enable advanced filtering of services."""
 
     name: Optional[str] = Field(
         default=None,
@@ -443,7 +474,7 @@ class ServiceFilter(WorkspaceScopedFilter):
 
     # Artifact name and type are not DB fields and need to be handled separately
     FILTER_EXCLUDE_FIELDS = [
-        *WorkspaceScopedFilter.FILTER_EXCLUDE_FIELDS,
+        *ProjectScopedFilter.FILTER_EXCLUDE_FIELDS,
         "flavor",
         "type",
         "pipeline_step_name",
@@ -452,7 +483,7 @@ class ServiceFilter(WorkspaceScopedFilter):
         "config",
     ]
     CLI_EXCLUDE_FIELDS: ClassVar[List[str]] = [
-        *WorkspaceScopedFilter.CLI_EXCLUDE_FIELDS,
+        *ProjectScopedFilter.CLI_EXCLUDE_FIELDS,
         "flavor",
         "type",
         "pipeline_step_name",

zenml/models/v2/core/service_connector.py

@@ -24,12 +24,12 @@ from zenml.constants import STR_FIELD_MAX_LENGTH
 from zenml.logger import get_logger
 from zenml.models.v2.base.base import BaseUpdate
 from zenml.models.v2.base.scoped import (
-    WorkspaceScopedFilter,
-    WorkspaceScopedRequest,
-    WorkspaceScopedResponse,
-    WorkspaceScopedResponseBody,
-    WorkspaceScopedResponseMetadata,
-    WorkspaceScopedResponseResources,
+    UserScopedFilter,
+    UserScopedRequest,
+    UserScopedResponse,
+    UserScopedResponseBody,
+    UserScopedResponseMetadata,
+    UserScopedResponseResources,
 )
 from zenml.models.v2.misc.service_connector_type import (
     ServiceConnectorTypeModel,
@@ -41,7 +41,7 @@ logger = get_logger(__name__)
 # ------------------ Request Model ------------------
 
 
-class ServiceConnectorRequest(WorkspaceScopedRequest):
+class ServiceConnectorRequest(UserScopedRequest):
     """Request model for service connectors."""
 
     name: str = Field(
@@ -223,8 +223,6 @@ class ServiceConnectorUpdate(BaseUpdate):
     valid configuration update, not just a partial update. If either is
     set (i.e. not None) in the update, their values are merged together and
     will replace the existing configuration and secrets values.
-    * the `secret_id` field value in the update is ignored, given that
-    secrets are managed internally by the ZenML store.
     * the `labels` field is also a full labels update: if set (i.e. not
     `None`), all existing labels are removed and replaced by the new labels
     in the update.
@@ -400,7 +398,7 @@ class ServiceConnectorUpdate(BaseUpdate):
 # ------------------ Response Model ------------------
 
 
-class ServiceConnectorResponseBody(WorkspaceScopedResponseBody):
+class ServiceConnectorResponseBody(UserScopedResponseBody):
     """Response body for service connectors."""
 
     description: str = Field(
@@ -446,7 +444,7 @@ class ServiceConnectorResponseBody(WorkspaceScopedResponseBody):
     )
 
 
-class ServiceConnectorResponseMetadata(WorkspaceScopedResponseMetadata):
+class ServiceConnectorResponseMetadata(UserScopedResponseMetadata):
     """Response metadata for service connectors."""
 
     configuration: Dict[str, Any] = Field(
@@ -475,12 +473,12 @@ class ServiceConnectorResponseMetadata(WorkspaceScopedResponseMetadata):
     )
 
 
-class ServiceConnectorResponseResources(WorkspaceScopedResponseResources):
+class ServiceConnectorResponseResources(UserScopedResponseResources):
     """Class for all resource models associated with the service connector entity."""
 
 
 class ServiceConnectorResponse(
-    WorkspaceScopedResponse[
+    UserScopedResponse[
         ServiceConnectorResponseBody,
         ServiceConnectorResponseMetadata,
         ServiceConnectorResponseResources,
@@ -781,18 +779,18 @@ class ServiceConnectorResponse(
 # ------------------ Filter Model ------------------
 
 
-class ServiceConnectorFilter(WorkspaceScopedFilter):
+class ServiceConnectorFilter(UserScopedFilter):
     """Model to enable advanced filtering of service connectors."""
 
     FILTER_EXCLUDE_FIELDS: ClassVar[List[str]] = [
-        *WorkspaceScopedFilter.FILTER_EXCLUDE_FIELDS,
+        *UserScopedFilter.FILTER_EXCLUDE_FIELDS,
         "scope_type",
         "resource_type",
         "labels_str",
         "labels",
     ]
     CLI_EXCLUDE_FIELDS: ClassVar[List[str]] = [
-        *WorkspaceScopedFilter.CLI_EXCLUDE_FIELDS,
+        *UserScopedFilter.CLI_EXCLUDE_FIELDS,
         "scope_type",
         "labels_str",
         "labels",