-
Notifications
You must be signed in to change notification settings - Fork 175
Expand file tree
/
Copy pathrequest.py
More file actions
202 lines (142 loc) · 7.16 KB
/
request.py
File metadata and controls
202 lines (142 loc) · 7.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
"""
Request DTOs for RBAC system.
Shared between Client SDK and Manager API.
"""
from __future__ import annotations
from uuid import UUID
from pydantic import Field
from ai.backend.common.api_handlers import SENTINEL, BaseRequestModel, Sentinel
from ai.backend.common.data.permission.types import RBACElementType
from ai.backend.common.dto.manager.defs import DEFAULT_PAGE_LIMIT, MAX_PAGE_LIMIT
from ai.backend.common.dto.manager.query import StringFilter
from .types import (
AssignedUserOrderField,
OperationType,
OrderDirection,
PermissionStatus,
RoleOrderField,
RoleSource,
RoleStatus,
ScopeOrderField,
)
__all__ = (
"AssignRoleRequest",
"AssignedUserFilter",
"AssignedUserOrder",
"CreateObjectPermissionRequest",
"CreatePermissionRequest",
"CreateRoleRequest",
"RevokeRoleRequest",
"RoleFilter",
"RoleOrder",
"ScopeFilter",
"ScopeOrder",
"SearchEntitiesRequest",
"SearchRolesRequest",
"SearchScopesRequest",
"SearchUsersAssignedToRoleRequest",
"StringFilter",
"UpdateRoleRequest",
)
class CreateRoleRequest(BaseRequestModel):
"""Request to create a role."""
name: str = Field(description="Role name")
source: RoleSource = Field(default=RoleSource.CUSTOM, description="Role source")
status: RoleStatus = Field(default=RoleStatus.ACTIVE, description="Role status")
description: str | None = Field(default=None, description="Role description")
class UpdateRoleRequest(BaseRequestModel):
"""Request to update a role."""
name: str | None = Field(default=None, description="Updated role name")
source: RoleSource | None = Field(default=None, description="Updated role source")
status: RoleStatus | None = Field(default=None, description="Updated role status")
description: str | Sentinel | None = Field(
default=SENTINEL, description="Updated role description"
)
class DeleteRoleRequest(BaseRequestModel):
"""Request to delete a role."""
role_id: UUID = Field(description="Role ID to delete")
class PurgeRoleRequest(BaseRequestModel):
"""Request to purge a role."""
role_id: UUID = Field(description="Role ID to purge")
class AssignRoleRequest(BaseRequestModel):
"""Request to assign a role to a user."""
user_id: UUID = Field(description="User ID to assign the role to")
role_id: UUID = Field(description="Role ID to assign")
granted_by: UUID | None = Field(
default=None, description="User ID who granted this role assignment"
)
class RevokeRoleRequest(BaseRequestModel):
"""Request to revoke a role from a user."""
user_id: UUID = Field(description="User ID to revoke the role from")
role_id: UUID = Field(description="Role ID to revoke")
class RoleFilter(BaseRequestModel):
"""Filter for roles."""
name: StringFilter | None = Field(default=None, description="Filter by name")
sources: list[RoleSource] | None = Field(default=None, description="Filter by role sources")
statuses: list[RoleStatus] | None = Field(default=None, description="Filter by role statuses")
class RoleOrder(BaseRequestModel):
"""Order specification for roles."""
field: RoleOrderField = Field(description="Field to order by")
direction: OrderDirection = Field(default=OrderDirection.ASC, description="Order direction")
class SearchRolesRequest(BaseRequestModel):
"""Request body for searching roles with filters, orders, and pagination."""
filter: RoleFilter | None = Field(default=None, description="Filter conditions")
order: list[RoleOrder] | None = Field(default=None, description="Order specifications")
limit: int = Field(
default=DEFAULT_PAGE_LIMIT, ge=1, le=MAX_PAGE_LIMIT, description="Maximum items to return"
)
offset: int = Field(default=0, ge=0, description="Number of items to skip")
class AssignedUserFilter(BaseRequestModel):
"""Filter for assigned users."""
username: StringFilter | None = Field(default=None, description="Filter by username")
email: StringFilter | None = Field(default=None, description="Filter by email")
granted_by: UUID | None = Field(default=None, description="Filter by 'granted_by' user ID")
class AssignedUserOrder(BaseRequestModel):
"""Order specification for assigned users."""
field: AssignedUserOrderField = Field(description="Field to order by")
direction: OrderDirection = Field(default=OrderDirection.ASC, description="Order direction")
class SearchUsersAssignedToRoleRequest(BaseRequestModel):
"""Request body for searching users assigned to a specific role."""
filter: AssignedUserFilter | None = Field(default=None, description="Filter conditions")
order: list[AssignedUserOrder] | None = Field(default=None, description="Order specifications")
limit: int = Field(
default=DEFAULT_PAGE_LIMIT, ge=1, le=MAX_PAGE_LIMIT, description="Maximum items to return"
)
offset: int = Field(default=0, ge=0, description="Number of items to skip")
class CreatePermissionRequest(BaseRequestModel):
"""Request to create a permission."""
role_id: UUID = Field(description="Role ID for the permission")
scope_type: RBACElementType = Field(description="Scope type for the permission")
scope_id: str = Field(description="Scope ID for the permission")
entity_type: RBACElementType = Field(description="Entity type for the permission")
operation: OperationType = Field(description="Operation type for the permission")
class CreateObjectPermissionRequest(BaseRequestModel):
"""Request to create an object permission for a role."""
role_id: UUID = Field(description="Role ID to add the object permission to")
entity_type: RBACElementType = Field(description="Entity type for the object permission")
entity_id: str = Field(description="Entity ID (e.g., project_id, user_id)")
operation: OperationType = Field(description="Operation type for the object permission")
status: PermissionStatus = Field(
default=PermissionStatus.ACTIVE, description="Permission status"
)
class ScopeFilter(BaseRequestModel):
"""Filter for scopes."""
name: StringFilter | None = Field(default=None, description="Filter by name")
class ScopeOrder(BaseRequestModel):
"""Order specification for scopes."""
field: ScopeOrderField = Field(description="Field to order by")
direction: OrderDirection = Field(default=OrderDirection.ASC, description="Order direction")
class SearchScopesRequest(BaseRequestModel):
"""Request body for searching scopes with filters and pagination."""
filter: ScopeFilter | None = Field(default=None, description="Filter conditions")
order: list[ScopeOrder] | None = Field(default=None, description="Order specifications")
limit: int = Field(
default=DEFAULT_PAGE_LIMIT, ge=1, le=MAX_PAGE_LIMIT, description="Maximum items to return"
)
offset: int = Field(default=0, ge=0, description="Number of items to skip")
class SearchEntitiesRequest(BaseRequestModel):
"""Request body for searching entities within a scope."""
limit: int = Field(
default=DEFAULT_PAGE_LIMIT, ge=1, le=MAX_PAGE_LIMIT, description="Maximum items to return"
)
offset: int = Field(default=0, ge=0, description="Number of items to skip")