From edd2c19e1e4850fdebe2256e39a175acd2a5f735 Mon Sep 17 00:00:00 2001 From: Sergey Fedoseev Date: Fri, 7 Jun 2024 14:47:47 +0400 Subject: [PATCH] more changes: * move admin to ql * remove get_role() * add delete_user() * some docstrings --- api/python/quilt3-admin/pyproject.toml | 2 +- api/python/quilt3-admin/queries.graphql | 18 +++-- api/python/quilt3/__init__.py | 2 +- .../quilt3/{adminql => admin}/__init__.py | 71 +++++++++++++++++-- .../_graphql_client/__init__.py | 20 ++++-- .../_graphql_client/add_roles.py | 0 .../_graphql_client/base_client.py | 0 .../_graphql_client/base_model.py | 0 .../_graphql_client/client.py | 63 ++++++++-------- .../_graphql_client/create_user.py | 0 .../admin/_graphql_client/delete_user.py | 47 ++++++++++++ .../_graphql_client/enums.py | 0 .../_graphql_client/exceptions.py | 0 .../_graphql_client/fragments.py | 0 .../_graphql_client/get_role.py | 0 .../_graphql_client/get_roles.py | 0 .../_graphql_client/get_user.py | 0 .../_graphql_client/get_users.py | 0 .../_graphql_client/input_types.py | 0 .../_graphql_client/remove_roles.py | 0 .../_graphql_client/set_role.py | 0 docs/api-reference/Admin.md | 71 +++++++++++++++---- 22 files changed, 235 insertions(+), 59 deletions(-) rename api/python/quilt3/{adminql => admin}/__init__.py (51%) rename api/python/quilt3/{adminql => admin}/_graphql_client/__init__.py (86%) rename api/python/quilt3/{adminql => admin}/_graphql_client/add_roles.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/base_client.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/base_model.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/client.py (88%) rename api/python/quilt3/{adminql => admin}/_graphql_client/create_user.py (100%) create mode 100644 api/python/quilt3/admin/_graphql_client/delete_user.py rename api/python/quilt3/{adminql => admin}/_graphql_client/enums.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/exceptions.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/fragments.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/get_role.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/get_roles.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/get_user.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/get_users.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/input_types.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/remove_roles.py (100%) rename api/python/quilt3/{adminql => admin}/_graphql_client/set_role.py (100%) diff --git a/api/python/quilt3-admin/pyproject.toml b/api/python/quilt3-admin/pyproject.toml index 8009f328464..a43cf7442ad 100644 --- a/api/python/quilt3-admin/pyproject.toml +++ b/api/python/quilt3-admin/pyproject.toml @@ -1,7 +1,7 @@ [tool.ariadne-codegen] schema_path = "../../../shared/graphql/schema.graphql" queries_path = "queries.graphql" -target_package_path = "../quilt3/adminql/" +target_package_path = "../quilt3/admin/" target_package_name = "_graphql_client" files_to_include = [ "exceptions.py", diff --git a/api/python/quilt3-admin/queries.graphql b/api/python/quilt3-admin/queries.graphql index 8ed0e3d187f..9bbc12280bd 100644 --- a/api/python/quilt3-admin/queries.graphql +++ b/api/python/quilt3-admin/queries.graphql @@ -74,9 +74,16 @@ mutation createUser($input: UserInput!) { } } -query getRole($roleId: ID!) { - role(id: $roleId) { - ...RoleSelection +mutation deleteUser($name: String!) { + admin { + user { + mutate(name: $name) { + delete { + ...InvalidInputSelection + ...OperationErrorSelection + } + } + } } } @@ -99,7 +106,7 @@ mutation setRole($name: String!, $role: String!, $extraRoles: [String!], $append } } -mutation addRoles($roles: [String!]!, $name: String!) { +mutation addRoles($name: String!, $roles: [String!]!) { admin { user { mutate(name: $name) { @@ -111,7 +118,8 @@ mutation addRoles($roles: [String!]!, $name: String!) { } } } -mutation removeRoles($roles: [String!]!, $name: String!, $fallback: String) { + +mutation removeRoles($name: String!, $roles: [String!]!, $fallback: String) { admin { user { mutate(name: $name) { diff --git a/api/python/quilt3/__init__.py b/api/python/quilt3/__init__.py index cf78c947b18..43dd88fda79 100644 --- a/api/python/quilt3/__init__.py +++ b/api/python/quilt3/__init__.py @@ -9,7 +9,7 @@ __version__ = Path(Path(__file__).parent, "VERSION").read_text().strip() -from . import admin, adminql +from . import admin from .api import ( config, copy, diff --git a/api/python/quilt3/adminql/__init__.py b/api/python/quilt3/admin/__init__.py similarity index 51% rename from api/python/quilt3/adminql/__init__.py rename to api/python/quilt3/admin/__init__.py index 9cb33d4c84a..34d8f538768 100644 --- a/api/python/quilt3/adminql/__init__.py +++ b/api/python/quilt3/admin/__init__.py @@ -1,3 +1,5 @@ +"""APIs for Quilt administrators. 'Registry' refers to Quilt stack backend services, including identity management.""" + from typing import Any, Union, Optional, List from ._graphql_client import * @@ -20,6 +22,12 @@ def _get_client(): def get_user(name: str) -> GetUserAdminUserGet: + """ + Get a specific user from the registry. + + Args: + name: Username of user to get. + """ result = _get_client().get_user(name=name) # XXX: should we really throw an exception here? if result is None: @@ -28,22 +36,47 @@ def get_user(name: str) -> GetUserAdminUserGet: def get_users() -> List[GetUsersAdminUserList]: + """ + Get a list of all users in the registry. + """ return _get_client().get_users() def create_user(name: str, email: str, role: str, extra_roles: Optional[List[str]] = None) -> None: + """ + Create a new user in the registry. + + Args: + name: Username of user to create. + email: Email of user to create. + role: Active role of the user. + extra_roles: Additional roles to assign to the user. + """ + _handle_errors( _get_client().create_user(input=UserInput(name=name, email=email, role=role, extra_roles=extra_roles)) ) return None -def get_role(role_id: str) -> Optional[Union[GetRoleRoleUnmanagedRole, GetRoleRoleManagedRole]]: - # XXX: should we throw an exception here if the role is not found? - return _get_client().get_role(role_id=role_id) +def delete_user(name: str) -> None: + """ + Delete user from the registry. + + Args: + name: Username of user to delete. + """ + result = _get_client().delete_user(name=name) + if result is None: + raise UserNotFoundError + _handle_errors(result.delete) + return None def get_roles() -> List[Union[GetRolesRolesUnmanagedRole, GetRolesRolesManagedRole]]: + """ + Get a list of all roles in the registry. + """ return _get_client().get_roles() @@ -54,6 +87,15 @@ def set_role( *, append: bool = False, ) -> None: + """ + Set the active and extra roles for a user. + + Args: + name: Username of user to update. + role: Role to be set as the active role. + extra_roles: Additional roles to assign to the user. + append: If True, append the extra roles to the existing roles. If False, replace the existing roles. + """ result = _get_client().set_role(name=name, role=role, extra_roles=extra_roles, append=append) if result is None: raise UserNotFoundError @@ -61,8 +103,15 @@ def set_role( return None -def add_roles(roles: List[str], name: str) -> None: - result = _get_client().add_roles(roles=roles, name=name) +def add_roles(name: str, roles: List[str]) -> None: + """ + Add roles to a user. + + Args: + name: Username of user to update. + roles: Roles to add to the user. + """ + result = _get_client().add_roles(name=name, roles=roles) if result is None: raise UserNotFoundError _handle_errors(result.add_roles) @@ -70,11 +119,19 @@ def add_roles(roles: List[str], name: str) -> None: def remove_roles( - roles: List[str], name: str, + roles: List[str], fallback: Union[Optional[str], UnsetType] = UNSET, ) -> None: - result = _get_client().remove_roles(roles=roles, name=name, fallback=fallback) + """ + Remove roles from a user. + + Args: + name: Username of user to update. + roles: Roles to remove from the user. + fallback: If set, the role to assign to the user if the active role is removed. + """ + result = _get_client().remove_roles(name=name, roles=roles, fallback=fallback) if result is None: raise UserNotFoundError _handle_errors(result.remove_roles) diff --git a/api/python/quilt3/adminql/_graphql_client/__init__.py b/api/python/quilt3/admin/_graphql_client/__init__.py similarity index 86% rename from api/python/quilt3/adminql/_graphql_client/__init__.py rename to api/python/quilt3/admin/_graphql_client/__init__.py index 66b0da4d517..3fce151f497 100644 --- a/api/python/quilt3/adminql/_graphql_client/__init__.py +++ b/api/python/quilt3/admin/_graphql_client/__init__.py @@ -20,6 +20,15 @@ CreateUserAdminUserCreateOperationError, CreateUserAdminUserCreateUser, ) +from .delete_user import ( + DeleteUser, + DeleteUserAdmin, + DeleteUserAdminUser, + DeleteUserAdminUserMutate, + DeleteUserAdminUserMutateDeleteInvalidInput, + DeleteUserAdminUserMutateDeleteOk, + DeleteUserAdminUserMutateDeleteOperationError, +) from .fragments import ( InvalidInputSelection, InvalidInputSelectionErrors, @@ -32,7 +41,6 @@ UserSelectionRoleManagedRole, UserSelectionRoleUnmanagedRole, ) -from .get_role import GetRole, GetRoleRoleManagedRole, GetRoleRoleUnmanagedRole from .get_roles import GetRoles, GetRolesRolesManagedRole, GetRolesRolesUnmanagedRole from .get_user import GetUser, GetUserAdmin, GetUserAdminUser, GetUserAdminUserGet from .get_users import GetUsers, GetUsersAdmin, GetUsersAdminUser, GetUsersAdminUserList @@ -73,9 +81,13 @@ "CreateUserAdminUserCreateInvalidInput", "CreateUserAdminUserCreateOperationError", "CreateUserAdminUserCreateUser", - "GetRole", - "GetRoleRoleManagedRole", - "GetRoleRoleUnmanagedRole", + "DeleteUser", + "DeleteUserAdmin", + "DeleteUserAdminUser", + "DeleteUserAdminUserMutate", + "DeleteUserAdminUserMutateDeleteInvalidInput", + "DeleteUserAdminUserMutateDeleteOk", + "DeleteUserAdminUserMutateDeleteOperationError", "GetRoles", "GetRolesRolesManagedRole", "GetRolesRolesUnmanagedRole", diff --git a/api/python/quilt3/adminql/_graphql_client/add_roles.py b/api/python/quilt3/admin/_graphql_client/add_roles.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/add_roles.py rename to api/python/quilt3/admin/_graphql_client/add_roles.py diff --git a/api/python/quilt3/adminql/_graphql_client/base_client.py b/api/python/quilt3/admin/_graphql_client/base_client.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/base_client.py rename to api/python/quilt3/admin/_graphql_client/base_client.py diff --git a/api/python/quilt3/adminql/_graphql_client/base_model.py b/api/python/quilt3/admin/_graphql_client/base_model.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/base_model.py rename to api/python/quilt3/admin/_graphql_client/base_model.py diff --git a/api/python/quilt3/adminql/_graphql_client/client.py b/api/python/quilt3/admin/_graphql_client/client.py similarity index 88% rename from api/python/quilt3/adminql/_graphql_client/client.py rename to api/python/quilt3/admin/_graphql_client/client.py index f652606416c..21738387d2a 100644 --- a/api/python/quilt3/adminql/_graphql_client/client.py +++ b/api/python/quilt3/admin/_graphql_client/client.py @@ -12,7 +12,7 @@ CreateUserAdminUserCreateOperationError, CreateUserAdminUserCreateUser, ) -from .get_role import GetRole, GetRoleRoleManagedRole, GetRoleRoleUnmanagedRole +from .delete_user import DeleteUser, DeleteUserAdminUserMutate from .get_roles import GetRoles, GetRolesRolesManagedRole, GetRolesRolesUnmanagedRole from .get_user import GetUser, GetUserAdminUserGet from .get_users import GetUsers, GetUsersAdminUserList @@ -180,42 +180,47 @@ def create_user(self, input: UserInput, **kwargs: Any) -> Union[ data = self.get_data(response) return CreateUser.model_validate(data).admin.user.create - def get_role( - self, role_id: str, **kwargs: Any - ) -> Optional[Union[GetRoleRoleUnmanagedRole, GetRoleRoleManagedRole]]: + def delete_user( + self, name: str, **kwargs: Any + ) -> Optional[DeleteUserAdminUserMutate]: query = gql( """ - query getRole($roleId: ID!) { - role(id: $roleId) { - ...RoleSelection + mutation deleteUser($name: String!) { + admin { + user { + mutate(name: $name) { + delete { + __typename + ...InvalidInputSelection + ...OperationErrorSelection + } + } + } } } - fragment ManagedRoleSelection on ManagedRole { - id - name - arn - } - - fragment RoleSelection on Role { - __typename - ...UnmanagedRoleSelection - ...ManagedRoleSelection + fragment InvalidInputSelection on InvalidInput { + errors { + path + message + name + context + } } - fragment UnmanagedRoleSelection on UnmanagedRole { - id + fragment OperationErrorSelection on OperationError { + message name - arn + context } """ ) - variables: Dict[str, object] = {"roleId": role_id} + variables: Dict[str, object] = {"name": name} response = self.execute( - query=query, operation_name="getRole", variables=variables, **kwargs + query=query, operation_name="deleteUser", variables=variables, **kwargs ) data = self.get_data(response) - return GetRole.model_validate(data).role + return DeleteUser.model_validate(data).admin.user.mutate def get_roles( self, **kwargs: Any @@ -307,11 +312,11 @@ def set_role( return SetRole.model_validate(data).admin.user.mutate def add_roles( - self, roles: List[str], name: str, **kwargs: Any + self, name: str, roles: List[str], **kwargs: Any ) -> Optional[AddRolesAdminUserMutate]: query = gql( """ - mutation addRoles($roles: [String!]!, $name: String!) { + mutation addRoles($name: String!, $roles: [String!]!) { admin { user { mutate(name: $name) { @@ -341,7 +346,7 @@ def add_roles( } """ ) - variables: Dict[str, object] = {"roles": roles, "name": name} + variables: Dict[str, object] = {"name": name, "roles": roles} response = self.execute( query=query, operation_name="addRoles", variables=variables, **kwargs ) @@ -350,14 +355,14 @@ def add_roles( def remove_roles( self, - roles: List[str], name: str, + roles: List[str], fallback: Union[Optional[str], UnsetType] = UNSET, **kwargs: Any ) -> Optional[RemoveRolesAdminUserMutate]: query = gql( """ - mutation removeRoles($roles: [String!]!, $name: String!, $fallback: String) { + mutation removeRoles($name: String!, $roles: [String!]!, $fallback: String) { admin { user { mutate(name: $name) { @@ -388,8 +393,8 @@ def remove_roles( """ ) variables: Dict[str, object] = { - "roles": roles, "name": name, + "roles": roles, "fallback": fallback, } response = self.execute( diff --git a/api/python/quilt3/adminql/_graphql_client/create_user.py b/api/python/quilt3/admin/_graphql_client/create_user.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/create_user.py rename to api/python/quilt3/admin/_graphql_client/create_user.py diff --git a/api/python/quilt3/admin/_graphql_client/delete_user.py b/api/python/quilt3/admin/_graphql_client/delete_user.py new file mode 100644 index 00000000000..57db3e41924 --- /dev/null +++ b/api/python/quilt3/admin/_graphql_client/delete_user.py @@ -0,0 +1,47 @@ +# Generated by ariadne-codegen +# Source: queries.graphql + +from typing import Literal, Optional, Union + +from pydantic import Field + +from .base_model import BaseModel +from .fragments import InvalidInputSelection, OperationErrorSelection + + +class DeleteUser(BaseModel): + admin: "DeleteUserAdmin" + + +class DeleteUserAdmin(BaseModel): + user: "DeleteUserAdminUser" + + +class DeleteUserAdminUser(BaseModel): + mutate: Optional["DeleteUserAdminUserMutate"] + + +class DeleteUserAdminUserMutate(BaseModel): + delete: Union[ + "DeleteUserAdminUserMutateDeleteOk", + "DeleteUserAdminUserMutateDeleteInvalidInput", + "DeleteUserAdminUserMutateDeleteOperationError", + ] = Field(discriminator="typename__") + + +class DeleteUserAdminUserMutateDeleteOk(BaseModel): + typename__: Literal["Ok"] = Field(alias="__typename") + + +class DeleteUserAdminUserMutateDeleteInvalidInput(InvalidInputSelection): + typename__: Literal["InvalidInput"] = Field(alias="__typename") + + +class DeleteUserAdminUserMutateDeleteOperationError(OperationErrorSelection): + typename__: Literal["OperationError"] = Field(alias="__typename") + + +DeleteUser.model_rebuild() +DeleteUserAdmin.model_rebuild() +DeleteUserAdminUser.model_rebuild() +DeleteUserAdminUserMutate.model_rebuild() diff --git a/api/python/quilt3/adminql/_graphql_client/enums.py b/api/python/quilt3/admin/_graphql_client/enums.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/enums.py rename to api/python/quilt3/admin/_graphql_client/enums.py diff --git a/api/python/quilt3/adminql/_graphql_client/exceptions.py b/api/python/quilt3/admin/_graphql_client/exceptions.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/exceptions.py rename to api/python/quilt3/admin/_graphql_client/exceptions.py diff --git a/api/python/quilt3/adminql/_graphql_client/fragments.py b/api/python/quilt3/admin/_graphql_client/fragments.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/fragments.py rename to api/python/quilt3/admin/_graphql_client/fragments.py diff --git a/api/python/quilt3/adminql/_graphql_client/get_role.py b/api/python/quilt3/admin/_graphql_client/get_role.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/get_role.py rename to api/python/quilt3/admin/_graphql_client/get_role.py diff --git a/api/python/quilt3/adminql/_graphql_client/get_roles.py b/api/python/quilt3/admin/_graphql_client/get_roles.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/get_roles.py rename to api/python/quilt3/admin/_graphql_client/get_roles.py diff --git a/api/python/quilt3/adminql/_graphql_client/get_user.py b/api/python/quilt3/admin/_graphql_client/get_user.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/get_user.py rename to api/python/quilt3/admin/_graphql_client/get_user.py diff --git a/api/python/quilt3/adminql/_graphql_client/get_users.py b/api/python/quilt3/admin/_graphql_client/get_users.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/get_users.py rename to api/python/quilt3/admin/_graphql_client/get_users.py diff --git a/api/python/quilt3/adminql/_graphql_client/input_types.py b/api/python/quilt3/admin/_graphql_client/input_types.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/input_types.py rename to api/python/quilt3/admin/_graphql_client/input_types.py diff --git a/api/python/quilt3/adminql/_graphql_client/remove_roles.py b/api/python/quilt3/admin/_graphql_client/remove_roles.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/remove_roles.py rename to api/python/quilt3/admin/_graphql_client/remove_roles.py diff --git a/api/python/quilt3/adminql/_graphql_client/set_role.py b/api/python/quilt3/admin/_graphql_client/set_role.py similarity index 100% rename from api/python/quilt3/adminql/_graphql_client/set_role.py rename to api/python/quilt3/admin/_graphql_client/set_role.py diff --git a/docs/api-reference/Admin.md b/docs/api-reference/Admin.md index 9f6183c3c0b..74363c65ead 100644 --- a/docs/api-reference/Admin.md +++ b/docs/api-reference/Admin.md @@ -2,28 +2,75 @@ # quilt3.admin APIs for Quilt administrators. 'Registry' refers to Quilt stack backend services, including identity management. -## create\_user(\*, username: str, email: str) {#create\_user} +## get\_user(name: str) -> quilt3.admin.\_graphql\_client.get\_user.GetUserAdminUserGet {#get\_user} + +Get a specific user from the registry. + +__Arguments__ + +* __name__: Username of user to get. + + +## get\_users() -> List[quilt3.admin.\_graphql\_client.get\_users.GetUsersAdminUserList] {#get\_users} + +Get a list of all users in the registry. + + +## create\_user(name: str, email: str, role: str, extra\_roles: Optional[List[str]] = None) -> None {#create\_user} Create a new user in the registry. -Required parameters: - username (str): Username of user to create. - email (str): Email of user to create. +__Arguments__ + +* __name__: Username of user to create. +* __email__: Email of user to create. +* __role__: Active role of the user. +* __extra_roles__: Additional roles to assign to the user. -## delete\_user(\*, username: str) {#delete\_user} +## delete\_user(name: str) -> None {#delete\_user} Delete user from the registry. -Required parameters: - username (str): Username of user to delete. +__Arguments__ + +* __name__: Username of user to delete. + + +## get\_roles() -> List[Union[quilt3.admin.\_graphql\_client.get\_roles.GetRolesRolesUnmanagedRole, quilt3.admin.\_graphql\_client.get\_roles.GetRolesRolesManagedRole]] {#get\_roles} + +Get a list of all roles in the registry. + + +## set\_role(name: str, role: str, extra\_roles: Union[List[str], NoneType, quilt3.admin.\_graphql\_client.base\_model.UnsetType] = , \*, append: bool = False) -> None {#set\_role} + +Set the active and extra roles for a user. + +__Arguments__ + +* __name__: Username of user to update. +* __role__: Role to be set as the active role. +* __extra_roles__: Additional roles to assign to the user. +* __append__: If True, append the extra roles to the existing roles. If False, replace the existing roles. + + +## add\_roles(name: str, roles: List[str]) -> None {#add\_roles} + +Add roles to a user. + +__Arguments__ + +* __name__: Username of user to update. +* __roles__: Roles to add to the user. + +## remove\_roles(name: str, roles: List[str], fallback: Union[str, NoneType, quilt3.admin.\_graphql\_client.base\_model.UnsetType] = ) -> None {#remove\_roles} -## set\_role(\*, username: str, role\_name: Optional[str]) {#set\_role} +Remove roles from a user. -Set the named Quilt role for a user. +__Arguments__ -Required parameters: - username (str): Username of user to update. - role_name (str): Quilt role name assign to the user. Set a `None` value to unassign the role. +* __name__: Username of user to update. +* __roles__: Roles to remove from the user. +* __fallback__: If set, the role to assign to the user if the active role is removed.