Refactor to use async database model
This commit is contained in:
@ -3,7 +3,7 @@
|
||||
from collections.abc import Sequence
|
||||
from fastapi import Request
|
||||
from sqlalchemy import select
|
||||
from sqlalchemy.orm import Session
|
||||
from sqlalchemy.ext.asyncio import AsyncSession
|
||||
|
||||
from .models import AuditLog, Client, ClientSecret, ClientAccessPolicy, Operation, SubSystem
|
||||
|
||||
@ -17,8 +17,8 @@ def _get_origin(request: Request) -> str | None:
|
||||
return origin
|
||||
|
||||
|
||||
def _write_audit_log(
|
||||
session: Session, request: Request, entry: AuditLog, commit: bool = True
|
||||
async def _write_audit_log(
|
||||
session: AsyncSession, request: Request, entry: AuditLog, commit: bool = True
|
||||
) -> None:
|
||||
"""Write the audit log."""
|
||||
origin = _get_origin(request)
|
||||
@ -26,11 +26,11 @@ def _write_audit_log(
|
||||
entry.subsystem = SubSystem.BACKEND
|
||||
session.add(entry)
|
||||
if commit:
|
||||
session.commit()
|
||||
await session.commit()
|
||||
|
||||
|
||||
def audit_create_client(
|
||||
session: Session, request: Request, client: Client, commit: bool = True
|
||||
async def audit_create_client(
|
||||
session: AsyncSession, request: Request, client: Client, commit: bool = True
|
||||
) -> None:
|
||||
"""Log the creation of a client."""
|
||||
entry = AuditLog(
|
||||
@ -39,11 +39,11 @@ def audit_create_client(
|
||||
client_name=client.name,
|
||||
message="Client Created",
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_delete_client(
|
||||
session: Session, request: Request, client: Client, commit: bool = True
|
||||
async def audit_delete_client(
|
||||
session: AsyncSession, request: Request, client: Client, commit: bool = True
|
||||
) -> None:
|
||||
"""Log the creation of a client."""
|
||||
entry = AuditLog(
|
||||
@ -52,11 +52,11 @@ def audit_delete_client(
|
||||
client_name=client.name,
|
||||
message="Client deleted",
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_create_secret(
|
||||
session: Session,
|
||||
async def audit_create_secret(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
secret: ClientSecret,
|
||||
@ -71,11 +71,11 @@ def audit_create_secret(
|
||||
client_name=client.name,
|
||||
message="Added secret to client",
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_remove_policy(
|
||||
session: Session,
|
||||
async def audit_remove_policy(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
policy: ClientAccessPolicy,
|
||||
@ -90,11 +90,11 @@ def audit_remove_policy(
|
||||
message="Deleted client policy",
|
||||
data=data,
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_update_policy(
|
||||
session: Session,
|
||||
async def audit_update_policy(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
policy: ClientAccessPolicy,
|
||||
@ -109,11 +109,11 @@ def audit_update_policy(
|
||||
message="Updated client policy",
|
||||
data=data,
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_update_client(
|
||||
session: Session,
|
||||
async def audit_update_client(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
commit: bool = True,
|
||||
@ -125,11 +125,11 @@ def audit_update_client(
|
||||
client_name=client.name,
|
||||
message="Client data updated",
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_update_secret(
|
||||
session: Session,
|
||||
async def audit_update_secret(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
secret: ClientSecret,
|
||||
@ -144,11 +144,11 @@ def audit_update_secret(
|
||||
secret_id=secret.id,
|
||||
message="Secret value updated",
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_invalidate_secrets(
|
||||
session: Session,
|
||||
async def audit_invalidate_secrets(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
commit: bool = True,
|
||||
@ -160,11 +160,11 @@ def audit_invalidate_secrets(
|
||||
client_id=client.id,
|
||||
message="Client public-key changed. All secrets invalidated.",
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_delete_secret(
|
||||
session: Session,
|
||||
async def audit_delete_secret(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
secret: ClientSecret,
|
||||
@ -179,11 +179,11 @@ def audit_delete_secret(
|
||||
client_id=client.id,
|
||||
message="Secret removed from client",
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
def audit_access_secrets(
|
||||
session: Session,
|
||||
async def audit_access_secrets(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
secrets: Sequence[ClientSecret] | None = None,
|
||||
@ -194,19 +194,20 @@ def audit_access_secrets(
|
||||
With no secrets provided, all secrets of the client will be resolved.
|
||||
"""
|
||||
if not secrets:
|
||||
secrets = session.scalars(
|
||||
secrets_q = await session.scalars(
|
||||
select(ClientSecret).where(ClientSecret.client_id == client.id)
|
||||
).all()
|
||||
)
|
||||
secrets = secrets_q.all()
|
||||
|
||||
for secret in secrets:
|
||||
audit_access_secret(session, request, client, secret, False)
|
||||
await audit_access_secret(session, request, client, secret, False)
|
||||
|
||||
if commit:
|
||||
session.commit()
|
||||
await session.commit()
|
||||
|
||||
|
||||
def audit_access_secret(
|
||||
session: Session,
|
||||
async def audit_access_secret(
|
||||
session: AsyncSession,
|
||||
request: Request,
|
||||
client: Client,
|
||||
secret: ClientSecret,
|
||||
@ -221,15 +222,15 @@ def audit_access_secret(
|
||||
client_id=client.id,
|
||||
client_name=client.name,
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
def audit_client_secret_list(
|
||||
session: Session, request: Request, commit: bool = True
|
||||
async def audit_client_secret_list(
|
||||
session: AsyncSession, request: Request, commit: bool = True
|
||||
) -> None:
|
||||
"""Audit a list of all secrets."""
|
||||
entry = AuditLog(
|
||||
operation=Operation.READ,
|
||||
message="All secret names and their clients was viewed",
|
||||
)
|
||||
_write_audit_log(session, request, entry, commit)
|
||||
await _write_audit_log(session, request, entry, commit)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user