dal.models package

Submodules

dal.models.acl module

Developers:

Manuel Silva (manuel.silva@mov.ai) - 2020
Telmo Martinho (telmo.martinho@mov.ai) - 2020

class dal.models.acl.ACLManager(user)

Bases: object

Acl class to manage users and roles permissions

get_acl() → object: Setup ACL for the current user role and user resources

static get_permissions() → Dict: :returns dict with available resources & permissions

static get_resources() → List: :returns list with available resources

static get_roles() → Dict

Returns dict with available roles.

Returns:: a dict with all availabe roles in the system.
Return type:: Dict

log = <Logger ACLManager (INFO)>

class dal.models.acl.ApplicationsType(value)

Bases: Enum

An enumeration.

AdminBoard = 'AdminBoard'

FleetBoard = 'FleetBoard'

IDE = 'mov-fe-app-ide'

Launcher = 'mov-fe-app-launcher'

TaskManager = 'mov-fe-app-taskmanager'

class dal.models.acl.NewACLManager(user)

Bases: ACLManager

This class is Replacing ACLManger for BaseUser objects.

get_acl() → Acl

Setup ACL for the current user role.

Returns:: the object which holds the access list for the user.
Return type:: Acl

static get_permissions() → Dict[str, List[str]]

Get all available permissions

Returns:: Available resources and permissions

static get_resources() → List: :returns list with available resources

class dal.models.acl.ResourceType(value)

Bases: Enum

An enumeration.

AclObject = 'AclObject'

Alert = 'Alert'

Annotation = 'Annotation'

Application = 'Application'

Applications = 'Applications'

Callback = 'Callback'

Configuration = 'Configuration'

Flow = 'Flow'

Form = 'Form'

GraphicScene = 'GraphicScene'

InternalUser = 'InternalUser'

Layout = 'Layout'

LdapConfig = 'LdapConfig'

Node = 'Node'

Package = 'Package'

RemoteUser = 'RemoteUser'

Role = 'Role'

SharedDataEntry = 'SharedDataEntry'

SharedDataTemplate = 'SharedDataTemplate'

StateMachine = 'StateMachine'

TaskEntry = 'TaskEntry'

TaskTemplate = 'TaskTemplate'

Translation = 'Translation'

dal.models.aclobject module

class dal.models.aclobject.AclGroup(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: AclObject

classmethod create(group: dict) → AclObject

creates a new user entry in the access list, if one already exists it update the current record and returns a refernece to it.

Args: domain_name (str): the name of the domain which the user belongs to. roles - a list of roles to associate the user with. super_user - denotes if the user has super user permissions. read_only - denotes if the user has a read only access.

Raises:: AclObjectAlreadyExist - if an object with the same name already – exist in DB.
Returns:: An AclObject object.
Return type:: (AclObject)

classmethod list_group_names(domain_name: str) → list

lists all the groups in the specified domain.

Args: domain_name (str): the name of the domain which the user belongs to.

Returns:: containing all the groups in the domain.
Return type:: list

class dal.models.aclobject.AclObject(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

This class represents an access list for remote users. Each record in the access list is actually a user that is allowed to login. The name of each record is in the form “account_name@domain_name”.

property account_name: str

returns the account name of AclObject.

Returns:: the account name (e.g: “johns”)
Return type:: (str)

classmethod check_parameters(obj_dict: dict)

This functions validates that a dictionary contain all required fields to create an AclObject.

Parameters:: obj_dict (dict) – the dictionary containing all the parameters.
Raises:: AclObjectError – if one of the required parameters is missing.

property common_name: str

returns the common name of AclObject.

Returns:: the common name (e.g: “John Smith”)
Return type:: (str)

convert_object_to_dict() → dict: display all the user attributes as defined in AclObject scheme.

classmethod create(domain_name: str, account_name: str, common_name: str, object_type: str, identifier: str, roles: list, read_only: bool = False, super_user: bool = False, send_report: bool = False) → Model

creates a new user entry in the access list, if one already exists it update the current record and returns a refernece to it.

Args: domain_name (str): the name of the domain which the user belongs to. roles - a list of roles to associate the user with. super_user - denotes if the user has super user permissions. read_only - denotes if the user has a read only access.

Raises:: AclObjectAlreadyExist - if an object with the same name already – exist in DB.
Returns:: An AclObject object.
Return type:: (AclObject)

display_info() → None: display all the user attributes as defined in AclObject scheme.

property domain_name: str

returns the domain name of AclObject.

Returns:: the domain name (e.g: “example.com”)
Return type:: (str)

classmethod get_account_name(principal_name: str) → str

extract account name from principal name.

Args: principal_name (str): the name in the form “account_name@domain_name”.

Returns:: the account name (e.g: “johns”)
Return type:: str

classmethod get_domain_name(principal_name: str) → str

extract domain name from principal.

Args: principal_name (str): the name in the form “account_name@domain_name”.

Returns:: the domain name (e.g: “example.com”)
Return type:: str

classmethod get_object_by_name(domain_name: str, account_name: str) → Model

Looks for an AclObject record with the specified name and returns a reference of it.

Args: domain_name (str): the name of the domain which the object belongs to. account_name (str): the name of the AclObject to get a reference for.

Returns:: an object represents the the AclObject record, None otherwise.
Return type:: AclGRoup

property identifier: str

returns the identifier of the AclObject.

Returns:: the identifier (e.g: “s-234-34563…”)
Return type:: (str)

classmethod is_exist(domain_name: str, account_name) → bool

This funtion checks if an object with a specific name already exist.

Parameters:: object_name (_type_) – The ref name of the object to check.
Returns:: True if exist, False otherwise.
Return type:: bool

property last_update: float

returns the last time object was updated in UTM.

Returns:: the last time object was updated in UTM.
Return type:: (timedelta)

classmethod list_object_names(domain_name: str, object_type: str) → list

lists all the object of specific type in a specified domain.

Args: domain_name (str): the name of the domain which the user belongs to. type (str): the type of the object (user or group)

Returns:: containing all the objects conforms to domain and type.
Return type:: list

mandatory_parameters = {'AccountName', 'CommonName', 'DomainName', 'ID', 'Roles'}

max_attr_length = 100

property object_type: str

returns the object type of AclObject.

Returns:: the object type (e.g: user)
Return type:: (str)

property principal_name: str

build principal name -> “account_name@domain_name

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user.

Returns:: the name in the form account_name@domain_name
Return type:: str

property read_only: bool

returns the read only flag of the AclObject.

Returns:: the read only flag.
Return type:: (bool)

classmethod remove(domain_name: str, account_name: str, id: str)

removes an AclObject recored from access list

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user to remove.

Returns:: True if user got removed, False if user was not found.
Return type:: bool

remove_role(role_name: str) → None

Removes a Role from a specific object

Parameters:: role_name (str) – The name of the role to remove.

classmethod remove_roles_from_all_objects(role_name: str) → set

Looks for AclObjects with the specified Role, if it finds any it removes the role from their attributes.

Parameters:: role_name (str) – The name of the Role to remove.
Returns:: containg all the objects affected by the change.
Return type:: set

property roles: List[str]

This funtion returns the corresponding role of the user.

Returns:: a Role object or None if it not found.
Return type:: List[Model, None]

property send_report: bool

returns the send report flag of the AclObject.

Returns:: the send report flag.
Return type:: (bool)

property super_user: bool

returns the super user flag of the user.

Returns:: the super user flag.
Return type:: (bool)

update(obj_dict: dict) → None

This function sets attributes for an AclObject

Parameters:

roles (str) – the roles of the object
read_only (bool, optional) – specify if the object has read only permissions. Defaults to False.
super_user (bool, optional) – specify if the object has super user permissions. Defaults to False.
send_report (bool, optional) – specify if the object can send reports. Defaults to False.

Raises:

AclObjectIDMismatch - if AclObject update has failed. –

class dal.models.aclobject.AclUser(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: AclObject

classmethod create(user: dict) → AclObject

creates a new user entry in the access list, if one already exists it update the current record and returns a refernece to it.

Args: domain_name (str): the name of the domain which the user belongs to. roles - a list of roles to associate the user with. super_user - denotes if the user has super user permissions. read_only - denotes if the user has a read only access.

Raises:: AclObjectAlreadyExist - if an object with the same name already – exist in DB.
Returns:: An AclObject object.
Return type:: (AclObject)

classmethod list_user_names(domain_name: str) → list

lists all the users in the specified domain.

Args: domain_name (str): the name of the domain which the user belongs to.

Returns:: containing all the users in the domain.
Return type:: list

dal.models.application module

Developers: - Tiago Teixeira (tiago.teixeira@mov.ai) - 2020

Application Model

class dal.models.application.Application(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Application Model

dal.models.baseuser module

Developers: - Erez Zomer (erez@mov.ai) - 2022

class dal.models.baseuser.BaseUser(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

The BaseUser is the base class for user methods, so that RemoteUser and InternalUser can share the same interface.

property account_name: str

returns the account name of base user.

Returns:: the account name (e.g: “johns”)
Return type:: (str)

property common_name: str

returns the common name of base user.

Returns:: the common name (e.g: “John Smith”)
Return type:: (str)

classmethod create(domain_name: str, account_name: str, common_name: str, user_type: str, roles: list, email: str = '', super_user: bool = False, read_only: bool = False, send_report: bool = False, language: str = 'en') → Model

Create a new BaseUser

Parameters:

domain (Str) – the name of the domain the base user represents.
username (str) – the name of the base user to create.
common_name – (str): a display name for the new user.
type – (str): the type of user (INTERNAL, LDAP, PAM).
roles – (list): list of roles which are associated with the user.
email – (str): the email address of the user.
super_user (bool) – a flag which represents if the user is super user.
read_only (bool) – a flag which represents if the user has read only permissions.
send_report (bool) – a flag which represents if the user is allowed to send reports.
language (str) – the language of the user interface for the user.

Raises:

ValueError – if domain_name or account_name aren’t of type str.
ValueError – if account_name is empty string.
ValueError – if supplied roles are not in a list format.

Returns:

a refererance to the BaseUser object that was created.

Return type:

(BaseUser)

property domain_name: str

returns the domain name of base user.

Returns:: the domain name (e.g: “example.com”)
Return type:: (str)

property email: str

returns the email of the base user.

Returns:: the email address (e.g: “johns@example.com”)
Return type:: (str)

get_effective_permissions() → Dict[str, List[str]]

classmethod get_user_by_name(domain_name: str, account_name: str) → BaseUser

returns a reference of a User, if not exist returns None

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user.

Returns:: (Model) - the user record with the corresponding account_name

classmethod get_user_by_principal_name(principal_name: str) → BaseUser

returns a reference of a User, if not exist returns None

Args: principal_name (str): account@domain format.

Returns:: (Model) - the user record with the corresponding account_name

classmethod has_any_user_with_role(role_name: str) → bool

Checks if role is applied to any user

Args: role_name (str): the name of the role being searched.

Returns:: whether any user has the role.
Return type:: (bool)

has_permission(resource_name: str, permission_name: str, object_name: str = '', skip_superuser: bool = False) → bool

Check user permission to a specific resource.

Parameters:

resource_name (str) – The name of the resource (capitalize as class name e.g: Flow, RemoteUser…)
permission_name (str) – the name of the permission (example: read, update)
skip_superuser (bool, optional) – waether to ignore the superuser attribute or not. Defaults to False.

Returns:

True if the user has permission, False otherwise.

Return type:

bool

has_scope_permission(user, permission) → bool: check if user has scope permission

classmethod is_exist(domain_name: str, account_name: str)

checks if an object with the specified domain and account name already exists.

Parameters:

domain_name (str) – the domain name of the user
account_name (str) – the account name of the user

Returns:

True if exists, False otherwise.

Return type:

bool

property language: str

returns the language of the base user.

Returns:: the language (e.g., “en”, “fr”).
Return type:: (str)

property last_update: float

returns the last time object was updated in UTM.

Returns:: the last time object was updated in UTM.
Return type:: (timedelta)

classmethod list_users(domain_name: str) → List[str]

lists all the base user fora specified domain

Args: domain_name (str): the name of the domain which the user belongs to.

Returns:: containing all the BaseUser defined in the system for the requested domain.
Return type:: (list)

max_attr_length = 100

property principal_name: str

build principal name -> “account_name@domain_name

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user.

Returns:: the name in the form account_name@domain_name
Return type:: str

property read_only: bool

returns the read only flag of the base user.

Returns:: the read only flag.
Return type:: (bool)

classmethod remove(domain_name: str, account_name: str) → None

removes a User record from DB

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user to remove.

Returns:: True if user got removed, False if user was not found.
Return type:: (bool)

remove_role(role_name: str) → None

Removes a Role from a specific object

Parameters:: role_name (str) – The name of the role to remove.

classmethod remove_role_from_all_users(role_name: str) → Set[str]

Looks for users with the specified Role, if it finds any it removes the role from their attributes.

Parameters:: role_name (str) – The name of the Role to remove.
Returns:: containg all the users affected by the change.
Return type:: set

property roles: List[str]

This funtion returns the corresponding role of the user.

Returns:: a Role object or None if it not found.
Return type:: Union[Model, None]

property send_report: bool

returns the send report flag of the base user.

Returns:: the send report flag.
Return type:: (bool)

set_acl(): sets the AClManager as an internal attribute.

property super_user: bool

returns the super user flag of the user.

Returns:: the super user flag.
Return type:: (bool)

update(user_params: dict)

This function updates a corresponding object’s attributes.

Parameters:: user_params (dict) – a dictionary with the required fields that needs an update.
Raises:: InvalidStructure – in case non of fields sent are part of the InternalUser model.

update_keys = {'CommonName', 'Email', 'Language', 'ReadOnly', 'Roles', 'SendReport', 'SuperUser'}

user_can_edit_internaluser(_: str) → bool

Checks if the user can edit the given object.

False by default, can be overridden in subclasses.

property user_type: str

returns the type of the base user.

Returns:: the type (LDAP, PAM)
Return type:: (str)

dal.models.callback module

Developers: - Tiago Teixeira (tiago.teixeira@mov.ai) - 2020

Callback Model

class dal.models.callback.Callback(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Callback Model

static export_modules(jump_over_modules=None) → None

Get modules and save them to db (System)

this takes about 4 seconds to run

and prints a LOT of stuff to the terminal

currently (14-10 on spawner) uses about 19kb of memory (?) :param jump_over_modules: the list of modules not to expand :type jump_over_modules: list

static fetch_modules_api() → Dict: to be called from rest api

static get_full_modules() → Dict: get get full dict of modules

static get_methods(module: str) → Dict: get methods of module

static get_modules() → List: Get list of modules

has_permission(user: Any, permission: Any, app_name: str) → bool: Needs implementation

is_valid() → bool: returns true

remove(force: bool = False) → Dict: This doesn’t make sense here anymore

template_depends(force: bool = False) → Dict: get all the objects that depend on this callback

dal.models.configuration module

Developers: - Manuel Silva (manuel.silva@mov.ai) - 2020 - Moawiya Mograni (moawiya@mov.ai) - 2023

class dal.models.configuration.Configuration(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Provides xml or yaml configuration

get_param(param: str) → any: Returns the configuration value of a key in the format param.subparam.subsubparam

get_value(cached=True) → dict: Returns a dictionary with the configuration values

class dal.models.configuration.ConfigurationCache(*args, **kwargs)

Bases: object

clean_config_cache()

yaml_load(config_name, yaml_str)

dal.models.container module

Developers: - Manuel Silva (manuel.silva@mov.ai) - 2020

class dal.models.container.Container(name: str)

Bases: ScopeObjectNode

A container represents a flow in another flow (aka subflow)

ContainerFlow: str

ContainerLabel: str

property flow: Flow: Returns the parent flow instance (Flow)

get_node_inst(key: str): Returns a node instance (NodeInst) inside the flow represented by the container

get_param(key: str, name: str | None = None, context: str | None = None, custom_parser: Any | None = None, default_value: Any | None = None) → Any: Returns a specific parameter of the container after parsing it

get_params(name: str | None = None) → dict: Returns all the parameters

property parser: Get the parser (GParser) from the parent

property subflow: Flow: Returns the flow instance (Flow) represented by the container

dal.models.flow module

Developers: - Alexandre Pires (alexandre.pires@mov.ai) - 2020 - Manuel Silva (manuel.silva@mov.ai) - 2020

class dal.models.flow.Flow(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

A Flow

Container: Dict[str, Container]

Links: DictNode['ObjectNode' | 'PropertyNode']

NodeInst: Dict[str, NodeInst]

filter_by_port(fnport, lnport)

property full: FlowOutput: Returns the data from the main flow and all subflows

get_container(name: str, context: str | None = None): Returns an instance of Container

get_dict(data: FlowOutput | None = None, prefix: str | None = None, prev_flows: list | None = None) → FlowOutput

Aggregate data from the main flow and subflows Returns a dictionary with the following format {

“NodeInst”: {
{ <node instance name with parents prefix>: {“ref”: <ref to node_inst instance>}

} “Links”: {

{<link id w/ parents prefix>: {“From”: <link w/ prefix>, “To”: <link w/ prefix>}}

}

}

get_lifecycle_nodes() → list: List of Ros2 Lifecycle Nodes

get_node(node_inst_name: str) → Node: Returns an instance of Node (template)

get_node_dependencies(node_name: str, dependencies_collected: list | None = None, links_to_skip: list | None = None, skip_parent_node: str | None = None, first_level_only: bool = False) → list: Get node dependencies recursively

get_node_inst(name: str) → NodeInst: Returns a node instance from full flow (subflows included)

get_node_inst_param(name: str, key: str, context: str | None = None) → Any: Returns the node instance parameter

get_node_params(node_name: str, context: str | None = None) → dict: Returns the parameters of the node instance

get_node_plugins(node_inst: str) → set: Return NodeInst(s) plugins linked to node_inst

get_node_transitions(node_inst: str, port_name: str | None = None) → set: Returns a list of nodes to transit to

get_nodelet_manager(node_inst: str) → str: Returns nodelet manager name

get_param(key: str, context: str | None = None, is_subflow: bool = False) → Any: Returns a parameter of the flow after parsing it

get_start_nodes() → list: Returns all node instances with a link to the START node

property graph: GFlow: Get or create an instance of the graph generator

property parser: ParamParser: Get or create and instance of the parser

property remaps: dict: Get remaps from the graph instance

class dal.models.flow.FlowOutput(NodeInst: ~typing.Dict[str, NodeInst] = <factory>, Links: ~typing.Dict[str, LinkDict] = <factory>)

Bases: object

Return format by get_dict()

Links: Dict[str, LinkDict]

NodeInst: Dict[str, NodeInst]

class dal.models.flow.LinkDict(*args, **kwargs)

Bases: dict

Represents a link between two ports

Dependency: int

From: str

To: str

dal.models.flowlinks module

Developers: - Alexandre Pires (alexandre.pires@mov.ai) - 2020

class dal.models.flowlinks.FlowLinks(name: str, value: str)

Bases: ScopePropertyNode

A link in the flow

LINK_REGEX = '^([~@a-zA-Z_0-9-]+)([\\/])([\\/~@a-zA-Z_0-9]+)+([\\/])([~@a-zA-Z_0-9]+)$'

add(source_node: str, source_port: str, target_node: str, target_port: str, source_type: str = '', target_type: str = '') → tuple: Add a new link

count() → int: Return number of links (only main flow)

delete(link_id: str) → bool: Delete a new link in the main flow

property flow: Returns an instance (Flow) of the flow

property full: dict: Return all links in the flow and subflows

get_link(key: str) → Template: Return link by ID (only main flow)

get_node_links(node_name: str) → list: Returns the node instance links in the flow and subflows

ids() → list: Return ids of the links in the main flow

items() → dict: return link data

dal.models.form module

Developers: - Tiago Teixeira (tiago.teixeira@mov.ai) - 2020

Form Model

class dal.models.form.Form(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Form Model

dal.models.internaluser module

Developers: - Erez Zomer (erez@mov.ai) - 2022

class dal.models.internaluser.InternalUser(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: BaseUser

This class represents the internal user object as record in the DB.

change_password(current_password: str, new_password: str, confirm_password: str) → None

Changes a user password

Args: current_password (str): old password. new_password (str): new password. confirm_password (str): confirm password.

Exceptions: ValueError - if supplied password aren’t in the correct type (string). PasswordError - if current password could not be verified. PasswordError - if new password and confirmed password do not match. PasswordComplexityError - if new password does not comply complexity

requirements.

Returns:: True if password reset succeeded.
Return type:: (bool)

classmethod convert_user(old_user: User) → Model

This function convert users from the old User type to the new InternalUser format.

Parameters:: old_user (User) – The user to convert
Returns:: The newly created user.
Return type:: Model

classmethod create(account_name: str, password: str, roles: list, common_name: str = '', email: str = '', super_user: bool = False, read_only: bool = False, send_report: bool = False, language: str = 'en') → BaseUser

Creates a new internal user

Parameters:

account_name (str) – the name of the user to create (can not be empty).
password (str) – the password for the corresponding user (can not be empty).

Returns:

the user object created.

Return type:

obj (User)

hash_password(password: str) → None

This function uses sha256 algorithm to store a password in a secured way.

Parameters:: password (str) – the password to hash.
Returns:: the hash of the password
Return type:: str

min_password_length = 8

property password: bytes: returns the value of the password attribute.

classmethod remove(account_name: str) → None

removes an BaseUser record from DB

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user to remove.

reset_password(new_password: str, confirm_password: str) → None

Resets a user password without requiring current password.

Args: new_password (str): the new password to set for the user. confirm_password (str): confirm new password.

Exceptions: ValueError - if supplied password aren’t of the correct type (string). PasswordError - if new password and confirmed password do not match. PasswordComplexityError - if new password does not comply complexity

requirements.

Returns:: True if password reset succeeded.
Return type:: (bool)

secure = <movai_core_shared.core.securepassword.SecurePassword object>

user_can_edit_internaluser(object_name: str) → bool

Checks if the user can edit the given object.

Users can edit their own InternalUser object.

Parameters:: object_name (str) – The name of the object to check.
Returns:: True if the user can edit the object, False otherwise.
Return type:: bool

verify_password(password: str) → bool

Verify a password against an hash

Parameters:: password (str) – the password of the user.
Raises:: ValueError – if Password attribute is not defined on the user object.
Returns:: True if password validation succeeds, False otherwise.
Return type:: bool

dal.models.ldapconfig module

class dal.models.ldapconfig.LdapConfig(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

This class represents an ldap configuration saved in the DB. The name of the configuratin will be the same as the domain

property bind_username: str

returns the bind user name in the user_name@domain_name format.

Returns:: the bind user name.
Return type:: str

convert_to_dict() → dict

convert the object to dictionary representation.

Returns:: a dictionary with fields as defined in scheme.
Return type:: (dict)

classmethod create(ldap_parameters: dict) → Model

creates a new configuration entry in the DB, returns a reference object

Args: ldap_parameters (dict) - a dictionary with the following keys:

PrimaryHost (str): name or ip of server. PrimaryPort (int): port number. SecondaryHost (str): name or ip of server (str) SecondaryPort (int): port number. SSLVersion (str): use ssl definition (for example: ssl.PROTOCOL_TLSv1_2). Username (str): the user who will be used to query LDAP server. Password (str): password for the user. DomainName (str): FQDN (like exmaple.com), this name will be used to identify the config. UsersDN (str): the location in the LDAP tree to look for users (“cn=users,dc=example,dc=com”). GroupsDN (str): the location in the LDAP tree to look for groups.

Raises:

LdapConfigMissingParameter - if there critiacal parameter missing – in the dictionary.
ValueError - if 'domain_name' key does not exist –
AlreadyExist - if configuration name already in use. –

Returns:

an object refence to the config on DB.

Return type:

(LdapConfig)

property domain_name: str

property to represent domain name attribute.

Returns:: the name of the domain of the LDAP servers.
Return type:: str

classmethod get_config_by_name(config_name) → Model

This function find an LdapConfig object with a predefined name. and raises an exception if it couldn’t find one. :param config_name: the name of the configuration, usually it’s

the same as the domain name.

Raises:: LdapConfigDoesNotExist – in case the configuration object couldn’t be found.
Returns:: An LdapConfig object
Return type:: Model

property groups_dn: str

property to represent organizational unit to look for groups inside LDAP servers.

Returns:: the disntinguished name of the organizational unit.
Return type:: str

classmethod is_exist(config_name: str) → bool

This funtion checks if an object with a specific name already exist.

Parameters:: object_name (_type_) – The ref name of the object to check.
Returns:: True if exist, False otherwise.
Return type:: bool

property last_validated: str

property to represent organizational unit to look for groups inside LDAP servers.

Returns:: The last time a successful validation happened.
Return type:: str

classmethod list_config_names() → list

lists the names of the current object exist in the system.

Returns:: a list with the names of all available configurations.
Return type:: list

mandatory_parameters = ('DomainName', 'PrimaryHost', 'PrimaryPort', 'Username', 'Password', 'UsersDN', 'GroupsDN')

property password: str

property to represent password attribute.

Returns:

the pasword of the user authenticate with LDAP: servers.

Return type:

str

property primary_host: str

property to represent primary host attribute.

Returns:: ip or host name of the primary host.
Return type:: str

property primary_port: int

property to represent primary port attribute.

Returns:: ip or host name of the primary port.
Return type:: int

classmethod remove(config_name: str) → None

This function removes a configuration from DB.

Parameters:: config_name (str) – The name of the configuration.

property secondary_host: str

property to represent secondary host attribute.

Returns:: ip or host name of the secondary host.
Return type:: str

property secondary_port: int

property to represent secondary port attribute.

Returns:: ip or host name of the secondary port.
Return type:: int

set_attributes(ldap_parameters: dict) → None

sets the parameters for config attributes

Parameters:: ldap_parameters (dict) – a dictionary with the relevant values to set.

property ssl_version: int

property to represent ssl version attribute.

Returns:

a number representing the version of ssl version: as defined in ldap3 library.

Return type:

int

update(ldap_parameters: dict) → None

update an existing configuration entry in the DB.

Args: ldap_parameters (dict) - a dictionary with the following keys:

primary_host (str): name or ip of server. primary_port (int): port number. secondary_host (str): name or ip of server (str) secondary_port (int): port number. ssl_version (str): use ssl definition (for example: ssl.PROTOCOL_TLSv1_2). username (str): the user who will be used to query LDAP server. password (str): password for the user. domain_name (str): FQDN (like exmaple.com), this name will be used to identify the config. users_dn (str): the location in the LDAP tree to look for users (“cn=users,dc=example,dc=com”). groups_dn (str): the location in the LDAP tree to look for groups.

Raises:

ValueError - if 'domain_name' key does not exist. –
DoesNotExist - if configuration name not found in DB. –

update_validation(status: bool) → None

This function is called after configuration validation is executed. if the validation succeeds it updates the last_validated field with current time.

Parameters:: status (bool) – The status of the configuration validation.

property username: str

property to represent username attribute.

Returns:

the name of the user to authenticate with LDAP: servers.

Return type:

str

property users_dn: str

property to represent organizational unit to look for users inside LDAP servers.

Returns:: the disntinguished name of the organizational unit.
Return type:: str

property validation_status: bool

property to represent if the config was validated

Returns:: True in case it was validated, False otherwise.
Return type:: bool

dal.models.lock module

Developers: - Manuel Silva (manuel.silva@mov.ai) - 2020 - Tiago Paulino (tiago@mov.ai) - 2020 - Moawiya Mograbi (moawiya@mov.ai) - 2021

Module for users to use locks with redis

class dal.models.lock.Lock(name: str, scope: str = 'global', *, timeout: float = 0, queue_level: int | None = None, blocking_timeout: float = 0, alive_timeout: float = 5000, _robot_name: str | None = None, _node_name: str = 'test_node', persistent: bool = False, reacquire: bool = False)

Bases: object

Used to acquire and release locks.

A lock is in essence the following redis keys:

Lock:<name>,Value: (string) - always created
Lock:<name>,Queue: (sorted set) - created if queue_level is not None
Lock:<name>,Alive: (sorted set) - created if queue_level is not None

_name

Name of the key to lock

Type:: str

scope

The lock scope, global or local

Type:: str

timeout

Time after which the lock is freed

Type:: float

blocking_timeout: Time in seconds to spend trying to acquire the lock

queue_level

Priority level (1-5) to be added to the queue, if None it is not queued

Type:: int, optional

persistent

If true, lock persists after the flow is stopped

Type:: bool

DEFAULT_LOCK_TIMEOUT = 90

DEFAULT_MAX_RETRIES = 3

HEARTBEAT_FREQ_FACTOR = 0.25

HEARTBEAT_MIN_TIMEOUT = 1

acquire(blocking=None) → bool

Acquires the lock. :param blocking: Whether calling acquire blocks until

the lock has been acquired or if fails immediately

Returns: True, succeeded to acquire

classmethod disable_heartbeat(name, **_): Disable Lock heartbeat by removing it from enabled_locks heartbeat thread will automatically end

async classmethod enable_heartbeat(**kwargs): Create a thread to continuously keep Lock heartbeat

enabled_locks = []

extend(additional_time: float) → bool: Adds more time to an already acquired lock.

inspect(): Returns the current queue and lock holder

is_owned(): Returns if the lock is owned.

reacquire() → bool: Resets the timeout of an already acquired lock back to a timeout value.

release() → bool

Releases the already acquired lock.

Returns:: False if lock not owned

send_lock_cmd(): Send spawner a command to enable heartbeat

send_unlock_cmd(): Send spawner a command to disable heartbeat

async th_reacquire(): Thread to keep Lock heartbeat Thread will exit when Lock is not in enabled_locks anymore

dal.models.message module

Developers: - Tiago Teixeira (tiago.teixeira@mov.ai) - 2020

Message Model

class dal.models.message.Message(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Message Model implementation

use Deprecated one instead

static export_portdata(db='global') → Dict: Store all messages, by type, on db

static fetch_portdata_api(db='local') → Dict: Retrieve data from database

static fetch_portdata_messages() → Dict: Get all messages and services available for callbacks

static get_all(db='global') → Dict[str, List]: Get a map of package -> messages from all packages

static get_msgs(package: str, msg_type: str = 'all', db: str = 'global') → List: Get a list of all messages inside a package, filtered by msg_type

static get_packages(msg_type: str = 'all', db: str = 'global') → List: Get a list of all packages containing messages of type msg_type

static get_structure(message: str) → Dict: Gives the full structure of a message fiven ‘package/message’ input

is_valid(): Returns True

dal.models.model module

Developers: - Alexandre Pires (alexandre.pires@mov.ai) - 2020

class dal.models.model.Model(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: ScopeInstanceVersionNode, ABC

The base class of a model in mov.ai, a model is an entity with 2 parts defined, the attributes are through a schema and methods are python classes implementation.

This class support relations, for that the model class must provide a class attribute called __RELATIONS__, this attribute is a dictonary with the following structure: {

“schemas/<schema version>/<scope>/<attr>”{
“schema_version” : <target schema version>, “scope” : <target scope>

}

}

static get_forward_relations_definition(scope: str): Return the relations for a scope

classmethod get_object_by_name(name: str) → any

returns a reference of an object

Args: principal_name (str): account@domain format.

Returns:: (Model) - the user record with the corresponding account_name

static get_relations(**kwargs): Get all related objects for the specified scope, the method first try to request the physical layer for this list, if it fails then fallback to the default one with is much more expensive and should be avoided

static get_relations_definition(scope: str): Return the relations for a scope

classmethod is_exist(obj_name: str) → bool

classmethod list_objects_names() → List[str]

log = <Logger dal.models.model (INFO)>

static register_model_class(scope: str, cls: type): Register a model class, this allows for the user to register custom models for scopes

relations(depth=0, search_filter=None): return the current model relations, the method first try to request the physical layer for this list, if it fails then fallback to the default one with is much more expensive and should be avoided

set_acl()

track_object(username: str) → None: update the LastUpdate field in the Model entry with current time.

update_time() → None: update the LastUpdate field in the Model entry with current time.

dal.models.node module

Developers: - Alexandre Pires (alexandre.pires@mov.ai) - 2020 - Manuel Silva (manuel.silva@mov.ai) - 2020

class dal.models.node.Node(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Provides the default configuration to launch a GD_Node

get_params() → dict: Return a dict with all parameters in the format <parameter name>: <Parameter.Value> (Parameter format is {key:{Value: <value>, Description: <value>}})

get_port(port_inst: str): Returns an instance (Ports) of the port instance template

property is_node_to_launch: bool: Returns True if it should be launched

property is_nodelet: bool: Returns True if the node is of type Nodelet

property is_persistent: bool: Returns True if it persists on state transitions

property is_plugin: bool: Returns True if the node is of type plugin

property is_remappable: bool: Returns True if the ports are allowed to remap

property is_state: bool: Returns True if the node is of type State

dal.models.nodeinst module

Developers: - Alexandre Pires (alexandre.pires@mov.ai) - 2020 - Manuel Sila (manuel.silva@mov.ai) - 2020

class dal.models.nodeinst.NodeInst(name: str)

Bases: ScopeObjectNode

A node instance

Remappable: bool

property all: dict: Get all node instances from the full flow

property flow: Flow: Returns the flow (Flow)

get_param(key: str, name: str | None = None, context: str | None = None, custom_parser: Any | None = None) → Any: Returns a specific parameter of the node instance after parsing it

get_params(name: str | None = None, context: str | None = None) → dict: Returns all the parameters

property is_dummy: bool: Returns True if the node is configured as Dummy

property is_node_to_launch: bool: Returns True if it should be launched

property is_nodelet: bool: Returns True if the node is of type Nodelet

property is_persistent: bool: Returns True if it persists on state transitions

property is_plugin: bool: Returns True if the node is of type plugin

property is_remappable: bool: Returns True if the ports are allowed to remap

property is_state: bool: Returns True if the node is of type state

logger = <Logger NodeInst.mov.ai (INFO)>

property namespace: str: Returns the value from the parameter _namespace

property node_template: Node: return the current template for this node instance

property parser: Get the parser from the parent (GParser)

property type: str: Returns the type of the node

dal.models.package module

Developers: - Tiago Teixeira (tiago.teixeira@mov.ai) - 2020

Package Model

class dal.models.package.Package(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Currently disabled, use deprecated one instead

add(*args, **kwargs): This shouldn’t be needed in the new API

static dump(package: str, file_name: str, path_to: str) → Tuple[bool, str, str]: Dump a file to storage

dump_file(file_name: str, path_to: str) → Tuple[bool, str, str]: Dump a file to storage

file_exists(file_name: str, path_to: str) → str: Check existing file against computed checksum

get_checksum(file_name: str) → str: Get file’s checksum

static get_file_checksum(file_path: str) → str: Calculates a file’s checksum

static get_or_create(package_name: str) → Model: Tries to get a package, creates it if doesn’t exist

is_checksum_valid(file_name: str, checksum: str) → bool: Check checksum

dal.models.ports module

Developers: - Tiago Teixeira (tiago.teixeira@mov.ai) - 2020

Ports Model

class dal.models.ports.Ports(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Provides the configuration of a port

is_nodelet_client() → bool: Returns True if the port is a nodelet client

is_nodelet_server() → bool: Returns True if the port is a nodelet server

is_transition(port_type: str, port_name: str) → bool: Check if a port is of type transition

dal.models.remoteuser module

Developers: - Erez Zomer (erez@mov.ai) - 2022

class dal.models.remoteuser.RemoteUser(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: BaseUser

This class represents the remote user object as record in the DB.

dal.models.role module

Developers: - Tiago Teixeira (tiago.teixeira@mov.ai) - 2020

Role Model (only of name)

class dal.models.role.Role(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Role Model (only of name)

DEPLOYER_RESOURCES = {'AclObject': ['read'], 'Alert': ['create', 'read', 'update', 'delete'], 'Annotation': ['create', 'read', 'update', 'delete'], 'Applications': ['AdminBoard', 'FleetBoard', 'mov-fe-app-ide', 'mov-fe-app-launcher', 'mov-fe-app-taskmanager'], 'Callback': ['create', 'read', 'update', 'delete'], 'Configuration': ['read'], 'Flow': ['create', 'read', 'update', 'delete'], 'GraphicScene': ['create', 'read', 'update', 'delete'], 'InternalUser': ['read'], 'Layout': ['create', 'read', 'update', 'delete'], 'Node': ['create', 'read', 'update', 'delete'], 'Package': ['create', 'read', 'update', 'delete'], 'Role': ['read'], 'SharedDataEntry': ['create', 'read', 'update', 'delete'], 'SharedDataTemplate': ['create', 'read', 'update', 'delete'], 'TaskEntry': ['create', 'read', 'update', 'delete'], 'TaskTemplate': ['create', 'read', 'update', 'delete'], 'Translation': ['create', 'read', 'update', 'delete']}

OPERATOR_RESOURCES = {'Applications': ['FleetBoard', 'mov-fe-app-launcher'], 'GraphicScene': ['read']}

classmethod create(name: str, resources: Dict[str, List[str]]) → Role

create a new Role object in DB

Parameters:

name (str) – The name of the Role
resources (Dict) – resources permissions map

Returns:

The created Role object

Return type:

Role

Raises:

RoleAlreadyExist – in case a Role with that name already exist.

classmethod create_default_roles(): Create default roles: Admin, Deployer, Operator

static list_roles_names() → list

Retunns a list with all Roles exist in the system.

Returns:: containing the name of the current Roles.
Return type:: list

classmethod remove(name: str) → None

Removes a Role from DB.

Parameters:

name (str) – The name of the Role to remove

Raises:

RoleDoesNotExist – In case there is no Role with that name.
RoleError – if the role cannot be deleted for some reason.

classmethod set_role_resources(role: str, resources: Dict[str, List[str]])

Set role resources.

Parameters:

role (str) – The name of the Role to set resources for.
resources (Dict[str, List[str]]) – A dictionary mapping resource names to their permissions.

update(resources: Dict) → None: Update role data

dal.models.scopestree module

Developers: - Alexandre Pires (alexandre.pires@mov.ai) - 2020

class dal.models.scopestree.ScopeAttributeDeserializer(schema: TreeNode)

Bases: ObjectDeserializer

Deserializer through a dict and convert to a tree

deserialize(root: TreeNode, data: dict): Abstract method to run the data deserializer

property schema: Get the schema for this attribute

class dal.models.scopestree.ScopeAttributeSerializer(schema: TreeNode)

Bases: ObjectSerializer

Deserializer through a dict and convert to a tree

property schema: Get the schema for this attribute

serialize(root: TreeNode): Abstract method to run the data serializer

class dal.models.scopestree.ScopeDictNode(name)

Bases: DictNode, SerializableObject

Implements a scope instance node, a scope is an mov.ai object a Callback, a Flow or a Node, an instance is the actual object that contains the data

create(key: str, data: dict | None = None) → ObjectNode: Create a new entry for key with an optional initial value as dict, serialized into an ScopeObjectNode. Returns the newly created attribute

delete(key): Removes an element from this dict

property name: return attribute name

property node_type: the node type

property path: get the tree path

property schema: the scope schema

property scope: the scope name

serialize(**kwargs): serialize this Scope object

class dal.models.scopestree.ScopeInstanceNode(ref: str)

Bases: DictNode, WorkspaceObject

Implements a scope instance node, a scope is an mov.ai object a Callback, a Flow or a Node, an instance is the actual object that contains the data, each instance might have multiple versions

property node_type: the node type

property path: get the tree path

property ref: returns this instance reference

property scope: the scope name

property workspace: the object workspace

class dal.models.scopestree.ScopeInstanceVersionNode(name: str)

Bases: ObjectNode, VersionObject, WorkspaceObject, PersistentObject, ABC

This class represents a instance version, the instance version is the object that actually contains the data

add(attr, key, **kwargs): Add a new dict attribute, this function, maintains compatibility with the old API

delete(**kwargs): Write this object to the database

property node_type: the node type

property ref: this object reference

property schema: the scope schema

property schema_version: the scope schema version

property scope: the scope name

serialize(**_): serialize this Scope object

set_acl()

property version: The current version

property workspace: str | None: the object workspace

write(**kwargs): Write this object to the database

class dal.models.scopestree.ScopeNode(scope: str)

Bases: DictNode, WorkspaceObject

Implements a scope node, a scope is an mov.ai object for instance a Callback, a Flow or a Node

property node_type: the node type

property path: get the tree path

static register_scope_class(scope: str, cls: type): Override a scope class, this will overried the class used to create a ScopeInstanceVersionNode

static register_scope_object(schema_path: str, cls: type): Override a scope class, this will overried the class used to create a ScopeInstanceVersionNode

static register_scope_property(schema_path: str, cls: type): Override a scope class, this will overried the class used to create a ScopeInstanceVersionNode

property scope: the scope name

property workspace: the object workspace

class dal.models.scopestree.ScopeObjectNode(name: str)

Bases: ObjectNode, SerializableObject, ABC

Implements a scope instance node, a scope is an mov.ai object a Callback, a Flow or a Node, an instance is the actual object that contains the data

property schema: the scope schema

property scope: the scope name

serialize(**kwargs): serialize this Scope object

class dal.models.scopestree.ScopePropertyNode(name: str, value: str)

Bases: PropertyNode, SerializableObject

Represents a property node in a scope tree

property schema: the scope schema

property scope: the scope name

serialize(**kwargs): serialize this Scope object

class dal.models.scopestree.ScopeWorkspace(workspace: str, plugin, readonly: bool = False)

Bases: WorkspaceNode

This class represents a workspace with scopes

create(scope: str, ref: str, version='__UNVERSIONED__', overwrite: bool = False): create a new scope

delete(data: object, **kwargs): Override the default delete method to also unload the document from this scopes tree

list_scopes(**kwargs): List all scopes in this workspace pass scope parameter to filter by scope, default ‘*’ (all)

list_versions(scope: str, ref: str): List all versions of a specific scope

property path: get the tree path

rebuild_indexes(): force indexes rebuild inside the workspace

unload(**kwargs): Unload the cached data on this workspace

unload_all(): Unload all the cached data in this workspace

class dal.models.scopestree.ScopesTree(*args, **kwargs)

Bases: CallableNode

A scopes tree is an interface to access the stored data in mov.ai

backup(path: str, **kwargs): Read a document from a specified path

static extract_reference(path, **kwargs): Convert a path into workspace, scope, ref, version

from_path(path: str, **kwargs)

Read a document from a specified path

Parameters:: path (str) – the path to read from
Raises:: ValueError – in case invalid path recieved.
Returns:: a Model Object representing the entitiy requested
Return type:: Model

property node_type: the node type

property path: get the tree path

read_from_path(path: str, **kwargs): Read a document from a specified path

reference_regexes = ['^(git)/([a-zA-Z0-9_.-]+[:/][a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+)/([/a-zA-Z0-9_.-]+)/([a-zA-Z0-9_.-]+)$', '^([a-zA-Z0-9-_.]+)/([a-zA-Z0-9_.]+)/([a-zA-Z0-9_.-]+[/a-zA-Z0-9_.-]*)/([a-zA-Z0-9_.]+)$', '^([a-zA-Z0-9-_.]+)/([a-zA-Z0-9_.]+)/([a-zA-Z0-9_.-]+)/([/a-zA-Z0-9_.]+)$', '^([a-zA-Z0-9-_.]+)/([a-zA-Z0-9_.]+)/([a-zA-Z0-9_.-]+)$']

restore(path: str, **kwargs): Read a document from a specified path

dal.models.system module

Developers: - Tiago Teixeira (tiago.teixeira@mov.ai) - 2020

System Model

class dal.models.system.System(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

System Model

use deprecated instead

dal.models.user module

Developers: - Dor Marcous (Dor@mov.ai) - 2021

User Model

class dal.models.user.User(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

This class represents the user object as record in the DB, it handles all operations required for user: authentication, token generation and so..

classmethod create(username: str, password: str) → Model

Creates a new user

Parameters:

username (str) – the name of the user to create (can not be empty)
password (str) – the password for the corresponding user (can not be empty).

Returns:

the user object created.

Return type:

obj (User)

create_id(): Create hash id for user

get_permission(resource_name: str) → List

This function returns a list of resource permissions for a the user.

Parameters:: resource_name (str) – the name of the resource which permissions are requested.
Returns:: a list of a given permission for this resource.
Return type:: List

get_refresh_token(): Generate refresh token

get_token(): Generate authentication token

classmethod get_user_by_name(username: str) → Model

returns a reference of a User, if not exist returns None

Args: username - the name of the User to get a reference for

Returns:: (User) - the user record with the corresponding username

has_permission(resource_name: str, permission_name: str, skip_superuser: bool = False) → bool: Check if user has permission

has_scope_permission(user, permission) → bool: check if user has scope permission

static hash_password(password: str) → str

This function uses sha256 algorithm to store a password secured.

Parameters:: password (str) – the password to hash.
Returns:: the hash of the password
Return type:: str

classmethod reset(username: str, pw_current: str, pw_new: str, pw_newc: str, validate: bool = True) → bool

Resets a user password

Args: pw_current (str): old password. pw_new (str): new password. pw_newc (str): confirm password. validate (bool): confirm current password before setting the

new password.

Exceptions: ValueError - if new password and confirmed password do not mathc. ValueError - if new password is an empty string. ValueError - if user does not exist.

Returns:: True if password reset succeeded, False otherwise.
Return type:: (bool)

property role: Model | None

This funtion returns the corresponding role of the user.

Returns:: a Role object or None if it not found.
Return type:: Union[Model, None]

set_acl(): sets the AClManager as an internal attribute.

user_permissions() → Dict: Get dict of the user permissions

verify_password(password: str) → bool

Verify a password against an hash

Parameters:: password (str) – the password of the user.
Raises:: ValueError – if Password attribute is not defined on the user object.
Returns:: True if password validation succeeds, False otherwise.
Return type:: bool

classmethod verify_token(token)

This function validates that the token sent by client us valid for the corresponding user.

Parameters:

token ([type]) – the token to verify

Raises:

ValueError – if token has expired
ValueError – if decoding has failed.
ValueError – if the token is invalid.

Returns:

the token data after being decoded.

Return type:

[type]

dal.models.var module

Developers: - Manuel Silva (manuel.silva@mov.ai) - 2020 - Tiago Paulino (tiago@mov.ai) - 2020

class dal.models.var.Var(scope: str = 'Node', _robot_name='', _node_name='', _port_name='')

Bases: object

Class for user to write and read vars

delete(name): Same as delattr

static delete_all(scope: str = 'Node', _robot_name='', _node_name='', _port_name=''): Delete all variables of a certain scope

get(name): Same as getattr

set(name, value, expire: float | None = None): Same as setattr

Module contents

Developers: - Moawiya Mograbi (moawiya@mov.ai) - 2022

class dal.models.ACLManager(user)

Bases: object

Acl class to manage users and roles permissions

get_acl() → object: Setup ACL for the current user role and user resources

static get_permissions() → Dict: :returns dict with available resources & permissions

static get_resources() → List: :returns list with available resources

static get_roles() → Dict

Returns dict with available roles.

Returns:: a dict with all availabe roles in the system.
Return type:: Dict

log = <Logger ACLManager (INFO)>

class dal.models.AclObject(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

This class represents an access list for remote users. Each record in the access list is actually a user that is allowed to login. The name of each record is in the form “account_name@domain_name”.

property account_name: str

returns the account name of AclObject.

Returns:: the account name (e.g: “johns”)
Return type:: (str)

classmethod check_parameters(obj_dict: dict)

This functions validates that a dictionary contain all required fields to create an AclObject.

Parameters:: obj_dict (dict) – the dictionary containing all the parameters.
Raises:: AclObjectError – if one of the required parameters is missing.

property common_name: str

returns the common name of AclObject.

Returns:: the common name (e.g: “John Smith”)
Return type:: (str)

convert_object_to_dict() → dict: display all the user attributes as defined in AclObject scheme.

classmethod create(domain_name: str, account_name: str, common_name: str, object_type: str, identifier: str, roles: list, read_only: bool = False, super_user: bool = False, send_report: bool = False) → Model

creates a new user entry in the access list, if one already exists it update the current record and returns a refernece to it.

Args: domain_name (str): the name of the domain which the user belongs to. roles - a list of roles to associate the user with. super_user - denotes if the user has super user permissions. read_only - denotes if the user has a read only access.

Raises:: AclObjectAlreadyExist - if an object with the same name already – exist in DB.
Returns:: An AclObject object.
Return type:: (AclObject)

display_info() → None: display all the user attributes as defined in AclObject scheme.

property domain_name: str

returns the domain name of AclObject.

Returns:: the domain name (e.g: “example.com”)
Return type:: (str)

classmethod get_account_name(principal_name: str) → str

extract account name from principal name.

Args: principal_name (str): the name in the form “account_name@domain_name”.

Returns:: the account name (e.g: “johns”)
Return type:: str

classmethod get_domain_name(principal_name: str) → str

extract domain name from principal.

Args: principal_name (str): the name in the form “account_name@domain_name”.

Returns:: the domain name (e.g: “example.com”)
Return type:: str

classmethod get_object_by_name(domain_name: str, account_name: str) → Model

Looks for an AclObject record with the specified name and returns a reference of it.

Args: domain_name (str): the name of the domain which the object belongs to. account_name (str): the name of the AclObject to get a reference for.

Returns:: an object represents the the AclObject record, None otherwise.
Return type:: AclGRoup

property identifier: str

returns the identifier of the AclObject.

Returns:: the identifier (e.g: “s-234-34563…”)
Return type:: (str)

classmethod is_exist(domain_name: str, account_name) → bool

This funtion checks if an object with a specific name already exist.

Parameters:: object_name (_type_) – The ref name of the object to check.
Returns:: True if exist, False otherwise.
Return type:: bool

property last_update: float

returns the last time object was updated in UTM.

Returns:: the last time object was updated in UTM.
Return type:: (timedelta)

classmethod list_object_names(domain_name: str, object_type: str) → list

lists all the object of specific type in a specified domain.

Args: domain_name (str): the name of the domain which the user belongs to. type (str): the type of the object (user or group)

Returns:: containing all the objects conforms to domain and type.
Return type:: list

mandatory_parameters = {'AccountName', 'CommonName', 'DomainName', 'ID', 'Roles'}

max_attr_length = 100

property object_type: str

returns the object type of AclObject.

Returns:: the object type (e.g: user)
Return type:: (str)

property principal_name: str

build principal name -> “account_name@domain_name

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user.

Returns:: the name in the form account_name@domain_name
Return type:: str

property read_only: bool

returns the read only flag of the AclObject.

Returns:: the read only flag.
Return type:: (bool)

classmethod remove(domain_name: str, account_name: str, id: str)

removes an AclObject recored from access list

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user to remove.

Returns:: True if user got removed, False if user was not found.
Return type:: bool

remove_role(role_name: str) → None

Removes a Role from a specific object

Parameters:: role_name (str) – The name of the role to remove.

classmethod remove_roles_from_all_objects(role_name: str) → set

Looks for AclObjects with the specified Role, if it finds any it removes the role from their attributes.

Parameters:: role_name (str) – The name of the Role to remove.
Returns:: containg all the objects affected by the change.
Return type:: set

property roles: List[str]

This funtion returns the corresponding role of the user.

Returns:: a Role object or None if it not found.
Return type:: List[Model, None]

property send_report: bool

returns the send report flag of the AclObject.

Returns:: the send report flag.
Return type:: (bool)

property super_user: bool

returns the super user flag of the user.

Returns:: the super user flag.
Return type:: (bool)

update(obj_dict: dict) → None

This function sets attributes for an AclObject

Parameters:

roles (str) – the roles of the object
read_only (bool, optional) – specify if the object has read only permissions. Defaults to False.
super_user (bool, optional) – specify if the object has super user permissions. Defaults to False.
send_report (bool, optional) – specify if the object can send reports. Defaults to False.

Raises:

AclObjectIDMismatch - if AclObject update has failed. –

class dal.models.Application(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Application Model

class dal.models.BaseUser(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

The BaseUser is the base class for user methods, so that RemoteUser and InternalUser can share the same interface.

property account_name: str

returns the account name of base user.

Returns:: the account name (e.g: “johns”)
Return type:: (str)

property common_name: str

returns the common name of base user.

Returns:: the common name (e.g: “John Smith”)
Return type:: (str)

classmethod create(domain_name: str, account_name: str, common_name: str, user_type: str, roles: list, email: str = '', super_user: bool = False, read_only: bool = False, send_report: bool = False, language: str = 'en') → Model

Create a new BaseUser

Parameters:

domain (Str) – the name of the domain the base user represents.
username (str) – the name of the base user to create.
common_name – (str): a display name for the new user.
type – (str): the type of user (INTERNAL, LDAP, PAM).
roles – (list): list of roles which are associated with the user.
email – (str): the email address of the user.
super_user (bool) – a flag which represents if the user is super user.
read_only (bool) – a flag which represents if the user has read only permissions.
send_report (bool) – a flag which represents if the user is allowed to send reports.
language (str) – the language of the user interface for the user.

Raises:

ValueError – if domain_name or account_name aren’t of type str.
ValueError – if account_name is empty string.
ValueError – if supplied roles are not in a list format.

Returns:

a refererance to the BaseUser object that was created.

Return type:

(BaseUser)

property domain_name: str

returns the domain name of base user.

Returns:: the domain name (e.g: “example.com”)
Return type:: (str)

property email: str

returns the email of the base user.

Returns:: the email address (e.g: “johns@example.com”)
Return type:: (str)

get_effective_permissions() → Dict[str, List[str]]

classmethod get_user_by_name(domain_name: str, account_name: str) → BaseUser

returns a reference of a User, if not exist returns None

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user.

Returns:: (Model) - the user record with the corresponding account_name

classmethod get_user_by_principal_name(principal_name: str) → BaseUser

returns a reference of a User, if not exist returns None

Args: principal_name (str): account@domain format.

Returns:: (Model) - the user record with the corresponding account_name

classmethod has_any_user_with_role(role_name: str) → bool

Checks if role is applied to any user

Args: role_name (str): the name of the role being searched.

Returns:: whether any user has the role.
Return type:: (bool)

has_permission(resource_name: str, permission_name: str, object_name: str = '', skip_superuser: bool = False) → bool

Check user permission to a specific resource.

Parameters:

resource_name (str) – The name of the resource (capitalize as class name e.g: Flow, RemoteUser…)
permission_name (str) – the name of the permission (example: read, update)
skip_superuser (bool, optional) – waether to ignore the superuser attribute or not. Defaults to False.

Returns:

True if the user has permission, False otherwise.

Return type:

bool

has_scope_permission(user, permission) → bool: check if user has scope permission

classmethod is_exist(domain_name: str, account_name: str)

checks if an object with the specified domain and account name already exists.

Parameters:

domain_name (str) – the domain name of the user
account_name (str) – the account name of the user

Returns:

True if exists, False otherwise.

Return type:

bool

property language: str

returns the language of the base user.

Returns:: the language (e.g., “en”, “fr”).
Return type:: (str)

property last_update: float

returns the last time object was updated in UTM.

Returns:: the last time object was updated in UTM.
Return type:: (timedelta)

classmethod list_users(domain_name: str) → List[str]

lists all the base user fora specified domain

Args: domain_name (str): the name of the domain which the user belongs to.

Returns:: containing all the BaseUser defined in the system for the requested domain.
Return type:: (list)

max_attr_length = 100

property principal_name: str

build principal name -> “account_name@domain_name

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user.

Returns:: the name in the form account_name@domain_name
Return type:: str

property read_only: bool

returns the read only flag of the base user.

Returns:: the read only flag.
Return type:: (bool)

classmethod remove(domain_name: str, account_name: str) → None

removes a User record from DB

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user to remove.

Returns:: True if user got removed, False if user was not found.
Return type:: (bool)

remove_role(role_name: str) → None

Removes a Role from a specific object

Parameters:: role_name (str) – The name of the role to remove.

classmethod remove_role_from_all_users(role_name: str) → Set[str]

Looks for users with the specified Role, if it finds any it removes the role from their attributes.

Parameters:: role_name (str) – The name of the Role to remove.
Returns:: containg all the users affected by the change.
Return type:: set

property roles: List[str]

This funtion returns the corresponding role of the user.

Returns:: a Role object or None if it not found.
Return type:: Union[Model, None]

property send_report: bool

returns the send report flag of the base user.

Returns:: the send report flag.
Return type:: (bool)

set_acl(): sets the AClManager as an internal attribute.

property super_user: bool

returns the super user flag of the user.

Returns:: the super user flag.
Return type:: (bool)

update(user_params: dict)

This function updates a corresponding object’s attributes.

Parameters:: user_params (dict) – a dictionary with the required fields that needs an update.
Raises:: InvalidStructure – in case non of fields sent are part of the InternalUser model.

update_keys = {'CommonName', 'Email', 'Language', 'ReadOnly', 'Roles', 'SendReport', 'SuperUser'}

user_can_edit_internaluser(_: str) → bool

Checks if the user can edit the given object.

False by default, can be overridden in subclasses.

property user_type: str

returns the type of the base user.

Returns:: the type (LDAP, PAM)
Return type:: (str)

class dal.models.Callback(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Callback Model

static export_modules(jump_over_modules=None) → None

Get modules and save them to db (System)

this takes about 4 seconds to run

and prints a LOT of stuff to the terminal

currently (14-10 on spawner) uses about 19kb of memory (?) :param jump_over_modules: the list of modules not to expand :type jump_over_modules: list

static fetch_modules_api() → Dict: to be called from rest api

static get_full_modules() → Dict: get get full dict of modules

static get_methods(module: str) → Dict: get methods of module

static get_modules() → List: Get list of modules

has_permission(user: Any, permission: Any, app_name: str) → bool: Needs implementation

is_valid() → bool: returns true

remove(force: bool = False) → Dict: This doesn’t make sense here anymore

template_depends(force: bool = False) → Dict: get all the objects that depend on this callback

class dal.models.Configuration(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Provides xml or yaml configuration

get_param(param: str) → any: Returns the configuration value of a key in the format param.subparam.subsubparam

get_value(cached=True) → dict: Returns a dictionary with the configuration values

class dal.models.Container(name: str)

Bases: ScopeObjectNode

A container represents a flow in another flow (aka subflow)

ContainerFlow: str

ContainerLabel: str

property flow: Flow: Returns the parent flow instance (Flow)

get_node_inst(key: str): Returns a node instance (NodeInst) inside the flow represented by the container

get_param(key: str, name: str | None = None, context: str | None = None, custom_parser: Any | None = None, default_value: Any | None = None) → Any: Returns a specific parameter of the container after parsing it

get_params(name: str | None = None) → dict: Returns all the parameters

property parser: Get the parser (GParser) from the parent

property subflow: Flow: Returns the flow instance (Flow) represented by the container

class dal.models.Flow(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

A Flow

Container: Dict[str, Container]

Links: DictNode['ObjectNode' | 'PropertyNode']

NodeInst: Dict[str, NodeInst]

filter_by_port(fnport, lnport)

property full: FlowOutput: Returns the data from the main flow and all subflows

get_container(name: str, context: str | None = None): Returns an instance of Container

get_dict(data: FlowOutput | None = None, prefix: str | None = None, prev_flows: list | None = None) → FlowOutput

Aggregate data from the main flow and subflows Returns a dictionary with the following format {

“NodeInst”: {
{ <node instance name with parents prefix>: {“ref”: <ref to node_inst instance>}

} “Links”: {

{<link id w/ parents prefix>: {“From”: <link w/ prefix>, “To”: <link w/ prefix>}}

}

}

get_lifecycle_nodes() → list: List of Ros2 Lifecycle Nodes

get_node(node_inst_name: str) → Node: Returns an instance of Node (template)

get_node_dependencies(node_name: str, dependencies_collected: list | None = None, links_to_skip: list | None = None, skip_parent_node: str | None = None, first_level_only: bool = False) → list: Get node dependencies recursively

get_node_inst(name: str) → NodeInst: Returns a node instance from full flow (subflows included)

get_node_inst_param(name: str, key: str, context: str | None = None) → Any: Returns the node instance parameter

get_node_params(node_name: str, context: str | None = None) → dict: Returns the parameters of the node instance

get_node_plugins(node_inst: str) → set: Return NodeInst(s) plugins linked to node_inst

get_node_transitions(node_inst: str, port_name: str | None = None) → set: Returns a list of nodes to transit to

get_nodelet_manager(node_inst: str) → str: Returns nodelet manager name

get_param(key: str, context: str | None = None, is_subflow: bool = False) → Any: Returns a parameter of the flow after parsing it

get_start_nodes() → list: Returns all node instances with a link to the START node

property graph: GFlow: Get or create an instance of the graph generator

property parser: ParamParser: Get or create and instance of the parser

property remaps: dict: Get remaps from the graph instance

class dal.models.FlowLinks(name: str, value: str)

Bases: ScopePropertyNode

A link in the flow

LINK_REGEX = '^([~@a-zA-Z_0-9-]+)([\\/])([\\/~@a-zA-Z_0-9]+)+([\\/])([~@a-zA-Z_0-9]+)$'

add(source_node: str, source_port: str, target_node: str, target_port: str, source_type: str = '', target_type: str = '') → tuple: Add a new link

count() → int: Return number of links (only main flow)

delete(link_id: str) → bool: Delete a new link in the main flow

property flow: Returns an instance (Flow) of the flow

property full: dict: Return all links in the flow and subflows

get_link(key: str) → Template: Return link by ID (only main flow)

get_node_links(node_name: str) → list: Returns the node instance links in the flow and subflows

ids() → list: Return ids of the links in the main flow

items() → dict: return link data

class dal.models.Form(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Form Model

class dal.models.InternalUser(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: BaseUser

This class represents the internal user object as record in the DB.

change_password(current_password: str, new_password: str, confirm_password: str) → None

Changes a user password

Args: current_password (str): old password. new_password (str): new password. confirm_password (str): confirm password.

Exceptions: ValueError - if supplied password aren’t in the correct type (string). PasswordError - if current password could not be verified. PasswordError - if new password and confirmed password do not match. PasswordComplexityError - if new password does not comply complexity

requirements.

Returns:: True if password reset succeeded.
Return type:: (bool)

classmethod convert_user(old_user: User) → Model

This function convert users from the old User type to the new InternalUser format.

Parameters:: old_user (User) – The user to convert
Returns:: The newly created user.
Return type:: Model

classmethod create(account_name: str, password: str, roles: list, common_name: str = '', email: str = '', super_user: bool = False, read_only: bool = False, send_report: bool = False, language: str = 'en') → BaseUser

Creates a new internal user

Parameters:

account_name (str) – the name of the user to create (can not be empty).
password (str) – the password for the corresponding user (can not be empty).

Returns:

the user object created.

Return type:

obj (User)

hash_password(password: str) → None

This function uses sha256 algorithm to store a password in a secured way.

Parameters:: password (str) – the password to hash.
Returns:: the hash of the password
Return type:: str

min_password_length = 8

property password: bytes: returns the value of the password attribute.

classmethod remove(account_name: str) → None

removes an BaseUser record from DB

Args: domain_name (str): the name of the domain which the user belongs to. account_name (str): the account name of the user to remove.

reset_password(new_password: str, confirm_password: str) → None

Resets a user password without requiring current password.

Args: new_password (str): the new password to set for the user. confirm_password (str): confirm new password.

Exceptions: ValueError - if supplied password aren’t of the correct type (string). PasswordError - if new password and confirmed password do not match. PasswordComplexityError - if new password does not comply complexity

requirements.

Returns:: True if password reset succeeded.
Return type:: (bool)

secure = <movai_core_shared.core.securepassword.SecurePassword object>

user_can_edit_internaluser(object_name: str) → bool

Checks if the user can edit the given object.

Users can edit their own InternalUser object.

Parameters:: object_name (str) – The name of the object to check.
Returns:: True if the user can edit the object, False otherwise.
Return type:: bool

verify_password(password: str) → bool

Verify a password against an hash

Parameters:: password (str) – the password of the user.
Raises:: ValueError – if Password attribute is not defined on the user object.
Returns:: True if password validation succeeds, False otherwise.
Return type:: bool

class dal.models.LdapConfig(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

This class represents an ldap configuration saved in the DB. The name of the configuratin will be the same as the domain

property bind_username: str

returns the bind user name in the user_name@domain_name format.

Returns:: the bind user name.
Return type:: str

convert_to_dict() → dict

convert the object to dictionary representation.

Returns:: a dictionary with fields as defined in scheme.
Return type:: (dict)

classmethod create(ldap_parameters: dict) → Model

creates a new configuration entry in the DB, returns a reference object

Args: ldap_parameters (dict) - a dictionary with the following keys:

PrimaryHost (str): name or ip of server. PrimaryPort (int): port number. SecondaryHost (str): name or ip of server (str) SecondaryPort (int): port number. SSLVersion (str): use ssl definition (for example: ssl.PROTOCOL_TLSv1_2). Username (str): the user who will be used to query LDAP server. Password (str): password for the user. DomainName (str): FQDN (like exmaple.com), this name will be used to identify the config. UsersDN (str): the location in the LDAP tree to look for users (“cn=users,dc=example,dc=com”). GroupsDN (str): the location in the LDAP tree to look for groups.

Raises:

LdapConfigMissingParameter - if there critiacal parameter missing – in the dictionary.
ValueError - if 'domain_name' key does not exist –
AlreadyExist - if configuration name already in use. –

Returns:

an object refence to the config on DB.

Return type:

(LdapConfig)

property domain_name: str

property to represent domain name attribute.

Returns:: the name of the domain of the LDAP servers.
Return type:: str

classmethod get_config_by_name(config_name) → Model

This function find an LdapConfig object with a predefined name. and raises an exception if it couldn’t find one. :param config_name: the name of the configuration, usually it’s

the same as the domain name.

Raises:: LdapConfigDoesNotExist – in case the configuration object couldn’t be found.
Returns:: An LdapConfig object
Return type:: Model

property groups_dn: str

property to represent organizational unit to look for groups inside LDAP servers.

Returns:: the disntinguished name of the organizational unit.
Return type:: str

classmethod is_exist(config_name: str) → bool

This funtion checks if an object with a specific name already exist.

Parameters:: object_name (_type_) – The ref name of the object to check.
Returns:: True if exist, False otherwise.
Return type:: bool

property last_validated: str

property to represent organizational unit to look for groups inside LDAP servers.

Returns:: The last time a successful validation happened.
Return type:: str

classmethod list_config_names() → list

lists the names of the current object exist in the system.

Returns:: a list with the names of all available configurations.
Return type:: list

mandatory_parameters = ('DomainName', 'PrimaryHost', 'PrimaryPort', 'Username', 'Password', 'UsersDN', 'GroupsDN')

property password: str

property to represent password attribute.

Returns:

the pasword of the user authenticate with LDAP: servers.

Return type:

str

property primary_host: str

property to represent primary host attribute.

Returns:: ip or host name of the primary host.
Return type:: str

property primary_port: int

property to represent primary port attribute.

Returns:: ip or host name of the primary port.
Return type:: int

classmethod remove(config_name: str) → None

This function removes a configuration from DB.

Parameters:: config_name (str) – The name of the configuration.

property secondary_host: str

property to represent secondary host attribute.

Returns:: ip or host name of the secondary host.
Return type:: str

property secondary_port: int

property to represent secondary port attribute.

Returns:: ip or host name of the secondary port.
Return type:: int

set_attributes(ldap_parameters: dict) → None

sets the parameters for config attributes

Parameters:: ldap_parameters (dict) – a dictionary with the relevant values to set.

property ssl_version: int

property to represent ssl version attribute.

Returns:

a number representing the version of ssl version: as defined in ldap3 library.

Return type:

int

update(ldap_parameters: dict) → None

update an existing configuration entry in the DB.

Args: ldap_parameters (dict) - a dictionary with the following keys:

primary_host (str): name or ip of server. primary_port (int): port number. secondary_host (str): name or ip of server (str) secondary_port (int): port number. ssl_version (str): use ssl definition (for example: ssl.PROTOCOL_TLSv1_2). username (str): the user who will be used to query LDAP server. password (str): password for the user. domain_name (str): FQDN (like exmaple.com), this name will be used to identify the config. users_dn (str): the location in the LDAP tree to look for users (“cn=users,dc=example,dc=com”). groups_dn (str): the location in the LDAP tree to look for groups.

Raises:

ValueError - if 'domain_name' key does not exist. –
DoesNotExist - if configuration name not found in DB. –

update_validation(status: bool) → None

This function is called after configuration validation is executed. if the validation succeeds it updates the last_validated field with current time.

Parameters:: status (bool) – The status of the configuration validation.

property username: str

property to represent username attribute.

Returns:

the name of the user to authenticate with LDAP: servers.

Return type:

str

property users_dn: str

property to represent organizational unit to look for users inside LDAP servers.

Returns:: the disntinguished name of the organizational unit.
Return type:: str

property validation_status: bool

property to represent if the config was validated

Returns:: True in case it was validated, False otherwise.
Return type:: bool

class dal.models.Lock(name: str, scope: str = 'global', *, timeout: float = 0, queue_level: int | None = None, blocking_timeout: float = 0, alive_timeout: float = 5000, _robot_name: str | None = None, _node_name: str = 'test_node', persistent: bool = False, reacquire: bool = False)

Bases: object

Used to acquire and release locks.

A lock is in essence the following redis keys:

Lock:<name>,Value: (string) - always created
Lock:<name>,Queue: (sorted set) - created if queue_level is not None
Lock:<name>,Alive: (sorted set) - created if queue_level is not None

_name

Name of the key to lock

Type:: str

scope

The lock scope, global or local

Type:: str

timeout

Time after which the lock is freed

Type:: float

blocking_timeout: Time in seconds to spend trying to acquire the lock

queue_level

Priority level (1-5) to be added to the queue, if None it is not queued

Type:: int, optional

persistent

If true, lock persists after the flow is stopped

Type:: bool

DEFAULT_LOCK_TIMEOUT = 90

DEFAULT_MAX_RETRIES = 3

HEARTBEAT_FREQ_FACTOR = 0.25

HEARTBEAT_MIN_TIMEOUT = 1

acquire(blocking=None) → bool

Acquires the lock. :param blocking: Whether calling acquire blocks until

the lock has been acquired or if fails immediately

Returns: True, succeeded to acquire

classmethod disable_heartbeat(name, **_): Disable Lock heartbeat by removing it from enabled_locks heartbeat thread will automatically end

async classmethod enable_heartbeat(**kwargs): Create a thread to continuously keep Lock heartbeat

enabled_locks = []

extend(additional_time: float) → bool: Adds more time to an already acquired lock.

inspect(): Returns the current queue and lock holder

is_owned(): Returns if the lock is owned.

reacquire() → bool: Resets the timeout of an already acquired lock back to a timeout value.

release() → bool

Releases the already acquired lock.

Returns:: False if lock not owned

send_lock_cmd(): Send spawner a command to enable heartbeat

send_unlock_cmd(): Send spawner a command to disable heartbeat

async th_reacquire(): Thread to keep Lock heartbeat Thread will exit when Lock is not in enabled_locks anymore

class dal.models.Message(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Message Model implementation

use Deprecated one instead

static export_portdata(db='global') → Dict: Store all messages, by type, on db

static fetch_portdata_api(db='local') → Dict: Retrieve data from database

static fetch_portdata_messages() → Dict: Get all messages and services available for callbacks

static get_all(db='global') → Dict[str, List]: Get a map of package -> messages from all packages

static get_msgs(package: str, msg_type: str = 'all', db: str = 'global') → List: Get a list of all messages inside a package, filtered by msg_type

static get_packages(msg_type: str = 'all', db: str = 'global') → List: Get a list of all packages containing messages of type msg_type

static get_structure(message: str) → Dict: Gives the full structure of a message fiven ‘package/message’ input

is_valid(): Returns True

class dal.models.Model(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: ScopeInstanceVersionNode, ABC

The base class of a model in mov.ai, a model is an entity with 2 parts defined, the attributes are through a schema and methods are python classes implementation.

This class support relations, for that the model class must provide a class attribute called __RELATIONS__, this attribute is a dictonary with the following structure: {

“schemas/<schema version>/<scope>/<attr>”{
“schema_version” : <target schema version>, “scope” : <target scope>

}

}

static get_forward_relations_definition(scope: str): Return the relations for a scope

classmethod get_object_by_name(name: str) → any

returns a reference of an object

Args: principal_name (str): account@domain format.

Returns:: (Model) - the user record with the corresponding account_name

static get_relations(**kwargs): Get all related objects for the specified scope, the method first try to request the physical layer for this list, if it fails then fallback to the default one with is much more expensive and should be avoided

static get_relations_definition(scope: str): Return the relations for a scope

classmethod is_exist(obj_name: str) → bool

classmethod list_objects_names() → List[str]

log = <Logger dal.models.model (INFO)>

static register_model_class(scope: str, cls: type): Register a model class, this allows for the user to register custom models for scopes

relations(depth=0, search_filter=None): return the current model relations, the method first try to request the physical layer for this list, if it fails then fallback to the default one with is much more expensive and should be avoided

set_acl()

track_object(username: str) → None: update the LastUpdate field in the Model entry with current time.

update_time() → None: update the LastUpdate field in the Model entry with current time.

class dal.models.NewACLManager(user)

Bases: ACLManager

This class is Replacing ACLManger for BaseUser objects.

get_acl() → Acl

Setup ACL for the current user role.

Returns:: the object which holds the access list for the user.
Return type:: Acl

static get_permissions() → Dict[str, List[str]]

Get all available permissions

Returns:: Available resources and permissions

static get_resources() → List: :returns list with available resources

class dal.models.Node(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Provides the default configuration to launch a GD_Node

get_params() → dict: Return a dict with all parameters in the format <parameter name>: <Parameter.Value> (Parameter format is {key:{Value: <value>, Description: <value>}})

get_port(port_inst: str): Returns an instance (Ports) of the port instance template

property is_node_to_launch: bool: Returns True if it should be launched

property is_nodelet: bool: Returns True if the node is of type Nodelet

property is_persistent: bool: Returns True if it persists on state transitions

property is_plugin: bool: Returns True if the node is of type plugin

property is_remappable: bool: Returns True if the ports are allowed to remap

property is_state: bool: Returns True if the node is of type State

class dal.models.NodeInst(name: str)

Bases: ScopeObjectNode

A node instance

Remappable: bool

property all: dict: Get all node instances from the full flow

property flow: Flow: Returns the flow (Flow)

get_param(key: str, name: str | None = None, context: str | None = None, custom_parser: Any | None = None) → Any: Returns a specific parameter of the node instance after parsing it

get_params(name: str | None = None, context: str | None = None) → dict: Returns all the parameters

property is_dummy: bool: Returns True if the node is configured as Dummy

property is_node_to_launch: bool: Returns True if it should be launched

property is_nodelet: bool: Returns True if the node is of type Nodelet

property is_persistent: bool: Returns True if it persists on state transitions

property is_plugin: bool: Returns True if the node is of type plugin

property is_remappable: bool: Returns True if the ports are allowed to remap

property is_state: bool: Returns True if the node is of type state

logger = <Logger NodeInst.mov.ai (INFO)>

property namespace: str: Returns the value from the parameter _namespace

property node_template: Node: return the current template for this node instance

property parser: Get the parser from the parent (GParser)

property type: str: Returns the type of the node

class dal.models.Package(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Currently disabled, use deprecated one instead

add(*args, **kwargs): This shouldn’t be needed in the new API

static dump(package: str, file_name: str, path_to: str) → Tuple[bool, str, str]: Dump a file to storage

dump_file(file_name: str, path_to: str) → Tuple[bool, str, str]: Dump a file to storage

file_exists(file_name: str, path_to: str) → str: Check existing file against computed checksum

get_checksum(file_name: str) → str: Get file’s checksum

static get_file_checksum(file_path: str) → str: Calculates a file’s checksum

static get_or_create(package_name: str) → Model: Tries to get a package, creates it if doesn’t exist

is_checksum_valid(file_name: str, checksum: str) → bool: Check checksum

class dal.models.Ports(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Provides the configuration of a port

is_nodelet_client() → bool: Returns True if the port is a nodelet client

is_nodelet_server() → bool: Returns True if the port is a nodelet server

is_transition(port_type: str, port_name: str) → bool: Check if a port is of type transition

class dal.models.RemoteUser(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: BaseUser

This class represents the remote user object as record in the DB.

class dal.models.Role(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Role Model (only of name)

DEPLOYER_RESOURCES = {'AclObject': ['read'], 'Alert': ['create', 'read', 'update', 'delete'], 'Annotation': ['create', 'read', 'update', 'delete'], 'Applications': ['AdminBoard', 'FleetBoard', 'mov-fe-app-ide', 'mov-fe-app-launcher', 'mov-fe-app-taskmanager'], 'Callback': ['create', 'read', 'update', 'delete'], 'Configuration': ['read'], 'Flow': ['create', 'read', 'update', 'delete'], 'GraphicScene': ['create', 'read', 'update', 'delete'], 'InternalUser': ['read'], 'Layout': ['create', 'read', 'update', 'delete'], 'Node': ['create', 'read', 'update', 'delete'], 'Package': ['create', 'read', 'update', 'delete'], 'Role': ['read'], 'SharedDataEntry': ['create', 'read', 'update', 'delete'], 'SharedDataTemplate': ['create', 'read', 'update', 'delete'], 'TaskEntry': ['create', 'read', 'update', 'delete'], 'TaskTemplate': ['create', 'read', 'update', 'delete'], 'Translation': ['create', 'read', 'update', 'delete']}

OPERATOR_RESOURCES = {'Applications': ['FleetBoard', 'mov-fe-app-launcher'], 'GraphicScene': ['read']}

classmethod create(name: str, resources: Dict[str, List[str]]) → Role

create a new Role object in DB

Parameters:

name (str) – The name of the Role
resources (Dict) – resources permissions map

Returns:

The created Role object

Return type:

Role

Raises:

RoleAlreadyExist – in case a Role with that name already exist.

classmethod create_default_roles(): Create default roles: Admin, Deployer, Operator

static list_roles_names() → list

Retunns a list with all Roles exist in the system.

Returns:: containing the name of the current Roles.
Return type:: list

classmethod remove(name: str) → None

Removes a Role from DB.

Parameters:

name (str) – The name of the Role to remove

Raises:

RoleDoesNotExist – In case there is no Role with that name.
RoleError – if the role cannot be deleted for some reason.

classmethod set_role_resources(role: str, resources: Dict[str, List[str]])

Set role resources.

Parameters:

role (str) – The name of the Role to set resources for.
resources (Dict[str, List[str]]) – A dictionary mapping resource names to their permissions.

update(resources: Dict) → None: Update role data

class dal.models.ScopeInstanceVersionNode(name: str)

Bases: ObjectNode, VersionObject, WorkspaceObject, PersistentObject, ABC

This class represents a instance version, the instance version is the object that actually contains the data

add(attr, key, **kwargs): Add a new dict attribute, this function, maintains compatibility with the old API

delete(**kwargs): Write this object to the database

property node_type: the node type

property ref: this object reference

property schema: the scope schema

property schema_version: the scope schema version

property scope: the scope name

serialize(**_): serialize this Scope object

set_acl()

property version: The current version

property workspace: str | None: the object workspace

write(**kwargs): Write this object to the database

class dal.models.ScopeNode(scope: str)

Bases: DictNode, WorkspaceObject

Implements a scope node, a scope is an mov.ai object for instance a Callback, a Flow or a Node

property node_type: the node type

property path: get the tree path

static register_scope_class(scope: str, cls: type): Override a scope class, this will overried the class used to create a ScopeInstanceVersionNode

static register_scope_object(schema_path: str, cls: type): Override a scope class, this will overried the class used to create a ScopeInstanceVersionNode

static register_scope_property(schema_path: str, cls: type): Override a scope class, this will overried the class used to create a ScopeInstanceVersionNode

property scope: the scope name

property workspace: the object workspace

class dal.models.ScopeObjectNode(name: str)

Bases: ObjectNode, SerializableObject, ABC

Implements a scope instance node, a scope is an mov.ai object a Callback, a Flow or a Node, an instance is the actual object that contains the data

property schema: the scope schema

property scope: the scope name

serialize(**kwargs): serialize this Scope object

class dal.models.ScopePropertyNode(name: str, value: str)

Bases: PropertyNode, SerializableObject

Represents a property node in a scope tree

property schema: the scope schema

property scope: the scope name

serialize(**kwargs): serialize this Scope object

class dal.models.ScopesTree(*args, **kwargs)

Bases: CallableNode

A scopes tree is an interface to access the stored data in mov.ai

backup(path: str, **kwargs): Read a document from a specified path

static extract_reference(path, **kwargs): Convert a path into workspace, scope, ref, version

from_path(path: str, **kwargs)

Read a document from a specified path

Parameters:: path (str) – the path to read from
Raises:: ValueError – in case invalid path recieved.
Returns:: a Model Object representing the entitiy requested
Return type:: Model

property node_type: the node type

property path: get the tree path

read_from_path(path: str, **kwargs): Read a document from a specified path

reference_regexes = ['^(git)/([a-zA-Z0-9_.-]+[:/][a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+)/([/a-zA-Z0-9_.-]+)/([a-zA-Z0-9_.-]+)$', '^([a-zA-Z0-9-_.]+)/([a-zA-Z0-9_.]+)/([a-zA-Z0-9_.-]+[/a-zA-Z0-9_.-]*)/([a-zA-Z0-9_.]+)$', '^([a-zA-Z0-9-_.]+)/([a-zA-Z0-9_.]+)/([a-zA-Z0-9_.-]+)/([/a-zA-Z0-9_.]+)$', '^([a-zA-Z0-9-_.]+)/([a-zA-Z0-9_.]+)/([a-zA-Z0-9_.-]+)$']

restore(path: str, **kwargs): Read a document from a specified path

class dal.models.System(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

System Model

use deprecated instead

class dal.models.User(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

This class represents the user object as record in the DB, it handles all operations required for user: authentication, token generation and so..

classmethod create(username: str, password: str) → Model

Creates a new user

Parameters:

username (str) – the name of the user to create (can not be empty)
password (str) – the password for the corresponding user (can not be empty).

Returns:

the user object created.

Return type:

obj (User)

create_id(): Create hash id for user

get_permission(resource_name: str) → List

This function returns a list of resource permissions for a the user.

Parameters:: resource_name (str) – the name of the resource which permissions are requested.
Returns:: a list of a given permission for this resource.
Return type:: List

get_refresh_token(): Generate refresh token

get_token(): Generate authentication token

classmethod get_user_by_name(username: str) → Model

returns a reference of a User, if not exist returns None

Args: username - the name of the User to get a reference for

Returns:: (User) - the user record with the corresponding username

has_permission(resource_name: str, permission_name: str, skip_superuser: bool = False) → bool: Check if user has permission

has_scope_permission(user, permission) → bool: check if user has scope permission

static hash_password(password: str) → str

This function uses sha256 algorithm to store a password secured.

Parameters:: password (str) – the password to hash.
Returns:: the hash of the password
Return type:: str

classmethod reset(username: str, pw_current: str, pw_new: str, pw_newc: str, validate: bool = True) → bool

Resets a user password

Args: pw_current (str): old password. pw_new (str): new password. pw_newc (str): confirm password. validate (bool): confirm current password before setting the

new password.

Exceptions: ValueError - if new password and confirmed password do not mathc. ValueError - if new password is an empty string. ValueError - if user does not exist.

Returns:: True if password reset succeeded, False otherwise.
Return type:: (bool)

property role: Model | None

This funtion returns the corresponding role of the user.

Returns:: a Role object or None if it not found.
Return type:: Union[Model, None]

set_acl(): sets the AClManager as an internal attribute.

user_permissions() → Dict: Get dict of the user permissions

verify_password(password: str) → bool

Verify a password against an hash

Parameters:: password (str) – the password of the user.
Raises:: ValueError – if Password attribute is not defined on the user object.
Returns:: True if password validation succeeds, False otherwise.
Return type:: bool

classmethod verify_token(token)

This function validates that the token sent by client us valid for the corresponding user.

Parameters:

token ([type]) – the token to verify

Raises:

ValueError – if token has expired
ValueError – if decoding has failed.
ValueError – if the token is invalid.

Returns:

the token data after being decoded.

Return type:

[type]

class dal.models.Var(scope: str = 'Node', _robot_name='', _node_name='', _port_name='')

Bases: object

Class for user to write and read vars

delete(name): Same as delattr

static delete_all(scope: str = 'Node', _robot_name='', _node_name='', _port_name=''): Delete all variables of a certain scope

get(name): Same as getattr

set(name, value, expire: float | None = None): Same as setattr

class dal.models.Widget(ref_or_path: str, workspace: str = 'global', version: str = '__UNVERSIONED__')

Bases: Model

Widget Model

dal.models package

Submodules

dal.models.acl module

dal.models.aclobject module

dal.models.application module

dal.models.baseuser module

dal.models.callback module

dal.models.configuration module

dal.models.container module

dal.models.flow module

dal.models.flowlinks module

dal.models.form module

dal.models.internaluser module

dal.models.ldapconfig module

dal.models.lock module

dal.models.message module

dal.models.model module

dal.models.node module

dal.models.nodeinst module

dal.models.package module

dal.models.ports module

dal.models.remoteuser module

dal.models.role module

dal.models.scopestree module

dal.models.system module

dal.models.user module

dal.models.var module

dal.models.widget module

Module contents