xia_meta_secret.secrets.Secrets

class xia_meta_secret.secrets.Secrets(**kwargs)

Bases: VirtualWorker

All Secrets should be managed here

top_secret

Encrypt key of this realm

owner_name

Owner of the secret

Type

inherited

name

Should be managed as a.b.c.d for the access control

Type

inherited

encrypted_secret

Encrypted password

__init__(**kwargs)

Methods

__init__(**kwargs)

decrypt(data, key)

Decrypt data

delete([caller_id])

Delete a document

delete_all()

Delete every instance of this document type

encrypt(data, key)

Encrypt data

get_collection_name()

Get collection name of current class

get_display_data([lazy])

Get Display data (visualized form of data)

get_id()

Get document id

get_raw_data()

Get Raw data (materialized form of data)

get_reverse_delete_rules()

Get reverse_delete_rules

get_secret_from_id(secret_id[, owner_name, ...])

Get secret value from secret id

list(owner_name[, limit])

List objects of predefined criteria, default limited to 10 objects

load(*args, **kwargs)

Load a Document from engine

objects(**kwargs)

Search documents

register_delete_rules(klass, field_path, ...)

Use the delete_rule to handle what should happen if the document the field is referencing is deleted.

reload()

Reload the document from the engine

save([validate])

Save a document to engine

secret_composer(raw_string[, ...])

String level secret parser

secret_parser(source[, owner_name, prefix])

Parse un string with secret id like ${{}}

to_db()

Translate the runtime data into raw data (materialized form of data)

update([validate])

Update existed fields

update_secret(new_secret)

Update secret value

validate()

Validate if all of the component of document follows the predefined rules

Attributes

DELETE

DENY

NULLIFY

PULL

REVERSE_DELETE_RULES

Reversed delete rule constant definition

encrypted_secret

file_name

file_path

is_file

logger

meta

If the document is not abstract, the collection_name should be provided

name

owner_name

reverse_delete_rules

top_secret

REVERSE_DELETE_RULES = {'DELETE': 3, 'DENY': 2, 'NULLIFY': 1, 'PULL': 4}

Reversed delete rule constant definition

classmethod decrypt(data: str, key: str) str

Decrypt data

Parameters

  • data (str) – data to be encrypted

  • key (str) – encryption key

Returns

Decrypted data

Return type

str

delete(caller_id: Optional[str] = None)

Delete a document

Parameters

caller_id (str) – The caller of cascade delete

classmethod delete_all()

Delete every instance of this document type

classmethod encrypt(data: str, key: str) str

Encrypt data

Parameters

  • data (str) – data to be encrypted

  • key (str) – encryption key

Returns

encrypted data

Return type

str

engine

alias of FirestoreEngine

classmethod get_collection_name()

Get collection name of current class

Returns

collection name

Return type

str

get_display_data(lazy: bool = True)

Get Display data (visualized form of data)

Returns

python dict object

get_id()

Get document id

Returns

Document ID

Return type

str

get_raw_data()

Get Raw data (materialized form of data)

Returns

python dict object

classmethod get_reverse_delete_rules()

Get reverse_delete_rules

Returns

reverse delete rules

Return type

list

classmethod get_secret_from_id(secret_id: str, owner_name: str = '', prefix: str = '') str

Get secret value from secret id

Parameters

  • secret_id (str) – Secret id from engine

  • owner_name (str) – limiting the secret scope to a specified owner

  • prefix (str) – limiting the secret scope with name of a given prefix

Returns:

classmethod list(owner_name: str, limit: int = 10, **kwargs)

List objects of predefined criteria, default limited to 10 objects

classmethod load(*args, **kwargs)

Load a Document from engine

Parameters

  • *args – a list document id (should only have one valid)

  • **kwargs

Returns

loaded document instance

meta = {'abstract': True}

If the document is not abstract, the collection_name should be provided

classmethod objects(**kwargs)

Search documents

Parameters

**kwargs – Search Configuration

Returns

generator of a found document

Notes

  • key, str pair: single value search

  • key, list pair: array_contains_any search

  • embedded search: a__b means b component of a. a.b means the key’s name is a.b

  • operators: key is end with __op__. The following op are supported:

    • __eq__: Could ignore because it is a by default behavior

    • __lt__, __le__, __gt__, __ge__, __ne__: as is supposed by the name

    • __asc__, __desc__: the result will be ordered by the fields

classmethod register_delete_rules(klass, field_path: str, delete_rule: str)

Use the delete_rule to handle what should happen if the document the field is referencing is deleted.

The options are:

  • NULLIFY - Updates the reference to null.

  • CASCADE - Deletes the documents associated with the reference.

  • DENY - Prevent the deletion of the reference object.

  • PULL - Pull the reference from a list of reference

reload()

Reload the document from the engine

Returns

itself with refreshed data

save(validate=True)

Save a document to engine

Parameters

validate (bool) – Should the validation to be passed or not

Returns

itself (with document id in the case of a new created document)

classmethod secret_composer(raw_string: str, secret_manager=None, owner_name: str = '', prefix: str = '') str

String level secret parser

Parameters

  • raw_string (str) – String to be parsed

  • secret_manager – Callable to get the secret value

  • owner_name (str) – limiting the secret scope to a specified owner

  • prefix (str) – limiting the secret scope with name of a given prefix

Returns

secret id replaced by secret value in the string

Return type

str

classmethod secret_parser(source, owner_name: str = '', prefix: str = '')

Parse un string with secret id like ${{}}

Parameters

  • source (any) – Source to be parsed, could be dict, list or str

  • owner_name (str) – limiting the secret scope to a specified owner

  • prefix (str) – limiting the secret scope with name of a given prefix

Returns

with secret parsed

Return type

amy

to_db()

Translate the runtime data into raw data (materialized form of data)

Returns

python dict object

update(validate=True, **kwargs)

Update existed fields

Parameters

  • validate (bool) – Should the data be validated before update or not

  • **kwargs – update parameters

Returns

updated document in the form of python dict

Notes

Update String Specifications * embedded update: a__b means b component of a. a.b means the key’s name is a.b * operators: key is end with __op__. The following op are supported:

  • __append__: Append an item to array

  • __remove__: Remove an item

  • __delete__: Delete the field

update_secret(new_secret: str)

Update secret value

Parameters

new_secret (str) – New secret value

Returns

self

validate()

Validate if all of the component of document follows the predefined rules

Returns

Always None. No exception raised means the validation passed