xia_meta_secret.secrets.Secrets

class xia_meta_secret.secrets.Secrets(**kwargs)

Bases: VirtualWorker

All Secrets should be managed here

top_secret: Encrypt key of this realm

owner_name

Owner of the secret

Type: inherited

name

Should be managed as a.b.c.d for the access control

Type: inherited

encrypted_secret: Encrypted password

__init__(**kwargs)

Methods

`__init__`(**kwargs)
`decrypt`(data, key)	Decrypt data
`delete`([cascade])	Delete a document
`delete_all`()	Delete every instance of this document type
`drop`()	Drop the collection
`encrypt`(data, key)	Encrypt data
`from_db`(**kwargs)	Transform database data to internal data
`from_display`(**kwargs)	Transform Display data to internal data
`get_collection_name`()	Get collection name of current class
`get_display_data`([lazy])	Get Display data (visualized form of data)
`get_id`()	Get document id
`get_raw_data`()	Get Raw data (materialized form of data)
`get_runtime_data`()	Get Runtime data (calculated from raw data when runtime is activated)
`get_sample`()	Get a sample document data
`get_secret_from_id`(secret_id[, owner_name, ...])	Get secret value from secret id
`list`(owner_name[, limit])	List objects of predefined criteria, default limited to 10 objects
`load`(args, *kwargs)	Load a Document from engine
`objects`(**kwargs)	Search documents
`reload`()	Reload the document from the engine
`save`([validate, cascade])	Save a document to engine
`secret_composer`(raw_string[, ...])	String level secret parser
`secret_parser`(source[, owner_name, prefix])	Parse un string with secret id like ${{}}
`to_db`([ignore_unknown, no_class])	Translate the runtime data into raw data (materialized form of data)
`update`([validate, cascade])	Update existed fields
`update_secret`(new_secret)	Update secret value
`validate`()	Validate if all of the component of document follows the predefined rules

Attributes

`cluster_fields`	Cluster Fields
`encrypted_secret`
`file_name`
`file_path`
`is_file`
`key_fields`	Key Fields
`logger`
`name`
`owner_name`
`partition_info`	Partition information
`reverse_delete_rules`
`top_secret`

cluster_fields = []: Cluster Fields

classmethod decrypt(data: str, key: str) → str

Decrypt data

Parameters

data (str) – data to be encrypted
key (str) – encryption key

Returns

Decrypted data

Return type

str

delete(cascade: bool = True)

Delete a document

Parameters: cascade (bool) – Activate the cascade delete

classmethod delete_all(): Delete every instance of this document type

classmethod drop()

Drop the collection

Hard way to delete the collection. No cascade relation will be considered

classmethod encrypt(data: str, key: str) → str

Encrypt data

Parameters

data (str) – data to be encrypted
key (str) – encryption key

Returns

encrypted data

Return type

str

classmethod from_db(**kwargs)

Transform database data to internal data

Parameters: **kwargs (object) – python dict got from system
Returns: python dict object

classmethod from_display(**kwargs)

Transform Display data to internal data

Parameters: **kwargs (object) – display object got from front end
Returns: python dict object

classmethod get_collection_name()

Get collection name of current class

Returns: collection name
Return type: str

get_display_data(lazy: bool = True)

Get Display data (visualized form of data)

Returns: python dict object

Notes

We will return the detail form if it is possible

get_id()

Get document id

Returns: Document ID
Return type: str

get_raw_data()

Get Raw data (materialized form of data)

Returns: python dict object

get_runtime_data()

Get Runtime data (calculated from raw data when runtime is activated)

Returns: python dict object

classmethod get_sample(): Get a sample document data

classmethod get_secret_from_id(secret_id: str, owner_name: str = '', prefix: str = '') → str

Get secret value from secret id

Parameters

secret_id (str) – Secret id from engine
owner_name (str) – limiting the secret scope to a specified owner
prefix (str) – limiting the secret scope with name of a given prefix

Returns:

key_fields = []: Key Fields

classmethod list(owner_name: str, limit: int = 10, **kwargs): List objects of predefined criteria, default limited to 10 objects

classmethod load(*args, **kwargs)

Load a Document from engine

Parameters

*args – a list document id (should only have one valid)
**kwargs –

Returns

loaded document instance

classmethod objects(**kwargs)

Search documents

Parameters: **kwargs – Search Configuration
Returns: generator of a found document

Notes

key, str pair: single value search
key, list pair: array_contains_any search
embedded search: a__b means b component of a. a.b means the key’s name is a.b
operators: key is end with __op__. The following op are supported:
- __eq__: Could ignore because it is a by default behavior
- __lt__, __le__, __gt__, __ge__, __ne__: as is supposed by the name
- __asc__, __desc__: the result will be ordered by the fields

partition_info = {}: Partition information

reload()

Reload the document from the engine

Returns: itself with refreshed data

save(validate: bool = True, cascade: bool = True)

Save a document to engine

Parameters

validate (bool) – Should the validation to be passed or not
cascade (bool) – Save cascaded document

Returns

itself (with document id in the case of a new created document)

classmethod secret_composer(raw_string: str, secret_manager=None, owner_name: str = '', prefix: str = '') → str

String level secret parser

Parameters

raw_string (str) – String to be parsed
secret_manager – Callable to get the secret value
owner_name (str) – limiting the secret scope to a specified owner
prefix (str) – limiting the secret scope with name of a given prefix

Returns

secret id replaced by secret value in the string

Return type

str

classmethod secret_parser(source, owner_name: str = '', prefix: str = '')

Parse un string with secret id like ${{}}

Parameters

source (any) – Source to be parsed, could be dict, list or str
owner_name (str) – limiting the secret scope to a specified owner
prefix (str) – limiting the secret scope with name of a given prefix

Returns

with secret parsed

Return type

amy

to_db(ignore_unknown: bool = False, no_class: bool = False)

Translate the runtime data into raw data (materialized form of data)

Parameters

no_class (bool) – Don’t save the class name into document
ignore_unknown (bool) – When a field is not defined in the document, should we send it back to the database

Returns

python dict object

update(validate=True, cascade: bool = True, **kwargs)

Update existed fields

Parameters

validate (bool) – Should the data be validated before update or not
cascade (bool) – Activate the cascade update / delete
**kwargs – update parameters

Returns

updated document in the form of python object

Notes

Update String Specifications * embedded update: a__b means b component of a. a.b means the key’s name is a.b * operators: key is end with __op__. The following op are supported:

__append__: Append an item to array

__remove__: Remove an item

__delete__: Delete the field

Notes

We need to update the data from all sources

update_secret(new_secret: str)

Update secret value

Parameters: new_secret (str) – New secret value
Returns: self

validate()

Validate if all of the component of document follows the predefined rules

Returns: Always None. No exception raised means the validation passed