Merge pull request #56 from permitio/asaf/cto-248-expose-bulk-operations-api-in-python-sdk-bulk-create-users

Asaf Cohen · web-flow · commit 33fe64dd1a73 · 2024-01-30T16:35:20.000+02:00
Expose bulk operations api in python sdk bulk create users
diff --git a/permit/api/models.py b/permit/api/models.py
@@ -2078,6 +2078,34 @@ class Config:
     )
 
 
+class ResourceInstanceCreateBulkOperation(BaseModel):
+    class Config:
+        extra = Extra.allow
+
+    operations: List[ResourceInstanceCreate] = Field(..., title="Operations")
+
+
+class ResourceInstanceCreateBulkOperationResult(BaseModel):
+    pass
+
+    class Config:
+        extra = Extra.allow
+
+
+class ResourceInstanceDeleteBulkOperation(BaseModel):
+    class Config:
+        extra = Extra.allow
+
+    idents: List[str] = Field(..., title="Idents")
+
+
+class ResourceInstanceDeleteBulkOperationResult(BaseModel):
+    pass
+
+    class Config:
+        extra = Extra.allow
+
+
 class ResourceInstanceRead(BaseModel):
     class Config:
         extra = Extra.allow
diff --git a/permit/api/resource_instances.py b/permit/api/resource_instances.py
@@ -15,7 +15,15 @@
     required_permissions,
 )
 from .context import ApiContextLevel, ApiKeyAccessLevel
-from .models import ResourceInstanceCreate, ResourceInstanceRead, ResourceInstanceUpdate
+from .models import (
+    ResourceInstanceCreate,
+    ResourceInstanceCreateBulkOperation,
+    ResourceInstanceCreateBulkOperationResult,
+    ResourceInstanceDeleteBulkOperation,
+    ResourceInstanceDeleteBulkOperationResult,
+    ResourceInstanceRead,
+    ResourceInstanceUpdate,
+)
 
 
 class ResourceInstancesApi(BasePermitApi):
@@ -28,6 +36,15 @@ def __resource_instances(self) -> SimpleHttpClient:
             )
         )
 
+    @property
+    def __bulk_operations(self) -> SimpleHttpClient:
+        return self._build_http_client(
+            "/v2/facts/{proj_id}/{env_id}/bulk/resource_instances".format(
+                proj_id=self.config.api_context.project,
+                env_id=self.config.api_context.environment,
+            )
+        )
+
     @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
     @required_context(ApiContextLevel.ENVIRONMENT)
     @validate_arguments
@@ -201,3 +218,57 @@ async def delete(self, instance_key: str) -> None:
             PermitContextError: If the configured ApiContext does not match the required endpoint context.
         """
         return await self.__resource_instances.delete(f"/{instance_key}")
+
+    @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
+    @required_context(ApiContextLevel.ENVIRONMENT)
+    @validate_arguments
+    async def bulk_replace(
+        self, resource_instances: List[ResourceInstanceCreate]
+    ) -> ResourceInstanceCreateBulkOperationResult:
+        """
+        Creates (and if need replaces) resource instances in bulk.
+
+        If the resource instance exists - replaces it.
+        Otherwise creates previously non-existing resource instances.
+
+        Args:
+            resource_instances: The resource instances to create/replace.
+
+        Returns:
+            the bulk replace report.
+
+        Raises:
+            PermitApiError: If the API returns an error HTTP status code.
+            PermitContextError: If the configured ApiContext does not match the required endpoint context.
+        """
+        return await self.__bulk_operations.put(
+            "",
+            model=ResourceInstanceCreateBulkOperationResult,
+            json=ResourceInstanceCreateBulkOperation(operations=resource_instances),
+        )
+
+    @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
+    @required_context(ApiContextLevel.ENVIRONMENT)
+    @validate_arguments
+    async def bulk_delete(
+        self, resource_instances: List[str]
+    ) -> ResourceInstanceDeleteBulkOperationResult:
+        """
+        Deletes resource instances in bulk.
+
+        Args:
+            resource_instances: The resource instance identities to delete.
+            Each identity can be either `resource_type:instance_key` (like Repository:react) or the resource instance uuid.
+
+        Returns:
+            the bulk delete report.
+
+        Raises:
+            PermitApiError: If the API returns an error HTTP status code.
+            PermitContextError: If the configured ApiContext does not match the required endpoint context.
+        """
+        return await self.__bulk_operations.delete(
+            "",
+            model=ResourceInstanceDeleteBulkOperationResult,
+            json=ResourceInstanceDeleteBulkOperation(idents=resource_instances),
+        )
diff --git a/permit/api/tenants.py b/permit/api/tenants.py
@@ -15,7 +15,16 @@
     required_permissions,
 )
 from .context import ApiContextLevel, ApiKeyAccessLevel
-from .models import PaginatedResultUserRead, TenantCreate, TenantRead, TenantUpdate
+from .models import (
+    PaginatedResultUserRead,
+    TenantCreate,
+    TenantCreateBulkOperation,
+    TenantCreateBulkOperationResult,
+    TenantDeleteBulkOperation,
+    TenantDeleteBulkOperationResult,
+    TenantRead,
+    TenantUpdate,
+)
 
 
 class TenantsApi(BasePermitApi):
@@ -28,6 +37,15 @@ def __tenants(self) -> SimpleHttpClient:
             )
         )
 
+    @property
+    def __bulk_operations(self) -> SimpleHttpClient:
+        return self._build_http_client(
+            "/v2/facts/{proj_id}/{env_id}/bulk/tenants".format(
+                proj_id=self.config.api_context.project,
+                env_id=self.config.api_context.environment,
+            )
+        )
+
     @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
     @required_context(ApiContextLevel.ENVIRONMENT)
     @validate_arguments
@@ -215,3 +233,53 @@ async def delete_tenant_user(self, tenant_key: str, user_key: str) -> None:
             PermitContextError: If the configured ApiContext does not match the required endpoint context.
         """
         return await self.__tenants.delete(f"/{tenant_key}/users/{user_key}")
+
+    @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
+    @required_context(ApiContextLevel.ENVIRONMENT)
+    @validate_arguments
+    async def bulk_create(
+        self, tenants: List[TenantCreate]
+    ) -> TenantCreateBulkOperationResult:
+        """
+        Creates tenants in bulk.
+
+        Args:
+            tenants: The tenants to create
+
+        Returns:
+            the bulk creation report.
+
+        Raises:
+            PermitApiError: If the API returns an error HTTP status code.
+            PermitContextError: If the configured ApiContext does not match the required endpoint context.
+        """
+        return await self.__bulk_operations.post(
+            "",
+            model=TenantCreateBulkOperationResult,
+            json=TenantCreateBulkOperation(operations=tenants),
+        )
+
+    @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
+    @required_context(ApiContextLevel.ENVIRONMENT)
+    @validate_arguments
+    async def bulk_delete(self, tenants: List[str]) -> TenantDeleteBulkOperationResult:
+        """
+        Deletes tenants in bulk.
+
+        If the tenant exists - replaces it. Otherwise creates a non-existing tenant.
+
+        Args:
+            tenants: The tenants identities to delete. Each identity can be either the tenant key or the tenant id.
+
+        Returns:
+            the bulk delete report.
+
+        Raises:
+            PermitApiError: If the API returns an error HTTP status code.
+            PermitContextError: If the configured ApiContext does not match the required endpoint context.
+        """
+        return await self.__bulk_operations.delete(
+            "",
+            model=TenantDeleteBulkOperationResult,
+            json=TenantDeleteBulkOperation(idents=tenants),
+        )
diff --git a/permit/api/users.py b/permit/api/users.py
@@ -21,7 +21,13 @@
     RoleAssignmentRead,
     RoleAssignmentRemove,
     UserCreate,
+    UserCreateBulkOperation,
+    UserCreateBulkOperationResult,
+    UserDeleteBulkOperation,
+    UserDeleteBulkOperationResult,
     UserRead,
+    UserReplaceBulkOperation,
+    UserReplaceBulkOperationResult,
     UserUpdate,
 )
 
@@ -45,6 +51,15 @@ def __role_assignments(self) -> SimpleHttpClient:
             )
         )
 
+    @property
+    def __bulk_operations(self) -> SimpleHttpClient:
+        return self._build_http_client(
+            "/v2/facts/{proj_id}/{env_id}/bulk/users".format(
+                proj_id=self.config.api_context.project,
+                env_id=self.config.api_context.environment,
+            )
+        )
+
     @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
     @required_context(ApiContextLevel.ENVIRONMENT)
     @validate_arguments
@@ -211,6 +226,82 @@ async def delete(self, user_key: str) -> None:
         """
         return await self.__users.delete(f"/{user_key}")
 
+    @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
+    @required_context(ApiContextLevel.ENVIRONMENT)
+    @validate_arguments
+    async def bulk_create(
+        self, users: List[UserCreate]
+    ) -> UserCreateBulkOperationResult:
+        """
+        Creates users in bulk.
+
+        Args:
+            users: The users to create
+
+        Returns:
+            the bulk creation report.
+
+        Raises:
+            PermitApiError: If the API returns an error HTTP status code.
+            PermitContextError: If the configured ApiContext does not match the required endpoint context.
+        """
+        return await self.__bulk_operations.post(
+            "",
+            model=UserCreateBulkOperationResult,
+            json=UserCreateBulkOperation(operations=users),
+        )
+
+    @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
+    @required_context(ApiContextLevel.ENVIRONMENT)
+    @validate_arguments
+    async def bulk_replace(
+        self, users: List[UserCreate]
+    ) -> UserReplaceBulkOperationResult:
+        """
+        Replaces users in bulk.
+
+        If the user exists - replaces it.
+        Otherwise creates previously non-existing users.
+
+        Args:
+            users: The users to replace.
+
+        Returns:
+            the bulk replace report.
+
+        Raises:
+            PermitApiError: If the API returns an error HTTP status code.
+            PermitContextError: If the configured ApiContext does not match the required endpoint context.
+        """
+        return await self.__bulk_operations.put(
+            "",
+            model=UserReplaceBulkOperationResult,
+            json=UserReplaceBulkOperation(operations=users),
+        )
+
+    @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
+    @required_context(ApiContextLevel.ENVIRONMENT)
+    @validate_arguments
+    async def bulk_delete(self, users: List[str]) -> UserDeleteBulkOperationResult:
+        """
+        Deletes users in bulk.
+
+        Args:
+            users: The users identities to delete. Each identity can be either the user key or the user id.
+
+        Returns:
+            the bulk delete report.
+
+        Raises:
+            PermitApiError: If the API returns an error HTTP status code.
+            PermitContextError: If the configured ApiContext does not match the required endpoint context.
+        """
+        return await self.__bulk_operations.delete(
+            "",
+            model=UserDeleteBulkOperationResult,
+            json=UserDeleteBulkOperation(idents=users),
+        )
+
     @required_permissions(ApiKeyAccessLevel.ENVIRONMENT_LEVEL_API_KEY)
     @required_context(ApiContextLevel.ENVIRONMENT)
     @validate_arguments
diff --git a/permit/exceptions.py b/permit/exceptions.py
@@ -95,11 +95,32 @@ def status_code(self) -> int:
         """
         return self._response.status
 
+    @property
+    def content_type(self) -> str:
+        """
+        Get the HTTP content type header of the error response.
+
+        Returns:
+            The value of the HTTP Response Content-type header, or None
+        """
+        return self._response.headers.get("content-type")
+
 
 async def handle_api_error(response: aiohttp.ClientResponse):
     if response.status < 200 or response.status >= 400:
+        # handle non-json errors (can be returned by load balancer)
+        content_type = response.headers.get("content-type")
+        if content_type is not None and content_type.lower() != "application/json":
+            error_string = await response.text()
+            raise PermitApiError(
+                f"{response.status} API Error",
+                response,
+                json={"status_code": response.status, "error": error_string},
+            )
+
+        # fallback to handle json errors
         json = await response.json()
-        raise PermitApiError("API error", response, json)
+        raise PermitApiError(f"{response.status} API error", response, json)
 
 
 def handle_client_error(func):
diff --git a/setup.py b/setup.py
@@ -10,7 +10,7 @@ def get_requirements(env=""):
 
 setup(
     name="permit",
-    version="2.2.2",
+    version="2.3.0",
     packages=find_packages(),
     author="Asaf Cohen",
     author_email="asaf@permit.io",
diff --git a/tests/endpoints/test_bulk_operations.py b/tests/endpoints/test_bulk_operations.py
diff --git a/tests/endpoints/test_error_response.py b/tests/endpoints/test_error_response.py
diff --git a/tests/utils.py b/tests/utils.py
