weaver.vault.utils
¶
Module Contents¶
-
weaver.vault.utils.
get_vault_dir
(container: Optional[weaver.typedefs.AnySettingsContainer] = None) → str[source]¶ Get the base directory of the secure file vault.
-
weaver.vault.utils.
get_vault_path
(file: weaver.datatype.VaultFile, container: Optional[weaver.typedefs.AnySettingsContainer] = None) → str[source]¶ Get the full path of the vault file.
-
weaver.vault.utils.
get_vault_url
(file: Union[weaver.datatype.VaultFile, uuid.UUID, str], container: Optional[weaver.typedefs.AnySettingsContainer] = None) → str[source]¶ Obtain the vault link corresponding to the file.
-
weaver.vault.utils.
map_vault_location
(reference: str, container: weaver.typedefs.AnySettingsContainer = None, url: bool = False, exists: bool = True) → Optional[str][source]¶ Convert back and forth between the URL and local path references of the Vault file.
See also
Similar operation to
weaver.wps.utils.map_wps_output_location()
.Warning
Does not validate access token to retrieve the file. It is assumed that pre-valuation was accomplished.
- Parameters
reference – Local file path or file URL to be mapped.
container – Retrieve application settings.
url – Perform URL mapping (local path -> URL endpoint), or map to local path (URL -> local path).
exists – Ensure that the mapped file exists, otherwise don’t map it (otherwise
None
).
- Returns
Mapped reference if applicable, otherwise
None
.
-
weaver.vault.utils.
parse_vault_token
(header: Optional[str], unique: bool = False) → Dict[Optional[str], str][source]¶ Parse the authorization header value to retrieve all Vault access tokens and optional file UUID.
See also
Definition of expected format in File Vault Inputs.
sd.XAuthVaultFileHeader
- Parameters
header – Authorization header to parse.
unique – Whether only one or multiple tokens must be retrieved.
- Returns
Found mapping of UUID to access token. If unique, UUID can be
None
.
-
weaver.vault.utils.
get_vault_auth
(request: pyramid.request.Request) → Tuple[weaver.typedefs.AnyUUID, Optional[str]][source]¶ Obtain the requested file reference and parsed access token from the Vault authorization header.
- Parameters
request – Request containing reference file UUID and authorization headers.
- Returns
Extracted file reference and authentication token.
- Raises
Appropriate HTTP exception according to use case.
Obtain the requested file if access is granted.
- Parameters
file_id – Vault storage reference file UUID.
auth_token – Token to obtain access to the file.
container – Application settings.
- Returns
Authorized file.
- Raises
Appropriate HTTP exception according to use case.
-
weaver.vault.utils.
decrypt_from_vault
(vault_file: weaver.datatype.VaultFile, path: str, out_dir: Optional[str] = None, delete_encrypted: bool = False) → str[source]¶ Decrypts a Vault file and removes its encrypted version.
- Parameters
vault_file – Reference file in Vault.
path – Expected location of the encrypted file.
out_dir – Desired output location, or temporary directory.
delete_encrypted – Delete original encrypted file after decryption for output.
- Returns
Output location of the decrypted file.