weaver.vault.utils
Module Contents
- weaver.vault.utils.get_vault_dir(container: weaver.typedefs.AnySettingsContainer | None = None) str [source]
Get the base directory of the secure file vault.
- weaver.vault.utils.get_vault_path(file: weaver.datatype.VaultFile, container: weaver.typedefs.AnySettingsContainer | None = None) str [source]
Get the full path of the vault file.
- weaver.vault.utils.get_vault_url(file: weaver.datatype.VaultFile | uuid.UUID | str, container: weaver.typedefs.AnySettingsContainer | None = None) str [source]
Obtain the vault link corresponding to the file.
- weaver.vault.utils.map_vault_location(reference: str, container: weaver.typedefs.AnySettingsContainer = None, url: bool = False, exists: bool = True) str | None [source]
Convert back and forth between the URL and local path references of the Vault file.
See also
Similar operation to
weaver.wps.utils.map_wps_output_location()
.Warning
Does not validate access token to retrieve the file. It is assumed that pre-valuation was accomplished.
- Parameters:
reference – Local file path or file URL to be mapped.
container – Retrieve application settings.
url – Perform URL mapping (local path -> URL endpoint), or map to local path (URL -> local path).
exists – Ensure that the mapped file exists, otherwise don’t map it (otherwise
None
).
- Returns:
Mapped reference if applicable, otherwise
None
.
- weaver.vault.utils.parse_vault_token(header: str | None, unique: bool = False) Dict[str | None, str] [source]
Parse the authorization header value to retrieve all Vault access tokens and optional file UUID.
See also
Definition of expected format in File Vault Inputs.
sd.XAuthVaultFileHeader
- Parameters:
header – Authorization header to parse.
unique – Whether only one or multiple tokens must be retrieved.
- Returns:
Found mapping of UUID to access token. If unique, UUID can be
None
.
- weaver.vault.utils.get_vault_auth(request: pyramid.request.Request) Tuple[weaver.typedefs.AnyUUID, str | None] [source]
Obtain the requested file reference and parsed access token from the Vault authorization header.
- Parameters:
request – Request containing reference file UUID and authorization headers.
- Returns:
Extracted file reference and authentication token.
- Raises:
Appropriate HTTP exception according to use case.
- weaver.vault.utils.get_authorized_file(file_id: weaver.typedefs.AnyUUID, auth_token: str, container: weaver.typedefs.AnySettingsContainer | None = None) weaver.datatype.VaultFile [source]
Obtain the requested file if access is granted.
- Parameters:
file_id – Vault storage reference file UUID.
auth_token – Token to obtain access to the file.
container – Application settings.
- Returns:
Authorized file.
- Raises:
Appropriate HTTP exception according to use case.
- weaver.vault.utils.decrypt_from_vault(vault_file: weaver.datatype.VaultFile, path: str, out_dir: str | None = None, delete_encrypted: bool = False) str [source]
Decrypts a Vault file and optionally removes its encrypted version.
- Parameters:
vault_file – Reference file in Vault.
path – Expected location of the encrypted file.
out_dir – Desired output location, or temporary directory.
delete_encrypted – Delete original encrypted file after decryption for output.
- Returns:
Output location of the decrypted file.