tking/fastapi-gsap
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
fastapi-gsap/.venv/lib/python3.12/site-packages/pydantic_settings/utils.py
Tyler J King e744336385 fix: capability enforcement, credential safety, atomic delegations, input validation 
C-6: ConnectorRuntime enforces capability_mask per operation.
     READ-only ACs cannot invoke MUTATE operations (wipe, lock, retire).
C-7: AC validated against database (exists, active, not expired)
     before connector invocation.
C-9: Delegated AC capability bounded by delegator's capability.
C-10: Command counter uses atomic SQL increment with limit check.
M-23: expire_stale() uses same atomic SQL pattern.

H-1: Sensitive credential fields hidden from repr/logs via repr=False.
H-2: Stub backend requires ALLOW_STUB_CREDENTIALS=true to activate.
H-3: Kerberos backend raises CredentialResolutionError instead of
     returning stub ticket.
H-4: Chronicle INTENT emitted before execution, RESULT after.
H-5: device_id validated as UUID before Graph API URL interpolation.
H-8: ConnectorRuntime enforces governance for all connector invocations.

Signed-off-by: Tyler King <tking@guildhouse.dev>
2026-04-14 08:13:27 -04:00

43 lines
1.3 KiB
Python
Raw Blame History

import types
from pathlib import Path
from typing import Any, _Final, _GenericAlias, get_origin # type: ignore [attr-defined]
_PATH_TYPE_LABELS = {
Path.is_dir: 'directory',
Path.is_file: 'file',
Path.is_mount: 'mount point',
Path.is_symlink: 'symlink',
Path.is_block_device: 'block device',
Path.is_char_device: 'char device',
Path.is_fifo: 'FIFO',
Path.is_socket: 'socket',
}
def path_type_label(p: Path) -> str:
"""
Find out what sort of thing a path is.
"""
assert p.exists(), 'path does not exist'
for method, name in _PATH_TYPE_LABELS.items():
if method(p):
return name
return 'unknown' # pragma: no cover
# TODO remove and replace usage by `isinstance(cls, type) and issubclass(cls, class_or_tuple)`
# once we drop support for Python 3.10.
def _lenient_issubclass(cls: Any, class_or_tuple: Any) -> bool: # pragma: no cover
try:
return isinstance(cls, type) and issubclass(cls, class_or_tuple)
except TypeError:
if get_origin(cls) is not None:
# Up until Python 3.10, isinstance(<generic_alias>, type) is True
# (e.g. list[int])
return False
raise
_WithArgsTypes = (_GenericAlias, types.GenericAlias, types.UnionType)
_typing_base: Any = _Final # pyright: ignore[reportAttributeAccessIssue]
Reference in a new issue View git blame Copy permalink