policyweaver.models.export¶

Bases: CommonBaseModel

Represents a constraint in the Policy Weaver application. Attributes:

column_action (str): The action associated with the column constraint. column_effect (str): The effect of the column constraint. column_names (List[str]): A list of column names to which the constraint applies. table_name (str): The name of the table associated with the constraint. schema_name (str): The schema of the table. catalog_name (str): The catalog of the table.

_abc_impl = <_abc._abc_data object>¶

catalog_name: str | None¶

column_actions: List[PermissionType] | None¶

column_effect: PermissionState | None¶

column_names: List[str] | None¶

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

schema_name: str | None¶

table_name: str | None¶

class policyweaver.models.export.Permission(*, name: PermissionType | None = None, state: PermissionState | None = None, objects: List[PermissionObject] | None = None)¶

Bases: CommonBaseModel

Represents a permission in the Policy Weaver application. Attributes:

id (str): The unique identifier for the permission. type (PermissionType): The type of the permission. name (str): The name of the permission. state (PermissionState): The state of the permission. objects (List[PermissionObject]): A list of objects associated with the permission.

_abc_impl = <_abc._abc_data object>¶

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

name: PermissionType | None¶

objects: List[PermissionObject] | None¶

state: PermissionState | None¶

Bases: CommonBaseModel

Represents an object in a permission. Attributes:

id (str): The unique identifier for the object. type (IamType): The type of the IAM entity associated with the object. email (str): The email of the IAM entity, if applicable. app_id (str): The application ID of the IAM entity, if applicable.

_abc_impl = <_abc._abc_data object>¶

app_id: str | None¶

email: str | None¶

entra_object_id: str | None¶

id: str | None¶

property lookup_id: str¶: Returns the identifier used for looking up the object. Depending on the type of IAM entity, it returns either the email, app_id, or id. Returns:

str: The identifier for the object based on its type.

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

type: IamType | None¶

Bases: CommonBaseModel

Represents the scope of a permission in the Policy Weaver application. Attributes:

catalog (str): The catalog to which the permission applies. catalog_schema (str): The schema of the catalog. table (str): The table associated with the permission. name (str): The name of the permission like read or write. state (str): The state of the permission like permit or deny

_abc_impl = <_abc._abc_data object>¶

catalog: str | None¶

catalog_schema: str | None¶

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

name: PermissionType | None¶

state: PermissionState | None¶

table: str | None¶

class policyweaver.models.export.Policy(*, catalog: str | None = None, catalog_schema: str | None = None, table: str | None = None, permissions: List[Permission] | None = None)¶

Bases: CatalogItem

Represents a policy in the Policy Weaver application. Attributes:

id (str): The unique identifier for the policy. name (str): The name of the policy. type (str): The type of the policy. catalog (str): The catalog to which the policy belongs. catalog_schema (str): The schema of the catalog. table (str): The table associated with the policy. permissions (List[Permission]): A list of permissions associated with the policy.

_abc_impl = <_abc._abc_data object>¶

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

permissions: List[Permission] | None¶

class policyweaver.models.export.PolicyExport(*, source: Source | None = None, type: PolicyWeaverConnectorType | None = None, policies: List[Policy] | None = None)¶

Bases: CommonBaseModel

Represents a policy export in the Policy Weaver application. Attributes:

id (str): The unique identifier for the policy export. name (str): The name of the policy export. source (Source): The source from which the policy is exported. type (PolicyWeaverConnectorType): The type of the connector used for the policy export. policies (List[Policy]): A list of policies included in the export.

_abc_impl = <_abc._abc_data object>¶

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

policies: List[Policy] | None¶

source: Source | None¶

type: PolicyWeaverConnectorType | None¶

class policyweaver.models.export.RolePolicy(*, permissionobjects: List[PermissionObject] | None = None, permissionscopes: List[PermissionScope] | None = None, columnconstraints: List[ColumnConstraint] | None = None, rowconstraints: List[RowConstraint] | None = None, name: str | None = None)¶

Bases: CommonBaseModel

Represents a policy in the Policy Weaver application. Attributes:

id (str): The unique identifier for the policy. name (str): The name of the policy. type (str): The type of the policy. permissions (List[Permission]): A list of permissions associated with the policy. permissionscopes (List[PermissionScope]): A list of permission scopes associated with the policy.

_abc_impl = <_abc._abc_data object>¶

columnconstraints: List[ColumnConstraint] | None¶

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

name: str | None¶

permissionobjects: List[PermissionObject] | None¶

permissionscopes: List[PermissionScope] | None¶

rowconstraints: List[RowConstraint] | None¶

class policyweaver.models.export.RolePolicyExport(*, source: Source | None = None, type: PolicyWeaverConnectorType | None = None, policies: List[RolePolicy] | None = None)¶

Bases: CommonBaseModel

Represents a policy export in the Policy Weaver application. Attributes:

id (str): The unique identifier for the policy export. name (str): The name of the policy export. source (Source): The source from which the policy is exported. type (PolicyWeaverConnectorType): The type of the connector used for the policy export. policies (List[Policy]): A list of policies included in the export.

_abc_impl = <_abc._abc_data object>¶

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

policies: List[RolePolicy] | None¶

source: Source | None¶

type: PolicyWeaverConnectorType | None¶

class policyweaver.models.export.RowConstraint(*, filter_condition: str | None = None, table_name: str | None = None, schema_name: str | None = None, catalog_name: str | None = None)¶

Bases: CommonBaseModel

Represents a row-level constraint in the Policy Weaver application. Attributes:

filter_condition (str): The condition used to filter rows. table_name (str): The name of the table associated with the constraint. schema_name (str): The schema of the table. catalog_name (str): The catalog of the table.

_abc_impl = <_abc._abc_data object>¶

catalog_name: str | None¶

filter_condition: str | None¶

model_config: ClassVar[ConfigDict] = {'arbitrary_types_allowed': True, 'exclude_none': True, 'exclude_unset': True, 'populate_by_name': True, 'use_enum_values': True, 'validate_by_alias': True, 'validate_by_name': True}¶: Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].

schema_name: str | None¶

table_name: str | None¶