diff --git a/cognee/modules/data/methods/create_authorized_dataset.py b/cognee/modules/data/methods/create_authorized_dataset.py index e43381b35..08057a6bd 100644 --- a/cognee/modules/data/methods/create_authorized_dataset.py +++ b/cognee/modules/data/methods/create_authorized_dataset.py @@ -6,6 +6,15 @@ from .create_dataset import create_dataset async def create_authorized_dataset(dataset_name: str, user: User) -> Dataset: + """ + Create a new dataset and give all permissions on this dataset to the given user. + Args: + dataset_name: Name of the dataset. + user: The user object. + + Returns: + Dataset: The new authorized dataset. + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: diff --git a/cognee/modules/data/methods/get_authorized_dataset.py b/cognee/modules/data/methods/get_authorized_dataset.py index 0e30b7e0e..6c97322c8 100644 --- a/cognee/modules/data/methods/get_authorized_dataset.py +++ b/cognee/modules/data/methods/get_authorized_dataset.py @@ -15,7 +15,7 @@ async def get_authorized_dataset( Get a specific dataset with permissions for a user. Args: - user_id (UUID): user id + user: User object dataset_id (UUID): dataset id permission_type (str): permission type(read, write, delete, share), default is read diff --git a/cognee/modules/data/methods/get_authorized_dataset_by_name.py b/cognee/modules/data/methods/get_authorized_dataset_by_name.py index 654dcb630..ad50e25e9 100644 --- a/cognee/modules/data/methods/get_authorized_dataset_by_name.py +++ b/cognee/modules/data/methods/get_authorized_dataset_by_name.py @@ -11,6 +11,17 @@ from ..models import Dataset async def get_authorized_dataset_by_name( dataset_name: str, user: User, permission_type: str ) -> Optional[Dataset]: + """ + Get a specific dataset with the given name, with permissions for a given user. + + Args: + dataset_name: Name of the dataset. + user: User object. + permission_type (str): permission type(read, write, delete, share), default is read + + Returns: + Optional[Dataset]: dataset with permissions + """ authorized_datasets = await get_authorized_existing_datasets([], permission_type, user) return next((dataset for dataset in authorized_datasets if dataset.name == dataset_name), None) diff --git a/cognee/modules/pipelines/layers/resolve_authorized_user_dataset.py b/cognee/modules/pipelines/layers/resolve_authorized_user_dataset.py index 30d0fef71..7e3d1c124 100644 --- a/cognee/modules/pipelines/layers/resolve_authorized_user_dataset.py +++ b/cognee/modules/pipelines/layers/resolve_authorized_user_dataset.py @@ -11,6 +11,19 @@ from cognee.modules.data.methods import ( async def resolve_authorized_user_dataset(dataset_id: UUID, dataset_name: str, user: User): + """ + Function handles creation and dataset authorization if dataset already exist for Cognee. + Verifies that provided user has necessary permission for provided Dataset. + If Dataset does not exist creates the Dataset and gives permission for the user creating the dataset. + + Args: + dataset_id: Id of the dataset. + dataset_name: Name of the dataset. + user: Cognee User request is being processed for, if None default user will be used. + + Returns: + Tuple[User, Dataset]: A tuple containing the user and the authorized dataset. + """ if not user: user = await get_default_user() diff --git a/cognee/modules/pipelines/layers/resolve_authorized_user_datasets.py b/cognee/modules/pipelines/layers/resolve_authorized_user_datasets.py index 4f6fb8254..f91064995 100644 --- a/cognee/modules/pipelines/layers/resolve_authorized_user_datasets.py +++ b/cognee/modules/pipelines/layers/resolve_authorized_user_datasets.py @@ -25,7 +25,7 @@ async def resolve_authorized_user_datasets( datasets: Dataset names or Dataset UUID (in case Datasets already exist) Returns: - + Tuple[User, List[Dataset]]: A tuple containing the user and the list of authorized datasets. """ # If no user is provided use default user if user is None: diff --git a/cognee/modules/users/permissions/methods/authorized_give_permission_on_datasets.py b/cognee/modules/users/permissions/methods/authorized_give_permission_on_datasets.py index d8a3777b7..7960eb756 100644 --- a/cognee/modules/users/permissions/methods/authorized_give_permission_on_datasets.py +++ b/cognee/modules/users/permissions/methods/authorized_give_permission_on_datasets.py @@ -9,6 +9,18 @@ from uuid import UUID async def authorized_give_permission_on_datasets( principal_id: UUID, dataset_ids: Union[List[UUID], UUID], permission_name: str, owner_id: UUID ): + """ + Give permission to certain datasets to a user. + The request owner must have the necessary permission to share the datasets. + Args: + principal_id: Id of user to whom datasets are shared + dataset_ids: Ids of datasets to share + permission_name: Name of permission to give + owner_id: Id of the request owner + + Returns: + None + """ # If only a single dataset UUID is provided transform it to a list if not isinstance(dataset_ids, list): dataset_ids = [dataset_ids] diff --git a/cognee/modules/users/permissions/methods/check_permission_on_dataset.py b/cognee/modules/users/permissions/methods/check_permission_on_dataset.py index 467da7154..d489417e0 100644 --- a/cognee/modules/users/permissions/methods/check_permission_on_dataset.py +++ b/cognee/modules/users/permissions/methods/check_permission_on_dataset.py @@ -10,6 +10,17 @@ logger = get_logger() async def check_permission_on_dataset(user: User, permission_type: str, dataset_id: UUID): + """ + Check if a user has a specific permission on a dataset. + Args: + user: User whose permission is checked + permission_type: Type of permission to check + dataset_id: Id of the dataset + + Returns: + None + + """ if user is None: user = await get_default_user() diff --git a/cognee/modules/users/permissions/methods/get_all_user_permission_datasets.py b/cognee/modules/users/permissions/methods/get_all_user_permission_datasets.py index 5b242baa4..a2a2b5fdd 100644 --- a/cognee/modules/users/permissions/methods/get_all_user_permission_datasets.py +++ b/cognee/modules/users/permissions/methods/get_all_user_permission_datasets.py @@ -9,6 +9,16 @@ logger = get_logger() async def get_all_user_permission_datasets(user: User, permission_type: str) -> list[Dataset]: + """ + Return a list of datasets the user has permission for. + If the user is part of a tenant, return datasets his roles have permission for. + Args: + user + permission_type + + Returns: + list[Dataset]: List of datasets user has permission for + """ datasets = list() # Get all datasets User has explicit access to datasets.extend(await get_principal_datasets(user, permission_type)) diff --git a/cognee/modules/users/permissions/methods/get_document_ids_for_user.py b/cognee/modules/users/permissions/methods/get_document_ids_for_user.py index 3b053d8e7..9b1db024e 100644 --- a/cognee/modules/users/permissions/methods/get_document_ids_for_user.py +++ b/cognee/modules/users/permissions/methods/get_document_ids_for_user.py @@ -8,6 +8,16 @@ from ...models import ACL, Permission async def get_document_ids_for_user(user_id: UUID, datasets: list[str] = None) -> list[str]: + """ + Return a list of documents ids for which the user has read permission. + If datasets are specified, return only documents from those datasets. + Args: + user_id: Id of the user + datasets: List of datasets + + Returns: + list[str]: List of documents for which the user has read permission + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: diff --git a/cognee/modules/users/permissions/methods/get_principal.py b/cognee/modules/users/permissions/methods/get_principal.py index 53d39651a..245190cf8 100644 --- a/cognee/modules/users/permissions/methods/get_principal.py +++ b/cognee/modules/users/permissions/methods/get_principal.py @@ -6,6 +6,15 @@ from ...models.Principal import Principal async def get_principal(principal_id: UUID): + """ + Return information about a user based on their id + Args: + principal_id: Id of the user + + Returns: + principal: Information about the user (principal) + + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: diff --git a/cognee/modules/users/permissions/methods/get_principal_datasets.py b/cognee/modules/users/permissions/methods/get_principal_datasets.py index b2385182f..a9adb8f00 100644 --- a/cognee/modules/users/permissions/methods/get_principal_datasets.py +++ b/cognee/modules/users/permissions/methods/get_principal_datasets.py @@ -9,6 +9,17 @@ from ...models.ACL import ACL async def get_principal_datasets(principal: Principal, permission_type: str) -> list[Dataset]: + """ + Return a list of datasets for which the user (principal) has a certain permission. + Args: + principal: Information about the user + permission_type: Type of permission + + Returns: + list[Dataset]: List of datasets for which the user (principal) + has the permission (permission_type). + + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: diff --git a/cognee/modules/users/permissions/methods/get_role.py b/cognee/modules/users/permissions/methods/get_role.py index 007044c43..a703fc9f9 100644 --- a/cognee/modules/users/permissions/methods/get_role.py +++ b/cognee/modules/users/permissions/methods/get_role.py @@ -9,6 +9,16 @@ from ...models.Role import Role async def get_role(tenant_id: UUID, role_name: str): + """ + Return the role with the name role_name of the given tenant. + Args: + tenant_id: Id of the given tenant + role_name: Name of the role + + Returns + The role for the given tenant. + + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: diff --git a/cognee/modules/users/permissions/methods/get_specific_user_permission_datasets.py b/cognee/modules/users/permissions/methods/get_specific_user_permission_datasets.py index b6ad1291d..8dee4d782 100644 --- a/cognee/modules/users/permissions/methods/get_specific_user_permission_datasets.py +++ b/cognee/modules/users/permissions/methods/get_specific_user_permission_datasets.py @@ -15,9 +15,9 @@ async def get_specific_user_permission_datasets( Return a list of datasets user has given permission for. If a list of datasets is provided, verify for which datasets user has appropriate permission for and return list of datasets he has permission for. Args: - user_id: - permission_type: - dataset_ids: + user_id: Id of the user. + permission_type: Type of the permission. + dataset_ids: Ids of the provided datasets Returns: list[Dataset]: List of datasets user has permission for diff --git a/cognee/modules/users/permissions/methods/get_tenant.py b/cognee/modules/users/permissions/methods/get_tenant.py index c5bf1a633..832ff71b8 100644 --- a/cognee/modules/users/permissions/methods/get_tenant.py +++ b/cognee/modules/users/permissions/methods/get_tenant.py @@ -8,6 +8,15 @@ from ...models.Tenant import Tenant async def get_tenant(tenant_id: UUID): + """ + Return information about the tenant based on the given id. + Args: + tenant_id: Id of the given tenant + + Returns + Information about the given tenant. + + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: diff --git a/cognee/modules/users/permissions/methods/give_default_permission_to_role.py b/cognee/modules/users/permissions/methods/give_default_permission_to_role.py index bf3b6a9c7..9d9b41c1b 100644 --- a/cognee/modules/users/permissions/methods/give_default_permission_to_role.py +++ b/cognee/modules/users/permissions/methods/give_default_permission_to_role.py @@ -16,6 +16,15 @@ from cognee.modules.users.models import ( async def give_default_permission_to_role(role_id: UUID, permission_name: str): + """ + Give the permission with given name to the role with the given id as a default permission. + Args: + role_id: Id of the role + permission_name: Name of the permission + + Returns: + None + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: diff --git a/cognee/modules/users/permissions/methods/give_default_permission_to_tenant.py b/cognee/modules/users/permissions/methods/give_default_permission_to_tenant.py index 57049ae2e..7baa8c244 100644 --- a/cognee/modules/users/permissions/methods/give_default_permission_to_tenant.py +++ b/cognee/modules/users/permissions/methods/give_default_permission_to_tenant.py @@ -16,6 +16,15 @@ from cognee.modules.users.models import ( async def give_default_permission_to_tenant(tenant_id: UUID, permission_name: str): + """ + Give the permission with given name to the tenant with the given id as a default permission. + Args: + tenant_id: Id of the tenant + permission_name: Name of the permission + + Returns: + None + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: tenant = ( diff --git a/cognee/modules/users/permissions/methods/give_default_permission_to_user.py b/cognee/modules/users/permissions/methods/give_default_permission_to_user.py index 40913ff12..545122fd0 100644 --- a/cognee/modules/users/permissions/methods/give_default_permission_to_user.py +++ b/cognee/modules/users/permissions/methods/give_default_permission_to_user.py @@ -16,6 +16,15 @@ from cognee.modules.users.models import ( async def give_default_permission_to_user(user_id: UUID, permission_name: str): + """ + Give the permission with given name to the user with the given id as a default permission. + Args: + user_id: Id of the tenant + permission_name: Name of the permission + + Returns: + None + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: user = (await session.execute(select(User).where(User.id == user_id))).scalars().first() diff --git a/cognee/modules/users/permissions/methods/give_permission_on_dataset.py b/cognee/modules/users/permissions/methods/give_permission_on_dataset.py index 0ed536981..6d0272192 100644 --- a/cognee/modules/users/permissions/methods/give_permission_on_dataset.py +++ b/cognee/modules/users/permissions/methods/give_permission_on_dataset.py @@ -24,6 +24,16 @@ async def give_permission_on_dataset( dataset_id: UUID, permission_name: str, ): + """ + Give a specific permission on a dataset to a user. + Args: + principal: User who is being given the permission on the dataset + dataset_id: Id of the dataset + permission_name: Name of permission to give + + Returns: + None + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: diff --git a/cognee/modules/users/roles/methods/add_user_to_role.py b/cognee/modules/users/roles/methods/add_user_to_role.py index c6d8fdb63..de5e47775 100644 --- a/cognee/modules/users/roles/methods/add_user_to_role.py +++ b/cognee/modules/users/roles/methods/add_user_to_role.py @@ -21,6 +21,17 @@ from cognee.modules.users.models import ( async def add_user_to_role(user_id: UUID, role_id: UUID, owner_id: UUID): + """ + Add a user with the given id to the role with the given id. + Args: + user_id: Id of the user. + role_id: Id of the role. + owner_id: Id of the request owner. + + Returns: + None + + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: user = (await session.execute(select(User).where(User.id == user_id))).scalars().first() diff --git a/cognee/modules/users/roles/methods/create_role.py b/cognee/modules/users/roles/methods/create_role.py index 897c42394..bdba4ad31 100644 --- a/cognee/modules/users/roles/methods/create_role.py +++ b/cognee/modules/users/roles/methods/create_role.py @@ -16,6 +16,16 @@ async def create_role( role_name: str, owner_id: UUID, ): + """ + Create a new role with the given name, if the request owner with the given id + has the necessary permission. + Args: + role_name: Name of the new role. + owner_id: Id of the request owner. + + Returns: + None + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: user = await get_user(owner_id) diff --git a/cognee/modules/users/tenants/methods/add_user_to_tenant.py b/cognee/modules/users/tenants/methods/add_user_to_tenant.py index cf0ad0535..1374067a7 100644 --- a/cognee/modules/users/tenants/methods/add_user_to_tenant.py +++ b/cognee/modules/users/tenants/methods/add_user_to_tenant.py @@ -13,6 +13,18 @@ from cognee.modules.users.exceptions import ( async def add_user_to_tenant(user_id: UUID, tenant_id: UUID, owner_id: UUID): + """ + Add a user with the given id to the tenant with the given id. + This can only be successful if the request owner with the given id is the tenant owner. + Args: + user_id: Id of the user. + tenant_id: Id of the tenant. + owner_id: Id of the request owner. + + Returns: + None + + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: user = await get_user(user_id) diff --git a/cognee/modules/users/tenants/methods/create_tenant.py b/cognee/modules/users/tenants/methods/create_tenant.py index 5d68e8110..bd8abadd1 100644 --- a/cognee/modules/users/tenants/methods/create_tenant.py +++ b/cognee/modules/users/tenants/methods/create_tenant.py @@ -8,6 +8,16 @@ from cognee.modules.users.methods import get_user async def create_tenant(tenant_name: str, user_id: UUID): + """ + Create a new tenant with the given name, for the user with the given id. + This user is the owner of the tenant. + Args: + tenant_name: Name of the new tenant. + user_id: Id of the user. + + Returns: + None + """ db_engine = get_relational_engine() async with db_engine.get_async_session() as session: try: