Python client library for the Treetop policy server

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for terjekv from gravatar.com terjekv

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Terje Kvernes
  • Requires: Python >=3.12
Classifiers
Report project as malware

Project description

TreeTop Client

Dataclass-based HTTPX client for the Treetop REST API. Python ≥ 3.11, zero runtime deps beyond HTTPX.

Example

from treetop_client.client import TreeTopClient
from treetop_client.models import Action, Request, Resource, User, ResourceAttribute, ResourceAttributeType


client = TreeTopClient(base_url=f"http://localhost:{PORT}")

attrs["ip"] = ResourceAttribute.new("10.0.0.1", ResourceAttributeType.IP)
attrs["name"] = ResourceAttribute.new("myhost.example.com", ResourceAttributeType.STRING)

req = Request(
    principal=User.new("myuser", "mynamespace", ["mygroup"]),
    action=Action.new("myaction", ["mynamespace"]),
    resource=Resource.new("Host", id="myhost", attrs=attrs)
)
resp = client.check(req)
assert resp.is_allowed() 
assert resp.decision == "Allow"

# The other possible value for decision is "Deny" which makes `is_denied()` True
# (and `is_allowed()` False).

You can also use the check_detailed method to get more information about the decision:

from treetop_client.client import TreeTopClient
from treetop_client.models import Action, Request, Resource, User, ResourceAttribute, ResourceAttributeType

client = TreeTopClient(base_url=f"http://localhost:{PORT}")

attrs["ip"] = ResourceAttribute.new("10.0.0.1", ResourceAttributeType.IP)
attrs["name"] = ResourceAttribute.new("myhost.example.com", ResourceAttributeType.STRING)

req = Request(
    principal=User.new("myuser", "mynamespace", ["mygroup"]),
    action=Action.new("myaction", ["mynamespace"]),
    resource=Resource.new("Host", id="myhost", attrs=attrs)
)

resp = client.check_detailed(req)
assert resp.is_allowed()
assert resp.decision == "Allow"
 # This will contain the policy that was matched, in cedar format
assert resp.policy_literal() is not None
 # This will contain the policy that was matched, in JSON format
assert resp.policy_json() is not None

Note that for User the namespace and groups are optional, and for Action the namespace is optional. If you don't provide a namespace, it will default to the root namespace.

Correlation ID

You can pass a correlation ID to the check and check_detailed methods. This ID will be included in the request headers and can be used on the server side to trace requests across queries or services. The value is a string of the client's choosing.

from treetop_client.client import TreeTopClient
from treetop_client.models import Action, Request, Resource, User

client = TreeTopClient(base_url=f"http://localhost:{PORT}")

attrs["ip"] = ResourceAttribute.new("10.0.0.1", ResourceAttributeType.IP)
attrs["name"] = ResourceAttribute.new("myhost.example.com", ResourceAttributeType.STRING)

req = Request(
    principal=User.new("myuser", "mynamespace", ["mygroup"]),
    action=Action.new("myaction", ["mynamespace"]),
    resource=Resource.new("Host", id="myhost", attrs=attrs)
)

resp = client.check(req, correlation_id="my-correlation-id")

Integration tests

Make sure you have Docker & Docker Compose installed.

# Run only unit tests:
pytest

# Run integration tests (will spin up Docker Compose):
pytest -m integration

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for terjekv from gravatar.com terjekv

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Terje Kvernes
  • Requires: Python >=3.12
Classifiers

Release history Release notifications | RSS feed

0.0.7

0.0.6

0.0.5

This version

0.0.4

0.0.3

0.0.2

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

treetop_client-0.0.4.tar.gz (5.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

treetop_client-0.0.4-py3-none-any.whl (6.7 kB view details)

Uploaded Python 3

File details

Details for the file treetop_client-0.0.4.tar.gz.

File metadata

  • Download URL: treetop_client-0.0.4.tar.gz
  • Upload date:
  • Size: 5.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.13.9 Darwin/25.1.0

File hashes

Hashes for treetop_client-0.0.4.tar.gz
Algorithm Hash digest
SHA256 325fc5089f974c290e525d3e1ce561049e4b652377e32eb662139c8a1cd79a62
MD5 29f7f97b0911a7b58175a779cf0ced00
BLAKE2b-256 791a468003b8aed77d57cca08e518749a36d5481017fcc5fd45a2453cef35e9b

See more details on using hashes here.

File details

Details for the file treetop_client-0.0.4-py3-none-any.whl.

File metadata

  • Download URL: treetop_client-0.0.4-py3-none-any.whl
  • Upload date:
  • Size: 6.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.13.9 Darwin/25.1.0

File hashes

Hashes for treetop_client-0.0.4-py3-none-any.whl
Algorithm Hash digest
SHA256 3820f7d3212ec0bbc0e9f51fa165f7c0402f93ab2307ad040e0b4d9c25b5976c
MD5 68e48b8d12701da5b5ffcfd0bee69d49
BLAKE2b-256 59b877e54797bdc1c90b3cbfd885acf2b932060a7d86e371e91c27b4fa88ff6e

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page