feat(server): implement Resource Scoping for tasks and push notifications#709
feat(server): implement Resource Scoping for tasks and push notifications#709sokoliva wants to merge 33 commits intoa2aproject:1.0-devfrom
Resource Scoping for tasks and push notifications#709Conversation
…fications` Introduces caller indentity isolation to ensure clients only access authorized resources, as mandated by the A2A spec. - Add 'owner' field to `TaskMixin` and `PushNotificationConfig` database models. - Add 'last_updated' field to `TaskMixin` for optimized sorting and indexing. - Update `DatabaseTaskStore`, `InMemoryTaskStore` and `DatabasePushNotificationConfigStore` to use `OwnerResolver`. - Add relevant Unit tests. - Add Alembic configuration to enable users to update their own databases with non-optional `owner` field in `tasks` table.
Summary of ChangesHello @sokoliva, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly enhances the server's data management capabilities by implementing robust resource scoping for tasks and push notification configurations, ensuring that users can only access their own data. It also introduces a flexible 'ListTasks' API, enabling efficient retrieval and management of tasks with advanced filtering and pagination. The integration of Alembic provides a structured approach to future database schema evolution. Highlights
Changelog
Ignored Files
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
There was a problem hiding this comment.
Code Review
This pull request introduces resource scoping by adding an owner field to tasks and push notification configurations, which is a great step towards multi-tenancy and security. The implementation across the database and in-memory stores is consistent. I've also noticed the addition of Alembic for database migrations, which is excellent for managing schema changes. My feedback focuses on improving the Alembic configuration, strengthening the data model for timestamps, and making the owner resolution logic more robust.
…to resource-scoping
- fix elmbic README.md error - make ServerCallContext optional in OwnerResolver
…thon into resource-scoping
…to resource-scoping
…thon into resource-scoping
There was a problem hiding this comment.
We should use migration(s) for all schema updates made in this PR: last_updated and indexes as well.
Currently we have a flag to create tables via create_all which is not going to create new columns inside existing tables. * - maybe it will create new index, but it requires checking.
| asyncio.run(run_async_migrations()) | ||
|
|
||
|
|
||
| if context.is_offline_mode(): |
There was a problem hiding this comment.
Is it possible to use it via CLI? Can't find it in the cli.py or in the docs. It could be beneficial for environments where DB updates are done only via scripts with manual DBA reviews to generate SQL instead of running it.
There was a problem hiding this comment.
Let's add --verbose -v flag for debug logs, not sure about exact log levels in sqlalchemy but at least printing executed SQL statements would be good.
|
|
||
| ```bash | ||
| # Bring the database to the latest version | ||
| a2a-db |
There was a problem hiding this comment.
Running this command in a fresh environment will fail with alembic package missing error. alembic is a dev dependency currently so for package users it won't be installed.
You can reproduce it by creating a "fake" consumer project and installing whl there:
uv build
which is going to output something like dist/a2a_python-*.whl.
And in the new folder
uv venv
uv pip install <whl path from uv build>
uv run a2a-db
I believe we have two options:
- Instruct users to manually install
alembicas their dev dependency if they want to use this CLI. - Create a separate "extra" which will be used for this.
| self.owner_resolver = owner_resolver | ||
|
|
||
| def _get_owner_tasks(self, owner: str) -> dict[str, Task]: | ||
| return self.tasks.get(owner, {}) |
There was a problem hiding this comment.
I don't think that fallback to {} is required after changing tasks to defaultdict(dict).
There was a problem hiding this comment.
Let's consider if some check can be added to fail fast on non-applied migrations. Currently it's going to fail during request execution, maybe it can be checked in initialize method to fail fast?
We can follow-up with this in a separate PR/issue as it's rather a safety net, but given that we're establishing DB migrations infrastructure it can be beneficial to research this aspect as well.
Description
Introduces caller indentity isolation to ensure clients only access authorized resources, as mandated by the A2A spec.
ownerfield toTaskMixinandPushNotificationConfigdatabase models.last_updatedfield toTaskMixinfor optimized sorting and indexing.DatabaseTaskStore,InMemoryTaskStoreandDatabasePushNotificationConfigStoreto useOwnerResolver.ownercolumn intasksandpush_notification_configstable and optionallast_updatedand index(owner, last_updated)intasks.uv run a2a-dbfor database updating.Note
src/a2a/server/tasks/database_task_store.pylistmethod, Gemini suggested a refactor of pagination. I thoroughly reviewed it and comfirmed that the logic is the same and that readability of code improved so I decided to accept it.delete_infomethod. Whenconfig_idis None and onlytask_idwas provided it would search for configs mapped totask_idwithconfig.id=task_id, contrary todelete_infomethod of DatabasePushNotificationConfigStore where if config_id is None, all configurations for the task are deleted. Unfortunately, I did not find intended behavior defined in the spec, but behavior ofDatabasePushNotificationConfigStore'sdelete_infoseems more logical.Breaking changes
added non-optional owner field to the Task Model. Use alembic configuration to update your database.
Ensure the tests and linter pass (Run
bash scripts/format.shfrom the repository root to format)Appropriate docs were updated (if necessary)
Fixes #610 🦕