TokenChangeHistoryStore

class gafaelfawr.storage.history.TokenChangeHistoryStore(session)

Bases: object

Stores and retrieves the history of changes to tokens.

Parameters:

session (async_scoped_session) – The database session proxy.

Methods Summary

add(entry)

Record a change to a token.

delete(*, older_than)

Delete older entries.

list(*[, cursor, limit, since, until, ...])

Return all changes to a specific token.

Methods Documentation

async add(entry)

Record a change to a token.

Parameters:

entry (TokenChangeHistoryEntry) – New entry to add to the database.

Return type:

None

async delete(*, older_than)

Delete older entries.

Parameters:

older_than (datetime) – Delete entries created prior to this date.

Return type:

None

async list(*, cursor=None, limit=None, since=None, until=None, username=None, actor=None, key=None, token=None, token_type=None, ip_or_cidr=None)

Return all changes to a specific token.

Parameters:

  • cursor (TokenChangeHistoryCursor | None, default: None) – A pagination cursor specifying where to start in the results.

  • limit (int | None, default: None) – Limit the number of returned results.

  • since (datetime | None, default: None) – Limit the results to events at or after this time.

  • until (datetime | None, default: None) – Limit the results to events before or at this time.

  • username (str | None, default: None) – Limit the results to tokens owned by this user.

  • actor (str | None, default: None) – Limit the results to actions performed by this user.

  • key (str | None, default: None) – Limit the results to this token and any subtokens of this token. Note that this will currently pick up direct subtokens but not subtokens of subtokens.

  • token (str | None, default: None) – Limit the results to only this token.

  • token_type (TokenType | None, default: None) – Limit the results to tokens of this type.

  • ip_or_cidr (str | None, default: None) – Limit the results to changes made from this IPv4 or IPv6 address or CIDR block. Unless the underlying database is PostgreSQL, the CIDR block must be on an octet boundary.

Returns:

List of change history entries, which may be empty.

Return type:

safir.database.CountedPaginatedList of TokenChangeHistoryEntry