feat(automations): static_inputs on triggers + vertical-slice api/services

surfsense_backend/app/automations/services/__init__.py

@@ -1,7 +1,16 @@
-"""Service layer for the automations feature."""
+"""Services for the automations HTTP layer (one service per resource)."""
 
 from __future__ import annotations
 
 from .automation import AutomationService, get_automation_service
+from .run import RunService, get_run_service
+from .trigger import TriggerService, get_trigger_service
 
-__all__ = ["AutomationService", "get_automation_service"]
+__all__ = [
+    "AutomationService",
+    "RunService",
+    "TriggerService",
+    "get_automation_service",
+    "get_run_service",
+    "get_trigger_service",
+]

surfsense_backend/app/automations/services/automation.py

@@ -2,54 +2,111 @@
 
 from __future__ import annotations
 
-from typing import Any
+from datetime import UTC, datetime
 
 from fastapi import Depends, HTTPException
+from pydantic import ValidationError
+from sqlalchemy import func, select
 from sqlalchemy.ext.asyncio import AsyncSession
+from sqlalchemy.orm import selectinload
 
-from app.automations.dispatch import DispatchError
+from app.automations.schemas.api import (
+    AutomationCreate,
+    AutomationUpdate,
+    TriggerCreate,
+)
+from app.automations.persistence.enums.trigger_type import TriggerType
 from app.automations.persistence.models.automation import Automation
-from app.automations.persistence.models.run import AutomationRun
-from app.automations.triggers.manual import dispatch_manual_run
+from app.automations.persistence.models.trigger import AutomationTrigger
+from app.automations.triggers import get_trigger
+from app.automations.triggers.schedule import compute_next_fire_at
 from app.db import Permission, User, get_async_session
 from app.users import current_active_user
 from app.utils.rbac import check_permission
 
 
 class AutomationService:
-    """Service for the ``Automation`` resource."""
+    """Lifecycle of the ``Automation`` resource."""
 
     def __init__(self, *, session: AsyncSession, user: User) -> None:
         self.session = session
         self.user = user
 
-    async def run_now(
+    async def create(self, payload: AutomationCreate) -> Automation:
+        """Create an automation and its initial triggers in one transaction."""
+        await self._authorize(payload.search_space_id, Permission.AUTOMATIONS_CREATE.value)
+
+        automation = Automation(
+            search_space_id=payload.search_space_id,
+            created_by_user_id=self.user.id,
+            name=payload.name,
+            description=payload.description,
+            definition=payload.definition.model_dump(mode="json", by_alias=True),
+            version=1,
+        )
+        for spec in payload.triggers:
+            automation.triggers.append(_build_trigger(spec))
+
+        self.session.add(automation)
+        await self.session.commit()
+        return await self._get_with_triggers_or_raise(automation.id)
+
+    async def list(
         self,
         *,
-        automation_id: int,
-        payload: dict[str, Any] | None,
-    ) -> AutomationRun:
-        """Fire a manual run for ``automation_id``."""
-        automation = await self._get_automation_or_raise(automation_id)
-        await check_permission(
-            self.session,
-            self.user,
-            automation.search_space_id,
-            Permission.AUTOMATIONS_EXECUTE.value,
-            "You don't have permission to execute automations in this search space",
+        search_space_id: int,
+        limit: int,
+        offset: int,
+    ) -> tuple[list[Automation], int]:
+        """Return a page of automations and the total count."""
+        await self._authorize(search_space_id, Permission.AUTOMATIONS_READ.value)
+
+        base = select(Automation).where(Automation.search_space_id == search_space_id)
+        total = await self.session.scalar(
+            select(func.count()).select_from(base.subquery())
         )
 
-        try:
-            return await dispatch_manual_run(
-                session=self.session,
-                automation_id=automation_id,
-                payload=payload,
+        rows = (
+            await self.session.execute(
+                base.order_by(Automation.created_at.desc()).limit(limit).offset(offset)
             )
-        except DispatchError as exc:
-            raise HTTPException(status_code=422, detail=str(exc)) from exc
+        ).scalars().all()
+        return list(rows), int(total or 0)
 
-    async def _get_automation_or_raise(self, automation_id: int) -> Automation:
-        """Get the automation by id; 404 if missing."""
+    async def get(self, automation_id: int) -> Automation:
+        """Get an automation with its triggers loaded."""
+        automation = await self._get_with_triggers_or_raise(automation_id)
+        await self._authorize(automation.search_space_id, Permission.AUTOMATIONS_READ.value)
+        return automation
+
+    async def update(self, automation_id: int, patch: AutomationUpdate) -> Automation:
+        """Patch fields. Bumps ``version`` when ``definition`` changes."""
+        automation = await self._get_with_triggers_or_raise(automation_id)
+        await self._authorize(automation.search_space_id, Permission.AUTOMATIONS_UPDATE.value)
+
+        data = patch.model_dump(exclude_unset=True)
+
+        if "name" in data:
+            automation.name = data["name"]
+        if "description" in data:
+            automation.description = data["description"]
+        if "status" in data:
+            automation.status = data["status"]
+        if "definition" in data:
+            automation.definition = patch.definition.model_dump(mode="json", by_alias=True)
+            automation.version += 1
+
+        await self.session.commit()
+        return await self._get_with_triggers_or_raise(automation_id)
+
+    async def delete(self, automation_id: int) -> None:
+        """Delete an automation; FK cascades remove triggers and runs."""
+        automation = await self._get_or_raise(automation_id)
+        await self._authorize(automation.search_space_id, Permission.AUTOMATIONS_DELETE.value)
+        await self.session.delete(automation)
+        await self.session.commit()
+
+    async def _get_or_raise(self, automation_id: int) -> Automation:
         automation = await self.session.get(Automation, automation_id)
         if automation is None:
             raise HTTPException(
@@ -57,6 +114,56 @@ class AutomationService:
             )
         return automation
 
+    async def _get_with_triggers_or_raise(self, automation_id: int) -> Automation:
+        stmt = (
+            select(Automation)
+            .where(Automation.id == automation_id)
+            .options(selectinload(Automation.triggers))
+        )
+        automation = (await self.session.execute(stmt)).scalar_one_or_none()
+        if automation is None:
+            raise HTTPException(
+                status_code=404, detail=f"automation {automation_id} not found"
+            )
+        return automation
+
+    async def _authorize(self, search_space_id: int, permission: str) -> None:
+        await check_permission(
+            self.session,
+            self.user,
+            search_space_id,
+            permission,
+            f"You don't have permission to {permission.split(':')[1]} automations in this search space",
+        )
+
+
+def _build_trigger(spec: TriggerCreate) -> AutomationTrigger:
+    """Validate trigger params via its registered Pydantic model and build the ORM row."""
+    definition = get_trigger(spec.type.value)
+    if definition is None:
+        raise HTTPException(status_code=422, detail=f"unknown trigger type {spec.type.value!r}")
+
+    try:
+        validated = definition.params_model.model_validate(spec.params)
+    except ValidationError as exc:
+        raise HTTPException(status_code=422, detail=str(exc)) from exc
+
+    params = validated.model_dump(mode="json")
+
+    next_fire_at = None
+    if spec.type == TriggerType.SCHEDULE and spec.enabled:
+        next_fire_at = compute_next_fire_at(
+            params["cron"], params["timezone"], after=datetime.now(UTC)
+        )
+
+    return AutomationTrigger(
+        type=spec.type,
+        params=params,
+        static_inputs=spec.static_inputs,
+        enabled=spec.enabled,
+        next_fire_at=next_fire_at,
+    )
+
 
 def get_automation_service(
     session: AsyncSession = Depends(get_async_session),

surfsense_backend/app/automations/services/run.py

@@ -0,0 +1,93 @@
+"""``RunService`` — dispatch and history of automation runs."""
+
+from __future__ import annotations
+
+from typing import Any
+
+from fastapi import Depends, HTTPException
+from sqlalchemy import func, select
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.automations.dispatch import DispatchError
+from app.automations.persistence.models.automation import Automation
+from app.automations.persistence.models.run import AutomationRun
+from app.automations.triggers.manual import dispatch_manual_run
+from app.db import Permission, User, get_async_session
+from app.users import current_active_user
+from app.utils.rbac import check_permission
+
+
+class RunService:
+    """Lifecycle of the ``AutomationRun`` resource."""
+
+    def __init__(self, *, session: AsyncSession, user: User) -> None:
+        self.session = session
+        self.user = user
+
+    async def dispatch_manual(
+        self,
+        *,
+        automation_id: int,
+        runtime_inputs: dict[str, Any] | None,
+    ) -> AutomationRun:
+        """Fire a manual run via the registered manual trigger."""
+        await self._authorize(automation_id, Permission.AUTOMATIONS_EXECUTE.value)
+        try:
+            return await dispatch_manual_run(
+                session=self.session,
+                automation_id=automation_id,
+                runtime_inputs=runtime_inputs,
+            )
+        except DispatchError as exc:
+            raise HTTPException(status_code=422, detail=str(exc)) from exc
+
+    async def list(
+        self,
+        *,
+        automation_id: int,
+        limit: int,
+        offset: int,
+    ) -> tuple[list[AutomationRun], int]:
+        """Return a page of runs for an automation, newest first."""
+        await self._authorize(automation_id, Permission.AUTOMATIONS_READ.value)
+
+        base = select(AutomationRun).where(AutomationRun.automation_id == automation_id)
+        total = await self.session.scalar(
+            select(func.count()).select_from(base.subquery())
+        )
+
+        rows = (
+            await self.session.execute(
+                base.order_by(AutomationRun.created_at.desc()).limit(limit).offset(offset)
+            )
+        ).scalars().all()
+        return list(rows), int(total or 0)
+
+    async def get(self, *, automation_id: int, run_id: int) -> AutomationRun:
+        await self._authorize(automation_id, Permission.AUTOMATIONS_READ.value)
+        run = await self.session.get(AutomationRun, run_id)
+        if run is None or run.automation_id != automation_id:
+            raise HTTPException(status_code=404, detail=f"run {run_id} not found")
+        return run
+
+    async def _authorize(self, automation_id: int, permission: str) -> Automation:
+        automation = await self.session.get(Automation, automation_id)
+        if automation is None:
+            raise HTTPException(
+                status_code=404, detail=f"automation {automation_id} not found"
+            )
+        await check_permission(
+            self.session,
+            self.user,
+            automation.search_space_id,
+            permission,
+            f"You don't have permission to {permission.split(':')[1]} automations in this search space",
+        )
+        return automation
+
+
+def get_run_service(
+    session: AsyncSession = Depends(get_async_session),
+    user: User = Depends(current_active_user),
+) -> RunService:
+    return RunService(session=session, user=user)

surfsense_backend/app/automations/services/trigger.py

@@ -0,0 +1,143 @@
+"""``TriggerService`` — lifecycle of triggers attached to an automation."""
+
+from __future__ import annotations
+
+from datetime import UTC, datetime
+
+from fastapi import Depends, HTTPException
+from pydantic import ValidationError
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.automations.schemas.api import TriggerCreate, TriggerUpdate
+from app.automations.persistence.enums.trigger_type import TriggerType
+from app.automations.persistence.models.automation import Automation
+from app.automations.persistence.models.trigger import AutomationTrigger
+from app.automations.triggers import get_trigger
+from app.automations.triggers.schedule import compute_next_fire_at
+from app.db import Permission, User, get_async_session
+from app.users import current_active_user
+from app.utils.rbac import check_permission
+
+
+class TriggerService:
+    """Lifecycle of the ``AutomationTrigger`` sub-resource."""
+
+    def __init__(self, *, session: AsyncSession, user: User) -> None:
+        self.session = session
+        self.user = user
+
+    async def add(
+        self, *, automation_id: int, payload: TriggerCreate
+    ) -> AutomationTrigger:
+        automation = await self._authorize_automation(
+            automation_id, Permission.AUTOMATIONS_UPDATE.value
+        )
+
+        validated_params = _validate_params(payload.type, payload.params)
+        trigger = AutomationTrigger(
+            automation_id=automation.id,
+            type=payload.type,
+            params=validated_params,
+            static_inputs=payload.static_inputs,
+            enabled=payload.enabled,
+            next_fire_at=_initial_next_fire(payload.type, validated_params, payload.enabled),
+        )
+        self.session.add(trigger)
+        await self.session.commit()
+        await self.session.refresh(trigger)
+        return trigger
+
+    async def update(
+        self,
+        *,
+        automation_id: int,
+        trigger_id: int,
+        patch: TriggerUpdate,
+    ) -> AutomationTrigger:
+        await self._authorize_automation(automation_id, Permission.AUTOMATIONS_UPDATE.value)
+        trigger = await self._get_trigger_or_raise(automation_id, trigger_id)
+
+        data = patch.model_dump(exclude_unset=True)
+
+        if "params" in data:
+            trigger.params = _validate_params(trigger.type, data["params"])
+
+        if "static_inputs" in data:
+            trigger.static_inputs = data["static_inputs"]
+
+        if "enabled" in data:
+            trigger.enabled = data["enabled"]
+
+        # Recompute next_fire_at when schedule timing changed or the trigger was
+        # toggled back on. Manual triggers always have NULL next_fire_at.
+        if trigger.type == TriggerType.SCHEDULE:
+            trigger.next_fire_at = _initial_next_fire(
+                trigger.type, trigger.params, trigger.enabled
+            )
+
+        await self.session.commit()
+        await self.session.refresh(trigger)
+        return trigger
+
+    async def remove(self, *, automation_id: int, trigger_id: int) -> None:
+        await self._authorize_automation(automation_id, Permission.AUTOMATIONS_UPDATE.value)
+        trigger = await self._get_trigger_or_raise(automation_id, trigger_id)
+        await self.session.delete(trigger)
+        await self.session.commit()
+
+    async def _authorize_automation(
+        self, automation_id: int, permission: str
+    ) -> Automation:
+        automation = await self.session.get(Automation, automation_id)
+        if automation is None:
+            raise HTTPException(
+                status_code=404, detail=f"automation {automation_id} not found"
+            )
+        await check_permission(
+            self.session,
+            self.user,
+            automation.search_space_id,
+            permission,
+            f"You don't have permission to {permission.split(':')[1]} automations in this search space",
+        )
+        return automation
+
+    async def _get_trigger_or_raise(
+        self, automation_id: int, trigger_id: int
+    ) -> AutomationTrigger:
+        trigger = await self.session.get(AutomationTrigger, trigger_id)
+        if trigger is None or trigger.automation_id != automation_id:
+            raise HTTPException(
+                status_code=404, detail=f"trigger {trigger_id} not found"
+            )
+        return trigger
+
+
+def _validate_params(trigger_type: TriggerType, raw: dict) -> dict:
+    definition = get_trigger(trigger_type.value)
+    if definition is None:
+        raise HTTPException(
+            status_code=422, detail=f"unknown trigger type {trigger_type.value!r}"
+        )
+    try:
+        validated = definition.params_model.model_validate(raw)
+    except ValidationError as exc:
+        raise HTTPException(status_code=422, detail=str(exc)) from exc
+    return validated.model_dump(mode="json")
+
+
+def _initial_next_fire(
+    trigger_type: TriggerType, params: dict, enabled: bool
+) -> datetime | None:
+    if trigger_type != TriggerType.SCHEDULE or not enabled:
+        return None
+    return compute_next_fire_at(
+        params["cron"], params["timezone"], after=datetime.now(UTC)
+    )
+
+
+def get_trigger_service(
+    session: AsyncSession = Depends(get_async_session),
+    user: User = Depends(current_active_user),
+) -> TriggerService:
+    return TriggerService(session=session, user=user)