Core

Registry of named callables (Registry + Command pattern).

The registry decouples “what to run” (a string name inside a JSON action list) from “how to run it” (a Python callable). Executors delegate name resolution to an ActionRegistry, which keeps look-up O(1) and lets plugins add commands at runtime without touching the executor class.

class automation_file.core.action_registry.ActionRegistry(initial=None)[source]

Bases: object

Mapping of action name -> callable.

Parameters:: initial (Mapping[str, Command] | None)

property event_dict: dict[str, Callable[[...], Any]]: Backwards-compatible view used by older package_manager style code.

names()[source]

Return type:: Iterable[str]

register(name, command)[source]

Add or overwrite a command. Raises if command is not callable.

Parameters:

name (str)
command (Callable[[...], Any])

Return type:

None

register_many(mapping)[source]

Register every name -> command pair in mapping.

Parameters:: mapping (Mapping[str, Callable[[...], Any]])
Return type:: None

resolve(name)[source]

Parameters:: name (str)
Return type:: Callable[[…], Any] | None

unregister(name)[source]

Parameters:: name (str)
Return type:: None

update(mapping)[source]

Alias for register_many() (dict-compatible).

Parameters:: mapping (Mapping[str, Callable[[...], Any]])
Return type:: None

automation_file.core.action_registry.build_default_registry()[source]

Return a registry pre-populated with every built-in FA_* action.

After the built-ins are registered, any third-party package advertising an automation_file.actions entry point is loaded so its commands land in the same registry. Plugins may override built-in names.

Return type:: ActionRegistry

Callback executor — runs a trigger, then a callback.

Implements the “do X then do Y” flow many automation JSON files want. The registry is shared with ActionExecutor, so adding a command to one adds it to the other.

class automation_file.core.callback_executor.CallbackExecutor(registry)[source]

Bases: object

Invoke trigger(**kwargs) then callback(*args | **kwargs).

Parameters:: registry (ActionRegistry)

callback_function(trigger_function_name, callback_function, callback_function_param=None, callback_param_method='kwargs', **kwargs)[source]

Parameters:

trigger_function_name (str)
callback_function (Callable[[...], Any])
callback_function_param (Mapping[str, Any] | list[Any] | None)
callback_param_method (str)
kwargs (Any)

Return type:

Any

Dynamic plugin registration into an ActionRegistry.

PackageLoader imports an external package by name and registers every top-level function / class / builtin under the key "<package>_<member>".

class automation_file.core.package_loader.PackageLoader(registry)[source]

Bases: object

Load packages lazily and register their public callables.

Parameters:: registry (ActionRegistry)

add_package_to_executor(package)[source]

Register every function / class / builtin from package.

Returns the number of commands that were registered.

Parameters:: package (str)
Return type:: int

load(package)[source]

Import package once and return the module (cached).

Parameters:: package (str)
Return type:: ModuleType | None

JSON persistence for action lists.

Reads/writes are serialised through a module-level lock so concurrent callers cannot interleave writes against the same file.

automation_file.core.json_store.read_action_json(json_file_path)[source]

Return the parsed JSON content at json_file_path.

Parameters:: json_file_path (str)
Return type:: Any

automation_file.core.json_store.write_action_json(json_save_path, action_json)[source]

Write action_json to json_save_path as pretty UTF-8 JSON.

Parameters:

json_save_path (str)
action_json (Any)

Return type:

None

Retry helper for transient network failures.

retry_on_transient is a small wrapper around exponential back-off. It is intentionally dependency-free so that modules which do not actually use requests or googleapiclient can import it without pulling those in.

automation_file.core.retry.retry_on_transient(max_attempts=3, backoff_base=0.5, backoff_cap=8.0, retriable=(<class 'ConnectionError'>, <class 'TimeoutError'>, <class 'OSError'>))[source]

Return a decorator that retries retriable exceptions with back-off.

On the final failure raises RetryExhaustedException chained to the underlying error so callers can still inspect the cause.

Parameters:

max_attempts (int)
backoff_base (float)
backoff_cap (float)
retriable (tuple[type[BaseException], ...])

Return type:

Callable[[F], F]

Per-action quota enforcement.

Quota bundles a maximum byte size and maximum duration. Callers use Quota.check_size(bytes) before an I/O-heavy action and wrap the action in with quota.time_budget(label): to bound wall-clock time.

class automation_file.core.quota.Quota(max_bytes=0, max_seconds=0.0)[source]

Bases: object

Bundle of per-action limits.

max_bytes <= 0 means no size cap; max_seconds <= 0 means no time cap. Defaults allow callers to share one Quota instance across many actions with fine-grained overrides at each call site.

Parameters:

max_bytes (int)
max_seconds (float)

check_size(nbytes, label='action')[source]

Raise QuotaExceededException if nbytes exceeds the cap.

Parameters:

nbytes (int)
label (str)

Return type:

None

max_bytes: int = 0

max_seconds: float = 0.0

time_budget(label='action')[source]

Context manager that raises if the enclosed block runs past the cap.

Parameters:: label (str)
Return type:: Iterator[None]

wraps(label, size_fn=None)[source]

Return a decorator that enforces the time budget around func.

If size_fn is provided it is called with the function’s return value to derive a byte count for check_size().

Parameters:: label (str)

Token-bucket rate limiter.

RateLimiter refills at rate tokens/second up to a burst capacity. Callers acquire N tokens before issuing a protected call; when empty, the limiter either blocks (up to timeout) or raises RateLimitExceededException.

class automation_file.core.rate_limit.RateLimiter(rate, burst=None)[source]

Bases: object

Thread-safe token bucket.

Parameters:

rate (float)
burst (float | None)

acquire(tokens=1.0, timeout=None)[source]

Block until tokens are available.

Raises RateLimitExceededException if timeout elapses first. timeout=None waits indefinitely; timeout=0 fails immediately.

Parameters:

tokens (float)
timeout (float | None)

Return type:

None

property capacity: float

try_acquire(tokens=1.0)[source]

Take tokens without blocking. Return True on success.

Parameters:: tokens (float)
Return type:: bool

wraps(tokens=1.0, timeout=None)[source]

Return a decorator that acquires tokens before each call.

Parameters:

tokens (float)
timeout (float | None)

Return type:

Callable[[F], F]

Three-state circuit breaker.

States: CLOSED (normal), OPEN (short-circuit after failure_threshold consecutive failures), HALF_OPEN (trial one call after recovery_timeout seconds; one success closes, one failure re-opens). Failures are counted only for exceptions in retriable — internal errors surface as-is.

class automation_file.core.circuit_breaker.CircuitBreaker(failure_threshold=5, recovery_timeout=30.0, retriable=(<class 'Exception'>, ), name='circuit')[source]

Bases: object

Open-close-half-open breaker.

failure_threshold — consecutive failures that trip the breaker. recovery_timeout — seconds spent in OPEN before transitioning to HALF_OPEN. retriable — exception types counted as failures; other exceptions pass through.

Parameters:

failure_threshold (int)
recovery_timeout (float)
retriable (tuple[type[BaseException], ...])
name (str)

call(func, *args, **kwargs)[source]

Invoke func through the breaker.

Parameters:

func (Callable[[...], Any])
args (Any)
kwargs (Any)

Return type:

Any

reset()[source]

Force the breaker back to CLOSED, clearing failure count.

Return type:: None

property state: str

wraps()[source]

Return a decorator that routes every call through call().

Return type:: Callable[[F], F]

Cross-platform advisory file lock.

Uses fcntl.flock on POSIX and msvcrt.locking on Windows, so two processes can serialise on a well-known lock path. Locks are exclusive (writer-style); shared locks are not supported because msvcrt cannot express them portably.

class automation_file.core.file_lock.FileLock(path, timeout=None)[source]

Bases: object

Advisory exclusive lock on a sidecar lock file.

path is the lock file itself — typically <resource>.lock next to the protected resource. timeout is the maximum seconds to wait when acquiring; None waits indefinitely, 0 fails immediately.

Parameters:

path (str | os.PathLike[str])
timeout (float | None)

acquire()[source]

Block until the lock is held. Raises LockTimeoutException on timeout.

Return type:: None

property is_held: bool

property path: Path

release()[source]

Release the lock; idempotent.

Return type:: None

SQLite-backed named lock for multi-process / multi-host coordination.

Unlike automation_file.core.file_lock.FileLock which locks a single file descriptor, SQLiteLock persists named leases in a shared SQLite database. Any process that can open the database can participate. Leases carry an optional TTL so crashed owners eventually free the slot.

class automation_file.core.sqlite_lock.SQLiteLock(db_path, name, timeout=None, ttl=None)[source]

Bases: object

Named lease stored in SQLite.

db_path is the SQLite file — callers sharing a lock must point at the same file. name is the lock identity. ttl (seconds) lets a crashed owner’s lease expire; None means the lease is held until explicit release. timeout bounds acquisition wait.

Parameters:

db_path (str | os.PathLike[str])
name (str)
timeout (float | None)
ttl (float | None)

acquire()[source]

Block until the lease is granted; raise LockTimeoutException on timeout.

Return type:: None

property is_held: bool

property owner: str

refresh()[source]

Extend the lease by ttl seconds. No-op when ttl is unset.

Return type:: None

release()[source]

Release the lease; idempotent. Only the owning instance removes the row.

Return type:: None

Persistent SQLite-backed queue of action payloads.

Producers call ActionQueue.enqueue() to durably store a JSON action list; consumers pull with dequeue() (marking the row inflight) and finalise with ack() or nack(). The queue survives process restarts — all state lives in the SQLite file.

class automation_file.core.action_queue.ActionQueue(db_path)[source]

Bases: object

Durable FIFO / priority queue for JSON action payloads.

Parameters:: db_path (str | os.PathLike[str])

ack(item_id)[source]

Finalise a claimed row as processed.

Parameters:: item_id (int)
Return type:: None

dead_letters()[source]

Return type:: list[QueueItem]

dequeue()[source]

Claim the next ready row; returns None if the queue is empty.

Return type:: QueueItem | None

enqueue(action, priority=0, run_at=None)[source]

Persist action for later dispatch. Returns the row id.

Parameters:

action (list[Any] | dict[str, Any])
priority (int)
run_at (float | None)

Return type:

int

nack(item_id, *, requeue=True, reason='', delay=0.0)[source]

Return a claimed row to the queue (requeue=True) or mark as dead.

Parameters:

item_id (int)
requeue (bool)
reason (str)
delay (float)

Return type:

None

purge()[source]

Delete every row (ready / inflight / dead). Returns rows deleted.

Return type:: int

size(status='ready')[source]

Parameters:: status (str)
Return type:: int

class automation_file.core.action_queue.QueueItem(id, action, attempts, enqueued_at)[source]

Bases: object

A claimed queue row returned by ActionQueue.dequeue().

Parameters:

id (int)
action (list[Any] | dict[str, Any])
attempts (int)
enqueued_at (float)

action: list[Any] | dict[str, Any]

attempts: int

enqueued_at: float

id: int

SHA-256 content-addressable store.

ContentStore ingests files or byte blobs and keys them by the hex digest of their contents. A two-character fanout directory keeps any single directory small: <root>/ab/abcdef…. Identical inputs map to the same blob — callers get deduplication for free.

class automation_file.core.content_store.ContentStore(root)[source]

Bases: object

Filesystem-backed CAS under root.

Parameters:: root (str | os.PathLike[str])

copy_to(digest, destination)[source]

Copy the blob at digest into destination. Returns the path.

Parameters:

digest (str)
destination (str | PathLike[str])

Return type:

Path

delete(digest)[source]

Remove a blob. Returns True when the blob existed.

Parameters:: digest (str)
Return type:: bool

exists(digest)[source]

Parameters:: digest (str)
Return type:: bool

iter_digests()[source]

Yield the digest of every stored blob.

Return type:: Iterator[str]

open(digest)[source]

Open the stored blob for binary read.

Parameters:: digest (str)
Return type:: IO[bytes]

path_for(digest)[source]

Parameters:: digest (str)
Return type:: Path

put(source)[source]

Ingest the file at source and return its hex digest.

Parameters:: source (str | PathLike[str])
Return type:: str

put_bytes(data)[source]

Ingest raw bytes and return the hex digest.

Parameters:: data (bytes)
Return type:: str

property root: Path

size()[source]

Return the total number of stored blobs.

Return type:: int

Transfer progress + cancellation primitives.

Long-running transfers (HTTP downloads, S3 uploads/downloads, …) accept a named handle from the shared progress_registry. The registry keeps a ProgressReporter (bytes transferred, optional total) and a CancellationToken per name so the GUI or a JSON action can observe progress or cancel mid-flight.

Instrumentation is opt-in: callers pass progress_name="<label>" to enable tracking. When omitted, transfers run exactly as before with zero overhead beyond one attribute lookup.

class automation_file.core.progress.CancellationToken[source]

Bases: object

Thread-safe boolean flag, pollable from worker threads.

cancel()[source]

Return type:: None

property is_cancelled: bool

raise_if_cancelled()[source]

Return type:: None

exception automation_file.core.progress.CancelledException[source]