Documentation
Security
Security-first capabilities, examples, and exception hierarchy.
UniCoreFW includes robust security features to protect your code and data.
Validate parameter types and callability
Uses validate_type and validate_callable functions with explicit error handling
Example 1
value = validate_type("test", str, "string_param")
Expected result: "test" (or raises InputValidationError if validation fails)
Example 2
validate_callable(my_func, "function_param")
Expected result: my_func (or raises InputValidationError if validation fails)
Sanitize strings with length and character constraints
Uses sanitize_string function with regex pattern validation
Example 1
safe_string = sanitize_string("user input", max_length=50, allowed_chars="a-zA-Z0-9")
Expected result: "userinput" (with disallowed characters removed)
Limit the rate of function calls
Uses RateLimiter class with context manager interface and thread-safe operation
Example 1
limiter = RateLimiter(max_calls=100, time_window=60)
with limiter:
perform_operation()
Expected result: Executes operation if under rate limit, raises SecurityError otherwise
Log security events
Uses AuditLogger class with thread-safe logging to file
Example 1
logger = AuditLogger(log_file="app_audit.log")
logger.log("LOGIN", "User johndoe logged in successfully")
Expected result: Writes entry to log file: "[TIMESTAMP] [LOGIN] User johndoe logged in successfully"
Security Exception Hierarchy
| Exception | Description |
|---|---|
| SecurityError | Base exception for security-related errors |
| InputValidationError | Raised when input validation fails |
| AuthorizationError | Raised when authorization checks fail |
| SanitizationError | Raised when data sanitization fails |
| RateLimiter | Rate limiting implementation to prevent DoS attacks |
| AuditLogger | Secure audit logging implementation |