DE-741 | initial commit

Author: aMahanna

arango/database.py

@@ -40,6 +40,8 @@
     PermissionListError,
     PermissionResetError,
     PermissionUpdateError,
+    ServerAvailableOptionsGetError,
+    ServerCurrentOptionsGetError,
     ServerDetailsError,
     ServerEchoError,
     ServerEncryptionError,
@@ -933,6 +935,58 @@ def response_handler(resp: Response) -> Json:
 
         return self._execute(request, response_handler)
 
+    def options(self) -> Result[Json]:
+        """Return the currently-set server options.
+
+        As this API may reveal sensitive data about the deployment, it can only
+        be accessed from inside the _system database. In addition, there is a
+        policy control startup option --server.options-api that determines if and
+        to whom the API is made available. This option can have the following
+        values:
+        - disabled: API is disabled.
+        - jwt: API can only be accessed via superuser JWT.
+        - admin: API can be accessed by admin users in the _system database only.
+        - public: everyone with access to _system database can access the API.
+
+        :return: Server options.
+        :rtype: dict
+        """
+        request = Request(method="get", endpoint="/_admin/options")
+
+        def response_handler(resp: Response) -> Json:
+            if resp.is_success:
+                result: Json = resp.body
+                return result
+            raise ServerCurrentOptionsGetError(resp, request)
+
+        return self._execute(request, response_handler)
+
+    def options_available(self) -> Result[Json]:
+        """Return a description of all available server options.
+
+        As this API may reveal sensitive data about the deployment, it can only
+        be accessed from inside the _system database. In addition, there is a
+        policy control startup option --server.options-api that determines if and
+        to whom the API is made available. This option can have the following
+        values:
+        - disabled: API is disabled.
+        - jwt: API can only be accessed via superuser JWT.
+        - admin: API can be accessed by admin users in the _system database only.
+        - public: everyone with access to _system database can access the options API.
+
+        :return: Server options.
+        :rtype: dict
+        """
+        request = Request(method="get", endpoint="/_admin/options-description")
+
+        def response_handler(resp: Response) -> Json:
+            if resp.is_success:
+                result: Json = resp.body
+                return result
+            raise ServerAvailableOptionsGetError(resp, request)
+
+        return self._execute(request, response_handler)
+
     #######################
     # Database Management #
     #######################

arango/exceptions.py

@@ -698,6 +698,14 @@ class ServerEncryptionError(ArangoServerError):
     """Failed to reload user-defined encryption keys."""
 
 
+class ServerCurrentOptionsGetError(ArangoServerError):
+    """Failed to retrieve currently-set server options."""
+
+
+class ServerAvailableOptionsGetError(ArangoServerError):
+    """Failed to retrieve available server options."""
+
+
 #####################
 # Task Exceptions   #
 #####################

tests/test_database.py

@@ -373,3 +373,12 @@ def test_license(sys_db, enterprise):
         assert license == {"license": "none"}
         with pytest.raises(ServerLicenseSetError):
             sys_db.set_license("abc")
+
+
+def test_options(sys_db, db_version):
+    # Skip if below 3.12
+    if db_version < version.parse("3.12.0"):
+        pytest.skip("Database options require ArangoDB 3.12+")
+
+    assert sys_db.options()
+    assert sys_db.options_available()