Py42

Added

- `sdk.watchlists.create()` now supports the `CUSTOM` watchlist type, and accepts `title` and `description` keyword arguments (only applicable to `CUSTOM` watchlist types).

Fixed

- Reverted `sdk.orgs.get_page()` method to use `/v1/orgs` endpoint due to paging bug in `/v3/orgs` endpoint. `sdk.orgs.get_all()` has also been reverted accordingly.
- `sdk.userriskprofile.get_by_username()` now uses a more efficient method to look up the userUid from the username for retrieving the User Risk Profile.

Added

- Support for Code42 API Clients. You can instantiate py42 using a client ID and secret via `py42.sdk.from_api_client()`.

- New Legal Hold Client which supports API Client authentication. This updated client will only be attached to the SDK if initialized with `py42.sdk.from_api_client()`, otherwise the original client will be used. This new client includes the following changes from the existing client:
- `create_policy()` - Does **not** allow optional arg `policy`.
- `get_custodians_page()` - Does **not** allow optional arg `legal_hold_membership_uid`.
- `get_events_page()`/`get_all_events()` - **Not available**.

Updated

- Internal authentication flow changes for `sdk.archive.stream_from_backup()` and `sdk.archive.stream_to_device()` methods.

Added

- Added new filter terms for the following file event fields to `py42.sdk.queries.fileevents.v2.filters`:
- `destination.Category`
- `source.Category`
- `risk.Indicators`
- Added remaining query filter terms and classes for all V2 file event fields.

Added

- Support for V2 file event data.
- Use queries built with V2 filters by importing the appropriate modules with `from py42.sdk.queries.fileevents.v2 import *`. Documentation is available for all V2 filter terms.
- The following functions will now use V2 apis for searching file events if sent a V2 query object:
- `securitydata.search_file_events()`
- `securitydata.search_all_file_events()`
- All saved search methods now have an optional `use_v2=False` argument. Set `use_v2=True` to opt into using the V2 saved search APIs. The following methods now accept this arg:
- `securitydata.savedsearches.get()`
- `securitydata.savedsearches.get_by_id()`
- `securitydata.savedsearches.get_query()`
- `securitydata.savedsearches.execute()`
- `securitydata.savedsearches.search_file_events()`

Fixed

- A bug where `sdk.watchlists.add_included_users_by_watchlist_type()` and `sdk.watchlists.delete_included_users_by_watchlist_type()` were not returning the response object.

Added

- `Watchlists` and `UserRiskProfile` clients
- These features replace the `DetectionLists` client as well as its `DepartingEmployee` and `HighRiskEmployee` services. All related classes and methods have been marked as deprecated and will raise deprecation warnings.
- `Watchlists` client includes the following methods:
- `get()`
- `delete()`
- `get_all()`
- `create()`
- `get_all_included_users()`
- `add_included_users_by_watchlist_id()`
- `add_included_users_by_watchlist_type()`
- `remove_included_users_by_watchlist_id()`
- `remove_included_users_by_watchlist_type()`
- `get_all_watchlist_members()`
- `get_watchlist_member()`
- `UserRiskProfile` client includes the following methods:
- `get_by_id()`
- `get_by_username()`
- `update()`
- `get_page()`
- `get_all()`
- `add_cloud_aliases()`
- `delete_cloud_aliases()`

- `sdk.devices.upgrade()` to instruct the Code42 cloud to upgrade an individual device to the latest available version.

- `sdk.archive.stream_from_backup()` and `sdk.archive.stream_to_device()` methods now accept an optional `backup_set_id` parameter to identify which backup set to restore from (only applicable to V3 archives).

Fixed

- Bug where attempting to restore from an empty archive would throw a confusing `TypeError`, we now raise appropriate `Py42ArchiveFileNotFoundError`.
- Py42 now automatically sleeps and retries file event search queries if a 429 (too many requests) error is hit.

Deprecated

- The `DetectionLists` client including its `DepartingEmployee` and `HighRiskEmployee` services.