aserto 0.30.0 → 0.30.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4471efcec975432356d584d3d480e0ab503e139787c8f96ab88032ab15356175
4
- data.tar.gz: aa46126a15fb9f583fd8dc9a1b064889f95ccfa3814bc4c6c7588c0ed7f78175
3
+ metadata.gz: ddb26b2da994a8a4f72162f227590060a990a31d16639994b5cd2e4bd9ce538f
4
+ data.tar.gz: e6969585d13f94a6e410d8763647cbc3dca69402969a194db2674239514adeeb
5
5
  SHA512:
6
- metadata.gz: 61af3804724a6138e21a5233c25712213860b4e2939331f1087e728c36a6cf5fefb31c6e23b77fc219df75d84abf2ecb1675892e60663e787cd6932884be3dec
7
- data.tar.gz: f73188bf7eb0a4b58944022c715fdcb65718e3d8debe3215a6a82437781f544ff78cc1012a169ffd8deb2a762650da9d0970030a2e8eeaab461abe1dc4233d3b
6
+ metadata.gz: c0202011d8ce67f9fc48e361fdbd00b9239e291aa7bc60e5773eed58252dec41fdbac16e28ea25f0ff54d4652a0eee247ec048f59e6df5b1ae1bc5d254638244
7
+ data.tar.gz: a2c5e23bcb6e18ee1babb1c13d0e39912c32aa70595c5ce8dae69e24e0f10c6c37e7251f6dad0d5059fbe801dc8bf3d5ddde3ba806c071ae96b52afd1ba84f49
data/README.md CHANGED
@@ -23,7 +23,7 @@ gem install aserto
23
23
 
24
24
  ## Directory
25
25
 
26
- The Directory APIs can be used to get or set object instances and relation instances. They can also be used to check whether a user has a permission or relation on an object instance.
26
+ The Directory APIs can be used to get or set object instances and relation instances. They can also be used to check whether a user has permission or relation on an object instance.
27
27
 
28
28
  ### Directory Client
29
29
 
@@ -32,7 +32,7 @@ You can initialize a directory client as follows:
32
32
  ```ruby
33
33
  require 'aserto/directory/client'
34
34
 
35
- directory_client =Aserto::Directory::V3::Client.new(
35
+ directory_client = Aserto::Directory::V3::Client.new(
36
36
  url: "directory.eng.aserto.com:8443",
37
37
  tenant_id: "aserto-tenant-id",
38
38
  api_key: "basic directory api key",
@@ -42,9 +42,9 @@ directory_client =Aserto::Directory::V3::Client.new(
42
42
  - `url`: hostname:port of directory service (_required_)
43
43
  - `api_key`: API key for directory service (_required_ if using hosted directory)
44
44
  - `tenant_id`: Aserto tenant ID (_required_ if using hosted directory)
45
- - `cert_path`: Path to the grpc service certificate when connecting to local topaz instance.
45
+ - `cert_path`: Path to the grpc service certificate when connecting to the local topaz instance.
46
46
 
47
- See https://rubydoc.info/gems/aserto/docs/Aserto/Directory/V3/Client for full documentation
47
+ See [Aserto::Directory::V3::Client](https://rubydoc.info/gems/aserto/Aserto/Directory/V3/Client) for full documentation
48
48
 
49
49
  ## Authorizer
50
50
  `Aserto::Authorization` is a middleware that allows Ruby applications to use Aserto as the Authorization provider.
@@ -120,7 +120,7 @@ end
120
120
  By default, when computing the policy path, the middleware:
121
121
  * converts all slashes to dots
122
122
  * converts any character that is not alpha, digit, dot or underscore to underscore
123
- * converts uppercase characters in the URL path to lowercases
123
+ * converts uppercase characters in the URL path to lowercase
124
124
 
125
125
  This behaviour can be overwritten by providing a custom function:
126
126
 
@@ -136,7 +136,7 @@ end
136
136
  ```
137
137
 
138
138
  ### Resource
139
- A resource can be any structured data that the authorization policy uses to evaluate decisions. By default, middleware does not include a resource in authorization calls.
139
+ A resource can be any structured data the authorization policy uses to evaluate decisions. By default, middleware does not include a resource in authorization calls.
140
140
 
141
141
  This behaviour can be overwritten by providing a custom function:
142
142
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.30.0
1
+ 0.30.1
@@ -1,14 +1,10 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require "aserto/directory"
4
- require_relative "interceptors/headers"
5
- require_relative "requests"
3
+ require_relative "v2/client"
6
4
 
7
5
  module Aserto
8
6
  module Directory
9
7
  class Client
10
- include Requests
11
-
12
8
  # Creates a new Directory Client
13
9
  #
14
10
  # @param url [String] the gRpc url of the directory server
@@ -17,127 +13,28 @@ module Aserto
17
13
  # @param cert_path [String] the path to the certificates folder
18
14
  #
19
15
  # @return [Aserto::Directory::Client] the new Directory Client
20
- def initialize(url: "directory.prod.aserto.com:8443", api_key: nil, tenant_id: nil, cert_path: nil)
21
- @reader_client = ::Aserto::Directory::Reader::V2::Reader::Stub.new(
22
- url,
23
- load_creds(cert_path),
24
- interceptors: [Interceptors::Headers.new(api_key, tenant_id)]
25
- )
26
- @writer_client = ::Aserto::Directory::Writer::V2::Writer::Stub.new(
27
- url,
28
- load_creds(cert_path),
29
- interceptors: [Interceptors::Headers.new(api_key, tenant_id)]
30
- )
31
- end
32
-
33
- # Check permissions
34
- #
35
- # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
36
- # @param permission [String] permission name to be checked
37
- # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
38
- # @param trace [Boolean] whether to enable tracing
39
- #
40
- # @return [Boolean]
41
- def check_permission(subject:, permission:, object:, trace: false)
42
- reader_client.check_permission(check_permission_request(subject, permission, object, trace))
43
- end
44
-
45
- # Check relation
46
- #
47
- # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
48
- # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier] relation name to be checked
49
- # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
50
- # @param trace [Boolean] whether to enable tracing
51
- #
52
- # @return [Boolean]
53
- def check_relation(subject:, relation:, object:, trace: false)
54
- reader_client.check_relation(check_relation_request(subject, relation, object, trace))
55
- end
56
-
57
- # Get an object by type and key
58
- #
59
- # @param type [String] the type of object
60
- # @param key [String] the key of the object
61
- #
62
- # @return [::Aserto::Directory::Common::V2::Object]
63
- def object(type:, key:)
64
- reader_client.get_object(object_request(key, type)).result
65
- end
66
-
67
- # Set an object
68
- #
69
- # @param object [::Aserto::Directory::Common::V2::Object]
70
- #
71
- # @return [::Aserto::Directory::Common::V2::Object] the created/updated object
72
- def set_object(object:)
73
- writer_client.set_object(new_object_request(object)).result
74
- end
75
-
76
- # Get a list of objects by type
77
- #
78
- # @param type [String] the type of objects
79
- # @param page [::Aserto::Directory::Common::V2::PaginationRequest]
80
- #
81
- # @return [Array<::Aserto::Directory::Common::V2::Object>]
82
- def objects(type:, page: nil)
83
- reader_client.get_objects(objects_request(type, page)).results
84
- end
85
16
 
86
- # Get a relation
87
- #
88
- # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
89
- # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
90
- # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
91
- #
92
- # @return [::Aserto::Directory::Common::V2::Relation]
93
- def relation(subject: nil, relation: nil, object: nil)
94
- reader_client.get_relation(relation_request(subject, relation, object)).results
95
- end
17
+ def initialize(url: "directory.prod.aserto.com:8443", api_key: nil, tenant_id: nil, cert_path: nil)
18
+ warn WARN_MESSAGE
96
19
 
97
- # Get a list of relations
98
- #
99
- # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
100
- # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
101
- # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
102
- #
103
- # @return [Array<::Aserto::Directory::Common::V2::Relation>]
104
- def relations(subject: nil, relation: nil, object: nil, page: nil)
105
- reader_client.get_relations(relations_request(subject, relation, object, page)).results
20
+ @v2_client = Aserto::Directory::V2::Client.new(
21
+ url: url, api_key: api_key, tenant_id: tenant_id, cert_path: cert_path
22
+ )
106
23
  end
107
24
 
108
- # Set a relation
109
- # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
110
- # @param relation [String] name of the relation
111
- # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
112
- # @param hash [String] hash of the relation(required for updating a relation)
113
- #
114
- # @return [::Aserto::Directory::Common::V2::Relation] the created/updated relation
115
- def set_relation(subject:, relation:, object:, hash: nil)
116
- writer_client.set_relation(new_relation_request(subject, relation, object, hash)).result
25
+ def method_missing(method, args)
26
+ @v2_client.send(method, **args)
117
27
  end
118
28
 
119
- # Delete a relation
120
- #
121
- # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
122
- # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
123
- # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
124
- #
125
- # @return nil
126
- def delete_relation(subject:, relation:, object:)
127
- writer_client.delete_relation(delete_relation_request(subject, relation, object))
29
+ def respond_to_missing?(_name, _include_private)
30
+ true
128
31
  end
129
32
 
130
- private
131
-
132
- attr_reader :reader_client, :writer_client
133
-
134
- def load_creds(cert_path)
135
- if cert_path && File.file?(cert_path)
136
- GRPC::Core::ChannelCredentials.new(File.read(cert_path))
137
- else
138
- GRPC::Core::ChannelCredentials.new
139
- end
140
- end
33
+ WARN_MESSAGE = <<~TEXT
34
+ Aserto::Directory::Client is deprecated and will be removed.
35
+ Use Aserto::Directory::V3::Client for the latest Directory Client.
36
+ If you need Directory V2, use Aserto::Directory::V2::Client
37
+ TEXT
141
38
  end
142
39
  end
143
40
  end
@@ -0,0 +1,145 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "aserto/directory"
4
+ require_relative "../interceptors/headers"
5
+ require_relative "requests"
6
+
7
+ module Aserto
8
+ module Directory
9
+ module V2
10
+ class Client
11
+ include Requests
12
+
13
+ # Creates a new Directory V2 Client
14
+ #
15
+ # @param url [String] the gRpc url of the directory server
16
+ # @param api_key [String] the api key of the directory server(for hosted directory)
17
+ # @param tenant_id [String] the tenant id of the directory server(for hosted directory)
18
+ # @param cert_path [String] the path to the certificates folder
19
+ #
20
+ # @return [Aserto::Directory::V2::Client] the new Directory Client
21
+ def initialize(url: "directory.prod.aserto.com:8443", api_key: nil, tenant_id: nil, cert_path: nil)
22
+ @reader_client = ::Aserto::Directory::Reader::V2::Reader::Stub.new(
23
+ url,
24
+ load_creds(cert_path),
25
+ interceptors: [Interceptors::Headers.new(api_key, tenant_id)]
26
+ )
27
+ @writer_client = ::Aserto::Directory::Writer::V2::Writer::Stub.new(
28
+ url,
29
+ load_creds(cert_path),
30
+ interceptors: [Interceptors::Headers.new(api_key, tenant_id)]
31
+ )
32
+ end
33
+
34
+ # Check permissions
35
+ #
36
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
37
+ # @param permission [String] permission name to be checked
38
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
39
+ # @param trace [Boolean] whether to enable tracing
40
+ #
41
+ # @return [Boolean]
42
+ def check_permission(subject:, permission:, object:, trace: false)
43
+ reader_client.check_permission(check_permission_request(subject, permission, object, trace))
44
+ end
45
+
46
+ # Check relation
47
+ #
48
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
49
+ # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier] relation name to be checked
50
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
51
+ # @param trace [Boolean] whether to enable tracing
52
+ #
53
+ # @return [Boolean]
54
+ def check_relation(subject:, relation:, object:, trace: false)
55
+ reader_client.check_relation(check_relation_request(subject, relation, object, trace))
56
+ end
57
+
58
+ # Get an object by type and key
59
+ #
60
+ # @param type [String] the type of object
61
+ # @param key [String] the key of the object
62
+ #
63
+ # @return [::Aserto::Directory::Common::V2::Object]
64
+ def object(type:, key:)
65
+ reader_client.get_object(object_request(key, type)).result
66
+ end
67
+
68
+ # Set an object
69
+ #
70
+ # @param object [::Aserto::Directory::Common::V2::Object]
71
+ #
72
+ # @return [::Aserto::Directory::Common::V2::Object] the created/updated object
73
+ def set_object(object:)
74
+ writer_client.set_object(new_object_request(object)).result
75
+ end
76
+
77
+ # Get a list of objects by type
78
+ #
79
+ # @param type [String] the type of objects
80
+ # @param page [::Aserto::Directory::Common::V2::PaginationRequest]
81
+ #
82
+ # @return [Array<::Aserto::Directory::Common::V2::Object>]
83
+ def objects(type:, page: nil)
84
+ reader_client.get_objects(objects_request(type, page)).results
85
+ end
86
+
87
+ # Get a relation
88
+ #
89
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
90
+ # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
91
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
92
+ #
93
+ # @return [::Aserto::Directory::Common::V2::Relation]
94
+ def relation(subject: nil, relation: nil, object: nil)
95
+ reader_client.get_relation(relation_request(subject, relation, object)).results
96
+ end
97
+
98
+ # Get a list of relations
99
+ #
100
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
101
+ # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
102
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
103
+ #
104
+ # @return [Array<::Aserto::Directory::Common::V2::Relation>]
105
+ def relations(subject: nil, relation: nil, object: nil, page: nil)
106
+ reader_client.get_relations(relations_request(subject, relation, object, page)).results
107
+ end
108
+
109
+ # Set a relation
110
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
111
+ # @param relation [String] name of the relation
112
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
113
+ # @param hash [String] hash of the relation(required for updating a relation)
114
+ #
115
+ # @return [::Aserto::Directory::Common::V2::Relation] the created/updated relation
116
+ def set_relation(subject:, relation:, object:, hash: nil)
117
+ writer_client.set_relation(new_relation_request(subject, relation, object, hash)).result
118
+ end
119
+
120
+ # Delete a relation
121
+ #
122
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
123
+ # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
124
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
125
+ #
126
+ # @return nil
127
+ def delete_relation(subject:, relation:, object:)
128
+ writer_client.delete_relation(delete_relation_request(subject, relation, object))
129
+ end
130
+
131
+ private
132
+
133
+ attr_reader :reader_client, :writer_client
134
+
135
+ def load_creds(cert_path)
136
+ if cert_path && File.file?(cert_path)
137
+ GRPC::Core::ChannelCredentials.new(File.read(cert_path))
138
+ else
139
+ GRPC::Core::ChannelCredentials.new
140
+ end
141
+ end
142
+ end
143
+ end
144
+ end
145
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aserto
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.30.0
4
+ version: 0.30.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aserto
@@ -82,7 +82,8 @@ files:
82
82
  - lib/aserto/config.rb
83
83
  - lib/aserto/directory/client.rb
84
84
  - lib/aserto/directory/interceptors/headers.rb
85
- - lib/aserto/directory/requests.rb
85
+ - lib/aserto/directory/v2/client.rb
86
+ - lib/aserto/directory/v2/requests.rb
86
87
  - lib/aserto/directory/v3/client.rb
87
88
  - lib/aserto/directory/v3/config.rb
88
89
  - lib/aserto/directory/v3/exporter.rb