attio 0.2.0 → 0.4.0

data/lib/attio/resources/workspace_members.rb

@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+
+module Attio
+  module Resources
+    # Workspace Members resource for managing workspace member access
+    #
+    # @example List all workspace members
+    #   client.workspace_members.list
+    #
+    # @example Get a specific member
+    #   client.workspace_members.get(member_id: "user_123")
+    #
+    # @example Invite a new member
+    #   client.workspace_members.invite(
+    #     email: "new.member@example.com",
+    #     role: "member"
+    #   )
+    class WorkspaceMembers < Base
+      # List all workspace members
+      #
+      # @param params [Hash] Optional query parameters
+      # @option params [Integer] :limit Maximum number of results
+      # @option params [String] :offset Pagination offset
+      # @return [Hash] The API response
+      def list(params = {})
+        request(:get, "workspace_members", params)
+      end
+
+      # Get a specific workspace member
+      #
+      # @param member_id [String] The member ID
+      # @return [Hash] The member data
+      def get(member_id:)
+        validate_id!(member_id, "Member")
+        request(:get, "workspace_members/#{member_id}")
+      end
+
+      # Invite a new member to the workspace
+      #
+      # @param email [String] The email address to invite
+      # @param role [String] The role to assign (admin, member, guest)
+      # @param data [Hash] Additional member data
+      # @return [Hash] The created invitation
+      def invite(email:, role: "member", data: {})
+        validate_required_string!(email, "Email")
+        validate_required_string!(role, "Role")
+
+        raise ArgumentError, "Role must be one of: admin, member, guest" unless %w[admin member guest].include?(role)
+
+        body = data.merge(email: email, role: role)
+        request(:post, "workspace_members/invitations", body)
+      end
+
+      # Update a workspace member's role or permissions
+      #
+      # @param member_id [String] The member ID to update
+      # @param data [Hash] The data to update
+      # @option data [String] :role The new role
+      # @option data [Hash] :permissions Custom permissions
+      # @return [Hash] The updated member
+      def update(member_id:, data:)
+        validate_id!(member_id, "Member")
+        validate_required_hash!(data, "Data")
+
+        request(:patch, "workspace_members/#{member_id}", data)
+      end
+
+      # Remove a member from the workspace
+      #
+      # @param member_id [String] The member ID to remove
+      # @return [Hash] Confirmation of removal
+      def remove(member_id:)
+        validate_id!(member_id, "Member")
+        request(:delete, "workspace_members/#{member_id}")
+      end
+
+      # Accept a workspace invitation
+      #
+      # @param invitation_token [String] The invitation token
+      # @return [Hash] The workspace member data
+      def accept_invitation(invitation_token:)
+        validate_required_string!(invitation_token, "Invitation token")
+        request(:post, "workspace_members/invitations/#{invitation_token}/accept")
+      end
+
+      # Resend an invitation
+      #
+      # @param member_id [String] The member ID with pending invitation
+      # @return [Hash] Confirmation of resent invitation
+      def resend_invitation(member_id:)
+        validate_id!(member_id, "Member")
+        request(:post, "workspace_members/#{member_id}/resend_invitation")
+      end
+
+      # Get current member (self)
+      #
+      # @return [Hash] The current authenticated member's data
+      def me
+        request(:get, "workspace_members/me")
+      end
+    end
+  end
+end

data/lib/attio/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Attio
-  VERSION = "0.2.0"
+  VERSION = "0.4.0"
 end

data/lib/attio/webhooks.rb

@@ -0,0 +1,220 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "json"
+require "time"
+
+module Attio
+  # Webhook handling for Attio events
+  #
+  # @example Configure webhooks
+  #   webhooks = Attio::Webhooks.new(secret: ENV['ATTIO_WEBHOOK_SECRET'])
+  #
+  #   webhooks.on('record.created') do |event|
+  #     puts "New record: #{event.data['id']}"
+  #   end
+  #
+  #   # In your webhook endpoint
+  #   webhooks.process(request.body.read, request.headers)
+  class Webhooks
+    class InvalidSignatureError < StandardError; end
+    class InvalidTimestampError < StandardError; end
+    class MissingHeaderError < StandardError; end
+
+    # Default time window for timestamp validation (5 minutes)
+    DEFAULT_TOLERANCE = 300
+
+    attr_reader :secret, :handlers, :tolerance
+
+    # Initialize webhook handler
+    #
+    # @param secret [String] Webhook signing secret from Attio
+    # @param tolerance [Integer] Maximum age of webhook in seconds
+    def initialize(secret:, tolerance: DEFAULT_TOLERANCE)
+      @secret = secret
+      @tolerance = tolerance
+      @handlers = {}
+      @global_handlers = []
+    end
+
+    # Register an event handler
+    #
+    # @param event_type [String] The event type to handle (e.g., 'record.created')
+    # @yield [event] Block to execute when event is received
+    # @yieldparam event [Event] The webhook event
+    def on(event_type, &block)
+      @handlers[event_type] ||= []
+      @handlers[event_type] << block
+    end
+
+    # Register a global handler for all events
+    #
+    # @yield [event] Block to execute for any event
+    def on_any(&block)
+      @global_handlers << block
+    end
+
+    # Process incoming webhook
+    #
+    # @param payload [String] Raw request body
+    # @param headers [Hash] Request headers
+    # @return [Event] Processed webhook event
+    # @raise [InvalidSignatureError] if signature verification fails
+    # @raise [InvalidTimestampError] if timestamp is too old
+    def process(payload, headers)
+      verify_webhook!(payload, headers)
+
+      event = Event.new(JSON.parse(payload))
+      dispatch_event(event)
+      event
+    end
+
+    # Verify webhook authenticity using HMAC-SHA256
+    #
+    # @param payload [String] Raw request body
+    # @param signature [String] Signature from headers
+    # @return [Boolean] True if valid
+    def verify_signature?(payload, signature)
+      expected = OpenSSL::HMAC.hexdigest(
+        OpenSSL::Digest.new("sha256"),
+        @secret,
+        payload
+      )
+
+      # Use secure comparison to prevent timing attacks
+      secure_compare?(expected, signature)
+    end
+
+    private def verify_webhook!(payload, headers)
+      signature = extract_header(headers, "Attio-Signature")
+      timestamp = extract_header(headers, "Attio-Timestamp")
+
+      # Verify timestamp to prevent replay attacks
+      verify_timestamp!(timestamp)
+
+      # Verify signature
+      signed_payload = "#{timestamp}.#{payload}"
+      return if verify_signature?(signed_payload, signature)
+
+      raise InvalidSignatureError, "Webhook signature verification failed"
+    end
+
+    private def extract_header(headers, name)
+      # Handle different header formats (Rack, Rails, etc.)
+      value = headers[name] ||
+              headers[name.downcase] ||
+              headers[name.upcase.gsub("-", "_")]
+
+      raise MissingHeaderError, "Missing required header: #{name}" unless value
+
+      value
+    end
+
+    private def verify_timestamp!(timestamp)
+      webhook_time = Time.at(timestamp.to_i)
+      current_time = Time.now
+
+      return unless (current_time - webhook_time).abs > tolerance
+
+      raise InvalidTimestampError,
+            "Webhook timestamp outside of tolerance (#{tolerance}s)"
+    end
+
+    private def dispatch_event(event)
+      # Call specific handlers
+      @handlers[event.type].each { |handler| handler.call(event) } if @handlers[event.type]
+
+      # Call global handlers
+      @global_handlers.each { |handler| handler.call(event) }
+    end
+
+    private def secure_compare?(expected, actual)
+      return false unless expected.bytesize == actual.bytesize
+
+      expected_bytes = expected.unpack("C*")
+      actual_bytes = actual.unpack("C*")
+      result = 0
+
+      expected_bytes.zip(actual_bytes) { |x, y| result |= x ^ y }
+      result == 0
+    end
+
+    # Represents a webhook event
+    class Event
+      attr_reader :id, :type, :created_at, :data, :workspace_id, :raw
+
+      def initialize(payload)
+        @raw = payload
+        @id = payload["id"]
+        @type = payload["type"]
+        @created_at = Time.parse(payload["created_at"]) if payload["created_at"]
+        @data = payload["data"] || {}
+        @workspace_id = payload["workspace_id"]
+      end
+
+      # Check if event is of a specific type
+      #
+      # @param type [String] Event type to check
+      # @return [Boolean]
+      def is?(type)
+        @type == type
+      end
+
+      # Get nested data value
+      #
+      # @param path [String] Dot-separated path (e.g., 'record.id')
+      # @return [Object] Value at path
+      def dig(*path)
+        @data.dig(*path)
+      end
+    end
+  end
+
+  # Webhook server for development/testing
+  class WebhookServer
+    attr_reader :port, :webhooks, :events
+
+    def initialize(port: 3001, secret: "test_secret")
+      @port = port
+      @webhooks = Webhooks.new(secret: secret)
+      @events = []
+      @server = nil
+
+      begin
+        require "webrick"
+      rescue LoadError
+        raise "Please add 'webrick' to your Gemfile to use WebhookServer"
+      end
+    end
+
+    def start
+      @server = WEBrick::HTTPServer.new(Port: @port, Logger: WEBrick::Log.new(File::NULL))
+
+      @server.mount_proc "/webhooks" do |req, res|
+        if req.request_method == "POST"
+          begin
+            event = @webhooks.process(req.body, req.header)
+            @events << event
+            res.status = 200
+            res.body = JSON.generate(status: "ok", event_id: event.id)
+          rescue StandardError => e
+            res.status = 400
+            res.body = JSON.generate(error: e.message)
+          end
+        else
+          res.status = 405
+          res.body = JSON.generate(error: "Method not allowed")
+        end
+      end
+
+      trap("INT") { stop }
+
+      puts "Webhook server listening on http://localhost:#{@port}/webhooks"
+      @server.start
+    end
+
+    def stop
+      @server&.shutdown
+    end
+  end
+end

data/lib/attio.rb

@@ -7,6 +7,7 @@ require "attio/errors"
 require "attio/http_client"
 require "attio/client"
 
+# Resources
 require "attio/resources/base"
 require "attio/resources/records"
 require "attio/resources/objects"
@@ -18,6 +19,17 @@ require "attio/resources/notes"
 require "attio/resources/tasks"
 require "attio/resources/comments"
 require "attio/resources/threads"
+require "attio/resources/workspace_members"
+require "attio/resources/deals"
+require "attio/resources/bulk"
+
+# Enterprise features
+require "attio/rate_limiter"
+require "attio/webhooks"
+require "attio/connection_pool"
+require "attio/circuit_breaker"
+require "attio/observability"
+require "attio/enhanced_client"
 
 # The main Attio module provides access to the Attio API client.
 #

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: attio
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Ernest Sim
@@ -48,6 +48,7 @@ files:
 - ".rubocop.yml"
 - ".yardopts"
 - CHANGELOG.md
+- CLAUDE.md
 - CODE_OF_CONDUCT.md
 - CONCEPTS.md
 - CONTRIBUTING.md
@@ -109,14 +110,20 @@ files:
 - examples/full_workflow.rb
 - examples/notes_and_tasks.rb
 - lib/attio.rb
+- lib/attio/circuit_breaker.rb
 - lib/attio/client.rb
 - lib/attio/connection_pool.rb
+- lib/attio/enhanced_client.rb
 - lib/attio/errors.rb
 - lib/attio/http_client.rb
 - lib/attio/logger.rb
+- lib/attio/observability.rb
+- lib/attio/rate_limiter.rb
 - lib/attio/resources/attributes.rb
 - lib/attio/resources/base.rb
+- lib/attio/resources/bulk.rb
 - lib/attio/resources/comments.rb
+- lib/attio/resources/deals.rb
 - lib/attio/resources/lists.rb
 - lib/attio/resources/notes.rb
 - lib/attio/resources/objects.rb
@@ -124,9 +131,11 @@ files:
 - lib/attio/resources/tasks.rb
 - lib/attio/resources/threads.rb
 - lib/attio/resources/users.rb
+- lib/attio/resources/workspace_members.rb
 - lib/attio/resources/workspaces.rb
 - lib/attio/retry_handler.rb
 - lib/attio/version.rb
+- lib/attio/webhooks.rb
 homepage: https://github.com/idl3/attio
 licenses:
 - MIT