capbac 0.2.1 → 0.4.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Cargo.toml +4 -3
  3. data/lib/capbac/version.rb +1 -1
  4. data/lib/capbac_ruby.so +0 -0
  5. data/src/lib.rs +242 -223
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f8c94180a1ba2aae3ee93fef73743ec1527836c7dabcb77c807fd9ec8bccec1e
4
- data.tar.gz: 3e819f48d2ab757cdf14ad5b8f66b21844ab713d6d4ee39f856602f3d16ac739
3
+ metadata.gz: adda2cca9f2268e6630ebcf446a122a16f47af4cb8e8da244ec02dcc29ecacee
4
+ data.tar.gz: cd4d014f2e6f2e33e29be3084dc061cf4a24766bc486234e077916f786c8a430
5
5
  SHA512:
6
- metadata.gz: 13964f92d0cc1f7ba8e3e1d9d011c5de8fe6135fd8b8c2c3f704484642e055d280ff92167e5eed7b8c286249e182c92d04a7a5c8fe4244e61aa280a626214209
7
- data.tar.gz: '082bda60f8a29e84e9922af550dc4535406bfcbb822866087fd04b3c94de377248a050c80e35ea23842f3200ca7fd1c0080107cbe2b63988b96b241e86f6298c'
6
+ metadata.gz: 7a9e336f88154e277e3f98add0f0b1312ef7b6963602f47e02bfcac32c248624811600ce33cbcfc391e2780c3a8d687eefda388cb80f7e3f1e29ad9c19cf1a88
7
+ data.tar.gz: d78605c676018174d3af5ffee304d8d4a60e3f4bef9891e238478c08ddb34c34d16a9253e465163086f6493eb75ad71a029a16c683c828d36fe780416278c163
data/Cargo.toml CHANGED
@@ -1,6 +1,6 @@
1
1
  [package]
2
2
  name = "capbac-ruby"
3
- version = "0.2.0"
3
+ version = "0.3.0"
4
4
  authors = ["Kirill Chernyshov <delaguardo@gmail.com>"]
5
5
  edition = "2018"
6
6
 
@@ -8,9 +8,10 @@ edition = "2018"
8
8
  crate-type = ["cdylib"]
9
9
 
10
10
  [dependencies]
11
- rutie = "0.6.1"
11
+ rutie = "0.8.0"
12
12
  url = "2.1"
13
13
  openssl = "0.10"
14
+ ring = "0.16.15"
14
15
  lazy_static = "1"
15
16
  protobuf = "2.16.2"
16
- capbac = "0.2.1"
17
+ capbac = "0.3.0"
data/lib/capbac/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module CapBAC
2
- VERSION = '0.2.1'.freeze
2
+ VERSION = '0.4.3'.freeze
3
3
  end
data/lib/capbac_ruby.so CHANGED
Binary file
data/src/lib.rs CHANGED
@@ -1,20 +1,69 @@
1
- #[macro_use] extern crate rutie;
2
- #[macro_use] extern crate lazy_static;
1
+ #[macro_use]
2
+ extern crate rutie;
3
+ #[macro_use]
4
+ extern crate lazy_static;
3
5
 
4
- use rutie::{Module, Class, RString, Object, AnyObject, Array,
5
- Fixnum, Hash, Symbol, VM, Boolean, GC, VerifiedObject};
6
6
  use capbac::{CertificateBlueprint, InvokeBlueprint};
7
+ use openssl::{
8
+ ec::{EcKey, EcGroup},
9
+ pkey::{PKey, Public},
10
+ };
11
+ use openssl::nid::Nid;
12
+ use protobuf::Message;
13
+ use rutie::{
14
+ AnyObject, Boolean, Class, Encoding, Fixnum, Hash, Module, Object, RString, Symbol,
15
+ VerifiedObject, GC, VM, Array,
16
+ };
17
+ use std::{fmt, str};
7
18
  use url::Url;
8
- use openssl::pkey::{PKey, Public};
9
- use openssl::ec::EcKey;
10
- use protobuf::{Message};
11
- use std::fmt;
19
+
20
+ class!(ASCIIRString);
21
+
22
+ impl VerifiedObject for ASCIIRString {
23
+ fn is_correct_type<T: Object>(object: &T) -> bool {
24
+ object
25
+ .class()
26
+ .ancestors()
27
+ .iter()
28
+ .any(|class| *class == Class::from_existing("String"))
29
+ }
30
+
31
+ fn error_message() -> &'static str {
32
+ "Error converting to ASCII String"
33
+ }
34
+ }
35
+
36
+ impl From<ASCIIRString> for Vec<u8> {
37
+ fn from(rstring: ASCIIRString) -> Self {
38
+ let bytes = rstring
39
+ .protect_send("bytes", &[])
40
+ .map_err(VM::raise_ex)
41
+ .unwrap()
42
+ .try_convert_to::<Array>()
43
+ .map_err(VM::raise_ex)
44
+ .unwrap();
45
+
46
+ let mut res = Vec::new();
47
+
48
+ for n in bytes.into_iter() {
49
+ let n = n.try_convert_to::<Fixnum>()
50
+ .map_err(|e| VM::raise_ex(e))
51
+ .unwrap();
52
+
53
+ res.push(n.to_i64() as u8);
54
+ }
55
+ res
56
+ }
57
+ }
12
58
 
13
59
  class!(URI);
14
60
 
15
61
  impl VerifiedObject for URI {
16
62
  fn is_correct_type<T: Object>(object: &T) -> bool {
17
- object.class().ancestors().iter()
63
+ object
64
+ .class()
65
+ .ancestors()
66
+ .iter()
18
67
  .any(|class| *class == Class::from_existing("URI"))
19
68
  }
20
69
 
@@ -25,108 +74,98 @@ impl VerifiedObject for URI {
25
74
 
26
75
  impl fmt::Display for URI {
27
76
  fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
28
- let s = self.send("to_s", &vec![]).try_convert_to::<RString>().unwrap().to_string();
77
+ let s = self
78
+ .protect_send("to_s", &[])
79
+ .map_err(VM::raise_ex)
80
+ .unwrap()
81
+ .try_convert_to::<RString>()
82
+ .map_err(VM::raise_ex)
83
+ .unwrap()
84
+ .to_string();
29
85
  write!(f, "{}", s)
30
86
  }
31
87
  }
32
88
 
33
89
  impl From<&Url> for URI {
34
90
  fn from(url: &Url) -> Self {
35
- Class::from_existing("URI").send("parse", &vec![RString::new_utf8(&url.clone().to_string()).to_any_object()]).try_convert_to::<URI>().unwrap()
91
+ let args = [RString::new_utf8(&url.clone().to_string()).to_any_object()];
92
+ Class::from_existing("URI")
93
+ .protect_send("parse", &args)
94
+ .map_err(VM::raise_ex)
95
+ .unwrap()
96
+ .try_convert_to::<URI>()
97
+ .map_err(VM::raise_ex)
98
+ .unwrap()
36
99
  }
37
100
  }
38
101
 
39
102
  impl From<URI> for Url {
40
103
  fn from(uri: URI) -> Self {
41
- Url::parse(&uri.to_string()).unwrap()
104
+ Url::parse(&uri.to_string())
105
+ .map_err(|_e| {
106
+ VM::raise(
107
+ Class::from_existing("URI").get_nested_class("InvalidURIError"),
108
+ &format!("bad URI(is not URI?): {}", uri.to_string()),
109
+ )
110
+ })
111
+ .unwrap()
42
112
  }
43
113
  }
44
114
 
115
+ // TODO CertificateBlueprint -> Result<CertificateBlueprint, Error>
45
116
  fn options_to_cert_blueprint(options: Hash) -> CertificateBlueprint {
46
117
  let subject = options
47
118
  .at(&Symbol::new("subject"))
48
- .try_convert_to::<URI>();
119
+ .try_convert_to::<URI>()
120
+ .map_err(VM::raise_ex)
121
+ .unwrap();
49
122
 
50
- if let Err(ref _error) = subject {
51
- VM::raise(Class::from_existing("ArgumentError"), "Subject must be an instance of URI");
52
- }
53
-
54
- let subject = Url::from(subject.unwrap());
123
+ let subject = Url::from(subject);
55
124
 
56
125
  let capability = options
57
126
  .at(&Symbol::new("capability"))
58
- .try_convert_to::<RString>();
59
-
60
- if let Err(ref _error) = capability {
61
- VM::raise(Class::from_existing("ArgumentError"), "Capability must be a string");
62
- }
63
-
64
- let capability = capability
65
- .unwrap().to_string()
127
+ .try_convert_to::<RString>()
128
+ .map_err(VM::raise_ex)
129
+ .unwrap()
130
+ .to_string()
66
131
  .into_bytes();
67
132
 
68
133
  let exp = match options.at(&Symbol::new("exp")).try_convert_to::<Fixnum>() {
69
134
  Ok(x) => Some(x.to_i64() as u64),
70
- _ => None
135
+ _ => None,
71
136
  };
72
137
 
73
138
  CertificateBlueprint {
74
139
  subject,
75
140
  capability,
76
- exp
77
- }
78
- }
79
-
80
- fn array_to_cert(array: Array) -> capbac::proto::Certificate {
81
- let mut cert_content: Vec<u8> = Vec::new();
82
- for n in array.into_iter() {
83
- let n = n.try_convert_to::<Fixnum>();
84
-
85
- if let Err(ref error) = n {
86
- VM::raise(error.class(), &error.to_string());
87
- }
88
-
89
- cert_content.push(n.unwrap().to_i64() as u8);
141
+ exp,
90
142
  }
91
- let mut cert = capbac::proto::Certificate::new();
92
- cert.merge_from_bytes(&cert_content).unwrap();
93
- cert
94
143
  }
95
144
 
96
145
  fn options_to_invoke_blueprint(options: Hash) -> InvokeBlueprint {
97
-
98
146
  let cert_content = options
99
147
  .at(&Symbol::new("cert"))
100
- .try_convert_to::<Array>();
101
-
102
- if let Err(ref _error) = cert_content {
103
- VM::raise(Class::from_existing("ArgumentError"), "Certificate must be an array");
104
- }
148
+ .try_convert_to::<ASCIIRString>()
149
+ .map_err(VM::raise_ex)
150
+ .unwrap();
105
151
 
106
- let cert = array_to_cert(cert_content.unwrap());
152
+ let mut cert = capbac::proto::Certificate::new();
153
+ cert.merge_from_bytes(&Vec::from(cert_content)).unwrap();
107
154
 
108
155
  let action = options
109
156
  .at(&Symbol::new("action"))
110
- .try_convert_to::<RString>();
111
-
112
- if let Err(ref _error) = action {
113
- VM::raise(Class::from_existing("ArgumentError"), "Action must be a string");
114
- }
115
-
116
- let action = action
117
- .unwrap().to_string()
157
+ .try_convert_to::<RString>()
158
+ .map_err(VM::raise_ex)
159
+ .unwrap()
160
+ .to_string()
118
161
  .into_bytes();
119
162
 
120
163
  let exp = match options.at(&Symbol::new("exp")).try_convert_to::<Fixnum>() {
121
164
  Ok(x) => Some(x.to_i64() as u64),
122
- _ => None
165
+ _ => None,
123
166
  };
124
167
 
125
- InvokeBlueprint {
126
- cert,
127
- action,
128
- exp
129
- }
168
+ InvokeBlueprint { cert, action, exp }
130
169
  }
131
170
 
132
171
  wrappable_struct!(capbac::Holder, HolderWrapper, HOLDER_WRAPPER);
@@ -137,87 +176,74 @@ methods!(
137
176
  Holder,
138
177
  itself,
139
178
 
140
- fn ruby_holder_new(me: URI, sk: Array) -> AnyObject {
141
- if let Err(ref error) = me {
142
- VM::raise(error.class(), &error.to_string());
143
- }
144
-
145
- if let Err(ref error) = sk {
146
- VM::raise(error.class(), &error.to_string());
147
- }
148
-
149
- let me = Url::parse(&me.unwrap().to_string());
150
-
151
- if let Err(ref error) = me {
152
- VM::raise(Class::from_existing("ArgumentError"), &error.to_string())
153
- }
154
-
155
- let mut sk_content: Vec<u8> = Vec::new();
156
- for n in sk.unwrap().into_iter() {
157
- let n = n.try_convert_to::<Fixnum>();
158
-
159
- if let Err(ref error) = n {
160
- VM::raise(error.class(), &error.to_string());
161
- }
162
-
163
- sk_content.push(n.unwrap().to_i64() as u8);
164
- }
165
-
166
- let holder = capbac::Holder::new(me.unwrap(), PKey::private_key_from_pkcs8(&sk_content).unwrap().ec_key().unwrap());
179
+ fn ruby_holder_new(me: URI, sk: RString) -> AnyObject {
180
+ let ruby_me = me.map_err(VM::raise_ex).unwrap().to_string();
181
+
182
+ let ruby_sk = sk
183
+ .map_err(VM::raise_ex)
184
+ .unwrap()
185
+ .to_string_unchecked();
186
+
187
+ let me = Url::parse(&ruby_me)
188
+ .map_err(|e| VM::raise(Class::from_existing("ArgumentError"), &e.to_string()))
189
+ .unwrap();
190
+ let sk = PKey::private_key_from_pem(&ruby_sk.as_bytes())
191
+ .map_err(|e| {
192
+ VM::raise(
193
+ Class::from_existing("ArgumentError"),
194
+ &format!("Wrong secret key formar (not pkcs8?) ({})", e.to_string()),
195
+ )
196
+ })
197
+ .unwrap()
198
+ .ec_key()
199
+ .map_err(|e| {
200
+ VM::raise(
201
+ Class::from_existing("ArgumentError"),
202
+ &format!("Can't extract EC key ({})", e.to_string()),
203
+ )
204
+ })
205
+ .unwrap();
206
+
207
+ let holder = capbac::Holder::new(me, sk);
167
208
 
168
209
  Class::from_existing("CapBAC")
169
210
  .get_nested_class("Holder")
170
211
  .wrap_data(holder, &*HOLDER_WRAPPER)
171
212
  }
172
213
 
173
- fn ruby_holder_forge(options: Hash) -> Array {
174
- if let Err(ref _error) = options {
175
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
176
- }
177
-
178
- let options = options_to_cert_blueprint(options.unwrap());
179
-
214
+ fn ruby_holder_forge(options: Hash) -> RString {
215
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
216
+ let options = options_to_cert_blueprint(ruby_options);
180
217
  let holder = itself.get_data(&*HOLDER_WRAPPER);
218
+
181
219
  let cert = holder.forge(options).unwrap();
182
220
 
183
- let mut res = Array::new();
184
- for item in cert.write_to_bytes().unwrap().iter() {
185
- res.push(Fixnum::new(i64::from(*item)));
186
- };
187
- res
221
+ RString::from_bytes(&cert.write_to_bytes().unwrap(), &Encoding::us_ascii())
188
222
  }
189
223
 
190
- fn ruby_holder_delegate(cert: Array, options: Hash) -> Array {
191
- if let Err(ref _error) = options {
192
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
193
- }
194
-
195
- let options = options_to_cert_blueprint(options.unwrap());
224
+ fn ruby_holder_delegate(cert: ASCIIRString, options: Hash) -> RString {
225
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
226
+ let options = options_to_cert_blueprint(ruby_options);
196
227
  let holder = itself.get_data(&*HOLDER_WRAPPER);
197
- let cert = array_to_cert(cert.unwrap());
228
+
229
+ let cert_content = Vec::from(cert.map_err(VM::raise_ex).unwrap());
230
+
231
+ let mut cert = capbac::proto::Certificate::new();
232
+ cert.merge_from_bytes(&cert_content).unwrap();
198
233
 
199
234
  let cert = holder.delegate(cert, options).unwrap();
200
- let mut res = Array::new();
201
- for item in cert.write_to_bytes().unwrap().iter() {
202
- res.push(Fixnum::new(i64::from(*item)));
203
- };
204
- res
205
- }
206
235
 
207
- fn ruby_holder_invoke(options: Hash) -> Array {
208
- if let Err(ref _error) = options {
209
- VM::raise(Class::from_existing("ArgumentError"), "Options must be a hash");
210
- }
236
+ RString::from_bytes(&cert.write_to_bytes().unwrap(), &Encoding::us_ascii())
237
+ }
211
238
 
212
- let options = options_to_invoke_blueprint(options.unwrap());
239
+ fn ruby_holder_invoke(options: Hash) -> RString {
240
+ let ruby_options = options.map_err(VM::raise_ex).unwrap();
241
+ let options = options_to_invoke_blueprint(ruby_options);
213
242
  let holder = itself.get_data(&*HOLDER_WRAPPER);
214
243
 
215
244
  let invocation = holder.invoke(options).unwrap();
216
- let mut res = Array::new();
217
- for item in invocation.write_to_bytes().unwrap().iter() {
218
- res.push(Fixnum::new(i64::from(*item)));
219
- };
220
- res
245
+
246
+ RString::from_bytes(&invocation.write_to_bytes().unwrap(), &Encoding::us_ascii())
221
247
  }
222
248
  );
223
249
 
@@ -230,7 +256,7 @@ impl IntValidator {
230
256
  fn new(trust_checker: AnyObject, pubs: AnyObject) -> Self {
231
257
  IntValidator {
232
258
  trust_checker,
233
- pubs
259
+ pubs,
234
260
  }
235
261
  }
236
262
  }
@@ -239,30 +265,36 @@ impl capbac::TrustChecker for IntValidator {
239
265
  fn is_trusted(&self, id: &Url) -> bool {
240
266
  let args = vec![URI::from(id).to_any_object()];
241
267
  self.trust_checker
242
- .send("trusted?", &args)
268
+ .protect_send("trusted?", &args)
269
+ .map_err(VM::raise_ex)
270
+ .unwrap()
243
271
  .try_convert_to::<Boolean>()
244
- .unwrap_or(Boolean::new(false))
272
+ .unwrap_or_else(|_| Boolean::new(false))
245
273
  .to_bool()
246
274
  }
247
275
  }
248
276
 
249
277
  impl capbac::Pubs for IntValidator {
250
278
  fn get(&self, id: &Url) -> Option<EcKey<Public>> {
251
- let res = self.pubs.send("get", &vec![URI::from(id).to_any_object()]).try_convert_to::<Array>();
252
- if let Err(ref _error) = res {
253
- return None
254
- }
255
- let mut pk_content: Vec<u8> = Vec::new();
256
- for n in res.unwrap().into_iter() {
257
- let n = n.try_convert_to::<Fixnum>();
258
-
259
- if let Err(ref error) = n {
260
- VM::raise(error.class(), &error.to_string());
279
+ let args = [URI::from(id).to_any_object()];
280
+ let res = self
281
+ .pubs
282
+ .protect_send("get", &args)
283
+ .map_err(VM::raise_ex)
284
+ .unwrap()
285
+ .try_convert_to::<RString>();
286
+
287
+ match res {
288
+ Ok(pk) => {
289
+ Some(
290
+ PKey::public_key_from_pem(&pk.to_string_unchecked().as_bytes())
291
+ .unwrap()
292
+ .ec_key()
293
+ .unwrap(),
294
+ )
261
295
  }
262
-
263
- pk_content.push(n.unwrap().to_i64() as u8);
296
+ Err(_) => None
264
297
  }
265
- Some(PKey::public_key_from_der(&pk_content).unwrap().ec_key().unwrap())
266
298
  }
267
299
  }
268
300
 
@@ -285,56 +317,48 @@ methods!(
285
317
  .wrap_data(validator, &*INT_VALIDATOR_WRAPPER)
286
318
  }
287
319
 
288
- fn ruby_validator_validate_cert(cert: Array, now: Fixnum) -> Boolean {
289
- if let Err(ref error) = cert {
290
- VM::raise(error.class(), &error.to_string());
291
- }
292
-
293
- if let Err(ref error) = now {
294
- VM::raise(error.class(), &error.to_string());
295
- }
296
-
297
- let mut cert_content: Vec<u8> = Vec::new();
298
- for n in cert.unwrap().into_iter() {
299
- let n = n.try_convert_to::<Fixnum>();
320
+ fn ruby_validator_validate_cert(cert: RString, now: Fixnum) -> Boolean {
321
+ let ruby_cert = cert
322
+ .map_err(VM::raise_ex)
323
+ .unwrap()
324
+ .to_string_unchecked();
300
325
 
301
- if let Err(ref error) = n {
302
- VM::raise(error.class(), &error.to_string());
303
- }
304
-
305
- cert_content.push(n.unwrap().to_i64() as u8);
306
- }
307
326
  let mut cert = capbac::proto::Certificate::new();
308
- cert.merge_from_bytes(&cert_content).unwrap();
327
+ cert.merge_from_bytes(&ruby_cert.as_bytes()).unwrap();
309
328
 
310
- let now = now.unwrap().to_i64() as u64;
329
+ let now = now.map_err(VM::raise_ex).unwrap().to_i64() as u64;
311
330
 
312
331
  let x = itself.get_data(&*INT_VALIDATOR_WRAPPER);
313
332
  let validator = capbac::Validator::new(x, x);
314
333
 
315
334
  match validator.validate_cert(&cert, now) {
316
335
  Result::Ok(_) => Boolean::new(true),
317
- Err(x) => {
336
+ Err(x) => {
318
337
  let capbac_class = Class::from_existing("CapBAC");
319
338
  match x {
320
- capbac::ValidateError::Malformed { .. } => {
321
- VM::raise(capbac_class.get_nested_class("Malformed"), &format!("{}", x))
322
- },
339
+ capbac::ValidateError::Malformed { .. } => VM::raise(
340
+ capbac_class.get_nested_class("Malformed"),
341
+ &format!("{}", x),
342
+ ),
323
343
  capbac::ValidateError::BadURL { .. } => {
324
344
  VM::raise(capbac_class.get_nested_class("BadURL"), &format!("{}", x))
325
- },
326
- capbac::ValidateError::UnknownPub { .. } => {
327
- VM::raise(capbac_class.get_nested_class("UnknownPub"), &format!("{}", x))
328
- },
329
- capbac::ValidateError::BadIssuer { .. } => {
330
- VM::raise(capbac_class.get_nested_class("BadIssuer"), &format!("{}", x))
331
- },
332
- capbac::ValidateError::BadInvoker { .. } => {
333
- VM::raise(capbac_class.get_nested_class("BadInvoker"), &format!("{}", x))
334
- },
335
- capbac::ValidateError::Untrusted { .. } => {
336
- VM::raise(capbac_class.get_nested_class("Untrusted"), &format!("{}", x))
337
- },
345
+ }
346
+ capbac::ValidateError::UnknownPub { .. } => VM::raise(
347
+ capbac_class.get_nested_class("UnknownPub"),
348
+ &format!("{}", x),
349
+ ),
350
+ capbac::ValidateError::BadIssuer { .. } => VM::raise(
351
+ capbac_class.get_nested_class("BadIssuer"),
352
+ &format!("{}", x),
353
+ ),
354
+ capbac::ValidateError::BadInvoker { .. } => VM::raise(
355
+ capbac_class.get_nested_class("BadInvoker"),
356
+ &format!("{}", x),
357
+ ),
358
+ capbac::ValidateError::Untrusted { .. } => VM::raise(
359
+ capbac_class.get_nested_class("Untrusted"),
360
+ &format!("{}", x),
361
+ ),
338
362
  capbac::ValidateError::Expired => {
339
363
  VM::raise(capbac_class.get_nested_class("Expired"), &format!("{}", x))
340
364
  }
@@ -347,56 +371,50 @@ methods!(
347
371
  }
348
372
  }
349
373
 
350
- fn ruby_validator_validate_invocation(invocation: Array, now: Fixnum) -> Boolean {
351
- if let Err(ref error) = invocation {
352
- VM::raise(error.class(), &error.to_string());
353
- }
354
-
355
- if let Err(ref error) = now {
356
- VM::raise(error.class(), &error.to_string());
357
- }
358
-
359
- let mut invocation_content: Vec<u8> = Vec::new();
360
- for n in invocation.unwrap().into_iter() {
361
- let n = n.try_convert_to::<Fixnum>();
362
-
363
- if let Err(ref error) = n {
364
- VM::raise(error.class(), &error.to_string());
365
- }
374
+ fn ruby_validator_validate_invocation(invocation: RString, now: Fixnum) -> Boolean {
375
+ let ruby_invocation = invocation
376
+ .map_err(VM::raise_ex)
377
+ .unwrap()
378
+ .to_string_unchecked();
366
379
 
367
- invocation_content.push(n.unwrap().to_i64() as u8);
368
- }
369
380
  let mut invocation = capbac::proto::Invocation::new();
370
- invocation.merge_from_bytes(&invocation_content).unwrap();
381
+ invocation
382
+ .merge_from_bytes(&ruby_invocation.as_bytes())
383
+ .unwrap();
371
384
 
372
- let now = now.unwrap().to_i64() as u64;
385
+ let now = now.map_err(VM::raise_ex).unwrap().to_i64() as u64;
373
386
 
374
387
  let x = itself.get_data(&*INT_VALIDATOR_WRAPPER);
375
388
  let validator = capbac::Validator::new(x, x);
376
389
 
377
390
  match validator.validate_invocation(&invocation, now) {
378
391
  Result::Ok(_) => Boolean::new(true),
379
- Err(x) => {
392
+ Err(x) => {
380
393
  let capbac_class = Class::from_existing("CapBAC");
381
394
  match x {
382
- capbac::ValidateError::Malformed { .. } => {
383
- VM::raise(capbac_class.get_nested_class("Malformed"), &format!("{}", x))
384
- },
395
+ capbac::ValidateError::Malformed { .. } => VM::raise(
396
+ capbac_class.get_nested_class("Malformed"),
397
+ &format!("{}", x),
398
+ ),
385
399
  capbac::ValidateError::BadURL { .. } => {
386
400
  VM::raise(capbac_class.get_nested_class("BadURL"), &format!("{}", x))
387
- },
388
- capbac::ValidateError::UnknownPub { .. } => {
389
- VM::raise(capbac_class.get_nested_class("UnknownPub"), &format!("{}", x))
390
- },
391
- capbac::ValidateError::BadIssuer { .. } => {
392
- VM::raise(capbac_class.get_nested_class("BadIssuer"), &format!("{}", x))
393
- },
394
- capbac::ValidateError::BadInvoker { .. } => {
395
- VM::raise(capbac_class.get_nested_class("BadInvoker"), &format!("{}", x))
396
- },
397
- capbac::ValidateError::Untrusted { .. } => {
398
- VM::raise(capbac_class.get_nested_class("Untrusted"), &format!("{}", x))
399
- },
401
+ }
402
+ capbac::ValidateError::UnknownPub { .. } => VM::raise(
403
+ capbac_class.get_nested_class("UnknownPub"),
404
+ &format!("{}", x),
405
+ ),
406
+ capbac::ValidateError::BadIssuer { .. } => VM::raise(
407
+ capbac_class.get_nested_class("BadIssuer"),
408
+ &format!("{}", x),
409
+ ),
410
+ capbac::ValidateError::BadInvoker { .. } => VM::raise(
411
+ capbac_class.get_nested_class("BadInvoker"),
412
+ &format!("{}", x),
413
+ ),
414
+ capbac::ValidateError::Untrusted { .. } => VM::raise(
415
+ capbac_class.get_nested_class("Untrusted"),
416
+ &format!("{}", x),
417
+ ),
400
418
  capbac::ValidateError::Expired => {
401
419
  VM::raise(capbac_class.get_nested_class("Expired"), &format!("{}", x))
402
420
  }
@@ -407,7 +425,6 @@ methods!(
407
425
  Boolean::new(false)
408
426
  }
409
427
  }
410
-
411
428
  }
412
429
  );
413
430
 
@@ -422,10 +439,12 @@ pub extern "C" fn Init_capbac() {
422
439
  itself.def("invoke", ruby_holder_invoke);
423
440
  });
424
441
 
425
- itself.define_nested_class("Validator", None).define(|itself| {
426
- itself.def_self("new", ruby_validator_new);
427
- itself.def("validate_cert", ruby_validator_validate_cert);
428
- itself.def("validate_invocation", ruby_validator_validate_invocation);
429
- });
442
+ itself
443
+ .define_nested_class("Validator", None)
444
+ .define(|itself| {
445
+ itself.def_self("new", ruby_validator_new);
446
+ itself.def("validate_cert", ruby_validator_validate_cert);
447
+ itself.def("validate_invocation", ruby_validator_validate_invocation);
448
+ });
430
449
  });
431
450
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capbac
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kirill Chernyshov
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-15 00:00:00.000000000 Z
11
+ date: 2020-08-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thermite