cased-ruby 0.3.3

data/Rakefile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.libs << 'lib'
+  t.test_files = FileList['test/**/*_test.rb']
+end
+
+task default: :test

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'cased-ruby'
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require 'irb'
+IRB.start(__FILE__)

data/bin/rubocop

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rubocop' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path('bundle', __dir__)
+
+if File.file?(bundle_binstub)
+  if /This file was generated by Bundler/.match?(File.read(bundle_binstub, 300))
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rubocop', 'rubocop')

data/cased-ruby.gemspec

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'cased/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'cased-ruby'
+  spec.version       = Cased::VERSION
+  spec.authors       = ['Garrett Bjerkhoel']
+  spec.email         = ['garrett@cased.com']
+
+  spec.summary       = 'Ruby library for Cased'
+  spec.description   = 'Ruby library for Cased'
+  spec.homepage      = 'https://github.com/cased/cased-ruby'
+  spec.license       = 'MIT'
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/cased/cased-ruby'
+  spec.metadata['changelog_uri'] = 'https://github.com/cased/cased-ruby/releases'
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'activesupport', '~> 6'
+  spec.add_dependency 'dotpath', '0.1.0'
+  spec.add_dependency 'faraday', '~> 1.0'
+  spec.add_dependency 'faraday_middleware', '~> 1.0'
+  spec.add_dependency 'json', '~> 2'
+  spec.add_dependency 'net-http-persistent', '~> 3.0'
+  spec.add_development_dependency 'bundler', '2.1.4'
+  spec.add_development_dependency 'byebug', '11.0.1'
+  spec.add_development_dependency 'minitest', '5.13.0'
+  spec.add_development_dependency 'mocha', '1.11.2'
+  spec.add_development_dependency 'rack', '2.2.2'
+  spec.add_development_dependency 'rake', '10.5.0'
+  spec.add_development_dependency 'rubocop', '0.78.0'
+  spec.add_development_dependency 'rubocop-performance', '1.5.2'
+  spec.add_development_dependency 'sidekiq', '6.0.7'
+  spec.add_development_dependency 'webmock', '3.8.3'
+  spec.add_development_dependency 'yard', '0.9.24'
+end

data/lib/cased-ruby.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require 'cased'

data/lib/cased.rb

@@ -0,0 +1,260 @@
+# frozen_string_literal: true
+
+require 'socket'
+require 'json'
+require 'dotpath'
+require 'cased/version'
+require 'cased/config'
+require 'cased/context'
+require 'cased/model'
+require 'cased/error'
+require 'cased/clients'
+require 'cased/policy'
+require 'cased/rack_middleware'
+require 'cased/sensitive'
+require 'cased/publishers'
+require 'cased/test_helper'
+require 'cased/instrumentation/log_subscriber'
+
+# Integrations
+begin
+  require 'cased/integrations/sidekiq'
+rescue LoadError # rubocop:disable Lint/SuppressedException
+  # Sidekiq is not installed in host application
+end
+
+module Cased
+  def self.sensitive(label, handler)
+    Cased::Sensitive::Handler.register(label, handler)
+  end
+
+  #
+  # @example
+  #   Cased.policies[:organization]
+  #
+  # @return [Hash{Symbol => Cased::Policy, nil}]
+  def self.policies
+    @policies ||= Hash.new do |hash, name|
+      key = name.to_sym
+      api_key = Cased.config.policy_key(key)
+      hash[key] = Policy.new(api_key: api_key)
+    end
+  end
+
+  # Helper method for accessing the applications default policy.
+  #
+  # @example
+  #   Cased.configure do |config|
+  #     config.policy_key = 'policy_test_1dQpY5JliYgHSkEntAbMVzuOROh'
+  #   end
+  #
+  #   policy = Cased.policy
+  #   policy.events.each do |event|
+  #     puts event['action'] # => user.login
+  #   end
+  #
+  # @return [Cased::Policy, nil]
+  def self.policy
+    policies[:default]
+  end
+
+  # @return [Cased::Config]
+  def self.config
+    @config ||= Cased::Config.new
+  end
+
+  # @example
+  #   Cased.configure do |config|
+  #     config.policy_key = 'policy_test_1dQpY5JliYgHSkEntAbMVzuOROh'
+  #   end
+  #
+  # @return [void]
+  def self.configure(&block)
+    block.call(config)
+  end
+
+  class << self
+    attr_writer :publishers
+  end
+
+  # The list of publishers that will receive the processed audit event when calling Cased.publish.
+  #
+  # The desired behavior for Cased.publish should not change based on the order
+  # of the publishers.
+  #
+  # @example Adding a publisher to the stack
+  #   Cased.publishers << Cased::Publishers::KafkaPublisher.new
+  #
+  # @example Setting the list of publishers
+  #   Cased.publishers = [
+  #     Cased::Publishers::KafkaPublisher.new,
+  #   ]
+  #
+  # @return [Array<Cased::Publishers::Base>]
+  def self.publishers
+    @publishers ||= [
+      Cased::Publishers::HTTPPublisher.new,
+      Cased::Publishers::ActiveSupportPublisher.new,
+    ]
+  end
+
+  def self.clients
+    @clients ||= Cased::Clients.new
+  end
+
+  # @param audit_event [Hash] the audit event.
+  #
+  # @example
+  #   Cased.publish(
+  #     action: "user.login",
+  #     actor: "garrett@cased.com",
+  #     actor_id: "user_1dQpY5JliYgHSkEntAbMVzuOROh",
+  #     http_user_agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36",
+  #     http_url: "https://app.cased.com/",
+  #     http_method: "GET",
+  #     language: "en-US"
+  #   )
+  #
+  # @example With User object that includes Cased::Model
+  #   Cased.publish(
+  #     action: "user.login",
+  #     actor: User.find(1),
+  #   )
+  #
+  # @return [Array] of responses from Cased.publishers
+  # @return [false] if Cased has been silenced.
+  # @raise [ArgumentError] if a publisher does not implement the #publish method
+  def self.publish(audit_event)
+    return false if config.silence?
+
+    processed_audit_event = process(audit_event)
+
+    publishers.each do |publisher|
+      unless publisher.respond_to?(:publish)
+        raise ArgumentError, "#{publisher.class} must implement #{publisher.class}#publish"
+      end
+
+      publisher.publish(processed_audit_event.dup)
+    rescue StandardError => e
+      handle_exception(e)
+    end
+  end
+
+  # @return [Cased::Context]
+  def self.context
+    Context.current
+  end
+
+  # The main entry point to handling any exceptions encountered in the event creation lifecycle.
+  #
+  # @param exception [Exception] the exception to be raised
+  #
+  # @return [void]
+  # @raise [Exception] if Cased is configured to raise on errors
+  def self.handle_exception(exception)
+    raise exception if config.raise_on_errors?
+
+    if exception_handler.nil?
+      warn exception.message
+      return
+    end
+
+    exception_handler.call(exception)
+  end
+
+  # Applications can determine where they want exceptions generated by Cased to be sent.
+  #
+  # @return [Proc, nil]
+  def self.exception_handler
+    @exception_handler
+  end
+
+  # Sets the system user to be used for Cased events that do not contain an actor.
+  #
+  # @param handler [Proc] - The Proc or lambda that takes a single exception argument.
+  #
+  # @example
+  #   Cased.exception_handler = Proc.new do |exception|
+  #     Raven.capture_exception(exception)
+  #   end
+  #
+  # @return [void]
+  # @raise [ArgumentError] if the provided handler does not respond to call or
+  #   accept an argument.
+  def self.exception_handler=(handler)
+    if handler.nil?
+      @exception_handler = nil
+      return
+    elsif !handler.respond_to?(:call)
+      @exception_handler = nil
+      raise ArgumentError, "#{handler.class} does not respond to #call"
+    elsif handler.arity != 1
+      raise ArgumentError, 'handler does not accept any arguments'
+    end
+
+    @exception_handler = handler
+  end
+
+  # Configures a default context for console sessions.
+  #
+  # When a console session is started you don't have the context generated from
+  # a typical web request lifecycle where authentication will happen and an IP
+  # address is present. This uses the server's hostname as a standard location
+  # for migrations or data transitions.
+  #
+  # @param options [Hash]
+  #
+  # @return [void]
+  def self.console(options = {})
+    context.merge({
+      location: Socket.gethostname,
+    }.merge(options))
+  end
+
+  # Generates Cased compatible resource identifier.
+  #
+  # @param model [Object] an object that responds to #cased_id
+  #
+  # @return [String] the Cased::Model#cased_id
+  # @raise [Cased::Error::MissingIdentifier] when the provided model does not
+  #   respond to #cased_id
+  def self.id(model)
+    raise Cased::Error::MissingIdentifier unless model.respond_to?(:cased_id)
+
+    model.cased_id
+  end
+
+  # Don't send any events to Cased that are created within the lifecycle of the block.
+  #
+  # @example
+  #  Cased.silence do
+  #    user.save
+  #  end
+  def self.silence
+    original_silence = config.silence?
+    config.silence = true
+    yield
+  ensure
+    config.silence = original_silence
+  end
+
+  # Publish the Cased event so all subscribers can handle storing the Cased event.
+  #
+  # @param payload [Hash] payload to publish.
+  #
+  # @return [Hash] the processed audit event payload.
+  private_class_method def self.process(payload)
+    expanded_audit_event = Cased::Context::Expander.expand(payload)
+    event = expanded_audit_event.merge(
+      cased_id: SecureRandom.hex,
+      timestamp: Time.now.utc.iso8601(6),
+    )
+
+    safe_context = context.context.dup
+    audit_event = safe_context.merge(event)
+
+    Cased::Sensitive::Processor.process!(audit_event)
+
+    audit_event
+  end
+end

data/lib/cased/clients.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'cased/http/client'
+
+module Cased
+  class Clients
+    def self.create(api_key:, url: nil)
+      url ||= Cased.config.api_url
+
+      Cased::HTTP::Client.new(url: url, api_key: api_key)
+    end
+
+    def organization
+      @organization ||= self.class.create(api_key: ENV.fetch('CASED_ORGANIZATION_KEY'))
+    end
+
+    def publish
+      @publish ||= self.class.create(url: Cased.config.publish_url, api_key: Cased.config.publish_key)
+    end
+  end
+end

data/lib/cased/collection_response.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+require 'cased/response'
+
+module Cased
+  class CollectionResponse < Response
+    def results
+      return [] unless body
+
+      body['results']
+    end
+
+    def total_count
+      return unless body
+
+      body['total_count']
+    end
+
+    def total_pages
+      return unless body
+
+      body['total_pages']
+    end
+
+    def next_page_url?
+      next_page_url.present?
+    end
+
+    def next_page_url
+      links[:next]
+    end
+
+    def next_page
+      page_from(:next)
+    end
+
+    def next_page?
+      next_page.present?
+    end
+
+    def previous_page_url?
+      previous_page_url.present?
+    end
+
+    def previous_page_url
+      links[:prev]
+    end
+
+    def previous_page
+      page_from(:prev)
+    end
+
+    def previous_page?
+      previous_page.present?
+    end
+
+    def first_page_url?
+      first_page_url.present?
+    end
+
+    def first_page_url
+      links[:first]
+    end
+
+    def first_page
+      page_from(:first)
+    end
+
+    def first_page?
+      first_page.present?
+    end
+
+    def last_page_url?
+      last_page_url.present?
+    end
+
+    def last_page_url
+      links[:last]
+    end
+
+    def last_page
+      page_from(:last)
+    end
+
+    def last_page?
+      last_page.present?
+    end
+
+    private
+
+    def page_from(rel)
+      rel = links[rel.to_sym]
+      return unless rel
+
+      uri = Addressable::URI.parse(rel)
+      return unless uri
+
+      page = uri.query_values['page']
+      return unless page
+
+      page.to_i
+    end
+
+    def links
+      link_header = @response.headers['Link']
+      return {} unless link_header
+
+      links = link_header.split(', ').map do |link|
+        href, name = link.match(/<(.*?)>; rel="(\w+)"/).captures
+
+        [name.to_sym, href]
+      end
+
+      Hash[*links.flatten]
+    end
+  end
+end