cased-ruby 0.4.3 → 0.4.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5356c39c08774c8e104858515fbb9111264c526e72984dd9da83874f87107903
-  data.tar.gz: 4ca2cf761ef6d0abc7110988f38038d952bec2be593d4ae2e01a291b46c5cb69
+  metadata.gz: 5d2e582beb818f03f7211310ca694248b25aaf28a1ed625c0fa82afafbb4af71
+  data.tar.gz: 85dfd3af819d73e055401b8461d156e990021362b7b3acfa67ea0c690a359a4c
 SHA512:
-  metadata.gz: 04b3651c4658c938257d333f167ab7846f9d7d9efe9a162e3986457af8acf86431ee4bc2b12ed393aed92073474da7f78c0283e584a82deb207041002c9d7bd0
-  data.tar.gz: de40f52b7145f88ea18c6f9cfeaa5508a025e3f0d4498db9bd8821f45ba6b412804745f01ffb5ea13cbdc1ba942ac6496f622305af4ba705e6a2d94ccddb5390
+  metadata.gz: 15d5ef3b76f2187d030928d448488560784beb0fad6a462dcd6339e5697874c822bfd1efcd2fca6c7307b95f10d2465761693a1d422baea4e789f84d77bae6a8
+  data.tar.gz: 9969f4cf476784ac3e4747d0053035fd61fd329a425bb5e67f04a64125792c7842f3ddb9fe966920f118825960af1477c1843d8779600c706bea5c3a6a364e2d

data/.github/workflows/ruby.yml

@@ -28,19 +28,3 @@ jobs:
       - name: Run Tests
         run: |
           bundle exec rake test
-
-      - name: Generate yard documentation
-        run: |
-          bundle exec yard
-
-      - name: Upload test coverage report
-        uses: actions/upload-artifact@v2
-        with:
-          name: coverage
-          path: coverage/**/*
-
-      - name: Upload generated yard documentation
-        uses: actions/upload-artifact@v2
-        with:
-          name: yard
-          path: doc/**/*

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    cased-ruby (0.4.3)
+    cased-ruby (0.4.8)
       activesupport (~> 6)
       dotpath (= 0.1.0)
       faraday (~> 1.0)
@@ -14,7 +14,7 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (6.1.3)
+    activesupport (6.1.3.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -30,15 +30,19 @@ GEM
       safe_yaml (~> 1.0.0)
     docile (1.3.2)
     dotpath (0.1.0)
-    faraday (1.3.0)
+    faraday (1.4.1)
+      faraday-excon (~> 1.1)
       faraday-net_http (~> 1.0)
+      faraday-net_http_persistent (~> 1.1)
       multipart-post (>= 1.2, < 3)
-      ruby2_keywords
+      ruby2_keywords (>= 0.0.4)
+    faraday-excon (1.1.0)
     faraday-net_http (1.0.1)
+    faraday-net_http_persistent (1.1.0)
     faraday_middleware (1.0.0)
       faraday (~> 1.0)
     hashdiff (1.0.1)
-    i18n (1.8.9)
+    i18n (1.8.10)
       concurrent-ruby (~> 1.0)
     jaro_winkler (1.5.4)
     json (2.5.1)

data/README.md

@@ -9,6 +9,7 @@ A Cased client for Ruby applications in your organization to control and monitor
 - [Usage](#usage)
   - [Cased CLI](#cased-cli)
     - [Starting an approval workflow](#starting-an-approval-workflow)
+    - [Attaching metadata to all CLI requests](#attaching-metadata-to-all-cli-requests)
   - [Audit trails](#audit-trails)
     - [Publishing events to Cased](#publishing-events-to-cased)
     - [Retrieving events from a Cased audit trail](#retrieving-events-from-a-cased-audit-trail)
@@ -85,6 +86,17 @@ Cased.configure do |config|
 
   # CASED_HTTP_READ_TIMEOUT=10
   config.http_read_timeout = 10
+
+  # Attach metadata to all CLI requests. This metadata will appear in Cased and
+  # any notification source such as email or Slack.
+  #
+  # You are limited to 20 properties and cannot be a nested dictionary. Metadata
+  # specified in the CLI request overrides any configured globally.
+  config.cli.metadata = {
+    rails_env: ENV['RAILS_ENV'],
+    heroku_application: ENV['HEROKU_APP_NAME'],
+    git_commit: ENV['GIT_COMMIT'],
+  }
 end
 ```
 
@@ -135,7 +147,8 @@ end
 
 authentication = Cased::CLI::Authentication.new
 identity = Cased::CLI::Identity.new
-authentication.token = identity.identify
+token, ip_address = identity.identify
+authentication.token = token
 
 session = Cased::CLI::Session.new(
   authentication: authentication,
@@ -180,6 +193,27 @@ You no longer need to handle obtaining the user token or asking for a reason up
 front, `Cased::CLI::InteractiveSession` will prompt the user for any reason
 being required as necessary.
 
+#### Attaching metadata to all CLI requests
+
+While you can customize the metadata included for each CLI request, it may prove
+useful to specify metadata globally that will be included with each CLI request.
+Some useful information to include may be the current Rails environment, Heroku
+application, Git commit deployed, and more.
+
+Metadata is limited to 20 properties and cannot be a nested dictionary.
+
+```ruby
+Cased.configure do |config|
+  config.cli.metadata = {
+    rails_env: ENV['RAILS_ENV'],
+    heroku_application: ENV['HEROKU_APP_NAME'],
+    git_commit: ENV['GIT_COMMIT'],
+  }
+end
+```
+
+Note: Metadata specified in the CLI request overrides any configured globally.
+
 ### Audit trails
 
 #### Publishing events to Cased

data/lib/cased/cli/asciinema/file.rb

@@ -15,12 +15,17 @@ module Cased
         end
 
         def self.from_cast(cast)
+          return if cast.blank?
+
           stream = cast.split("\n").collect do |data|
             JSON.parse(data)
           end
           header = stream.shift
+          return unless header.is_a?(Hash)
 
           new(header, stream)
+        rescue JSON::ParserError
+          nil
         end
 
         # Required

data/lib/cased/cli/config.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Cased
+  module CLI
+    class Config
+      # @example
+      #   Cased.configure do |config|
+      #     config.cli.metadata = {
+      #       rails_env: ENV['RAILS_ENV'],
+      #       heroku_application: ENV['HEROKU_APP_NAME'],
+      #       git_commit: ENV['GIT_COMMIT'],
+      #     }
+      #   end
+      attr_accessor :metadata
+
+      def initialize
+        @metadata = {}
+      end
+    end
+  end
+end

data/lib/cased/cli/identity.rb

@@ -23,15 +23,20 @@ module Cased
       def poll(poll_url)
         count = 0
         user_id = nil
+        ip_address = nil
 
         while user_id.nil?
           count += 1
           response = Cased.clients.cli.get(poll_url)
-          user_id = response.body.dig('user', 'id')
-          sleep 1 if user_id.nil?
+          if response.success?
+            user_id = response.body.dig('user', 'id')
+            ip_address = response.body.fetch('ip_address')
+          else
+            sleep 1
+          end
         end
 
-        user_id
+        [user_id, ip_address]
       end
     end
   end

data/lib/cased/cli/interactive_session.rb

@@ -50,7 +50,9 @@ module Cased
           Cased::CLI::Log.log "You must re-authenticate with Cased due to recent changes to this application's settings."
 
           identity = Cased::CLI::Identity.new
-          session.authentication.token = identity.identify
+          token, ip_address = identity.identify
+          session.authentication.token = token
+          session.forwarded_ip_address = ip_address
 
           create
         elsif session.unauthorized?
@@ -61,7 +63,9 @@ module Cased
           end
 
           identity = Cased::CLI::Identity.new
-          session.authentication.token = identity.identify
+          token, ip_address = identity.identify
+          session.authentication.token = token
+          session.forwarded_ip_address = ip_address
 
           create
         elsif session.reason_required?
@@ -108,8 +112,10 @@ module Cased
           exit 1
         when 'timed_out'
           Cased::CLI::Log.log 'CLI session has timed out'
+          exit 1
         when 'canceled'
           Cased::CLI::Log.log 'CLI session has been canceled'
+          exit 0
         end
       end
     end

data/lib/cased/cli/session.rb

@@ -86,9 +86,17 @@ module Cased
       # @return [String, nil]
       attr_accessor :reason
 
+      # Public: The forwarded IP V4 or IP V6 address of the user that initiated
+      # the CLI session.
+      #
+      # @example
+      #   session.forwarded_ip_address #=> "1.1.1.1"
+      # @return [String, nil]
+      attr_accessor :forwarded_ip_address
+
       # Public: The client's IP V4 or IP V6 address that initiated the CLI session.
       # @example
-      #   session.reason #=> "1.1.1.1"
+      #   session.ip_address #=> "1.1.1.1"
       # @return [String, nil]
       attr_reader :ip_address
 
@@ -116,11 +124,18 @@ module Cased
       # @return [Hash, nil]
       attr_reader :guard_application
 
+      # Public: Cased may filter out sensitive data in the command, we shouldn't
+      # execute what is returned from the server.
+      #
+      # @return [String, nil]
+      attr_reader :original_command
+
       def initialize(reason: nil, command: nil, metadata: {}, authentication: nil)
         @authentication = authentication || Cased::CLI::Authentication.new
         @reason = reason
-        @command = command || [$PROGRAM_NAME, *ARGV].join(' ')
-        @metadata = metadata
+        @original_command = command || [$PROGRAM_NAME, *ARGV].join(' ')
+        @command = @original_command
+        @metadata = Cased.config.cli.metadata.merge(metadata)
         @requester = {}
         @responder = {}
         @guard_application = {}
@@ -144,6 +159,7 @@ module Cased
         @command = session.fetch('command')
         @metadata = session.fetch('metadata')
         @reason = session.fetch('reason')
+        @forwarded_ip_address = session.fetch('forwarded_ip_address')
         @ip_address = session.fetch('ip_address')
         @requester = session.fetch('requester')
         @responded_at = session['responded_at']
@@ -207,7 +223,7 @@ module Cased
 
         Cased::CLI::Log.log 'CLI session is now recording'
 
-        recorder = Cased::CLI::Recorder.new(command.split(' '), env: {
+        recorder = Cased::CLI::Recorder.new(original_command.split(' '), env: {
           'GUARD_SESSION_ID' => id,
           'GUARD_APPLICATION_ID' => guard_application.fetch('id'),
           'GUARD_USER_TOKEN' => requester.fetch('id'),
@@ -226,6 +242,7 @@ module Cased
 
         response = Cased.clients.cli.post('cli/sessions',
           user_token: authentication.token,
+          forwarded_ip_address: forwarded_ip_address,
           reason: reason,
           metadata: metadata,
           command: command)

data/lib/cased/config.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'cased/cli/config'
+
 module Cased
   class Config
     # The amount of time in seconds to allow the HTTP client to open a
@@ -149,6 +151,16 @@ module Cased
     #   end
     attr_writer :silence
 
+    # @example
+    #   Cased.configure do |config|
+    #     config.cli.metadata = {
+    #       rails_env: ENV['RAILS_ENV'],
+    #       heroku_application: ENV['HEROKU_APP_NAME'],
+    #       git_commit: ENV['GIT_COMMIT'],
+    #     }
+    #   end
+    attr_reader :cli
+
     def initialize
       @http_read_timeout = ENV.fetch('CASED_HTTP_READ_TIMEOUT', 10).to_i
       @http_open_timeout = ENV.fetch('CASED_HTTP_OPEN_TIMEOUT', 5).to_i
@@ -172,6 +184,7 @@ module Cased
           hash[normalized_key] = api_key if api_key
         end
       end
+      @cli = Cased::CLI::Config.new
     end
 
     # Policy keys are used to query for events from audit trails.

data/lib/cased/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Cased
-  VERSION = '0.4.3'
+  VERSION = '0.4.8'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cased-ruby
 version: !ruby/object:Gem::Version
-  version: 0.4.3
+  version: 0.4.8
 platform: ruby
 authors:
 - Garrett Bjerkhoel
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-03-15 00:00:00.000000000 Z
+date: 2021-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -305,6 +305,7 @@ files:
 - lib/cased/cli/asciinema/file.rb
 - lib/cased/cli/asciinema/writer.rb
 - lib/cased/cli/authentication.rb
+- lib/cased/cli/config.rb
 - lib/cased/cli/identity.rb
 - lib/cased/cli/interactive_session.rb
 - lib/cased/cli/log.rb
@@ -343,7 +344,7 @@ files:
 - lib/cased/sensitive/string.rb
 - lib/cased/test_helper.rb
 - lib/cased/version.rb
-- vendor/cache/activesupport-6.1.3.gem
+- vendor/cache/activesupport-6.1.3.1.gem
 - vendor/cache/addressable-2.7.0.gem
 - vendor/cache/ast-2.4.0.gem
 - vendor/cache/byebug-11.0.1.gem
@@ -352,11 +353,13 @@ files:
 - vendor/cache/crack-0.4.3.gem
 - vendor/cache/docile-1.3.2.gem
 - vendor/cache/dotpath-0.1.0.gem
-- vendor/cache/faraday-1.3.0.gem
+- vendor/cache/faraday-1.4.1.gem
+- vendor/cache/faraday-excon-1.1.0.gem
 - vendor/cache/faraday-net_http-1.0.1.gem
+- vendor/cache/faraday-net_http_persistent-1.1.0.gem
 - vendor/cache/faraday_middleware-1.0.0.gem
 - vendor/cache/hashdiff-1.0.1.gem
-- vendor/cache/i18n-1.8.9.gem
+- vendor/cache/i18n-1.8.10.gem
 - vendor/cache/jaro_winkler-1.5.4.gem
 - vendor/cache/json-2.5.1.gem
 - vendor/cache/jwt-2.2.2.gem