castle-rb 8.1.0 → 9.0.0

data/lib/castle/client.rb

@@ -5,6 +5,7 @@ module Castle
   class Client
     include Castle::ClientActions::ListItems
     include Castle::ClientActions::Lists
+    include Castle::ClientActions::Privacy
 
     class << self
       def from_request(request, options = {})
@@ -22,37 +23,11 @@ module Castle
       @context = options.fetch(:context) { {} }
     end
 
-    # @param options [Hash]
-    def authenticate(options = {})
-      options = Castle::Utils::DeepSymbolizeKeys.call(options || {})
-
-      return generate_do_not_track_response(options[:user_id]) unless tracked?
-
-      add_timestamp_if_necessary(options)
-
-      new_context = Castle::Context::Merge.call(@context, options[:context])
-
-      Castle::API::Authenticate.call(options.merge(context: new_context, no_symbolize: true))
-    end
-
-    # @param options [Hash]
-    def track(options = {})
-      options = Castle::Utils::DeepSymbolizeKeys.call(options || {})
-
-      return unless tracked?
-
-      add_timestamp_if_necessary(options)
-
-      new_context = Castle::Context::Merge.call(@context, options[:context])
-
-      Castle::API::Track.call(options.merge(context: new_context, no_symbolize: true))
-    end
-
     # @param options [Hash]
     def filter(options = {})
       options = Castle::Utils::DeepSymbolizeKeys.call(options || {})
 
-      return generate_do_not_track_response(options[:user][:id]) unless tracked?
+      return generate_do_not_track_response(failover_user_id(options)) unless tracked?
 
       add_timestamp_if_necessary(options)
 
@@ -65,7 +40,7 @@ module Castle
     def risk(options = {})
       options = Castle::Utils::DeepSymbolizeKeys.call(options || {})
 
-      return generate_do_not_track_response(options[:user][:id]) unless tracked?
+      return generate_do_not_track_response(failover_user_id(options)) unless tracked?
 
       add_timestamp_if_necessary(options)
 
@@ -78,7 +53,7 @@ module Castle
     def log(options = {})
       options = Castle::Utils::DeepSymbolizeKeys.call(options || {})
 
-      return generate_do_not_track_response(options[:user][:id]) unless tracked?
+      return generate_do_not_track_response(failover_user_id(options)) unless tracked?
 
       add_timestamp_if_necessary(options)
 
@@ -87,28 +62,6 @@ module Castle
       Castle::API::Log.call(options.merge(context: new_context, no_symbolize: true))
     end
 
-    # @param options [Hash]
-    def start_impersonation(options = {})
-      options = Castle::Utils::DeepSymbolizeKeys.call(options || {})
-
-      add_timestamp_if_necessary(options)
-
-      new_context = Castle::Context::Merge.call(@context, options[:context])
-
-      Castle::API::StartImpersonation.call(options.merge(context: new_context, no_symbolize: true))
-    end
-
-    # @param options [Hash]
-    def end_impersonation(options = {})
-      options = Castle::Utils::DeepSymbolizeKeys.call(options || {})
-
-      add_timestamp_if_necessary(options)
-
-      new_context = Castle::Context::Merge.call(@context, options[:context])
-
-      Castle::API::EndImpersonation.call(options.merge(context: new_context, no_symbolize: true))
-    end
-
     def disable_tracking
       @do_not_track = true
     end
@@ -124,11 +77,18 @@ module Castle
 
     private
 
-    # @param user_id [String, Boolean]
+    # @param user_id [String, Boolean, nil]
     def generate_do_not_track_response(user_id)
       Castle::Failover::PrepareResponse.new(user_id, strategy: :allow, reason: 'Castle is set to do not track.').call
     end
 
+    # Safely pull the user identifier for a failover/do-not-track response.
+    # `user` is optional on /v1/filter (#279) and may be omitted entirely on
+    # /v1/log; fall back to `matching_user_id` then nil.
+    def failover_user_id(options)
+      options.dig(:user, :id) || options[:matching_user_id]
+    end
+
     # @param options [Hash]
     def add_timestamp_if_necessary(options)
       options[:timestamp] ||= @timestamp if @timestamp

data/lib/castle/client_actions/list_items.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module Castle
-  # Namesapce for client actions
+  # Namespace for client actions
   module ClientActions
     # Client actions for list items
     module ListItems
@@ -20,6 +20,11 @@ module Castle
         Castle::API::ListItems::Create.call(options)
       end
 
+      # @param options [Hash]
+      def create_batch_list_items(options = {})
+        Castle::API::ListItems::CreateBatch.call(options)
+      end
+
       # @param options [Hash]
       def get_list_item(options = {})
         Castle::API::ListItems::Get.call(options)
@@ -31,7 +36,7 @@ module Castle
       end
 
       # @param options [Hash]
-      def unarchive_list_item(options)
+      def unarchive_list_item(options = {})
         Castle::API::ListItems::Unarchive.call(options)
       end
 

data/lib/castle/client_actions/privacy.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Castle
+  module ClientActions
+    # Client actions for the Privacy API (GDPR Articles 15 & 17).
+    module Privacy
+      # Triggers a "right of access" data export.
+      # @param options [Hash] must include :identifier and :identifier_type ($id or $email)
+      def request_user_data(options = {})
+        Castle::API::Privacy::RequestData.call(options)
+      end
+
+      # Triggers a "right to be forgotten" data purge.
+      # @param options [Hash] must include :identifier and :identifier_type ($id or $email)
+      def delete_user_data(options = {})
+        Castle::API::Privacy::DeleteData.call(options)
+      end
+    end
+  end
+end

data/lib/castle/commands/list_items/create_batch.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    module ListItems
+      # Builds the command to create or update multiple list items in a single call
+      class CreateBatch
+        class << self
+          # @param options [Hash]
+          # @return [Castle::Command]
+          def build(options = {})
+            Castle::Validators::Present.call(options, %i[list_id items])
+
+            list_id = options.delete(:list_id)
+
+            Castle::Command.new("lists/#{list_id}/items/batch", options, :post)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/privacy/delete_data.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    module Privacy
+      # Builds the command for DELETE /v1/privacy/users — GDPR Article 17 (right to be forgotten).
+      class DeleteData
+        class << self
+          # @param options [Hash] must include :identifier and :identifier_type ($id or $email)
+          # @return [Castle::Command]
+          def build(options = {})
+            Castle::Validators::Present.call(options, %i[identifier identifier_type])
+
+            Castle::Command.new('privacy/users', options, :delete)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/privacy/request_data.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    module Privacy
+      # Builds the command for POST /v1/privacy/users — GDPR Article 15 (right of access).
+      class RequestData
+        class << self
+          # @param options [Hash] must include :identifier and :identifier_type ($id or $email)
+          # @return [Castle::Command]
+          def build(options = {})
+            Castle::Validators::Present.call(options, %i[identifier identifier_type])
+
+            Castle::Command.new('privacy/users', options, :post)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/castle/core/get_connection.rb

@@ -12,7 +12,11 @@ module Castle
         def call(config = nil)
           config ||= Castle.config
           http = Net::HTTP.new(config.base_url.host, config.base_url.port)
-          http.read_timeout = config.request_timeout / 1000.0
+          # `request_timeout` is in milliseconds for historical reasons; both
+          # Net::HTTP timeouts take seconds.
+          timeout_seconds = config.request_timeout / 1000.0
+          http.open_timeout = timeout_seconds
+          http.read_timeout = timeout_seconds
 
           if config.base_url.scheme == HTTPS_SCHEME
             http.use_ssl = true

data/lib/castle/core/process_response.rb

@@ -57,6 +57,7 @@ module Castle
                 raise Castle::InvalidParametersError, parsed_body[:message]
               end
             rescue JSON::ParserError
+              # body wasn't valid JSON; fall through to the generic 422 error below
             end
           end
 

data/lib/castle/core/process_webhook.rb

@@ -11,7 +11,7 @@ module Castle
         # @return [String]
         def call(webhook, config = nil)
           webhook.body.read.tap do |result|
-            raise Castle::ApiError, 'Invalid webhook from Castle API' if result.blank?
+            raise Castle::ApiError, 'Invalid webhook from Castle API' if result.nil? || result.empty?
 
             Castle::Logger.call('webhook:', result.to_s, config)
           end

data/lib/castle/core/send_request.rb

@@ -15,7 +15,8 @@ module Castle
         # @param http [Net::HTTP]
         # @param config [Castle::Configuration, Castle::SingletonConfiguration, nil]
         def call(command, headers, http = nil, config = nil)
-          (http || Castle::Core::GetConnection.call).request(build(command, headers.merge(DEFAULT_HEADERS), config))
+          connection = http || Castle::Core::GetConnection.call(config)
+          connection.request(build(command, headers.merge(DEFAULT_HEADERS), config))
         end
 
         # @param command [String]

data/lib/castle/errors.rb

@@ -12,7 +12,7 @@ module Castle
     attr_reader :reason
 
     # @param reason [Exception] the core exception that causes this error
-    def initialize(reason)
+    def initialize(reason) # rubocop:disable Lint/MissingSuper -- preserves legacy `to_s` (returns class name)
       @reason = reason
     end
   end
@@ -68,8 +68,4 @@ module Castle
   # all internal server errors
   class InternalServerError < Castle::ApiError
   end
-
-  # impersonation command failed
-  class ImpersonationFailed < Castle::ApiError
-  end
 end

data/lib/castle/headers/filter.rb

@@ -12,7 +12,7 @@ module Castle
       HTTP(?:_|-).*|
         CONTENT(?:_|-)LENGTH|
       REMOTE(?:_|-)ADDR
-      $/xi.freeze
+      $/xi
 
       private_constant :VALUABLE_HEADERS
 

data/lib/castle/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Castle
-  VERSION = '8.1.0'
+  VERSION = '9.0.0'
 end

data/lib/castle.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-%w[openssl net/http json time].each(&method(:require))
+%w[openssl net/http json time base64].each(&method(:require))
 
 %w[
   castle/version
@@ -20,17 +20,9 @@
   castle/context/sanitize
   castle/context/get_default
   castle/context/prepare
-  castle/commands/approve_device
-  castle/commands/authenticate
-  castle/commands/end_impersonation
   castle/commands/filter
-  castle/commands/get_device
-  castle/commands/get_devices_for_user
   castle/commands/log
-  castle/commands/report_device
   castle/commands/risk
-  castle/commands/start_impersonation
-  castle/commands/track
   castle/commands/lists/get_all
   castle/commands/lists/create
   castle/commands/lists/delete
@@ -39,22 +31,17 @@
   castle/commands/lists/update
   castle/commands/list_items/archive
   castle/commands/list_items/create
+  castle/commands/list_items/create_batch
   castle/commands/list_items/count
   castle/commands/list_items/get
   castle/commands/list_items/query
   castle/commands/list_items/unarchive
   castle/commands/list_items/update
-  castle/api/approve_device
-  castle/api/authenticate
-  castle/api/end_impersonation
+  castle/commands/privacy/request_data
+  castle/commands/privacy/delete_data
   castle/api/filter
-  castle/api/get_device
-  castle/api/get_devices_for_user
   castle/api/log
-  castle/api/report_device
   castle/api/risk
-  castle/api/start_impersonation
-  castle/api/track
   castle/api/lists/get_all
   castle/api/lists/create
   castle/api/lists/delete
@@ -63,11 +50,14 @@
   castle/api/lists/update
   castle/api/list_items/archive
   castle/api/list_items/create
+  castle/api/list_items/create_batch
   castle/api/list_items/count
   castle/api/list_items/get
   castle/api/list_items/query
   castle/api/list_items/unarchive
   castle/api/list_items/update
+  castle/api/privacy/request_data
+  castle/api/privacy/delete_data
   castle/payload/prepare
   castle/configuration
   castle/singleton_configuration
@@ -76,6 +66,7 @@
   castle/failover/strategy
   castle/client_actions/lists
   castle/client_actions/list_items
+  castle/client_actions/privacy
   castle/client
   castle/headers/filter
   castle/headers/format