conjur-api 2.3.1 → 2.4.0

data/lib/conjur-api/version.rb

@@ -1,6 +1,6 @@
 module Conjur
   class API
-    VERSION = "2.3.1"
+    VERSION = "2.4.0"
     # Note: when bumping major version, please remove compatibility code in role#grant_to
   end
 end

data/lib/conjur/api/roles.rb

@@ -11,5 +11,13 @@ module Conjur
     def role role
       Role.new(Conjur::Authz::API.host, credentials)[self.class.parse_role_id(role).join('/')]
     end
+
+    def current_role
+      role_from_username username
+    end
+
+    def role_from_username username
+      role(username.split('/').unshift('user')[-2..-1].join(':'))
+    end
   end
 end

data/spec/lib/api_spec.rb

@@ -106,18 +106,23 @@ describe Conjur::API do
       it_should_behave_like "API endpoint"
     end    
   end
-  context "credential handling" do
+
+  shared_context logged_in: true do
     let(:login) { "bob" }
     let(:token) { { 'data' => login, 'timestamp' => (Time.now + elapsed ).to_s } }
     let(:elapsed) { 0 }
     subject { api }
+    let(:api) { Conjur::API.new_from_token(token) }
+    let(:account) { 'some-account' }
+    before { Conjur::Core::API.stub conjur_account: account }
+  end
+
+  context "credential handling", logged_in: true do
     context "from token" do
-      let(:api) { Conjur::API.new_from_token(token) }
-      subject { api }
       its(:token) { should == token }
       its(:credentials) { should == { headers: { authorization: "Token token=\"#{Base64.strict_encode64(token.to_json)}\"" }, username: login } }
     end
-    context "from api key" do
+    context "from api key", logged_in: true do
       let(:api_key) { "theapikey" }
       let(:api) { Conjur::API.new_from_key(login, api_key) }
       subject { api }
@@ -130,4 +135,31 @@ describe Conjur::API do
       end
     end
   end
+
+  describe "#role_from_username", logged_in: true do
+    it "returns a user role when username is plain" do
+      api.role_from_username("plain-username").roleid.should == "#{account}:user:plain-username"
+    end
+
+    it "returns an appropriate role kind when username is qualified" do
+      api.role_from_username("host/foobar").roleid.should == "#{account}:host:foobar"
+    end
+  end
+
+  describe "#current_role", logged_in: true do
+    context "when logged in as user" do
+      let(:login) { 'joerandom' }
+      it "returns a user role" do
+        api.current_role.roleid.should == "#{account}:user:joerandom"
+      end
+    end
+
+    context "when logged in as host" do
+      let(:host) { "somehost" }
+      let(:login) { "host/#{host}" }
+      it "returns a host role" do
+        api.current_role.roleid.should == "#{account}:host:somehost"
+      end
+    end
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-api
 version: !ruby/object:Gem::Version
-  version: 2.3.1
+  version: 2.4.0
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-06-03 00:00:00.000000000 Z
+date: 2013-06-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -208,7 +208,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -1659157987203846410
+      hash: 143762494061224916
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -217,7 +217,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -1659157987203846410
+      hash: 143762494061224916
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.24