conjur-api 2.3.1 → 2.4.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,6 +1,6 @@
1
1
  module Conjur
2
2
  class API
3
- VERSION = "2.3.1"
3
+ VERSION = "2.4.0"
4
4
  # Note: when bumping major version, please remove compatibility code in role#grant_to
5
5
  end
6
6
  end
@@ -11,5 +11,13 @@ module Conjur
11
11
  def role role
12
12
  Role.new(Conjur::Authz::API.host, credentials)[self.class.parse_role_id(role).join('/')]
13
13
  end
14
+
15
+ def current_role
16
+ role_from_username username
17
+ end
18
+
19
+ def role_from_username username
20
+ role(username.split('/').unshift('user')[-2..-1].join(':'))
21
+ end
14
22
  end
15
23
  end
@@ -106,18 +106,23 @@ describe Conjur::API do
106
106
  it_should_behave_like "API endpoint"
107
107
  end
108
108
  end
109
- context "credential handling" do
109
+
110
+ shared_context logged_in: true do
110
111
  let(:login) { "bob" }
111
112
  let(:token) { { 'data' => login, 'timestamp' => (Time.now + elapsed ).to_s } }
112
113
  let(:elapsed) { 0 }
113
114
  subject { api }
115
+ let(:api) { Conjur::API.new_from_token(token) }
116
+ let(:account) { 'some-account' }
117
+ before { Conjur::Core::API.stub conjur_account: account }
118
+ end
119
+
120
+ context "credential handling", logged_in: true do
114
121
  context "from token" do
115
- let(:api) { Conjur::API.new_from_token(token) }
116
- subject { api }
117
122
  its(:token) { should == token }
118
123
  its(:credentials) { should == { headers: { authorization: "Token token=\"#{Base64.strict_encode64(token.to_json)}\"" }, username: login } }
119
124
  end
120
- context "from api key" do
125
+ context "from api key", logged_in: true do
121
126
  let(:api_key) { "theapikey" }
122
127
  let(:api) { Conjur::API.new_from_key(login, api_key) }
123
128
  subject { api }
@@ -130,4 +135,31 @@ describe Conjur::API do
130
135
  end
131
136
  end
132
137
  end
138
+
139
+ describe "#role_from_username", logged_in: true do
140
+ it "returns a user role when username is plain" do
141
+ api.role_from_username("plain-username").roleid.should == "#{account}:user:plain-username"
142
+ end
143
+
144
+ it "returns an appropriate role kind when username is qualified" do
145
+ api.role_from_username("host/foobar").roleid.should == "#{account}:host:foobar"
146
+ end
147
+ end
148
+
149
+ describe "#current_role", logged_in: true do
150
+ context "when logged in as user" do
151
+ let(:login) { 'joerandom' }
152
+ it "returns a user role" do
153
+ api.current_role.roleid.should == "#{account}:user:joerandom"
154
+ end
155
+ end
156
+
157
+ context "when logged in as host" do
158
+ let(:host) { "somehost" }
159
+ let(:login) { "host/#{host}" }
160
+ it "returns a host role" do
161
+ api.current_role.roleid.should == "#{account}:host:somehost"
162
+ end
163
+ end
164
+ end
133
165
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-api
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.1
4
+ version: 2.4.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2013-06-03 00:00:00.000000000 Z
13
+ date: 2013-06-05 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: rest-client
@@ -208,7 +208,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
208
208
  version: '0'
209
209
  segments:
210
210
  - 0
211
- hash: -1659157987203846410
211
+ hash: 143762494061224916
212
212
  required_rubygems_version: !ruby/object:Gem::Requirement
213
213
  none: false
214
214
  requirements:
@@ -217,7 +217,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
217
217
  version: '0'
218
218
  segments:
219
219
  - 0
220
- hash: -1659157987203846410
220
+ hash: 143762494061224916
221
221
  requirements: []
222
222
  rubyforge_project:
223
223
  rubygems_version: 1.8.24