conjur-api 2.4.0 → 2.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. data/.gitignore +2 -0
  2. data/LICENSE +1 -1
  3. data/Rakefile +3 -1
  4. data/conjur-api.gemspec +3 -1
  5. data/lib/conjur-api/version.rb +1 -1
  6. data/lib/conjur/has_id.rb +1 -1
  7. data/lib/conjur/log.rb +6 -26
  8. data/lib/conjur/resource.rb +10 -1
  9. data/manual/asset/about.markdown +12 -0
  10. data/manual/asset/members.add.markdown +52 -0
  11. data/manual/asset/show.markdown +50 -0
  12. data/manual/group/about.markdown +6 -0
  13. data/manual/group/create.markdown +20 -0
  14. data/manual/host/about.markdown +23 -0
  15. data/manual/host/create.markdown +34 -0
  16. data/manual/host/enroll.markdown +21 -0
  17. data/manual/resource/about.markdown +11 -0
  18. data/manual/resource/create.markdown +29 -0
  19. data/manual/resource/deny.markdown +23 -0
  20. data/manual/resource/permit.markdown +35 -0
  21. data/manual/role/about.markdown +10 -0
  22. data/manual/role/members.markdown +40 -0
  23. data/manual/role/memberships.markdown +26 -0
  24. data/spec/api/authn_spec.rb +49 -0
  25. data/spec/api/groups_spec.rb +24 -0
  26. data/spec/api/hosts_spec.rb +29 -0
  27. data/spec/api/resources_spec.rb +19 -0
  28. data/spec/api/secrets_spec.rb +16 -0
  29. data/spec/api/users_spec.rb +16 -0
  30. data/spec/api/variables_spec.rb +14 -0
  31. data/spec/cas_rest_client.rb +17 -0
  32. data/spec/io_helper.rb +18 -0
  33. data/spec/lib/build_from_response_spec.rb +49 -0
  34. data/spec/lib/host_spec.rb +12 -8
  35. data/spec/lib/log_source_spec.rb +13 -0
  36. data/spec/lib/log_spec.rb +42 -0
  37. data/spec/lib/resource_spec.rb +98 -5
  38. data/spec/lib/role_grant_spec.rb +12 -0
  39. data/spec/lib/role_spec.rb +83 -3
  40. data/spec/lib/standard_methods_spec.rb +66 -0
  41. data/spec/lib/user_spec.rb +2 -1
  42. data/spec/spec_helper.rb +27 -0
  43. data/spec/standard_methods_helper.rb +30 -0
  44. data/spec/variable_spec.rb +41 -0
  45. metadata +71 -8
  46. data/.rvmrc +0 -1
@@ -0,0 +1,12 @@
1
+ require 'spec_helper'
2
+
3
+ describe Conjur::RoleGrant, api: :dummy do
4
+ describe '::parse_from_json' do
5
+ it "creates member and grantor roles" do
6
+ rg = Conjur::RoleGrant::parse_from_json({member: 'acc:k:r', grantor: 'acc:k:g', admin_option: true}.stringify_keys, {})
7
+ rg.member.url.should == "#{authz_host}/acc/roles/k/r"
8
+ rg.grantor.url.should == "#{authz_host}/acc/roles/k/g"
9
+ rg.admin_option.should == true
10
+ end
11
+ end
12
+ end
@@ -1,15 +1,16 @@
1
1
  require 'spec_helper'
2
2
 
3
- describe Conjur::Role do
3
+ describe Conjur::Role, api: :dummy do
4
4
  let(:account) { "the-account" }
5
5
  let(:kind) { "test" }
6
- let(:role) { Conjur::API.new_from_token({ 'data' => 'the-login' }).role([ account, kind, id ].join(":")) }
6
+ let(:url) { "#{authz_host}/#{account}/roles/#{kind}/#{id}" }
7
+ let(:role) { Conjur::Role.new url }
7
8
  subject { role }
8
9
 
9
10
  describe ".new" do
10
11
  context "with plain id" do
11
12
  let(:id) { "foo" }
12
- its(:options) { should == {:headers=>{:authorization=>"Token token=\"eyJkYXRhIjoidGhlLWxvZ2luIn0=\""}, :username=>'the-login'} }
13
+ its(:options) {}
13
14
  its(:kind) { should == kind }
14
15
  its(:id) { should == id }
15
16
  end
@@ -54,4 +55,83 @@ describe Conjur::Role do
54
55
  end
55
56
  end
56
57
  end
58
+
59
+ describe '#create' do
60
+ it 'simply puts' do
61
+ RestClient::Request.should_receive(:execute).with(
62
+ method: :put,
63
+ url: url,
64
+ payload: {},
65
+ headers: {}
66
+ )
67
+ role.create
68
+ end
69
+ end
70
+
71
+ describe '#all' do
72
+ it 'returns roles for ids got from ?all' do
73
+ roles = [{'account' => 'foo', 'id' => 'k:bar'}, {'account' => 'baz', 'id' => 'k:xyzzy'}]
74
+ RestClient::Request.should_receive(:execute).with(
75
+ method: :get,
76
+ url: role.url + "/?all",
77
+ headers: {}
78
+ ).and_return roles.to_json
79
+ all = role.all
80
+ all[0].account.should == 'foo'
81
+ all[0].id.should == 'bar'
82
+ all[1].account.should == 'baz'
83
+ all[1].id.should == 'xyzzy'
84
+ end
85
+ end
86
+
87
+ describe '#revoke_from' do
88
+ it 'deletes member' do
89
+ RestClient::Request.should_receive(:execute).with(
90
+ method: :delete,
91
+ url: role.url + "/?members&member=the-member",
92
+ headers: {}
93
+ )
94
+ role.revoke_from 'the-member'
95
+ end
96
+ end
97
+
98
+ describe '#permitted?' do
99
+ before do
100
+ RestClient::Request.stub(:execute).with(
101
+ method: :get,
102
+ url: role.url + "/?check&resource_kind=chunky&resource_id=bacon&privilege=fry",
103
+ headers: {}
104
+ ) { result }
105
+ end
106
+
107
+ context "when get ?check is successful" do
108
+ let(:result) { :ok }
109
+ it "returns true" do
110
+ role.permitted?('chunky', 'bacon', 'fry').should be_true
111
+ end
112
+ end
113
+
114
+ context "when get ?check not found" do
115
+ let(:result) { raise RestClient::ResourceNotFound, 'foo' }
116
+ it "returns false" do
117
+ role.permitted?('chunky', 'bacon', 'fry').should be_false
118
+ end
119
+ end
120
+ end
121
+
122
+ describe '#members' do
123
+ it "gets ?members and turns each into RoleGrant" do
124
+ grants = %w(foo bar)
125
+ RestClient::Request.should_receive(:execute).with(
126
+ method: :get,
127
+ url: role.url + "/?members",
128
+ headers: {}
129
+ ).and_return grants.to_json
130
+ grants.each do |g|
131
+ Conjur::RoleGrant.should_receive(:parse_from_json).with(g, {}).and_return g
132
+ end
133
+
134
+ subject.members.should == grants
135
+ end
136
+ end
57
137
  end
@@ -0,0 +1,66 @@
1
+ require 'spec_helper'
2
+
3
+ describe Conjur::StandardMethods do
4
+ let(:credentials) { "whatever" }
5
+ subject { double("class", credentials: credentials, log: nil) }
6
+ let(:host) { 'http://example.com' }
7
+ let(:type) { :widget }
8
+
9
+ let(:rest_resource) { double "rest base resource" }
10
+ let(:subresource) { double "rest subresource" }
11
+
12
+ let(:widget_class) { double "widget class" }
13
+
14
+ before do
15
+ subject.extend Conjur::StandardMethods
16
+ subject.stub(:fully_escape){|x|x}
17
+ RestClient::Resource.stub(:new).with(host, credentials).and_return rest_resource
18
+ rest_resource.stub(:[]).with('widgets').and_return subresource
19
+ stub_const 'Conjur::Widget', widget_class
20
+ end
21
+
22
+ describe '#standard_create' do
23
+ let(:id) { "some-id" }
24
+ let(:options) {{ foo: 'bar', baz: 'xyzzy' }}
25
+
26
+ let(:response) { double "response" }
27
+ let(:widget) { double "widget" }
28
+
29
+ before do
30
+ subresource.stub(:post).with(options.merge(id: id)).and_return response
31
+ widget_class.stub(:build_from_response).with(response, credentials).and_return widget
32
+ end
33
+
34
+ it "uses restclient to post data and creates an object of the response" do
35
+ subject.send(:standard_create, host, type, id, options).should == widget
36
+ end
37
+ end
38
+
39
+ describe '#standard_list' do
40
+ let(:attrs) {[{id: 'one', foo: 'bar'}, {id: 'two', foo: 'pub'}]}
41
+ let(:options) {{ foo: 'bar', baz: 'xyzzy' }}
42
+ let(:json) { attrs.to_json }
43
+
44
+ before do
45
+ subresource.stub(:get).with(options).and_return json
46
+ end
47
+
48
+ it "gets the list, then builds objects from json response" do
49
+ subject.should_receive(:widget).with('one').and_return(one = double)
50
+ one.should_receive(:attributes=).with(attrs[0].stringify_keys)
51
+ subject.should_receive(:widget).with('two').and_return(two = double)
52
+ two.should_receive(:attributes=).with(attrs[1].stringify_keys)
53
+
54
+ subject.send(:standard_list, host, type, options).should == [one, two]
55
+ end
56
+ end
57
+
58
+ describe "#standard_show" do
59
+ let(:id) { "some-id" }
60
+ it "builds a path and returns indexed object" do
61
+ widget_class.stub(:new).with(host, credentials).and_return(bound = double)
62
+ bound.stub(:[]) { |x| "path: #{x}" }
63
+ subject.send(:standard_show, host, type, id).should == "path: widgets/some-id"
64
+ end
65
+ end
66
+ end
@@ -3,9 +3,10 @@ require 'spec_helper'
3
3
  describe Conjur::User do
4
4
  context "#new" do
5
5
  let(:login) { 'the-login' }
6
+ let(:url) { "https://example.com/users/#{login}" }
6
7
  let(:api_key) { 'the-api-key' }
7
8
  let(:credentials) { { user: login, password: api_key } }
8
- let(:user) { Conjur::User.new(login, credentials)}
9
+ let(:user) { Conjur::User.new(url, credentials)}
9
10
  describe "attributes" do
10
11
  subject { user }
11
12
  its(:id) { should == login }
data/spec/spec_helper.rb CHANGED
@@ -1,3 +1,8 @@
1
+ require 'simplecov'
2
+ SimpleCov.start do
3
+ add_filter "/spec/"
4
+ end
5
+
1
6
  require 'rubygems'
2
7
  $:.unshift File.join(File.dirname(__FILE__), "..", "lib")
3
8
  $:.unshift File.join(File.dirname(__FILE__), "lib")
@@ -76,3 +81,25 @@ shared_examples_for "http response" do
76
81
  end
77
82
 
78
83
  require 'conjur/api'
84
+
85
+ shared_context api: :dummy do
86
+ let(:username) { "user" }
87
+ let(:api){ Conjur::API.new_from_key username, 'key' }
88
+ let(:authz_host) { 'http://authz.example.com' }
89
+ let(:credentials) { double "fake credentials" }
90
+ let(:core_host) { 'http://core.example.com' }
91
+ let(:account) { 'the-account' }
92
+
93
+ before do
94
+ Conjur::Authz::API.stub host: authz_host
95
+ Conjur::Core::API.stub host: core_host
96
+ Conjur::Core::API.stub conjur_account: account
97
+ api.stub credentials: credentials
98
+ end
99
+ end
100
+
101
+ shared_context logging: :temp do
102
+ let(:logfile) { Tempfile.new("log") }
103
+ before { Conjur.log = logfile.path }
104
+ let(:log) { logfile.read }
105
+ end
@@ -0,0 +1,30 @@
1
+ shared_context api: :dummy do
2
+ subject { api }
3
+ end
4
+
5
+ shared_examples_for 'standard_create with' do |type, id, options|
6
+ it "calls through to standard_create" do
7
+ subject.should_receive(:standard_create).with(
8
+ core_host, type, id, options
9
+ ).and_return :response
10
+ invoke.should == :response
11
+ end
12
+ end
13
+
14
+ shared_examples_for 'standard_list with' do |type, options|
15
+ it "calls through to standard_list" do
16
+ subject.should_receive(:standard_list).with(
17
+ core_host, type, options
18
+ ).and_return :response
19
+ invoke.should == :response
20
+ end
21
+ end
22
+
23
+ shared_examples_for 'standard_show with' do |type, id|
24
+ it "calls through to standard_show" do
25
+ subject.should_receive(:standard_show).with(
26
+ core_host, type, id
27
+ ).and_return :response
28
+ invoke.should == :response
29
+ end
30
+ end
@@ -0,0 +1,41 @@
1
+ require 'spec_helper'
2
+
3
+ describe Conjur::Variable do
4
+ let(:url) { "http://example.com/variable" }
5
+ subject { Conjur::Variable.new url }
6
+
7
+ before { subject.attributes = {'versions' => 42} }
8
+ its(:version_count) { should == 42}
9
+
10
+ describe '#add_value' do
11
+ it "posts the new value" do
12
+ RestClient::Request.should_receive(:execute).with(
13
+ method: :post,
14
+ url: "#{url}/values",
15
+ payload: { value: 'new-value' },
16
+ headers: {}
17
+ )
18
+ subject.add_value 'new-value'
19
+ end
20
+ end
21
+
22
+ describe '#value' do
23
+ it "gets the value" do
24
+ RestClient::Request.stub(:execute).with(
25
+ method: :get,
26
+ url: "#{url}/value",
27
+ headers: {}
28
+ ).and_return(double "response", body: "the-value")
29
+ subject.value.should == "the-value"
30
+ end
31
+
32
+ it "parametrizes the request with a version" do
33
+ RestClient::Request.stub(:execute).with(
34
+ method: :get,
35
+ url: "#{url}/value?version=42",
36
+ headers: {}
37
+ ).and_return(double "response", body: "the-value")
38
+ subject.value(42).should == "the-value"
39
+ end
40
+ end
41
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-api
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.4.0
4
+ version: 2.5.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2013-06-05 00:00:00.000000000 Z
13
+ date: 2013-07-26 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: rest-client
@@ -124,10 +124,26 @@ dependencies:
124
124
  - - ! '>='
125
125
  - !ruby/object:Gem::Version
126
126
  version: '0'
127
+ - !ruby/object:Gem::Dependency
128
+ name: simplecov
129
+ requirement: !ruby/object:Gem::Requirement
130
+ none: false
131
+ requirements:
132
+ - - ! '>='
133
+ - !ruby/object:Gem::Version
134
+ version: '0'
135
+ type: :development
136
+ prerelease: false
137
+ version_requirements: !ruby/object:Gem::Requirement
138
+ none: false
139
+ requirements:
140
+ - - ! '>='
141
+ - !ruby/object:Gem::Version
142
+ version: '0'
127
143
  description: Conjur API
128
144
  email:
129
145
  - divided.mind@gmail.com
130
- - kevin.gilpin@inscitiv.com
146
+ - kgilpin@conjur.net
131
147
  executables: []
132
148
  extensions: []
133
149
  extra_rdoc_files: []
@@ -136,7 +152,6 @@ files:
136
152
  - .kateproject
137
153
  - .project
138
154
  - .rspec
139
- - .rvmrc
140
155
  - Gemfile
141
156
  - LICENSE
142
157
  - README.md
@@ -184,18 +199,50 @@ files:
184
199
  - lib/conjur/standard_methods.rb
185
200
  - lib/conjur/user.rb
186
201
  - lib/conjur/variable.rb
202
+ - manual/asset/about.markdown
203
+ - manual/asset/members.add.markdown
204
+ - manual/asset/show.markdown
205
+ - manual/group/about.markdown
206
+ - manual/group/create.markdown
207
+ - manual/host/about.markdown
208
+ - manual/host/create.markdown
209
+ - manual/host/enroll.markdown
210
+ - manual/resource/about.markdown
211
+ - manual/resource/create.markdown
212
+ - manual/resource/deny.markdown
213
+ - manual/resource/permit.markdown
214
+ - manual/role/about.markdown
215
+ - manual/role/members.markdown
216
+ - manual/role/memberships.markdown
217
+ - spec/api/authn_spec.rb
218
+ - spec/api/groups_spec.rb
219
+ - spec/api/hosts_spec.rb
220
+ - spec/api/resources_spec.rb
221
+ - spec/api/secrets_spec.rb
222
+ - spec/api/users_spec.rb
223
+ - spec/api/variables_spec.rb
224
+ - spec/cas_rest_client.rb
225
+ - spec/io_helper.rb
187
226
  - spec/lib/api_spec.rb
227
+ - spec/lib/build_from_response_spec.rb
188
228
  - spec/lib/exists_spec.rb
189
229
  - spec/lib/host_spec.rb
230
+ - spec/lib/log_source_spec.rb
231
+ - spec/lib/log_spec.rb
190
232
  - spec/lib/resource_spec.rb
233
+ - spec/lib/role_grant_spec.rb
191
234
  - spec/lib/role_spec.rb
235
+ - spec/lib/standard_methods_spec.rb
192
236
  - spec/lib/user_spec.rb
193
237
  - spec/spec_helper.rb
238
+ - spec/standard_methods_helper.rb
239
+ - spec/variable_spec.rb
194
240
  - spec/vcr_cassettes/Conjur_Resource/_create/with_path-like_identifier.yml
195
241
  - spec/vcr_cassettes/Conjur_Resource/_create/with_un-encoded_path-like_identifier.yml
196
242
  - spec/vcr_cassettes/Conjur_Resource/_create/with_uuid_identifier.yml
197
243
  homepage: ''
198
- licenses: []
244
+ licenses:
245
+ - MIT
199
246
  post_install_message:
200
247
  rdoc_options: []
201
248
  require_paths:
@@ -208,7 +255,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
208
255
  version: '0'
209
256
  segments:
210
257
  - 0
211
- hash: 143762494061224916
258
+ hash: -863653852387038484
212
259
  required_rubygems_version: !ruby/object:Gem::Requirement
213
260
  none: false
214
261
  requirements:
@@ -217,10 +264,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
217
264
  version: '0'
218
265
  segments:
219
266
  - 0
220
- hash: 143762494061224916
267
+ hash: -863653852387038484
221
268
  requirements: []
222
269
  rubyforge_project:
223
- rubygems_version: 1.8.24
270
+ rubygems_version: 1.8.25
224
271
  signing_key:
225
272
  specification_version: 3
226
273
  summary: Conjur API
@@ -229,13 +276,29 @@ test_files:
229
276
  - features/login.feature
230
277
  - features/ping_as_server.feature
231
278
  - features/ping_as_user.feature
279
+ - spec/api/authn_spec.rb
280
+ - spec/api/groups_spec.rb
281
+ - spec/api/hosts_spec.rb
282
+ - spec/api/resources_spec.rb
283
+ - spec/api/secrets_spec.rb
284
+ - spec/api/users_spec.rb
285
+ - spec/api/variables_spec.rb
286
+ - spec/cas_rest_client.rb
287
+ - spec/io_helper.rb
232
288
  - spec/lib/api_spec.rb
289
+ - spec/lib/build_from_response_spec.rb
233
290
  - spec/lib/exists_spec.rb
234
291
  - spec/lib/host_spec.rb
292
+ - spec/lib/log_source_spec.rb
293
+ - spec/lib/log_spec.rb
235
294
  - spec/lib/resource_spec.rb
295
+ - spec/lib/role_grant_spec.rb
236
296
  - spec/lib/role_spec.rb
297
+ - spec/lib/standard_methods_spec.rb
237
298
  - spec/lib/user_spec.rb
238
299
  - spec/spec_helper.rb
300
+ - spec/standard_methods_helper.rb
301
+ - spec/variable_spec.rb
239
302
  - spec/vcr_cassettes/Conjur_Resource/_create/with_path-like_identifier.yml
240
303
  - spec/vcr_cassettes/Conjur_Resource/_create/with_un-encoded_path-like_identifier.yml
241
304
  - spec/vcr_cassettes/Conjur_Resource/_create/with_uuid_identifier.yml