conjur-api 4.29.0 → 4.29.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/lib/conjur-api/version.rb +1 -1
- data/lib/conjur/api/audit.rb +3 -1
- data/lib/conjur/resource.rb +2 -1
- data/spec/lib/audit_spec.rb +5 -5
- data/spec/lib/resource_spec.rb +11 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3501dba172c6c99ebdc99ad7fef80634e39cf2c3
|
|
4
|
+
data.tar.gz: 620f5813442acedbcd510ac2756bd5a6e8d700a8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a090764853263323c9d21afcde4069a9481aabb1dcd668c2407f0a8e349cf50439e6dd80924b51a86e35cf6dbc951ee93baa9e03524164452b95600955914c28
|
|
7
|
+
data.tar.gz: a6bb48a6b4fe8b4a505a847f7915904d00ddcd4e86a13e7b5dcd059ae269ef5dd82d565bb20431babc2d48992ded7227e85bb9381dbb355473edc5283340da01
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,11 @@
|
|
|
1
|
+
# v4.29.2
|
|
2
|
+
|
|
3
|
+
* `Conjur::API#resources` now supports `:owner` to retrieve all resources owned (directly or indirectly) by the indicated role. This capability has always been provided by the service, but was not exposed by the Ruby API.
|
|
4
|
+
|
|
5
|
+
# v4.29.1
|
|
6
|
+
|
|
7
|
+
* `Conjur::API#audit` now supports `:has_annotation` to retrieve audit events for resources annotated with the given name.
|
|
8
|
+
|
|
1
9
|
# v4.29.0
|
|
2
10
|
|
|
3
11
|
* Add `Conjur::API#new_from_token_file` to create an API instance from a file which contains an access token, which should be periodically updated by another process.
|
data/lib/conjur-api/version.rb
CHANGED
data/lib/conjur/api/audit.rb
CHANGED
|
@@ -33,6 +33,7 @@ module Conjur
|
|
|
33
33
|
# @param options [Hash]
|
|
34
34
|
# @option options [Time, nil] :till only show events before this time
|
|
35
35
|
# @option options [Time, nil] :since only show events after this time
|
|
36
|
+
# @option options [String, nil] :has_annotation only show events for resources with an annotation with this name
|
|
36
37
|
# @option options [Boolean] :follow block the current thread and call `block` with `Array` of
|
|
37
38
|
# audit events as the occur.
|
|
38
39
|
#
|
|
@@ -74,6 +75,7 @@ module Conjur
|
|
|
74
75
|
# @param options [Hash]
|
|
75
76
|
# @option options [Time, nil] :till only show events before this time
|
|
76
77
|
# @option options [Time, nil] :since only show events after this time
|
|
78
|
+
# @option options [String, nil] :has_annotation only show events for resources with an annotation with this name
|
|
77
79
|
# @option options [Boolean] :follow block the current thread and call `block` with `Array` of
|
|
78
80
|
# audit events as the occur.
|
|
79
81
|
#
|
|
@@ -99,7 +101,7 @@ module Conjur
|
|
|
99
101
|
|
|
100
102
|
private
|
|
101
103
|
def audit_event_feed path, options={}, &block
|
|
102
|
-
query = options.slice(:since, :till)
|
|
104
|
+
query = options.slice(:since, :till, :has_annotation)
|
|
103
105
|
path << "?#{query.to_param}" unless query.empty?
|
|
104
106
|
if options[:follow]
|
|
105
107
|
follow_events path, &block
|
data/lib/conjur/resource.rb
CHANGED
|
@@ -270,6 +270,7 @@ module Conjur
|
|
|
270
270
|
# - host - authz url,
|
|
271
271
|
# - credentials,
|
|
272
272
|
# - account,
|
|
273
|
+
# - owner (optional),
|
|
273
274
|
# - kind (optional),
|
|
274
275
|
# - search (optional),
|
|
275
276
|
# - limit (optional),
|
|
@@ -282,7 +283,7 @@ module Conjur
|
|
|
282
283
|
|
|
283
284
|
path = "#{account}/resources"
|
|
284
285
|
path += "/#{kind}" if kind
|
|
285
|
-
query = opts.slice(:acting_as, :limit, :offset, :search, :has_annotation)
|
|
286
|
+
query = opts.slice(:owner, :acting_as, :limit, :offset, :search, :has_annotation)
|
|
286
287
|
path += "?#{query.to_query}" unless query.empty?
|
|
287
288
|
resource = RestClient::Resource.new(host, credentials)[path]
|
|
288
289
|
|
data/spec/lib/audit_spec.rb
CHANGED
|
@@ -3,8 +3,8 @@ require 'spec_helper'
|
|
|
3
3
|
describe Conjur::API, api: :dummy do
|
|
4
4
|
describe "audit API methods" do
|
|
5
5
|
|
|
6
|
-
let(:options){ {since:Time.at(0).to_s, till: Time.now.to_s, some_unwanted_option: 'heloo!'} }
|
|
7
|
-
let(:expected_options){ options.slice(:since, :till) }
|
|
6
|
+
let(:options){ {since:Time.at(0).to_s, till: Time.now.to_s, :has_annotation => 'puppet', some_unwanted_option: 'heloo!'} }
|
|
7
|
+
let(:expected_options){ options.slice(:since, :till, :has_annotation) }
|
|
8
8
|
let(:response){ ['some event'] }
|
|
9
9
|
let(:include_options){ false }
|
|
10
10
|
let(:query){ include_options ? '?' + expected_options.to_query : '' }
|
|
@@ -37,7 +37,7 @@ describe Conjur::API, api: :dummy do
|
|
|
37
37
|
it_behaves_like "gets all visible events"
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
context "when called with
|
|
40
|
+
context "when called with all options" do
|
|
41
41
|
let(:include_options){ true }
|
|
42
42
|
it_behaves_like "gets all visible events"
|
|
43
43
|
end
|
|
@@ -66,7 +66,7 @@ describe Conjur::API, api: :dummy do
|
|
|
66
66
|
it_behaves_like "gets roles feed"
|
|
67
67
|
end
|
|
68
68
|
|
|
69
|
-
context "when called with
|
|
69
|
+
context "when called with all options" do
|
|
70
70
|
let(:include_options){ true }
|
|
71
71
|
let(:args){ [ role_id ] }
|
|
72
72
|
it_behaves_like "gets roles feed"
|
|
@@ -97,7 +97,7 @@ describe Conjur::API, api: :dummy do
|
|
|
97
97
|
it_behaves_like "gets the resource feed"
|
|
98
98
|
end
|
|
99
99
|
|
|
100
|
-
context "when called with
|
|
100
|
+
context "when called with all options" do
|
|
101
101
|
let(:include_options) { true }
|
|
102
102
|
it_behaves_like "gets the resource feed"
|
|
103
103
|
end
|
data/spec/lib/resource_spec.rb
CHANGED
|
@@ -162,6 +162,17 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
|
|
|
162
162
|
expect(Conjur::Resource.all host: authz_host, account: account).to eql(%w(foo bar))
|
|
163
163
|
end
|
|
164
164
|
|
|
165
|
+
it "can filter by owner" do
|
|
166
|
+
expect_request(
|
|
167
|
+
method: :get,
|
|
168
|
+
url: "http://authz.example.com/the-account/resources/chunky?owner=alice",
|
|
169
|
+
headers: {}
|
|
170
|
+
).and_return '["foo", "bar"]'
|
|
171
|
+
|
|
172
|
+
expect(Conjur::Resource.all host: authz_host, account: account, kind: :chunky, owner: 'alice')
|
|
173
|
+
.to eql(%w(foo bar))
|
|
174
|
+
end
|
|
175
|
+
|
|
165
176
|
it "can filter by kind" do
|
|
166
177
|
expect_request(
|
|
167
178
|
method: :get,
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: conjur-api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.29.
|
|
4
|
+
version: 4.29.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rafal Rzepecki
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2017-02-
|
|
12
|
+
date: 2017-02-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rest-client
|