conjur-api 4.7.1 → 4.7.2

data/lib/conjur-api/version.rb

@@ -20,6 +20,6 @@
 #
 module Conjur
   class API
-    VERSION = "4.7.1"
+    VERSION = "4.7.2"
   end
 end

data/lib/conjur/api/audit.rb

@@ -17,33 +17,57 @@
 # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
 # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'conjur/event_source'
 module Conjur
   class API
+    # Return all events visible to the current authorized role
+    def audit options={}, &block
+      audit_event_feed "", options, &block
+    end
+    
     # Return audit events related to the given role_id.  Identitical to audit_events
     # except that a String may be given instead of a Role object.
     # @param role [String] the role for which events should be returned.
-    def audit_role role, options={}
-      audit_event_feed 'role', (role.roleid rescue role), options
-    end
-    
-    
-    # Return audit events related to the current authenticated role.
-    def audit_current_role options={}
-      audit_event_feed 'role', nil, options
+    def audit_role role, options={}, &block
+      audit_event_feed "roles/#{CGI.escape cast(role, :roleid)}", options, &block
     end
     
     # Return audit events related to the given resource
-    def audit_resource resource, options={}
-      audit_event_feed 'resource', (resource.resourceid rescue resource), options
+    def audit_resource resource, options={}, &block
+      audit_event_feed "resources/#{CGI.escape cast(resource, :resourceid)}", options, &block
     end
     
     private
-    def audit_event_feed kind, identifier=nil, options={}
-      path = "feeds/#{kind}"
-      path << "/#{CGI.escape identifier}" if identifier
-      query = options.slice(:limit, :offset)
-      path << "?#{query.to_param}" unless query.empty?
-      parse_response RestClient::Resource.new(Conjur::Audit::API.host, credentials)[path].get
+    def audit_event_feed path, options={}, &block
+      query = options.slice(:since, :till)
+      path << "?#{query.to_param}" unless query.empty? 
+      if options[:follow]
+        follow_events path, &block
+      else
+        parse_response(RestClient::Resource.new(Conjur::Audit::API.host, credentials)[path].get).tap do |events|
+          block.call(events) if block
+        end
+      end
+    end
+    
+    def follow_events path, &block
+      opts = credentials.dup.tap{|h| h[:headers][:accept] = "text/event-stream"}
+      block_response = lambda do |response|
+        response.error! unless response.code == "200"
+        es = EventSource.new
+        es.message{ |e| block[e.data] }
+        response.read_body do |chunk|
+          es.feed chunk
+        end
+      end
+      url = "#{Conjur::Audit::API.host}/#{path}"
+      RestClient::Request.execute(
+        url: url,
+        headers: opts[:headers],
+        method: :get,
+        block_response: block_response
+      )
     end
     
     def parse_response response

data/lib/conjur/base.rb

@@ -30,12 +30,14 @@ require 'conjur/escape'
 require 'conjur/log'
 require 'conjur/log_source'
 require 'conjur/standard_methods'
+require 'conjur/cast'
 
 module Conjur
   class API
     include Escape
     include LogSource
     include StandardMethods
+    include Cast
     
     class << self
       # Parse a role id into [ account, 'roles', kind, id ]

data/lib/conjur/event_source.rb

@@ -0,0 +1,88 @@
+module Conjur
+  # An EventSource instance is used to parse a stream in the format given by
+  # the Server Sent Events standard: http://www.whatwg.org/specs/web-apps/current-work/#server-sent-events
+  class EventSource
+    class Event < Struct.new(:data, :name, :id);
+    end
+
+    # @!attribute retry [r]
+    #   @return [Fixnum] the last retry field received, or nil if no retry fields 
+    #   have been received.
+    attr_reader :retry
+
+    # @!attribute last_event_id [r]
+    #   @return [String] the id of the last fully received event, or nil if no 
+    #   events have been received containing an id field.
+    attr_reader :last_event_id
+
+    # @!attribute json [rw]
+    #   @return [Boolean] (true) Whether to parse event's data field as JSON.
+    attr_accessor :json
+    alias json? json
+
+    def initialize
+      @json   = true
+      @on     = {}
+      @all    = []
+      @buffer = ""
+    end
+
+    # Feed a chunk of data to the EventSource and dispatch any fully receieved
+    # events.  
+    # @param [String] chunk the data to parse
+    def feed chunk
+      @buffer << chunk
+
+      while i = @buffer.index("\n\n")
+        process_event @buffer.slice!(0..i)
+      end
+    end
+
+    # Adds a listener for :name:
+    def on name, &block
+      (@on[name.to_sym] ||= []) << block
+    end
+
+    # Listens to all messages
+    def message &block
+      @all << block
+    end
+
+    protected
+    def process_event s
+      data, id, name = [], nil, nil
+      s.lines.map(&:chomp).each do |line|
+        field, value = case line
+          when /^:/ then
+            next # comment, do nothing
+          when /^(.*?):(.*)$/ then
+            [$1, $2]
+          else
+            [line, ''] # this is what the spec says, I swear!
+        end
+        # spec allows one optional space after the colon
+        value = value[1..-1] if value.start_with? ' '
+        case field
+          when 'data' then
+            data << value
+          when 'id' then
+            id = value
+          when 'event' then
+            name = value.to_sym
+          when 'retry' then
+            @retry = value.to_i
+        end
+      end
+      @last_event_id = id
+      dispatch_event(data.join("\n"), id, name) unless data.empty?
+    end
+
+    def dispatch_event data, id, name
+      data  = JSON.parse(data) if json?
+      name  = (name || :message).to_sym
+      event = Event.new(data, name, id)
+      ((@on[name] || []) + @all).each { |p| p.call event }
+    end
+
+  end
+end

data/spec/lib/audit_spec.rb

@@ -3,8 +3,8 @@ require 'spec_helper'
 describe Conjur::API, api: :dummy do 
   describe "audit API methods" do
     
-    let(:options){ {limit:20, offset: 51, some_unwanted_option: 'heloo!'} }
-    let(:expected_options){ options.slice(:limit, :offset) }
+    let(:options){ {since:Time.at(0).to_s, till: Time.now.to_s, some_unwanted_option: 'heloo!'} }
+    let(:expected_options){ options.slice(:since, :till) }
     let(:response){ ['some event'] }
     let(:include_options){ false }
     let(:query){ include_options ? '?' + expected_options.to_query : '' }
@@ -22,14 +22,37 @@ describe Conjur::API, api: :dummy do
     end
     
     
+    describe "#audit" do
+      let(:expected_path){ '' }
+      let(:args){ [] }
+      let(:full_args){ include_options ? args + [options] : args }
+      
+      shared_examples_for "gets all visible events" do
+        it "GETs /" do
+          expect_request
+          api.audit(*full_args).should == response
+        end
+      end
+      
+      context "when called without options" do
+        let(:include_options){ false }
+        it_behaves_like "gets all visible events"
+      end
+      
+      context "when called with time options" do
+        let(:include_options){ true }
+        it_behaves_like "gets all visible events"
+      end
+    end
+    
     describe "#audit_role" do
       let(:role_id){ 'acct:user:foobar' }
       let(:role){ double('role', roleid: role_id) }
-      let(:expected_path){ "feeds/role/#{CGI.escape role_id}" }
+      let(:expected_path){ "roles/#{CGI.escape role_id}" }
       let(:args){ [role_id] }
       let(:full_args){ include_options ? args + [options] : args }
       shared_examples_for "gets roles feed" do
-        it "GETs feeds/role/:role_id" do
+        it "GETs roles/:role_id" do
           expect_request
           api.audit_role(*full_args).should == response
         end
@@ -45,39 +68,22 @@ describe Conjur::API, api: :dummy do
         it_behaves_like "gets roles feed"
       end
       
-      context "when called with pagination options" do
+      context "when called with time options" do
         let(:include_options){ true }
         let(:args){ [ role_id ] }
         it_behaves_like  "gets roles feed"
       end
     end
     
-    describe "#audit_current_role" do
-      let(:expected_path){ "feeds/role" }
-      let(:args){ include_options ? [options] : [] }
-      shared_examples_for "gets current role feed" do
-        it "GETS feeds/role" do
-          expect_request
-          api.audit_current_role(*args).should == response
-        end
-      end
-      context "when called with no args" do 
-        it_behaves_like "gets current role feed"
-      end
-      context "when called with pagination options" do
-        let(:include_options){ true }
-        it_behaves_like "gets current role feed"
-      end
-    end
     
     describe "#audit_resource" do
       let(:resource_id){ 'acct:food:bacon' }
       let(:resource){ double('resource', resourceid: resource_id) }
-      let(:expected_path){ "feeds/resource/#{CGI.escape resource_id}" }
+      let(:expected_path){ "resources/#{CGI.escape resource_id}" }
       let(:args){[resource_id]}
       let(:full_args){ include_options ? args + [options] : args }
       shared_examples_for "gets the resource feed" do
-        it "GETS feeds/resource/:resource_id" do
+        it "GETS resources/:resource_id" do
           expect_request
           api.audit_resource(*full_args).should == response
         end
@@ -93,7 +99,7 @@ describe Conjur::API, api: :dummy do
         it_behaves_like "gets the resource feed"
       end
       
-      context "when called with pagination options" do
+      context "when called with time options" do
         let(:include_options) { true }
         it_behaves_like "gets the resource feed"
       end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-api
 version: !ruby/object:Gem::Version
-  version: 4.7.1
+  version: 4.7.2
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-03-14 00:00:00.000000000 Z
+date: 2014-03-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -237,6 +237,7 @@ files:
 - lib/conjur/deputy.rb
 - lib/conjur/env.rb
 - lib/conjur/escape.rb
+- lib/conjur/event_source.rb
 - lib/conjur/exists.rb
 - lib/conjur/group.rb
 - lib/conjur/has_attributes.rb
@@ -306,7 +307,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 1666526476905320839
+      hash: -3076546680650394555
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.25