conjur-api 4.9.1 → 4.9.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +9 -8
  3. data/lib/conjur-api/version.rb +1 -1
  4. data/lib/conjur/configuration.rb +11 -2
  5. data/lib/conjur/exists.rb +0 -6
  6. data/lib/conjur/resource.rb +13 -1
  7. data/spec/lib/exists_spec.rb +3 -1
  8. data/spec/lib/resource_spec.rb +54 -0
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 05d952363d80aa2180905c6b41fc2c7eb603538d
4
- data.tar.gz: 8ed90479978bec0f925c366ec7e5a5b6709ec834
3
+ metadata.gz: 40b8b3e33ac15bc66d3663948bb3d7da081615d6
4
+ data.tar.gz: 1c79f61e8e87c94089cd9439833e1b118fc68e68
5
5
  SHA512:
6
- metadata.gz: 6767b1f5ed0d478520ac98553a7d1fb8ddf111cd4de12d24f70489d48addb403520e960501a7ea61b3463f045d296cd507f6ef3c87087860a00b805ee49e95f9
7
- data.tar.gz: a7dae6329da4acd092fa408feb71b79b3b169ac7c2da189173bc837e5133ae7dd8adad71dabf288ebb063f7628a9607a5afaf1b30c0abba4bd5f2a58b917b65a
6
+ metadata.gz: 1e2b831d564b9cf0f9df2f55bfcd50a138b0c607a513de45e2974b9f6ed4ee9637a7ae3c4e5c6b6024d1445ec8bcddd1741d646b1d8dacc078838935be9c3ca3
7
+ data.tar.gz: 2d400fc3541fd4235bfb445a66a6112cfff95c5e962a6ca21de94ec68a824b8e1d4823cd7f88b71a3921163fd44c14d9dcfa004e4b02986531ceff9d819c30a4
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # Conjur::API
2
2
 
3
- TODO: Write a gem description
3
+ Programmatic Ruby access to the Conjur API.
4
4
 
5
5
  ## Installation
6
6
 
@@ -18,17 +18,18 @@ Or install it yourself as:
18
18
 
19
19
  ## Usage
20
20
 
21
- Default service ports:
22
- - authn: 5000,
23
- - authz: 5100.
21
+ To instantiate the API, using configuration stored stored in `~/.conjurrc`:
24
22
 
25
23
  ```ruby
26
- ENV['CONJUR_ACCOUNT'] = 'account'
27
- conjur = Conjur::API.new_from_key 'admin', 'vJfQbiieBcv4SlxTZ7ULznc1zHZ4z+0sx5to3hLOic0='
28
- some_user = conjur.user 'foo'
29
-
24
+ require 'conjur/cli'
25
+ Conjur::Config.load
26
+ conjur = Conjur::API.new_from_key username, api_key
30
27
  ```
31
28
 
29
+ You can find the username and api_key in ~/.netrc after you've logged in.
30
+
31
+ Fancier/different init scenarios are possible but this should be a good start!
32
+
32
33
  ## Contributing
33
34
 
34
35
  1. Fork it
data/lib/conjur-api/version.rb CHANGED
@@ -20,6 +20,6 @@
20
20
  #
21
21
  module Conjur
22
22
  class API
23
- VERSION = "4.9.1"
23
+ VERSION = "4.9.2"
24
24
  end
25
25
  end
data/lib/conjur/configuration.rb CHANGED
@@ -75,6 +75,10 @@ module Conjur
75
75
  define_method("#{name}=") do |value|
76
76
  set name, value
77
77
  end
78
+
79
+ define_method("#{name}_env_var") do
80
+ allow_env ? env_var : nil
81
+ end
78
82
 
79
83
  define_method(name) do
80
84
  if supplied.member?(name)
@@ -142,7 +146,7 @@ module Conjur
142
146
  when 'test', 'development', 'appliance'
143
147
  "http://localhost:#{service_base_port + service_port_offset}"
144
148
  else
145
- "https://#{service_name}-#{stack}-conjur.herokuapp.com"
149
+ "https://#{herokuize service_name}-#{stack}-conjur.herokuapp.com"
146
150
  end
147
151
  end
148
152
  end
@@ -155,7 +159,7 @@ module Conjur
155
159
  when 'test', 'development', 'appliance'
156
160
  "http://localhost:#{service_base_port + service_port_offset}"
157
161
  else
158
- "https://#{service_name}-#{account}-conjur.herokuapp.com"
162
+ "https://#{herokuize service_name}-#{account}-conjur.herokuapp.com"
159
163
  end
160
164
  end
161
165
  end
@@ -168,6 +172,11 @@ module Conjur
168
172
  end
169
173
  end
170
174
 
175
+ # Heroku: Name must start with a letter and can only contain lowercase letters, numbers, and dashes.
176
+ def herokuize name
177
+ name.downcase.gsub(/[^a-z0-9\-]/, '-')
178
+ end
179
+
171
180
  def supplied
172
181
  @supplied ||= {}
173
182
  end
data/lib/conjur/exists.rb CHANGED
@@ -24,12 +24,6 @@ module Conjur
24
24
  begin
25
25
  self.head(options)
26
26
  true
27
- rescue RestClient::Forbidden
28
- # rationale is: exists? should return true iff creating a resource with
29
- # the same name would fail (not by client's fault). Why it would fail
30
- # doesn't matter that much.
31
- # (Plus, currently it always 403s when the resource exists but is unaccessible.)
32
- true
33
27
  rescue RestClient::ResourceNotFound
34
28
  false
35
29
  end
data/lib/conjur/resource.rb CHANGED
@@ -22,7 +22,6 @@ require 'conjur/annotations'
22
22
 
23
23
  module Conjur
24
24
  class Resource < RestClient::Resource
25
- include Exists
26
25
  include HasAttributes
27
26
  include PathBased
28
27
 
@@ -52,6 +51,17 @@ module Conjur
52
51
  end
53
52
  self.put(options)
54
53
  end
54
+
55
+ def exists?(options = {})
56
+ begin
57
+ self.head(options)
58
+ true
59
+ rescue RestClient::Forbidden
60
+ true
61
+ rescue RestClient::ResourceNotFound
62
+ false
63
+ end
64
+ end
55
65
 
56
66
  # Lists roles that have a specified permission on the resource.
57
67
  def permitted_roles(permission, options = {})
@@ -116,6 +126,8 @@ module Conjur
116
126
  params[:acting_as] = options[:acting_as] if options[:acting_as]
117
127
  self["?#{params.to_query}"].get(options)
118
128
  true
129
+ rescue RestClient::Forbidden
130
+ false
119
131
  rescue RestClient::ResourceNotFound
120
132
  false
121
133
  end
data/spec/lib/exists_spec.rb CHANGED
@@ -10,7 +10,9 @@ describe Conjur::Exists do
10
10
 
11
11
  context "when forbidden" do
12
12
  before { subject.stub(:head) { raise RestClient::Forbidden }}
13
- its(:exists?) { should be_true }
13
+ it "propagates the error" do
14
+ lambda { subject.exists? }.should raise_error(RestClient::Forbidden)
15
+ end
14
16
  end
15
17
 
16
18
  context "when not found" do
data/spec/lib/resource_spec.rb CHANGED
@@ -74,6 +74,36 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
74
74
  end
75
75
  end
76
76
 
77
+ describe "#exists" do
78
+ let(:uri) { "#{authz_host}/some-account/resources/the-kind/resource-id" }
79
+ it "sends HEAD /<resource>" do
80
+ RestClient::Request.should_receive(:execute).with(
81
+ method: :head,
82
+ url: uri,
83
+ headers: {}
84
+ )
85
+ subject.exists?
86
+ end
87
+ context "with status 204" do
88
+ before {
89
+ subject.stub(:head)
90
+ }
91
+ its(:exists?) { should be_true }
92
+ end
93
+ context "with status 404" do
94
+ before {
95
+ subject.stub(:head) { raise RestClient::ResourceNotFound }
96
+ }
97
+ its(:exists?) { should be_false }
98
+ end
99
+ context "with status 403" do
100
+ before {
101
+ subject.stub(:head) { raise RestClient::Forbidden }
102
+ }
103
+ its(:exists?) { should be_true }
104
+ end
105
+ end
106
+
77
107
  describe '#delete' do
78
108
  it 'simply deletes' do
79
109
  RestClient::Request.should_receive(:execute).with(
@@ -125,6 +155,30 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
125
155
  )
126
156
  subject.permitted? 'fry'
127
157
  end
158
+ context "with status 204" do
159
+ before {
160
+ subject.stub_chain(:[], :get)
161
+ }
162
+ specify {
163
+ subject.permitted?('fry').should be_true
164
+ }
165
+ end
166
+ context "with status 404" do
167
+ before {
168
+ subject.stub_chain(:[], :get) { raise RestClient::ResourceNotFound }
169
+ }
170
+ specify {
171
+ subject.permitted?('fry').should be_false
172
+ }
173
+ end
174
+ context "with status 403" do
175
+ before {
176
+ subject.stub_chain(:[], :get) { raise RestClient::Forbidden }
177
+ }
178
+ specify {
179
+ subject.permitted?('fry').should be_false
180
+ }
181
+ end
128
182
  end
129
183
 
130
184
  describe '.all' do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-api
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.9.1
4
+ version: 4.9.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rafał Rzepecki
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-07-17 00:00:00.000000000 Z
12
+ date: 2014-08-05 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rest-client