conjur-api 4.9.1 → 4.9.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +9 -8
- data/lib/conjur-api/version.rb +1 -1
- data/lib/conjur/configuration.rb +11 -2
- data/lib/conjur/exists.rb +0 -6
- data/lib/conjur/resource.rb +13 -1
- data/spec/lib/exists_spec.rb +3 -1
- data/spec/lib/resource_spec.rb +54 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 40b8b3e33ac15bc66d3663948bb3d7da081615d6
|
4
|
+
data.tar.gz: 1c79f61e8e87c94089cd9439833e1b118fc68e68
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1e2b831d564b9cf0f9df2f55bfcd50a138b0c607a513de45e2974b9f6ed4ee9637a7ae3c4e5c6b6024d1445ec8bcddd1741d646b1d8dacc078838935be9c3ca3
|
7
|
+
data.tar.gz: 2d400fc3541fd4235bfb445a66a6112cfff95c5e962a6ca21de94ec68a824b8e1d4823cd7f88b71a3921163fd44c14d9dcfa004e4b02986531ceff9d819c30a4
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Conjur::API
|
2
2
|
|
3
|
-
|
3
|
+
Programmatic Ruby access to the Conjur API.
|
4
4
|
|
5
5
|
## Installation
|
6
6
|
|
@@ -18,17 +18,18 @@ Or install it yourself as:
|
|
18
18
|
|
19
19
|
## Usage
|
20
20
|
|
21
|
-
|
22
|
-
- authn: 5000,
|
23
|
-
- authz: 5100.
|
21
|
+
To instantiate the API, using configuration stored stored in `~/.conjurrc`:
|
24
22
|
|
25
23
|
```ruby
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
24
|
+
require 'conjur/cli'
|
25
|
+
Conjur::Config.load
|
26
|
+
conjur = Conjur::API.new_from_key username, api_key
|
30
27
|
```
|
31
28
|
|
29
|
+
You can find the username and api_key in ~/.netrc after you've logged in.
|
30
|
+
|
31
|
+
Fancier/different init scenarios are possible but this should be a good start!
|
32
|
+
|
32
33
|
## Contributing
|
33
34
|
|
34
35
|
1. Fork it
|
data/lib/conjur-api/version.rb
CHANGED
data/lib/conjur/configuration.rb
CHANGED
@@ -75,6 +75,10 @@ module Conjur
|
|
75
75
|
define_method("#{name}=") do |value|
|
76
76
|
set name, value
|
77
77
|
end
|
78
|
+
|
79
|
+
define_method("#{name}_env_var") do
|
80
|
+
allow_env ? env_var : nil
|
81
|
+
end
|
78
82
|
|
79
83
|
define_method(name) do
|
80
84
|
if supplied.member?(name)
|
@@ -142,7 +146,7 @@ module Conjur
|
|
142
146
|
when 'test', 'development', 'appliance'
|
143
147
|
"http://localhost:#{service_base_port + service_port_offset}"
|
144
148
|
else
|
145
|
-
"https://#{service_name}-#{stack}-conjur.herokuapp.com"
|
149
|
+
"https://#{herokuize service_name}-#{stack}-conjur.herokuapp.com"
|
146
150
|
end
|
147
151
|
end
|
148
152
|
end
|
@@ -155,7 +159,7 @@ module Conjur
|
|
155
159
|
when 'test', 'development', 'appliance'
|
156
160
|
"http://localhost:#{service_base_port + service_port_offset}"
|
157
161
|
else
|
158
|
-
"https://#{service_name}-#{account}-conjur.herokuapp.com"
|
162
|
+
"https://#{herokuize service_name}-#{account}-conjur.herokuapp.com"
|
159
163
|
end
|
160
164
|
end
|
161
165
|
end
|
@@ -168,6 +172,11 @@ module Conjur
|
|
168
172
|
end
|
169
173
|
end
|
170
174
|
|
175
|
+
# Heroku: Name must start with a letter and can only contain lowercase letters, numbers, and dashes.
|
176
|
+
def herokuize name
|
177
|
+
name.downcase.gsub(/[^a-z0-9\-]/, '-')
|
178
|
+
end
|
179
|
+
|
171
180
|
def supplied
|
172
181
|
@supplied ||= {}
|
173
182
|
end
|
data/lib/conjur/exists.rb
CHANGED
@@ -24,12 +24,6 @@ module Conjur
|
|
24
24
|
begin
|
25
25
|
self.head(options)
|
26
26
|
true
|
27
|
-
rescue RestClient::Forbidden
|
28
|
-
# rationale is: exists? should return true iff creating a resource with
|
29
|
-
# the same name would fail (not by client's fault). Why it would fail
|
30
|
-
# doesn't matter that much.
|
31
|
-
# (Plus, currently it always 403s when the resource exists but is unaccessible.)
|
32
|
-
true
|
33
27
|
rescue RestClient::ResourceNotFound
|
34
28
|
false
|
35
29
|
end
|
data/lib/conjur/resource.rb
CHANGED
@@ -22,7 +22,6 @@ require 'conjur/annotations'
|
|
22
22
|
|
23
23
|
module Conjur
|
24
24
|
class Resource < RestClient::Resource
|
25
|
-
include Exists
|
26
25
|
include HasAttributes
|
27
26
|
include PathBased
|
28
27
|
|
@@ -52,6 +51,17 @@ module Conjur
|
|
52
51
|
end
|
53
52
|
self.put(options)
|
54
53
|
end
|
54
|
+
|
55
|
+
def exists?(options = {})
|
56
|
+
begin
|
57
|
+
self.head(options)
|
58
|
+
true
|
59
|
+
rescue RestClient::Forbidden
|
60
|
+
true
|
61
|
+
rescue RestClient::ResourceNotFound
|
62
|
+
false
|
63
|
+
end
|
64
|
+
end
|
55
65
|
|
56
66
|
# Lists roles that have a specified permission on the resource.
|
57
67
|
def permitted_roles(permission, options = {})
|
@@ -116,6 +126,8 @@ module Conjur
|
|
116
126
|
params[:acting_as] = options[:acting_as] if options[:acting_as]
|
117
127
|
self["?#{params.to_query}"].get(options)
|
118
128
|
true
|
129
|
+
rescue RestClient::Forbidden
|
130
|
+
false
|
119
131
|
rescue RestClient::ResourceNotFound
|
120
132
|
false
|
121
133
|
end
|
data/spec/lib/exists_spec.rb
CHANGED
@@ -10,7 +10,9 @@ describe Conjur::Exists do
|
|
10
10
|
|
11
11
|
context "when forbidden" do
|
12
12
|
before { subject.stub(:head) { raise RestClient::Forbidden }}
|
13
|
-
|
13
|
+
it "propagates the error" do
|
14
|
+
lambda { subject.exists? }.should raise_error(RestClient::Forbidden)
|
15
|
+
end
|
14
16
|
end
|
15
17
|
|
16
18
|
context "when not found" do
|
data/spec/lib/resource_spec.rb
CHANGED
@@ -74,6 +74,36 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
|
|
74
74
|
end
|
75
75
|
end
|
76
76
|
|
77
|
+
describe "#exists" do
|
78
|
+
let(:uri) { "#{authz_host}/some-account/resources/the-kind/resource-id" }
|
79
|
+
it "sends HEAD /<resource>" do
|
80
|
+
RestClient::Request.should_receive(:execute).with(
|
81
|
+
method: :head,
|
82
|
+
url: uri,
|
83
|
+
headers: {}
|
84
|
+
)
|
85
|
+
subject.exists?
|
86
|
+
end
|
87
|
+
context "with status 204" do
|
88
|
+
before {
|
89
|
+
subject.stub(:head)
|
90
|
+
}
|
91
|
+
its(:exists?) { should be_true }
|
92
|
+
end
|
93
|
+
context "with status 404" do
|
94
|
+
before {
|
95
|
+
subject.stub(:head) { raise RestClient::ResourceNotFound }
|
96
|
+
}
|
97
|
+
its(:exists?) { should be_false }
|
98
|
+
end
|
99
|
+
context "with status 403" do
|
100
|
+
before {
|
101
|
+
subject.stub(:head) { raise RestClient::Forbidden }
|
102
|
+
}
|
103
|
+
its(:exists?) { should be_true }
|
104
|
+
end
|
105
|
+
end
|
106
|
+
|
77
107
|
describe '#delete' do
|
78
108
|
it 'simply deletes' do
|
79
109
|
RestClient::Request.should_receive(:execute).with(
|
@@ -125,6 +155,30 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
|
|
125
155
|
)
|
126
156
|
subject.permitted? 'fry'
|
127
157
|
end
|
158
|
+
context "with status 204" do
|
159
|
+
before {
|
160
|
+
subject.stub_chain(:[], :get)
|
161
|
+
}
|
162
|
+
specify {
|
163
|
+
subject.permitted?('fry').should be_true
|
164
|
+
}
|
165
|
+
end
|
166
|
+
context "with status 404" do
|
167
|
+
before {
|
168
|
+
subject.stub_chain(:[], :get) { raise RestClient::ResourceNotFound }
|
169
|
+
}
|
170
|
+
specify {
|
171
|
+
subject.permitted?('fry').should be_false
|
172
|
+
}
|
173
|
+
end
|
174
|
+
context "with status 403" do
|
175
|
+
before {
|
176
|
+
subject.stub_chain(:[], :get) { raise RestClient::Forbidden }
|
177
|
+
}
|
178
|
+
specify {
|
179
|
+
subject.permitted?('fry').should be_false
|
180
|
+
}
|
181
|
+
end
|
128
182
|
end
|
129
183
|
|
130
184
|
describe '.all' do
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.9.
|
4
|
+
version: 4.9.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rafał Rzepecki
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2014-
|
12
|
+
date: 2014-08-05 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rest-client
|