conjur-api 5.2.0 → 5.3.3

data/spec/id_spec.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Conjur::Id do
+  it 'requires the id to be fully qualified' do
+    expect { Conjur::Id.new 'foo:bar' }.to raise_error ArgumentError
+  end
+
+  it 'can be constructed from a string' do
+    id = Conjur::Id.new 'foo:bar:baz'
+    expect(id).to be
+    {
+      account: 'foo',
+      kind: 'bar',
+      identifier: 'baz'
+    }.each { |k, v| expect(id.send(k)).to eq v }
+  end
+
+  it 'can be constructed from an array' do
+    id = Conjur::Id.new %w(foo bar baz)
+    expect(id).to be
+    {
+      account: 'foo',
+      kind: 'bar',
+      identifier: 'baz'
+    }.each { |k, v| expect(id.send(k)).to eq v }
+  end
+end

data/spec/ldap_sync_spec.rb

@@ -0,0 +1,21 @@
+require 'spec_helper'
+
+describe Conjur::API, api: :dummy do
+  let(:router) { double('router', :get => "{}") }
+  before do
+    allow_any_instance_of(Conjur::API).to receive(:url_for).with(:ldap_sync_policy, any_args).and_return(router)
+  end
+
+  # verify that the method exists, and takes the correct argument.
+  describe '#ldap_sync_policy' do
+    context 'with default config' do
+      subject { api.ldap_sync_policy }
+      it { is_expected.to eq({})  }
+    end
+
+    context 'with a config specified' do
+      subject { api.ldap_sync_policy config_name: 'non-default-config' }
+      it { is_expected.to eq({}) }
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -1,4 +1,7 @@
 require 'simplecov'
+require 'simplecov-cobertura'
+
+SimpleCov.formatter = SimpleCov::Formatter::CoberturaFormatter
 SimpleCov.start
 
 require 'rubygems'

data/spec/uri_escape_spec.rb

@@ -1,9 +1,21 @@
 require 'spec_helper'
 require 'conjur/id'
+require 'conjur/api/router/v5'
 
 describe 'url escaping' do
   it 'Id to path is escaped' do
-    id = Conjur::Id.new('cucumber:variable:foo bar')
-    expect(id.to_url_path).to eq('cucumber/variable/foo%20bar')
+    id = Conjur::Id.new('cucumber:variable:one two/three')
+    expect(id.to_url_path).to eq('cucumber/variable/one%20two%2Fthree')
+  end
+
+  it 'Resources path is escaped' do
+    request = Conjur::API::Router::V5.resources(nil, 'cucumber/two', 'extended variable', {})
+    expect(request.url).to eq('http://localhost:5000/resources/cucumber%2Ftwo/extended%20variable/')
+  end
+
+  it 'Resource path is escaped' do
+    resource = Conjur::Id.new('cucumber:variable:one two/three')
+    request = Conjur::API::Router::V5.resources_resource(nil, resource)
+    expect(request.url).to eq('http://localhost:5000/resources/cucumber/variable/one%20two%2Fthree')
   end
 end

data/test.sh

@@ -8,6 +8,21 @@ function finish {
 
 trap finish EXIT
 
+function publishToCodeClimate() {
+  docker build -f ci/codeclimate.dockerfile -t cyberark/code-climate:latest .
+  docker run \
+    --rm \
+    -e GIT_BRANCH \
+    -e GIT_COMMIT \
+    -e TRID \
+    --volume "$PWD:/src/conjur-api" \
+    -w "/src/conjur-api" \
+    cyberark/code-climate:latest \
+      after-build \
+        -r "$(<TRID)" \
+        -t "simplecov"
+}
+
 function main() {
   # Generate reports folders locally
   mkdir -p spec/reports features/reports features_v4/reports
@@ -15,12 +30,19 @@ function main() {
   startConjur
   runTests_5
   runTests_4
+  publishToCodeClimate
 }
 
 function startConjur() {
   echo 'Starting Conjur environment'
   echo '-----'
-  docker-compose pull
+
+  # We want to pull to make sure we're testing against the newest release;
+  # failing to ensure that has caused many mysterious failures in CI.
+  # However, unconditionally pulling prevents working offline even
+  # with a warm cache. So try to pull, but ignore failures.
+  docker-compose pull --ignore-pull-failures
+
   docker-compose build
   docker-compose up -d pg conjur_4 conjur_5
 }

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-api
 version: !ruby/object:Gem::Version
-  version: 5.2.0
+  version: 5.3.3
 platform: ruby
 authors:
 - Rafal Rzepecki
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-06-14 00:00:00.000000000 Z
+date: 2020-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -43,16 +43,16 @@ dependencies:
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -215,17 +215,31 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".codeclimate.yml"
 - ".dockerignore"
+- ".github/CODEOWNERS"
+- ".github/ISSUE_TEMPLATE/bug.md"
+- ".github/ISSUE_TEMPLATE/feature_request.md"
+- ".github/PULL_REQUEST_TEMPLATE.md"
 - ".gitignore"
+- ".gitleaks.toml"
+- ".overcommit.yml"
 - ".project"
+- ".rubocop.yml"
+- ".rubocop_settings.yml"
+- ".rubocop_todo.yml"
 - ".yardopts"
 - CHANGELOG.md
+- CONTRIBUTING.md
 - Dockerfile
 - Gemfile
 - Jenkinsfile
-- LICENSE.md
+- LICENSE
 - README.md
 - Rakefile
+- SECURITY.md
+- bin/parse-changelog.sh
+- ci/codeclimate.dockerfile
 - ci/configure_v4.sh
 - ci/configure_v5.sh
 - conjur-api.gemspec
@@ -236,6 +250,7 @@ files:
 - docker-compose.yml
 - example/demo_v4.rb
 - example/demo_v5.rb
+- features/authenticators.feature
 - features/authn_local.feature
 - features/exists.feature
 - features/group.feature
@@ -284,8 +299,10 @@ files:
 - lib/conjur/acts_as_rolsource.rb
 - lib/conjur/acts_as_user.rb
 - lib/conjur/api.rb
+- lib/conjur/api/authenticators.rb
 - lib/conjur/api/authn.rb
 - lib/conjur/api/host_factories.rb
+- lib/conjur/api/ldap_sync.rb
 - lib/conjur/api/policies.rb
 - lib/conjur/api/pubkeys.rb
 - lib/conjur/api/resources.rb
@@ -297,7 +314,6 @@ files:
 - lib/conjur/base_object.rb
 - lib/conjur/build_object.rb
 - lib/conjur/cache.rb
-- lib/conjur/cast.rb
 - lib/conjur/cert_utils.rb
 - lib/conjur/cidr.rb
 - lib/conjur/configuration.rb
@@ -323,14 +339,17 @@ files:
 - lib/conjur/variable.rb
 - lib/conjur/webservice.rb
 - publish.sh
+- spec/api/host_factories_spec.rb
 - spec/api_spec.rb
-- spec/cast_spec.rb
+- spec/base_object_spec.rb
 - spec/cert_utils_spec.rb
 - spec/cidr_spec.rb
 - spec/configuration_spec.rb
 - spec/has_attributes_spec.rb
 - spec/helpers/errors_matcher.rb
 - spec/helpers/request_helpers.rb
+- spec/id_spec.rb
+- spec/ldap_sync_spec.rb
 - spec/log_source_spec.rb
 - spec/log_spec.rb
 - spec/roles_spec.rb
@@ -359,12 +378,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Conjur API
 test_files:
+- features/authenticators.feature
 - features/authn_local.feature
 - features/exists.feature
 - features/group.feature
@@ -390,14 +409,17 @@ test_files:
 - features/user.feature
 - features/variable_fields.feature
 - features/variable_value.feature
+- spec/api/host_factories_spec.rb
 - spec/api_spec.rb
-- spec/cast_spec.rb
+- spec/base_object_spec.rb
 - spec/cert_utils_spec.rb
 - spec/cidr_spec.rb
 - spec/configuration_spec.rb
 - spec/has_attributes_spec.rb
 - spec/helpers/errors_matcher.rb
 - spec/helpers/request_helpers.rb
+- spec/id_spec.rb
+- spec/ldap_sync_spec.rb
 - spec/log_source_spec.rb
 - spec/log_spec.rb
 - spec/roles_spec.rb

data/LICENSE.md

@@ -1,195 +0,0 @@
-Apache License
-==============
-
-_Version 2.0, January 2004_  
-_&lt;<http://www.apache.org/licenses/>&gt;_
-
-### Terms and Conditions for use, reproduction, and distribution
-
-#### 1. Definitions
-
-“License” shall mean the terms and conditions for use, reproduction, and
-distribution as defined by Sections 1 through 9 of this document.
-
-“Licensor” shall mean the copyright owner or entity authorized by the copyright
-owner that is granting the License.
-
-“Legal Entity” shall mean the union of the acting entity and all other entities
-that control, are controlled by, or are under common control with that entity.
-For the purposes of this definition, “control” means **(i)** the power, direct or
-indirect, to cause the direction or management of such entity, whether by
-contract or otherwise, or **(ii)** ownership of fifty percent (50%) or more of the
-outstanding shares, or **(iii)** beneficial ownership of such entity.
-
-“You” (or “Your”) shall mean an individual or Legal Entity exercising
-permissions granted by this License.
-
-“Source” form shall mean the preferred form for making modifications, including
-but not limited to software source code, documentation source, and configuration
-files.
-
-“Object” form shall mean any form resulting from mechanical transformation or
-translation of a Source form, including but not limited to compiled object code,
-generated documentation, and conversions to other media types.
-
-“Work” shall mean the work of authorship, whether in Source or Object form, made
-available under the License, as indicated by a copyright notice that is included
-in or attached to the work (an example is provided in the Appendix below).
-
-“Derivative Works” shall mean any work, whether in Source or Object form, that
-is based on (or derived from) the Work and for which the editorial revisions,
-annotations, elaborations, or other modifications represent, as a whole, an
-original work of authorship. For the purposes of this License, Derivative Works
-shall not include works that remain separable from, or merely link (or bind by
-name) to the interfaces of, the Work and Derivative Works thereof.
-
-“Contribution” shall mean any work of authorship, including the original version
-of the Work and any modifications or additions to that Work or Derivative Works
-thereof, that is intentionally submitted to Licensor for inclusion in the Work
-by the copyright owner or by an individual or Legal Entity authorized to submit
-on behalf of the copyright owner. For the purposes of this definition,
-“submitted” means any form of electronic, verbal, or written communication sent
-to the Licensor or its representatives, including but not limited to
-communication on electronic mailing lists, source code control systems, and
-issue tracking systems that are managed by, or on behalf of, the Licensor for
-the purpose of discussing and improving the Work, but excluding communication
-that is conspicuously marked or otherwise designated in writing by the copyright
-owner as “Not a Contribution.”
-
-“Contributor” shall mean Licensor and any individual or Legal Entity on behalf
-of whom a Contribution has been received by Licensor and subsequently
-incorporated within the Work.
-
-#### 2. Grant of Copyright License
-
-Subject to the terms and conditions of this License, each Contributor hereby
-grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,
-irrevocable copyright license to reproduce, prepare Derivative Works of,
-publicly display, publicly perform, sublicense, and distribute the Work and such
-Derivative Works in Source or Object form.
-
-#### 3. Grant of Patent License
-
-Subject to the terms and conditions of this License, each Contributor hereby
-grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,
-irrevocable (except as stated in this section) patent license to make, have
-made, use, offer to sell, sell, import, and otherwise transfer the Work, where
-such license applies only to those patent claims licensable by such Contributor
-that are necessarily infringed by their Contribution(s) alone or by combination
-of their Contribution(s) with the Work to which such Contribution(s) was
-submitted. If You institute patent litigation against any entity (including a
-cross-claim or counterclaim in a lawsuit) alleging that the Work or a
-Contribution incorporated within the Work constitutes direct or contributory
-patent infringement, then any patent licenses granted to You under this License
-for that Work shall terminate as of the date such litigation is filed.
-
-#### 4. Redistribution
-
-You may reproduce and distribute copies of the Work or Derivative Works thereof
-in any medium, with or without modifications, and in Source or Object form,
-provided that You meet the following conditions:
-
-* **(a)** You must give any other recipients of the Work or Derivative Works a copy of
-this License; and
-* **(b)** You must cause any modified files to carry prominent notices stating that You
-changed the files; and
-* **(c)** You must retain, in the Source form of any Derivative Works that You distribute,
-all copyright, patent, trademark, and attribution notices from the Source form
-of the Work, excluding those notices that do not pertain to any part of the
-Derivative Works; and
-* **(d)** If the Work includes a “NOTICE” text file as part of its distribution, then any
-Derivative Works that You distribute must include a readable copy of the
-attribution notices contained within such NOTICE file, excluding those notices
-that do not pertain to any part of the Derivative Works, in at least one of the
-following places: within a NOTICE text file distributed as part of the
-Derivative Works; within the Source form or documentation, if provided along
-with the Derivative Works; or, within a display generated by the Derivative
-Works, if and wherever such third-party notices normally appear. The contents of
-the NOTICE file are for informational purposes only and do not modify the
-License. You may add Your own attribution notices within Derivative Works that
-You distribute, alongside or as an addendum to the NOTICE text from the Work,
-provided that such additional attribution notices cannot be construed as
-modifying the License.
-
-You may add Your own copyright statement to Your modifications and may provide
-additional or different license terms and conditions for use, reproduction, or
-distribution of Your modifications, or for any such Derivative Works as a whole,
-provided Your use, reproduction, and distribution of the Work otherwise complies
-with the conditions stated in this License.
-
-#### 5. Submission of Contributions
-
-Unless You explicitly state otherwise, any Contribution intentionally submitted
-for inclusion in the Work by You to the Licensor shall be under the terms and
-conditions of this License, without any additional terms or conditions.
-Notwithstanding the above, nothing herein shall supersede or modify the terms of
-any separate license agreement you may have executed with Licensor regarding
-such Contributions.
-
-#### 6. Trademarks
-
-This License does not grant permission to use the trade names, trademarks,
-service marks, or product names of the Licensor, except as required for
-reasonable and customary use in describing the origin of the Work and
-reproducing the content of the NOTICE file.
-
-#### 7. Disclaimer of Warranty
-
-Unless required by applicable law or agreed to in writing, Licensor provides the
-Work (and each Contributor provides its Contributions) on an “AS IS” BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied,
-including, without limitation, any warranties or conditions of TITLE,
-NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are
-solely responsible for determining the appropriateness of using or
-redistributing the Work and assume any risks associated with Your exercise of
-permissions under this License.
-
-#### 8. Limitation of Liability
-
-In no event and under no legal theory, whether in tort (including negligence),
-contract, or otherwise, unless required by applicable law (such as deliberate
-and grossly negligent acts) or agreed to in writing, shall any Contributor be
-liable to You for damages, including any direct, indirect, special, incidental,
-or consequential damages of any character arising as a result of this License or
-out of the use or inability to use the Work (including but not limited to
-damages for loss of goodwill, work stoppage, computer failure or malfunction, or
-any and all other commercial damages or losses), even if such Contributor has
-been advised of the possibility of such damages.
-
-#### 9. Accepting Warranty or Additional Liability
-
-While redistributing the Work or Derivative Works thereof, You may choose to
-offer, and charge a fee for, acceptance of support, warranty, indemnity, or
-other liability obligations and/or rights consistent with this License. However,
-in accepting such obligations, You may act only on Your own behalf and on Your
-sole responsibility, not on behalf of any other Contributor, and only if You
-agree to indemnify, defend, and hold each Contributor harmless for any liability
-incurred by, or claims asserted against, such Contributor by reason of your
-accepting any such warranty or additional liability.
-
-_END OF TERMS AND CONDITIONS_
-
-### APPENDIX: How to apply the Apache License to your work
-
-To apply the Apache License to your work, attach the following boilerplate
-notice, with the fields enclosed by brackets `[]` replaced with your own
-identifying information. (Don't include the brackets!) The text should be
-enclosed in the appropriate comment syntax for the file format. We also
-recommend that a file or class name and description of purpose be included on
-the same “printed page” as the copyright notice for easier identification within
-third-party archives.
-
-    Copyright [yyyy] [name of copyright owner]
-    
-    Licensed under the Apache License, Version 2.0 (the "License");
-    you may not use this file except in compliance with the License.
-    You may obtain a copy of the License at
-    
-      http://www.apache.org/licenses/LICENSE-2.0
-    
-    Unless required by applicable law or agreed to in writing, software
-    distributed under the License is distributed on an "AS IS" BASIS,
-    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-    See the License for the specific language governing permissions and
-    limitations under the License.
-