conjur-api 5.3.0 → 5.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.codeclimate.yml +8 -0
- data/.overcommit.yml +16 -0
- data/.rubocop.yml +3 -0
- data/.rubocop_settings.yml +85 -0
- data/.rubocop_todo.yml +709 -0
- data/CHANGELOG.md +4 -0
- data/README.md +19 -1
- data/lib/conjur-api/version.rb +1 -1
- data/lib/conjur/acts_as_role.rb +15 -19
- data/lib/conjur/api/host_factories.rb +20 -19
- data/lib/conjur/api/resources.rb +15 -19
- data/lib/conjur/api/router/v5.rb +22 -7
- data/lib/conjur/base_object.rb +13 -20
- data/lib/conjur/build_object.rb +13 -20
- data/lib/conjur/id.rb +22 -19
- data/lib/conjur/role_grant.rb +13 -18
- data/spec/api/host_factories_spec.rb +34 -0
- data/spec/id_spec.rb +29 -0
- data/spec/uri_escape_spec.rb +14 -2
- data/test.sh +7 -1
- metadata +12 -6
- data/lib/conjur/cast.rb +0 -41
- data/spec/cast_spec.rb +0 -21
@@ -0,0 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
require 'conjur/api/host_factories'
|
5
|
+
|
6
|
+
describe "Conjur::API.host_factory_create_host", api: :dummy do
|
7
|
+
it "returns a Host instance correctly on v4" do
|
8
|
+
token = "host factory token"
|
9
|
+
id = "test-host"
|
10
|
+
|
11
|
+
allow(Conjur::API).to receive(:url_for)
|
12
|
+
.with(:host_factory_create_host, token).and_return(
|
13
|
+
resource = instance_double(RestClient::Resource, "hosts")
|
14
|
+
)
|
15
|
+
|
16
|
+
allow(resource).to receive(:post).with(id: id).and_return(
|
17
|
+
instance_double(RestClient::Response, "host response", body: '
|
18
|
+
{
|
19
|
+
"id": "test-host",
|
20
|
+
"userid": "hosts",
|
21
|
+
"created_at": "2015-11-13T22:57:14Z",
|
22
|
+
"ownerid": "cucumber:group:ops",
|
23
|
+
"roleid": "cucumber:host:test-host",
|
24
|
+
"resource_identifier": "cucumber:host:test-host",
|
25
|
+
"api_key": "14x82x72syhnnd1h8jj24zj1kqd2j09sjy3tddwxc35cmy5nx33ph7"
|
26
|
+
}
|
27
|
+
')
|
28
|
+
)
|
29
|
+
|
30
|
+
host = Conjur::API.host_factory_create_host token, id
|
31
|
+
|
32
|
+
expect(host).to be_a Conjur::Host
|
33
|
+
end
|
34
|
+
end
|
data/spec/id_spec.rb
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe Conjur::Id do
|
6
|
+
it 'requires the id to be fully qualified' do
|
7
|
+
expect { Conjur::Id.new 'foo:bar' }.to raise_error ArgumentError
|
8
|
+
end
|
9
|
+
|
10
|
+
it 'can be constructed from a string' do
|
11
|
+
id = Conjur::Id.new 'foo:bar:baz'
|
12
|
+
expect(id).to be
|
13
|
+
{
|
14
|
+
account: 'foo',
|
15
|
+
kind: 'bar',
|
16
|
+
identifier: 'baz'
|
17
|
+
}.each { |k, v| expect(id.send(k)).to eq v }
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'can be constructed from an array' do
|
21
|
+
id = Conjur::Id.new %w(foo bar baz)
|
22
|
+
expect(id).to be
|
23
|
+
{
|
24
|
+
account: 'foo',
|
25
|
+
kind: 'bar',
|
26
|
+
identifier: 'baz'
|
27
|
+
}.each { |k, v| expect(id.send(k)).to eq v }
|
28
|
+
end
|
29
|
+
end
|
data/spec/uri_escape_spec.rb
CHANGED
@@ -1,9 +1,21 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'conjur/id'
|
3
|
+
require 'conjur/api/router/v5'
|
3
4
|
|
4
5
|
describe 'url escaping' do
|
5
6
|
it 'Id to path is escaped' do
|
6
|
-
id = Conjur::Id.new('cucumber:variable:
|
7
|
-
expect(id.to_url_path).to eq('cucumber/variable/
|
7
|
+
id = Conjur::Id.new('cucumber:variable:one two/three')
|
8
|
+
expect(id.to_url_path).to eq('cucumber/variable/one%20two%2Fthree')
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'Resources path is escaped' do
|
12
|
+
request = Conjur::API::Router::V5.resources(nil, 'cucumber/two', 'extended variable', {})
|
13
|
+
expect(request.url).to eq('http://localhost:5000/resources/cucumber%2Ftwo/extended%20variable/')
|
14
|
+
end
|
15
|
+
|
16
|
+
it 'Resource path is escaped' do
|
17
|
+
resource = Conjur::Id.new('cucumber:variable:one two/three')
|
18
|
+
request = Conjur::API::Router::V5.resources_resource(nil, resource)
|
19
|
+
expect(request.url).to eq('http://localhost:5000/resources/cucumber/variable/one%20two%2Fthree')
|
8
20
|
end
|
9
21
|
end
|
data/test.sh
CHANGED
@@ -20,7 +20,13 @@ function main() {
|
|
20
20
|
function startConjur() {
|
21
21
|
echo 'Starting Conjur environment'
|
22
22
|
echo '-----'
|
23
|
-
|
23
|
+
|
24
|
+
# We want to pull to make sure we're testing against the newest release;
|
25
|
+
# failing to ensure that has caused many mysterious failures in CI.
|
26
|
+
# However, unconditionally pulling prevents working offline even
|
27
|
+
# with a warm cache. So try to pull, but ignore failures.
|
28
|
+
docker-compose pull --ignore-pull-failures
|
29
|
+
|
24
30
|
docker-compose build
|
25
31
|
docker-compose up -d pg conjur_4 conjur_5
|
26
32
|
}
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.3.
|
4
|
+
version: 5.3.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rafal Rzepecki
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2018-
|
12
|
+
date: 2018-09-24 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rest-client
|
@@ -215,9 +215,14 @@ executables: []
|
|
215
215
|
extensions: []
|
216
216
|
extra_rdoc_files: []
|
217
217
|
files:
|
218
|
+
- ".codeclimate.yml"
|
218
219
|
- ".dockerignore"
|
219
220
|
- ".gitignore"
|
221
|
+
- ".overcommit.yml"
|
220
222
|
- ".project"
|
223
|
+
- ".rubocop.yml"
|
224
|
+
- ".rubocop_settings.yml"
|
225
|
+
- ".rubocop_todo.yml"
|
221
226
|
- ".yardopts"
|
222
227
|
- CHANGELOG.md
|
223
228
|
- Dockerfile
|
@@ -298,7 +303,6 @@ files:
|
|
298
303
|
- lib/conjur/base_object.rb
|
299
304
|
- lib/conjur/build_object.rb
|
300
305
|
- lib/conjur/cache.rb
|
301
|
-
- lib/conjur/cast.rb
|
302
306
|
- lib/conjur/cert_utils.rb
|
303
307
|
- lib/conjur/cidr.rb
|
304
308
|
- lib/conjur/configuration.rb
|
@@ -324,14 +328,15 @@ files:
|
|
324
328
|
- lib/conjur/variable.rb
|
325
329
|
- lib/conjur/webservice.rb
|
326
330
|
- publish.sh
|
331
|
+
- spec/api/host_factories_spec.rb
|
327
332
|
- spec/api_spec.rb
|
328
|
-
- spec/cast_spec.rb
|
329
333
|
- spec/cert_utils_spec.rb
|
330
334
|
- spec/cidr_spec.rb
|
331
335
|
- spec/configuration_spec.rb
|
332
336
|
- spec/has_attributes_spec.rb
|
333
337
|
- spec/helpers/errors_matcher.rb
|
334
338
|
- spec/helpers/request_helpers.rb
|
339
|
+
- spec/id_spec.rb
|
335
340
|
- spec/ldap_sync_spec.rb
|
336
341
|
- spec/log_source_spec.rb
|
337
342
|
- spec/log_spec.rb
|
@@ -362,7 +367,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
362
367
|
version: '0'
|
363
368
|
requirements: []
|
364
369
|
rubyforge_project:
|
365
|
-
rubygems_version: 2.7.
|
370
|
+
rubygems_version: 2.7.7
|
366
371
|
signing_key:
|
367
372
|
specification_version: 4
|
368
373
|
summary: Conjur API
|
@@ -392,14 +397,15 @@ test_files:
|
|
392
397
|
- features/user.feature
|
393
398
|
- features/variable_fields.feature
|
394
399
|
- features/variable_value.feature
|
400
|
+
- spec/api/host_factories_spec.rb
|
395
401
|
- spec/api_spec.rb
|
396
|
-
- spec/cast_spec.rb
|
397
402
|
- spec/cert_utils_spec.rb
|
398
403
|
- spec/cidr_spec.rb
|
399
404
|
- spec/configuration_spec.rb
|
400
405
|
- spec/has_attributes_spec.rb
|
401
406
|
- spec/helpers/errors_matcher.rb
|
402
407
|
- spec/helpers/request_helpers.rb
|
408
|
+
- spec/id_spec.rb
|
403
409
|
- spec/ldap_sync_spec.rb
|
404
410
|
- spec/log_source_spec.rb
|
405
411
|
- spec/log_spec.rb
|
data/lib/conjur/cast.rb
DELETED
@@ -1,41 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Copyright 2013-2017 Conjur Inc
|
3
|
-
#
|
4
|
-
# Permission is hereby granted, free of charge, to any person obtaining a copy of
|
5
|
-
# this software and associated documentation files (the "Software"), to deal in
|
6
|
-
# the Software without restriction, including without limitation the rights to
|
7
|
-
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
8
|
-
# the Software, and to permit persons to whom the Software is furnished to do so,
|
9
|
-
# subject to the following conditions:
|
10
|
-
#
|
11
|
-
# The above copyright notice and this permission notice shall be included in all
|
12
|
-
# copies or substantial portions of the Software.
|
13
|
-
#
|
14
|
-
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
15
|
-
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
16
|
-
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
17
|
-
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
18
|
-
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
19
|
-
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
20
|
-
#
|
21
|
-
|
22
|
-
module Conjur
|
23
|
-
module Cast
|
24
|
-
protected
|
25
|
-
|
26
|
-
# Convert a value to a role or resource identifier.
|
27
|
-
#
|
28
|
-
# @param obj the value to cast
|
29
|
-
def cast_to_id obj
|
30
|
-
result =if obj.is_a?(String) || obj.is_a?(Id)
|
31
|
-
obj
|
32
|
-
elsif obj.is_a?(Array)
|
33
|
-
obj.join(':')
|
34
|
-
else
|
35
|
-
raise "I don't know how to cast a #{obj.class} to an id"
|
36
|
-
end
|
37
|
-
result = Id.new(result) unless result.is_a?(Id)
|
38
|
-
result
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
data/spec/cast_spec.rb
DELETED
@@ -1,21 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe Conjur::Cast do
|
4
|
-
let!(:object) {
|
5
|
-
Object.new.tap do |obj|
|
6
|
-
class << obj
|
7
|
-
include Conjur::Cast
|
8
|
-
end
|
9
|
-
end
|
10
|
-
}
|
11
|
-
|
12
|
-
it 'String casts to itself' do
|
13
|
-
expect(object.send(:cast_to_id, "foo")).to eq("foo")
|
14
|
-
end
|
15
|
-
it 'Id casts to to_s' do
|
16
|
-
expect(object.send(:cast_to_id, "foo")).to eq("foo")
|
17
|
-
end
|
18
|
-
it 'Array casts via #join' do
|
19
|
-
expect(object.send(:cast_to_id, [ "foo", "bar" ])).to eq("foo:bar")
|
20
|
-
end
|
21
|
-
end
|