conjur-api 5.3.7 → 5.3.8.pre.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (143) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. metadata +23 -193
  4. data/.codeclimate.yml +0 -10
  5. data/.dockerignore +0 -1
  6. data/.github/CODEOWNERS +0 -10
  7. data/.gitignore +0 -32
  8. data/.gitleaks.toml +0 -219
  9. data/.overcommit.yml +0 -16
  10. data/.project +0 -18
  11. data/.rubocop.yml +0 -3
  12. data/.rubocop_settings.yml +0 -86
  13. data/.rubocop_todo.yml +0 -709
  14. data/.yardopts +0 -1
  15. data/CHANGELOG.md +0 -433
  16. data/CONTRIBUTING.md +0 -141
  17. data/Dockerfile +0 -16
  18. data/Gemfile +0 -7
  19. data/Jenkinsfile +0 -168
  20. data/LICENSE +0 -202
  21. data/README.md +0 -162
  22. data/Rakefile +0 -47
  23. data/SECURITY.md +0 -42
  24. data/bin/parse-changelog.sh +0 -12
  25. data/ci/configure_v4.sh +0 -12
  26. data/ci/configure_v5.sh +0 -14
  27. data/ci/submit-coverage +0 -36
  28. data/conjur-api.gemspec +0 -40
  29. data/dev/Dockerfile.dev +0 -12
  30. data/dev/docker-compose.yml +0 -56
  31. data/dev/start +0 -22
  32. data/dev/stop +0 -5
  33. data/docker-compose.yml +0 -76
  34. data/example/demo_v4.rb +0 -49
  35. data/example/demo_v5.rb +0 -57
  36. data/features/authenticators.feature +0 -33
  37. data/features/authn_local.feature +0 -32
  38. data/features/exists.feature +0 -37
  39. data/features/group.feature +0 -11
  40. data/features/host.feature +0 -50
  41. data/features/host_factory_create_host.feature +0 -28
  42. data/features/host_factory_token.feature +0 -63
  43. data/features/load_policy.feature +0 -61
  44. data/features/members.feature +0 -51
  45. data/features/new_api.feature +0 -36
  46. data/features/permitted.feature +0 -70
  47. data/features/permitted_roles.feature +0 -30
  48. data/features/public_keys.feature +0 -11
  49. data/features/resource_fields.feature +0 -53
  50. data/features/role_fields.feature +0 -15
  51. data/features/rotate_api_key.feature +0 -13
  52. data/features/step_definitions/api_steps.rb +0 -18
  53. data/features/step_definitions/policy_steps.rb +0 -75
  54. data/features/step_definitions/result_steps.rb +0 -7
  55. data/features/support/env.rb +0 -18
  56. data/features/support/hooks.rb +0 -3
  57. data/features/support/world.rb +0 -12
  58. data/features/update_password.feature +0 -14
  59. data/features/user.feature +0 -58
  60. data/features/variable_fields.feature +0 -20
  61. data/features/variable_value.feature +0 -60
  62. data/features_v4/authn_local.feature +0 -27
  63. data/features_v4/exists.feature +0 -29
  64. data/features_v4/host.feature +0 -18
  65. data/features_v4/host_factory_token.feature +0 -49
  66. data/features_v4/members.feature +0 -39
  67. data/features_v4/permitted.feature +0 -15
  68. data/features_v4/permitted_roles.feature +0 -8
  69. data/features_v4/resource_fields.feature +0 -47
  70. data/features_v4/rotate_api_key.feature +0 -13
  71. data/features_v4/step_definitions/api_steps.rb +0 -17
  72. data/features_v4/step_definitions/result_steps.rb +0 -3
  73. data/features_v4/support/env.rb +0 -23
  74. data/features_v4/support/policy.yml +0 -34
  75. data/features_v4/support/world.rb +0 -12
  76. data/features_v4/variable_fields.feature +0 -11
  77. data/features_v4/variable_value.feature +0 -54
  78. data/lib/conjur/acts_as_resource.rb +0 -123
  79. data/lib/conjur/acts_as_role.rb +0 -142
  80. data/lib/conjur/acts_as_rolsource.rb +0 -32
  81. data/lib/conjur/acts_as_user.rb +0 -68
  82. data/lib/conjur/api/authenticators.rb +0 -35
  83. data/lib/conjur/api/authn.rb +0 -125
  84. data/lib/conjur/api/host_factories.rb +0 -71
  85. data/lib/conjur/api/ldap_sync.rb +0 -38
  86. data/lib/conjur/api/policies.rb +0 -56
  87. data/lib/conjur/api/pubkeys.rb +0 -53
  88. data/lib/conjur/api/resources.rb +0 -109
  89. data/lib/conjur/api/roles.rb +0 -98
  90. data/lib/conjur/api/router/v4.rb +0 -206
  91. data/lib/conjur/api/router/v5.rb +0 -248
  92. data/lib/conjur/api/variables.rb +0 -59
  93. data/lib/conjur/api.rb +0 -105
  94. data/lib/conjur/base.rb +0 -355
  95. data/lib/conjur/base_object.rb +0 -57
  96. data/lib/conjur/build_object.rb +0 -47
  97. data/lib/conjur/cache.rb +0 -26
  98. data/lib/conjur/cert_utils.rb +0 -63
  99. data/lib/conjur/cidr.rb +0 -71
  100. data/lib/conjur/configuration.rb +0 -460
  101. data/lib/conjur/escape.rb +0 -129
  102. data/lib/conjur/exceptions.rb +0 -4
  103. data/lib/conjur/group.rb +0 -41
  104. data/lib/conjur/has_attributes.rb +0 -98
  105. data/lib/conjur/host.rb +0 -27
  106. data/lib/conjur/host_factory.rb +0 -75
  107. data/lib/conjur/host_factory_token.rb +0 -78
  108. data/lib/conjur/id.rb +0 -71
  109. data/lib/conjur/layer.rb +0 -9
  110. data/lib/conjur/log.rb +0 -72
  111. data/lib/conjur/log_source.rb +0 -60
  112. data/lib/conjur/policy.rb +0 -34
  113. data/lib/conjur/policy_load_result.rb +0 -61
  114. data/lib/conjur/query_string.rb +0 -12
  115. data/lib/conjur/resource.rb +0 -29
  116. data/lib/conjur/role.rb +0 -29
  117. data/lib/conjur/role_grant.rb +0 -85
  118. data/lib/conjur/routing.rb +0 -29
  119. data/lib/conjur/user.rb +0 -40
  120. data/lib/conjur/variable.rb +0 -208
  121. data/lib/conjur/webservice.rb +0 -30
  122. data/lib/conjur-api/version.rb +0 -24
  123. data/lib/conjur-api.rb +0 -2
  124. data/publish.sh +0 -5
  125. data/spec/api/host_factories_spec.rb +0 -34
  126. data/spec/api_spec.rb +0 -254
  127. data/spec/base_object_spec.rb +0 -13
  128. data/spec/cert_utils_spec.rb +0 -173
  129. data/spec/cidr_spec.rb +0 -34
  130. data/spec/configuration_spec.rb +0 -330
  131. data/spec/has_attributes_spec.rb +0 -63
  132. data/spec/helpers/errors_matcher.rb +0 -34
  133. data/spec/helpers/request_helpers.rb +0 -10
  134. data/spec/id_spec.rb +0 -29
  135. data/spec/ldap_sync_spec.rb +0 -21
  136. data/spec/log_source_spec.rb +0 -13
  137. data/spec/log_spec.rb +0 -42
  138. data/spec/roles_spec.rb +0 -24
  139. data/spec/spec_helper.rb +0 -113
  140. data/spec/ssl_spec.rb +0 -109
  141. data/spec/uri_escape_spec.rb +0 -21
  142. data/test.sh +0 -73
  143. data/tmp/.keep +0 -0
@@ -1,98 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- module Conjur
22
- # Many Conjur assets have key-value attributes. Although these should generally be accessed via
23
- # methods on specific asset classes (for example, {Conjur::Resource#owner}), the are available as
24
- # a `Hash` on all types supporting attributes.
25
- module HasAttributes
26
- class << self
27
-
28
- # @api private
29
- def annotation_value annotations, name
30
- (annotations.find{|a| a['name'] == name} || {})['value']
31
- end
32
- end
33
-
34
- def as_json options={}
35
- result = super(options)
36
- if @attributes
37
- result.merge!(@attributes.as_json(options))
38
- end
39
- result
40
- end
41
-
42
- def to_s
43
- to_json.to_s
44
- end
45
-
46
- # @api private
47
- # Set the attributes for this Resource.
48
- # @param [Hash] attributes new attributes for the object.
49
- # @return [Hash] the new attributes
50
- def attributes=(attributes); @attributes = attributes; end
51
-
52
- # Get the attributes for this asset. This is an immutable Hash, unless the attributes
53
- # are changed via policy update.
54
- #
55
- # @return [Hash] the asset's attributes.
56
- def attributes
57
- return @attributes if @attributes
58
- fetch
59
- end
60
-
61
- # Call a block that will perform actions that might change the asset's attributes.
62
- # No matter what happens in the block, this method ensures that the cached attributes
63
- # will be invalidated.
64
- #
65
- # @note this is mainly used internally, but included in the public api for completeness.
66
- #
67
- # @return [void]
68
- def invalidate(&block)
69
- yield
70
- ensure
71
- @attributes = nil
72
- end
73
-
74
- def annotations
75
- Hash[(attributes['annotations']||{}).collect {|e| [e['name'],e['value']]}]
76
- end
77
-
78
- protected
79
-
80
- def annotation_value name
81
- annotations[name]
82
- end
83
-
84
- # @api private
85
- # Fetch the attributes, overwriting any current ones.
86
- def fetch
87
- @attributes ||= fetch_attributes
88
- end
89
-
90
- # @api private
91
- def fetch_attributes
92
- cache_key = Conjur.cache_key username, url_for(:resources_resource, credentials, id).url
93
- Conjur.cache.fetch_attributes cache_key do
94
- JSON.parse(url_for(:resources_resource, credentials, id).get.body)
95
- end
96
- end
97
- end
98
- end
data/lib/conjur/host.rb DELETED
@@ -1,27 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- module Conjur
22
- # This class represents a Conjur Host. Hosts are created in Conjur policy, or with
23
- # {Conjur::HostFactory}.
24
- class Host < BaseObject
25
- include ActsAsUser
26
- end
27
- end
@@ -1,75 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- require 'conjur/host_factory_token'
22
-
23
- module Conjur
24
- # A Host Factory is a way to allow clients to create Conjur hosts without giving them
25
- # any other access to Conjur.
26
- #
27
- # Each Host Factory can have 0 or more tokens, each of which is a random string that
28
- # has an associated expiration and optional CIDR restriction. A user or machine who has
29
- # a host factory token can use it to create new hosts, or to rotate the API keys of
30
- # existing hosts.
31
- #
32
- # @see API#host_factory_create_host
33
- # @see HostFactoryToken
34
- class HostFactory < BaseObject
35
- include ActsAsRolsource
36
-
37
- # Create one or more host factory tokens. Each token can be used to create
38
- # hosts, using {API#host_factory_create_host}.
39
- #
40
- # @param expiration [Time] the future time at which the token will stop working.
41
- # @param count [Integer] the number of (identical) tokens to create (default: 1).
42
- # @param cidr [String] a CIDR restriction on the usage of the token.
43
- # @return [Array<HostFactoryToken>] the token or tokens.
44
- def create_tokens expiration, count: 1, cidr: nil
45
- options = {}
46
- options[:expiration] = expiration.iso8601
47
- options[:host_factory] = id
48
- options[:count] = count
49
- options[:cidr] = cidr if cidr
50
- response = JSON.parse url_for(:host_factory_create_tokens, credentials, id).post(options)
51
- response.map do |data|
52
- HostFactoryToken.new data, credentials
53
- end
54
- end
55
-
56
- # Create a new token.
57
- #
58
- # @see #create_tokens
59
- def create_token expiration, cidr: nil
60
- create_tokens(expiration, cidr: cidr).first
61
- end
62
-
63
- # Enumerate the tokens on the host factory.
64
- #
65
- # @return [Array<HostFactoryToken>] the token or tokens.
66
- def tokens
67
- # Tokens list is not returned by +show+ if the caller doesn't have permission
68
- return nil unless self.attributes['tokens']
69
-
70
- self.attributes['tokens'].collect do |data|
71
- HostFactoryToken.new data, credentials
72
- end
73
- end
74
- end
75
- end
@@ -1,78 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- module Conjur
22
- class HostFactoryToken
23
- def initialize data, credentials
24
- @data = data
25
- @credentials = credentials
26
- end
27
-
28
- # Convert the object to JSON.
29
- #
30
- # Fields:
31
- #
32
- # * token
33
- # * expiration
34
- # * cidr
35
- def to_json(options = {})
36
- { token: token, expiration: expiration, cidr: cidr }
37
- end
38
-
39
- # Format the token as a string, using JSON format.
40
- def to_s
41
- to_json.to_s
42
- end
43
-
44
- # Gets the token string.
45
- #
46
- # @return [String]
47
- def token
48
- @data['token']
49
- end
50
-
51
- # Gets the expiration.
52
- #
53
- # @return [DateTime]
54
- def expiration
55
- DateTime.iso8601(@data['expiration'])
56
- end
57
-
58
- # Gets the CIDR restriction.
59
- #
60
- # @return [String]
61
- def cidr
62
- @data['cidr']
63
- end
64
-
65
- # Revokes the token, after which it cannot be used any more.
66
- def revoke
67
- Conjur::API.revoke_host_factory_token @credentials, token
68
- end
69
-
70
- def ==(other)
71
- other.class == self.class &&
72
- other.token == self.token &&
73
- other.expiration == self.expiration &&
74
- other.cidr == self.cidr
75
- end
76
-
77
- end
78
- end
data/lib/conjur/id.rb DELETED
@@ -1,71 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Copyright 2013-2018 CyberArk Ltd.
4
- #
5
- # Licensed under the Apache License, Version 2.0 (the "License");
6
- # you may not use this file except in compliance with the License.
7
- # You may obtain a copy of the License at
8
- #
9
- # http://www.apache.org/licenses/LICENSE-2.0
10
- #
11
- # Unless required by applicable law or agreed to in writing, software
12
- # distributed under the License is distributed on an "AS IS" BASIS,
13
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
- # See the License for the specific language governing permissions and
15
- # limitations under the License.
16
-
17
- require 'conjur/escape'
18
-
19
- module Conjur
20
- # Encapsulates a Conjur id, which consists of account, kind, and identifier.
21
- class Id
22
- include Conjur::Escape
23
-
24
- attr_reader :id
25
-
26
- def initialize id
27
- @id = Id.normalize id
28
- end
29
-
30
- # The organization account, obtained from the first component of the id.
31
- def account; id.split(':', 3)[0]; end
32
- # The object kind, obtained from the second component of the id.
33
- def kind; id.split(':', 3)[1]; end
34
- # The object identifier, obtained from the third component of the id. The
35
- # identifier must be unique within the `account` and `kind`.
36
- def identifier; id.split(':', 3)[2]; end
37
-
38
- # Defines id equivalence using the string representation.
39
- def == other
40
- if other.is_a?(String)
41
- to_s == other
42
- else
43
- super
44
- end
45
- end
46
-
47
- # @return [String] the id string.
48
- def as_json options={}
49
- @id
50
- end
51
-
52
- # Splits the id into 3 components, and then joins them with a forward-slash `/`.
53
- def to_url_path
54
- id.split(':', 3)
55
- .map(&method(:fully_escape))
56
- .join('/')
57
- end
58
-
59
- # @return [String] the id string
60
- def to_s
61
- id
62
- end
63
-
64
- def self.normalize id
65
- Array(id).join(':').tap do |id|
66
- raise ArgumentError, "id must be fully qualified: #{id}" \
67
- unless id =~ /.*:.*:.*/
68
- end
69
- end
70
- end
71
- end
data/lib/conjur/layer.rb DELETED
@@ -1,9 +0,0 @@
1
- module Conjur
2
-
3
- # A Conjur Layer is a type of role whose members are Conjur Hosts. The hosts inherit
4
- # permissions from the layer. Automatic roles on the layer can also be used to manage
5
- # SSH permissions to the hosts.
6
- class Layer < BaseObject
7
- include ActsAsRolsource
8
- end
9
- end
data/lib/conjur/log.rb DELETED
@@ -1,72 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- require 'logger'
22
-
23
- module Conjur
24
- # Assign a Logger for use by Conjur API methods. This method accepts
25
- # several argument forms:
26
- # * The strings 'stdout' and 'stderr' cause log messages to be sent to the corresponding stream.
27
- # * Other stings are treated as paths and will cause log messages to be sent to those files.
28
- # * A `Logger` instance will be used as is.
29
- #
30
- # Note that the logger specified by the `CONJURAPI_LOG` environment variable will override
31
- # the value set here.
32
- #
33
- # @param [String, Logger,nil] log the new logger to use
34
- # @return [void]
35
- def self.log= log
36
- @@log = create_log log
37
- end
38
-
39
- # @api private
40
- # Create a log from a String or Logger param
41
- #
42
- # @param [String, Logger, nil] param the value to create the logger from
43
- # @return Logger
44
- def self.create_log param
45
- if param
46
- if param.is_a? String
47
- if param == 'stdout'
48
- Logger.new $stdout
49
- elsif param == 'stderr'
50
- Logger.new $stderr
51
- else
52
- Logger.new param
53
- end
54
- else
55
- param
56
- end
57
- end
58
- end
59
-
60
- @@env_log = create_log ENV['CONJURAPI_LOG']
61
-
62
- @@log = nil
63
-
64
- # @api private
65
- # @note this method may return nil if no log has been set, so you **must** check the value
66
- # before attempting to use the logger.
67
- #
68
- # You should consider using {Conjur::LogSource} instead.
69
- def self.log
70
- @@env_log || @@log
71
- end
72
- end
@@ -1,60 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- module Conjur
22
- # This module provides logging support for actions taken by the Conjur API.
23
- #
24
- # @example
25
- # class Example
26
- # include LogSource
27
- #
28
- # def something_interesting param
29
- # log{|l| l << "doing something interesting with #{param}"}
30
- #
31
- # # Do something interesting...
32
- # end
33
- #
34
- # end
35
- # # ...
36
- #
37
- # Example.new.something_interesting 'foo'
38
- # # will log:
39
- # # [admin] doing something interesting with foo
40
- #
41
- module LogSource
42
- # Yield a logger to the block. You should use the `<<` method to write to the
43
- # logger so that you don't send newlines or formatting. The block will only be called
44
- # if {Conjur.log} is not nil.
45
- #
46
- # The log format is `"[<username>]<messages logged in block>\n"`.
47
- #
48
- # @yieldparam [#<<] logger a logger to write messages
49
- # @return [void]
50
- def log(&block)
51
- if Conjur.log
52
- Conjur.log << "["
53
- Conjur.log << username
54
- Conjur.log << "] "
55
- yield Conjur.log
56
- Conjur.log << "\n"
57
- end
58
- end
59
- end
60
- end
data/lib/conjur/policy.rb DELETED
@@ -1,34 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- module Conjur
22
-
23
- # Defines an set of objects, permission grants and role grants. All objects in a policy
24
- # share a common naming prefix, which is the id of the policy. (Exception: the root
25
- # policy does not add a naming prefix to each of its objects).
26
- #
27
- # Policies are defined using a YAML syntax, which is extensively documented on the Conjur
28
- # web site. To load a policy, define it using YAML and then use {API#load_policy}.
29
- #
30
- # @see API#load_policy
31
- class Policy < BaseObject
32
- include ActsAsRolsource
33
- end
34
- end
@@ -1,61 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- module Conjur
22
- # The result of loading a policy. When a policy is loaded, two types of data
23
- # are always provided:
24
- #
25
- # * {#created_roles} the API keys of any new roles which were created
26
- # * {#version} the new version of the policy.
27
- class PolicyLoadResult
28
- def initialize data
29
- @data = data
30
- end
31
-
32
- # @api private
33
- def to_h
34
- @data
35
- end
36
-
37
- # @api private
38
- def to_json options = {}
39
- @data.to_json(options)
40
- end
41
-
42
- # @api private
43
- def to_s
44
- @data.to_s
45
- end
46
-
47
- # API keys for roles which were created when loading the policy.
48
- #
49
- # @return [Hash] Hash keys are the role ids, and hash values are the API keys.
50
- def created_roles
51
- @data['created_roles']
52
- end
53
-
54
- # The new version of the policy. When a policy is updated, a new version is appended
55
- # to that policy. The YAML of previous versions of the policy can be obtained
56
- # by fetching the policy resource using {API#resource}.
57
- def version
58
- @data['version']
59
- end
60
- end
61
- end
@@ -1,12 +0,0 @@
1
- # @api private
2
- module Conjur::QueryString
3
- protected
4
-
5
- def options_querystring options
6
- if options.empty?
7
- ""
8
- else
9
- "?#{options.to_query}"
10
- end
11
- end
12
- end
@@ -1,29 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
-
22
- module Conjur
23
-
24
- # A Conjur custom Resource. This object is used for resources whose `kind` is not
25
- # any of the pre-defined common types such as {Group}, {Host}, {Variable}, etc.
26
- class Resource < BaseObject
27
- include ActsAsResource
28
- end
29
- end
data/lib/conjur/role.rb DELETED
@@ -1,29 +0,0 @@
1
- #
2
- # Copyright 2013-2017 Conjur Inc
3
- #
4
- # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
- # this software and associated documentation files (the "Software"), to deal in
6
- # the Software without restriction, including without limitation the rights to
7
- # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
- # the Software, and to permit persons to whom the Software is furnished to do so,
9
- # subject to the following conditions:
10
- #
11
- # The above copyright notice and this permission notice shall be included in all
12
- # copies or substantial portions of the Software.
13
- #
14
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
- # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
- # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
- # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
- # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
- #
21
- require 'conjur/role_grant'
22
-
23
- module Conjur
24
- # A Conjur custom Role. This object is used for roles whose `kind` is not
25
- # any of the pre-defined common types such as {Group}, {Host}, {Layer}, etc.
26
- class Role < BaseObject
27
- include ActsAsRole
28
- end
29
- end