conjur-api 4.3.0 → 4.4.0

data/lib/conjur-api/version.rb

@@ -20,6 +20,6 @@
 #
 module Conjur
   class API
-    VERSION = "4.3.0"
+    VERSION = "4.4.0"
   end
 end

data/lib/conjur/api.rb

@@ -18,6 +18,7 @@
 # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
+require 'conjur/configuration'
 require 'conjur/env'
 require 'conjur/base'
 require 'conjur/build_from_response'

data/lib/conjur/api/deputies.rb

@@ -0,0 +1,33 @@
+#
+# Copyright (C) 2013 Conjur Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+require 'conjur/deputy'
+
+module Conjur
+  class API
+    def create_deputy options
+      standard_create Conjur::Core::API.host, :deputy, nil, options
+    end
+    
+    def deputy id
+      standard_show Conjur::Core::API.host, :deputy, id
+    end
+  end
+end

data/lib/conjur/api/resources.rb

@@ -34,5 +34,15 @@ module Conjur
       path = [ paths[0], 'resources', paths[1], paths[2..-1].join(':') ].flatten.join('/')
       Resource.new(Conjur::Authz::API.host, credentials)[path]
     end
+
+    # Return all visible resources.
+    # In opts you should pass an account to filter by, and optionally a kind.
+    def resources opts = {}
+      Resource.all({ host: Conjur::Authz::API.host, credentials: credentials }.merge opts).map do |result|
+        resource(result['id']).tap do |r|
+          r.attributes = result
+        end
+      end
+    end
   end
 end

data/lib/conjur/audit-api.rb

@@ -24,16 +24,7 @@ module Conjur
     class API < Conjur::API
       class << self
         def host
-          ENV['CONJUR_AUDIT_URL'] || default_host
-        end
-        
-        def default_host
-          case Conjur.env
-            when 'test', 'development'
-              "http://localhost:#{Conjur.service_base_port + 300}"
-            else 
-              "https://audit-#{Conjur.stack}-conjur.herokuapp.com"
-          end
+          Conjur.configuration.audit_url
         end
       end
     end

data/lib/conjur/authn-api.rb

@@ -23,16 +23,7 @@ module Conjur
     class API < Conjur::API
       class << self
         def host
-          ENV['CONJUR_AUTHN_URL'] || default_host
-        end
-        
-        def default_host
-          case Conjur.env
-          when 'test', 'development'
-            "http://localhost:#{Conjur.service_base_port}"
-          else
-            "https://authn-#{Conjur.account}-conjur.herokuapp.com"
-          end
+          Conjur.configuration.authn_url
         end
       end
     end

data/lib/conjur/authz-api.rb

@@ -23,16 +23,7 @@ module Conjur
     class API < Conjur::API
       class << self
         def host
-          ENV['CONJUR_AUTHZ_URL'] || default_host
-        end
-        
-        def default_host
-          case Conjur.env
-          when 'test', 'development'
-            "http://localhost:#{Conjur.service_base_port + 100}"
-          else
-            "https://authz-#{Conjur.stack}-conjur.herokuapp.com"
-          end
+          Conjur.configuration.authz_url
         end
       end
     end

data/lib/conjur/configuration.rb

@@ -0,0 +1,166 @@
+#
+# Copyright (C) 2013 Conjur Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+module Conjur
+  
+  class << self
+    def configuration
+      @config ||= Configuration.new
+    end
+    
+    def configuration=(config)
+      @config = config
+    end
+  end
+  
+  class Configuration
+    class << self
+      # @api private
+      def accepted_options
+        @options ||= Set.new
+      end
+      
+      # @param [Symbol] name
+      # @param [Hash] options
+      # @option options [Boolean] :boolean (false) whether this option should have a '?' accessor 
+      # @option options [Boolean, String] :env Environment variable for this option.  Set to false
+      #   to disallow environment based configuration.  Default is VM2_OPTION_NAME.
+      # @option options [Proc, *] :default Default value or proc to provide it
+      # @option options [Boolean] :required (false) when true, raise an exception if the option is
+      #   not set
+      # @option options [Boolean] :sticky (true) when false, default proc will be called every time, 
+      #   otherwise the proc's result will be cached
+      # @option options [Proc, #to_proc] :convert proc-ish to convert environment 
+      #   values to appropriate types
+      # @param [Proc] def_proc block to provide default values 
+      # @api private
+      def add_option name, options = {}, &def_proc
+        accepted_options << name
+        allow_env = options[:env].nil? or options[:env]
+        sticky = options.member?(:sticky) ? options[:sticky] : true
+        env_var = options[:env] || "CONJUR_#{name.to_s.upcase}"
+        def_val = options[:default]
+        opt_name = name
+        
+        def_proc ||= if def_val.respond_to?(:call)
+          def_val
+        elsif options[:required]
+          proc { raise "Missing required option #{opt_name}" }
+        else
+          proc { def_val }
+        end
+        
+        convert = options[:convert] || ->(x){ x }
+        # Allow a Symbol, for example
+        convert = convert.to_proc if convert.respond_to?(:to_proc) 
+
+        define_method("#{name}=") do |value|
+          set name, value
+        end
+        
+        define_method(name) do
+          if supplied.member?(name)
+            supplied[name]
+          elsif allow_env && ENV.member?(env_var)
+            instance_exec(ENV[env_var], &convert)
+          else 
+            value = instance_eval(&def_proc)
+            supplied[name] = value if sticky
+            value
+          end
+        end
+        alias_method("#{name}?", name) if options[:boolean]
+      end
+    end
+
+    def set(key, value)
+      if self.class.accepted_options.include?(key.to_sym)
+        supplied[key.to_sym] = value
+      end
+    end
+    
+    add_option :authn_url do
+      account_service_url 'authn', 0
+    end
+    
+    add_option :authz_url do
+      global_service_url  'authz', 100
+    end
+
+    add_option :core_url do
+      account_service_url 'core', 200
+    end    
+    
+    add_option :audit_url do
+      global_service_url  'audit', 300
+    end    
+    
+    add_option :service_url
+    
+    add_option :service_base_port, default: 5000
+
+    add_option :account, required: true
+    
+    add_option :env do
+      ENV['RAILS_ENV'] || ENV['RACK_ENV'] || "production"
+    end
+    
+    add_option :stack do
+      case env
+      when "production"
+        "v4"
+      else
+        env
+      end
+    end
+    
+    private
+
+    def global_service_url(service_name, service_port_offset)
+      if service_url
+        URI.join(service_url, service_name).to_s
+      else
+        case env
+        when 'test', 'development'
+          "http://localhost:#{service_base_port + service_port_offset}"
+        else
+          "https://#{service_name}-#{stack}-conjur.herokuapp.com"
+        end
+      end
+    end
+    
+    def account_service_url(service_name, service_port_offset)
+      if service_url
+        URI.join(service_url, "/#{service_name}/", account).to_s
+      else
+        case env
+        when 'test', 'development'
+          "http://localhost:#{service_base_port + service_port_offset}"
+        else
+          "https://#{service_name}-#{account}-conjur.herokuapp.com"
+        end
+      end
+    end
+    
+    def supplied
+      @supplied ||= {}
+    end
+  end
+end

data/lib/conjur/core-api.rb

@@ -30,6 +30,10 @@ module Conjur
   module Core
     class API < Conjur::API
       class << self
+        def host
+          Conjur.configuration.core_url
+        end
+        
         def conjur_account
           info['account'] or raise "No account field in #{info.inspect}"
         end
@@ -37,24 +41,12 @@ module Conjur
         def info
           @info ||= JSON.parse RestClient::Resource.new(Conjur::Core::API.host)['info'].get
         end
-        
-        def host
-          ENV['CONJUR_CORE_URL'] || default_host
-        end
-        
-        def default_host
-          case Conjur.env
-          when 'test', 'development'
-            "http://localhost:#{Conjur.service_base_port + 200}"
-          else
-            "https://core-#{Conjur.account}-conjur.herokuapp.com"
-          end
-        end
       end
     end
   end
 end
 
+require 'conjur/api/deputies'
 require 'conjur/api/hosts'
 require 'conjur/api/secrets'
 require 'conjur/api/users'

data/lib/conjur/deputy.rb

@@ -0,0 +1,38 @@
+#
+# Copyright (C) 2013 Conjur Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+module Conjur
+  class Deputy < RestClient::Resource
+    include Exists
+    include HasId
+    include HasIdentifier
+    include HasAttributes
+    include ActsAsUser
+    include ActsAsResource
+    
+    def login
+      [ self.class.name.split('::')[-1].downcase, id ].join('/')
+    end
+    
+    def api_key
+      self.attributes['api_key']
+    end
+  end
+end

data/lib/conjur/env.rb

@@ -22,23 +22,18 @@ module Conjur
   extend self
 
   def service_base_port
-    (ENV['CONJUR_SERVICE_BASE_PORT'] || 5000 ).to_i
+    Conjur.configuration.service_base_port
   end
   
   def account
-    ENV['CONJUR_ACCOUNT'] or raise "No CONJUR_ACCOUNT defined"
+    Conjur.configuration.account
   end
   
   def env
-    ENV['CONJUR_ENV'] || ENV['RAILS_ENV'] || ENV['RACK_ENV'] || "development"
+    Conjur.configuration.env
   end
   
   def stack
-    ENV['CONJUR_STACK'] || case env
-    when "production"
-      "v4"
-    else
-      env
-    end
+    Conjur.configuration.stack
   end
 end

data/lib/conjur/host.rb

@@ -19,22 +19,7 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
 module Conjur
-  class Host < RestClient::Resource
-    include Exists
-    include HasId
-    include HasIdentifier
-    include HasAttributes
-    include ActsAsUser
-    include ActsAsResource
-    
-    def login
-      [ 'host', id ].join('/')
-    end
-    
-    def api_key
-      self.attributes['api_key']
-    end
-    
+  class Host < Deputy
     def enrollment_url
       log do |logger|
         logger << "Fetching enrollment_url for #{id}"

data/lib/conjur/resource.rb

@@ -103,7 +103,26 @@ module Conjur
     rescue RestClient::ResourceNotFound
       false
     end
-    
+
+    # Returns all resources (optionally qualified by kind)
+    # visible to the user with given credentials.
+    # Options are:
+    # - host - authz url,
+    # - credentials,
+    # - account,
+    # - kind (optional).
+    def self.all opts = {}
+      host, credentials, account, kind = opts.values_at(*[:host, :credentials, :account, :kind])
+      fail ArgumentError, "host and account are required" unless [host, account].all?
+
+      credentials ||= {}
+
+      path = "#{account}/resources"
+      path += "/#{kind}" if kind
+      resource = RestClient::Resource.new(host, credentials)[path]
+      JSON.parse resource.get
+    end
+
     protected
     
     def eachable(item)

data/spec/api/resources_spec.rb

@@ -16,4 +16,25 @@ describe Conjur::API, api: :dummy do
       res.url.should == "#{authz_host}/some-account/resources/a-kind/the-id"
     end
   end
+
+  describe '.resources' do
+    let(:ids) { %w(acc:kind:foo acc:chunky:bar) }
+    let(:resources) {
+      ids.map do |id|
+        { 'id' => id }
+      end
+    }
+    it "lists all resources" do
+      expect(Conjur::Resource).to receive(:all)
+        .with(host: authz_host, credentials: api.credentials).and_return(resources)
+
+      expect(api.resources.map(&:url)).to eql(ids.map { |id| api.resource(id).url })
+    end
+    it "can filter by kind" do
+      expect(Conjur::Resource).to receive(:all)
+        .with(host: authz_host, credentials: api.credentials, kind: :chunky).and_return(resources)
+
+      expect(api.resources(kind: :chunky).map(&:url)).to eql(ids.map { |id| api.resource(id).url })
+    end
+  end
 end

data/spec/lib/api_spec.rb

@@ -1,33 +1,34 @@
 require 'spec_helper'
 
 shared_examples_for "API endpoint" do
+  before { Conjur.configuration = Conjur::Configuration.new }
   subject { api }
   let(:service_name) { api.name.split('::')[-2].downcase }
   context "in development" do
     before(:each) do
-      Conjur.stub(:env).and_return "development"
+      Conjur::Configuration.any_instance.stub(:env).and_return "development"
     end
-    its "default_host" do
-      should == "http://localhost:#{Conjur.service_base_port + port_offset}"
+    its "host" do
+      should == "http://localhost:#{Conjur.configuration.service_base_port + port_offset}"
     end
   end
   context "'ci' account" do
     before {
-      Conjur.stub(:account).and_return 'ci'
+      Conjur::Configuration.any_instance.stub(:account).and_return 'ci'
     }
     context "in stage" do
       before(:each) do
-        Conjur.stub(:env).and_return "stage"
+        Conjur::Configuration.any_instance.stub(:env).and_return "stage"
       end
-      its "default_host" do
+      its "host" do
         should == "https://#{service_name}-ci-conjur.herokuapp.com"
       end
     end
     context "in ci" do
       before(:each) do
-        Conjur.stub(:env).and_return "ci"
+        Conjur::Configuration.any_instance.stub(:env).and_return "ci"
       end
-      its "default_host" do
+      its "host" do
         should == "https://#{service_name}-ci-conjur.herokuapp.com"
       end
     end
@@ -111,6 +112,7 @@ describe Conjur::API do
   end
 
   context "host construction" do
+    before { Conjur.configuration = Conjur::Configuration.new }
     context "of authn service" do
       let(:port_offset) { 0 }
       let(:api) { Conjur::Authn::API }
@@ -122,15 +124,15 @@ describe Conjur::API do
       subject { api }
       context "'ci' account" do
         before {
-          Conjur.stub(:account).and_return 'ci'
+          Conjur::Configuration.any_instance.stub(:account).and_return 'ci'
         }
         context "in stage" do
           before(:each) do
             # Looks at "ENV['CONJUR_STACK']" first, stub this out
             ENV.stub(:[]).with('CONJUR_STACK').and_return nil
-            Conjur.stub(:env).and_return "stage"
+            Conjur::Configuration.any_instance.stub(:env).and_return "stage"
           end
-          its "default_host" do
+          its "host" do
             should == "https://authz-stage-conjur.herokuapp.com"
           end
         end
@@ -138,36 +140,34 @@ describe Conjur::API do
           before(:each) do
             # Looks at "ENV['CONJUR_STACK']" first, stub this out
             ENV.stub(:[]).with('CONJUR_STACK').and_return nil
-            Conjur.stub(:env).and_return "ci"
+            Conjur::Configuration.any_instance.stub(:env).and_return "ci"
           end
-          its "default_host" do
+          its "host" do
             should == "https://authz-ci-conjur.herokuapp.com"
           end
         end
         context "when ENV['CONJUR_STACK'] is set to 'v12'" do
           before do
-            ENV.stub(:[]).and_call_original
-            ENV.stub(:[]).with('CONJUR_STACK').and_return 'v12'
-            # If the "real" env is used ('test') then the URL is always localhost:<someport>
-            Conjur.stub(:env).and_return "ci"
+            Conjur::Configuration.any_instance.stub(:stack).and_return "v12"
+            Conjur::Configuration.any_instance.stub(:env).and_return "ci"
           end
-          its(:default_host){ should == "https://authz-v12-conjur.herokuapp.com"}
+          its(:host){ should == "https://authz-v12-conjur.herokuapp.com"}
         end
       end
       context "in production" do
         before(:each) do
-          Conjur.stub(:env).and_return "production"
+          Conjur::Configuration.any_instance.stub(:env).and_return "production"
         end
-        its "default_host" do
+        its "host" do
           should == "https://authz-v4-conjur.herokuapp.com"
         end
       end
       context "in named production version" do
         before(:each) do
-          Conjur.stub(:env).and_return "production"
-          Conjur.stub(:stack).and_return "waffle"
+          Conjur::Configuration.any_instance.stub(:env).and_return "production"
+          Conjur::Configuration.any_instance.stub(:stack).and_return "waffle"
         end
-        its "default_host" do
+        its "host" do
           should == "https://authz-waffle-conjur.herokuapp.com"
         end
       end

data/spec/lib/configuration_spec.rb

@@ -0,0 +1,85 @@
+require 'spec_helper'
+
+describe Conjur::Configuration do
+  before {
+    Conjur.configuration = Conjur::Configuration.new
+  }
+  subject { Conjur.configuration }
+  context "CONJUR_ENV unspecified" do
+    before(:all) {
+      ENV.delete('CONJUR_ENV')
+    }
+    after(:all) {
+      ENV['CONJUR_ENV'] = 'test'
+    }
+    context "default env" do
+      its(:env) { should == "production" }
+    end
+    context "default stack" do
+      its(:stack) { should == "v4" }
+    end
+    describe 'authn_url' do
+      before {
+        Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
+      }
+      context "with service_url" do
+        before {
+          Conjur::Configuration.any_instance.stub(:service_url).and_return "http://example.com"
+        }
+        its(:authn_url) { should == "http://example.com/authn/the-account" }
+      end
+      context "without service_url" do
+        its(:authn_url) { should == "https://authn-the-account-conjur.herokuapp.com" }
+      end
+    end
+    describe 'authz_url' do
+      before {
+        Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
+      }
+      context "with service_url" do
+        before {
+          Conjur::Configuration.any_instance.stub(:service_url).and_return "http://example.com"
+        }
+        its(:authz_url) { should == "http://example.com/authz" }
+      end
+      context "without service_url" do
+        its(:authz_url) { should == "https://authz-v4-conjur.herokuapp.com" }
+        context "with specific stack" do
+          before { Conjur::Configuration.any_instance.stub(:stack).and_return "the-stack" }
+          its(:authz_url) { should == "https://authz-the-stack-conjur.herokuapp.com" }
+        end
+      end
+    end
+  end
+  context "CONJUR_ENV = 'test'" do
+    its(:env) { should == "test" }
+    describe 'authn_url' do
+      before {
+        Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
+      }
+      context "with service_url" do
+        before {
+          Conjur::Configuration.any_instance.stub(:service_url).and_return "http://example.com"
+        }
+        its(:authn_url) { should == "http://example.com/authn/the-account" }
+      end
+      context "without service_url" do
+        its(:authn_url) { should == "http://localhost:5000" }
+      end
+    end
+    describe 'authz_url' do
+      before {
+        Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
+      }
+      context "with service_url" do
+        before {
+          Conjur::Configuration.any_instance.stub(:service_url).and_return "http://example.com"
+        }
+        its(:authz_url) { should == "http://example.com/authz" }
+      end
+      context "without service_url" do
+        its(:authz_url) { should == "http://localhost:5100" }
+      end
+    end
+  end
+end

data/spec/lib/deputy_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+describe Conjur::Deputy, api: :dummy do
+  subject { Conjur::Deputy.new 'http://example.com/deputies/my/hostname', nil }
+
+  its(:resource) { should be }
+  its(:login) { should == 'deputy/my/hostname' }
+
+  let(:api_key) { 'theapikey' }
+  before { subject.attributes = { 'api_key' => api_key } }
+  its(:api_key) { should == api_key }
+end

data/spec/lib/host_spec.rb

@@ -6,10 +6,6 @@ describe Conjur::Host, api: :dummy do
   its(:resource) { should be }
   its(:login) { should == 'host/my/hostname' }
 
-  let(:api_key) { 'theapikey' }
-  before { subject.attributes = { 'api_key' => api_key } }
-  its(:api_key) { should == api_key }
-
   it "fetches enrollment_url" do
     stub_request(:head, "http://example.com/hosts/my/hostname/enrollment_url").
          to_return(:status => 200, :headers => {location: 'foo'})

data/spec/lib/resource_spec.rb

@@ -126,4 +126,37 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
       subject.permitted? 'fry'
     end
   end
+
+  describe '.all' do
+    it "calls /account/resources" do
+      RestClient::Request.should_receive(:execute).with(
+        method: :get,
+        url: "http://authz.example.com/the-account/resources",
+        headers: {}
+      ).and_return '["foo", "bar"]'
+
+      expect(Conjur::Resource.all host: authz_host, account: account).to eql(%w(foo bar))
+    end
+
+    it "can filter by kind" do
+      RestClient::Request.should_receive(:execute).with(
+        method: :get,
+        url: "http://authz.example.com/the-account/resources/chunky",
+        headers: {}
+      ).and_return '["foo", "bar"]'
+
+      expect(Conjur::Resource.all host: authz_host, account: account, kind: :chunky)
+        .to eql(%w(foo bar))
+    end
+
+    it "uses the given authz url" do
+      RestClient::Request.should_receive(:execute).with(
+        method: :get,
+        url: "http://otherhost.example.com/the-account/resources",
+        headers: {}
+      ).and_return '["foo", "bar"]'
+
+      Conjur::Resource.all host: 'http://otherhost.example.com', account: account
+    end
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-api
 version: !ruby/object:Gem::Version
-  version: 4.3.0
+  version: 4.4.0
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-11-19 00:00:00.000000000 Z
+date: 2013-12-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -217,6 +217,7 @@ files:
 - lib/conjur/api.rb
 - lib/conjur/api/audit.rb
 - lib/conjur/api/authn.rb
+- lib/conjur/api/deputies.rb
 - lib/conjur/api/groups.rb
 - lib/conjur/api/hosts.rb
 - lib/conjur/api/resources.rb
@@ -229,7 +230,9 @@ files:
 - lib/conjur/authz-api.rb
 - lib/conjur/base.rb
 - lib/conjur/build_from_response.rb
+- lib/conjur/configuration.rb
 - lib/conjur/core-api.rb
+- lib/conjur/deputy.rb
 - lib/conjur/env.rb
 - lib/conjur/escape.rb
 - lib/conjur/exists.rb
@@ -262,6 +265,8 @@ files:
 - spec/lib/asset_spec.rb
 - spec/lib/audit_spec.rb
 - spec/lib/build_from_response_spec.rb
+- spec/lib/configuration_spec.rb
+- spec/lib/deputy_spec.rb
 - spec/lib/exists_spec.rb
 - spec/lib/host_spec.rb
 - spec/lib/log_source_spec.rb
@@ -299,7 +304,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 1370688255515528538
+      hash: 3244723837953791122
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.25
@@ -324,6 +329,8 @@ test_files:
 - spec/lib/asset_spec.rb
 - spec/lib/audit_spec.rb
 - spec/lib/build_from_response_spec.rb
+- spec/lib/configuration_spec.rb
+- spec/lib/deputy_spec.rb
 - spec/lib/exists_spec.rb
 - spec/lib/host_spec.rb
 - spec/lib/log_source_spec.rb