conjur-cli 2.1.3 → 2.1.4

data/.gitignore

@@ -16,3 +16,5 @@ spec/reports
 test/tmp
 test/version_tmp
 tmp
+.kateproject.d
+.idea

data/.kateproject

@@ -0,0 +1,5 @@
+{
+  "name": "Conjur CLI"
+, "files": [ { "git": 1 } ]
+}
+

data/conjur.gemspec

@@ -5,7 +5,7 @@ Gem::Specification.new do |gem|
   gem.authors       = ["Rafa\305\202 Rzepecki", "Kevin Gilpin"]
   gem.email         = ["divided.mind@gmail.com", "kevin.gilpin@inscitiv.com",]
   gem.summary       = %q{Conjur command line interface}
-  gem.homepage      = ""
+  gem.homepage      = "https://github.com/inscitiv/cli-ruby"
 
   gem.files         = `git ls-files`.split($\) + Dir['build_number']
   gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }

data/lib/conjur/authn.rb

@@ -43,8 +43,11 @@ module Conjur::Authn
     
     def ask_for_credentials(options = {})
       raise "No credentials provided or found" if options[:noask]
-      
-      hl = HighLine.new
+
+      # also use stderr here, because we might be prompting for a password as part
+      # of a command like user:create that we'd want to send to a file.
+      hl = HighLine.new $stdin, $stderr
+
       user = options[:username] || hl.ask("Enter your username to log into Conjur: ")
       pass = options[:password] || hl.ask("Please enter your password (it will not be echoed): "){ |q| q.echo = false }
       api_key = if cas_server = options[:"cas-server"]

data/lib/conjur/cli.rb

@@ -1,5 +1,6 @@
 require 'gli'
 require 'conjur/config'
+require 'conjur/log'
 
 module Conjur
   class CLI
@@ -9,7 +10,9 @@ module Conjur
       def load_config
         [ File.join("/etc", "conjur.conf"), ( ENV['CONJURRC'] || File.join(ENV['HOME'], ".conjurrc") ) ].each do |f|
           if File.exists?(f)
-            $stderr.puts "Loading #{f}"
+            if Conjur.log
+              Conjur.log << "Loading #{f}\n"
+            end
             Conjur::Config.merge YAML.load(IO.read(f))
           end
         end
@@ -21,7 +24,7 @@ module Conjur
     ENV['CONJUR_ENV'] = Config[:env] || "production"
     ENV['CONJUR_STACK'] = Config[:stack] if Config[:stack]
     ENV['CONJUR_STACK'] ||= 'v3' if ENV['CONJUR_ENV'] == 'production'
-    ENV['CONJUR_ACCOUNT'] = Config[:account] or raise "Missing configuration setting: account"
+    ENV['CONJUR_ACCOUNT'] = Config[:account] or raise "Missing configuration setting: account. Please set it in ~/.conjurrc"
     
     Conjur::Config.plugins.each do |plugin|
       require "conjur-asset-#{plugin}"
@@ -29,8 +32,10 @@ module Conjur
     
     commands_from 'conjur/command'
 
-    $stderr.puts "Using host #{Conjur::Authn::API.host}"
-    
+    if Conjur.log
+      Conjur.log << "Using host #{Conjur::Authn::API.host}\n"
+    end
+
     pre do |global,command,options,args|
       require 'active_support/core_ext'
       options.delete_if{|k,v| v.blank?}

data/lib/conjur/command/assets.rb

@@ -10,7 +10,7 @@ class Conjur::Command::Assets < Conjur::Command
     acting_as_option(c)
     
     c.action do |global_options, options, args|
-      kind = require_arg(args, 'kind')
+      kind = require_arg(args, 'kind').gsub('-', '_')
       
       m = "create_#{kind}"
       record = if api.method(m).arity == 1
@@ -31,7 +31,7 @@ class Conjur::Command::Assets < Conjur::Command
   arg_name "kind id"
   command :show do |c|
     c.action do |global_options,options,args|
-      kind = require_arg(args, "kind")
+      kind = require_arg(args, "kind").gsub('-', '_')
       id = require_arg(args, "resource-id")
       display api.send(kind, id).attributes
     end
@@ -41,7 +41,7 @@ class Conjur::Command::Assets < Conjur::Command
   arg_name "kind id"
   command :exists do |c|
     c.action do |global_options,options,args|
-      kind = require_arg(args, "kind")
+      kind = require_arg(args, "kind").gsub('-', '_')
       id = require_arg(args, "id")
       puts api.send(kind, id).exists?
     end
@@ -51,7 +51,7 @@ class Conjur::Command::Assets < Conjur::Command
   arg_name "kind"
   command :list do |c|
     c.action do |global_options,options,args|
-      kind = require_arg(args, "kind")
+      kind = require_arg(args, "kind").gsub('-', '_')
       api.send(kind.pluralize).each do |e|
         display(e, options)
       end

data/lib/conjur/command/authn.rb

@@ -35,4 +35,15 @@ DESC
       Conjur::Authn.delete_credentials
     end
   end
+
+  desc "Prints out the current logged in username"
+  command :whoami do |c|
+    c.action do
+      if creds = Conjur::Authn.read_credentials
+        puts creds[0]
+      else
+        exit_now! 'Not logged in.', -1
+      end
+    end
+  end
 end

data/lib/conjur/command/field.rb

@@ -0,0 +1,25 @@
+require 'conjur/command'
+
+class Conjur::Command::Field < Conjur::Command
+  self.prefix = :field
+  
+  desc "Selects a field from structured input"
+  arg_name "pattern (value | STDIN)"
+  command :select do |c|
+    c.action do |global_options,options,args|
+      pattern = require_arg(args, 'pattern')
+      value = args.shift || STDIN.read
+      
+      require 'json'
+      json = JSON.parse(value)
+      class << json
+        def get_binding
+          record = self
+          
+          binding
+        end
+      end
+      puts json.get_binding.eval(pattern)
+    end
+  end
+end

data/lib/conjur/command/groups.rb

@@ -29,6 +29,22 @@ class Conjur::Command::Groups < Conjur::Command
       
       group = api.group(group)
       api.role(group.roleid).grant_to member, !!options[:admin]
+
+      puts "Membership granted"
+    end
+  end
+
+  desc "Remove a group member"
+  arg_name "group member"
+  command :"members:remove" do |c|
+    c.action do |global_options,options,args|
+      group = require_arg(args, 'group')
+      member = require_arg(args, 'member')
+      
+      group = api.group(group)
+      api.role(group.roleid).revoke_from member
+      
+      puts "Membership revoked"
     end
   end
 end

data/lib/conjur/command/users.rb

@@ -17,7 +17,11 @@ class Conjur::Command::Users < Conjur::Command
       
       opts = options.slice(:ownerid)
       if options[:p]
-        hl = HighLine.new
+
+        # use stderr to allow output redirection, e.g.
+        # conjur user:create -p username > user.json
+        hl = HighLine.new($stdin, $stderr)
+
         password = hl.ask("Enter the password (it will not be echoed): "){ |q| q.echo = false }
         confirmation = hl.ask("Confirm the password: "){ |q| q.echo = false }
         

data/lib/conjur/command/variables.rb

@@ -48,7 +48,7 @@ class Conjur::Command::Variables < Conjur::Command
     
     c.action do |global_options,options,args|
       id = require_arg(args, 'variable')
-      puts api.variable(id).value(options[:version])
+      $stdout.write api.variable(id).value(options[:version])
     end
   end
 end

data/lib/conjur/version.rb

@@ -1,3 +1,3 @@
 module Conjur
-  VERSION = "2.1.3"
+  VERSION = "2.1.4"
 end

data/spec/command/authn_spec.rb

@@ -1,15 +1,40 @@
 require 'spec_helper'
 require 'tempfile'
+require 'write_expectation'
 
 describe Conjur::Command::Authn do
   let(:netrcfile) { Tempfile.new 'authtest' }
+  let(:netrc) { Netrc.read(netrcfile.path) }
+  let(:host) { 'https://authn.example.com' }
+
   before do
-    Conjur::Auth.stub netrc: Netrc.read(netrcfile.path)
+    Conjur::Authn.stub netrc: netrc, host: host
+  end
+
+  context "when not logged in" do
+    describe_command 'authn:whoami' do
+      it "errors out" do
+        expect{ invoke }.to write(/not logged in/i).to :stderr
+      end
+    end
   end
-  describe_command 'auth:logout' do
-    it "deletes credentials" do
-      Conjur::Auth.should_receive :delete_credentials
-      invoke
+
+  context "when logged in" do
+    let(:username) { 'dknuth' }
+    let(:api_key) { 'sekrit' }
+    before { netrc[host] = [username, api_key] }
+
+    describe_command 'authn:logout' do
+      it "deletes credentials" do
+        invoke
+        netrc[host].should_not be
+      end
+    end
+
+    describe_command 'authn:whoami' do
+      it "prints the current username to stdout" do
+        expect { invoke }.to write username
+      end
     end
   end
 end

data/spec/spec_helper.rb

@@ -5,9 +5,12 @@ require "simplecov"
 SimpleCov.start
 
 module RSpec::Core::DSL
-  def describe_command name, *a, &block
-    describe name, *a do
-      let(:invoke) { Conjur::Cli.run [name] }
+  def describe_command *argv, &block
+    describe *argv do
+      let(:invoke) do
+        Conjur::CLI.error_device = $stderr
+        Conjur::CLI.run argv 
+      end
       instance_eval &block
     end
   end

data/spec/write_expectation.rb

@@ -0,0 +1,74 @@
+# from https://gist.github.com/elgalu/5073871
+require 'rspec'
+require 'stringio'
+
+# Custom matcher to test text written to standard output and standard error
+#
+# @example
+#   expect { $stderr.puts "Some random error" }.to write(/Some.* error/).to(:stderr)
+#
+# @example
+#   expect { $stderr.puts "Some specific error" }.to write('Some specific error').to(:stderr)
+#
+# @note http://greyblake.com/blog/2012/12/14/custom-expectations-with-rspec/
+RSpec::Matchers.define :write do |message|
+  chain(:to) do |io|
+    @io = io
+  end
+
+  match do |block|
+    output =
+      case io
+      when :stdout then fake_stdout(&block)
+      when :stderr  then fake_stderr(&block)
+      else fail("Allowed values for `to` are :stdout and :stderr, got `#{io.inspect}`")
+      end
+
+    case message
+    when String then output.include? message
+    when Regexp then output.match message
+    else fail("Allowed types for write `message` are String or Regexp, got `#{message.class}`")
+    end
+  end
+
+  description do
+    %Q[write #{message.inspect} to #{@io}]
+  end
+
+  def failure_message(to = 'to')
+    %Q[expected #{to} #{description} but got #{@buffer.inspect}]
+  end
+
+  failure_message_for_should do
+    failure_message 'to'
+  end
+
+  failure_message_for_should_not do
+    failure_message 'not to'
+  end
+
+  # Fake STDERR and return a string written to it.
+  def fake_stderr
+    original_stderr = $stderr
+    $stderr = StringIO.new
+    yield
+    @buffer = $stderr.string
+  ensure
+    $stderr = original_stderr
+  end
+
+  # Fake STDOUT and return a string written to it.
+  def fake_stdout
+    original_stdout = $stdout
+    $stdout = StringIO.new
+    yield
+    @buffer = $stdout.string
+  ensure
+    $stdout = original_stdout
+  end
+
+  # default IO is standard output
+  def io
+    @io ||= :stdout
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-cli
 version: !ruby/object:Gem::Version
-  version: 2.1.3
+  version: 2.1.4
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-30 00:00:00.000000000 Z
+date: 2013-05-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: conjur-api
@@ -134,6 +134,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - .gitignore
+- .kateproject
 - .project
 - .rvmrc
 - Gemfile
@@ -148,6 +149,7 @@ files:
 - lib/conjur/command.rb
 - lib/conjur/command/assets.rb
 - lib/conjur/command/authn.rb
+- lib/conjur/command/field.rb
 - lib/conjur/command/groups.rb
 - lib/conjur/command/hosts.rb
 - lib/conjur/command/permissions.rb
@@ -160,7 +162,8 @@ files:
 - lib/conjur/version.rb
 - spec/command/authn_spec.rb
 - spec/spec_helper.rb
-homepage: ''
+- spec/write_expectation.rb
+homepage: https://github.com/inscitiv/cli-ruby
 licenses: []
 post_install_message: 
 rdoc_options: []
@@ -187,3 +190,4 @@ summary: Conjur command line interface
 test_files:
 - spec/command/authn_spec.rb
 - spec/spec_helper.rb
+- spec/write_expectation.rb