diplomat-scalp42 0.224 → 0.225

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4af72b023e01a90621ae2e0283e129497551bbc7b8d48c0dee9e70e21c36be80
-  data.tar.gz: 76f9c34ae8858d8a5c6b220748b1bf9771dd8a7fdb8b3c324aa5773af4465c00
+  metadata.gz: 3e3bafff3949d88a90c0922884b690bd26072f28f0c7a0b9dcf7ef08d7dcf8f2
+  data.tar.gz: 473a56e9a984c48f86da4298543855bd36b64becfc16a939a3c8931233a1b7b0
 SHA512:
-  metadata.gz: 581e42f80580429fd6c1bd792937bf219ef88bf0a23d6ad86af96f2e776797697c290a22ea6fa374ccb02a62e8e88d4b851d84dcb5aacc97ff7a60c13e00fc04
-  data.tar.gz: c6033ae90a86d589bcbdea9e1ee30ee74af3bcafb984b08cf48a414486018ca6f86bb335c368ad8ad80484d1370fc8e221dbb0e42703514333042268be35d8c1
+  metadata.gz: 636548a15df7ea64ba57200ba6de5d3bf383670b8d3d72739c30fef934ba69ba5cad2c5dd1e96568c94e332110fc8ff989abda4a7baf9bb2d7f469a057646a0f
+  data.tar.gz: bbd094d873dd10de017b2246d857262b34954bd5e7ea84ffd887b80c7d188b31ec728a8c2cfe72ff1603013dc2c1960af4a49115a499fb46808d7cfdaefc5ffb

data/lib/diplomat.rb

@@ -29,7 +29,7 @@ module Diplomat
   require_libs 'configuration', 'rest_client', 'kv', 'datacenter', 'service',
                'members', 'node', 'nodes', 'check', 'health', 'session', 'lock',
                'error', 'event', 'acl', 'maintenance', 'query', 'agent', 'status',
-               'policy', 'token'
+               'policy', 'token', 'role'
   self.configuration ||= Diplomat::Configuration.new
 
   class << self

data/lib/diplomat/error.rb

@@ -19,4 +19,6 @@ module Diplomat
   class AccessorIdParameterRequired < StandardError; end
   class TokenMalformed < StandardError; end
   class PolicyAlreadyExists < StandardError; end
+  class RoleMalformed < StandardError; end
+  class RoleNotFound < StandardError; end
 end

data/lib/diplomat/role.rb

@@ -0,0 +1,117 @@
+module Diplomat
+  # Methods for interacting with the Consul ACL Role API endpoint
+  class Role < Diplomat::RestClient
+    @access_methods = %i[list read create delete update]
+    attr_reader :id, :type, :acl
+
+    # Read ACL role with the given UUID or name
+    # @param id [String] UUID or name of the ACL role to read
+    # @param options [Hash] options parameter hash
+    # @return [Hash] existing ACL role
+    # rubocop:disable PerceivedComplexity
+    def read(id, options = {}, not_found = :reject, found = :return)
+      endpoint = if id =~ /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i
+                   "/v1/acl/role/#{id}"
+                 else
+                   "/v1/acl/role/name/#{id}"
+                 end
+      @options = options
+      custom_params = []
+      custom_params << use_consistency(options)
+
+      @raw = send_get_request(@conn_no_err, [endpoint], options, custom_params)
+
+      if @raw.status == 200 && @raw.body.chomp != 'null'
+        case found
+        when :reject
+          raise Diplomat::RoleNotFound, id
+        when :return
+          return parse_body
+        end
+      elsif @raw.status == 404
+        case not_found
+        when :reject
+          raise Diplomat::RoleNotFound, id
+        when :return
+          return nil
+        end
+      elsif @raw.status == 403
+        case not_found
+        when :reject
+          raise Diplomat::AclNotFound, id
+        when :return
+          return nil
+        end
+      else
+        raise Diplomat::UnknownStatus, "status #{@raw.status}: #{@raw.body}"
+      end
+    end
+    # rubocop:enable PerceivedComplexity
+
+    # List all the ACL roles
+    # @param options [Hash] options parameter hash
+    # @return [List] list of [Hash] of ACL roles
+    def list(options = {})
+      @raw = send_get_request(@conn_no_err, ['/v1/acl/roles'], options)
+      raise Diplomat::AclNotFound if @raw.status == 403
+
+      parse_body
+    end
+
+    # Update an existing ACL role
+    # @param value [Hash] ACL role definition, ID and Name fields are mandatory
+    # @param options [Hash] options parameter hash
+    # @return [Hash] result ACL role
+    def update(value, options = {})
+      id = value[:ID] || value['ID']
+      raise Diplomat::IdParameterRequired if id.nil?
+
+      role_name = value[:Name] || value['Name']
+      raise Diplomat::NameParameterRequired if role_name.nil?
+
+      custom_params = use_cas(@options)
+      @raw = send_put_request(@conn, ["/v1/acl/role/#{id}"], options, value, custom_params)
+      if @raw.status == 200
+        parse_body
+      elsif @raw.status == 400
+        raise Diplomat::RoleMalformed, @raw.body
+      else
+        raise Diplomat::UnknownStatus, "status #{@raw.status}: #{@raw.body}"
+      end
+    end
+
+    # Create a new ACL role
+    # @param value [Hash] ACL role definition, Name field is mandatory
+    # @param options [Hash] options parameter hash
+    # @return [Hash] new ACL role
+    def create(value, options = {})
+      blacklist = ['ID', 'iD', 'Id', :ID, :iD, :Id] & value.keys
+      raise Diplomat::RoleMalformed, 'ID should not be specified' unless blacklist.empty?
+
+      id = value[:Name] || value['Name']
+      raise Diplomat::NameParameterRequired if id.nil?
+
+      custom_params = use_cas(@options)
+      @raw = send_put_request(@conn, ['/v1/acl/role'], options, value, custom_params)
+
+      # rubocop:disable GuardClause
+      if @raw.status == 200
+        return parse_body
+      elsif @raw.status == 500 && @raw.body.chomp.include?('already exists')
+        raise Diplomat::RoleAlreadyExists, @raw.body
+      else
+        raise Diplomat::UnknownStatus, "status #{@raw.status}: #{@raw.body}"
+      end
+    end
+    # rubocop:enable GuardClause
+
+    # Delete an ACL role by its UUID
+    # @param id [String] UUID of the ACL role to delete
+    # @param options [Hash] options parameter hash
+    # @return [Bool]
+    def delete(id, options = {})
+      @raw = send_delete_request(@conn, ["/v1/acl/role/#{id}"], options, nil)
+      @raw.body.chomp == 'true'
+    end
+  end
+end

data/lib/diplomat/token.rb

@@ -38,11 +38,15 @@ module Diplomat
 
     # List all the ACL tokens
     # @param policy [String] filters the token list matching the specific policy ID
+    # @param role [String] filters the token list matching the specific role ID
+    # @param authmethod [String] the token list matching the specific named auth method
     # @param options [Hash] options parameter hash
     # @return [List] list of [Hash] of ACL tokens
-    def list(policy = nil, options = {})
+    def list(policy = nil, role = nil, authmethod = nil, options = {})
       custom_params = []
       custom_params << use_named_parameter('policy', policy) if policy
+      custom_params << use_named_parameter('role', policy) if role
+      custom_params << use_named_parameter('authmethod', policy) if authmethod
       @raw = send_get_request(@conn_no_err, ['/v1/acl/tokens'], options, custom_params)
       raise Diplomat::AclNotFound if @raw.status == 403
 
@@ -75,9 +79,6 @@ module Diplomat
     # @param options [Hash] options parameter hash
     # @return [Hash] new ACL token
     def create(value, options = {})
-      id = value[:AccessorID] || value['AccessorID']
-      raise Diplomat::TokenMalformed if id
-
       custom_params = use_cas(@options)
       @raw = send_put_request(@conn, ['/v1/acl/token'], options, value, custom_params)
       return parse_body if @raw.status == 200
@@ -90,6 +91,9 @@ module Diplomat
     # @param options [Hash] options parameter hash
     # @return [Bool]
     def delete(id, options = {})
+      anonymous_token = '00000000-0000-0000-0000-000000000002'
+      raise Diplomat::NotPermitted, "status #{@raw.status}: #{@raw.body}" if id == anonymous_token
+
       @raw = send_delete_request(@conn, ["/v1/acl/token/#{id}"], options, nil)
       @raw.body.chomp == 'true'
     end

data/lib/diplomat/version.rb

@@ -1,3 +1,3 @@
 module Diplomat
-  VERSION = '0.224'.freeze
+  VERSION = '0.225'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: diplomat-scalp42
 version: !ruby/object:Gem::Version
-  version: '0.224'
+  version: '0.225'
 platform: ruby
 authors:
 - John Hamelink
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-02 00:00:00.000000000 Z
+date: 2019-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -236,6 +236,7 @@ files:
 - lib/diplomat/policy.rb
 - lib/diplomat/query.rb
 - lib/diplomat/rest_client.rb
+- lib/diplomat/role.rb
 - lib/diplomat/service.rb
 - lib/diplomat/session.rb
 - lib/diplomat/status.rb