diplomat-scalp42 0.224 → 0.225
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/diplomat.rb +1 -1
- data/lib/diplomat/error.rb +2 -0
- data/lib/diplomat/role.rb +117 -0
- data/lib/diplomat/token.rb +8 -4
- data/lib/diplomat/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3e3bafff3949d88a90c0922884b690bd26072f28f0c7a0b9dcf7ef08d7dcf8f2
|
4
|
+
data.tar.gz: 473a56e9a984c48f86da4298543855bd36b64becfc16a939a3c8931233a1b7b0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 636548a15df7ea64ba57200ba6de5d3bf383670b8d3d72739c30fef934ba69ba5cad2c5dd1e96568c94e332110fc8ff989abda4a7baf9bb2d7f469a057646a0f
|
7
|
+
data.tar.gz: bbd094d873dd10de017b2246d857262b34954bd5e7ea84ffd887b80c7d188b31ec728a8c2cfe72ff1603013dc2c1960af4a49115a499fb46808d7cfdaefc5ffb
|
data/lib/diplomat.rb
CHANGED
@@ -29,7 +29,7 @@ module Diplomat
|
|
29
29
|
require_libs 'configuration', 'rest_client', 'kv', 'datacenter', 'service',
|
30
30
|
'members', 'node', 'nodes', 'check', 'health', 'session', 'lock',
|
31
31
|
'error', 'event', 'acl', 'maintenance', 'query', 'agent', 'status',
|
32
|
-
'policy', 'token'
|
32
|
+
'policy', 'token', 'role'
|
33
33
|
self.configuration ||= Diplomat::Configuration.new
|
34
34
|
|
35
35
|
class << self
|
data/lib/diplomat/error.rb
CHANGED
@@ -0,0 +1,117 @@
|
|
1
|
+
module Diplomat
|
2
|
+
# Methods for interacting with the Consul ACL Role API endpoint
|
3
|
+
class Role < Diplomat::RestClient
|
4
|
+
@access_methods = %i[list read create delete update]
|
5
|
+
attr_reader :id, :type, :acl
|
6
|
+
|
7
|
+
# Read ACL role with the given UUID or name
|
8
|
+
# @param id [String] UUID or name of the ACL role to read
|
9
|
+
# @param options [Hash] options parameter hash
|
10
|
+
# @return [Hash] existing ACL role
|
11
|
+
# rubocop:disable PerceivedComplexity
|
12
|
+
def read(id, options = {}, not_found = :reject, found = :return)
|
13
|
+
endpoint = if id =~ /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i
|
14
|
+
"/v1/acl/role/#{id}"
|
15
|
+
else
|
16
|
+
"/v1/acl/role/name/#{id}"
|
17
|
+
end
|
18
|
+
@options = options
|
19
|
+
custom_params = []
|
20
|
+
custom_params << use_consistency(options)
|
21
|
+
|
22
|
+
@raw = send_get_request(@conn_no_err, [endpoint], options, custom_params)
|
23
|
+
|
24
|
+
if @raw.status == 200 && @raw.body.chomp != 'null'
|
25
|
+
case found
|
26
|
+
when :reject
|
27
|
+
raise Diplomat::RoleNotFound, id
|
28
|
+
when :return
|
29
|
+
return parse_body
|
30
|
+
end
|
31
|
+
elsif @raw.status == 404
|
32
|
+
case not_found
|
33
|
+
when :reject
|
34
|
+
raise Diplomat::RoleNotFound, id
|
35
|
+
when :return
|
36
|
+
return nil
|
37
|
+
end
|
38
|
+
elsif @raw.status == 403
|
39
|
+
case not_found
|
40
|
+
when :reject
|
41
|
+
raise Diplomat::AclNotFound, id
|
42
|
+
when :return
|
43
|
+
return nil
|
44
|
+
end
|
45
|
+
else
|
46
|
+
raise Diplomat::UnknownStatus, "status #{@raw.status}: #{@raw.body}"
|
47
|
+
end
|
48
|
+
end
|
49
|
+
# rubocop:enable PerceivedComplexity
|
50
|
+
|
51
|
+
# List all the ACL roles
|
52
|
+
# @param options [Hash] options parameter hash
|
53
|
+
# @return [List] list of [Hash] of ACL roles
|
54
|
+
def list(options = {})
|
55
|
+
@raw = send_get_request(@conn_no_err, ['/v1/acl/roles'], options)
|
56
|
+
raise Diplomat::AclNotFound if @raw.status == 403
|
57
|
+
|
58
|
+
parse_body
|
59
|
+
end
|
60
|
+
|
61
|
+
# Update an existing ACL role
|
62
|
+
# @param value [Hash] ACL role definition, ID and Name fields are mandatory
|
63
|
+
# @param options [Hash] options parameter hash
|
64
|
+
# @return [Hash] result ACL role
|
65
|
+
def update(value, options = {})
|
66
|
+
id = value[:ID] || value['ID']
|
67
|
+
raise Diplomat::IdParameterRequired if id.nil?
|
68
|
+
|
69
|
+
role_name = value[:Name] || value['Name']
|
70
|
+
raise Diplomat::NameParameterRequired if role_name.nil?
|
71
|
+
|
72
|
+
custom_params = use_cas(@options)
|
73
|
+
@raw = send_put_request(@conn, ["/v1/acl/role/#{id}"], options, value, custom_params)
|
74
|
+
if @raw.status == 200
|
75
|
+
parse_body
|
76
|
+
elsif @raw.status == 400
|
77
|
+
raise Diplomat::RoleMalformed, @raw.body
|
78
|
+
else
|
79
|
+
raise Diplomat::UnknownStatus, "status #{@raw.status}: #{@raw.body}"
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
# Create a new ACL role
|
84
|
+
# @param value [Hash] ACL role definition, Name field is mandatory
|
85
|
+
# @param options [Hash] options parameter hash
|
86
|
+
# @return [Hash] new ACL role
|
87
|
+
def create(value, options = {})
|
88
|
+
blacklist = ['ID', 'iD', 'Id', :ID, :iD, :Id] & value.keys
|
89
|
+
raise Diplomat::RoleMalformed, 'ID should not be specified' unless blacklist.empty?
|
90
|
+
|
91
|
+
id = value[:Name] || value['Name']
|
92
|
+
raise Diplomat::NameParameterRequired if id.nil?
|
93
|
+
|
94
|
+
custom_params = use_cas(@options)
|
95
|
+
@raw = send_put_request(@conn, ['/v1/acl/role'], options, value, custom_params)
|
96
|
+
|
97
|
+
# rubocop:disable GuardClause
|
98
|
+
if @raw.status == 200
|
99
|
+
return parse_body
|
100
|
+
elsif @raw.status == 500 && @raw.body.chomp.include?('already exists')
|
101
|
+
raise Diplomat::RoleAlreadyExists, @raw.body
|
102
|
+
else
|
103
|
+
raise Diplomat::UnknownStatus, "status #{@raw.status}: #{@raw.body}"
|
104
|
+
end
|
105
|
+
end
|
106
|
+
# rubocop:enable GuardClause
|
107
|
+
|
108
|
+
# Delete an ACL role by its UUID
|
109
|
+
# @param id [String] UUID of the ACL role to delete
|
110
|
+
# @param options [Hash] options parameter hash
|
111
|
+
# @return [Bool]
|
112
|
+
def delete(id, options = {})
|
113
|
+
@raw = send_delete_request(@conn, ["/v1/acl/role/#{id}"], options, nil)
|
114
|
+
@raw.body.chomp == 'true'
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end
|
data/lib/diplomat/token.rb
CHANGED
@@ -38,11 +38,15 @@ module Diplomat
|
|
38
38
|
|
39
39
|
# List all the ACL tokens
|
40
40
|
# @param policy [String] filters the token list matching the specific policy ID
|
41
|
+
# @param role [String] filters the token list matching the specific role ID
|
42
|
+
# @param authmethod [String] the token list matching the specific named auth method
|
41
43
|
# @param options [Hash] options parameter hash
|
42
44
|
# @return [List] list of [Hash] of ACL tokens
|
43
|
-
def list(policy = nil, options = {})
|
45
|
+
def list(policy = nil, role = nil, authmethod = nil, options = {})
|
44
46
|
custom_params = []
|
45
47
|
custom_params << use_named_parameter('policy', policy) if policy
|
48
|
+
custom_params << use_named_parameter('role', policy) if role
|
49
|
+
custom_params << use_named_parameter('authmethod', policy) if authmethod
|
46
50
|
@raw = send_get_request(@conn_no_err, ['/v1/acl/tokens'], options, custom_params)
|
47
51
|
raise Diplomat::AclNotFound if @raw.status == 403
|
48
52
|
|
@@ -75,9 +79,6 @@ module Diplomat
|
|
75
79
|
# @param options [Hash] options parameter hash
|
76
80
|
# @return [Hash] new ACL token
|
77
81
|
def create(value, options = {})
|
78
|
-
id = value[:AccessorID] || value['AccessorID']
|
79
|
-
raise Diplomat::TokenMalformed if id
|
80
|
-
|
81
82
|
custom_params = use_cas(@options)
|
82
83
|
@raw = send_put_request(@conn, ['/v1/acl/token'], options, value, custom_params)
|
83
84
|
return parse_body if @raw.status == 200
|
@@ -90,6 +91,9 @@ module Diplomat
|
|
90
91
|
# @param options [Hash] options parameter hash
|
91
92
|
# @return [Bool]
|
92
93
|
def delete(id, options = {})
|
94
|
+
anonymous_token = '00000000-0000-0000-0000-000000000002'
|
95
|
+
raise Diplomat::NotPermitted, "status #{@raw.status}: #{@raw.body}" if id == anonymous_token
|
96
|
+
|
93
97
|
@raw = send_delete_request(@conn, ["/v1/acl/token/#{id}"], options, nil)
|
94
98
|
@raw.body.chomp == 'true'
|
95
99
|
end
|
data/lib/diplomat/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: diplomat-scalp42
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: '0.
|
4
|
+
version: '0.225'
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- John Hamelink
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2019-05-
|
12
|
+
date: 2019-05-09 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -236,6 +236,7 @@ files:
|
|
236
236
|
- lib/diplomat/policy.rb
|
237
237
|
- lib/diplomat/query.rb
|
238
238
|
- lib/diplomat/rest_client.rb
|
239
|
+
- lib/diplomat/role.rb
|
239
240
|
- lib/diplomat/service.rb
|
240
241
|
- lib/diplomat/session.rb
|
241
242
|
- lib/diplomat/status.rb
|