RubyGems - hackerone-client - Versions diffs - 0.9.1 → 0.10.0 - Mend

hackerone-client 0.9.1 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +7 -0
data/README.md +2 -1
data/fixtures/vcr_cassettes/dup.yml +197 -0
data/fixtures/vcr_cassettes/user_find_fransrosen.yml +93 -0
data/lib/hackerone/client/report.rb +3 -2
data/lib/hackerone/client/resource_helper.rb +4 -0
data/lib/hackerone/client/user.rb +8 -1
data/lib/hackerone/client/version.rb +1 -1
metadata +5 -3

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 99df14a3f06a97423f8ad23a232d854d25d14fe8
-  data.tar.gz: 72fea7788fd9f63ed6d5dd8f312eaa879d6d6b58
+  metadata.gz: 2b91319e3ef79be0342824f987e798e449db5fdf
+  data.tar.gz: 2fd154ea2ebe5e91e44037339a57364c94e70ea1
 SHA512:
-  metadata.gz: 3ab82cb959541eef3c4bf6904f42cedbfa8ca95370649d629edb9be63fcdd4a10b7865cab0df4c4c2ee8ca38ffb195b2311eb235d4767456f9f9301c4ae45741
-  data.tar.gz: 5220a780f3c96f351411b9ac541c78f8ee81bc98529ca9862c553f06305ba15de6723b515f48d13ef563bbdd43ae657675bf770512e64f309ad9347c485c5f6b
+  metadata.gz: a39f851dc4e54f092ef860166624adeaece7f56d2a8e8902d7d05c91194bf5a35c89dcd145e6134bf34f8d9aaea51bd42514482bdd50062ccf4793a514f93bd5
+  data.tar.gz: 8a7afdf9d0b4b4dcc242647014ae0ddad0b7055011b9e8bcd686a11db9457cecbe8df8644c8a198489782e801dd269645472a2e5493a11c3609c3795e1f59bd3

data/CHANGELOG.md CHANGED

@@ -1,3 +1,10 @@
+## [0.10.0] - 2017-11-03
+Oh no! I hate versions where one number is >= 10! We should figure out what's missing for a solid 1.0 release.
+- `HackerOne::Client::User.find(user_id)` returns an instance of `User` (@esjee)
+- Add "original report ID" field when marking things as duplicate. This invites the reporter to the original issue.
 ## [0.9.1] - 2017-10-24
 - Misc: loosen version restrictions on activesupport

data/README.md CHANGED

@@ -20,7 +20,8 @@ report.add_comment(message, internal: false) # internal is true by default
 # POST '/report/{id}/state_change change the state of a report
 # `state` can be one of  new, triaged, needs-more-info, resolved, not-applicable, informative, duplicate, spam
-report.state_change(state)
+# when marking as duplicate, you can supply the original report ID
+report.state_change(:duplicate, "Your issue has been marked as X", original_report_id: 12345)
 # POST '/report/{id}/add_report_reference add a "reference" e.g. internal issue number
 report.add_report_reference(reference)

data/fixtures/vcr_cassettes/dup.yml ADDED

@@ -0,0 +1,197 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.hackerone.com/v1/reports/200
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Authorization:
+      - Basic Nope
+      User-Agent:
+      - Faraday v0.11.0
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Tue, 24 Oct 2017 22:53:40 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Set-Cookie:
+      - __cfduid=; expires=Wed, 24-Oct-18
+        22:53:39 GMT; path=/; Domain=api.hackerone.com; HttpOnly; Secure
+      X-Request-Id:
+      - 4db0ef19-2256-4ace-b3c8-06abf32f6f0f
+      Etag:
+      - W/"48d77e13622d03735f1a72ea94e8838a"
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+      Strict-Transport-Security:
+      - max-age=31536000; includeSubDomains; preload
+      Content-Security-Policy:
+      - 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
+        www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
+        font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
+        ''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
+        profile-photos.hackerone-user-content.com hackerone-attachments.s3.amazonaws.com;
+        media-src ''self'' hackerone-attachments.s3.amazonaws.com; script-src ''self''
+        www.google-analytics.com; style-src ''self'' ''unsafe-inline''; report-uri
+        https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
+      Referrer-Policy:
+      - strict-origin-when-cross-origin
+      X-Content-Type-Options:
+      - nosniff
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - DENY
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Xss-Protection:
+      - 1; mode=block
+      Public-Key-Pins-Report-Only:
+      - pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";
+        pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=";
+        pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="bIlWcjiKq1mftH/xd7Hw1JO77Cr+Gv+XYcGUQWwO+A4=";
+        pin-sha256="tXD+dGAP8rGY4PW1be90cOYEwg7pZ4G+yPZmIZWPTSg="; max-age=600; includeSubDomains;
+        report-uri="https://hackerone.report-uri.io/r/default/hpkp/reportOnly"
+      Server:
+      - cloudflare-nginx
+      Cf-Ray:
+      - 3b3083747ba8793c-LAX
+    body:
+      encoding: UTF-8
+      string: "{\"data\":{\"id\":\"200\",\"type\":\"report\",\"attributes\":{\"title\":\"another
+        attempt\",\"state\":\"triaged\",\"created_at\":\"2017-10-10T23:29:35.200Z\",\"vulnerability_information\":\"blehhh\",\"triaged_at\":\"2017-10-10T23:29:49.700Z\",\"closed_at\":null,\"last_reporter_activity_at\":\"2017-10-10T23:29:35.265Z\",\"first_program_activity_at\":\"2017-10-10T23:29:35.265Z\",\"last_program_activity_at\":\"2017-10-10T23:29:49.700Z\",\"bounty_awarded_at\":null,\"swag_awarded_at\":\"2017-10-10T23:30:28.501Z\",\"disclosed_at\":null,\"last_public_activity_at\":\"2017-10-10T23:30:28.501Z\",\"last_activity_at\":\"2017-10-10T23:30:28.501Z\",\"issue_tracker_reference_id\":\"reference\"},\"relationships\":{\"reporter\":{\"data\":{\"id\":\"57690\",\"type\":\"user\",\"attributes\":{\"username\":\"ndm-github\",\"name\":\"Neil
+        Matatall\",\"disabled\":false,\"created_at\":\"2016-02-24T01:33:01.258Z\",\"profile_picture\":{\"62x62\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/1e0c9ef6fc8bcc17806ae82e6f73cdd4d0e74eb9_small.jpg?1469554487\",\"82x82\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/f6a17c40a6c910ba801014d1498b55727ea858e3_medium.jpg?1469554487\",\"110x110\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/2259dde15230756d99f68a9ca824af11081ab965_large.jpg?1469554487\",\"260x260\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/6d2da33805fef8b8ac4cf513e1562699e79365e0_xtralarge.jpg?1469554487\"}}}},\"assignee\":{\"data\":{\"type\":\"user\",\"id\":\"57690\",\"attributes\":{\"username\":\"ndm-github\",\"name\":\"Neil
+        Matatall\",\"disabled\":false,\"created_at\":\"2016-02-24T01:33:01.258Z\",\"profile_picture\":{\"62x62\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/1e0c9ef6fc8bcc17806ae82e6f73cdd4d0e74eb9_small.jpg?1469554487\",\"82x82\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/f6a17c40a6c910ba801014d1498b55727ea858e3_medium.jpg?1469554487\",\"110x110\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/2259dde15230756d99f68a9ca824af11081ab965_large.jpg?1469554487\",\"260x260\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/6d2da33805fef8b8ac4cf513e1562699e79365e0_xtralarge.jpg?1469554487\"}}}},\"program\":{\"data\":{\"id\":\"11767\",\"type\":\"program\",\"attributes\":{\"handle\":\"github\",\"created_at\":\"2016-04-15T17:10:31.261Z\",\"updated_at\":\"2017-10-03T12:58:34.637Z\"}}},\"swag\":{\"data\":[{\"id\":\"2158\",\"type\":\"swag\",\"attributes\":{\"sent\":false,\"created_at\":\"2017-10-10T23:30:28.494Z\"},\"relationships\":{\"address\":{\"data\":{\"id\":\"235\",\"type\":\"address\",\"attributes\":{\"name\":\"neil
+        matatall\",\"street\":\"\",\"city\":\"Kailua
+        Kona\",\"postal_code\":\"96740\",\"state\":\"HI\",\"country\":\"USA\",\"created_at\":\"2016-04-15T02:34:17.252Z\",\"tshirt_size\":\"XLarge\",\"phone_number\":\"8082091148\"}}}}},{\"id\":\"2157\",\"type\":\"swag\",\"attributes\":{\"sent\":false,\"created_at\":\"2017-10-10T23:30:07.259Z\"},\"relationships\":{\"address\":{\"data\":{\"id\":\"235\",\"type\":\"address\",\"attributes\":{\"name\":\"neil
+        matatall\",\"street\":\"\",\"city\":\"Kailua
+        Kona\",\"postal_code\":\"96740\",\"state\":\"HI\",\"country\":\"USA\",\"created_at\":\"2016-04-15T02:34:17.252Z\",\"tshirt_size\":\"XLarge\",\"phone_number\":\"8082091148\"}}}}}]},\"attachments\":{\"data\":[]},\"activities\":{\"data\":[{\"type\":\"activity-swag-awarded\",\"id\":\"2057701\",\"attributes\":{\"message\":\"\",\"created_at\":\"2017-10-10T23:30:28.501Z\",\"updated_at\":\"2017-10-10T23:30:28.501Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"program\",\"id\":\"11767\",\"attributes\":{\"handle\":\"github\",\"created_at\":\"2016-04-15T17:10:31.261Z\",\"updated_at\":\"2017-10-03T12:58:34.637Z\"}}},\"swag\":{\"data\":{\"id\":\"2158\",\"type\":\"swag\",\"attributes\":{\"sent\":false,\"created_at\":\"2017-10-10T23:30:28.494Z\"},\"relationships\":{\"address\":{\"data\":{\"id\":\"235\",\"type\":\"address\",\"attributes\":{\"name\":\"neil
+        matatall\",\"street\":\"\",\"city\":\"Kailua
+        Kona\",\"postal_code\":\"96740\",\"state\":\"HI\",\"country\":\"USA\",\"created_at\":\"2016-04-15T02:34:17.252Z\",\"tshirt_size\":\"XLarge\",\"phone_number\":\"8082091148\"}}}}}}}},{\"type\":\"activity-swag-awarded\",\"id\":\"2057700\",\"attributes\":{\"message\":\"\",\"created_at\":\"2017-10-10T23:30:07.266Z\",\"updated_at\":\"2017-10-10T23:30:07.266Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"program\",\"id\":\"11767\",\"attributes\":{\"handle\":\"github\",\"created_at\":\"2016-04-15T17:10:31.261Z\",\"updated_at\":\"2017-10-03T12:58:34.637Z\"}}},\"swag\":{\"data\":{\"id\":\"2157\",\"type\":\"swag\",\"attributes\":{\"sent\":false,\"created_at\":\"2017-10-10T23:30:07.259Z\"},\"relationships\":{\"address\":{\"data\":{\"id\":\"235\",\"type\":\"address\",\"attributes\":{\"name\":\"neil
+        matatall\",\"street\":\"\",\"city\":\"Kailua
+        Kona\",\"postal_code\":\"96740\",\"state\":\"HI\",\"country\":\"USA\",\"created_at\":\"2016-04-15T02:34:17.252Z\",\"tshirt_size\":\"XLarge\",\"phone_number\":\"8082091148\"}}}}}}}},{\"type\":\"activity-bounty-suggested\",\"id\":\"2057699\",\"attributes\":{\"message\":\"Suggested
+        by oreoshake in https://github.slack.com/archives//p\",\"created_at\":\"2017-10-10T23:29:55.239Z\",\"updated_at\":\"2017-10-10T23:29:55.239Z\",\"internal\":true,\"bounty_amount\":\"100\",\"bonus_amount\":\"0\"},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-bug-triaged\",\"id\":\"2057697\",\"attributes\":{\"message\":\"\",\"created_at\":\"2017-10-10T23:29:49.700Z\",\"updated_at\":\"2017-10-10T23:29:49.700Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-reference-id-added\",\"id\":\"2057696\",\"attributes\":{\"message\":\"\",\"created_at\":\"2017-10-10T23:29:49.101Z\",\"updated_at\":\"2017-10-10T23:29:49.101Z\",\"internal\":true,\"reference\":\"reference\",\"reference_url\":null},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-comment\",\"id\":\"2057695\",\"attributes\":{\"message\":\"For
+        better or worse, the design of HTTP cookies means that no single website can
+        prevent its users from being logged out; consequently, application-specific
+        ways of achieving this goal will likely not qualify. You may be interested
+        in personal blog posts from Chris Evans (https://scarybeastsecurity.blogspot.com/2010/01/logout-xsrf-significant-web-app-bug.html)
+        and Michal Zalewski (https://lcamtuf.blogspot.com/2010/10/http-cookies-or-how-not-to-design.html)
+        for more background.\\n\",\"created_at\":\"2017-10-10T23:29:48.618Z\",\"updated_at\":\"2017-10-10T23:29:48.618Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-user-assigned-to-bug\",\"id\":\"2057694\",\"attributes\":{\"message\":null,\"created_at\":\"2017-10-10T23:29:46.939Z\",\"updated_at\":\"2017-10-10T23:29:46.939Z\",\"internal\":true},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}},\"assigned_user\":{\"data\":{\"id\":\"57690\",\"type\":\"user\",\"attributes\":{\"username\":\"ndm-github\",\"name\":\"Neil
+        Matatall\",\"disabled\":false,\"created_at\":\"2016-02-24T01:33:01.258Z\",\"profile_picture\":{\"62x62\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/1e0c9ef6fc8bcc17806ae82e6f73cdd4d0e74eb9_small.jpg?1469554487\",\"82x82\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/f6a17c40a6c910ba801014d1498b55727ea858e3_medium.jpg?1469554487\",\"110x110\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/2259dde15230756d99f68a9ca824af11081ab965_large.jpg?1469554487\",\"260x260\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/6d2da33805fef8b8ac4cf513e1562699e79365e0_xtralarge.jpg?1469554487\"}}}}}}]},\"bounties\":{\"data\":[]},\"summaries\":{\"data\":[]}}}}"
+    http_version:
+  recorded_at: Tue, 24 Oct 2017 22:53:40 GMT
+- request:
+    method: post
+    uri: https://api.hackerone.com/v1/reports/200/state_changes
+    body:
+      encoding: UTF-8
+      string: "{\"data\":{\"type\":\"state-change\",\"attributes\":{\"original_report_id\":\"302\",\"state\":\"duplicate\",\"message\":\"totally
+        a dup\"}}}"
+    headers:
+      Authorization:
+      - Basic Nope==
+      User-Agent:
+      - Faraday v0.11.0
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Date:
+      - Tue, 24 Oct 2017 22:53:49 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Set-Cookie:
+      - __cfduid=; expires=Wed, 24-Oct-18
+        22:53:48 GMT; path=/; Domain=api.hackerone.com; HttpOnly; Secure
+      X-Request-Id:
+      - cd376b1b-99ab-4fdb-bf6b-a07561818cb2
+      Etag:
+      - W/"c4b760035f20d5c8f9e48569e0297d7f"
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+      Strict-Transport-Security:
+      - max-age=31536000; includeSubDomains; preload
+      Content-Security-Policy:
+      - 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
+        www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
+        font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
+        ''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
+        profile-photos.hackerone-user-content.com hackerone-attachments.s3.amazonaws.com;
+        media-src ''self'' hackerone-attachments.s3.amazonaws.com; script-src ''self''
+        www.google-analytics.com; style-src ''self'' ''unsafe-inline''; report-uri
+        https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
+      Referrer-Policy:
+      - strict-origin-when-cross-origin
+      X-Content-Type-Options:
+      - nosniff
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - DENY
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Xss-Protection:
+      - 1; mode=block
+      Public-Key-Pins-Report-Only:
+      - pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";
+        pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=";
+        pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="bIlWcjiKq1mftH/xd7Hw1JO77Cr+Gv+XYcGUQWwO+A4=";
+        pin-sha256="tXD+dGAP8rGY4PW1be90cOYEwg7pZ4G+yPZmIZWPTSg="; max-age=600; includeSubDomains;
+        report-uri="https://hackerone.report-uri.io/r/default/hpkp/reportOnly"
+      Server:
+      - cloudflare-nginx
+      Cf-Ray:
+      - 3b3083ac7b09776c-LAX
+    body:
+      encoding: UTF-8
+      string: "{\"data\":{\"id\":\"200\",\"type\":\"report\",\"attributes\":{\"title\":\"another
+        attempt\",\"state\":\"duplicate\",\"created_at\":\"2017-10-10T23:29:35.200Z\",\"vulnerability_information\":\"blehhh\",\"triaged_at\":\"2017-10-10T23:29:49.700Z\",\"closed_at\":\"2017-10-24T22:53:49.007Z\",\"last_reporter_activity_at\":\"2017-10-10T23:29:35.265Z\",\"first_program_activity_at\":\"2017-10-10T23:29:35.265Z\",\"last_program_activity_at\":\"2017-10-24T22:53:49.007Z\",\"bounty_awarded_at\":null,\"swag_awarded_at\":\"2017-10-10T23:30:28.501Z\",\"disclosed_at\":null,\"last_public_activity_at\":\"2017-10-24T22:53:49.007Z\",\"last_activity_at\":\"2017-10-24T22:53:49.007Z\",\"issue_tracker_reference_id\":\"reference\"},\"relationships\":{\"reporter\":{\"data\":{\"id\":\"57690\",\"type\":\"user\",\"attributes\":{\"username\":\"ndm-github\",\"name\":\"Neil
+        Matatall\",\"disabled\":false,\"created_at\":\"2016-02-24T01:33:01.258Z\",\"profile_picture\":{\"62x62\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/1e0c9ef6fc8bcc17806ae82e6f73cdd4d0e74eb9_small.jpg?1469554487\",\"82x82\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/f6a17c40a6c910ba801014d1498b55727ea858e3_medium.jpg?1469554487\",\"110x110\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/2259dde15230756d99f68a9ca824af11081ab965_large.jpg?1469554487\",\"260x260\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/6d2da33805fef8b8ac4cf513e1562699e79365e0_xtralarge.jpg?1469554487\"}}}},\"assignee\":{\"data\":{\"type\":\"user\",\"id\":\"57690\",\"attributes\":{\"username\":\"ndm-github\",\"name\":\"Neil
+        Matatall\",\"disabled\":false,\"created_at\":\"2016-02-24T01:33:01.258Z\",\"profile_picture\":{\"62x62\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/1e0c9ef6fc8bcc17806ae82e6f73cdd4d0e74eb9_small.jpg?1469554487\",\"82x82\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/f6a17c40a6c910ba801014d1498b55727ea858e3_medium.jpg?1469554487\",\"110x110\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/2259dde15230756d99f68a9ca824af11081ab965_large.jpg?1469554487\",\"260x260\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/6d2da33805fef8b8ac4cf513e1562699e79365e0_xtralarge.jpg?1469554487\"}}}},\"program\":{\"data\":{\"id\":\"11767\",\"type\":\"program\",\"attributes\":{\"handle\":\"github\",\"created_at\":\"2016-04-15T17:10:31.261Z\",\"updated_at\":\"2017-10-03T12:58:34.637Z\"}}},\"swag\":{\"data\":[{\"id\":\"2158\",\"type\":\"swag\",\"attributes\":{\"sent\":false,\"created_at\":\"2017-10-10T23:30:28.494Z\"},\"relationships\":{\"address\":{\"data\":{\"id\":\"235\",\"type\":\"address\",\"attributes\":{\"name\":\"neil
+        matatall\",\"street\":\"\",\"city\":\"Kailua
+        Kona\",\"postal_code\":\"96740\",\"state\":\"HI\",\"country\":\"USA\",\"created_at\":\"2016-04-15T02:34:17.252Z\",\"tshirt_size\":\"XLarge\",\"phone_number\":\"8082091148\"}}}}},{\"id\":\"2157\",\"type\":\"swag\",\"attributes\":{\"sent\":false,\"created_at\":\"2017-10-10T23:30:07.259Z\"},\"relationships\":{\"address\":{\"data\":{\"id\":\"235\",\"type\":\"address\",\"attributes\":{\"name\":\"neil
+        matatall\",\"street\":\"\",\"city\":\"Kailua
+        Kona\",\"postal_code\":\"96740\",\"state\":\"HI\",\"country\":\"USA\",\"created_at\":\"2016-04-15T02:34:17.252Z\",\"tshirt_size\":\"XLarge\",\"phone_number\":\"8082091148\"}}}}}]},\"attachments\":{\"data\":[]},\"activities\":{\"data\":[{\"type\":\"activity-bug-duplicate\",\"id\":\"2100521\",\"attributes\":{\"message\":\"totally
+        a dup\",\"created_at\":\"2017-10-24T22:53:49.007Z\",\"updated_at\":\"2017-10-24T22:53:49.007Z\",\"internal\":false,\"original_report_id\":302},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"211530\",\"attributes\":{\"username\":\"oreoshake-testing-dups\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-10-24T22:44:55.280Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-swag-awarded\",\"id\":\"2057701\",\"attributes\":{\"message\":\"\",\"created_at\":\"2017-10-10T23:30:28.501Z\",\"updated_at\":\"2017-10-10T23:30:28.501Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"program\",\"id\":\"11767\",\"attributes\":{\"handle\":\"github\",\"created_at\":\"2016-04-15T17:10:31.261Z\",\"updated_at\":\"2017-10-03T12:58:34.637Z\"}}},\"swag\":{\"data\":{\"id\":\"2158\",\"type\":\"swag\",\"attributes\":{\"sent\":false,\"created_at\":\"2017-10-10T23:30:28.494Z\"},\"relationships\":{\"address\":{\"data\":{\"id\":\"235\",\"type\":\"address\",\"attributes\":{\"name\":\"neil
+        matatall\",\"street\":\"\",\"city\":\"Kailua
+        Kona\",\"postal_code\":\"96740\",\"state\":\"HI\",\"country\":\"USA\",\"created_at\":\"2016-04-15T02:34:17.252Z\",\"tshirt_size\":\"XLarge\",\"phone_number\":\"8082091148\"}}}}}}}},{\"type\":\"activity-swag-awarded\",\"id\":\"2057700\",\"attributes\":{\"message\":\"\",\"created_at\":\"2017-10-10T23:30:07.266Z\",\"updated_at\":\"2017-10-10T23:30:07.266Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"program\",\"id\":\"11767\",\"attributes\":{\"handle\":\"github\",\"created_at\":\"2016-04-15T17:10:31.261Z\",\"updated_at\":\"2017-10-03T12:58:34.637Z\"}}},\"swag\":{\"data\":{\"id\":\"2157\",\"type\":\"swag\",\"attributes\":{\"sent\":false,\"created_at\":\"2017-10-10T23:30:07.259Z\"},\"relationships\":{\"address\":{\"data\":{\"id\":\"235\",\"type\":\"address\",\"attributes\":{\"name\":\"neil
+        matatall\",\"street\":\"\",\"city\":\"Kailua
+        Kona\",\"postal_code\":\"96740\",\"state\":\"HI\",\"country\":\"USA\",\"created_at\":\"2016-04-15T02:34:17.252Z\",\"tshirt_size\":\"XLarge\",\"phone_number\":\"8082091148\"}}}}}}}},{\"type\":\"activity-bounty-suggested\",\"id\":\"2057699\",\"attributes\":{\"message\":\"Suggested
+        by oreoshake in https://github.slack.com/archives//p\",\"created_at\":\"2017-10-10T23:29:55.239Z\",\"updated_at\":\"2017-10-10T23:29:55.239Z\",\"internal\":true,\"bounty_amount\":\"100\",\"bonus_amount\":\"0\"},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-bug-triaged\",\"id\":\"2057697\",\"attributes\":{\"message\":\"\",\"created_at\":\"2017-10-10T23:29:49.700Z\",\"updated_at\":\"2017-10-10T23:29:49.700Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-reference-id-added\",\"id\":\"2057696\",\"attributes\":{\"message\":\"\",\"created_at\":\"2017-10-10T23:29:49.101Z\",\"updated_at\":\"2017-10-10T23:29:49.101Z\",\"internal\":true,\"reference\":\"reference\",\"reference_url\":null},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-comment\",\"id\":\"2057695\",\"attributes\":{\"message\":\"For
+        better or worse, the design of HTTP cookies means that no single website can
+        prevent its users from being logged out; consequently, application-specific
+        ways of achieving this goal will likely not qualify. You may be interested
+        in personal blog posts from Chris Evans (https://scarybeastsecurity.blogspot.com/2010/01/logout-xsrf-significant-web-app-bug.html)
+        and Michal Zalewski (https://lcamtuf.blogspot.com/2010/10/http-cookies-or-how-not-to-design.html)
+        for more background.\\n\",\"created_at\":\"2017-10-10T23:29:48.618Z\",\"updated_at\":\"2017-10-10T23:29:48.618Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}},{\"type\":\"activity-user-assigned-to-bug\",\"id\":\"2057694\",\"attributes\":{\"message\":null,\"created_at\":\"2017-10-10T23:29:46.939Z\",\"updated_at\":\"2017-10-10T23:29:46.939Z\",\"internal\":true},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}},\"assigned_user\":{\"data\":{\"id\":\"57690\",\"type\":\"user\",\"attributes\":{\"username\":\"ndm-github\",\"name\":\"Neil
+        Matatall\",\"disabled\":false,\"created_at\":\"2016-02-24T01:33:01.258Z\",\"profile_picture\":{\"62x62\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/1e0c9ef6fc8bcc17806ae82e6f73cdd4d0e74eb9_small.jpg?1469554487\",\"82x82\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/f6a17c40a6c910ba801014d1498b55727ea858e3_medium.jpg?1469554487\",\"110x110\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/2259dde15230756d99f68a9ca824af11081ab965_large.jpg?1469554487\",\"260x260\":\"https://profile-photos.hackerone-user-content.com/production/000/057/690/6d2da33805fef8b8ac4cf513e1562699e79365e0_xtralarge.jpg?1469554487\"}}}}}}]},\"bounties\":{\"data\":[]},\"summaries\":{\"data\":[]}}}}"
+    http_version:
+  recorded_at: Tue, 24 Oct 2017 22:53:49 GMT
+recorded_with: VCR 3.0.3

data/fixtures/vcr_cassettes/user_find_fransrosen.yml ADDED

@@ -0,0 +1,93 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.hackerone.com/v1/users/fransrosen
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Authorization:
+      - Basic NOPE
+      User-Agent:
+      - Faraday v0.13.1
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Thu, 02 Nov 2017 23:24:03 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Set-Cookie:
+      - __cfduid=dd872fd23fa7ae9529e3bb8b35adcf44d1509665042; expires=Fri, 02-Nov-18
+        23:24:02 GMT; path=/; Domain=api.hackerone.com; HttpOnly; Secure
+      X-Request-Id:
+      - eb927f4f-43e8-4232-8bb9-b2651c88a0ca
+      Etag:
+      - W/"3894f47342d0f403fb014db76fe89448"
+      Cache-Control:
+      - max-age=0, private, must-revalidate
+      Strict-Transport-Security:
+      - max-age=31536000; includeSubDomains; preload
+      Content-Security-Policy:
+      - 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
+        www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
+        font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
+        ''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
+        profile-photos.hackerone-user-content.com hackerone-attachments.s3.amazonaws.com;
+        media-src ''self'' hackerone-attachments.s3.amazonaws.com; script-src ''self''
+        www.google-analytics.com; style-src ''self'' ''unsafe-inline''; report-uri
+        https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
+      Referrer-Policy:
+      - strict-origin-when-cross-origin
+      X-Content-Type-Options:
+      - nosniff
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - DENY
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Xss-Protection:
+      - 1; mode=block
+      Server:
+      - cloudflare-nginx
+      Cf-Ray:
+      - 3b7ad855990492ac-SJC
+    body:
+      encoding: ASCII-8BIT
+      string: !binary |-
+        eyJkYXRhIjp7ImF0dHJpYnV0ZXMiOnsic2lnbmFsIjo2LjQ3NzgyMjU4MDY0
+        NTE2LCJpbXBhY3QiOjIyLjYyNjk1MzEyNSwicmVwdXRhdGlvbiI6MTUwMzMs
+        InVzZXJuYW1lIjoiZnJhbnNyb3NlbiIsIm5hbWUiOiJGcmFucyBSb3PDqW4i
+        LCJkaXNhYmxlZCI6ZmFsc2UsImNyZWF0ZWRfYXQiOiIyMDEzLTExLTIwVDIx
+        OjE1OjI5Ljc3MVoiLCJwcm9maWxlX3BpY3R1cmUiOnsiNjJ4NjIiOiJodHRw
+        czovL3Byb2ZpbGUtcGhvdG9zLmhhY2tlcm9uZS11c2VyLWNvbnRlbnQuY29t
+        L3Byb2R1Y3Rpb24vMDAwLzAwMS82MzQvNmUwMjI0MmI1ZDFkODkzY2VmNjk4
+        MTQ0ZmFhNzA2ZmQxZDc1ZmVhMF9zbWFsbC5qcGc/MTM5NjQ2ODU3NiIsIjgy
+        eDgyIjoiaHR0cHM6Ly9wcm9maWxlLXBob3Rvcy5oYWNrZXJvbmUtdXNlci1j
+        b250ZW50LmNvbS9wcm9kdWN0aW9uLzAwMC8wMDEvNjM0LzU2NTI4NzgwZGRk
+        ZTY3ZGVjMmU2ZjlkMTIxMjg3OWFiMTZiYzhmNGFfbWVkaXVtLmpwZz8xMzk2
+        NDY4NTc2IiwiMTEweDExMCI6Imh0dHBzOi8vcHJvZmlsZS1waG90b3MuaGFj
+        a2Vyb25lLXVzZXItY29udGVudC5jb20vcHJvZHVjdGlvbi8wMDAvMDAxLzYz
+        NC80MDQ1YjY2NmQyYWRiMDZjYzc0ZmJhZWQ2NTViN2UzZjM5YjM0Yjc1X2xh
+        cmdlLmpwZz8xMzk2NDY4NTc2IiwiMjYweDI2MCI6Imh0dHBzOi8vcHJvZmls
+        ZS1waG90b3MuaGFja2Vyb25lLXVzZXItY29udGVudC5jb20vcHJvZHVjdGlv
+        bi8wMDAvMDAxLzYzNC9hYmU2YjFlYzJkN2I4YjcxNmVjYmM1M2FjMDkyMDE1
+        MTM4Y2Y5YmY3X3h0cmFsYXJnZS5qcGc/MTM5NjQ2ODU3NiJ9fSwiaWQiOiIx
+        NjM0IiwidHlwZSI6InVzZXIifX0=
+    http_version:
+  recorded_at: Thu, 02 Nov 2017 23:24:02 GMT
+recorded_with: VCR 3.0.3

data/lib/hackerone/client/report.rb CHANGED

@@ -154,7 +154,7 @@ module HackerOne
       #
       # returns an HackerOne::Client::Report object or raises an error if
       # no report is found.
-      def state_change(state, message = nil)
+      def state_change(state, message = nil, attributes = {})
         raise ArgumentError, "state (#{state}) must be one of #{STATES}" unless STATES.include?(state)
         body = {
@@ -164,6 +164,8 @@ module HackerOne
           }
         }
+        body[:attributes] = body[:attributes].reverse_merge(attributes)
         if message
           body[:attributes][:message] = message
         elsif STATES_REQUIRING_STATE_CHANGE_MESSAGE.include?(state)
@@ -172,7 +174,6 @@ module HackerOne
           # message is in theory optional, but a value appears to be required.
           body[:attributes][:message] = ""
         end
         response_json = make_post_request("reports/#{id}/state_changes", request_body: body)
         @report = response_json
         self

data/lib/hackerone/client/resource_helper.rb CHANGED

@@ -1,6 +1,10 @@
 module HackerOne
   module Client
     module ResourceHelper
+      def self.included(base)
+        base.extend(self)
+      end
       def parse_response(response)
         HackerOne::Client::Api.parse_response(response)
       end

data/lib/hackerone/client/user.rb CHANGED

@@ -1,7 +1,14 @@
 module HackerOne
   module Client
     class User
-      delegate :username, to: :attributes
+      include ResourceHelper
+      delegate :username, :signal, :impact, :reputation, to: :attributes
+      def self.find(username_we_want)
+        user_json = make_get_request("users/#{username_we_want}")
+        new(user_json)
+      end
       def initialize(user)
         @user = user

data/lib/hackerone/client/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Hackerone
   module Client
-    VERSION = "0.9.1"
+    VERSION = "0.10.0"
   end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hackerone-client
 version: !ruby/object:Gem::Version
-  version: 0.9.1
+  version: 0.10.0
 platform: ruby
 authors:
 - Neil Matatall
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2017-10-24 00:00:00.000000000 Z
+date: 2017-11-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -140,6 +140,7 @@ files:
 - fixtures/vcr_cassettes/award_a_bounty.yml
 - fixtures/vcr_cassettes/award_swag.yml
 - fixtures/vcr_cassettes/common_responses.yml
+- fixtures/vcr_cassettes/dup.yml
 - fixtures/vcr_cassettes/empty_report_list.yml
 - fixtures/vcr_cassettes/missing_report.yml
 - fixtures/vcr_cassettes/programs.yml
@@ -150,6 +151,7 @@ files:
 - fixtures/vcr_cassettes/server_error_when_assigning_report_to_user.yml
 - fixtures/vcr_cassettes/stage_change.yml
 - fixtures/vcr_cassettes/suggest_a_bounty.yml
+- fixtures/vcr_cassettes/user_find_fransrosen.yml
 - hackerone-client.gemspec
 - lib/hackerone/client.rb
 - lib/hackerone/client/activity.rb
@@ -185,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.2.0
+rubygems_version: 2.4.5.1
 signing_key:
 specification_version: 4
 summary: A limited client for the HackerOne API