insights-api-common 3.3.1 → 3.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '0796657d49b1fd235d0d088185d12dd1237eb23e5279527d242cf3e9537cfec9'
-  data.tar.gz: '0532068272482ccd7349b8c3188ef66355c4dc05a57bea79bbedcc1b8482735e'
+  metadata.gz: e8026f4b784de4017aa2e008109d94bb5556bbdaf747c66a9096b68be6b1cdae
+  data.tar.gz: 83c1e5b44afd8dc53224f8dad912888ad5fad922e0877b01e5c5d5a3d5ecfa30
 SHA512:
-  metadata.gz: d5f094f17a64bef00eea15d2c3a1e6a4fbfcf3344c3a593ef3831e4fa2f5d8616dceb730e6dd358baa9999bb54b2288498f3c2395728a4f7084c45cd485e088b
-  data.tar.gz: 47362dc2058c45118e679e2b3aa844ebf9772e3c056919b61b3adedccbd40cf1880f1b426201e082fb3f2ccc8b46ed19b7cd180d4a7c78ad5ec3193ef20c2f88
+  metadata.gz: ac25d3c924e3bf19802558705d9b9b5a1c63cef56ac987a16bc984543ea473092d46c4c9a7e05b183f6c6bc2426cbd161fdf06831ad62540c03ce081e19331c5
+  data.tar.gz: 9542c208f830361e3e3d23194f506acc3896f891ed8c772de83cd26c2ba6dec54398bd3306f16fd0b9dedaeb9f93f9e9a8a64e2f61019521d3ca717b4fc54dc9

data/app/controllers/concerns/insights/api/common/tagging_methods.rb

@@ -0,0 +1,38 @@
+module Insights
+  module API
+    module Common
+      module TaggingMethods
+        def tag
+          primary_instance = primary_collection_model.find(request_path_parts["primary_collection_id"])
+
+          applied_tags = parsed_body.collect do |i|
+            begin
+              tag = Tag.find_or_create_by!(Tag.parse(i["tag"]))
+              primary_instance.tags << tag
+              i
+            rescue ActiveRecord::RecordNotUnique
+            end
+          end.compact
+
+          # HTTP Not Modified
+          return head(304, :location => "#{instance_link(primary_instance)}/tags") if applied_tags.empty?
+
+          # HTTP Created
+          render :json => parsed_body, :status => 201, :location => "#{instance_link(primary_instance)}/tags"
+        end
+
+        def untag
+          primary_instance = primary_collection_model.find(request_path_parts["primary_collection_id"])
+
+          parsed_body.each do |i|
+            tag = Tag.find_by(Tag.parse(i["tag"]))
+            primary_instance.tags.destroy(tag) if tag
+          end
+
+          # HTTP No Content
+          head 204, :location => "#{instance_link(primary_instance)}/tags"
+        end
+      end
+    end
+  end
+end

data/lib/insights/api/common.rb

@@ -9,4 +9,5 @@ require "insights/api/common/open_api"
 require "insights/api/common/option_redirect_enhancements"
 require "insights/api/common/request"
 require "insights/api/common/routing"
+require "insights/api/common/status"
 require "insights/api/common/user"

data/lib/insights/api/common/request.rb

@@ -17,7 +17,8 @@ module Insights
         FORWARDABLE_HEADER_KEYS = [REQUEST_ID_KEY, IDENTITY_KEY, PERSONA_KEY].freeze
         OPTIONAL_AUTH_PATHS = [
           %r{\A/api/v[0-9]+(\.[0-9]+)?/openapi.json\z},
-          %r{\A/api/[^/]+/v[0-9]+(\.[0-9]+)?/openapi.json\z}
+          %r{\A/api/[^/]+/v[0-9]+(\.[0-9]+)?/openapi.json\z},
+          %r{\A/health\z}
         ].freeze
 
         def self.current

data/lib/insights/api/common/status.rb

@@ -0,0 +1,17 @@
+module Insights
+  module API
+    module Common
+      module Status
+        module Api
+          def health
+            if PG::Connection.ping(ENV['DATABASE_URL']) == PG::Connection::PQPING_OK
+              head :ok
+            else
+              head :internal_server_error
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/insights/api/common/version.rb

@@ -1,7 +1,7 @@
 module Insights
   module API
     module Common
-      VERSION = "3.3.1".freeze
+      VERSION = "3.4.0".freeze
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: insights-api-common
 version: !ruby/object:Gem::Version
-  version: 3.3.1
+  version: 3.4.0
 platform: ruby
 authors:
 - Insights Authors
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-01-15 00:00:00.000000000 Z
+date: 2020-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: acts_as_tenant
@@ -312,6 +312,7 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- app/controllers/concerns/insights/api/common/tagging_methods.rb
 - app/models/authentication.rb
 - app/models/concerns/encryption_concern.rb
 - app/models/encryption.rb
@@ -358,17 +359,14 @@ files:
 - lib/insights/api/common/option_redirect_enhancements.rb
 - lib/insights/api/common/paginated_response.rb
 - lib/insights/api/common/rbac/access.rb
-- lib/insights/api/common/rbac/acl.rb
 - lib/insights/api/common/rbac/policies.rb
-- lib/insights/api/common/rbac/query_shared_resource.rb
 - lib/insights/api/common/rbac/roles.rb
 - lib/insights/api/common/rbac/seed.rb
 - lib/insights/api/common/rbac/service.rb
-- lib/insights/api/common/rbac/share_resource.rb
-- lib/insights/api/common/rbac/unshare_resource.rb
 - lib/insights/api/common/rbac/utilities.rb
 - lib/insights/api/common/request.rb
 - lib/insights/api/common/routing.rb
+- lib/insights/api/common/status.rb
 - lib/insights/api/common/user.rb
 - lib/insights/api/common/version.rb
 - lib/tasks/insights/api/common_tasks.rake

data/lib/insights/api/common/rbac/acl.rb

@@ -1,74 +0,0 @@
-module Insights
-  module API
-    module Common
-      module RBAC
-        class ACL
-          def create(resource_id, permissions)
-            permissions.collect do |permission|
-              create_acl(permission, resource_id)
-            end
-          end
-
-          def remove(acls, resource_id, permissions)
-            permissions.each_with_object(acls) do |permission, as|
-              delete_matching(as, resource_id, permission)
-            end
-          end
-
-          def add(acls, resource_id, permissions)
-            new_acls = permissions.each_with_object([]) do |permission, as|
-              next if find_matching(acls, resource_id, permission)
-
-              as << create_acl(permission, resource_id)
-            end
-            new_acls + acls
-          end
-
-          def resource_defintions_empty?(acls, permission)
-            acls.each do |acl|
-              if acl.permission == permission
-                return acl.resource_definitions.empty?
-              end
-            end
-            true
-          end
-
-          private
-
-          def create_acl(permission, resource_id = nil)
-            resource_def = resource_definition(resource_id) if resource_id
-            RBACApiClient::Access.new.tap do |access|
-              access.permission = permission
-              access.resource_definitions = resource_def ? [resource_def] : []
-            end
-          end
-
-          def resource_definition(resource_id)
-            rdf = RBACApiClient::ResourceDefinitionFilter.new.tap do |obj|
-              obj.key       = 'id'
-              obj.operation = 'equal'
-              obj.value     = resource_id.to_s
-            end
-
-            RBACApiClient::ResourceDefinition.new.tap do |rd|
-              rd.attribute_filter = rdf
-            end
-          end
-
-          def matches?(access, resource_id, permission)
-            access.permission == permission &&
-              access.resource_definitions.any? { |rdf| rdf.attribute_filter.key == 'id' && rdf.attribute_filter.operation == 'equal' && rdf.attribute_filter.value == resource_id.to_s }
-          end
-
-          def find_matching(acls, resource_id, permission)
-            acls.detect { |access| matches?(access, resource_id, permission) }
-          end
-
-          def delete_matching(acls, resource_id, permission)
-            acls.delete_if { |access| matches?(access, resource_id, permission) }
-          end
-        end
-      end
-    end
-  end
-end

data/lib/insights/api/common/rbac/query_shared_resource.rb

@@ -1,45 +0,0 @@
-module Insights
-  module API
-    module Common
-      module RBAC
-        class QuerySharedResource
-          require 'rbac-api-client'
-
-          include Utilities
-          attr_accessor :share_info
-
-          def initialize(options)
-            @app_name = options[:app_name]
-            @resource_id = options[:resource_id]
-            @resource_name = options[:resource_name]
-            @share_info = []
-            @roles = RBAC::Roles.new("#{@app_name}-#{@resource_name}-#{@resource_id}", 'account')
-          end
-
-          def process
-            build_share_info
-            self
-          end
-
-          private
-
-          def build_share_info
-            @roles.with_each_role do |role|
-              _id, group_uuid = parse_ids_from_name(role.name)
-              group = get_group(group_uuid)
-              @share_info << { 'group_name'  => group.name,
-                               'group_uuid'  => group.uuid,
-                               'permissions' => role.access.collect(&:permission)}
-            end
-          end
-
-          def get_group(uuid)
-            Service.call(RBACApiClient::GroupApi) do |api_instance|
-              api_instance.get_group(uuid)
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/insights/api/common/rbac/share_resource.rb

@@ -1,60 +0,0 @@
-module Insights
-  module API
-    module Common
-      module RBAC
-        class ShareResource
-          require 'rbac-api-client'
-          include Utilities
-
-          def initialize(options)
-            @app_name = options[:app_name]
-            @resource_name = options[:resource_name]
-            @permissions = options[:permissions]
-            @resource_ids = options[:resource_ids]
-            @group_uuids = SortedSet.new(options[:group_uuids])
-            @acls = RBAC::ACL.new
-          end
-
-          def process
-            validate_groups
-            @roles = RBAC::Roles.new("#{@app_name}-#{@resource_name}-", 'account')
-            @group_uuids.each { |uuid| manage_roles_for_group(uuid) }
-            self
-          end
-
-          private
-
-          def manage_roles_for_group(group_uuid)
-            @resource_ids.each do |resource_id|
-              name = unique_name(resource_id, group_uuid)
-              role = @roles.find(name)
-              role ? update_existing_role(role, resource_id) : add_new_role(name, group_uuid, resource_id)
-            end
-          end
-
-          def update_existing_role(role, resource_id)
-            role.access = @acls.add(role.access, resource_id, @permissions)
-            @roles.update(role) if role.access.present?
-          end
-
-          def add_new_role(name, group_uuid, resource_id)
-            acls = @acls.create(resource_id, @permissions)
-            role = @roles.add(name, acls)
-            add_policy(name, group_uuid, role.uuid)
-          end
-
-          def add_policy(name, group_uuid, role_uuid)
-            Service.call(RBACApiClient::PolicyApi) do |api_instance|
-              policy_in = RBACApiClient::PolicyIn.new
-              policy_in.name = name
-              policy_in.description = 'Shared Policy'
-              policy_in.group = group_uuid
-              policy_in.roles = [role_uuid]
-              api_instance.create_policies(policy_in)
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/insights/api/common/rbac/unshare_resource.rb

@@ -1,32 +0,0 @@
-module Insights
-  module API
-    module Common
-      module RBAC
-        require 'rbac-api-client'
-
-        class UnshareResource < ShareResource
-          attr_accessor :count
-
-          def initialize(options)
-            @count = 0
-            super
-          end
-
-          private
-
-          def manage_roles_for_group(group_uuid)
-            @resource_ids.each do |resource_id|
-              name = unique_name(resource_id, group_uuid)
-              role = @roles.find(name)
-              next unless role
-
-              role.access = @acls.remove(role.access, resource_id, @permissions)
-              role.access.present? ? @roles.update(role) : @roles.delete(role)
-              @count += 1
-            end
-          end
-        end
-      end
-    end
-  end
-end