oso-cloud 0.4.0 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/oso/client.rb +45 -0
- data/lib/oso/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7358c36375c04ca97c57ca8f326b49f1610b3a256aed07550a61a0f8208484aa
|
|
4
|
+
data.tar.gz: bf8823521cd89afe363c7a1241f7642c8badf49dc57a0a785330d129b963fe68
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f7a1a6b6167562bb18fa9be85995a7e14384bc551d5ae0da3201f61aa8ece1c77ad7e1eaba9c47107feb2e7f8a92619cf92d386ce82525df601118f3744b47c2
|
|
7
|
+
data.tar.gz: '09d05422cfd5af07383c358d734e64a52a8508653c4719b6501c393c7ca52a85c68b26a973efbfca7a1ab5c172c1f01bd4418f8eec6906fabc0ee31bb2bde26a'
|
data/Gemfile.lock
CHANGED
data/lib/oso/client.rb
CHANGED
|
@@ -27,6 +27,40 @@ module Oso
|
|
|
27
27
|
allowed
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
+
def authorize_resources(actor, action, resources)
|
|
31
|
+
return [] if resources.nil?
|
|
32
|
+
return [] if resources.empty?
|
|
33
|
+
|
|
34
|
+
key = lambda do |type, id|
|
|
35
|
+
"#{type}:#{id}"
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
resources_extracted = resources.map { |r| extract_typed_id(r) }
|
|
39
|
+
actor_typed_id = extract_typed_id actor
|
|
40
|
+
result = POST('authorize_resources', {
|
|
41
|
+
actor_type: actor_typed_id.type, actor_id: actor_typed_id.id,
|
|
42
|
+
action: action,
|
|
43
|
+
resources: resources_extracted
|
|
44
|
+
})
|
|
45
|
+
|
|
46
|
+
return [] if result['results'].empty?
|
|
47
|
+
|
|
48
|
+
results_lookup = Hash.new
|
|
49
|
+
result['results'].each do |r|
|
|
50
|
+
k = key.call(r['type'], r['id'])
|
|
51
|
+
if results_lookup[k] == nil
|
|
52
|
+
results_lookup[k] = true
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
results = resources.select do |r|
|
|
57
|
+
e = extract_typed_id(r)
|
|
58
|
+
exists = results_lookup[key.call(e.type, e.id)]
|
|
59
|
+
exists
|
|
60
|
+
end
|
|
61
|
+
results
|
|
62
|
+
end
|
|
63
|
+
|
|
30
64
|
def list(actor, action, resource_type)
|
|
31
65
|
actor_typed_id = extract_typed_id actor
|
|
32
66
|
result = POST('list', {
|
|
@@ -37,6 +71,17 @@ module Oso
|
|
|
37
71
|
results = result['results']
|
|
38
72
|
results
|
|
39
73
|
end
|
|
74
|
+
|
|
75
|
+
def actions(actor, resource)
|
|
76
|
+
actor_typed_id = extract_typed_id actor
|
|
77
|
+
resource_typed_id = extract_typed_id resource
|
|
78
|
+
result = POST('actions', {
|
|
79
|
+
actor_type: actor_typed_id.type, actor_id: actor_typed_id.id,
|
|
80
|
+
resource_type: resource_typed_id.type, resource_id: resource_typed_id.id,
|
|
81
|
+
})
|
|
82
|
+
results = result['results']
|
|
83
|
+
results
|
|
84
|
+
end
|
|
40
85
|
|
|
41
86
|
def tell(predicate, *args)
|
|
42
87
|
typed_args = args.map { |a| extract_typed_id a}
|
data/lib/oso/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oso-cloud
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Oso Security, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-05-
|
|
11
|
+
date: 2022-05-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: minitest
|