oso-cloud 1.0.1 → 1.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +5 -0
  3. data/Gemfile.lock +1 -1
  4. data/lib/oso/api.rb +75 -98
  5. data/lib/oso/helpers.rb +30 -15
  6. data/lib/oso/oso.rb +71 -52
  7. data/lib/oso/version.rb +1 -1
  8. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 339079e696596a482f6f1fe6bc875d9f88dc5415b0eaca4b4e7a04304280cc7a
4
- data.tar.gz: '099c6b0532405a7fc0cf5933b09ea03991fe43f3e2da6b726d5e33e932706b55'
3
+ metadata.gz: 9268075db2dd7d76b41905d870962afa84ec350ff9d0b335f4c473cef169868e
4
+ data.tar.gz: 7eacd7959071d7d2500ceeebf14d09846d5482cd5189139a92667155df796db9
5
5
  SHA512:
6
- metadata.gz: 441e11c7fdb4b201cf22d84195d7f0cc5454a64186c0078086ae085138a31a8ee10f667f5723b94b467aa74ee89780e1ccd853c435d044f84616b46f78a44527
7
- data.tar.gz: 56c4cb7d88820805bbd9238624f8220253c48aa19fdffe71298af26ff9369e3bf5692d49be70f439a582e4f76ff9d4b7458f45a303fa32c02296c5c2324f9f08
6
+ metadata.gz: 8fbea6dd735db2f768fd9d1c8a6af8b3219abc5e688b3d9bc2e557b512aa9303fa2e6afa792f701aa60bebc0443d6703fa6fcd3e48ce5a6fcfd3aad8a09e17c4
7
+ data.tar.gz: 84baac085041cf7d3e34c0b2261b3bf66a83245ea82d42b42ed3d47de39600d28939e31bf119d000477d5e67dce09a40a3a4a64bd60ecf0bf80ceb1d2f3d8c97
data/.rubocop.yml ADDED
@@ -0,0 +1,5 @@
1
+ AllCops:
2
+ TargetRubyVersion: 3.0.0
3
+ Exclude:
4
+ - "bin/**/*"
5
+ NewCops: enable
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- oso-cloud (1.0.1)
4
+ oso-cloud (1.1.1)
5
5
  faraday (~> 2.5.2)
6
6
  faraday-retry (~> 2.0.0)
7
7
 
data/lib/oso/api.rb CHANGED
@@ -4,6 +4,7 @@ require 'faraday'
4
4
  require 'faraday/retry'
5
5
 
6
6
  require 'oso/helpers'
7
+ require 'oso/version'
7
8
 
8
9
  module OsoCloud
9
10
  # @!visibility private
@@ -26,8 +27,7 @@ module OsoCloud
26
27
 
27
28
  # @!visibility private
28
29
  class Policy
29
- attr_reader :filename
30
- attr_reader :src
30
+ attr_reader :filename, :src
31
31
 
32
32
  def initialize(filename:, src:)
33
33
  @filename = filename
@@ -40,29 +40,27 @@ module OsoCloud
40
40
  attr_reader :policy
41
41
 
42
42
  def initialize(policy:)
43
- if policy.is_a? Policy
44
- @policy = policy
45
- else
46
- @policy = Policy.new(**policy)
47
- end
43
+ @policy = if policy.is_a? Policy
44
+ policy
45
+ else
46
+ Policy.new(**policy)
47
+ end
48
48
  end
49
49
  end
50
50
 
51
51
  # @!visibility private
52
52
  class Fact
53
- attr_reader :predicate
54
- attr_reader :args
53
+ attr_reader :predicate, :args
55
54
 
56
55
  def initialize(predicate:, args:)
57
56
  @predicate = predicate
58
- @args = args.map { |v| if v.is_a? Value then v else Value.new(**v) end }
57
+ @args = args.map { |v| (v.is_a? Value) ? v : Value.new(**v) }
59
58
  end
60
59
  end
61
60
 
62
61
  # @!visibility private
63
62
  class Value
64
- attr_reader :type
65
- attr_reader :id
63
+ attr_reader :type, :id
66
64
 
67
65
  def initialize(type:, id:)
68
66
  @type = type
@@ -72,12 +70,11 @@ module OsoCloud
72
70
 
73
71
  # @!visibility private
74
72
  class Bulk
75
- attr_reader :delete
76
- attr_reader :tell
73
+ attr_reader :delete, :tell
77
74
 
78
75
  def initialize(delete:, tell:)
79
- @delete = delete.map { |v| if v.is_a? Fact then v else Fact.new(**v) end }
80
- @tell = tell.map { |v| if v.is_a? Fact then v else Fact.new(**v) end }
76
+ @delete = delete.map { |v| (v.is_a? Fact) ? v : Fact.new(**v) }
77
+ @tell = tell.map { |v| (v.is_a? Fact) ? v : Fact.new(**v) }
81
78
  end
82
79
  end
83
80
 
@@ -92,12 +89,7 @@ module OsoCloud
92
89
 
93
90
  # @!visibility private
94
91
  class AuthorizeQuery
95
- attr_reader :actor_type
96
- attr_reader :actor_id
97
- attr_reader :action
98
- attr_reader :resource_type
99
- attr_reader :resource_id
100
- attr_reader :context_facts
92
+ attr_reader :actor_type, :actor_id, :action, :resource_type, :resource_id, :context_facts
101
93
 
102
94
  def initialize(actor_type:, actor_id:, action:, resource_type:, resource_id:, context_facts:)
103
95
  @actor_type = actor_type
@@ -105,7 +97,7 @@ module OsoCloud
105
97
  @action = action
106
98
  @resource_type = resource_type
107
99
  @resource_id = resource_id
108
- @context_facts = context_facts.map { |v| if v.is_a? Fact then v else Fact.new(**v) end }
100
+ @context_facts = context_facts.map { |v| (v.is_a? Fact) ? v : Fact.new(**v) }
109
101
  end
110
102
  end
111
103
 
@@ -114,24 +106,20 @@ module OsoCloud
114
106
  attr_reader :results
115
107
 
116
108
  def initialize(results:)
117
- @results = results.map { |v| if v.is_a? Value then v else Value.new(**v) end }
109
+ @results = results.map { |v| (v.is_a? Value) ? v : Value.new(**v) }
118
110
  end
119
111
  end
120
112
 
121
113
  # @!visibility private
122
114
  class AuthorizeResourcesQuery
123
- attr_reader :actor_type
124
- attr_reader :actor_id
125
- attr_reader :action
126
- attr_reader :resources
127
- attr_reader :context_facts
115
+ attr_reader :actor_type, :actor_id, :action, :resources, :context_facts
128
116
 
129
117
  def initialize(actor_type:, actor_id:, action:, resources:, context_facts:)
130
118
  @actor_type = actor_type
131
119
  @actor_id = actor_id
132
120
  @action = action
133
- @resources = resources.map { |v| if v.is_a? Value then v else Value.new(**v) end }
134
- @context_facts = context_facts.map { |v| if v.is_a? Fact then v else Fact.new(**v) end }
121
+ @resources = resources.map { |v| (v.is_a? Value) ? v : Value.new(**v) }
122
+ @context_facts = context_facts.map { |v| (v.is_a? Fact) ? v : Fact.new(**v) }
135
123
  end
136
124
  end
137
125
 
@@ -146,18 +134,14 @@ module OsoCloud
146
134
 
147
135
  # @!visibility private
148
136
  class ListQuery
149
- attr_reader :actor_type
150
- attr_reader :actor_id
151
- attr_reader :action
152
- attr_reader :resource_type
153
- attr_reader :context_facts
137
+ attr_reader :actor_type, :actor_id, :action, :resource_type, :context_facts
154
138
 
155
139
  def initialize(actor_type:, actor_id:, action:, resource_type:, context_facts:)
156
140
  @actor_type = actor_type
157
141
  @actor_id = actor_id
158
142
  @action = action
159
143
  @resource_type = resource_type
160
- @context_facts = context_facts.map { |v| if v.is_a? Fact then v else Fact.new(**v) end }
144
+ @context_facts = context_facts.map { |v| (v.is_a? Fact) ? v : Fact.new(**v) }
161
145
  end
162
146
  end
163
147
 
@@ -172,18 +156,14 @@ module OsoCloud
172
156
 
173
157
  # @!visibility private
174
158
  class ActionsQuery
175
- attr_reader :actor_type
176
- attr_reader :actor_id
177
- attr_reader :resource_type
178
- attr_reader :resource_id
179
- attr_reader :context_facts
159
+ attr_reader :actor_type, :actor_id, :resource_type, :resource_id, :context_facts
180
160
 
181
161
  def initialize(actor_type:, actor_id:, resource_type:, resource_id:, context_facts:)
182
162
  @actor_type = actor_type
183
163
  @actor_id = actor_id
184
164
  @resource_type = resource_type
185
165
  @resource_id = resource_id
186
- @context_facts = context_facts.map { |v| if v.is_a? Fact then v else Fact.new(**v) end }
166
+ @context_facts = context_facts.map { |v| (v.is_a? Fact) ? v : Fact.new(**v) }
187
167
  end
188
168
  end
189
169
 
@@ -192,30 +172,27 @@ module OsoCloud
192
172
  attr_reader :results
193
173
 
194
174
  def initialize(results:)
195
- @results = results.map { |v| if v.is_a? Fact then v else Fact.new(**v) end }
175
+ @results = results.map { |v| (v.is_a? Fact) ? v : Fact.new(**v) }
196
176
  end
197
177
  end
198
178
 
199
179
  # @!visibility private
200
180
  class Query
201
- attr_reader :fact
202
- attr_reader :context_facts
181
+ attr_reader :fact, :context_facts
203
182
 
204
183
  def initialize(fact:, context_facts:)
205
- if fact.is_a? Fact
206
- @fact = fact
207
- else
208
- @fact = Fact.new(**fact)
209
- end
210
- @context_facts = context_facts.map { |v| if v.is_a? Fact then v else Fact.new(**v) end }
184
+ @fact = if fact.is_a? Fact
185
+ fact
186
+ else
187
+ Fact.new(**fact)
188
+ end
189
+ @context_facts = context_facts.map { |v| (v.is_a? Fact) ? v : Fact.new(**v) }
211
190
  end
212
191
  end
213
192
 
214
193
  # @!visibility private
215
194
  class StatsResult
216
- attr_reader :num_roles
217
- attr_reader :num_relations
218
- attr_reader :num_facts
195
+ attr_reader :num_roles, :num_relations, :num_facts
219
196
 
220
197
  def initialize(num_roles:, num_relations:, num_facts:)
221
198
  @num_roles = num_roles
@@ -224,7 +201,6 @@ module OsoCloud
224
201
  end
225
202
  end
226
203
 
227
-
228
204
  # @!visibility private
229
205
  class Api
230
206
  def initialize(url: 'https://cloud.osohq.com', api_key: nil, options: nil)
@@ -246,7 +222,7 @@ module OsoCloud
246
222
  retry_statuses: [429, 500, 502, 503, 504],
247
223
  # ensure authorize and related check functions are retried because
248
224
  # they are POST requests, which are not retried automatically
249
- retry_if: ->(env, _exc) {
225
+ retry_if: lambda { |env, _exc|
250
226
  %w[
251
227
  /api/authorize
252
228
  /api/authorize_resources
@@ -254,18 +230,18 @@ module OsoCloud
254
230
  /api/actions
255
231
  /api/query
256
232
  ].include? env.url.path
257
- },
233
+ }
258
234
  }
259
235
 
260
- if (options && options[:test_adapter])
236
+ if options && options[:test_adapter]
261
237
  faraday.adapter :test do |stub|
262
- stub.post(options[:test_adapter][:path]) do |env|
238
+ stub.post(options[:test_adapter][:path]) do |_env|
263
239
  options[:test_adapter][:func].call
264
240
  end
265
- stub.get(options[:test_adapter][:path]) do |env|
241
+ stub.get(options[:test_adapter][:path]) do |_env|
266
242
  options[:test_adapter][:func].call
267
243
  end
268
- stub.delete(options[:test_adapter][:path]) do |env|
244
+ stub.delete(options[:test_adapter][:path]) do |_env|
269
245
  options[:test_adapter][:func].call
270
246
  end
271
247
  end
@@ -274,12 +250,13 @@ module OsoCloud
274
250
  end
275
251
  end
276
252
  @api_key = api_key
253
+ @user_agent = "Oso Cloud (ruby #{RUBY_VERSION}p#{RUBY_PATCHLEVEL}; rv:#{VERSION})"
277
254
  end
278
255
 
279
- def get_policy()
256
+ def get_policy
280
257
  params = {}
281
258
  data = nil
282
- url = "/policy"
259
+ url = '/policy'
283
260
  result = GET(url, params, data)
284
261
  GetPolicyResult.new(**result)
285
262
  end
@@ -287,7 +264,7 @@ module OsoCloud
287
264
  def post_policy(data)
288
265
  params = {}
289
266
  data = OsoCloud::Helpers.to_hash(data)
290
- url = "/policy"
267
+ url = '/policy'
291
268
  result = POST(url, params, data)
292
269
  ApiResult.new(**result)
293
270
  end
@@ -295,7 +272,7 @@ module OsoCloud
295
272
  def post_facts(data)
296
273
  params = {}
297
274
  data = OsoCloud::Helpers.to_hash(data)
298
- url = "/facts"
275
+ url = '/facts'
299
276
  result = POST(url, params, data)
300
277
  Fact.new(**result)
301
278
  end
@@ -303,7 +280,7 @@ module OsoCloud
303
280
  def delete_facts(data)
304
281
  params = {}
305
282
  data = OsoCloud::Helpers.to_hash(data)
306
- url = "/facts"
283
+ url = '/facts'
307
284
  result = DELETE(url, params, data)
308
285
  ApiResult.new(**result)
309
286
  end
@@ -311,7 +288,7 @@ module OsoCloud
311
288
  def post_bulk_load(data)
312
289
  params = {}
313
290
  data = OsoCloud::Helpers.to_hash(data)
314
- url = "/bulk_load"
291
+ url = '/bulk_load'
315
292
  result = POST(url, params, data)
316
293
  ApiResult.new(**result)
317
294
  end
@@ -319,7 +296,7 @@ module OsoCloud
319
296
  def post_bulk_delete(data)
320
297
  params = {}
321
298
  data = OsoCloud::Helpers.to_hash(data)
322
- url = "/bulk_delete"
299
+ url = '/bulk_delete'
323
300
  result = POST(url, params, data)
324
301
  ApiResult.new(**result)
325
302
  end
@@ -327,7 +304,7 @@ module OsoCloud
327
304
  def post_bulk(data)
328
305
  params = {}
329
306
  data = OsoCloud::Helpers.to_hash(data)
330
- url = "/bulk"
307
+ url = '/bulk'
331
308
  result = POST(url, params, data)
332
309
  ApiResult.new(**result)
333
310
  end
@@ -335,7 +312,7 @@ module OsoCloud
335
312
  def post_authorize(data)
336
313
  params = {}
337
314
  data = OsoCloud::Helpers.to_hash(data)
338
- url = "/authorize"
315
+ url = '/authorize'
339
316
  result = POST(url, params, data)
340
317
  AuthorizeResult.new(**result)
341
318
  end
@@ -343,7 +320,7 @@ module OsoCloud
343
320
  def post_authorize_resources(data)
344
321
  params = {}
345
322
  data = OsoCloud::Helpers.to_hash(data)
346
- url = "/authorize_resources"
323
+ url = '/authorize_resources'
347
324
  result = POST(url, params, data)
348
325
  AuthorizeResourcesResult.new(**result)
349
326
  end
@@ -351,7 +328,7 @@ module OsoCloud
351
328
  def post_list(data)
352
329
  params = {}
353
330
  data = OsoCloud::Helpers.to_hash(data)
354
- url = "/list"
331
+ url = '/list'
355
332
  result = POST(url, params, data)
356
333
  ListResult.new(**result)
357
334
  end
@@ -359,7 +336,7 @@ module OsoCloud
359
336
  def post_actions(data)
360
337
  params = {}
361
338
  data = OsoCloud::Helpers.to_hash(data)
362
- url = "/actions"
339
+ url = '/actions'
363
340
  result = POST(url, params, data)
364
341
  ActionsResult.new(**result)
365
342
  end
@@ -367,33 +344,34 @@ module OsoCloud
367
344
  def post_query(data)
368
345
  params = {}
369
346
  data = OsoCloud::Helpers.to_hash(data)
370
- url = "/query"
347
+ url = '/query'
371
348
  result = POST(url, params, data)
372
349
  QueryResult.new(**result)
373
350
  end
374
351
 
375
- def get_stats()
352
+ def get_stats
376
353
  params = {}
377
354
  data = nil
378
- url = "/stats"
355
+ url = '/stats'
379
356
  result = GET(url, params, data)
380
357
  StatsResult.new(**result)
381
358
  end
382
359
 
383
- def clear_data()
360
+ def clear_data
384
361
  params = {}
385
362
  data = nil
386
- url = "/clear_data"
363
+ url = '/clear_data'
387
364
  result = POST(url, params, data)
388
365
  ApiResult.new(**result)
389
366
  end
390
367
 
391
-
392
368
  # hard-coded, not generated
393
369
  def get_facts(predicate, args)
394
370
  params = {}
395
- params["predicate"] = predicate
371
+ params['predicate'] = predicate
396
372
  args.each_with_index do |arg, i|
373
+ next if arg.nil?
374
+
397
375
  arg_query = OsoCloud::Helpers.extract_arg_query(arg)
398
376
  if arg_query
399
377
  params["args.#{i}.type"] = arg_query.type
@@ -401,26 +379,26 @@ module OsoCloud
401
379
  end
402
380
  end
403
381
  data = nil
404
- url = "/facts"
382
+ url = '/facts'
405
383
  result = GET(url, params, data)
406
384
  result.map { |v| Fact.new(**v) }
407
385
  end
408
386
 
409
- def headers()
387
+ def headers
410
388
  {
411
- "Authorization" => "Bearer %s" % @api_key,
412
- "User-Agent" => "Oso Cloud (ruby)",
413
- "Accept": "application/json",
414
- "Content-Type": "application/json",
415
- "X-OsoApiVersion": "0"
389
+ 'Authorization' => format('Bearer %s', @api_key),
390
+ 'User-Agent' => @user_agent,
391
+ Accept: 'application/json',
392
+ 'Content-Type': 'application/json',
393
+ 'X-OsoApiVersion': '0'
416
394
  }
417
395
  end
418
396
 
419
- def GET(path, params, body)
420
- response = @connection.get("api#{path}", params, headers )
397
+ def GET(path, params, _body)
398
+ response = @connection.get("api#{path}", params, headers)
421
399
  handle_faraday_response response
422
- rescue Faraday::Error => error
423
- handle_faraday_error error
400
+ rescue Faraday::Error => e
401
+ handle_faraday_error e
424
402
  end
425
403
 
426
404
  def POST(path, params, body)
@@ -428,8 +406,8 @@ module OsoCloud
428
406
  req.params = params
429
407
  end
430
408
  handle_faraday_response response
431
- rescue Faraday::Error => error
432
- handle_faraday_error error
409
+ rescue Faraday::Error => e
410
+ handle_faraday_error e
433
411
  end
434
412
 
435
413
  def DELETE(path, params, body)
@@ -437,12 +415,12 @@ module OsoCloud
437
415
  req.body = body
438
416
  end
439
417
  handle_faraday_response response
440
- rescue Faraday::Error => error
441
- handle_faraday_error error
418
+ rescue Faraday::Error => e
419
+ handle_faraday_error e
442
420
  end
443
421
 
444
422
  def handle_faraday_response(response)
445
- # TODO:(@patrickod) refactor duplicative JSON parsing
423
+ # TODO: (@patrickod) refactor duplicative JSON parsing
446
424
  JSON.parse(response.env[:raw_body], symbolize_names: true)
447
425
  end
448
426
 
@@ -453,6 +431,5 @@ module OsoCloud
453
431
  raise ApiError.new(message: e.message)
454
432
  end
455
433
  end
456
-
457
434
  end
458
435
  end
data/lib/oso/helpers.rb CHANGED
@@ -3,9 +3,9 @@ module OsoCloud
3
3
  module Helpers
4
4
  # @!visibility private
5
5
  def self.extract_value(x)
6
- return OsoCloud::Core::Value.new(type: "String", id: x) if x.is_a? String
6
+ return OsoCloud::Core::Value.new(type: 'String', id: x) if x.is_a? String
7
7
 
8
- return nil if x.nil?
8
+ return OsoCloud::Core::Value.new(type: nil, id: nil) if x.nil?
9
9
 
10
10
  type = (x.type.nil? ? nil : x.type.to_s)
11
11
  id = (x.id.nil? ? nil : x.id.to_s)
@@ -14,17 +14,33 @@ module OsoCloud
14
14
 
15
15
  # @!visibility private
16
16
  def self.extract_arg_query(x)
17
- self.extract_value(x)
17
+ extract_value(x)
18
18
  end
19
19
 
20
20
  # @!visibility private
21
21
  def self.param_to_fact(predicate, args)
22
- OsoCloud::Core::Fact.new(predicate: predicate, args: args.map { |a| self.extract_value(a) })
22
+ OsoCloud::Core::Fact.new(predicate: predicate, args: args.map { |a| extract_value(a) })
23
23
  end
24
24
 
25
25
  # @!visibility private
26
26
  def self.params_to_facts(facts)
27
- facts.map { |predicate, *args| self.param_to_fact(predicate, args) }
27
+ facts.map { |predicate, *args| param_to_fact(predicate, args) }
28
+ end
29
+
30
+ # @!visibility private
31
+ def self.facts_to_params(facts)
32
+ facts.map do |f|
33
+ name = f.predicate
34
+ args = f.args.map do |a|
35
+ v = from_value(a)
36
+ if v.is_a? Hash
37
+ OsoCloud::Value.new(type: v[:type], id: v[:id])
38
+ else
39
+ v
40
+ end
41
+ end
42
+ [name, *args]
43
+ end
28
44
  end
29
45
 
30
46
  def self.from_value(value)
@@ -34,25 +50,24 @@ module OsoCloud
34
50
  else
35
51
  { type: value.type }
36
52
  end
53
+ elsif value.type == 'String'
54
+ value.id
37
55
  else
38
- if value.type == "String"
39
- value.id
40
- else
41
- { id: value.id, type: value.type }
42
- end
56
+ { id: value.id, type: value.type }
43
57
  end
44
58
  end
45
59
 
46
60
  # @!visibility private
47
61
  def self.to_hash(o)
48
- return o.map { |v| self.to_hash(v) } if o.is_a? Array
62
+ return o.map { |v| to_hash(v) } if o.is_a? Array
49
63
  return o if o.instance_variables.empty?
64
+
50
65
  hash = {}
51
- o.instance_variables.each { |var|
52
- v = var.to_s.delete("@")
66
+ o.instance_variables.each do |var|
67
+ v = var.to_s.delete('@')
53
68
  value = o.send(v)
54
- hash[v] = self.to_hash(value)
55
- }
69
+ hash[v] = to_hash(value)
70
+ end
56
71
  hash
57
72
  end
58
73
  end
data/lib/oso/oso.rb CHANGED
@@ -10,11 +10,9 @@ require 'oso/helpers'
10
10
  # For more detailed documentation, see
11
11
  # https://www.osohq.com/docs/reference/client-apis/ruby
12
12
  module OsoCloud
13
-
14
13
  # Represents an object in your application, with a type and id.
15
14
  # Both "type" and "id" should be strings.
16
- Value = Struct::new(:type, :id, keyword_init: true) do
17
-
15
+ Value = Struct.new(:type, :id, keyword_init: true) do
18
16
  def to_api_value
19
17
  OsoCloud::Helpers.extract_value(self)
20
18
  end
@@ -43,7 +41,7 @@ module OsoCloud
43
41
  # @param policy [String]
44
42
  # @return [nil]
45
43
  def policy(policy)
46
- @api.post_policy(OsoCloud::Core::Policy.new(src: policy, filename: ""))
44
+ @api.post_policy(OsoCloud::Core::Policy.new(src: policy, filename: ''))
47
45
  nil
48
46
  end
49
47
 
@@ -58,18 +56,18 @@ module OsoCloud
58
56
  # @param resource [OsoCloud::Value]
59
57
  # @param context_facts [Array<fact>]
60
58
  # @return [Boolean]
61
- # @see Oso more information about facts
59
+ # @see Oso for more information about facts
62
60
  def authorize(actor, action, resource, context_facts = [])
63
61
  actor_typed_id = actor.to_api_value
64
62
  resource_typed_id = resource.to_api_value
65
63
  result = @api.post_authorize(OsoCloud::Core::AuthorizeQuery.new(
66
- actor_type: actor_typed_id.type,
67
- actor_id: actor_typed_id.id,
68
- action: action,
69
- resource_type: resource_typed_id.type,
70
- resource_id: resource_typed_id.id,
71
- context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
72
- ))
64
+ actor_type: actor_typed_id.type,
65
+ actor_id: actor_typed_id.id,
66
+ action: action,
67
+ resource_type: resource_typed_id.type,
68
+ resource_id: resource_typed_id.id,
69
+ context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
70
+ ))
73
71
  result.allowed
74
72
  end
75
73
 
@@ -84,7 +82,7 @@ module OsoCloud
84
82
  # @param resources [Array<OsoCloud::Value>]
85
83
  # @param context_facts [Array<fact>]
86
84
  # @return [Array<OsoCloud::Value>]
87
- # @see Oso more information about facts
85
+ # @see Oso for more information about facts
88
86
  def authorize_resources(actor, action, resources, context_facts = [])
89
87
  return [] if resources.nil?
90
88
  return [] if resources.empty?
@@ -99,26 +97,23 @@ module OsoCloud
99
97
  actor_type: actor_typed_id.type, actor_id: actor_typed_id.id,
100
98
  action: action,
101
99
  resources: resources_extracted,
102
- context_facts: OsoCloud::Helpers::params_to_facts(context_facts)
100
+ context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
103
101
  )
104
102
  result = @api.post_authorize_resources(data)
105
103
 
106
104
  return [] if result.results.empty?
107
105
 
108
- results_lookup = Hash.new
106
+ results_lookup = {}
109
107
  result.results.each do |r|
110
108
  k = key.call(r.type, r.id)
111
- if results_lookup[k] == nil
112
- results_lookup[k] = true
113
- end
109
+ results_lookup[k] = true if results_lookup[k].nil?
114
110
  end
115
111
 
116
- results = resources.select do |r|
112
+ resources.select do |r|
117
113
  e = r.to_api_value
118
114
  exists = results_lookup[key.call(e.type, e.id)]
119
115
  exists
120
116
  end
121
- results
122
117
  end
123
118
 
124
119
  ##
@@ -132,16 +127,16 @@ module OsoCloud
132
127
  # @param resource_type [String]
133
128
  # @param context_facts [Array<fact>]
134
129
  # @return [Array<String>]
135
- # @see Oso more information about facts
130
+ # @see Oso for more information about facts
136
131
  def list(actor, action, resource_type, context_facts = [])
137
132
  actor_typed_id = actor.to_api_value
138
133
  result = @api.post_list(OsoCloud::Core::ListQuery.new(
139
- actor_type: actor_typed_id.type,
140
- actor_id: actor_typed_id.id,
141
- action: action,
142
- resource_type: resource_type,
143
- context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
144
- ))
134
+ actor_type: actor_typed_id.type,
135
+ actor_id: actor_typed_id.id,
136
+ action: action,
137
+ resource_type: resource_type,
138
+ context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
139
+ ))
145
140
  result.results
146
141
  end
147
142
 
@@ -154,17 +149,17 @@ module OsoCloud
154
149
  # @param resource [OsoCloud::Value]
155
150
  # @param context_facts [Array<fact>]
156
151
  # @return [Array<String>]
157
- # @see Oso more information about facts
152
+ # @see Oso for more information about facts
158
153
  def actions(actor, resource, context_facts = [])
159
154
  actor_typed_id = actor.to_api_value
160
155
  resource_typed_id = resource.to_api_value
161
156
  result = @api.post_actions(OsoCloud::Core::ActionsQuery.new(
162
- actor_type: actor_typed_id.type,
163
- actor_id: actor_typed_id.id,
164
- resource_type: resource_typed_id.type,
165
- resource_id: resource_typed_id.id,
166
- context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
167
- ))
157
+ actor_type: actor_typed_id.type,
158
+ actor_id: actor_typed_id.id,
159
+ resource_type: resource_typed_id.type,
160
+ resource_id: resource_typed_id.id,
161
+ context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
162
+ ))
168
163
  result.results
169
164
  end
170
165
 
@@ -177,7 +172,7 @@ module OsoCloud
177
172
  # @param args [*[String, OsoCloud::Value]]
178
173
  # @return [nil]
179
174
  def tell(name, *args)
180
- typed_args = args.map { |a| OsoCloud::Helpers.extract_value(a)}
175
+ typed_args = args.map { |a| OsoCloud::Helpers.extract_value(a) }
181
176
  @api.post_facts(OsoCloud::Core::Fact.new(predicate: name, args: typed_args))
182
177
  nil
183
178
  end
@@ -189,7 +184,7 @@ module OsoCloud
189
184
  #
190
185
  # @param facts [Array<fact>]
191
186
  # @return [nil]
192
- # @see Oso more information about facts
187
+ # @see Oso for more information about facts
193
188
  def bulk_tell(facts)
194
189
  @api.post_bulk_load(OsoCloud::Helpers.params_to_facts(facts))
195
190
  nil
@@ -217,12 +212,32 @@ module OsoCloud
217
212
  #
218
213
  # @param facts [Array<fact>]
219
214
  # @return [nil]
220
- # @see Oso more information about facts
215
+ # @see Oso for more information about facts
221
216
  def bulk_delete(facts)
222
217
  @api.post_bulk_delete(OsoCloud::Helpers.params_to_facts(facts))
223
218
  nil
224
219
  end
225
220
 
221
+ ##
222
+ # Transactionally delete and insert fact(s)
223
+ #
224
+ # Delete(s) are processed before insertion(s). nil arguments in facts to be
225
+ # deleted act as wildcards. Does not throw an error if facts to be deleted
226
+ # are not found or facts to be inserted already exist.
227
+ #
228
+ #
229
+ # Throws an OsoCloud::Core::Api exception if error returned from server.
230
+ #
231
+ # @param delete [Array<fact>]
232
+ # @param insert [Array<fact>]
233
+ # @return [nil]
234
+ # @see Oso for more information about facts
235
+ def bulk(delete: [], insert: [])
236
+ @api.post_bulk(OsoCloud::Core::Bulk.new(delete: OsoCloud::Helpers.params_to_facts(delete),
237
+ tell: OsoCloud::Helpers.params_to_facts(insert)))
238
+ nil
239
+ end
240
+
226
241
  ##
227
242
  # List facts
228
243
  #
@@ -233,23 +248,27 @@ module OsoCloud
233
248
  # @param name [String]
234
249
  # @param args [*[String, OsoCloud::Value, nil]]
235
250
  # @return [Array<fact>]
236
- # @see Oso more information about facts
251
+ # @see Oso for more information about facts
237
252
  def get(name, *args)
238
- @api.get_facts(name, args).map do |f|
239
- name = f.predicate
240
- args = f.args.map do |a|
241
- v = OsoCloud::Helpers.from_value(a)
242
- if v.is_a? Hash
243
- OsoCloud::Value.new(type: v[:type], id: v[:id])
244
- else
245
- v
246
- end
247
- end
248
- [name, *args]
249
- end
253
+ OsoCloud::Helpers.facts_to_params(@api.get_facts(name, args))
250
254
  end
251
255
 
252
-
253
- # TODO query, bulk
256
+ ##
257
+ # List added and derived facts
258
+ #
259
+ # Lists facts that are stored in Oso Cloud in addition to derived facts
260
+ # from evaluating the policy. nil arguments operate as wildcards.
261
+ #
262
+ # @param name [String]
263
+ # @param args [Array<[String, OsoCloud::Value, nil]>]
264
+ # @param context_facts [Array<fact>]
265
+ # @return [Array<fact>]
266
+ # @see Oso for more information about facts
267
+ def query(name, *args, context_facts: [])
268
+ typed_args = args.map { |a| OsoCloud::Helpers.extract_value(a) }
269
+ result = @api.post_query(OsoCloud::Core::Query.new(fact: OsoCloud::Helpers.param_to_fact(name, typed_args),
270
+ context_facts: OsoCloud::Helpers.params_to_facts(context_facts)))
271
+ OsoCloud::Helpers.facts_to_params(result.results)
272
+ end
254
273
  end
255
274
  end
data/lib/oso/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OsoCloud
2
- VERSION = '1.0.1'.freeze
2
+ VERSION = '1.1.1'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oso-cloud
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Oso Security, Inc.
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-03-29 00:00:00.000000000 Z
11
+ date: 2023-04-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: faraday
@@ -60,6 +60,7 @@ extensions: []
60
60
  extra_rdoc_files: []
61
61
  files:
62
62
  - ".gitignore"
63
+ - ".rubocop.yml"
63
64
  - Gemfile
64
65
  - Gemfile.lock
65
66
  - README.md