oso-cloud 1.3.0.dev.5 → 1.3.0.dev.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/oso/api.rb +18 -3
- data/lib/oso/oso.rb +30 -14
- data/lib/oso/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 844583229037d7124d91b588abfbef062026c934d5cd1dcd0e4892a6d539b969
|
|
4
|
+
data.tar.gz: 889f910639d097b5c5e29fa64e36959a7c7aebbe7ffe48dfa080f8bbef119015
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 77883cfc4f1584d65a31f1d620d239bcb98b70de099320c91590de55b4a39ee8b4aa7d5c80bbe7b94b8f6f16a02aeab6d54efb5aeecb1a289e7f93ac9048e1a8
|
|
7
|
+
data.tar.gz: ecd8b9f6377a4465b9cc39622d35da59a548229ab6df9edc212859e0f282041a812644c02f4cc9e25065e047e805d1fd594b69f5adeb9b40e4e0a4ddab5711a2
|
data/Gemfile.lock
CHANGED
data/lib/oso/api.rb
CHANGED
|
@@ -203,6 +203,17 @@ module OsoCloud
|
|
|
203
203
|
end
|
|
204
204
|
end
|
|
205
205
|
|
|
206
|
+
class OsoAdapter < Faraday::Adapter::Typhoeus
|
|
207
|
+
@@max_concurrency = 20
|
|
208
|
+
|
|
209
|
+
def self.setup_parallel_manager(options = {})
|
|
210
|
+
options[:max_concurrency] = @@max_concurrency
|
|
211
|
+
::Typhoeus::Hydra.new(options)
|
|
212
|
+
end
|
|
213
|
+
end
|
|
214
|
+
|
|
215
|
+
Faraday::Adapter.register_middleware(oso_http: OsoAdapter)
|
|
216
|
+
|
|
206
217
|
# @!visibility private
|
|
207
218
|
class Api
|
|
208
219
|
def get_connection(options: nil)
|
|
@@ -214,6 +225,7 @@ module OsoCloud
|
|
|
214
225
|
# parser is only applied if there are no errors
|
|
215
226
|
faraday.response :json, parser_options: { symbolize_names: true }
|
|
216
227
|
faraday.response :raise_error
|
|
228
|
+
# faraday.response :logger
|
|
217
229
|
faraday.request :retry, {
|
|
218
230
|
max: (options && options[:max_retries]) || 10,
|
|
219
231
|
interval: 0.01,
|
|
@@ -247,17 +259,20 @@ module OsoCloud
|
|
|
247
259
|
end
|
|
248
260
|
end
|
|
249
261
|
elsif options && options[:parallel_adapter]
|
|
250
|
-
|
|
262
|
+
if options[:max_concurrency]
|
|
263
|
+
OsoAdapter.class_variable_set(:@@max_concurrency, options[:max_concurrency])
|
|
264
|
+
end
|
|
265
|
+
faraday.adapter :oso_http, forbid_reuse: false, maxredirs: 1, connecttimeout: 30
|
|
251
266
|
else
|
|
252
267
|
faraday.adapter :net_http_persistent, pool_size: 10, idle_timeout: 30
|
|
253
268
|
end
|
|
254
269
|
end
|
|
255
270
|
end
|
|
256
271
|
|
|
257
|
-
def initialize(url: 'https://api.osohq.com', api_key: nil, options:
|
|
272
|
+
def initialize(url: 'https://api.osohq.com', api_key: nil, options: {})
|
|
258
273
|
@url = url
|
|
259
274
|
@connection = get_connection(options: options)
|
|
260
|
-
@parallel_connection = get_connection(options: { parallel_adapter: true })
|
|
275
|
+
@parallel_connection = get_connection(options: { parallel_adapter: true, max_concurrency: options[:max_concurrency] })
|
|
261
276
|
@api_key = api_key
|
|
262
277
|
@user_agent = "Oso Cloud (ruby #{RUBY_VERSION}p#{RUBY_PATCHLEVEL}; rv:#{VERSION})"
|
|
263
278
|
@last_offset = nil
|
data/lib/oso/oso.rb
CHANGED
|
@@ -28,8 +28,8 @@ module OsoCloud
|
|
|
28
28
|
# Any other elements in the array, which together represent the fact's arguments,
|
|
29
29
|
# can be "OsoCloud::Value" objects or strings.
|
|
30
30
|
class Oso
|
|
31
|
-
def initialize(url: 'https://cloud.osohq.com', api_key: nil)
|
|
32
|
-
@api = OsoCloud::Core::Api.new(url: url, api_key: api_key)
|
|
31
|
+
def initialize(url: 'https://cloud.osohq.com', api_key: nil, options: nil)
|
|
32
|
+
@api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: options || {})
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
# Update the active policy
|
|
@@ -270,21 +270,37 @@ module OsoCloud
|
|
|
270
270
|
OsoCloud::Helpers.facts_to_params(result.results)
|
|
271
271
|
end
|
|
272
272
|
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
273
|
+
##
|
|
274
|
+
# List authorized actions for a batch of queries
|
|
275
|
+
#
|
|
276
|
+
# Fetches a list of actions which an actor can perform on a particular resource.
|
|
277
|
+
#
|
|
278
|
+
# @param actor [OsoCloud::Value]
|
|
279
|
+
# @param queries [Array<OsoCloud::Value>] | Array<[OsoCloud::Value, Array<fact>]>
|
|
280
|
+
# @return [Array<Array<String>>]
|
|
281
|
+
# @see Oso for more information about facts
|
|
282
|
+
def actions_batch(actor, queries:)
|
|
283
|
+
actor_typed_id = actor.to_api_value
|
|
284
|
+
data = queries.map do |q|
|
|
285
|
+
context_facts = []
|
|
286
|
+
resource = nil
|
|
287
|
+
if (q.is_a?(Array))
|
|
288
|
+
resource = q[0]
|
|
289
|
+
context_facts = q[1]
|
|
290
|
+
else
|
|
291
|
+
resource = q
|
|
292
|
+
end
|
|
293
|
+
resource_typed_id = resource.to_api_value
|
|
294
|
+
OsoCloud::Core::ActionsQuery.new(
|
|
295
|
+
actor_type: actor_typed_id.type,
|
|
296
|
+
actor_id: actor_typed_id.id,
|
|
297
|
+
resource_type: resource_typed_id.type,
|
|
298
|
+
resource_id: resource_typed_id.id,
|
|
299
|
+
context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
|
|
300
|
+
)
|
|
284
301
|
end
|
|
285
302
|
@api.post_actions_batch(data).map { |result| result.results}
|
|
286
303
|
end
|
|
287
304
|
end
|
|
288
305
|
|
|
289
306
|
end
|
|
290
|
-
|
data/lib/oso/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oso-cloud
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.3.0.dev.
|
|
4
|
+
version: 1.3.0.dev.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Oso Security, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-09
|
|
11
|
+
date: 2023-10-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|