oso-cloud 1.3.0.dev.7 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -34
  3. data/lib/oso/api.rb +53 -74
  4. data/lib/oso/oso.rb +3 -35
  5. data/lib/oso/version.rb +1 -1
  6. data/oso-cloud.gemspec +0 -5
  7. metadata +7 -63
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 844583229037d7124d91b588abfbef062026c934d5cd1dcd0e4892a6d539b969
4
- data.tar.gz: 889f910639d097b5c5e29fa64e36959a7c7aebbe7ffe48dfa080f8bbef119015
3
+ metadata.gz: 7449894386d2dd2bfd681e8586f59637b8cbc69eb9058da28e8a09ad5e97cabe
4
+ data.tar.gz: 1b2766a45d78838742694759ab8bc1698dc9a219b8e9ccb05283cc9677777fac
5
5
  SHA512:
6
- metadata.gz: 77883cfc4f1584d65a31f1d620d239bcb98b70de099320c91590de55b4a39ee8b4aa7d5c80bbe7b94b8f6f16a02aeab6d54efb5aeecb1a289e7f93ac9048e1a8
7
- data.tar.gz: ecd8b9f6377a4465b9cc39622d35da59a548229ab6df9edc212859e0f282041a812644c02f4cc9e25065e047e805d1fd594b69f5adeb9b40e4e0a4ddab5711a2
6
+ metadata.gz: 7e6e454bdd19f96680fba49fa045b781443be54e3060aeb7bf1c37f2938f711d73c430d270aa85e429f0ffe77353fadc412a65b35abceab5f2cb8b026a27c38f
7
+ data.tar.gz: 2d5bde575259087917b2575ae2bc85fa82d27821426799507a32021a4a61c0a4b69c055b4b6c4bede5ed7a2916557b05ba3de0e6a5af00c6ca7c68d22ec7e79b
data/Gemfile.lock CHANGED
@@ -1,53 +1,22 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- oso-cloud (1.3.0.dev.6)
4
+ oso-cloud (1.3.0)
5
5
  faraday (~> 2.5.2)
6
- faraday-net_http_persistent (~> 2.0)
7
6
  faraday-retry (~> 2.0.0)
8
- faraday-typhoeus (~> 1.0.0)
9
7
 
10
8
  GEM
11
9
  remote: https://rubygems.org/
12
10
  specs:
13
- binding_of_caller (1.0.0)
14
- debug_inspector (>= 0.0.1)
15
- coderay (1.1.3)
16
- connection_pool (2.4.1)
17
- debug_inspector (1.1.0)
18
- ethon (0.16.0)
19
- ffi (>= 1.15.0)
20
11
  faraday (2.5.2)
21
12
  faraday-net_http (>= 2.0, < 3.1)
22
13
  ruby2_keywords (>= 0.0.4)
23
14
  faraday-net_http (3.0.2)
24
- faraday-net_http_persistent (2.1.0)
25
- faraday (~> 2.5)
26
- net-http-persistent (~> 4.0)
27
15
  faraday-retry (2.0.0)
28
16
  faraday (~> 2.0)
29
- faraday-typhoeus (1.0.0)
30
- faraday (~> 2.0)
31
- typhoeus (~> 1.4)
32
- ffi (1.16.2)
33
- interception (0.5)
34
- method_source (1.0.0)
35
17
  minitest (5.18.0)
36
- net-http-persistent (4.0.2)
37
- connection_pool (~> 2.2)
38
- pry (0.14.2)
39
- coderay (~> 1.1)
40
- method_source (~> 1.0)
41
- pry-rescue (1.5.2)
42
- interception (>= 0.5)
43
- pry (>= 0.12.0)
44
- pry-stack_explorer (0.6.1)
45
- binding_of_caller (~> 1.0)
46
- pry (~> 0.13)
47
18
  rake (12.3.3)
48
19
  ruby2_keywords (0.0.5)
49
- typhoeus (1.4.0)
50
- ethon (>= 0.9.0)
51
20
 
52
21
  PLATFORMS
53
22
  ruby
@@ -55,8 +24,6 @@ PLATFORMS
55
24
  DEPENDENCIES
56
25
  minitest (~> 5.15)
57
26
  oso-cloud!
58
- pry-rescue
59
- pry-stack_explorer
60
27
  rake (~> 12.0)
61
28
 
62
29
  BUNDLED WITH
data/lib/oso/api.rb CHANGED
@@ -2,8 +2,6 @@ require 'json'
2
2
  require 'uri'
3
3
  require 'faraday'
4
4
  require 'faraday/retry'
5
- require 'faraday/typhoeus'
6
- require 'faraday/net_http_persistent'
7
5
 
8
6
  require 'oso/helpers'
9
7
  require 'oso/version'
@@ -203,21 +201,11 @@ module OsoCloud
203
201
  end
204
202
  end
205
203
 
206
- class OsoAdapter < Faraday::Adapter::Typhoeus
207
- @@max_concurrency = 20
208
-
209
- def self.setup_parallel_manager(options = {})
210
- options[:max_concurrency] = @@max_concurrency
211
- ::Typhoeus::Hydra.new(options)
212
- end
213
- end
214
-
215
- Faraday::Adapter.register_middleware(oso_http: OsoAdapter)
216
-
217
204
  # @!visibility private
218
205
  class Api
219
- def get_connection(options: nil)
220
- Faraday.new(url: @url) do |faraday|
206
+ def initialize(url: 'https://api.osohq.com', api_key: nil, options: nil)
207
+ @url = url
208
+ @connection = Faraday.new(url: url) do |faraday|
221
209
  faraday.request :json
222
210
 
223
211
  # responses are processed in reverse order; this stack implies the
@@ -225,7 +213,6 @@ module OsoCloud
225
213
  # parser is only applied if there are no errors
226
214
  faraday.response :json, parser_options: { symbolize_names: true }
227
215
  faraday.response :raise_error
228
- # faraday.response :logger
229
216
  faraday.request :retry, {
230
217
  max: (options && options[:max_retries]) || 10,
231
218
  interval: 0.01,
@@ -243,7 +230,7 @@ module OsoCloud
243
230
  /api/actions
244
231
  /api/query
245
232
  ].include? env.url.path
246
- },
233
+ }
247
234
  }
248
235
 
249
236
  if options && options[:test_adapter]
@@ -258,26 +245,32 @@ module OsoCloud
258
245
  options[:test_adapter][:func].call
259
246
  end
260
247
  end
261
- elsif options && options[:parallel_adapter]
262
- if options[:max_concurrency]
263
- OsoAdapter.class_variable_set(:@@max_concurrency, options[:max_concurrency])
264
- end
265
- faraday.adapter :oso_http, forbid_reuse: false, maxredirs: 1, connecttimeout: 30
266
248
  else
267
- faraday.adapter :net_http_persistent, pool_size: 10, idle_timeout: 30
249
+ faraday.adapter :net_http
268
250
  end
269
251
  end
270
- end
271
252
 
272
- def initialize(url: 'https://api.osohq.com', api_key: nil, options: {})
273
- @url = url
274
- @connection = get_connection(options: options)
275
- @parallel_connection = get_connection(options: { parallel_adapter: true, max_concurrency: options[:max_concurrency] })
253
+ if options && options[:fallback_url]
254
+ @fallback_connection = Faraday.new(url: options[:fallback_url]) do |faraday|
255
+ faraday.request :json
256
+ faraday.response :json, parser_options: { symbolize_names: true }
257
+ faraday.response :raise_error
258
+ faraday.adapter :net_http
259
+ end
260
+ end
276
261
  @api_key = api_key
277
262
  @user_agent = "Oso Cloud (ruby #{RUBY_VERSION}p#{RUBY_PATCHLEVEL}; rv:#{VERSION})"
278
263
  @last_offset = nil
279
264
  end
280
265
 
266
+ def fallback_eligible(path)
267
+ !@fallback_connection.nil? && ['/authorize',
268
+ '/authorize_resources',
269
+ '/list',
270
+ '/actions',
271
+ '/query'].include?(path)
272
+ end
273
+
281
274
  def get_policy
282
275
  url = '/policy'
283
276
  result = GET(url, nil)
@@ -344,12 +337,6 @@ module OsoCloud
344
337
  ActionsResult.new(**result)
345
338
  end
346
339
 
347
- def post_actions_batch(batch_data)
348
- url = '/actions'
349
- results = POST_BATCH(url, nil, batch_data, false)
350
- results.map { |result| ActionsResult.new(**result.body) }
351
- end
352
-
353
340
  def post_query(data)
354
341
  url = '/query'
355
342
  result = POST(url, nil, data, false)
@@ -400,56 +387,48 @@ module OsoCloud
400
387
  end
401
388
 
402
389
  def GET(path, params)
403
- response = @connection.get("api#{path}") do |req|
404
- req.params = params unless params.nil?
405
- req.headers = headers
406
- end
407
- response.body
408
- rescue Faraday::Error => e
409
- handle_faraday_error e
410
- end
411
-
412
- def POST_BATCH(path, params, body_array, isMutation)
413
- connection = @parallel_connection
414
- responses = []
415
- connection.in_parallel do
416
- responses = body_array.map do |body|
417
- connection.post("api#{path}") do |req|
418
- req.params = params unless params.nil?
419
- req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
420
- req.headers = headers
421
- end
390
+ begin
391
+ response = @connection.get("api#{path}") do |req|
392
+ req.params = params unless params.nil?
393
+ req.headers = headers
422
394
  end
423
- end
424
-
425
- connection_failed = responses.find { |r| r.env.custom_members[:typhoeus_connection_failed] }
426
- if connection_failed
427
- raise Faraday::ConnectionFailed, connection_failed.env.custom_members[:typhoeus_return_message]
428
- end
395
+ response.body
396
+ rescue Faraday::ServerError, Faraday::ConnectionFailed, Faraday::TimeoutError, Faraday::SSLError => e
397
+ raise e unless fallback_eligible(path)
429
398
 
430
- timed_out = responses.find { |r| r.env.custom_members[:typhoeus_timed_out] }
431
- if timed_out
432
- raise Faraday::TimeoutError, timed_out.env.custom_members[:typhoeus_return_message]
433
- end
434
- if isMutation
435
- @last_offset = responses[-1].headers[:OsoOffset]
399
+ response = @fallback_connection.get("api#{path}") do |req|
400
+ req.params = params unless params.nil?
401
+ req.headers = headers
402
+ end
403
+ response.body
436
404
  end
437
- responses
438
405
  rescue Faraday::Error => e
439
406
  handle_faraday_error e
440
407
  end
441
408
 
442
409
  def POST(path, params, body, isMutation)
443
- response = @connection.post("api#{path}") do |req|
444
- req.params = params unless params.nil?
445
- req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
446
- req.headers = headers
447
- end
410
+ begin
411
+ response = @connection.post("api#{path}") do |req|
412
+ req.params = params unless params.nil?
413
+ req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
414
+ req.headers = headers
415
+ end
448
416
 
449
- if isMutation
450
- @last_offset = response.headers[:OsoOffset]
417
+ if isMutation
418
+ @last_offset = response.headers[:OsoOffset]
419
+ end
420
+ response.body
421
+ # only attempt fallback on 5xx, and connection failure conditions
422
+ rescue Faraday::ServerError, Faraday::ConnectionFailed, Faraday::TimeoutError, Faraday::SSLError => e
423
+ raise e unless fallback_eligible(path)
424
+
425
+ response = @fallback_connection.post("api#{path}") do |req|
426
+ req.params = params unless params.nil?
427
+ req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
428
+ req.headers = headers
429
+ end
430
+ response.body
451
431
  end
452
- response.body
453
432
  rescue Faraday::Error => e
454
433
  handle_faraday_error e
455
434
  end
data/lib/oso/oso.rb CHANGED
@@ -28,10 +28,11 @@ module OsoCloud
28
28
  # Any other elements in the array, which together represent the fact's arguments,
29
29
  # can be "OsoCloud::Value" objects or strings.
30
30
  class Oso
31
- def initialize(url: 'https://cloud.osohq.com', api_key: nil, options: nil)
32
- @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: options || {})
31
+ def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil)
32
+ @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: { :fallback_url => fallback_url })
33
33
  end
34
34
 
35
+ ##
35
36
  # Update the active policy
36
37
  #
37
38
  # Updates the active policy in Oso Cloud, The string passed into
@@ -269,38 +270,5 @@ module OsoCloud
269
270
  context_facts: OsoCloud::Helpers.params_to_facts(context_facts)))
270
271
  OsoCloud::Helpers.facts_to_params(result.results)
271
272
  end
272
-
273
- ##
274
- # List authorized actions for a batch of queries
275
- #
276
- # Fetches a list of actions which an actor can perform on a particular resource.
277
- #
278
- # @param actor [OsoCloud::Value]
279
- # @param queries [Array<OsoCloud::Value>] | Array<[OsoCloud::Value, Array<fact>]>
280
- # @return [Array<Array<String>>]
281
- # @see Oso for more information about facts
282
- def actions_batch(actor, queries:)
283
- actor_typed_id = actor.to_api_value
284
- data = queries.map do |q|
285
- context_facts = []
286
- resource = nil
287
- if (q.is_a?(Array))
288
- resource = q[0]
289
- context_facts = q[1]
290
- else
291
- resource = q
292
- end
293
- resource_typed_id = resource.to_api_value
294
- OsoCloud::Core::ActionsQuery.new(
295
- actor_type: actor_typed_id.type,
296
- actor_id: actor_typed_id.id,
297
- resource_type: resource_typed_id.type,
298
- resource_id: resource_typed_id.id,
299
- context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
300
- )
301
- end
302
- @api.post_actions_batch(data).map { |result| result.results}
303
- end
304
273
  end
305
-
306
274
  end
data/lib/oso/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OsoCloud
2
- VERSION = '1.3.0.dev.7'.freeze
2
+ VERSION = '1.3.0'.freeze
3
3
  end
data/oso-cloud.gemspec CHANGED
@@ -22,10 +22,5 @@ Gem::Specification.new do |spec|
22
22
 
23
23
  spec.add_dependency 'faraday', '~> 2.5.2'
24
24
  spec.add_dependency 'faraday-retry', '~> 2.0.0'
25
- spec.add_dependency 'faraday-net_http_persistent', '~> 2.0'
26
- spec.add_dependency 'faraday-typhoeus', '~> 1.0.0'
27
- #
28
25
  spec.add_development_dependency 'minitest', '~> 5.15'
29
- spec.add_development_dependency 'pry-rescue'
30
- spec.add_development_dependency 'pry-stack_explorer'
31
26
  end
metadata CHANGED
@@ -1,11 +1,11 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oso-cloud
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0.dev.7
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Oso Security, Inc.
8
- autorequire:
8
+ autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
11
  date: 2023-10-09 00:00:00.000000000 Z
@@ -38,34 +38,6 @@ dependencies:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: 2.0.0
41
- - !ruby/object:Gem::Dependency
42
- name: faraday-net_http_persistent
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - "~>"
46
- - !ruby/object:Gem::Version
47
- version: '2.0'
48
- type: :runtime
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - "~>"
53
- - !ruby/object:Gem::Version
54
- version: '2.0'
55
- - !ruby/object:Gem::Dependency
56
- name: faraday-typhoeus
57
- requirement: !ruby/object:Gem::Requirement
58
- requirements:
59
- - - "~>"
60
- - !ruby/object:Gem::Version
61
- version: 1.0.0
62
- type: :runtime
63
- prerelease: false
64
- version_requirements: !ruby/object:Gem::Requirement
65
- requirements:
66
- - - "~>"
67
- - !ruby/object:Gem::Version
68
- version: 1.0.0
69
41
  - !ruby/object:Gem::Dependency
70
42
  name: minitest
71
43
  requirement: !ruby/object:Gem::Requirement
@@ -80,35 +52,7 @@ dependencies:
80
52
  - - "~>"
81
53
  - !ruby/object:Gem::Version
82
54
  version: '5.15'
83
- - !ruby/object:Gem::Dependency
84
- name: pry-rescue
85
- requirement: !ruby/object:Gem::Requirement
86
- requirements:
87
- - - ">="
88
- - !ruby/object:Gem::Version
89
- version: '0'
90
- type: :development
91
- prerelease: false
92
- version_requirements: !ruby/object:Gem::Requirement
93
- requirements:
94
- - - ">="
95
- - !ruby/object:Gem::Version
96
- version: '0'
97
- - !ruby/object:Gem::Dependency
98
- name: pry-stack_explorer
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - ">="
102
- - !ruby/object:Gem::Version
103
- version: '0'
104
- type: :development
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - ">="
109
- - !ruby/object:Gem::Version
110
- version: '0'
111
- description:
55
+ description:
112
56
  email:
113
57
  - support@osohq.com
114
58
  executables: []
@@ -133,7 +77,7 @@ homepage: https://www.osohq.com/
133
77
  licenses:
134
78
  - Apache-2.0
135
79
  metadata: {}
136
- post_install_message:
80
+ post_install_message:
137
81
  rdoc_options: []
138
82
  require_paths:
139
83
  - lib
@@ -144,12 +88,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
144
88
  version: 3.0.0
145
89
  required_rubygems_version: !ruby/object:Gem::Requirement
146
90
  requirements:
147
- - - ">"
91
+ - - ">="
148
92
  - !ruby/object:Gem::Version
149
- version: 1.3.1
93
+ version: '0'
150
94
  requirements: []
151
95
  rubygems_version: 3.2.33
152
- signing_key:
96
+ signing_key:
153
97
  specification_version: 4
154
98
  summary: Oso Cloud Ruby client
155
99
  test_files: []