oso-cloud 1.3.0.dev.7 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -34
  3. data/lib/oso/api.rb +53 -74
  4. data/lib/oso/oso.rb +3 -35
  5. data/lib/oso/version.rb +1 -1
  6. data/oso-cloud.gemspec +0 -5
  7. metadata +7 -63
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 844583229037d7124d91b588abfbef062026c934d5cd1dcd0e4892a6d539b969
4
- data.tar.gz: 889f910639d097b5c5e29fa64e36959a7c7aebbe7ffe48dfa080f8bbef119015
3
+ metadata.gz: 7449894386d2dd2bfd681e8586f59637b8cbc69eb9058da28e8a09ad5e97cabe
4
+ data.tar.gz: 1b2766a45d78838742694759ab8bc1698dc9a219b8e9ccb05283cc9677777fac
5
5
  SHA512:
6
- metadata.gz: 77883cfc4f1584d65a31f1d620d239bcb98b70de099320c91590de55b4a39ee8b4aa7d5c80bbe7b94b8f6f16a02aeab6d54efb5aeecb1a289e7f93ac9048e1a8
7
- data.tar.gz: ecd8b9f6377a4465b9cc39622d35da59a548229ab6df9edc212859e0f282041a812644c02f4cc9e25065e047e805d1fd594b69f5adeb9b40e4e0a4ddab5711a2
6
+ metadata.gz: 7e6e454bdd19f96680fba49fa045b781443be54e3060aeb7bf1c37f2938f711d73c430d270aa85e429f0ffe77353fadc412a65b35abceab5f2cb8b026a27c38f
7
+ data.tar.gz: 2d5bde575259087917b2575ae2bc85fa82d27821426799507a32021a4a61c0a4b69c055b4b6c4bede5ed7a2916557b05ba3de0e6a5af00c6ca7c68d22ec7e79b
data/Gemfile.lock CHANGED
@@ -1,53 +1,22 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- oso-cloud (1.3.0.dev.6)
4
+ oso-cloud (1.3.0)
5
5
  faraday (~> 2.5.2)
6
- faraday-net_http_persistent (~> 2.0)
7
6
  faraday-retry (~> 2.0.0)
8
- faraday-typhoeus (~> 1.0.0)
9
7
 
10
8
  GEM
11
9
  remote: https://rubygems.org/
12
10
  specs:
13
- binding_of_caller (1.0.0)
14
- debug_inspector (>= 0.0.1)
15
- coderay (1.1.3)
16
- connection_pool (2.4.1)
17
- debug_inspector (1.1.0)
18
- ethon (0.16.0)
19
- ffi (>= 1.15.0)
20
11
  faraday (2.5.2)
21
12
  faraday-net_http (>= 2.0, < 3.1)
22
13
  ruby2_keywords (>= 0.0.4)
23
14
  faraday-net_http (3.0.2)
24
- faraday-net_http_persistent (2.1.0)
25
- faraday (~> 2.5)
26
- net-http-persistent (~> 4.0)
27
15
  faraday-retry (2.0.0)
28
16
  faraday (~> 2.0)
29
- faraday-typhoeus (1.0.0)
30
- faraday (~> 2.0)
31
- typhoeus (~> 1.4)
32
- ffi (1.16.2)
33
- interception (0.5)
34
- method_source (1.0.0)
35
17
  minitest (5.18.0)
36
- net-http-persistent (4.0.2)
37
- connection_pool (~> 2.2)
38
- pry (0.14.2)
39
- coderay (~> 1.1)
40
- method_source (~> 1.0)
41
- pry-rescue (1.5.2)
42
- interception (>= 0.5)
43
- pry (>= 0.12.0)
44
- pry-stack_explorer (0.6.1)
45
- binding_of_caller (~> 1.0)
46
- pry (~> 0.13)
47
18
  rake (12.3.3)
48
19
  ruby2_keywords (0.0.5)
49
- typhoeus (1.4.0)
50
- ethon (>= 0.9.0)
51
20
 
52
21
  PLATFORMS
53
22
  ruby
@@ -55,8 +24,6 @@ PLATFORMS
55
24
  DEPENDENCIES
56
25
  minitest (~> 5.15)
57
26
  oso-cloud!
58
- pry-rescue
59
- pry-stack_explorer
60
27
  rake (~> 12.0)
61
28
 
62
29
  BUNDLED WITH
data/lib/oso/api.rb CHANGED
@@ -2,8 +2,6 @@ require 'json'
2
2
  require 'uri'
3
3
  require 'faraday'
4
4
  require 'faraday/retry'
5
- require 'faraday/typhoeus'
6
- require 'faraday/net_http_persistent'
7
5
 
8
6
  require 'oso/helpers'
9
7
  require 'oso/version'
@@ -203,21 +201,11 @@ module OsoCloud
203
201
  end
204
202
  end
205
203
 
206
- class OsoAdapter < Faraday::Adapter::Typhoeus
207
- @@max_concurrency = 20
208
-
209
- def self.setup_parallel_manager(options = {})
210
- options[:max_concurrency] = @@max_concurrency
211
- ::Typhoeus::Hydra.new(options)
212
- end
213
- end
214
-
215
- Faraday::Adapter.register_middleware(oso_http: OsoAdapter)
216
-
217
204
  # @!visibility private
218
205
  class Api
219
- def get_connection(options: nil)
220
- Faraday.new(url: @url) do |faraday|
206
+ def initialize(url: 'https://api.osohq.com', api_key: nil, options: nil)
207
+ @url = url
208
+ @connection = Faraday.new(url: url) do |faraday|
221
209
  faraday.request :json
222
210
 
223
211
  # responses are processed in reverse order; this stack implies the
@@ -225,7 +213,6 @@ module OsoCloud
225
213
  # parser is only applied if there are no errors
226
214
  faraday.response :json, parser_options: { symbolize_names: true }
227
215
  faraday.response :raise_error
228
- # faraday.response :logger
229
216
  faraday.request :retry, {
230
217
  max: (options && options[:max_retries]) || 10,
231
218
  interval: 0.01,
@@ -243,7 +230,7 @@ module OsoCloud
243
230
  /api/actions
244
231
  /api/query
245
232
  ].include? env.url.path
246
- },
233
+ }
247
234
  }
248
235
 
249
236
  if options && options[:test_adapter]
@@ -258,26 +245,32 @@ module OsoCloud
258
245
  options[:test_adapter][:func].call
259
246
  end
260
247
  end
261
- elsif options && options[:parallel_adapter]
262
- if options[:max_concurrency]
263
- OsoAdapter.class_variable_set(:@@max_concurrency, options[:max_concurrency])
264
- end
265
- faraday.adapter :oso_http, forbid_reuse: false, maxredirs: 1, connecttimeout: 30
266
248
  else
267
- faraday.adapter :net_http_persistent, pool_size: 10, idle_timeout: 30
249
+ faraday.adapter :net_http
268
250
  end
269
251
  end
270
- end
271
252
 
272
- def initialize(url: 'https://api.osohq.com', api_key: nil, options: {})
273
- @url = url
274
- @connection = get_connection(options: options)
275
- @parallel_connection = get_connection(options: { parallel_adapter: true, max_concurrency: options[:max_concurrency] })
253
+ if options && options[:fallback_url]
254
+ @fallback_connection = Faraday.new(url: options[:fallback_url]) do |faraday|
255
+ faraday.request :json
256
+ faraday.response :json, parser_options: { symbolize_names: true }
257
+ faraday.response :raise_error
258
+ faraday.adapter :net_http
259
+ end
260
+ end
276
261
  @api_key = api_key
277
262
  @user_agent = "Oso Cloud (ruby #{RUBY_VERSION}p#{RUBY_PATCHLEVEL}; rv:#{VERSION})"
278
263
  @last_offset = nil
279
264
  end
280
265
 
266
+ def fallback_eligible(path)
267
+ !@fallback_connection.nil? && ['/authorize',
268
+ '/authorize_resources',
269
+ '/list',
270
+ '/actions',
271
+ '/query'].include?(path)
272
+ end
273
+
281
274
  def get_policy
282
275
  url = '/policy'
283
276
  result = GET(url, nil)
@@ -344,12 +337,6 @@ module OsoCloud
344
337
  ActionsResult.new(**result)
345
338
  end
346
339
 
347
- def post_actions_batch(batch_data)
348
- url = '/actions'
349
- results = POST_BATCH(url, nil, batch_data, false)
350
- results.map { |result| ActionsResult.new(**result.body) }
351
- end
352
-
353
340
  def post_query(data)
354
341
  url = '/query'
355
342
  result = POST(url, nil, data, false)
@@ -400,56 +387,48 @@ module OsoCloud
400
387
  end
401
388
 
402
389
  def GET(path, params)
403
- response = @connection.get("api#{path}") do |req|
404
- req.params = params unless params.nil?
405
- req.headers = headers
406
- end
407
- response.body
408
- rescue Faraday::Error => e
409
- handle_faraday_error e
410
- end
411
-
412
- def POST_BATCH(path, params, body_array, isMutation)
413
- connection = @parallel_connection
414
- responses = []
415
- connection.in_parallel do
416
- responses = body_array.map do |body|
417
- connection.post("api#{path}") do |req|
418
- req.params = params unless params.nil?
419
- req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
420
- req.headers = headers
421
- end
390
+ begin
391
+ response = @connection.get("api#{path}") do |req|
392
+ req.params = params unless params.nil?
393
+ req.headers = headers
422
394
  end
423
- end
424
-
425
- connection_failed = responses.find { |r| r.env.custom_members[:typhoeus_connection_failed] }
426
- if connection_failed
427
- raise Faraday::ConnectionFailed, connection_failed.env.custom_members[:typhoeus_return_message]
428
- end
395
+ response.body
396
+ rescue Faraday::ServerError, Faraday::ConnectionFailed, Faraday::TimeoutError, Faraday::SSLError => e
397
+ raise e unless fallback_eligible(path)
429
398
 
430
- timed_out = responses.find { |r| r.env.custom_members[:typhoeus_timed_out] }
431
- if timed_out
432
- raise Faraday::TimeoutError, timed_out.env.custom_members[:typhoeus_return_message]
433
- end
434
- if isMutation
435
- @last_offset = responses[-1].headers[:OsoOffset]
399
+ response = @fallback_connection.get("api#{path}") do |req|
400
+ req.params = params unless params.nil?
401
+ req.headers = headers
402
+ end
403
+ response.body
436
404
  end
437
- responses
438
405
  rescue Faraday::Error => e
439
406
  handle_faraday_error e
440
407
  end
441
408
 
442
409
  def POST(path, params, body, isMutation)
443
- response = @connection.post("api#{path}") do |req|
444
- req.params = params unless params.nil?
445
- req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
446
- req.headers = headers
447
- end
410
+ begin
411
+ response = @connection.post("api#{path}") do |req|
412
+ req.params = params unless params.nil?
413
+ req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
414
+ req.headers = headers
415
+ end
448
416
 
449
- if isMutation
450
- @last_offset = response.headers[:OsoOffset]
417
+ if isMutation
418
+ @last_offset = response.headers[:OsoOffset]
419
+ end
420
+ response.body
421
+ # only attempt fallback on 5xx, and connection failure conditions
422
+ rescue Faraday::ServerError, Faraday::ConnectionFailed, Faraday::TimeoutError, Faraday::SSLError => e
423
+ raise e unless fallback_eligible(path)
424
+
425
+ response = @fallback_connection.post("api#{path}") do |req|
426
+ req.params = params unless params.nil?
427
+ req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
428
+ req.headers = headers
429
+ end
430
+ response.body
451
431
  end
452
- response.body
453
432
  rescue Faraday::Error => e
454
433
  handle_faraday_error e
455
434
  end
data/lib/oso/oso.rb CHANGED
@@ -28,10 +28,11 @@ module OsoCloud
28
28
  # Any other elements in the array, which together represent the fact's arguments,
29
29
  # can be "OsoCloud::Value" objects or strings.
30
30
  class Oso
31
- def initialize(url: 'https://cloud.osohq.com', api_key: nil, options: nil)
32
- @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: options || {})
31
+ def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil)
32
+ @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: { :fallback_url => fallback_url })
33
33
  end
34
34
 
35
+ ##
35
36
  # Update the active policy
36
37
  #
37
38
  # Updates the active policy in Oso Cloud, The string passed into
@@ -269,38 +270,5 @@ module OsoCloud
269
270
  context_facts: OsoCloud::Helpers.params_to_facts(context_facts)))
270
271
  OsoCloud::Helpers.facts_to_params(result.results)
271
272
  end
272
-
273
- ##
274
- # List authorized actions for a batch of queries
275
- #
276
- # Fetches a list of actions which an actor can perform on a particular resource.
277
- #
278
- # @param actor [OsoCloud::Value]
279
- # @param queries [Array<OsoCloud::Value>] | Array<[OsoCloud::Value, Array<fact>]>
280
- # @return [Array<Array<String>>]
281
- # @see Oso for more information about facts
282
- def actions_batch(actor, queries:)
283
- actor_typed_id = actor.to_api_value
284
- data = queries.map do |q|
285
- context_facts = []
286
- resource = nil
287
- if (q.is_a?(Array))
288
- resource = q[0]
289
- context_facts = q[1]
290
- else
291
- resource = q
292
- end
293
- resource_typed_id = resource.to_api_value
294
- OsoCloud::Core::ActionsQuery.new(
295
- actor_type: actor_typed_id.type,
296
- actor_id: actor_typed_id.id,
297
- resource_type: resource_typed_id.type,
298
- resource_id: resource_typed_id.id,
299
- context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
300
- )
301
- end
302
- @api.post_actions_batch(data).map { |result| result.results}
303
- end
304
273
  end
305
-
306
274
  end
data/lib/oso/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OsoCloud
2
- VERSION = '1.3.0.dev.7'.freeze
2
+ VERSION = '1.3.0'.freeze
3
3
  end
data/oso-cloud.gemspec CHANGED
@@ -22,10 +22,5 @@ Gem::Specification.new do |spec|
22
22
 
23
23
  spec.add_dependency 'faraday', '~> 2.5.2'
24
24
  spec.add_dependency 'faraday-retry', '~> 2.0.0'
25
- spec.add_dependency 'faraday-net_http_persistent', '~> 2.0'
26
- spec.add_dependency 'faraday-typhoeus', '~> 1.0.0'
27
- #
28
25
  spec.add_development_dependency 'minitest', '~> 5.15'
29
- spec.add_development_dependency 'pry-rescue'
30
- spec.add_development_dependency 'pry-stack_explorer'
31
26
  end
metadata CHANGED
@@ -1,11 +1,11 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oso-cloud
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0.dev.7
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Oso Security, Inc.
8
- autorequire:
8
+ autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
11
  date: 2023-10-09 00:00:00.000000000 Z
@@ -38,34 +38,6 @@ dependencies:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: 2.0.0
41
- - !ruby/object:Gem::Dependency
42
- name: faraday-net_http_persistent
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - "~>"
46
- - !ruby/object:Gem::Version
47
- version: '2.0'
48
- type: :runtime
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - "~>"
53
- - !ruby/object:Gem::Version
54
- version: '2.0'
55
- - !ruby/object:Gem::Dependency
56
- name: faraday-typhoeus
57
- requirement: !ruby/object:Gem::Requirement
58
- requirements:
59
- - - "~>"
60
- - !ruby/object:Gem::Version
61
- version: 1.0.0
62
- type: :runtime
63
- prerelease: false
64
- version_requirements: !ruby/object:Gem::Requirement
65
- requirements:
66
- - - "~>"
67
- - !ruby/object:Gem::Version
68
- version: 1.0.0
69
41
  - !ruby/object:Gem::Dependency
70
42
  name: minitest
71
43
  requirement: !ruby/object:Gem::Requirement
@@ -80,35 +52,7 @@ dependencies:
80
52
  - - "~>"
81
53
  - !ruby/object:Gem::Version
82
54
  version: '5.15'
83
- - !ruby/object:Gem::Dependency
84
- name: pry-rescue
85
- requirement: !ruby/object:Gem::Requirement
86
- requirements:
87
- - - ">="
88
- - !ruby/object:Gem::Version
89
- version: '0'
90
- type: :development
91
- prerelease: false
92
- version_requirements: !ruby/object:Gem::Requirement
93
- requirements:
94
- - - ">="
95
- - !ruby/object:Gem::Version
96
- version: '0'
97
- - !ruby/object:Gem::Dependency
98
- name: pry-stack_explorer
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - ">="
102
- - !ruby/object:Gem::Version
103
- version: '0'
104
- type: :development
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - ">="
109
- - !ruby/object:Gem::Version
110
- version: '0'
111
- description:
55
+ description:
112
56
  email:
113
57
  - support@osohq.com
114
58
  executables: []
@@ -133,7 +77,7 @@ homepage: https://www.osohq.com/
133
77
  licenses:
134
78
  - Apache-2.0
135
79
  metadata: {}
136
- post_install_message:
80
+ post_install_message:
137
81
  rdoc_options: []
138
82
  require_paths:
139
83
  - lib
@@ -144,12 +88,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
144
88
  version: 3.0.0
145
89
  required_rubygems_version: !ruby/object:Gem::Requirement
146
90
  requirements:
147
- - - ">"
91
+ - - ">="
148
92
  - !ruby/object:Gem::Version
149
- version: 1.3.1
93
+ version: '0'
150
94
  requirements: []
151
95
  rubygems_version: 3.2.33
152
- signing_key:
96
+ signing_key:
153
97
  specification_version: 4
154
98
  summary: Oso Cloud Ruby client
155
99
  test_files: []