RubyGems - oso-cloud - Versions diffs - 1.3.0 → 1.4.0.dev.1 - Mend

oso-cloud 1.3.0 → 1.4.0.dev.1

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7449894386d2dd2bfd681e8586f59637b8cbc69eb9058da28e8a09ad5e97cabe
-  data.tar.gz: 1b2766a45d78838742694759ab8bc1698dc9a219b8e9ccb05283cc9677777fac
+  metadata.gz: 7909947d74e0e8a03b13d9d1741560c6dd6537de2dbb2b3b77ef97b320e3a1a2
+  data.tar.gz: bdbdf26e703535dd4fd52a05ac6454a51a7cf204a9c365333c5b9c8246973cc8
 SHA512:
-  metadata.gz: 7e6e454bdd19f96680fba49fa045b781443be54e3060aeb7bf1c37f2938f711d73c430d270aa85e429f0ffe77353fadc412a65b35abceab5f2cb8b026a27c38f
-  data.tar.gz: 2d5bde575259087917b2575ae2bc85fa82d27821426799507a32021a4a61c0a4b69c055b4b6c4bede5ed7a2916557b05ba3de0e6a5af00c6ca7c68d22ec7e79b
+  metadata.gz: 7966031165d172979505d5f1c513445427b2950ff50fa7eccda9933174e32f4fbf8ea5fdff1d77a70a195124a7c6864136e1819b8ad0fda98da1285aa93dc1ff
+  data.tar.gz: 833fcf6b1cb18a83c53b39f3d5f6179b4895d6899189852423574f8f29843f94bdc29f148548c9f3eee6ed8c38fa897c763cbd83d959aaccc355c75c5091dc13

data/Gemfile.lock CHANGED Viewed

@@ -1,22 +1,53 @@
 PATH
   remote: .
   specs:
-    oso-cloud (1.3.0)
+    oso-cloud (1.4.0.dev.0)
       faraday (~> 2.5.2)
+      faraday-net_http_persistent (~> 2.0)
       faraday-retry (~> 2.0.0)
+      faraday-typhoeus (~> 1.0.0)
 GEM
   remote: https://rubygems.org/
   specs:
+    binding_of_caller (1.0.0)
+      debug_inspector (>= 0.0.1)
+    coderay (1.1.3)
+    connection_pool (2.4.1)
+    debug_inspector (1.1.0)
+    ethon (0.16.0)
+      ffi (>= 1.15.0)
     faraday (2.5.2)
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
     faraday-net_http (3.0.2)
+    faraday-net_http_persistent (2.1.0)
+      faraday (~> 2.5)
+      net-http-persistent (~> 4.0)
     faraday-retry (2.0.0)
       faraday (~> 2.0)
+    faraday-typhoeus (1.0.0)
+      faraday (~> 2.0)
+      typhoeus (~> 1.4)
+    ffi (1.16.3)
+    interception (0.5)
+    method_source (1.0.0)
     minitest (5.18.0)
+    net-http-persistent (4.0.2)
+      connection_pool (~> 2.2)
+    pry (0.14.2)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    pry-rescue (1.5.2)
+      interception (>= 0.5)
+      pry (>= 0.12.0)
+    pry-stack_explorer (0.6.1)
+      binding_of_caller (~> 1.0)
+      pry (~> 0.13)
     rake (12.3.3)
     ruby2_keywords (0.0.5)
+    typhoeus (1.4.0)
+      ethon (>= 0.9.0)
 PLATFORMS
   ruby
@@ -24,6 +55,8 @@ PLATFORMS
 DEPENDENCIES
   minitest (~> 5.15)
   oso-cloud!
+  pry-rescue
+  pry-stack_explorer
   rake (~> 12.0)
 BUNDLED WITH

data/lib/oso/api.rb CHANGED Viewed

@@ -2,6 +2,8 @@ require 'json'
 require 'uri'
 require 'faraday'
 require 'faraday/retry'
+require 'faraday/typhoeus'
+require 'faraday/net_http_persistent'
 require 'oso/helpers'
 require 'oso/version'
@@ -201,11 +203,21 @@ module OsoCloud
       end
     end
+    class OsoAdapter < Faraday::Adapter::Typhoeus
+      @@max_concurrency = 20
+      def self.setup_parallel_manager(options = {})
+        options[:max_concurrency] = @@max_concurrency
+        ::Typhoeus::Hydra.new(options)
+      end
+    end
+    Faraday::Adapter.register_middleware(oso_http: OsoAdapter)
     # @!visibility private
     class Api
-      def initialize(url: 'https://api.osohq.com', api_key: nil, options: nil)
-        @url = url
-        @connection = Faraday.new(url: url) do |faraday|
+      def get_connection(options: nil)
+        Faraday.new(url: @url) do |faraday|
           faraday.request :json
           # responses are processed in reverse order; this stack implies the
@@ -213,6 +225,7 @@ module OsoCloud
           # parser is only applied if there are no errors
           faraday.response :json, parser_options: { symbolize_names: true }
           faraday.response :raise_error
+          # faraday.response :logger
           faraday.request :retry, {
             max: (options && options[:max_retries]) || 10,
             interval: 0.01,
@@ -230,7 +243,7 @@ module OsoCloud
                 /api/actions
                 /api/query
               ].include? env.url.path
-            }
+            },
           }
           if options && options[:test_adapter]
@@ -245,10 +258,21 @@ module OsoCloud
                 options[:test_adapter][:func].call
               end
             end
+          elsif options && options[:parallel_adapter]
+            if options[:max_concurrency]
+              OsoAdapter.class_variable_set(:@@max_concurrency, options[:max_concurrency])
+            end
+            faraday.adapter :oso_http, forbid_reuse: false, maxredirs: 1, connecttimeout: 30
           else
-            faraday.adapter :net_http
+            faraday.adapter :net_http_persistent, pool_size: 10, idle_timeout: 30
           end
         end
+      end
+      def initialize(url: 'https://api.osohq.com', api_key: nil, options: {})
+        @url = url
+        @connection = get_connection(options: options)
+        @parallel_connection = get_connection(options: { parallel_adapter: true, max_concurrency: options[:max_concurrency] })
         if options && options[:fallback_url]
           @fallback_connection = Faraday.new(url: options[:fallback_url]) do |faraday|
@@ -337,6 +361,18 @@ module OsoCloud
         ActionsResult.new(**result)
       end
+      def post_actions_batch(batch_data)
+        url = '/actions'
+        results = POST_BATCH(url, nil, batch_data, false)
+        results.map { |result| ActionsResult.new(**result.body) }
+      end
+      def post_bulk_actions(data)
+        url = '/bulk_actions'
+        results = POST(url, nil, data, false)
+        results.map { |result| ActionsResult.new(**result) }
+      end
       def post_query(data)
         url = '/query'
         result = POST(url, nil, data, false)
@@ -406,6 +442,36 @@ module OsoCloud
         handle_faraday_error e
       end
+      def POST_BATCH(path, params, body_array, isMutation)
+        connection = @parallel_connection
+        responses = []
+        connection.in_parallel do
+          responses = body_array.map do |body|
+            connection.post("api#{path}") do |req|
+              req.params = params unless params.nil?
+              req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
+              req.headers = headers
+            end
+          end
+        end
+        connection_failed = responses.find { |r| r.env.custom_members[:typhoeus_connection_failed] }
+        if connection_failed
+          raise Faraday::ConnectionFailed, connection_failed.env.custom_members[:typhoeus_return_message]
+        end
+        timed_out = responses.find { |r| r.env.custom_members[:typhoeus_timed_out] }
+        if timed_out
+          raise Faraday::TimeoutError, timed_out.env.custom_members[:typhoeus_return_message]
+        end
+        if isMutation
+          @last_offset = responses[-1].headers[:OsoOffset]
+        end
+        responses
+      rescue Faraday::Error => e
+        handle_faraday_error e
+      end
       def POST(path, params, body, isMutation)
         begin
           response = @connection.post("api#{path}") do |req|

data/lib/oso/oso.rb CHANGED Viewed

@@ -28,11 +28,12 @@ module OsoCloud
   # Any other elements in the array, which together represent the fact's arguments,
   # can be "OsoCloud::Value" objects or strings.
   class Oso
-    def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil)
-      @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: { :fallback_url => fallback_url })
+    def initialize(url: 'https://cloud.osohq.com', api_key: nil, options: nil, fallback_url: nil)
+      options ||= {}
+      options[:fallback_url] = fallback_url unless fallback_url.nil?
+      @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: options)
     end
-    ##
     # Update the active policy
     #
     # Updates the active policy in Oso Cloud, The string passed into
@@ -270,5 +271,70 @@ module OsoCloud
                                                          context_facts: OsoCloud::Helpers.params_to_facts(context_facts)))
       OsoCloud::Helpers.facts_to_params(result.results)
     end
+    ##
+    # List authorized actions for a batch of queries
+    #
+    # Fetches a list of actions which an actor can perform on a particular resource.
+    #
+    # @param actor [OsoCloud::Value]
+    # @param queries [Array<OsoCloud::Value>] | Array<[OsoCloud::Value, Array<fact>]>
+    # @return [Array<Array<String>>]
+    # @see Oso for more information about facts
+    def actions_batch(actor, queries:)
+        actor_typed_id = actor.to_api_value
+        data = queries.map do |q|
+          context_facts = []
+          resource = nil
+          if (q.is_a?(Array))
+            resource = q[0]
+            context_facts = q[1]
+          else
+            resource = q
+          end
+          resource_typed_id = resource.to_api_value
+          OsoCloud::Core::ActionsQuery.new(
+              actor_type: actor_typed_id.type,
+              actor_id: actor_typed_id.id,
+              resource_type: resource_typed_id.type,
+              resource_id: resource_typed_id.id,
+              context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
+            )
+      end
+      @api.post_actions_batch(data).map { |result| result.results}
+    end
+    ##
+    # List authorized actions for a batch of queries
+    #
+    # Fetches a list of actions which an actor can perform on a particular resource.
+    #
+    # @param actor [OsoCloud::Value]
+    # @param queries [Array<OsoCloud::Value>] | Array<[OsoCloud::Value, Array<fact>]>
+    # @return [Array<Array<String>>]
+    # @see Oso for more information about facts
+    def bulk_actions(actor, queries:)
+        actor_typed_id = actor.to_api_value
+        data = queries.map do |q|
+          context_facts = []
+          resource = nil
+          if (q.is_a?(Array))
+            resource = q[0]
+            context_facts = q[1]
+          else
+            resource = q
+          end
+          resource_typed_id = resource.to_api_value
+          OsoCloud::Core::ActionsQuery.new(
+              actor_type: actor_typed_id.type,
+              actor_id: actor_typed_id.id,
+              resource_type: resource_typed_id.type,
+              resource_id: resource_typed_id.id,
+              context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
+            )
+      end
+      @api.post_bulk_actions(data).map { |result| result.results}
+    end
   end
 end

data/lib/oso/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module OsoCloud
-  VERSION = '1.3.0'.freeze
+  VERSION = '1.4.0.dev.1'.freeze
 end

data/oso-cloud.gemspec CHANGED Viewed

@@ -22,5 +22,10 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'faraday', '~> 2.5.2'
   spec.add_dependency 'faraday-retry', '~> 2.0.0'
+  spec.add_dependency 'faraday-net_http_persistent', '~> 2.0'
+  spec.add_dependency 'faraday-typhoeus', '~> 1.0.0'
+  #
   spec.add_development_dependency 'minitest', '~> 5.15'
+  spec.add_development_dependency 'pry-rescue'
+  spec.add_development_dependency 'pry-stack_explorer'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oso-cloud
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.0.dev.1
 platform: ruby
 authors:
 - Oso Security, Inc.
-autorequire:
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-10-09 00:00:00.000000000 Z
+date: 2023-10-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -38,6 +38,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: faraday-net_http_persistent
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: faraday-typhoeus
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -52,7 +80,35 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.15'
-description:
+- !ruby/object:Gem::Dependency
+  name: pry-rescue
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-stack_explorer
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description:
 email:
 - support@osohq.com
 executables: []
@@ -77,7 +133,7 @@ homepage: https://www.osohq.com/
 licenses:
 - Apache-2.0
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -88,12 +144,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubygems_version: 3.2.33
-signing_key:
+signing_key:
 specification_version: 4
 summary: Oso Cloud Ruby client
 test_files: []