oso-cloud 1.4.0.dev.1 → 1.4.0.dev.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -34
- data/lib/oso/api.rb +5 -65
- data/lib/oso/oso.rb +3 -38
- data/lib/oso/version.rb +1 -1
- data/oso-cloud.gemspec +0 -5
- metadata +2 -58
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 15e2c4e47ed8fca8947b2e7ca216775deed37663897411d78d52b342b52927c7
|
|
4
|
+
data.tar.gz: f7a4c423f1ba49bebeec9c55969ad1e8f149f1816333e5c19ca34af5e0acbb3f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 19157f67ccff6f1867b5f32b6743db835f1d80e4c68ffaf8a0a8da88dd272feb5c213a333e861dc8d20350bd1e10bd4e4f44eabb86af8c00738fbca906cbbbf2
|
|
7
|
+
data.tar.gz: 0f22be0cb29d807e2d9576fa4fb034b543186693c860a17da2854b377494efd898cc92ffae5b78573ca250723f1a0de32c2711b9da12c5c065930bbca9c9315d
|
data/Gemfile.lock
CHANGED
|
@@ -1,53 +1,22 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
oso-cloud (1.4.0.dev.
|
|
4
|
+
oso-cloud (1.4.0.dev.2)
|
|
5
5
|
faraday (~> 2.5.2)
|
|
6
|
-
faraday-net_http_persistent (~> 2.0)
|
|
7
6
|
faraday-retry (~> 2.0.0)
|
|
8
|
-
faraday-typhoeus (~> 1.0.0)
|
|
9
7
|
|
|
10
8
|
GEM
|
|
11
9
|
remote: https://rubygems.org/
|
|
12
10
|
specs:
|
|
13
|
-
binding_of_caller (1.0.0)
|
|
14
|
-
debug_inspector (>= 0.0.1)
|
|
15
|
-
coderay (1.1.3)
|
|
16
|
-
connection_pool (2.4.1)
|
|
17
|
-
debug_inspector (1.1.0)
|
|
18
|
-
ethon (0.16.0)
|
|
19
|
-
ffi (>= 1.15.0)
|
|
20
11
|
faraday (2.5.2)
|
|
21
12
|
faraday-net_http (>= 2.0, < 3.1)
|
|
22
13
|
ruby2_keywords (>= 0.0.4)
|
|
23
14
|
faraday-net_http (3.0.2)
|
|
24
|
-
faraday-net_http_persistent (2.1.0)
|
|
25
|
-
faraday (~> 2.5)
|
|
26
|
-
net-http-persistent (~> 4.0)
|
|
27
15
|
faraday-retry (2.0.0)
|
|
28
16
|
faraday (~> 2.0)
|
|
29
|
-
faraday-typhoeus (1.0.0)
|
|
30
|
-
faraday (~> 2.0)
|
|
31
|
-
typhoeus (~> 1.4)
|
|
32
|
-
ffi (1.16.3)
|
|
33
|
-
interception (0.5)
|
|
34
|
-
method_source (1.0.0)
|
|
35
17
|
minitest (5.18.0)
|
|
36
|
-
net-http-persistent (4.0.2)
|
|
37
|
-
connection_pool (~> 2.2)
|
|
38
|
-
pry (0.14.2)
|
|
39
|
-
coderay (~> 1.1)
|
|
40
|
-
method_source (~> 1.0)
|
|
41
|
-
pry-rescue (1.5.2)
|
|
42
|
-
interception (>= 0.5)
|
|
43
|
-
pry (>= 0.12.0)
|
|
44
|
-
pry-stack_explorer (0.6.1)
|
|
45
|
-
binding_of_caller (~> 1.0)
|
|
46
|
-
pry (~> 0.13)
|
|
47
18
|
rake (12.3.3)
|
|
48
19
|
ruby2_keywords (0.0.5)
|
|
49
|
-
typhoeus (1.4.0)
|
|
50
|
-
ethon (>= 0.9.0)
|
|
51
20
|
|
|
52
21
|
PLATFORMS
|
|
53
22
|
ruby
|
|
@@ -55,8 +24,6 @@ PLATFORMS
|
|
|
55
24
|
DEPENDENCIES
|
|
56
25
|
minitest (~> 5.15)
|
|
57
26
|
oso-cloud!
|
|
58
|
-
pry-rescue
|
|
59
|
-
pry-stack_explorer
|
|
60
27
|
rake (~> 12.0)
|
|
61
28
|
|
|
62
29
|
BUNDLED WITH
|
data/lib/oso/api.rb
CHANGED
|
@@ -2,8 +2,6 @@ require 'json'
|
|
|
2
2
|
require 'uri'
|
|
3
3
|
require 'faraday'
|
|
4
4
|
require 'faraday/retry'
|
|
5
|
-
require 'faraday/typhoeus'
|
|
6
|
-
require 'faraday/net_http_persistent'
|
|
7
5
|
|
|
8
6
|
require 'oso/helpers'
|
|
9
7
|
require 'oso/version'
|
|
@@ -203,21 +201,11 @@ module OsoCloud
|
|
|
203
201
|
end
|
|
204
202
|
end
|
|
205
203
|
|
|
206
|
-
class OsoAdapter < Faraday::Adapter::Typhoeus
|
|
207
|
-
@@max_concurrency = 20
|
|
208
|
-
|
|
209
|
-
def self.setup_parallel_manager(options = {})
|
|
210
|
-
options[:max_concurrency] = @@max_concurrency
|
|
211
|
-
::Typhoeus::Hydra.new(options)
|
|
212
|
-
end
|
|
213
|
-
end
|
|
214
|
-
|
|
215
|
-
Faraday::Adapter.register_middleware(oso_http: OsoAdapter)
|
|
216
|
-
|
|
217
204
|
# @!visibility private
|
|
218
205
|
class Api
|
|
219
|
-
def
|
|
220
|
-
|
|
206
|
+
def initialize(url: 'https://api.osohq.com', api_key: nil, options: nil)
|
|
207
|
+
@url = url
|
|
208
|
+
@connection = Faraday.new(url: url) do |faraday|
|
|
221
209
|
faraday.request :json
|
|
222
210
|
|
|
223
211
|
# responses are processed in reverse order; this stack implies the
|
|
@@ -225,7 +213,6 @@ module OsoCloud
|
|
|
225
213
|
# parser is only applied if there are no errors
|
|
226
214
|
faraday.response :json, parser_options: { symbolize_names: true }
|
|
227
215
|
faraday.response :raise_error
|
|
228
|
-
# faraday.response :logger
|
|
229
216
|
faraday.request :retry, {
|
|
230
217
|
max: (options && options[:max_retries]) || 10,
|
|
231
218
|
interval: 0.01,
|
|
@@ -243,7 +230,7 @@ module OsoCloud
|
|
|
243
230
|
/api/actions
|
|
244
231
|
/api/query
|
|
245
232
|
].include? env.url.path
|
|
246
|
-
}
|
|
233
|
+
}
|
|
247
234
|
}
|
|
248
235
|
|
|
249
236
|
if options && options[:test_adapter]
|
|
@@ -258,21 +245,10 @@ module OsoCloud
|
|
|
258
245
|
options[:test_adapter][:func].call
|
|
259
246
|
end
|
|
260
247
|
end
|
|
261
|
-
elsif options && options[:parallel_adapter]
|
|
262
|
-
if options[:max_concurrency]
|
|
263
|
-
OsoAdapter.class_variable_set(:@@max_concurrency, options[:max_concurrency])
|
|
264
|
-
end
|
|
265
|
-
faraday.adapter :oso_http, forbid_reuse: false, maxredirs: 1, connecttimeout: 30
|
|
266
248
|
else
|
|
267
|
-
faraday.adapter :
|
|
249
|
+
faraday.adapter :net_http
|
|
268
250
|
end
|
|
269
251
|
end
|
|
270
|
-
end
|
|
271
|
-
|
|
272
|
-
def initialize(url: 'https://api.osohq.com', api_key: nil, options: {})
|
|
273
|
-
@url = url
|
|
274
|
-
@connection = get_connection(options: options)
|
|
275
|
-
@parallel_connection = get_connection(options: { parallel_adapter: true, max_concurrency: options[:max_concurrency] })
|
|
276
252
|
|
|
277
253
|
if options && options[:fallback_url]
|
|
278
254
|
@fallback_connection = Faraday.new(url: options[:fallback_url]) do |faraday|
|
|
@@ -361,12 +337,6 @@ module OsoCloud
|
|
|
361
337
|
ActionsResult.new(**result)
|
|
362
338
|
end
|
|
363
339
|
|
|
364
|
-
def post_actions_batch(batch_data)
|
|
365
|
-
url = '/actions'
|
|
366
|
-
results = POST_BATCH(url, nil, batch_data, false)
|
|
367
|
-
results.map { |result| ActionsResult.new(**result.body) }
|
|
368
|
-
end
|
|
369
|
-
|
|
370
340
|
def post_bulk_actions(data)
|
|
371
341
|
url = '/bulk_actions'
|
|
372
342
|
results = POST(url, nil, data, false)
|
|
@@ -442,36 +412,6 @@ module OsoCloud
|
|
|
442
412
|
handle_faraday_error e
|
|
443
413
|
end
|
|
444
414
|
|
|
445
|
-
def POST_BATCH(path, params, body_array, isMutation)
|
|
446
|
-
connection = @parallel_connection
|
|
447
|
-
responses = []
|
|
448
|
-
connection.in_parallel do
|
|
449
|
-
responses = body_array.map do |body|
|
|
450
|
-
connection.post("api#{path}") do |req|
|
|
451
|
-
req.params = params unless params.nil?
|
|
452
|
-
req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
|
|
453
|
-
req.headers = headers
|
|
454
|
-
end
|
|
455
|
-
end
|
|
456
|
-
end
|
|
457
|
-
|
|
458
|
-
connection_failed = responses.find { |r| r.env.custom_members[:typhoeus_connection_failed] }
|
|
459
|
-
if connection_failed
|
|
460
|
-
raise Faraday::ConnectionFailed, connection_failed.env.custom_members[:typhoeus_return_message]
|
|
461
|
-
end
|
|
462
|
-
|
|
463
|
-
timed_out = responses.find { |r| r.env.custom_members[:typhoeus_timed_out] }
|
|
464
|
-
if timed_out
|
|
465
|
-
raise Faraday::TimeoutError, timed_out.env.custom_members[:typhoeus_return_message]
|
|
466
|
-
end
|
|
467
|
-
if isMutation
|
|
468
|
-
@last_offset = responses[-1].headers[:OsoOffset]
|
|
469
|
-
end
|
|
470
|
-
responses
|
|
471
|
-
rescue Faraday::Error => e
|
|
472
|
-
handle_faraday_error e
|
|
473
|
-
end
|
|
474
|
-
|
|
475
415
|
def POST(path, params, body, isMutation)
|
|
476
416
|
begin
|
|
477
417
|
response = @connection.post("api#{path}") do |req|
|
data/lib/oso/oso.rb
CHANGED
|
@@ -28,12 +28,11 @@ module OsoCloud
|
|
|
28
28
|
# Any other elements in the array, which together represent the fact's arguments,
|
|
29
29
|
# can be "OsoCloud::Value" objects or strings.
|
|
30
30
|
class Oso
|
|
31
|
-
def initialize(url: 'https://cloud.osohq.com', api_key: nil,
|
|
32
|
-
options
|
|
33
|
-
options[:fallback_url] = fallback_url unless fallback_url.nil?
|
|
34
|
-
@api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: options)
|
|
31
|
+
def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil)
|
|
32
|
+
@api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: { :fallback_url => fallback_url })
|
|
35
33
|
end
|
|
36
34
|
|
|
35
|
+
##
|
|
37
36
|
# Update the active policy
|
|
38
37
|
#
|
|
39
38
|
# Updates the active policy in Oso Cloud, The string passed into
|
|
@@ -271,39 +270,6 @@ module OsoCloud
|
|
|
271
270
|
context_facts: OsoCloud::Helpers.params_to_facts(context_facts)))
|
|
272
271
|
OsoCloud::Helpers.facts_to_params(result.results)
|
|
273
272
|
end
|
|
274
|
-
|
|
275
|
-
##
|
|
276
|
-
# List authorized actions for a batch of queries
|
|
277
|
-
#
|
|
278
|
-
# Fetches a list of actions which an actor can perform on a particular resource.
|
|
279
|
-
#
|
|
280
|
-
# @param actor [OsoCloud::Value]
|
|
281
|
-
# @param queries [Array<OsoCloud::Value>] | Array<[OsoCloud::Value, Array<fact>]>
|
|
282
|
-
# @return [Array<Array<String>>]
|
|
283
|
-
# @see Oso for more information about facts
|
|
284
|
-
def actions_batch(actor, queries:)
|
|
285
|
-
actor_typed_id = actor.to_api_value
|
|
286
|
-
data = queries.map do |q|
|
|
287
|
-
context_facts = []
|
|
288
|
-
resource = nil
|
|
289
|
-
if (q.is_a?(Array))
|
|
290
|
-
resource = q[0]
|
|
291
|
-
context_facts = q[1]
|
|
292
|
-
else
|
|
293
|
-
resource = q
|
|
294
|
-
end
|
|
295
|
-
resource_typed_id = resource.to_api_value
|
|
296
|
-
OsoCloud::Core::ActionsQuery.new(
|
|
297
|
-
actor_type: actor_typed_id.type,
|
|
298
|
-
actor_id: actor_typed_id.id,
|
|
299
|
-
resource_type: resource_typed_id.type,
|
|
300
|
-
resource_id: resource_typed_id.id,
|
|
301
|
-
context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
|
|
302
|
-
)
|
|
303
|
-
end
|
|
304
|
-
@api.post_actions_batch(data).map { |result| result.results}
|
|
305
|
-
end
|
|
306
|
-
|
|
307
273
|
##
|
|
308
274
|
# List authorized actions for a batch of queries
|
|
309
275
|
#
|
|
@@ -336,5 +302,4 @@ module OsoCloud
|
|
|
336
302
|
@api.post_bulk_actions(data).map { |result| result.results}
|
|
337
303
|
end
|
|
338
304
|
end
|
|
339
|
-
|
|
340
305
|
end
|
data/lib/oso/version.rb
CHANGED
data/oso-cloud.gemspec
CHANGED
|
@@ -22,10 +22,5 @@ Gem::Specification.new do |spec|
|
|
|
22
22
|
|
|
23
23
|
spec.add_dependency 'faraday', '~> 2.5.2'
|
|
24
24
|
spec.add_dependency 'faraday-retry', '~> 2.0.0'
|
|
25
|
-
spec.add_dependency 'faraday-net_http_persistent', '~> 2.0'
|
|
26
|
-
spec.add_dependency 'faraday-typhoeus', '~> 1.0.0'
|
|
27
|
-
#
|
|
28
25
|
spec.add_development_dependency 'minitest', '~> 5.15'
|
|
29
|
-
spec.add_development_dependency 'pry-rescue'
|
|
30
|
-
spec.add_development_dependency 'pry-stack_explorer'
|
|
31
26
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oso-cloud
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.4.0.dev.
|
|
4
|
+
version: 1.4.0.dev.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Oso Security, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-10-
|
|
11
|
+
date: 2023-10-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|
|
@@ -38,34 +38,6 @@ dependencies:
|
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: 2.0.0
|
|
41
|
-
- !ruby/object:Gem::Dependency
|
|
42
|
-
name: faraday-net_http_persistent
|
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
|
44
|
-
requirements:
|
|
45
|
-
- - "~>"
|
|
46
|
-
- !ruby/object:Gem::Version
|
|
47
|
-
version: '2.0'
|
|
48
|
-
type: :runtime
|
|
49
|
-
prerelease: false
|
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
-
requirements:
|
|
52
|
-
- - "~>"
|
|
53
|
-
- !ruby/object:Gem::Version
|
|
54
|
-
version: '2.0'
|
|
55
|
-
- !ruby/object:Gem::Dependency
|
|
56
|
-
name: faraday-typhoeus
|
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
|
58
|
-
requirements:
|
|
59
|
-
- - "~>"
|
|
60
|
-
- !ruby/object:Gem::Version
|
|
61
|
-
version: 1.0.0
|
|
62
|
-
type: :runtime
|
|
63
|
-
prerelease: false
|
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
-
requirements:
|
|
66
|
-
- - "~>"
|
|
67
|
-
- !ruby/object:Gem::Version
|
|
68
|
-
version: 1.0.0
|
|
69
41
|
- !ruby/object:Gem::Dependency
|
|
70
42
|
name: minitest
|
|
71
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -80,34 +52,6 @@ dependencies:
|
|
|
80
52
|
- - "~>"
|
|
81
53
|
- !ruby/object:Gem::Version
|
|
82
54
|
version: '5.15'
|
|
83
|
-
- !ruby/object:Gem::Dependency
|
|
84
|
-
name: pry-rescue
|
|
85
|
-
requirement: !ruby/object:Gem::Requirement
|
|
86
|
-
requirements:
|
|
87
|
-
- - ">="
|
|
88
|
-
- !ruby/object:Gem::Version
|
|
89
|
-
version: '0'
|
|
90
|
-
type: :development
|
|
91
|
-
prerelease: false
|
|
92
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
93
|
-
requirements:
|
|
94
|
-
- - ">="
|
|
95
|
-
- !ruby/object:Gem::Version
|
|
96
|
-
version: '0'
|
|
97
|
-
- !ruby/object:Gem::Dependency
|
|
98
|
-
name: pry-stack_explorer
|
|
99
|
-
requirement: !ruby/object:Gem::Requirement
|
|
100
|
-
requirements:
|
|
101
|
-
- - ">="
|
|
102
|
-
- !ruby/object:Gem::Version
|
|
103
|
-
version: '0'
|
|
104
|
-
type: :development
|
|
105
|
-
prerelease: false
|
|
106
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
-
requirements:
|
|
108
|
-
- - ">="
|
|
109
|
-
- !ruby/object:Gem::Version
|
|
110
|
-
version: '0'
|
|
111
55
|
description:
|
|
112
56
|
email:
|
|
113
57
|
- support@osohq.com
|