oso-cloud 1.4.0.dev.1 → 1.4.0.dev.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -34
- data/lib/oso/api.rb +5 -65
- data/lib/oso/oso.rb +3 -38
- data/lib/oso/version.rb +1 -1
- data/oso-cloud.gemspec +0 -5
- metadata +2 -58
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 15e2c4e47ed8fca8947b2e7ca216775deed37663897411d78d52b342b52927c7
|
|
4
|
+
data.tar.gz: f7a4c423f1ba49bebeec9c55969ad1e8f149f1816333e5c19ca34af5e0acbb3f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 19157f67ccff6f1867b5f32b6743db835f1d80e4c68ffaf8a0a8da88dd272feb5c213a333e861dc8d20350bd1e10bd4e4f44eabb86af8c00738fbca906cbbbf2
|
|
7
|
+
data.tar.gz: 0f22be0cb29d807e2d9576fa4fb034b543186693c860a17da2854b377494efd898cc92ffae5b78573ca250723f1a0de32c2711b9da12c5c065930bbca9c9315d
|
data/Gemfile.lock
CHANGED
|
@@ -1,53 +1,22 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
oso-cloud (1.4.0.dev.
|
|
4
|
+
oso-cloud (1.4.0.dev.2)
|
|
5
5
|
faraday (~> 2.5.2)
|
|
6
|
-
faraday-net_http_persistent (~> 2.0)
|
|
7
6
|
faraday-retry (~> 2.0.0)
|
|
8
|
-
faraday-typhoeus (~> 1.0.0)
|
|
9
7
|
|
|
10
8
|
GEM
|
|
11
9
|
remote: https://rubygems.org/
|
|
12
10
|
specs:
|
|
13
|
-
binding_of_caller (1.0.0)
|
|
14
|
-
debug_inspector (>= 0.0.1)
|
|
15
|
-
coderay (1.1.3)
|
|
16
|
-
connection_pool (2.4.1)
|
|
17
|
-
debug_inspector (1.1.0)
|
|
18
|
-
ethon (0.16.0)
|
|
19
|
-
ffi (>= 1.15.0)
|
|
20
11
|
faraday (2.5.2)
|
|
21
12
|
faraday-net_http (>= 2.0, < 3.1)
|
|
22
13
|
ruby2_keywords (>= 0.0.4)
|
|
23
14
|
faraday-net_http (3.0.2)
|
|
24
|
-
faraday-net_http_persistent (2.1.0)
|
|
25
|
-
faraday (~> 2.5)
|
|
26
|
-
net-http-persistent (~> 4.0)
|
|
27
15
|
faraday-retry (2.0.0)
|
|
28
16
|
faraday (~> 2.0)
|
|
29
|
-
faraday-typhoeus (1.0.0)
|
|
30
|
-
faraday (~> 2.0)
|
|
31
|
-
typhoeus (~> 1.4)
|
|
32
|
-
ffi (1.16.3)
|
|
33
|
-
interception (0.5)
|
|
34
|
-
method_source (1.0.0)
|
|
35
17
|
minitest (5.18.0)
|
|
36
|
-
net-http-persistent (4.0.2)
|
|
37
|
-
connection_pool (~> 2.2)
|
|
38
|
-
pry (0.14.2)
|
|
39
|
-
coderay (~> 1.1)
|
|
40
|
-
method_source (~> 1.0)
|
|
41
|
-
pry-rescue (1.5.2)
|
|
42
|
-
interception (>= 0.5)
|
|
43
|
-
pry (>= 0.12.0)
|
|
44
|
-
pry-stack_explorer (0.6.1)
|
|
45
|
-
binding_of_caller (~> 1.0)
|
|
46
|
-
pry (~> 0.13)
|
|
47
18
|
rake (12.3.3)
|
|
48
19
|
ruby2_keywords (0.0.5)
|
|
49
|
-
typhoeus (1.4.0)
|
|
50
|
-
ethon (>= 0.9.0)
|
|
51
20
|
|
|
52
21
|
PLATFORMS
|
|
53
22
|
ruby
|
|
@@ -55,8 +24,6 @@ PLATFORMS
|
|
|
55
24
|
DEPENDENCIES
|
|
56
25
|
minitest (~> 5.15)
|
|
57
26
|
oso-cloud!
|
|
58
|
-
pry-rescue
|
|
59
|
-
pry-stack_explorer
|
|
60
27
|
rake (~> 12.0)
|
|
61
28
|
|
|
62
29
|
BUNDLED WITH
|
data/lib/oso/api.rb
CHANGED
|
@@ -2,8 +2,6 @@ require 'json'
|
|
|
2
2
|
require 'uri'
|
|
3
3
|
require 'faraday'
|
|
4
4
|
require 'faraday/retry'
|
|
5
|
-
require 'faraday/typhoeus'
|
|
6
|
-
require 'faraday/net_http_persistent'
|
|
7
5
|
|
|
8
6
|
require 'oso/helpers'
|
|
9
7
|
require 'oso/version'
|
|
@@ -203,21 +201,11 @@ module OsoCloud
|
|
|
203
201
|
end
|
|
204
202
|
end
|
|
205
203
|
|
|
206
|
-
class OsoAdapter < Faraday::Adapter::Typhoeus
|
|
207
|
-
@@max_concurrency = 20
|
|
208
|
-
|
|
209
|
-
def self.setup_parallel_manager(options = {})
|
|
210
|
-
options[:max_concurrency] = @@max_concurrency
|
|
211
|
-
::Typhoeus::Hydra.new(options)
|
|
212
|
-
end
|
|
213
|
-
end
|
|
214
|
-
|
|
215
|
-
Faraday::Adapter.register_middleware(oso_http: OsoAdapter)
|
|
216
|
-
|
|
217
204
|
# @!visibility private
|
|
218
205
|
class Api
|
|
219
|
-
def
|
|
220
|
-
|
|
206
|
+
def initialize(url: 'https://api.osohq.com', api_key: nil, options: nil)
|
|
207
|
+
@url = url
|
|
208
|
+
@connection = Faraday.new(url: url) do |faraday|
|
|
221
209
|
faraday.request :json
|
|
222
210
|
|
|
223
211
|
# responses are processed in reverse order; this stack implies the
|
|
@@ -225,7 +213,6 @@ module OsoCloud
|
|
|
225
213
|
# parser is only applied if there are no errors
|
|
226
214
|
faraday.response :json, parser_options: { symbolize_names: true }
|
|
227
215
|
faraday.response :raise_error
|
|
228
|
-
# faraday.response :logger
|
|
229
216
|
faraday.request :retry, {
|
|
230
217
|
max: (options && options[:max_retries]) || 10,
|
|
231
218
|
interval: 0.01,
|
|
@@ -243,7 +230,7 @@ module OsoCloud
|
|
|
243
230
|
/api/actions
|
|
244
231
|
/api/query
|
|
245
232
|
].include? env.url.path
|
|
246
|
-
}
|
|
233
|
+
}
|
|
247
234
|
}
|
|
248
235
|
|
|
249
236
|
if options && options[:test_adapter]
|
|
@@ -258,21 +245,10 @@ module OsoCloud
|
|
|
258
245
|
options[:test_adapter][:func].call
|
|
259
246
|
end
|
|
260
247
|
end
|
|
261
|
-
elsif options && options[:parallel_adapter]
|
|
262
|
-
if options[:max_concurrency]
|
|
263
|
-
OsoAdapter.class_variable_set(:@@max_concurrency, options[:max_concurrency])
|
|
264
|
-
end
|
|
265
|
-
faraday.adapter :oso_http, forbid_reuse: false, maxredirs: 1, connecttimeout: 30
|
|
266
248
|
else
|
|
267
|
-
faraday.adapter :
|
|
249
|
+
faraday.adapter :net_http
|
|
268
250
|
end
|
|
269
251
|
end
|
|
270
|
-
end
|
|
271
|
-
|
|
272
|
-
def initialize(url: 'https://api.osohq.com', api_key: nil, options: {})
|
|
273
|
-
@url = url
|
|
274
|
-
@connection = get_connection(options: options)
|
|
275
|
-
@parallel_connection = get_connection(options: { parallel_adapter: true, max_concurrency: options[:max_concurrency] })
|
|
276
252
|
|
|
277
253
|
if options && options[:fallback_url]
|
|
278
254
|
@fallback_connection = Faraday.new(url: options[:fallback_url]) do |faraday|
|
|
@@ -361,12 +337,6 @@ module OsoCloud
|
|
|
361
337
|
ActionsResult.new(**result)
|
|
362
338
|
end
|
|
363
339
|
|
|
364
|
-
def post_actions_batch(batch_data)
|
|
365
|
-
url = '/actions'
|
|
366
|
-
results = POST_BATCH(url, nil, batch_data, false)
|
|
367
|
-
results.map { |result| ActionsResult.new(**result.body) }
|
|
368
|
-
end
|
|
369
|
-
|
|
370
340
|
def post_bulk_actions(data)
|
|
371
341
|
url = '/bulk_actions'
|
|
372
342
|
results = POST(url, nil, data, false)
|
|
@@ -442,36 +412,6 @@ module OsoCloud
|
|
|
442
412
|
handle_faraday_error e
|
|
443
413
|
end
|
|
444
414
|
|
|
445
|
-
def POST_BATCH(path, params, body_array, isMutation)
|
|
446
|
-
connection = @parallel_connection
|
|
447
|
-
responses = []
|
|
448
|
-
connection.in_parallel do
|
|
449
|
-
responses = body_array.map do |body|
|
|
450
|
-
connection.post("api#{path}") do |req|
|
|
451
|
-
req.params = params unless params.nil?
|
|
452
|
-
req.body = OsoCloud::Helpers.to_hash(body) unless body.nil?
|
|
453
|
-
req.headers = headers
|
|
454
|
-
end
|
|
455
|
-
end
|
|
456
|
-
end
|
|
457
|
-
|
|
458
|
-
connection_failed = responses.find { |r| r.env.custom_members[:typhoeus_connection_failed] }
|
|
459
|
-
if connection_failed
|
|
460
|
-
raise Faraday::ConnectionFailed, connection_failed.env.custom_members[:typhoeus_return_message]
|
|
461
|
-
end
|
|
462
|
-
|
|
463
|
-
timed_out = responses.find { |r| r.env.custom_members[:typhoeus_timed_out] }
|
|
464
|
-
if timed_out
|
|
465
|
-
raise Faraday::TimeoutError, timed_out.env.custom_members[:typhoeus_return_message]
|
|
466
|
-
end
|
|
467
|
-
if isMutation
|
|
468
|
-
@last_offset = responses[-1].headers[:OsoOffset]
|
|
469
|
-
end
|
|
470
|
-
responses
|
|
471
|
-
rescue Faraday::Error => e
|
|
472
|
-
handle_faraday_error e
|
|
473
|
-
end
|
|
474
|
-
|
|
475
415
|
def POST(path, params, body, isMutation)
|
|
476
416
|
begin
|
|
477
417
|
response = @connection.post("api#{path}") do |req|
|
data/lib/oso/oso.rb
CHANGED
|
@@ -28,12 +28,11 @@ module OsoCloud
|
|
|
28
28
|
# Any other elements in the array, which together represent the fact's arguments,
|
|
29
29
|
# can be "OsoCloud::Value" objects or strings.
|
|
30
30
|
class Oso
|
|
31
|
-
def initialize(url: 'https://cloud.osohq.com', api_key: nil,
|
|
32
|
-
options
|
|
33
|
-
options[:fallback_url] = fallback_url unless fallback_url.nil?
|
|
34
|
-
@api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: options)
|
|
31
|
+
def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil)
|
|
32
|
+
@api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: { :fallback_url => fallback_url })
|
|
35
33
|
end
|
|
36
34
|
|
|
35
|
+
##
|
|
37
36
|
# Update the active policy
|
|
38
37
|
#
|
|
39
38
|
# Updates the active policy in Oso Cloud, The string passed into
|
|
@@ -271,39 +270,6 @@ module OsoCloud
|
|
|
271
270
|
context_facts: OsoCloud::Helpers.params_to_facts(context_facts)))
|
|
272
271
|
OsoCloud::Helpers.facts_to_params(result.results)
|
|
273
272
|
end
|
|
274
|
-
|
|
275
|
-
##
|
|
276
|
-
# List authorized actions for a batch of queries
|
|
277
|
-
#
|
|
278
|
-
# Fetches a list of actions which an actor can perform on a particular resource.
|
|
279
|
-
#
|
|
280
|
-
# @param actor [OsoCloud::Value]
|
|
281
|
-
# @param queries [Array<OsoCloud::Value>] | Array<[OsoCloud::Value, Array<fact>]>
|
|
282
|
-
# @return [Array<Array<String>>]
|
|
283
|
-
# @see Oso for more information about facts
|
|
284
|
-
def actions_batch(actor, queries:)
|
|
285
|
-
actor_typed_id = actor.to_api_value
|
|
286
|
-
data = queries.map do |q|
|
|
287
|
-
context_facts = []
|
|
288
|
-
resource = nil
|
|
289
|
-
if (q.is_a?(Array))
|
|
290
|
-
resource = q[0]
|
|
291
|
-
context_facts = q[1]
|
|
292
|
-
else
|
|
293
|
-
resource = q
|
|
294
|
-
end
|
|
295
|
-
resource_typed_id = resource.to_api_value
|
|
296
|
-
OsoCloud::Core::ActionsQuery.new(
|
|
297
|
-
actor_type: actor_typed_id.type,
|
|
298
|
-
actor_id: actor_typed_id.id,
|
|
299
|
-
resource_type: resource_typed_id.type,
|
|
300
|
-
resource_id: resource_typed_id.id,
|
|
301
|
-
context_facts: OsoCloud::Helpers.params_to_facts(context_facts)
|
|
302
|
-
)
|
|
303
|
-
end
|
|
304
|
-
@api.post_actions_batch(data).map { |result| result.results}
|
|
305
|
-
end
|
|
306
|
-
|
|
307
273
|
##
|
|
308
274
|
# List authorized actions for a batch of queries
|
|
309
275
|
#
|
|
@@ -336,5 +302,4 @@ module OsoCloud
|
|
|
336
302
|
@api.post_bulk_actions(data).map { |result| result.results}
|
|
337
303
|
end
|
|
338
304
|
end
|
|
339
|
-
|
|
340
305
|
end
|
data/lib/oso/version.rb
CHANGED
data/oso-cloud.gemspec
CHANGED
|
@@ -22,10 +22,5 @@ Gem::Specification.new do |spec|
|
|
|
22
22
|
|
|
23
23
|
spec.add_dependency 'faraday', '~> 2.5.2'
|
|
24
24
|
spec.add_dependency 'faraday-retry', '~> 2.0.0'
|
|
25
|
-
spec.add_dependency 'faraday-net_http_persistent', '~> 2.0'
|
|
26
|
-
spec.add_dependency 'faraday-typhoeus', '~> 1.0.0'
|
|
27
|
-
#
|
|
28
25
|
spec.add_development_dependency 'minitest', '~> 5.15'
|
|
29
|
-
spec.add_development_dependency 'pry-rescue'
|
|
30
|
-
spec.add_development_dependency 'pry-stack_explorer'
|
|
31
26
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oso-cloud
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.4.0.dev.
|
|
4
|
+
version: 1.4.0.dev.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Oso Security, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-10-
|
|
11
|
+
date: 2023-10-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|
|
@@ -38,34 +38,6 @@ dependencies:
|
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: 2.0.0
|
|
41
|
-
- !ruby/object:Gem::Dependency
|
|
42
|
-
name: faraday-net_http_persistent
|
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
|
44
|
-
requirements:
|
|
45
|
-
- - "~>"
|
|
46
|
-
- !ruby/object:Gem::Version
|
|
47
|
-
version: '2.0'
|
|
48
|
-
type: :runtime
|
|
49
|
-
prerelease: false
|
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
-
requirements:
|
|
52
|
-
- - "~>"
|
|
53
|
-
- !ruby/object:Gem::Version
|
|
54
|
-
version: '2.0'
|
|
55
|
-
- !ruby/object:Gem::Dependency
|
|
56
|
-
name: faraday-typhoeus
|
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
|
58
|
-
requirements:
|
|
59
|
-
- - "~>"
|
|
60
|
-
- !ruby/object:Gem::Version
|
|
61
|
-
version: 1.0.0
|
|
62
|
-
type: :runtime
|
|
63
|
-
prerelease: false
|
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
-
requirements:
|
|
66
|
-
- - "~>"
|
|
67
|
-
- !ruby/object:Gem::Version
|
|
68
|
-
version: 1.0.0
|
|
69
41
|
- !ruby/object:Gem::Dependency
|
|
70
42
|
name: minitest
|
|
71
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -80,34 +52,6 @@ dependencies:
|
|
|
80
52
|
- - "~>"
|
|
81
53
|
- !ruby/object:Gem::Version
|
|
82
54
|
version: '5.15'
|
|
83
|
-
- !ruby/object:Gem::Dependency
|
|
84
|
-
name: pry-rescue
|
|
85
|
-
requirement: !ruby/object:Gem::Requirement
|
|
86
|
-
requirements:
|
|
87
|
-
- - ">="
|
|
88
|
-
- !ruby/object:Gem::Version
|
|
89
|
-
version: '0'
|
|
90
|
-
type: :development
|
|
91
|
-
prerelease: false
|
|
92
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
93
|
-
requirements:
|
|
94
|
-
- - ">="
|
|
95
|
-
- !ruby/object:Gem::Version
|
|
96
|
-
version: '0'
|
|
97
|
-
- !ruby/object:Gem::Dependency
|
|
98
|
-
name: pry-stack_explorer
|
|
99
|
-
requirement: !ruby/object:Gem::Requirement
|
|
100
|
-
requirements:
|
|
101
|
-
- - ">="
|
|
102
|
-
- !ruby/object:Gem::Version
|
|
103
|
-
version: '0'
|
|
104
|
-
type: :development
|
|
105
|
-
prerelease: false
|
|
106
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
-
requirements:
|
|
108
|
-
- - ">="
|
|
109
|
-
- !ruby/object:Gem::Version
|
|
110
|
-
version: '0'
|
|
111
55
|
description:
|
|
112
56
|
email:
|
|
113
57
|
- support@osohq.com
|