RubyGems - oso-cloud - Versions diffs - 1.5.0.pre.1 → 1.5.0 - Mend

oso-cloud 1.5.0.pre.1 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 49263eac12bcf56f22f66f9bf6a456164dc69ec1f2406c78ce09541638782ec4
-  data.tar.gz: '0488d56163f5fa068152c25f391f668542a92ecc43e385f63ef92728d37ee2be'
+  metadata.gz: 8caffaaf6fc5b7f40897324bf031d6151d1a89f325c0a923faf90a83b69450db
+  data.tar.gz: 6bac277adc4fb5f09613b45bd4dfe234c20650b8109111315f7b34d5c1fa8889
 SHA512:
-  metadata.gz: 49c372d256f076a88ff06fb539ff894d6040250c2244f3c6e1affbaf9990515ab364af3961479c41180751d7c2c01ebbebbb9decae0dc602fa29ad06f87315f1
-  data.tar.gz: f657048f571981bf2b51ac7a41b0865526857d6ffc90e96db9a2a95f82dff5cf889bf264e1c8232c157367c996c6c9be66a3d050290eddbcbfcdb17dd97dfe6d
+  metadata.gz: 9ec6d213cd63d70183c7364607377dc65ad4d814c7274421d5420e27a2105b7dfa8ad5efcf3f11e0678acd7f2d182c6695126cc3202aba5b16560da2e88902b2
+  data.tar.gz: 3edaab02b6ac4614efd53e4674827ccd92a5680ad063b380cebc9373e4a195cee243cae0da100f51129d9a34913d3e8dd8e5aac3e8ef8c4fc91648602bdd2b00

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    oso-cloud (1.5.0.pre.1)
+    oso-cloud (1.5.0)
       faraday (~> 2.5.2)
       faraday-net_http_persistent (~> 2.0)
       faraday-retry (~> 2.0.0)
@@ -9,28 +9,7 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (7.1.3)
-      activesupport (= 7.1.3)
-    activerecord (7.1.3)
-      activemodel (= 7.1.3)
-      activesupport (= 7.1.3)
-      timeout (>= 0.4.0)
-    activesupport (7.1.3)
-      base64
-      bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      connection_pool (>= 2.2.5)
-      drb
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      mutex_m
-      tzinfo (~> 2.0)
-    base64 (0.2.0)
-    bigdecimal (3.1.6)
-    concurrent-ruby (1.2.3)
     connection_pool (2.4.1)
-    drb (2.2.0)
-      ruby2_keywords
     faraday (2.5.2)
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
@@ -40,28 +19,19 @@ GEM
       net-http-persistent (~> 4.0)
     faraday-retry (2.0.0)
       faraday (~> 2.0)
-    i18n (1.14.1)
-      concurrent-ruby (~> 1.0)
     minitest (5.18.0)
-    mutex_m (0.2.0)
     net-http-persistent (4.0.2)
       connection_pool (~> 2.2)
-    pg (1.5.4)
     rake (12.3.3)
     ruby2_keywords (0.0.5)
-    timeout (0.4.1)
-    tzinfo (2.0.6)
-      concurrent-ruby (~> 1.0)
 PLATFORMS
   ruby
 DEPENDENCIES
-  activerecord (~> 7.0)
   minitest (~> 5.15)
   oso-cloud!
-  pg (~> 1.0)
   rake (~> 12.0)
 BUNDLED WITH
-   2.5.6
+   2.3.13

data/lib/oso/api.rb CHANGED Viewed

@@ -49,6 +49,43 @@ module OsoCloud
       end
     end
+    class PolicyMetadata
+      attr_reader :resources
+      def initialize(resources:)
+        @resources = resources.map do |k, v|
+          if v.is_a? ResourceMetadata
+            [k, v]
+          else
+            [k, ResourceMetadata.new(**v)]
+          end
+        end.to_h
+      end
+    end
+    class ResourceMetadata
+      attr_reader :roles, :permissions, :relations
+      def initialize(roles:, permissions:, relations:)
+        @roles = roles
+        @permissions = permissions
+        @relations = relations
+      end
+    end
+    # @!visibility private
+    class GetPolicyMetadataResult
+      attr_reader :metadata
+      def initialize(metadata:)
+        @metadata = if metadata.is_a? PolicyMetadata
+          metadata
+        else
+          PolicyMetadata.new(**metadata)
+        end
+      end
+    end
     # @!visibility private
     class Fact
       attr_reader :predicate, :args
@@ -202,39 +239,9 @@ module OsoCloud
       end
     end
-    # @!visibility private
-    class LocalAuthQuery
-      attr_reader :query, :data_bindings
-      def initialize(query:, data_bindings:)
-        @query = query
-        @data_bindings = data_bindings
-      end
-    end
-    # @!visibility private
-    class LocalListQuery
-      attr_reader :query, :column, :data_bindings
-      def initialize(query:, column:, data_bindings:)
-        @query = query
-        @column = column
-        @data_bindings = data_bindings
-      end
-    end
-    # @!visibility private
-    class LocalQueryResult
-      attr_reader :sql
-      def initialize(sql:)
-        @sql = sql
-      end
-    end
     # @!visibility private
     class Api
-      def initialize(url: 'https://api.osohq.com', api_key: nil, data_bindings: nil, options: nil)
+      def initialize(url: 'https://api.osohq.com', api_key: nil, options: nil)
         @url = url
         @connection = Faraday.new(url: url) do |faraday|
           faraday.request :json
@@ -292,7 +299,6 @@ module OsoCloud
         @api_key = api_key
         @user_agent = "Oso Cloud (ruby #{RUBY_VERSION}p#{RUBY_PATCHLEVEL}; rv:#{VERSION})"
         @last_offset = nil
-        @data_bindings = IO.read(data_bindings) unless data_bindings.nil?
       end
       def fallback_eligible(path)
@@ -309,6 +315,12 @@ module OsoCloud
         GetPolicyResult.new(**result)
       end
+      def get_policy_metadata
+        url = '/policy_metadata'
+        result = GET(url, nil)
+        GetPolicyMetadataResult.new(**result)
+      end
       def post_policy(data)
         url = '/policy'
         result = POST(url, nil, data, true)
@@ -387,20 +399,6 @@ module OsoCloud
         StatsResult.new(**result)
       end
-      def post_authorize_query(query)
-        url = '/authorize_query'
-        data = LocalAuthQuery.new(query: query, data_bindings: @data_bindings)
-        result = POST(url, nil, data, false)
-        LocalQueryResult.new(**result)
-      end
-      def post_list_query(query:, column:)
-        url = '/list_query'
-        data = LocalListQuery.new(query: query, column: column, data_bindings: @data_bindings)
-        result = POST(url, nil, data, false)
-        LocalQueryResult.new(**result)
-      end
       def clear_data
         url = '/clear_data'
         result = POST(url, nil, nil, true)

data/lib/oso/oso.rb CHANGED Viewed

@@ -28,8 +28,8 @@ module OsoCloud
   # Any other elements in the array, which together represent the fact's arguments,
   # can be "OsoCloud::Value" objects or strings.
   class Oso
-    def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil, data_bindings: nil)
-      @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, data_bindings: data_bindings, options: { :fallback_url => fallback_url })
+    def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil)
+      @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: { :fallback_url => fallback_url })
     end
     ##
@@ -45,6 +45,12 @@ module OsoCloud
       nil
     end
+    ##
+    #  Returns metadata about the currently active policy
+    def get_policy_metadata
+      @api.get_policy_metadata.metadata
+    end
     ##
     # Check a permission
     #
@@ -71,56 +77,6 @@ module OsoCloud
       result.allowed
     end
-    ##
-    # Check a permission depending on data both in Oso Cloud and stored in a local database
-    #
-    # Returns a SQL query to run against the local database
-    #
-    # @param actor [OsoCloud::Value]
-    # @param action [String]
-    # @param resource [OsoCloud::Value]
-    # @param column [String]
-    # @return [Array<String>]
-    def authorize_local(actor, action, resource)
-      actor_typed_id = actor.to_api_value
-      resource_typed_id = resource.to_api_value
-      result = @api.post_authorize_query(
-        OsoCloud::Core::AuthorizeQuery.new(
-          actor_type: actor_typed_id.type,
-          actor_id: actor_typed_id.id,
-          action: action,
-          resource_type: resource_typed_id.type,
-          resource_id: resource_typed_id.id,
-          context_facts: []
-        )
-      )
-      result.sql
-    end
-    ##
-    # List authorized resources depending on data both in Oso Cloud and stored in a local database
-    #
-    # Returns a SQL query to run against the local database
-    #
-    # @param actor [OsoCloud::Value]
-    # @param action [String]
-    # @param resource_type [String]
-    # @return [Array<String>]
-    def list_local(actor, action, resource_type, column)
-      actor_typed_id = actor.to_api_value
-      result = @api.post_list_query(
-        query: OsoCloud::Core::ListQuery.new(
-          actor_type: actor_typed_id.type,
-          actor_id: actor_typed_id.id,
-          action: action,
-          resource_type: resource_type,
-          context_facts: []
-        ),
-        column: column
-      )
-      result.sql
-    end
     ##
     # Check authorized resources
     #

data/lib/oso/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module OsoCloud
-  VERSION = '1.5.0.pre.1'.freeze
+  VERSION = '1.5.0'.freeze
 end

data/oso-cloud.gemspec CHANGED Viewed

@@ -24,6 +24,4 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'faraday-retry', '~> 2.0.0'
   spec.add_dependency 'faraday-net_http_persistent', '~> 2.0'
   spec.add_development_dependency 'minitest', '~> 5.15'
-  spec.add_development_dependency 'pg', '~> 1.0'
-  spec.add_development_dependency 'activerecord', '~> 7.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oso-cloud
 version: !ruby/object:Gem::Version
-  version: 1.5.0.pre.1
+  version: 1.5.0
 platform: ruby
 authors:
 - Oso Security, Inc.
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-02-15 00:00:00.000000000 Z
+date: 2024-02-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -66,34 +66,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.15'
-- !ruby/object:Gem::Dependency
-  name: pg
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '7.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '7.0'
 description:
 email:
 - support@osohq.com
@@ -130,9 +102,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.2.33
 signing_key: