RubyGems - oso-cloud - Versions diffs - 1.5.0.pre.1 → 1.5.1 - Mend

oso-cloud 1.5.0.pre.1 → 1.5.1

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 49263eac12bcf56f22f66f9bf6a456164dc69ec1f2406c78ce09541638782ec4
-  data.tar.gz: '0488d56163f5fa068152c25f391f668542a92ecc43e385f63ef92728d37ee2be'
+  metadata.gz: c024d83cfedf34c1651af2ae18b55871030b1bceb321503ccb4ad6f431e28e72
+  data.tar.gz: 6b09b842d1e03a632fb812a874c77a2bbe7ee205daadf12be6f14e9ee3f84430
 SHA512:
-  metadata.gz: 49c372d256f076a88ff06fb539ff894d6040250c2244f3c6e1affbaf9990515ab364af3961479c41180751d7c2c01ebbebbb9decae0dc602fa29ad06f87315f1
-  data.tar.gz: f657048f571981bf2b51ac7a41b0865526857d6ffc90e96db9a2a95f82dff5cf889bf264e1c8232c157367c996c6c9be66a3d050290eddbcbfcdb17dd97dfe6d
+  metadata.gz: 05a25bb4a5c6e5bf9634e71c764610c59e04c40fe65b713a89c3f2a921f120ec229d4aa651700aecac3c181227a11b78583b290a3c3fb7c876c706283bf7aaaf
+  data.tar.gz: 6bb8a131b8024389ce5ff9a18d13d25cfe990bc35ef571a821781567570ba717017ba9485776e767c7faa57966865b11e3a12bad2a91cf97afabbcbcf730977d

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    oso-cloud (1.5.0.pre.1)
+    oso-cloud (1.5.1)
       faraday (~> 2.5.2)
       faraday-net_http_persistent (~> 2.0)
       faraday-retry (~> 2.0.0)
@@ -9,28 +9,7 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (7.1.3)
-      activesupport (= 7.1.3)
-    activerecord (7.1.3)
-      activemodel (= 7.1.3)
-      activesupport (= 7.1.3)
-      timeout (>= 0.4.0)
-    activesupport (7.1.3)
-      base64
-      bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      connection_pool (>= 2.2.5)
-      drb
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      mutex_m
-      tzinfo (~> 2.0)
-    base64 (0.2.0)
-    bigdecimal (3.1.6)
-    concurrent-ruby (1.2.3)
     connection_pool (2.4.1)
-    drb (2.2.0)
-      ruby2_keywords
     faraday (2.5.2)
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
@@ -40,28 +19,19 @@ GEM
       net-http-persistent (~> 4.0)
     faraday-retry (2.0.0)
       faraday (~> 2.0)
-    i18n (1.14.1)
-      concurrent-ruby (~> 1.0)
     minitest (5.18.0)
-    mutex_m (0.2.0)
     net-http-persistent (4.0.2)
       connection_pool (~> 2.2)
-    pg (1.5.4)
     rake (12.3.3)
     ruby2_keywords (0.0.5)
-    timeout (0.4.1)
-    tzinfo (2.0.6)
-      concurrent-ruby (~> 1.0)
 PLATFORMS
   ruby
 DEPENDENCIES
-  activerecord (~> 7.0)
   minitest (~> 5.15)
   oso-cloud!
-  pg (~> 1.0)
   rake (~> 12.0)
 BUNDLED WITH
-   2.5.6
+   2.3.13

data/lib/oso/api.rb CHANGED Viewed

@@ -49,6 +49,43 @@ module OsoCloud
       end
     end
+    class PolicyMetadata
+      attr_reader :resources
+      def initialize(resources:)
+        @resources = resources.map do |k, v|
+          if v.is_a? ResourceMetadata
+            [k, v]
+          else
+            [k, ResourceMetadata.new(**v)]
+          end
+        end.to_h
+      end
+    end
+    class ResourceMetadata
+      attr_reader :roles, :permissions, :relations
+      def initialize(roles:, permissions:, relations:)
+        @roles = roles
+        @permissions = permissions
+        @relations = relations
+      end
+    end
+    # @!visibility private
+    class GetPolicyMetadataResult
+      attr_reader :metadata
+      def initialize(metadata:)
+        @metadata = if metadata.is_a? PolicyMetadata
+          metadata
+        else
+          PolicyMetadata.new(**metadata)
+        end
+      end
+    end
     # @!visibility private
     class Fact
       attr_reader :predicate, :args
@@ -202,39 +239,9 @@ module OsoCloud
       end
     end
-    # @!visibility private
-    class LocalAuthQuery
-      attr_reader :query, :data_bindings
-      def initialize(query:, data_bindings:)
-        @query = query
-        @data_bindings = data_bindings
-      end
-    end
-    # @!visibility private
-    class LocalListQuery
-      attr_reader :query, :column, :data_bindings
-      def initialize(query:, column:, data_bindings:)
-        @query = query
-        @column = column
-        @data_bindings = data_bindings
-      end
-    end
-    # @!visibility private
-    class LocalQueryResult
-      attr_reader :sql
-      def initialize(sql:)
-        @sql = sql
-      end
-    end
     # @!visibility private
     class Api
-      def initialize(url: 'https://api.osohq.com', api_key: nil, data_bindings: nil, options: nil)
+      def initialize(url: 'https://api.osohq.com', api_key: nil, options: nil)
         @url = url
         @connection = Faraday.new(url: url) do |faraday|
           faraday.request :json
@@ -251,17 +258,9 @@ module OsoCloud
             max_interval: 1,
             backoff_factor: 2,
             retry_statuses: [429, 500, 502, 503, 504],
-            # ensure authorize and related check functions are retried because
-            # they are POST requests, which are not retried automatically
-            retry_if: lambda { |env, _exc|
-              %w[
-                /api/authorize
-                /api/authorize_resources
-                /api/list
-                /api/actions
-                /api/query
-              ].include? env.url.path
-            }
+            # This is the default set of methods plus POST.
+            # ref: https://github.com/lostisland/faraday-retry#specify-which-methods-will-be-retried
+            methods: %i[delete get head options post put],
           }
           if options && options[:test_adapter]
@@ -292,7 +291,6 @@ module OsoCloud
         @api_key = api_key
         @user_agent = "Oso Cloud (ruby #{RUBY_VERSION}p#{RUBY_PATCHLEVEL}; rv:#{VERSION})"
         @last_offset = nil
-        @data_bindings = IO.read(data_bindings) unless data_bindings.nil?
       end
       def fallback_eligible(path)
@@ -309,6 +307,12 @@ module OsoCloud
         GetPolicyResult.new(**result)
       end
+      def get_policy_metadata
+        url = '/policy_metadata'
+        result = GET(url, nil)
+        GetPolicyMetadataResult.new(**result)
+      end
       def post_policy(data)
         url = '/policy'
         result = POST(url, nil, data, true)
@@ -387,20 +391,6 @@ module OsoCloud
         StatsResult.new(**result)
       end
-      def post_authorize_query(query)
-        url = '/authorize_query'
-        data = LocalAuthQuery.new(query: query, data_bindings: @data_bindings)
-        result = POST(url, nil, data, false)
-        LocalQueryResult.new(**result)
-      end
-      def post_list_query(query:, column:)
-        url = '/list_query'
-        data = LocalListQuery.new(query: query, column: column, data_bindings: @data_bindings)
-        result = POST(url, nil, data, false)
-        LocalQueryResult.new(**result)
-      end
       def clear_data
         url = '/clear_data'
         result = POST(url, nil, nil, true)

data/lib/oso/oso.rb CHANGED Viewed

@@ -28,8 +28,8 @@ module OsoCloud
   # Any other elements in the array, which together represent the fact's arguments,
   # can be "OsoCloud::Value" objects or strings.
   class Oso
-    def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil, data_bindings: nil)
-      @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, data_bindings: data_bindings, options: { :fallback_url => fallback_url })
+    def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil)
+      @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: { :fallback_url => fallback_url })
     end
     ##
@@ -45,6 +45,12 @@ module OsoCloud
       nil
     end
+    ##
+    #  Returns metadata about the currently active policy
+    def get_policy_metadata
+      @api.get_policy_metadata.metadata
+    end
     ##
     # Check a permission
     #
@@ -71,56 +77,6 @@ module OsoCloud
       result.allowed
     end
-    ##
-    # Check a permission depending on data both in Oso Cloud and stored in a local database
-    #
-    # Returns a SQL query to run against the local database
-    #
-    # @param actor [OsoCloud::Value]
-    # @param action [String]
-    # @param resource [OsoCloud::Value]
-    # @param column [String]
-    # @return [Array<String>]
-    def authorize_local(actor, action, resource)
-      actor_typed_id = actor.to_api_value
-      resource_typed_id = resource.to_api_value
-      result = @api.post_authorize_query(
-        OsoCloud::Core::AuthorizeQuery.new(
-          actor_type: actor_typed_id.type,
-          actor_id: actor_typed_id.id,
-          action: action,
-          resource_type: resource_typed_id.type,
-          resource_id: resource_typed_id.id,
-          context_facts: []
-        )
-      )
-      result.sql
-    end
-    ##
-    # List authorized resources depending on data both in Oso Cloud and stored in a local database
-    #
-    # Returns a SQL query to run against the local database
-    #
-    # @param actor [OsoCloud::Value]
-    # @param action [String]
-    # @param resource_type [String]
-    # @return [Array<String>]
-    def list_local(actor, action, resource_type, column)
-      actor_typed_id = actor.to_api_value
-      result = @api.post_list_query(
-        query: OsoCloud::Core::ListQuery.new(
-          actor_type: actor_typed_id.type,
-          actor_id: actor_typed_id.id,
-          action: action,
-          resource_type: resource_type,
-          context_facts: []
-        ),
-        column: column
-      )
-      result.sql
-    end
     ##
     # Check authorized resources
     #

data/lib/oso/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module OsoCloud
-  VERSION = '1.5.0.pre.1'.freeze
+  VERSION = '1.5.1'.freeze
 end

data/oso-cloud.gemspec CHANGED Viewed

@@ -24,6 +24,4 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'faraday-retry', '~> 2.0.0'
   spec.add_dependency 'faraday-net_http_persistent', '~> 2.0'
   spec.add_development_dependency 'minitest', '~> 5.15'
-  spec.add_development_dependency 'pg', '~> 1.0'
-  spec.add_development_dependency 'activerecord', '~> 7.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oso-cloud
 version: !ruby/object:Gem::Version
-  version: 1.5.0.pre.1
+  version: 1.5.1
 platform: ruby
 authors:
 - Oso Security, Inc.
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-02-15 00:00:00.000000000 Z
+date: 2024-03-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -66,34 +66,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.15'
-- !ruby/object:Gem::Dependency
-  name: pg
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '7.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '7.0'
 description:
 email:
 - support@osohq.com
@@ -130,9 +102,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.2.33
 signing_key: