RubyGems - oso-cloud - Versions diffs - 1.5.0.pre.1 → 1.5.1 - Mend

oso-cloud 1.5.0.pre.1 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 49263eac12bcf56f22f66f9bf6a456164dc69ec1f2406c78ce09541638782ec4
-  data.tar.gz: '0488d56163f5fa068152c25f391f668542a92ecc43e385f63ef92728d37ee2be'
+  metadata.gz: c024d83cfedf34c1651af2ae18b55871030b1bceb321503ccb4ad6f431e28e72
+  data.tar.gz: 6b09b842d1e03a632fb812a874c77a2bbe7ee205daadf12be6f14e9ee3f84430
 SHA512:
-  metadata.gz: 49c372d256f076a88ff06fb539ff894d6040250c2244f3c6e1affbaf9990515ab364af3961479c41180751d7c2c01ebbebbb9decae0dc602fa29ad06f87315f1
-  data.tar.gz: f657048f571981bf2b51ac7a41b0865526857d6ffc90e96db9a2a95f82dff5cf889bf264e1c8232c157367c996c6c9be66a3d050290eddbcbfcdb17dd97dfe6d
+  metadata.gz: 05a25bb4a5c6e5bf9634e71c764610c59e04c40fe65b713a89c3f2a921f120ec229d4aa651700aecac3c181227a11b78583b290a3c3fb7c876c706283bf7aaaf
+  data.tar.gz: 6bb8a131b8024389ce5ff9a18d13d25cfe990bc35ef571a821781567570ba717017ba9485776e767c7faa57966865b11e3a12bad2a91cf97afabbcbcf730977d

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    oso-cloud (1.5.0.pre.1)
+    oso-cloud (1.5.1)
       faraday (~> 2.5.2)
       faraday-net_http_persistent (~> 2.0)
       faraday-retry (~> 2.0.0)
@@ -9,28 +9,7 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (7.1.3)
-      activesupport (= 7.1.3)
-    activerecord (7.1.3)
-      activemodel (= 7.1.3)
-      activesupport (= 7.1.3)
-      timeout (>= 0.4.0)
-    activesupport (7.1.3)
-      base64
-      bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      connection_pool (>= 2.2.5)
-      drb
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      mutex_m
-      tzinfo (~> 2.0)
-    base64 (0.2.0)
-    bigdecimal (3.1.6)
-    concurrent-ruby (1.2.3)
     connection_pool (2.4.1)
-    drb (2.2.0)
-      ruby2_keywords
     faraday (2.5.2)
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
@@ -40,28 +19,19 @@ GEM
       net-http-persistent (~> 4.0)
     faraday-retry (2.0.0)
       faraday (~> 2.0)
-    i18n (1.14.1)
-      concurrent-ruby (~> 1.0)
     minitest (5.18.0)
-    mutex_m (0.2.0)
     net-http-persistent (4.0.2)
       connection_pool (~> 2.2)
-    pg (1.5.4)
     rake (12.3.3)
     ruby2_keywords (0.0.5)
-    timeout (0.4.1)
-    tzinfo (2.0.6)
-      concurrent-ruby (~> 1.0)
 PLATFORMS
   ruby
 DEPENDENCIES
-  activerecord (~> 7.0)
   minitest (~> 5.15)
   oso-cloud!
-  pg (~> 1.0)
   rake (~> 12.0)
 BUNDLED WITH
-   2.5.6
+   2.3.13

data/lib/oso/api.rb CHANGED Viewed

@@ -49,6 +49,43 @@ module OsoCloud
       end
     end
+    class PolicyMetadata
+      attr_reader :resources
+      def initialize(resources:)
+        @resources = resources.map do |k, v|
+          if v.is_a? ResourceMetadata
+            [k, v]
+          else
+            [k, ResourceMetadata.new(**v)]
+          end
+        end.to_h
+      end
+    end
+    class ResourceMetadata
+      attr_reader :roles, :permissions, :relations
+      def initialize(roles:, permissions:, relations:)
+        @roles = roles
+        @permissions = permissions
+        @relations = relations
+      end
+    end
+    # @!visibility private
+    class GetPolicyMetadataResult
+      attr_reader :metadata
+      def initialize(metadata:)
+        @metadata = if metadata.is_a? PolicyMetadata
+          metadata
+        else
+          PolicyMetadata.new(**metadata)
+        end
+      end
+    end
     # @!visibility private
     class Fact
       attr_reader :predicate, :args
@@ -202,39 +239,9 @@ module OsoCloud
       end
     end
-    # @!visibility private
-    class LocalAuthQuery
-      attr_reader :query, :data_bindings
-      def initialize(query:, data_bindings:)
-        @query = query
-        @data_bindings = data_bindings
-      end
-    end
-    # @!visibility private
-    class LocalListQuery
-      attr_reader :query, :column, :data_bindings
-      def initialize(query:, column:, data_bindings:)
-        @query = query
-        @column = column
-        @data_bindings = data_bindings
-      end
-    end
-    # @!visibility private
-    class LocalQueryResult
-      attr_reader :sql
-      def initialize(sql:)
-        @sql = sql
-      end
-    end
     # @!visibility private
     class Api
-      def initialize(url: 'https://api.osohq.com', api_key: nil, data_bindings: nil, options: nil)
+      def initialize(url: 'https://api.osohq.com', api_key: nil, options: nil)
         @url = url
         @connection = Faraday.new(url: url) do |faraday|
           faraday.request :json
@@ -251,17 +258,9 @@ module OsoCloud
             max_interval: 1,
             backoff_factor: 2,
             retry_statuses: [429, 500, 502, 503, 504],
-            # ensure authorize and related check functions are retried because
-            # they are POST requests, which are not retried automatically
-            retry_if: lambda { |env, _exc|
-              %w[
-                /api/authorize
-                /api/authorize_resources
-                /api/list
-                /api/actions
-                /api/query
-              ].include? env.url.path
-            }
+            # This is the default set of methods plus POST.
+            # ref: https://github.com/lostisland/faraday-retry#specify-which-methods-will-be-retried
+            methods: %i[delete get head options post put],
           }
           if options && options[:test_adapter]
@@ -292,7 +291,6 @@ module OsoCloud
         @api_key = api_key
         @user_agent = "Oso Cloud (ruby #{RUBY_VERSION}p#{RUBY_PATCHLEVEL}; rv:#{VERSION})"
         @last_offset = nil
-        @data_bindings = IO.read(data_bindings) unless data_bindings.nil?
       end
       def fallback_eligible(path)
@@ -309,6 +307,12 @@ module OsoCloud
         GetPolicyResult.new(**result)
       end
+      def get_policy_metadata
+        url = '/policy_metadata'
+        result = GET(url, nil)
+        GetPolicyMetadataResult.new(**result)
+      end
       def post_policy(data)
         url = '/policy'
         result = POST(url, nil, data, true)
@@ -387,20 +391,6 @@ module OsoCloud
         StatsResult.new(**result)
       end
-      def post_authorize_query(query)
-        url = '/authorize_query'
-        data = LocalAuthQuery.new(query: query, data_bindings: @data_bindings)
-        result = POST(url, nil, data, false)
-        LocalQueryResult.new(**result)
-      end
-      def post_list_query(query:, column:)
-        url = '/list_query'
-        data = LocalListQuery.new(query: query, column: column, data_bindings: @data_bindings)
-        result = POST(url, nil, data, false)
-        LocalQueryResult.new(**result)
-      end
       def clear_data
         url = '/clear_data'
         result = POST(url, nil, nil, true)

data/lib/oso/oso.rb CHANGED Viewed

@@ -28,8 +28,8 @@ module OsoCloud
   # Any other elements in the array, which together represent the fact's arguments,
   # can be "OsoCloud::Value" objects or strings.
   class Oso
-    def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil, data_bindings: nil)
-      @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, data_bindings: data_bindings, options: { :fallback_url => fallback_url })
+    def initialize(url: 'https://cloud.osohq.com', api_key: nil, fallback_url: nil)
+      @api = OsoCloud::Core::Api.new(url: url, api_key: api_key, options: { :fallback_url => fallback_url })
     end
     ##
@@ -45,6 +45,12 @@ module OsoCloud
       nil
     end
+    ##
+    #  Returns metadata about the currently active policy
+    def get_policy_metadata
+      @api.get_policy_metadata.metadata
+    end
     ##
     # Check a permission
     #
@@ -71,56 +77,6 @@ module OsoCloud
       result.allowed
     end
-    ##
-    # Check a permission depending on data both in Oso Cloud and stored in a local database
-    #
-    # Returns a SQL query to run against the local database
-    #
-    # @param actor [OsoCloud::Value]
-    # @param action [String]
-    # @param resource [OsoCloud::Value]
-    # @param column [String]
-    # @return [Array<String>]
-    def authorize_local(actor, action, resource)
-      actor_typed_id = actor.to_api_value
-      resource_typed_id = resource.to_api_value
-      result = @api.post_authorize_query(
-        OsoCloud::Core::AuthorizeQuery.new(
-          actor_type: actor_typed_id.type,
-          actor_id: actor_typed_id.id,
-          action: action,
-          resource_type: resource_typed_id.type,
-          resource_id: resource_typed_id.id,
-          context_facts: []
-        )
-      )
-      result.sql
-    end
-    ##
-    # List authorized resources depending on data both in Oso Cloud and stored in a local database
-    #
-    # Returns a SQL query to run against the local database
-    #
-    # @param actor [OsoCloud::Value]
-    # @param action [String]
-    # @param resource_type [String]
-    # @return [Array<String>]
-    def list_local(actor, action, resource_type, column)
-      actor_typed_id = actor.to_api_value
-      result = @api.post_list_query(
-        query: OsoCloud::Core::ListQuery.new(
-          actor_type: actor_typed_id.type,
-          actor_id: actor_typed_id.id,
-          action: action,
-          resource_type: resource_type,
-          context_facts: []
-        ),
-        column: column
-      )
-      result.sql
-    end
     ##
     # Check authorized resources
     #

data/lib/oso/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module OsoCloud
-  VERSION = '1.5.0.pre.1'.freeze
+  VERSION = '1.5.1'.freeze
 end

data/oso-cloud.gemspec CHANGED Viewed

@@ -24,6 +24,4 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'faraday-retry', '~> 2.0.0'
   spec.add_dependency 'faraday-net_http_persistent', '~> 2.0'
   spec.add_development_dependency 'minitest', '~> 5.15'
-  spec.add_development_dependency 'pg', '~> 1.0'
-  spec.add_development_dependency 'activerecord', '~> 7.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oso-cloud
 version: !ruby/object:Gem::Version
-  version: 1.5.0.pre.1
+  version: 1.5.1
 platform: ruby
 authors:
 - Oso Security, Inc.
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-02-15 00:00:00.000000000 Z
+date: 2024-03-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -66,34 +66,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.15'
-- !ruby/object:Gem::Dependency
-  name: pg
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '7.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '7.0'
 description:
 email:
 - support@osohq.com
@@ -130,9 +102,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.2.33
 signing_key: