oso-cloud 1.6.0 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/oso/api.rb +17 -0
- data/lib/oso/helpers.rb +2 -1
- data/lib/oso/oso.rb +25 -2
- data/lib/oso/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 747cf1fda61eae9e9a96076e782a503e3c440a3aa7049a6b8f74ce8d0c697273
|
|
4
|
+
data.tar.gz: 5a3fcbb8574c21416fa81dbf8e1054dfef59337da6c72ff686c06304b3c27711
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1f0a4732c2f76b499f1dc962a0ee806fd6d2c17abdb734d2a1ce448c35eff4781dafce6aec90f39ede78e06fac44bcdbbb11033949867d562007c3f15a3fcee7
|
|
7
|
+
data.tar.gz: 41b95a2e852e431e1e1598277abeaad8b76bb174ea562d52a6e9c1d9c644f12a5799e1cde75063bf1d6757eb4cd62be0463c369192f8644353bb791a69391e43
|
data/Gemfile.lock
CHANGED
data/lib/oso/api.rb
CHANGED
|
@@ -260,6 +260,16 @@ module OsoCloud
|
|
|
260
260
|
end
|
|
261
261
|
end
|
|
262
262
|
|
|
263
|
+
# @!visibility private
|
|
264
|
+
class LocalActionsQuery
|
|
265
|
+
attr_reader :query, :data_bindings
|
|
266
|
+
|
|
267
|
+
def initialize(query:, data_bindings:)
|
|
268
|
+
@query = query
|
|
269
|
+
@data_bindings = data_bindings
|
|
270
|
+
end
|
|
271
|
+
end
|
|
272
|
+
|
|
263
273
|
# @!visibility private
|
|
264
274
|
class LocalQueryResult
|
|
265
275
|
attr_reader :sql
|
|
@@ -436,6 +446,13 @@ module OsoCloud
|
|
|
436
446
|
LocalQueryResult.new(**result)
|
|
437
447
|
end
|
|
438
448
|
|
|
449
|
+
def post_actions_query(query)
|
|
450
|
+
url = '/actions_query'
|
|
451
|
+
data = LocalActionsQuery.new(query: query, data_bindings: @data_bindings)
|
|
452
|
+
result = POST(url, nil, data, false)
|
|
453
|
+
LocalQueryResult.new(**result)
|
|
454
|
+
end
|
|
455
|
+
|
|
439
456
|
def clear_data
|
|
440
457
|
url = '/clear_data'
|
|
441
458
|
result = POST(url, nil, nil, true)
|
data/lib/oso/helpers.rb
CHANGED
|
@@ -4,8 +4,9 @@ module OsoCloud
|
|
|
4
4
|
# @!visibility private
|
|
5
5
|
def self.extract_value(x)
|
|
6
6
|
return OsoCloud::Core::Value.new(type: 'String', id: x) if x.is_a? String
|
|
7
|
-
|
|
8
7
|
return OsoCloud::Core::Value.new(type: nil, id: nil) if x.nil?
|
|
8
|
+
return OsoCloud::Core::Value.new(type: 'Boolean', id: x.to_s) if [true, false].include? x
|
|
9
|
+
return OsoCloud::Core::Value.new(type: 'Integer', id: x.to_s) if x.is_a? Integer
|
|
9
10
|
|
|
10
11
|
type = (x.type.nil? ? nil : x.type.to_s)
|
|
11
12
|
id = (x.id.nil? ? nil : x.id.to_s)
|
data/lib/oso/oso.rb
CHANGED
|
@@ -41,7 +41,7 @@ module OsoCloud
|
|
|
41
41
|
# @param actor [OsoCloud::Value]
|
|
42
42
|
# @param action [String]
|
|
43
43
|
# @param resource [OsoCloud::Value]
|
|
44
|
-
# @return [
|
|
44
|
+
# @return [String]
|
|
45
45
|
def authorize_local(actor, action, resource)
|
|
46
46
|
actor_typed_id = actor.to_api_value
|
|
47
47
|
resource_typed_id = resource.to_api_value
|
|
@@ -67,7 +67,7 @@ module OsoCloud
|
|
|
67
67
|
# @param action [String]
|
|
68
68
|
# @param resource_type [String]
|
|
69
69
|
# @param column [String]
|
|
70
|
-
# @return [
|
|
70
|
+
# @return [String]
|
|
71
71
|
def list_local(actor, action, resource_type, column)
|
|
72
72
|
actor_typed_id = actor.to_api_value
|
|
73
73
|
result = @api.post_list_query(
|
|
@@ -83,6 +83,29 @@ module OsoCloud
|
|
|
83
83
|
result.sql
|
|
84
84
|
end
|
|
85
85
|
|
|
86
|
+
##
|
|
87
|
+
# Fetches a query that can be run against your database to fetch the actions an actor can perform on a resource.
|
|
88
|
+
#
|
|
89
|
+
# Returns a SQL query to run against the local database
|
|
90
|
+
#
|
|
91
|
+
# @param actor [OsoCloud::Value]
|
|
92
|
+
# @param resource [OsoCloud::Value]
|
|
93
|
+
# @return [String]
|
|
94
|
+
def actions_local(actor, resource)
|
|
95
|
+
actor_typed_id = actor.to_api_value
|
|
96
|
+
resource_typed_id = resource.to_api_value
|
|
97
|
+
result = @api.post_actions_query(
|
|
98
|
+
OsoCloud::Core::ActionsQuery.new(
|
|
99
|
+
actor_type: actor_typed_id.type,
|
|
100
|
+
actor_id: actor_typed_id.id,
|
|
101
|
+
resource_type: resource_typed_id.type,
|
|
102
|
+
resource_id: resource_typed_id.id,
|
|
103
|
+
context_facts: []
|
|
104
|
+
)
|
|
105
|
+
)
|
|
106
|
+
result.sql
|
|
107
|
+
end
|
|
108
|
+
|
|
86
109
|
##
|
|
87
110
|
# Update the active policy
|
|
88
111
|
#
|
data/lib/oso/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oso-cloud
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Oso Security, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-05-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|