oso-cloud 1.6.0 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/oso/api.rb +17 -0
- data/lib/oso/helpers.rb +2 -1
- data/lib/oso/oso.rb +25 -2
- data/lib/oso/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 747cf1fda61eae9e9a96076e782a503e3c440a3aa7049a6b8f74ce8d0c697273
|
|
4
|
+
data.tar.gz: 5a3fcbb8574c21416fa81dbf8e1054dfef59337da6c72ff686c06304b3c27711
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1f0a4732c2f76b499f1dc962a0ee806fd6d2c17abdb734d2a1ce448c35eff4781dafce6aec90f39ede78e06fac44bcdbbb11033949867d562007c3f15a3fcee7
|
|
7
|
+
data.tar.gz: 41b95a2e852e431e1e1598277abeaad8b76bb174ea562d52a6e9c1d9c644f12a5799e1cde75063bf1d6757eb4cd62be0463c369192f8644353bb791a69391e43
|
data/Gemfile.lock
CHANGED
data/lib/oso/api.rb
CHANGED
|
@@ -260,6 +260,16 @@ module OsoCloud
|
|
|
260
260
|
end
|
|
261
261
|
end
|
|
262
262
|
|
|
263
|
+
# @!visibility private
|
|
264
|
+
class LocalActionsQuery
|
|
265
|
+
attr_reader :query, :data_bindings
|
|
266
|
+
|
|
267
|
+
def initialize(query:, data_bindings:)
|
|
268
|
+
@query = query
|
|
269
|
+
@data_bindings = data_bindings
|
|
270
|
+
end
|
|
271
|
+
end
|
|
272
|
+
|
|
263
273
|
# @!visibility private
|
|
264
274
|
class LocalQueryResult
|
|
265
275
|
attr_reader :sql
|
|
@@ -436,6 +446,13 @@ module OsoCloud
|
|
|
436
446
|
LocalQueryResult.new(**result)
|
|
437
447
|
end
|
|
438
448
|
|
|
449
|
+
def post_actions_query(query)
|
|
450
|
+
url = '/actions_query'
|
|
451
|
+
data = LocalActionsQuery.new(query: query, data_bindings: @data_bindings)
|
|
452
|
+
result = POST(url, nil, data, false)
|
|
453
|
+
LocalQueryResult.new(**result)
|
|
454
|
+
end
|
|
455
|
+
|
|
439
456
|
def clear_data
|
|
440
457
|
url = '/clear_data'
|
|
441
458
|
result = POST(url, nil, nil, true)
|
data/lib/oso/helpers.rb
CHANGED
|
@@ -4,8 +4,9 @@ module OsoCloud
|
|
|
4
4
|
# @!visibility private
|
|
5
5
|
def self.extract_value(x)
|
|
6
6
|
return OsoCloud::Core::Value.new(type: 'String', id: x) if x.is_a? String
|
|
7
|
-
|
|
8
7
|
return OsoCloud::Core::Value.new(type: nil, id: nil) if x.nil?
|
|
8
|
+
return OsoCloud::Core::Value.new(type: 'Boolean', id: x.to_s) if [true, false].include? x
|
|
9
|
+
return OsoCloud::Core::Value.new(type: 'Integer', id: x.to_s) if x.is_a? Integer
|
|
9
10
|
|
|
10
11
|
type = (x.type.nil? ? nil : x.type.to_s)
|
|
11
12
|
id = (x.id.nil? ? nil : x.id.to_s)
|
data/lib/oso/oso.rb
CHANGED
|
@@ -41,7 +41,7 @@ module OsoCloud
|
|
|
41
41
|
# @param actor [OsoCloud::Value]
|
|
42
42
|
# @param action [String]
|
|
43
43
|
# @param resource [OsoCloud::Value]
|
|
44
|
-
# @return [
|
|
44
|
+
# @return [String]
|
|
45
45
|
def authorize_local(actor, action, resource)
|
|
46
46
|
actor_typed_id = actor.to_api_value
|
|
47
47
|
resource_typed_id = resource.to_api_value
|
|
@@ -67,7 +67,7 @@ module OsoCloud
|
|
|
67
67
|
# @param action [String]
|
|
68
68
|
# @param resource_type [String]
|
|
69
69
|
# @param column [String]
|
|
70
|
-
# @return [
|
|
70
|
+
# @return [String]
|
|
71
71
|
def list_local(actor, action, resource_type, column)
|
|
72
72
|
actor_typed_id = actor.to_api_value
|
|
73
73
|
result = @api.post_list_query(
|
|
@@ -83,6 +83,29 @@ module OsoCloud
|
|
|
83
83
|
result.sql
|
|
84
84
|
end
|
|
85
85
|
|
|
86
|
+
##
|
|
87
|
+
# Fetches a query that can be run against your database to fetch the actions an actor can perform on a resource.
|
|
88
|
+
#
|
|
89
|
+
# Returns a SQL query to run against the local database
|
|
90
|
+
#
|
|
91
|
+
# @param actor [OsoCloud::Value]
|
|
92
|
+
# @param resource [OsoCloud::Value]
|
|
93
|
+
# @return [String]
|
|
94
|
+
def actions_local(actor, resource)
|
|
95
|
+
actor_typed_id = actor.to_api_value
|
|
96
|
+
resource_typed_id = resource.to_api_value
|
|
97
|
+
result = @api.post_actions_query(
|
|
98
|
+
OsoCloud::Core::ActionsQuery.new(
|
|
99
|
+
actor_type: actor_typed_id.type,
|
|
100
|
+
actor_id: actor_typed_id.id,
|
|
101
|
+
resource_type: resource_typed_id.type,
|
|
102
|
+
resource_id: resource_typed_id.id,
|
|
103
|
+
context_facts: []
|
|
104
|
+
)
|
|
105
|
+
)
|
|
106
|
+
result.sql
|
|
107
|
+
end
|
|
108
|
+
|
|
86
109
|
##
|
|
87
110
|
# Update the active policy
|
|
88
111
|
#
|
data/lib/oso/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oso-cloud
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Oso Security, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-05-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|