oso-oso 0.12.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +2 -2
  3. data/ext/oso-oso/lib/libpolar.dylib +0 -0
  4. data/ext/oso-oso/lib/libpolar.so +0 -0
  5. data/ext/oso-oso/lib/polar.dll +0 -0
  6. data/lib/oso/oso.rb +1 -4
  7. data/lib/oso/polar/polar.rb +4 -8
  8. data/lib/oso/polar/query.rb +52 -56
  9. data/lib/oso/version.rb +1 -1
  10. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 43b8fcb1b6f7b5f30fb8d4bd217140b06789d99b
4
- data.tar.gz: f536f2974f2459dff0344164ebd6a79f0e76cdc1
3
+ metadata.gz: ffbf1065665531684ef3ae06cc1e1ccf71156926
4
+ data.tar.gz: 6d32e5b6fa9510b9cafe473dcc1c15b6565cf04a
5
5
  SHA512:
6
- metadata.gz: 263e4d22682b348fa76fa20c1c9d6a13d35a3b1105aa8eaf500bc8043a1657bf30008c29810e60e2ee9789afd5eef462a12b3ac439ce264b1713c5e9cf0859e0
7
- data.tar.gz: e08be138351f848f6d8874e17cef1f609185c45e7b34a1b5e736f9c9a20588a6fddb38e477de35f8ebc936c043d50bb1ba88fb84d22c5367378f6a294cb62ada
6
+ metadata.gz: 94046154aaab4d511f9f73fb8e9ccf6272afd0d7daa5a1fc675309ca54f8d859a04dd9287d71021e5bfc908a51cf85a11bb4de2ec00c6f0dd0509bc292841d8e
7
+ data.tar.gz: 06dca843a843d2686e8112cecd5a7ae85c24f4212323158786e6dc35d1d512144cd3e1e01b55e154cfcd880f9ba643bdd56b62f5013649b4eb1370fb84b5925c
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- oso-oso (0.12.0)
4
+ oso-oso (0.13.0)
5
5
  ffi (~> 1.0)
6
6
 
7
7
  GEM
@@ -14,7 +14,7 @@ GEM
14
14
  coderay (1.1.3)
15
15
  diff-lcs (1.4.4)
16
16
  e2mmap (0.1.0)
17
- ffi (1.15.0)
17
+ ffi (1.15.1)
18
18
  jaro_winkler (1.5.4)
19
19
  maruku (0.7.3)
20
20
  method_source (1.0.0)
data/ext/oso-oso/lib/libpolar.dylib CHANGED
Binary file
data/ext/oso-oso/lib/libpolar.so CHANGED
Binary file
data/ext/oso-oso/lib/polar.dll CHANGED
Binary file
data/lib/oso/oso.rb CHANGED
@@ -17,10 +17,7 @@ module Oso
17
17
  # @param resource [Object] Object.
18
18
  # @return [Boolean] An access control decision.
19
19
  def allowed?(actor:, action:, resource:)
20
- query_rule('allow', actor, action, resource).next
21
- true
22
- rescue StopIteration
23
- false
20
+ !query_rule('allow', actor, action, resource).first.nil?
24
21
  end
25
22
  end
26
23
  end
data/lib/oso/polar/polar.rb CHANGED
@@ -81,7 +81,7 @@ module Oso
81
81
  # @raise [InlineQueryFailedError] on the first failed inline query.
82
82
  # @raise [Error] if any of the FFI calls raise one.
83
83
  # @return [self] for chaining.
84
- def load_str(str, filename: nil) # rubocop:disable Metrics/MethodLength
84
+ def load_str(str, filename: nil)
85
85
  raise NullByteInPolarFileError if str.chomp("\0").include?("\0")
86
86
 
87
87
  ffi_polar.load(str, filename: filename)
@@ -89,11 +89,7 @@ module Oso
89
89
  next_query = ffi_polar.next_inline_query
90
90
  break if next_query.nil?
91
91
 
92
- begin
93
- Query.new(next_query, host: host).results.next
94
- rescue StopIteration
95
- raise InlineQueryFailedError, next_query.source
96
- end
92
+ raise InlineQueryFailedError, next_query.source if Query.new(next_query, host: host).first.nil?
97
93
  end
98
94
  self
99
95
  end
@@ -118,7 +114,7 @@ module Oso
118
114
  else
119
115
  raise InvalidQueryTypeError
120
116
  end
121
- Query.new(ffi_query, host: new_host).results
117
+ Query.new(ffi_query, host: new_host)
122
118
  end
123
119
 
124
120
  # Query for a rule.
@@ -214,7 +210,7 @@ module Oso
214
210
  end
215
211
 
216
212
  begin
217
- results = Query.new(ffi_query, host: host).results.to_a
213
+ results = Query.new(ffi_query, host: host).to_a
218
214
  rescue PolarRuntimeError => e
219
215
  print_error(e)
220
216
  return
data/lib/oso/polar/query.rb CHANGED
@@ -6,8 +6,7 @@ module Oso
6
6
  module Polar
7
7
  # A single Polar query.
8
8
  class Query # rubocop:disable Metrics/ClassLength
9
- # @return [Enumerator]
10
- attr_reader :results
9
+ include Enumerable
11
10
 
12
11
  # @param ffi_query [FFI::Query]
13
12
  # @param host [Oso::Polar::Host]
@@ -15,7 +14,6 @@ module Oso
15
14
  @calls = {}
16
15
  @ffi_query = ffi_query
17
16
  @host = host
18
- @results = start
19
17
  end
20
18
 
21
19
  private
@@ -120,61 +118,59 @@ module Oso
120
118
  # @yieldparam [Hash<String, Object>]
121
119
  # @return [Enumerator]
122
120
  # @raise [Error] if any of the FFI calls raise one.
123
- def start # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/PerceivedComplexity
124
- Enumerator.new do |yielder| # rubocop:disable Metrics/BlockLength
125
- loop do # rubocop:disable Metrics/BlockLength
126
- event = ffi_query.next_event
127
- case event.kind
128
- when 'Done'
129
- break
130
- when 'Result'
131
- yielder << event.data['bindings'].transform_values { |v| host.to_ruby(v) }
132
- when 'MakeExternal'
133
- handle_make_external(event.data)
134
- when 'ExternalCall'
135
- call_id = event.data['call_id']
136
- instance = event.data['instance']
137
- attribute = event.data['attribute']
138
- args = event.data['args'] || []
139
- kwargs = event.data['kwargs'] || {}
140
- handle_call(attribute, call_id: call_id, instance: instance, args: args, kwargs: kwargs)
141
- when 'ExternalIsSubSpecializer'
142
- instance_id = event.data['instance_id']
143
- left_tag = event.data['left_class_tag']
144
- right_tag = event.data['right_class_tag']
145
- answer = host.subspecializer?(instance_id, left_tag: left_tag, right_tag: right_tag)
146
- question_result(answer, call_id: event.data['call_id'])
147
- when 'ExternalIsa'
148
- instance = event.data['instance']
149
- class_tag = event.data['class_tag']
150
- answer = host.isa?(instance, class_tag: class_tag)
151
- question_result(answer, call_id: event.data['call_id'])
152
- when 'ExternalUnify'
153
- left_instance_id = event.data['left_instance_id']
154
- right_instance_id = event.data['right_instance_id']
155
- answer = host.unify?(left_instance_id, right_instance_id)
156
- question_result(answer, call_id: event.data['call_id'])
157
- when 'Debug'
158
- puts event.data['message'] if event.data['message']
159
- print 'debug> '
160
- begin
161
- input = $stdin.readline.chomp.chomp(';')
162
- rescue EOFError
163
- next
164
- end
165
- command = JSON.dump(host.to_polar(input))
166
- ffi_query.debug_command(command)
167
- when 'ExternalOp'
168
- raise UnimplementedOperationError, 'comparison operators'
169
- when 'NextExternal'
170
- call_id = event.data['call_id']
171
- iterable = event.data['iterable']
172
- handle_next_external(call_id, iterable)
173
- else
174
- raise "Unhandled event: #{JSON.dump(event.inspect)}"
121
+ def each # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/PerceivedComplexity
122
+ loop do # rubocop:disable Metrics/BlockLength
123
+ event = ffi_query.next_event
124
+ case event.kind
125
+ when 'Done'
126
+ break
127
+ when 'Result'
128
+ yield event.data['bindings'].transform_values { |v| host.to_ruby(v) }
129
+ when 'MakeExternal'
130
+ handle_make_external(event.data)
131
+ when 'ExternalCall'
132
+ call_id = event.data['call_id']
133
+ instance = event.data['instance']
134
+ attribute = event.data['attribute']
135
+ args = event.data['args'] || []
136
+ kwargs = event.data['kwargs'] || {}
137
+ handle_call(attribute, call_id: call_id, instance: instance, args: args, kwargs: kwargs)
138
+ when 'ExternalIsSubSpecializer'
139
+ instance_id = event.data['instance_id']
140
+ left_tag = event.data['left_class_tag']
141
+ right_tag = event.data['right_class_tag']
142
+ answer = host.subspecializer?(instance_id, left_tag: left_tag, right_tag: right_tag)
143
+ question_result(answer, call_id: event.data['call_id'])
144
+ when 'ExternalIsa'
145
+ instance = event.data['instance']
146
+ class_tag = event.data['class_tag']
147
+ answer = host.isa?(instance, class_tag: class_tag)
148
+ question_result(answer, call_id: event.data['call_id'])
149
+ when 'ExternalUnify'
150
+ left_instance_id = event.data['left_instance_id']
151
+ right_instance_id = event.data['right_instance_id']
152
+ answer = host.unify?(left_instance_id, right_instance_id)
153
+ question_result(answer, call_id: event.data['call_id'])
154
+ when 'Debug'
155
+ puts event.data['message'] if event.data['message']
156
+ print 'debug> '
157
+ begin
158
+ input = $stdin.readline.chomp.chomp(';')
159
+ rescue EOFError
160
+ next
175
161
  end
162
+ command = JSON.dump(host.to_polar(input))
163
+ ffi_query.debug_command(command)
164
+ when 'ExternalOp'
165
+ raise UnimplementedOperationError, 'comparison operators'
166
+ when 'NextExternal'
167
+ call_id = event.data['call_id']
168
+ iterable = event.data['iterable']
169
+ handle_next_external(call_id, iterable)
170
+ else
171
+ raise "Unhandled event: #{JSON.dump(event.inspect)}"
176
172
  end
177
- end.lazy
173
+ end
178
174
  end
179
175
  end
180
176
  end
data/lib/oso/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Oso
4
- VERSION = '0.12.0'
4
+ VERSION = '0.13.0'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oso-oso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.12.0
4
+ version: 0.13.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Oso Security, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-14 00:00:00.000000000 Z
11
+ date: 2021-06-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi