oso-oso 0.12.1 → 0.13.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +2 -2
  3. data/ext/oso-oso/lib/libpolar.dylib +0 -0
  4. data/ext/oso-oso/lib/libpolar.so +0 -0
  5. data/ext/oso-oso/lib/polar.dll +0 -0
  6. data/lib/oso/oso.rb +1 -4
  7. data/lib/oso/polar/polar.rb +4 -8
  8. data/lib/oso/polar/query.rb +52 -56
  9. data/lib/oso/version.rb +1 -1
  10. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a90c38cd26ea70588d5a3ce3c431e5eab66cd05b
4
- data.tar.gz: 7d4275421ee83c3531062c194dee730f0e391a39
3
+ metadata.gz: ab6ed22597c52c4a77ff24aa6455492ba9cf7ed7
4
+ data.tar.gz: 3aaa0186592b86e63d9a2dcb2976f03154e0dcda
5
5
  SHA512:
6
- metadata.gz: f612e88f6c77a68da43362baa0cd8df67dc12e32619fb3b36e6c069a427a42fdf89ae99485cedd38836038c0e1a4a84fbdc4f20aadab1510fec8bc171e10dcd2
7
- data.tar.gz: a612da2ec758841cb4cdebd8abc391b6e8c0226dbd1d94a8a44f5b38b97a453340bb8d93c877e31839f23f315c4dcf2f2446b3f657ba6427bd1272724f62d4f0
6
+ metadata.gz: 9e7ce6bbf44da47f40c4cc5b53fab5d17870125dd5eed7443be858d9f8e0adb98fcce7799eb7fb404c867d3e10fdb5522b52d69ebc5ac6ffa280f11ad56a9623
7
+ data.tar.gz: d032a1742948a1f21f8fd19576aaf99479ef534a2247bac4e7a13e9f2910292a0b74eed56cef67deece467e2ae85ba6dc31df6b3a0d2761618703647895ae19a
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- oso-oso (0.12.1)
4
+ oso-oso (0.13.1)
5
5
  ffi (~> 1.0)
6
6
 
7
7
  GEM
@@ -14,7 +14,7 @@ GEM
14
14
  coderay (1.1.3)
15
15
  diff-lcs (1.4.4)
16
16
  e2mmap (0.1.0)
17
- ffi (1.15.0)
17
+ ffi (1.15.1)
18
18
  jaro_winkler (1.5.4)
19
19
  maruku (0.7.3)
20
20
  method_source (1.0.0)
data/ext/oso-oso/lib/libpolar.dylib CHANGED
Binary file
data/ext/oso-oso/lib/libpolar.so CHANGED
Binary file
data/ext/oso-oso/lib/polar.dll CHANGED
Binary file
data/lib/oso/oso.rb CHANGED
@@ -17,10 +17,7 @@ module Oso
17
17
  # @param resource [Object] Object.
18
18
  # @return [Boolean] An access control decision.
19
19
  def allowed?(actor:, action:, resource:)
20
- query_rule('allow', actor, action, resource).next
21
- true
22
- rescue StopIteration
23
- false
20
+ !query_rule('allow', actor, action, resource).first.nil?
24
21
  end
25
22
  end
26
23
  end
data/lib/oso/polar/polar.rb CHANGED
@@ -81,7 +81,7 @@ module Oso
81
81
  # @raise [InlineQueryFailedError] on the first failed inline query.
82
82
  # @raise [Error] if any of the FFI calls raise one.
83
83
  # @return [self] for chaining.
84
- def load_str(str, filename: nil) # rubocop:disable Metrics/MethodLength
84
+ def load_str(str, filename: nil)
85
85
  raise NullByteInPolarFileError if str.chomp("\0").include?("\0")
86
86
 
87
87
  ffi_polar.load(str, filename: filename)
@@ -89,11 +89,7 @@ module Oso
89
89
  next_query = ffi_polar.next_inline_query
90
90
  break if next_query.nil?
91
91
 
92
- begin
93
- Query.new(next_query, host: host).results.next
94
- rescue StopIteration
95
- raise InlineQueryFailedError, next_query.source
96
- end
92
+ raise InlineQueryFailedError, next_query.source if Query.new(next_query, host: host).first.nil?
97
93
  end
98
94
  self
99
95
  end
@@ -118,7 +114,7 @@ module Oso
118
114
  else
119
115
  raise InvalidQueryTypeError
120
116
  end
121
- Query.new(ffi_query, host: new_host).results
117
+ Query.new(ffi_query, host: new_host)
122
118
  end
123
119
 
124
120
  # Query for a rule.
@@ -214,7 +210,7 @@ module Oso
214
210
  end
215
211
 
216
212
  begin
217
- results = Query.new(ffi_query, host: host).results.to_a
213
+ results = Query.new(ffi_query, host: host).to_a
218
214
  rescue PolarRuntimeError => e
219
215
  print_error(e)
220
216
  return
data/lib/oso/polar/query.rb CHANGED
@@ -6,8 +6,7 @@ module Oso
6
6
  module Polar
7
7
  # A single Polar query.
8
8
  class Query # rubocop:disable Metrics/ClassLength
9
- # @return [Enumerator]
10
- attr_reader :results
9
+ include Enumerable
11
10
 
12
11
  # @param ffi_query [FFI::Query]
13
12
  # @param host [Oso::Polar::Host]
@@ -15,7 +14,6 @@ module Oso
15
14
  @calls = {}
16
15
  @ffi_query = ffi_query
17
16
  @host = host
18
- @results = start
19
17
  end
20
18
 
21
19
  private
@@ -120,61 +118,59 @@ module Oso
120
118
  # @yieldparam [Hash<String, Object>]
121
119
  # @return [Enumerator]
122
120
  # @raise [Error] if any of the FFI calls raise one.
123
- def start # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/PerceivedComplexity
124
- Enumerator.new do |yielder| # rubocop:disable Metrics/BlockLength
125
- loop do # rubocop:disable Metrics/BlockLength
126
- event = ffi_query.next_event
127
- case event.kind
128
- when 'Done'
129
- break
130
- when 'Result'
131
- yielder << event.data['bindings'].transform_values { |v| host.to_ruby(v) }
132
- when 'MakeExternal'
133
- handle_make_external(event.data)
134
- when 'ExternalCall'
135
- call_id = event.data['call_id']
136
- instance = event.data['instance']
137
- attribute = event.data['attribute']
138
- args = event.data['args'] || []
139
- kwargs = event.data['kwargs'] || {}
140
- handle_call(attribute, call_id: call_id, instance: instance, args: args, kwargs: kwargs)
141
- when 'ExternalIsSubSpecializer'
142
- instance_id = event.data['instance_id']
143
- left_tag = event.data['left_class_tag']
144
- right_tag = event.data['right_class_tag']
145
- answer = host.subspecializer?(instance_id, left_tag: left_tag, right_tag: right_tag)
146
- question_result(answer, call_id: event.data['call_id'])
147
- when 'ExternalIsa'
148
- instance = event.data['instance']
149
- class_tag = event.data['class_tag']
150
- answer = host.isa?(instance, class_tag: class_tag)
151
- question_result(answer, call_id: event.data['call_id'])
152
- when 'ExternalUnify'
153
- left_instance_id = event.data['left_instance_id']
154
- right_instance_id = event.data['right_instance_id']
155
- answer = host.unify?(left_instance_id, right_instance_id)
156
- question_result(answer, call_id: event.data['call_id'])
157
- when 'Debug'
158
- puts event.data['message'] if event.data['message']
159
- print 'debug> '
160
- begin
161
- input = $stdin.readline.chomp.chomp(';')
162
- rescue EOFError
163
- next
164
- end
165
- command = JSON.dump(host.to_polar(input))
166
- ffi_query.debug_command(command)
167
- when 'ExternalOp'
168
- raise UnimplementedOperationError, 'comparison operators'
169
- when 'NextExternal'
170
- call_id = event.data['call_id']
171
- iterable = event.data['iterable']
172
- handle_next_external(call_id, iterable)
173
- else
174
- raise "Unhandled event: #{JSON.dump(event.inspect)}"
121
+ def each # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/PerceivedComplexity
122
+ loop do # rubocop:disable Metrics/BlockLength
123
+ event = ffi_query.next_event
124
+ case event.kind
125
+ when 'Done'
126
+ break
127
+ when 'Result'
128
+ yield event.data['bindings'].transform_values { |v| host.to_ruby(v) }
129
+ when 'MakeExternal'
130
+ handle_make_external(event.data)
131
+ when 'ExternalCall'
132
+ call_id = event.data['call_id']
133
+ instance = event.data['instance']
134
+ attribute = event.data['attribute']
135
+ args = event.data['args'] || []
136
+ kwargs = event.data['kwargs'] || {}
137
+ handle_call(attribute, call_id: call_id, instance: instance, args: args, kwargs: kwargs)
138
+ when 'ExternalIsSubSpecializer'
139
+ instance_id = event.data['instance_id']
140
+ left_tag = event.data['left_class_tag']
141
+ right_tag = event.data['right_class_tag']
142
+ answer = host.subspecializer?(instance_id, left_tag: left_tag, right_tag: right_tag)
143
+ question_result(answer, call_id: event.data['call_id'])
144
+ when 'ExternalIsa'
145
+ instance = event.data['instance']
146
+ class_tag = event.data['class_tag']
147
+ answer = host.isa?(instance, class_tag: class_tag)
148
+ question_result(answer, call_id: event.data['call_id'])
149
+ when 'ExternalUnify'
150
+ left_instance_id = event.data['left_instance_id']
151
+ right_instance_id = event.data['right_instance_id']
152
+ answer = host.unify?(left_instance_id, right_instance_id)
153
+ question_result(answer, call_id: event.data['call_id'])
154
+ when 'Debug'
155
+ puts event.data['message'] if event.data['message']
156
+ print 'debug> '
157
+ begin
158
+ input = $stdin.readline.chomp.chomp(';')
159
+ rescue EOFError
160
+ next
175
161
  end
162
+ command = JSON.dump(host.to_polar(input))
163
+ ffi_query.debug_command(command)
164
+ when 'ExternalOp'
165
+ raise UnimplementedOperationError, 'comparison operators'
166
+ when 'NextExternal'
167
+ call_id = event.data['call_id']
168
+ iterable = event.data['iterable']
169
+ handle_next_external(call_id, iterable)
170
+ else
171
+ raise "Unhandled event: #{JSON.dump(event.inspect)}"
176
172
  end
177
- end.lazy
173
+ end
178
174
  end
179
175
  end
180
176
  end
data/lib/oso/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Oso
4
- VERSION = '0.12.1'
4
+ VERSION = '0.13.1'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oso-oso
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.12.1
4
+ version: 0.13.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Oso Security, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-27 00:00:00.000000000 Z
11
+ date: 2021-06-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi