oso-oso 0.2.5 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9e511f86c5a330c1bb071824398085362def8ba7
-  data.tar.gz: da3baaad23fb6e28c8ef0558bbf1deb659c03700
+  metadata.gz: '09ee09c3366406a34633c870ddfe4ff271971529'
+  data.tar.gz: 764b0f3b440d567e19e45b71eff823b9000f35ef
 SHA512:
-  metadata.gz: 9d55c689e8ffc0e3f7b533f54d3e622f77bd7f563182fc7b9dfc047a7a9b1554ed02711fbb8326f55fed76529dde2040d6f829bd4439a63773c9bb58ffb8c8a3
-  data.tar.gz: 60b1c8f83803656373a108a64159636292bc91c1840292e7c01ea0c74961533d076ceaa6576010ecdf9dc062bc60c6b112e9900b726db227a322aa52c41f40e0
+  metadata.gz: fdae19c2528c46a85004241f0a8e59639123e416724239670cb9ff2ffc1172a87bb116b481d575e466c74f634213abdced263211f991721f1ff990e1e085d884
+  data.tar.gz: 309a196e2a0a3725e3bc1f45be8382ed85026dc7fc271662efaef8e207b0df2891f26da48ece702f1d9ce3e3731ea52c0a6cea30bf50af6acde54f08b44d79ec

data/.rubocop.yml

@@ -0,0 +1,7 @@
+AllCops:
+  TargetRubyVersion: 2.4
+  Exclude:
+    - '**/*~'
+    - 'bin/oso'
+    - 'vendor/**/*'
+  NewCops: enable

data/Gemfile

@@ -3,4 +3,3 @@
 source 'https://rubygems.org'
 
 gemspec
-

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    oso-oso (0.2.5)
+    oso-oso (0.5.0)
       ffi (~> 1.0)
 
 GEM
@@ -12,18 +12,18 @@ GEM
     benchmark (0.1.0)
     byebug (11.1.3)
     coderay (1.1.3)
-    diff-lcs (1.3)
+    diff-lcs (1.4.4)
     e2mmap (0.1.0)
     ffi (1.13.1)
     jaro_winkler (1.5.4)
     maruku (0.7.3)
     method_source (1.0.0)
     mini_portile2 (2.4.0)
-    nokogiri (1.10.9)
+    nokogiri (1.10.10)
       mini_portile2 (~> 2.4.0)
-    parallel (1.19.1)
-    parser (2.7.1.3)
-      ast (~> 2.4.0)
+    parallel (1.19.2)
+    parser (2.7.1.4)
+      ast (~> 2.4.1)
     pry (0.13.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
@@ -49,19 +49,19 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-support (3.9.3)
-    rubocop (0.85.1)
+    rubocop (0.89.1)
       parallel (~> 1.10)
-      parser (>= 2.7.0.1)
+      parser (>= 2.7.1.1)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.7)
       rexml
-      rubocop-ast (>= 0.0.3)
+      rubocop-ast (>= 0.3.0, < 1.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (0.0.3)
-      parser (>= 2.7.0.1)
+    rubocop-ast (0.3.0)
+      parser (>= 2.7.1.4)
     ruby-progressbar (1.10.1)
-    solargraph (0.39.8)
+    solargraph (0.39.14)
       backport (~> 1.1)
       benchmark
       bundler (>= 1.17.2)
@@ -88,7 +88,8 @@ DEPENDENCIES
   pry-byebug (~> 3.9.0)
   rake (~> 12.0)
   rspec (~> 3.0)
-  solargraph (~> 0.39.8)
+  rubocop (~> 0.89.1)
+  solargraph (~> 0.39.14)
   yard (~> 0.9.25)
 
 BUNDLED WITH

data/Makefile

@@ -1,4 +1,4 @@
-.PHONY: install rust test
+.PHONY: rust install test lint typecheck repl
 
 rust:
 	$(MAKE) -C ../.. rust-build
@@ -8,3 +8,12 @@ install: rust
 
 test: install
 	bundle exec rake spec
+
+lint:
+	bundle exec rubocop
+
+typecheck:
+	bundle exec solargraph typecheck
+
+repl: install
+	bundle exec oso

data/README.md

@@ -1,4 +1,4 @@
-# Oso::Oso
+# oso-oso
 
 ## Installation
 
@@ -18,13 +18,10 @@ Or install it yourself as:
 
 ## Development
 
-After checking out the repo, run `bin/setup` to install dependencies. Then, run
-`rake spec` to run the tests. You can also run `bin/console` for an interactive
-prompt that will allow you to experiment.
+After checking out the repo, run `bundle install` to install dependencies.
+Then, run `bundle exec rake spec` to run the tests. You can also run `bundle
+exec oso` for an interactive REPL that will allow you to experiment.
 
-To install this gem onto your local machine, run `bundle exec rake install`. To
-release a new version, update the version number in `version.rb`, and then run
-`bundle exec rake release`, which will create a git tag for the version, push
-git commits and tags, and push the `.gem` file to
-[rubygems.org](https://rubygems.org).
+To install this gem onto your local machine, run `bundle exec rake install`.
 
+New releases are minted and pushed to RubyGems via GitHub Actions workflows.

data/Rakefile

@@ -6,4 +6,3 @@ require 'rspec/core/rake_task'
 RSpec::Core::RakeTask.new(:spec)
 
 task default: :spec
-

data/bin/oso

@@ -0,0 +1,7 @@
+#!/usr/bin/env -S bundle exec ruby
+#-*-ruby-*-
+
+require 'bundler/setup'
+require 'oso'
+
+Oso.new.repl(ARGV)

data/lib/oso/http.rb

@@ -3,7 +3,7 @@
 module Oso
   # An HTTP resource.
   class Http
-    def initialize(hostname: nil, path: nil, query: nil)
+    def initialize(hostname, path, query)
       @hostname = hostname
       @path = path
       @query = query

data/lib/oso/oso.rb

@@ -1,47 +1,28 @@
 # frozen_string_literal: true
 
+require_relative 'polar/polar'
+
 module Oso
-  # Oso authorization API.
-  class Oso
+  # oso authorization API.
+  class Oso < Polar::Polar
     def initialize
-      @polar = ::Oso::Polar.new
+      super
       register_class(Http, name: 'Http')
       register_class(PathMapper, name: 'PathMapper')
     end
 
-    def load_file(file)
-      polar.load_file(file)
-    end
-
-    def load_str(str)
-      polar.load_str(str)
-    end
-
-    def register_class(cls, name: nil) # rubocop:disable Naming/MethodParameterName
-      if block_given?
-        polar.register_class(cls, name: name, from_polar: Proc.new)
-      else
-        polar.register_class(cls, name: name)
-      end
-    end
-
-    def allow(actor:, action:, resource:)
-      polar.query_pred('allow', args: [actor, action, resource]).next
+    # Query the knowledge base to determine whether an actor is allowed to
+    # perform an action upon a resource.
+    #
+    # @param actor [Object] Subject.
+    # @param action [Object] Verb.
+    # @param resource [Object] Object.
+    # @return [Boolean] An access control decision.
+    def allowed?(actor:, action:, resource:)
+      query_rule('allow', actor, action, resource).next
       true
     rescue StopIteration
       false
     end
-
-    def query_predicate(name, *args)
-      polar.query_pred(name, args: args)
-    end
-
-    def load_queued_files
-      polar.load_queued_files
-    end
-
-    private
-
-    attr_reader :polar
   end
 end

data/lib/oso/path_mapper.rb

@@ -4,7 +4,7 @@ module Oso
   # Map from a template string with capture groups of the form
   # `{name}` to a dictionary of the form `{name: captured_value}`
   class PathMapper
-    def initialize(template:)
+    def initialize(template)
       capture_group = /({([^}]+)})/
 
       template = template.dup

data/lib/oso/polar.rb

@@ -2,6 +2,7 @@
 
 require 'oso/polar/errors'
 require 'oso/polar/ffi'
+require 'oso/polar/host'
 require 'oso/polar/polar'
 require 'oso/polar/predicate'
 require 'oso/polar/query'

data/lib/oso/polar/errors.rb

@@ -5,16 +5,12 @@ module Oso
     # Base error type for Oso::Polar.
     class Error < ::RuntimeError
       attr_reader :stack_trace
-      
+
       # @param message [String]
       # @param details [Hash]
       def initialize(message = nil, details: nil)
         @details = details
-        if details and details.key?("stack_trace")
-          @stack_trace = details['stack_trace']
-        else
-          @stack_trace = nil
-        end
+        @stack_trace = details&.fetch('stack_trace', nil)
         super(message)
       end
     end
@@ -40,12 +36,32 @@ module Oso
     class DuplicateInstanceRegistrationError < PolarRuntimeError; end
     class InvalidCallError < PolarRuntimeError; end
     class InvalidConstructorError < PolarRuntimeError; end
+    class InvalidQueryTypeError < PolarRuntimeError; end
     class InlineQueryFailedError < PolarRuntimeError; end
     class NullByteInPolarFileError < PolarRuntimeError; end
     class UnexpectedPolarTypeError < PolarRuntimeError; end
+    class PolarFileAlreadyLoadedError < PolarRuntimeError # rubocop:disable Style/Documentation
+      # @param file [String]
+      def initialize(file)
+        super("File #{file} has already been loaded.")
+      end
+    end
+    class PolarFileContentsChangedError < PolarRuntimeError # rubocop:disable Style/Documentation
+      # @param file [String]
+      def initialize(file)
+        super("A file with the name #{file}, but different contents, has already been loaded.")
+      end
+    end
+    class PolarFileNameChangedError < PolarRuntimeError # rubocop:disable Style/Documentation
+      # @param file [String]
+      # @param existing [String]
+      def initialize(file, existing)
+        super("A file with the same contents as #{file} named #{existing} has already been loaded.")
+      end
+    end
     class PolarFileExtensionError < PolarRuntimeError # rubocop:disable Style/Documentation
-      def initialize
-        super('Polar files must have .pol or .polar extension.')
+      def initialize(file)
+        super("Polar files must have .polar extension. Offending file: #{file}")
       end
     end
     class PolarFileNotFoundError < PolarRuntimeError # rubocop:disable Style/Documentation
@@ -58,7 +74,7 @@ module Oso
       # @param as [String]
       # @param old [Class]
       # @param new [Class]
-      def initialize(name:, old:, new:) # rubocop:disable Naming/MethodParameterName
+      def initialize(name:, old:, new:)
         super("Attempted to alias #{new} as '#{name}', but #{old} already has that alias.")
       end
     end

data/lib/oso/polar/ffi.rb

@@ -5,10 +5,12 @@ require 'ffi'
 module Oso
   module Polar
     module FFI
-      LIB = ::FFI::Platform::LIBPREFIX + 'polar.' + ::FFI::Platform::LIBSUFFIX
-      LIB_PATH = File.expand_path(File.join(__dir__, "../../../ext/oso-oso/lib/#{LIB}"))
-      # @TODO: Fall back to this if there's no release build libs. Easier for dev.
-      # LIB_PATH = File.expand_path(File.join(__dir__, "../../../../../target/debug/#{LIB}"))
+      LIB = "#{::FFI::Platform::LIBPREFIX}polar.#{::FFI::Platform::LIBSUFFIX}"
+      RELEASE_PATH = File.expand_path(File.join(__dir__, "../../../ext/oso-oso/lib/#{LIB}"))
+      DEV_PATH = File.expand_path(File.join(__dir__, "../../../../../target/debug/#{LIB}"))
+      # If the lib exists in the ext/ dir, use it. Otherwise, fall back to
+      # checking the local Rust target dir.
+      LIB_PATH = File.file?(RELEASE_PATH) ? RELEASE_PATH : DEV_PATH
 
       # Wrapper classes defined upfront to fix Ruby loading issues. Actual
       # implementations live in the sibling `ffi/` directory and are `require`d
@@ -35,7 +37,13 @@ module Oso
       # Wrapper class for Error FFI pointer + operations.
       class Error < ::FFI::AutoPointer
         def self.release(ptr)
-          Rust.free(ptr)
+          Rust.free(ptr) unless ptr.null?
+        end
+      end
+      # Wrapper class for Message FFI pointer + operations.
+      class Message < ::FFI::AutoPointer
+        def self.release(ptr)
+          Rust.free(ptr) unless ptr.null?
         end
       end
     end
@@ -47,3 +55,4 @@ require 'oso/polar/ffi/polar'
 require 'oso/polar/ffi/query'
 require 'oso/polar/ffi/query_event'
 require 'oso/polar/ffi/error'
+require 'oso/polar/ffi/message'

data/lib/oso/polar/ffi/error.rb

@@ -22,7 +22,7 @@ module Oso
         #
         # @return [::Oso::Polar::Error] if there's an FFI error.
         # @return [::Oso::Polar::FFIErrorNotFound] if there isn't one.
-        def self.get # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+        def self.get # rubocop:disable Metrics/MethodLength
           error = Rust.get
           return ::Oso::Polar::FFIErrorNotFound if error.null?
 
@@ -48,7 +48,7 @@ module Oso
         # @param msg [String]
         # @param details [Hash<String, Object>]
         # @return [::Oso::Polar::ParseError] the object converted into the expected format.
-        private_class_method def self.parse_error(kind, msg:, details:) # rubocop:disable Metrics/CyclomaticComplexity, Metrics/MethodLength
+        private_class_method def self.parse_error(kind, msg:, details:) # rubocop:disable Metrics/MethodLength
           case kind
           when 'ExtraToken'
             ::Oso::Polar::ParseError::ExtraToken.new(msg, details: details)

data/lib/oso/polar/ffi/message.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Oso
+  module Polar
+    module FFI
+      # Wrapper class for Message FFI pointer + operations.
+      class Message < ::FFI::AutoPointer
+        # @return [String]
+        def to_s
+          @to_s ||= read_string.force_encoding('UTF-8')
+        end
+
+        Rust = Module.new do
+          extend ::FFI::Library
+          ffi_lib FFI::LIB_PATH
+
+          attach_function :free, :string_free, [Message], :int32
+        end
+
+        def process
+          message = JSON.parse(to_s)
+          kind = message['kind']
+          msg = message['msg']
+
+          case kind
+          when 'Print'
+            puts(msg)
+          when 'Warning'
+            warn('[warning] %<msg>s')
+          end
+        end
+
+        private_constant :Rust
+      end
+    end
+  end
+end

data/lib/oso/polar/ffi/polar.rb

@@ -11,12 +11,12 @@ module Oso
 
           attach_function :new, :polar_new, [], FFI::Polar
           attach_function :load_str, :polar_load, [FFI::Polar, :string, :string], :int32
-          attach_function :next_inline_query, :polar_next_inline_query, [FFI::Polar], FFI::Query
+          attach_function :next_inline_query, :polar_next_inline_query, [FFI::Polar, :uint32], FFI::Query
           attach_function :new_id, :polar_get_external_id, [FFI::Polar], :uint64
-          attach_function :new_query_from_str, :polar_new_query, [FFI::Polar, :string], FFI::Query
-          attach_function :new_query_from_term, :polar_new_query_from_term, [FFI::Polar, :string], FFI::Query
-          attach_function :new_query_from_repl, :polar_query_from_repl, [FFI::Polar], FFI::Query
+          attach_function :new_query_from_str, :polar_new_query, [FFI::Polar, :string, :uint32], FFI::Query
+          attach_function :new_query_from_term, :polar_new_query_from_term, [FFI::Polar, :string, :uint32], FFI::Query
           attach_function :register_constant, :polar_register_constant, [FFI::Polar, :string, :string], :int32
+          attach_function :next_message, :polar_next_polar_message, [FFI::Polar], FFI::Message
           attach_function :free, :polar_free, [FFI::Polar], :int32
         end
         private_constant :Rust
@@ -34,14 +34,17 @@ module Oso
         # @param filename [String]
         # @raise [FFI::Error] if the FFI call returns an error.
         def load_str(src, filename: nil)
-          raise FFI::Error.get if Rust.load_str(self, src, filename).zero?
+          loaded = Rust.load_str(self, src, filename)
+          process_messages
+          raise FFI::Error.get if loaded.zero?
         end
 
         # @return [FFI::Query] if there are remaining inline queries.
         # @return [nil] if there are no remaining inline queries.
         # @raise [FFI::Error] if the FFI call returns an error.
         def next_inline_query
-          query = Rust.next_inline_query(self)
+          query = Rust.next_inline_query(self, 0)
+          process_messages
           query.null? ? nil : query
         end
 
@@ -60,7 +63,8 @@ module Oso
         # @return [FFI::Query]
         # @raise [FFI::Error] if the FFI call returns an error.
         def new_query_from_str(str)
-          query = Rust.new_query_from_str(self, str)
+          query = Rust.new_query_from_str(self, str, 0)
+          process_messages
           raise FFI::Error.get if query.null?
 
           query
@@ -70,16 +74,8 @@ module Oso
         # @return [FFI::Query]
         # @raise [FFI::Error] if the FFI call returns an error.
         def new_query_from_term(term)
-          query = Rust.new_query_from_term(self, JSON.dump(term))
-          raise FFI::Error.get if query.null?
-
-          query
-        end
-
-        # @return [FFI::Query]
-        # @raise [FFI::Error] if the FFI call returns an error.
-        def new_query_from_repl
-          query = Rust.new_query_from_repl(self)
+          query = Rust.new_query_from_term(self, JSON.dump(term), 0)
+          process_messages
           raise FFI::Error.get if query.null?
 
           query
@@ -89,7 +85,21 @@ module Oso
         # @param value [Hash<String, Object>]
         # @raise [FFI::Error] if the FFI call returns an error.
         def register_constant(name, value:)
-          raise FFI::Error.get if Rust.register_constant(self, name, JSON.dump(value)).zero?
+          registered = Rust.register_constant(self, name, JSON.dump(value))
+          raise FFI::Error.get if registered.zero?
+        end
+
+        def next_message
+          Rust.next_message(self)
+        end
+
+        def process_messages
+          loop do
+            message = next_message
+            break if message.null?
+
+            message.process
+          end
         end
       end
     end