oso-oso 0.4.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 919322c6735cfeb3615da5dd85b4188c59e8716d
-  data.tar.gz: 1c881b365f4098e3bbdad3152168e82ab31df87f
+  metadata.gz: 73b2001f3721fd450aaebcdf348ac8d05f1452f1
+  data.tar.gz: bf829788c21e9eb8b91ce05504800df3b13fd4fe
 SHA512:
-  metadata.gz: b898b3636cdb1cfa5fe909634292cf030bd60ccf768e964cb258c7e1c076d34b52e953bf8b37b27e2cc42926c44efdbd7b600dc21fea63e7144834870d80db1f
-  data.tar.gz: 1e38944c4a55b81b3dbecbf1864be035632bd840e0f709380c8b14bfaecf657a1abb273b74b171aae35df9210beddb7e42f4c3547af74e482d0db4b214ca987f
+  metadata.gz: 1590f8019ec1a5e13f8bb5b5f39a65a6e304d427312ea6996e41d6dfb56c0632a31d780dc55a9815734c7e3b6861d823a36878f46b26441d39c51296114b3086
+  data.tar.gz: 5dbcc691578bdcf01864895ab305aa9a97f7924e0f77a7ce33193dc047c99253f48f1ddfdfba65e290580ca6558132c6473911e5a54a5a64542e6f701f67796d

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    oso-oso (0.4.0)
+    oso-oso (0.7.0)
       ffi (~> 1.0)
 
 GEM
@@ -49,19 +49,19 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-support (3.9.3)
-    rubocop (0.89.0)
+    rubocop (0.89.1)
       parallel (~> 1.10)
       parser (>= 2.7.1.1)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.7)
       rexml
-      rubocop-ast (>= 0.1.0, < 1.0)
+      rubocop-ast (>= 0.3.0, < 1.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 2.0)
     rubocop-ast (0.3.0)
       parser (>= 2.7.1.4)
     ruby-progressbar (1.10.1)
-    solargraph (0.39.13)
+    solargraph (0.39.14)
       backport (~> 1.1)
       benchmark
       bundler (>= 1.17.2)
@@ -88,8 +88,8 @@ DEPENDENCIES
   pry-byebug (~> 3.9.0)
   rake (~> 12.0)
   rspec (~> 3.0)
-  rubocop (~> 0.89.0)
-  solargraph (~> 0.39.8)
+  rubocop (~> 0.89.1)
+  solargraph (~> 0.39.14)
   yard (~> 0.9.25)
 
 BUNDLED WITH

data/Makefile

@@ -3,17 +3,17 @@
 rust:
 	$(MAKE) -C ../.. rust-build
 
-install: rust
+install:
 	bundle install
 
-test: install
+test: install rust
 	bundle exec rake spec
 
-lint:
+lint: install
 	bundle exec rubocop
 
-typecheck:
+typecheck: install
 	bundle exec solargraph typecheck
 
-repl: install
+repl: install rust
 	bundle exec oso

data/bin/oso

@@ -4,4 +4,4 @@
 require 'bundler/setup'
 require 'oso'
 
-Oso.new.repl(load: true)
+Oso.new.repl(ARGV)

data/lib/oso/oso.rb

@@ -3,7 +3,7 @@
 require_relative 'polar/polar'
 
 module Oso
-  # Oso authorization API.
+  # oso authorization API.
   class Oso < Polar::Polar
     def initialize
       super
@@ -11,6 +11,13 @@ module Oso
       register_class(PathMapper, name: 'PathMapper')
     end
 
+    # Query the knowledge base to determine whether an actor is allowed to
+    # perform an action upon a resource.
+    #
+    # @param actor [Object] Subject.
+    # @param action [Object] Verb.
+    # @param resource [Object] Object.
+    # @return [Boolean] An access control decision.
     def allowed?(actor:, action:, resource:)
       query_rule('allow', actor, action, resource).next
       true

data/lib/oso/polar/errors.rb

@@ -27,36 +27,24 @@ module Oso
     class UnsupportedError < PolarRuntimeError; end
     class PolarTypeError < PolarRuntimeError; end
     class StackOverflowError < PolarRuntimeError; end
+    class FileLoadingError < PolarRuntimeError; end
 
     # Errors originating from this side of the FFI boundary.
 
     class UnregisteredClassError < PolarRuntimeError; end
-    class MissingConstructorError < PolarRuntimeError; end
     class UnregisteredInstanceError < PolarRuntimeError; end
     class DuplicateInstanceRegistrationError < PolarRuntimeError; end
+
+    # TODO: I think this should probably have some arguments to say what the call is
     class InvalidCallError < PolarRuntimeError; end
     class InvalidConstructorError < PolarRuntimeError; end
     class InvalidQueryTypeError < PolarRuntimeError; end
-    class InlineQueryFailedError < PolarRuntimeError; end
     class NullByteInPolarFileError < PolarRuntimeError; end
     class UnexpectedPolarTypeError < PolarRuntimeError; end
-    class PolarFileAlreadyLoadedError < PolarRuntimeError # rubocop:disable Style/Documentation
-      # @param file [String]
-      def initialize(file)
-        super("File #{file} has already been loaded.")
-      end
-    end
-    class PolarFileContentsChangedError < PolarRuntimeError # rubocop:disable Style/Documentation
-      # @param file [String]
-      def initialize(file)
-        super("A file with the name #{file}, but different contents, has already been loaded.")
-      end
-    end
-    class PolarFileNameChangedError < PolarRuntimeError # rubocop:disable Style/Documentation
-      # @param file [String]
-      # @param existing [String]
-      def initialize(file, existing)
-        super("A file with the same contents as #{file} named #{existing} has already been loaded.")
+    class InlineQueryFailedError < PolarRuntimeError; # rubocop:disable Style/Documentation
+      # @param source [String]
+      def initialize(source)
+        super("Inline query failed: #{source}")
       end
     end
     class PolarFileExtensionError < PolarRuntimeError # rubocop:disable Style/Documentation
@@ -79,6 +67,12 @@ module Oso
       end
     end
 
+    class UnimplementedOperationError < PolarRuntimeError # rubocop:disable Style/Documentation
+      def initialize(operation)
+        super("#{operation} are unimplemented in the oso Ruby library")
+      end
+    end
+
     # Generic operational exception.
     class OperationalError < Error; end
     class UnknownError < OperationalError; end

data/lib/oso/polar/ffi.rb

@@ -37,7 +37,20 @@ module Oso
       # Wrapper class for Error FFI pointer + operations.
       class Error < ::FFI::AutoPointer
         def self.release(ptr)
-          Rust.free(ptr)
+          Rust.free(ptr) unless ptr.null?
+        end
+      end
+      # Wrapper class for Message FFI pointer + operations.
+      class Message < ::FFI::AutoPointer
+        def self.release(ptr)
+          Rust.free(ptr) unless ptr.null?
+        end
+      end
+
+      # Wrapper class for Source FFI pointer.
+      class Source < ::FFI::AutoPointer
+        def self.release(ptr)
+          Rust.free(ptr) unless ptr.null?
         end
       end
     end
@@ -49,3 +62,5 @@ require 'oso/polar/ffi/polar'
 require 'oso/polar/ffi/query'
 require 'oso/polar/ffi/query_event'
 require 'oso/polar/ffi/error'
+require 'oso/polar/ffi/message'
+require 'oso/polar/ffi/source'

data/lib/oso/polar/ffi/error.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     module FFI
@@ -83,6 +85,8 @@ module Oso
             ::Oso::Polar::PolarTypeError.new(msg, details: details)
           when 'StackOverflow'
             ::Oso::Polar::StackOverflowError.new(msg, details: details)
+          when 'FileLoading'
+            ::Oso::Polar::FileLoadingError.new(msg, details: details)
           else
             ::Oso::Polar::PolarRuntimeError.new(msg, details: details)
           end

data/lib/oso/polar/ffi/message.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Oso
+  module Polar
+    module FFI
+      # Wrapper class for Message FFI pointer + operations.
+      class Message < ::FFI::AutoPointer
+        # @return [String]
+        def to_s
+          @to_s ||= read_string.force_encoding('UTF-8')
+        end
+
+        Rust = Module.new do
+          extend ::FFI::Library
+          ffi_lib FFI::LIB_PATH
+
+          attach_function :free, :string_free, [Message], :int32
+        end
+
+        def process
+          message = JSON.parse(to_s)
+          kind = message['kind']
+          msg = message['msg']
+
+          case kind
+          when 'Print'
+            puts(msg)
+          when 'Warning'
+            warn(format('[warning] %<msg>s', msg: msg))
+          end
+        end
+
+        private_constant :Rust
+      end
+    end
+  end
+end

data/lib/oso/polar/ffi/polar.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     module FFI
@@ -10,12 +12,14 @@ module Oso
           ffi_lib FFI::LIB_PATH
 
           attach_function :new, :polar_new, [], FFI::Polar
-          attach_function :load_str, :polar_load, [FFI::Polar, :string, :string], :int32
+          attach_function :load, :polar_load, [FFI::Polar, :string, :string], :int32
+          attach_function :clear_rules, :polar_clear_rules, [FFI::Polar], :int32
           attach_function :next_inline_query, :polar_next_inline_query, [FFI::Polar, :uint32], FFI::Query
           attach_function :new_id, :polar_get_external_id, [FFI::Polar], :uint64
           attach_function :new_query_from_str, :polar_new_query, [FFI::Polar, :string, :uint32], FFI::Query
           attach_function :new_query_from_term, :polar_new_query_from_term, [FFI::Polar, :string, :uint32], FFI::Query
           attach_function :register_constant, :polar_register_constant, [FFI::Polar, :string, :string], :int32
+          attach_function :next_message, :polar_next_polar_message, [FFI::Polar], FFI::Message
           attach_function :free, :polar_free, [FFI::Polar], :int32
         end
         private_constant :Rust
@@ -32,8 +36,17 @@ module Oso
         # @param src [String]
         # @param filename [String]
         # @raise [FFI::Error] if the FFI call returns an error.
-        def load_str(src, filename: nil)
-          raise FFI::Error.get if Rust.load_str(self, src, filename).zero?
+        def load(src, filename: nil)
+          loaded = Rust.load(self, src, filename)
+          process_messages
+          raise FFI::Error.get if loaded.zero?
+        end
+
+        # @raise [FFI::Error] if the FFI call returns an error.
+        def clear_rules
+          cleared = Rust.clear_rules(self)
+          process_messages
+          raise FFI::Error.get if cleared.zero?
         end
 
         # @return [FFI::Query] if there are remaining inline queries.
@@ -41,6 +54,7 @@ module Oso
         # @raise [FFI::Error] if the FFI call returns an error.
         def next_inline_query
           query = Rust.next_inline_query(self, 0)
+          process_messages
           query.null? ? nil : query
         end
 
@@ -60,6 +74,7 @@ module Oso
         # @raise [FFI::Error] if the FFI call returns an error.
         def new_query_from_str(str)
           query = Rust.new_query_from_str(self, str, 0)
+          process_messages
           raise FFI::Error.get if query.null?
 
           query
@@ -70,6 +85,7 @@ module Oso
         # @raise [FFI::Error] if the FFI call returns an error.
         def new_query_from_term(term)
           query = Rust.new_query_from_term(self, JSON.dump(term), 0)
+          process_messages
           raise FFI::Error.get if query.null?
 
           query
@@ -78,8 +94,22 @@ module Oso
         # @param name [String]
         # @param value [Hash<String, Object>]
         # @raise [FFI::Error] if the FFI call returns an error.
-        def register_constant(name, value:)
-          raise FFI::Error.get if Rust.register_constant(self, name, JSON.dump(value)).zero?
+        def register_constant(value, name:)
+          registered = Rust.register_constant(self, name, JSON.dump(value))
+          raise FFI::Error.get if registered.zero?
+        end
+
+        def next_message
+          Rust.next_message(self)
+        end
+
+        def process_messages
+          loop do
+            message = next_message
+            break if message.null?
+
+            message.process
+          end
         end
       end
     end

data/lib/oso/polar/ffi/query.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     module FFI
@@ -14,6 +16,8 @@ module Oso
           attach_function :question_result, :polar_question_result, [FFI::Query, :uint64, :int32], :int32
           attach_function :application_error, :polar_application_error, [FFI::Query, :string], :int32
           attach_function :next_event, :polar_next_query_event, [FFI::Query], FFI::QueryEvent
+          attach_function :next_message, :polar_next_query_message, [FFI::Query], FFI::Message
+          attach_function :source, :polar_query_source_info, [FFI::Query], FFI::Source
           attach_function :free, :query_free, [FFI::Query], :int32
         end
         private_constant :Rust
@@ -22,6 +26,7 @@ module Oso
         # @raise [FFI::Error] if the FFI call returns an error.
         def debug_command(cmd)
           res = Rust.debug_command(self, cmd)
+          process_messages
           raise FFI::Error.get if res.zero?
         end
 
@@ -54,10 +59,33 @@ module Oso
         # @raise [FFI::Error] if the FFI call returns an error.
         def next_event
           event = Rust.next_event(self)
+          process_messages
           raise FFI::Error.get if event.null?
 
           ::Oso::Polar::QueryEvent.new(JSON.parse(event.to_s))
         end
+
+        def next_message
+          Rust.next_message(self)
+        end
+
+        def process_messages
+          loop do
+            message = next_message
+            break if message.null?
+
+            message.process
+          end
+        end
+
+        # @return [String]
+        # @raise [FFI::Error] if the FFI call returns an error.
+        def source
+          res = Rust.source(self)
+          raise FFI::Error.get if res.null?
+
+          res.to_s
+        end
       end
     end
   end

data/lib/oso/polar/ffi/source.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Oso
+  module Polar
+    module FFI
+      # Wrapper class for Source FFI pointer.
+      class Source < ::FFI::AutoPointer
+        # @return [String]
+        def to_s
+          @to_s ||= read_string.force_encoding('UTF-8')
+        end
+
+        Rust = Module.new do
+          extend ::FFI::Library
+          ffi_lib FFI::LIB_PATH
+
+          attach_function :free, :string_free, [Message], :int32
+        end
+
+        private_constant :Rust
+      end
+    end
+  end
+end

data/lib/oso/polar/host.rb

@@ -10,8 +10,6 @@ module Oso
       attr_reader :ffi_polar
       # @return [Hash<String, Class>]
       attr_reader :classes
-      # @return [Hash<String, Object>]
-      attr_reader :constructors
       # @return [Hash<Integer, Object>]
       attr_reader :instances
 
@@ -20,14 +18,12 @@ module Oso
       def initialize(ffi_polar)
         @ffi_polar = ffi_polar
         @classes = {}
-        @constructors = {}
         @instances = {}
       end
 
       def initialize_copy(other)
         @ffi_polar = other.ffi_polar
         @classes = other.classes.dup
-        @constructors = other.constructors.dup
         @instances = other.instances.dup
       end
 
@@ -44,38 +40,19 @@ module Oso
 
       # Store a Ruby class in the {#classes} cache.
       #
-      # @param cls [Class] the class to cache
-      # @param name [String] the name to cache the class as. Defaults to the name of the class.
+      # @param cls [Class] the class to cache.
+      # @param name [String] the name to cache the class as.
       # @return [String] the name the class is cached as.
-      # @raise [UnregisteredClassError] if the class has not been registered.
-      def cache_class(cls, name:, constructor:) # rubocop:disable Metrics/MethodLength
-        name = cls.name if name.nil?
+      # @raise [DuplicateClassAliasError] if attempting to register a class
+      # under a previously-registered name.
+      def cache_class(cls, name:)
         raise DuplicateClassAliasError, name: name, old: get_class(name), new: cls if classes.key? name
 
         classes[name] = cls
-        if constructor.nil?
-          constructors[name] = :new
-        elsif constructor.respond_to? :call
-          constructors[name] = constructor
-        else
-          raise InvalidConstructorError
-        end
         name
       end
 
-      # Fetch a constructor from the {#constructors} cache.
-      #
-      # @param name [String]
-      # @return [Symbol] if constructor is the default of `:new`.
-      # @return [Proc] if a custom constructor was registered.
-      # @raise [UnregisteredConstructorError] if the constructor has not been registered.
-      def get_constructor(name)
-        raise MissingConstructorError, name unless constructors.key? name
-
-        constructors[name]
-      end
-
-      # Check if an instance has been cached.
+      # Check if an instance exists in the {#instances} cache.
       #
       # @param id [Integer]
       # @return [Boolean]
@@ -99,11 +76,12 @@ module Oso
         instances[id]
       end
 
-      # Cache a Ruby instance, fetching a {#new_id} if one isn't provided.
+      # Cache a Ruby instance in the {#instances} cache, fetching a new id if
+      # one isn't provided.
       #
       # @param instance [Object]
-      # @param id [Integer]
-      # @return [Integer]
+      # @param id [Integer] the instance ID. Generated via FFI if not provided.
+      # @return [Integer] the instance ID.
       def cache_instance(instance, id: nil)
         id = ffi_polar.new_id if id.nil?
         instances[id] = instance
@@ -112,30 +90,17 @@ module Oso
 
       # Construct and cache a Ruby instance.
       #
-      # @param cls_name [String]
-      # @param initargs [Hash<String, Hash>]
-      # @param id [Integer]
+      # @param cls_name [String] name of the instance's class.
+      # @param args [Array<Object>] positional args to the constructor.
+      # @param kwargs [Hash<String, Object>] keyword args to the constructor.
+      # @param id [Integer] the instance ID.
       # @raise [PolarRuntimeError] if instance construction fails.
-      def make_instance(cls_name, initargs:, id:) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/PerceivedComplexity, Metrics/CyclomaticComplexity
-        constructor = get_constructor(cls_name)
-        instance = if constructor == :new
-                     if initargs.empty?
-                       get_class(cls_name).__send__(:new)
-                     elsif initargs.is_a? Array
-                       get_class(cls_name).__send__(:new, *initargs)
-                     elsif initargs.is_a? Hash
-                       get_class(cls_name).__send__(:new, **initargs)
-                     else
-                       raise PolarRuntimeError, "Bad initargs: #{initargs}"
-                     end
-                   elsif initargs.empty?
-                     constructor.call
-                   elsif initargs.is_a? Array
-                     constructor.call(*initargs)
-                   elsif initargs.is_a? Hash
-                     constructor.call(**initargs)
+      # @return [Integer] the instance ID.
+      def make_instance(cls_name, args:, kwargs:, id:)
+        instance = if kwargs.empty? # This check is for Ruby < 2.7.
+                     get_class(cls_name).__send__(:new, *args)
                    else
-                     raise PolarRuntimeError, "Bad initargs: #{initargs}"
+                     get_class(cls_name).__send__(:new, *args, **kwargs)
                    end
         cache_instance(instance, id: id)
       rescue StandardError => e
@@ -151,9 +116,9 @@ module Oso
       # @return [Boolean]
       def subspecializer?(instance_id, left_tag:, right_tag:)
         mro = get_instance(instance_id).class.ancestors
-        mro.index(get_class(left_tag)) < mro.index(get_class(right_tag))
-      rescue StandardError
-        false
+        left_index = mro.index(get_class(left_tag))
+        right_index = mro.index(get_class(right_tag))
+        left_index && right_index && left_index < right_index
       end
 
       # Check if instance is an instance of class.
@@ -165,8 +130,6 @@ module Oso
         instance = to_ruby(instance)
         cls = get_class(class_tag)
         instance.is_a? cls
-      rescue PolarRuntimeError
-        false
       end
 
       # Check if two instances unify
@@ -178,8 +141,6 @@ module Oso
         left_instance = get_instance(left_instance_id)
         right_instance = get_instance(right_instance_id)
         left_instance == right_instance
-      rescue PolarRuntimeError
-        false
       end
 
       # Turn a Ruby value into a Polar term that's ready to be sent across the
@@ -187,22 +148,29 @@ module Oso
       #
       # @param value [Object]
       # @return [Hash<String, Object>]
-      def to_polar_term(value) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength
+      def to_polar(value) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/PerceivedComplexity
         value = case true # rubocop:disable Lint/LiteralAsCondition
                 when value.instance_of?(TrueClass) || value.instance_of?(FalseClass)
                   { 'Boolean' => value }
                 when value.instance_of?(Integer)
                   { 'Number' => { 'Integer' => value } }
                 when value.instance_of?(Float)
+                  if value == Float::INFINITY
+                    value = 'Infinity'
+                  elsif value == -Float::INFINITY
+                    value = '-Infinity'
+                  elsif value.nan?
+                    value = 'NaN'
+                  end
                   { 'Number' => { 'Float' => value } }
                 when value.instance_of?(String)
                   { 'String' => value }
                 when value.instance_of?(Array)
-                  { 'List' => value.map { |el| to_polar_term(el) } }
+                  { 'List' => value.map { |el| to_polar(el) } }
                 when value.instance_of?(Hash)
-                  { 'Dictionary' => { 'fields' => value.transform_values { |v| to_polar_term(v) } } }
+                  { 'Dictionary' => { 'fields' => value.transform_values { |v| to_polar(v) } } }
                 when value.instance_of?(Predicate)
-                  { 'Call' => { 'name' => value.name, 'args' => value.args.map { |el| to_polar_term(el) } } }
+                  { 'Call' => { 'name' => value.name, 'args' => value.args.map { |el| to_polar(el) } } }
                 when value.instance_of?(Variable)
                   # This is supported so that we can query for unbound variables
                   { 'Variable' => value }
@@ -220,13 +188,28 @@ module Oso
       # @option data [Hash<String, Object>] :value
       # @return [Object]
       # @raise [UnexpectedPolarTypeError] if type cannot be converted to Ruby.
-      def to_ruby(data) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength
+      def to_ruby(data) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/PerceivedComplexity
         tag, value = data['value'].first
         case tag
         when 'String', 'Boolean'
           value
         when 'Number'
-          value.values.first
+          num = value.values.first
+          if value.key? 'Float'
+            case num
+            when 'Infinity'
+              return Float::INFINITY
+            when '-Infinity'
+              return -Float::INFINITY
+            when 'NaN'
+              return Float::NAN
+            else
+              unless value['Float'].is_a? Float # rubocop:disable Metrics/BlockNesting
+                raise PolarRuntimeError, "Expected a floating point number, got \"#{value['Float']}\""
+              end
+            end
+          end
+          num
         when 'List'
           value.map { |el| to_ruby(el) }
         when 'Dictionary'

data/lib/oso/polar/polar.rb

@@ -1,10 +1,5 @@
 # frozen_string_literal: true
 
-require 'json'
-require 'pp'
-require 'set'
-require 'digest/md5'
-
 # Missing Ruby type.
 module PolarBoolean; end
 # Monkey-patch Ruby true type.
@@ -12,6 +7,26 @@ class TrueClass; include PolarBoolean; end
 # Monkey-patch Ruby false type.
 class FalseClass; include PolarBoolean; end
 
+# https://github.com/ruby/ruby/blob/bb9ecd026a6cadd5d0f85ac061649216806ed935/lib/bundler/vendor/thor/lib/thor/shell/color.rb#L99-L105
+def supports_color
+  $stdout.tty? && $stderr.tty? && ENV['NO_COLOR'].nil?
+end
+
+if supports_color
+  RESET = "\x1b[0m"
+  FG_BLUE = "\x1b[34m"
+  FG_RED = "\x1b[31m"
+else
+  RESET = ''
+  FG_BLUE = ''
+  FG_RED = ''
+end
+
+def print_error(error)
+  warn FG_RED + error.class.name.split('::').last + RESET
+  warn error.message
+end
+
 module Oso
   module Polar
     # Create and manage an instance of the Polar runtime.
@@ -22,8 +37,6 @@ module Oso
       def initialize
         @ffi_polar = FFI::Polar.create
         @host = Host.new(ffi_polar)
-        @loaded_names = {}
-        @loaded_contents = {}
 
         # Register built-in classes.
         register_class PolarBoolean, name: 'Boolean'
@@ -34,35 +47,25 @@ module Oso
         register_class String
       end
 
-      # Replace the current Polar instance but retain all registered classes and constructors.
-      def clear
-        loaded_names.clear
-        loaded_contents.clear
-        @ffi_polar = FFI::Polar.create
+      # Clear all rules and rule sources from the current Polar instance
+      #
+      # @return [self] for chaining.
+      def clear_rules
+        ffi_polar.clear_rules
+        self
       end
 
-      # Enqueue a Polar policy file for loading into the KB.
+      # Load a Polar policy file.
       #
       # @param name [String]
       # @raise [PolarFileExtensionError] if provided filename has invalid extension.
       # @raise [PolarFileNotFoundError] if provided filename does not exist.
-      def load_file(name) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+      # @return [self] for chaining.
+      def load_file(name)
         raise PolarFileExtensionError, name unless File.extname(name) == '.polar'
 
         file_data = File.open(name, &:read)
-        hash = Digest::MD5.hexdigest(file_data)
-
-        if loaded_names.key?(name)
-          raise PolarFileAlreadyLoadedError, name if loaded_names[name] == hash
-
-          raise PolarFileContentsChangedError, name
-        elsif loaded_contents.key?(hash)
-          raise PolarFileNameChangedError, name, loaded_contents[hash]
-        else
-          load_str(file_data, filename: name)
-          loaded_names[name] = hash
-          loaded_contents[hash] = name
-        end
+        load_str(file_data, filename: name)
       rescue Errno::ENOENT
         raise PolarFileNotFoundError, name
       end
@@ -74,10 +77,11 @@ module Oso
       # @raise [NullByteInPolarFileError] if str includes a non-terminating null byte.
       # @raise [InlineQueryFailedError] on the first failed inline query.
       # @raise [Error] if any of the FFI calls raise one.
+      # @return [self] for chaining.
       def load_str(str, filename: nil) # rubocop:disable Metrics/MethodLength
         raise NullByteInPolarFileError if str.chomp("\0").include?("\0")
 
-        ffi_polar.load_str(str, filename: filename)
+        ffi_polar.load(str, filename: filename)
         loop do
           next_query = ffi_polar.next_inline_query
           break if next_query.nil?
@@ -85,12 +89,13 @@ module Oso
           begin
             Query.new(next_query, host: host).results.next
           rescue StopIteration
-            raise InlineQueryFailedError
+            raise InlineQueryFailedError, next_query.source
           end
         end
+        self
       end
 
-      # Query for a predicate, parsing it if necessary.
+      # Query for a Polar predicate or string.
       #
       # @overload query(query)
       #   @param query [String]
@@ -106,7 +111,7 @@ module Oso
         when String
           ffi_query = ffi_polar.new_query_from_str(query)
         when Predicate
-          ffi_query = ffi_polar.new_query_from_term(new_host.to_polar_term(query))
+          ffi_query = ffi_polar.new_query_from_term(new_host.to_polar(query))
         else
           raise InvalidQueryTypeError
         end
@@ -123,72 +128,109 @@ module Oso
         query(Predicate.new(name, args: args))
       end
 
+      # Register a Ruby class with Polar.
+      #
+      # @param cls [Class] the class to register.
+      # @param name [String] the name to register the class as. Defaults to the name of the class.
+      # @raise [DuplicateClassAliasError] if attempting to register a class
+      # under a previously-registered name.
+      # @raise [FFI::Error] if the FFI call returns an error.
+      # @return [self] for chaining.
+      def register_class(cls, name: nil)
+        name = host.cache_class(cls, name: name || cls.name)
+        register_constant(cls, name: name)
+      end
+
+      # Register a Ruby object with Polar.
+      #
+      # @param value [Object] the object to register.
+      # @param name [String] the name to register the object as.
+      # @return [self] for chaining.
+      # @raise [FFI::Error] if the FFI call returns an error.
+      def register_constant(value, name:)
+        ffi_polar.register_constant(host.to_polar(value), name: name)
+        self
+      end
+
       # Start a REPL session.
       #
+      # @param files [Array<String>]
       # @raise [Error] if the FFI call raises one.
-      def repl(load: false) # rubocop:disable Metrics/MethodLength, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/AbcSize
-        ARGV.map { |f| load_file(f) } if load
+      def repl(files = [])
+        files.map { |f| load_file(f) }
+        prompt = "#{FG_BLUE}query>#{RESET} "
+        # Try loading the readline module from the Ruby stdlib. If we get a
+        # LoadError, fall back to the standard REPL with no readline support.
+        require 'readline'
+        repl_readline(prompt)
+      rescue LoadError
+        repl_standard(prompt)
+      end
 
-        loop do # rubocop:disable Metrics/BlockLength
-          print 'query> '
-          begin
-            query = $stdin.readline.chomp.chomp(';')
-          rescue EOFError
-            return
-          end
+      private
 
-          begin
-            ffi_query = ffi_polar.new_query_from_str(query)
-          rescue ParseError => e
-            puts "Parse error: #{e}"
-            next
-          end
+      # @return [FFI::Polar]
+      attr_reader :ffi_polar
 
-          begin
-            results = Query.new(ffi_query, host: host).results.to_a
-          rescue PolarRuntimeError => e
-            puts e
+      # The R and L in REPL for systems where readline is available.
+      def repl_readline(prompt)
+        while (buf = Readline.readline(prompt, true))
+          if /^\s*$/ =~ buf # Don't add empty entries to history.
+            Readline::HISTORY.pop
             next
           end
+          process_line(buf)
+        end
+      rescue Interrupt # rubocop:disable Lint/SuppressedException
+      end
 
-          if results.empty?
-            pp false
-          else
-            results.each do |result|
-              if result.empty?
-                pp true
-              else
-                pp result
-              end
-            end
+      # The R and L in REPL for systems where readline is not available.
+      def repl_standard(prompt)
+        loop do
+          puts prompt
+          begin
+            buf = $stdin.readline
+          rescue EOFError
+            return
           end
+          process_line(buf)
         end
+      rescue Interrupt # rubocop:disable Lint/SuppressedException
       end
 
-      # Register a Ruby class with Polar.
+      # Process a line of user input in the REPL.
       #
-      # @param cls [Class]
-      # @param name [String]
-      # @param from_polar [Proc]
-      # @raise [InvalidConstructorError] if provided an invalid 'from_polar' constructor.
-      def register_class(cls, name: nil, from_polar: nil)
-        from_polar = Proc.new if block_given?
-        name = host.cache_class(cls, name: name, constructor: from_polar)
-        register_constant(name, value: cls)
-      end
-
-      def register_constant(name, value:)
-        ffi_polar.register_constant(name, value: host.to_polar_term(value))
-      end
+      # @param buf [String]
+      def process_line(buf) # rubocop:disable Metrics/MethodLength, Metrics/PerceivedComplexity, Metrics/AbcSize
+        query = buf.chomp.chomp(';')
+        begin
+          ffi_query = ffi_polar.new_query_from_str(query)
+        rescue ParseError => e
+          print_error(e)
+          return
+        end
 
-      private
+        begin
+          results = Query.new(ffi_query, host: host).results.to_a
+        rescue PolarRuntimeError => e
+          print_error(e)
+          return
+        end
 
-      # @return [FFI::Polar]
-      attr_reader :ffi_polar
-      # @return [Hash<String, String>]
-      attr_reader :loaded_names
-      # @return [Hash<String, String>]
-      attr_reader :loaded_contents
+        if results.empty?
+          puts false
+        else
+          results.each do |result|
+            if result.empty?
+              puts true
+            else
+              result.each do |variable, value|
+                puts "#{variable} = #{value.inspect}"
+              end
+            end
+          end
+        end
+      end
     end
   end
 end

data/lib/oso/polar/query.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     # A single Polar query.
@@ -43,12 +45,18 @@ module Oso
       # @param args [Array<Hash>]
       # @raise [InvalidCallError] if the method doesn't exist on the instance or
       #   the args passed to the method are invalid.
-      def register_call(method, call_id:, instance:, args:)
+      def register_call(attribute, call_id:, instance:, args:, kwargs:) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
         return if calls.key?(call_id)
 
-        args = args.map { |a| host.to_ruby(a) }
         instance = host.to_ruby(instance)
-        result = instance.__send__(method, *args)
+        args = args.map { |a| host.to_ruby(a) }
+        kwargs = Hash[kwargs.map { |k, v| [k.to_sym, host.to_ruby(v)] }]
+        # The kwargs.empty? check is for Ruby < 2.7.
+        result = if kwargs.empty?
+                   instance.__send__(attribute, *args)
+                 else
+                   instance.__send__(attribute, *args, **kwargs)
+                 end
         result = [result].to_enum unless result.is_a? Enumerator # Call must be a generator.
         calls[call_id] = result.lazy
       rescue ArgumentError, NoMethodError
@@ -64,13 +72,13 @@ module Oso
         ffi_query.call_result(result, call_id: call_id)
       end
 
-      # Retrieve the next result from a registered call and pass it to {#to_polar_term}.
+      # Retrieve the next result from a registered call and pass it to {#to_polar}.
       #
       # @param id [Integer]
       # @return [Hash]
       # @raise [StopIteration] if the call has been exhausted.
       def next_call_result(id)
-        host.to_polar_term(calls[id].next)
+        host.to_polar(calls[id].next)
       end
 
       # Send application error across FFI boundary.
@@ -89,8 +97,8 @@ module Oso
       # @param call_id [Integer]
       # @param instance [Hash<String, Object>]
       # @raise [Error] if the FFI call raises one.
-      def handle_call(method, call_id:, instance:, args:)
-        register_call(method, call_id: call_id, instance: instance, args: args)
+      def handle_call(attribute, call_id:, instance:, args:, kwargs:)
+        register_call(attribute, call_id: call_id, instance: instance, args: args, kwargs: kwargs)
         result = JSON.dump(next_call_result(call_id))
         call_result(result, call_id: call_id)
       rescue InvalidCallError => e
@@ -100,6 +108,20 @@ module Oso
         call_result(nil, call_id: call_id)
       end
 
+      def handle_make_external(data) # rubocop:disable Metrics/AbcSize
+        id = data['instance_id']
+        raise DuplicateInstanceRegistrationError, id if host.instance? id
+
+        constructor = data['constructor']['value']
+        raise InvalidConstructorError unless constructor.key? 'Call'
+
+        cls_name = constructor['Call']['name']
+        args = constructor['Call']['args'].map { |arg| host.to_ruby(arg) }
+        kwargs = constructor['Call']['kwargs'] || {}
+        kwargs = Hash[kwargs.map { |k, v| [k.to_sym, host.to_ruby(v)] }]
+        host.make_instance(cls_name, args: args, kwargs: kwargs, id: id)
+      end
+
       # Create a generator that can be polled to advance the query loop.
       #
       # @yieldparam [Hash<String, Object>]
@@ -115,27 +137,14 @@ module Oso
             when 'Result'
               yielder << event.data['bindings'].transform_values { |v| host.to_ruby(v) }
             when 'MakeExternal'
-              id = event.data['instance_id']
-              raise DuplicateInstanceRegistrationError, id if host.instance? id
-
-              constructor = event.data['constructor']['value']
-              if constructor.key? 'InstanceLiteral'
-                cls_name = constructor['InstanceLiteral']['tag']
-                fields = constructor['InstanceLiteral']['fields']['fields']
-                initargs = Hash[fields.map { |k, v| [k.to_sym, host.to_ruby(v)] }]
-              elsif constructor.key? 'Call'
-                cls_name = constructor['Call']['name']
-                initargs = constructor['Call']['args'].map { |arg| host.to_ruby(arg) }
-              else
-                raise InvalidConstructorError
-              end
-              host.make_instance(cls_name, initargs: initargs, id: id)
+              handle_make_external(event.data)
             when 'ExternalCall'
               call_id = event.data['call_id']
               instance = event.data['instance']
-              method = event.data['attribute']
-              args = event.data['args']
-              handle_call(method, call_id: call_id, instance: instance, args: args)
+              attribute = event.data['attribute']
+              args = event.data['args'] || []
+              kwargs = event.data['kwargs'] || {}
+              handle_call(attribute, call_id: call_id, instance: instance, args: args, kwargs: kwargs)
             when 'ExternalIsSubSpecializer'
               instance_id = event.data['instance_id']
               left_tag = event.data['left_class_tag']
@@ -160,8 +169,10 @@ module Oso
               rescue EOFError
                 next
               end
-              command = JSON.dump(host.to_polar_term(input))
+              command = JSON.dump(host.to_polar(input))
               ffi_query.debug_command(command)
+            when 'ExternalOp'
+              raise UnimplementedOperationError, 'comparison operators'
             else
               raise "Unhandled event: #{JSON.dump(event.inspect)}"
             end

data/lib/oso/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Oso
-  VERSION = '0.4.0'
+  VERSION = '0.7.0'
 end

data/oso-oso.gemspec

@@ -34,7 +34,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'pry-byebug', '~> 3.9.0'
   spec.add_development_dependency 'rake', '~> 12.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
-  spec.add_development_dependency 'rubocop', '~> 0.89.0'
-  spec.add_development_dependency 'solargraph', '~> 0.39.8'
+  spec.add_development_dependency 'rubocop', '~> 0.89.1'
+  spec.add_development_dependency 'solargraph', '~> 0.39.14'
   spec.add_development_dependency 'yard', '~> 0.9.25'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oso-oso
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Oso Security, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-11 00:00:00.000000000 Z
+date: 2020-10-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -72,28 +72,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.89.0
+        version: 0.89.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.89.0
+        version: 0.89.1
 - !ruby/object:Gem::Dependency
   name: solargraph
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.39.8
+        version: 0.39.14
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.39.8
+        version: 0.39.14
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
@@ -137,9 +137,11 @@ files:
 - lib/oso/polar/errors.rb
 - lib/oso/polar/ffi.rb
 - lib/oso/polar/ffi/error.rb
+- lib/oso/polar/ffi/message.rb
 - lib/oso/polar/ffi/polar.rb
 - lib/oso/polar/ffi/query.rb
 - lib/oso/polar/ffi/query_event.rb
+- lib/oso/polar/ffi/source.rb
 - lib/oso/polar/host.rb
 - lib/oso/polar/polar.rb
 - lib/oso/polar/predicate.rb