oso-oso 0.6.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 70321ccb3dc8e6468b89109aa7d9bbb97868d1be
-  data.tar.gz: 8b7c1873eba4dae6d1150f8f91a74a3d5a72e51c
+  metadata.gz: 73b2001f3721fd450aaebcdf348ac8d05f1452f1
+  data.tar.gz: bf829788c21e9eb8b91ce05504800df3b13fd4fe
 SHA512:
-  metadata.gz: 639ea45ef8a86ebf97ae20ee1977499e18f04827b05d869369c7ec01792eb7a7747c6bae9f7d7789af4993a4b04edef5b375c9caa504c6e09afe701ed931874f
-  data.tar.gz: 7dc68ed639125472e808ff375059ceb6d70837fad20c05672a183452bef78eeee56dcc0dc58579d21536749bc8e2fbc2628baa349473984c824d23b38d1270f4
+  metadata.gz: 1590f8019ec1a5e13f8bb5b5f39a65a6e304d427312ea6996e41d6dfb56c0632a31d780dc55a9815734c7e3b6861d823a36878f46b26441d39c51296114b3086
+  data.tar.gz: 5dbcc691578bdcf01864895ab305aa9a97f7924e0f77a7ce33193dc047c99253f48f1ddfdfba65e290580ca6558132c6473911e5a54a5a64542e6f701f67796d

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    oso-oso (0.6.0)
+    oso-oso (0.7.0)
       ffi (~> 1.0)
 
 GEM

data/lib/oso/polar/errors.rb

@@ -32,7 +32,6 @@ module Oso
     # Errors originating from this side of the FFI boundary.
 
     class UnregisteredClassError < PolarRuntimeError; end
-    class MissingConstructorError < PolarRuntimeError; end
     class UnregisteredInstanceError < PolarRuntimeError; end
     class DuplicateInstanceRegistrationError < PolarRuntimeError; end
 
@@ -68,6 +67,12 @@ module Oso
       end
     end
 
+    class UnimplementedOperationError < PolarRuntimeError # rubocop:disable Style/Documentation
+      def initialize(operation)
+        super("#{operation} are unimplemented in the oso Ruby library")
+      end
+    end
+
     # Generic operational exception.
     class OperationalError < Error; end
     class UnknownError < OperationalError; end

data/lib/oso/polar/ffi/error.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     module FFI

data/lib/oso/polar/ffi/message.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     module FFI

data/lib/oso/polar/ffi/polar.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     module FFI
@@ -11,6 +13,7 @@ module Oso
 
           attach_function :new, :polar_new, [], FFI::Polar
           attach_function :load, :polar_load, [FFI::Polar, :string, :string], :int32
+          attach_function :clear_rules, :polar_clear_rules, [FFI::Polar], :int32
           attach_function :next_inline_query, :polar_next_inline_query, [FFI::Polar, :uint32], FFI::Query
           attach_function :new_id, :polar_get_external_id, [FFI::Polar], :uint64
           attach_function :new_query_from_str, :polar_new_query, [FFI::Polar, :string, :uint32], FFI::Query
@@ -39,6 +42,13 @@ module Oso
           raise FFI::Error.get if loaded.zero?
         end
 
+        # @raise [FFI::Error] if the FFI call returns an error.
+        def clear_rules
+          cleared = Rust.clear_rules(self)
+          process_messages
+          raise FFI::Error.get if cleared.zero?
+        end
+
         # @return [FFI::Query] if there are remaining inline queries.
         # @return [nil] if there are no remaining inline queries.
         # @raise [FFI::Error] if the FFI call returns an error.
@@ -84,7 +94,7 @@ module Oso
         # @param name [String]
         # @param value [Hash<String, Object>]
         # @raise [FFI::Error] if the FFI call returns an error.
-        def register_constant(name, value:)
+        def register_constant(value, name:)
           registered = Rust.register_constant(self, name, JSON.dump(value))
           raise FFI::Error.get if registered.zero?
         end

data/lib/oso/polar/ffi/query.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     module FFI

data/lib/oso/polar/host.rb

@@ -10,8 +10,6 @@ module Oso
       attr_reader :ffi_polar
       # @return [Hash<String, Class>]
       attr_reader :classes
-      # @return [Hash<String, Object>]
-      attr_reader :constructors
       # @return [Hash<Integer, Object>]
       attr_reader :instances
 
@@ -20,14 +18,12 @@ module Oso
       def initialize(ffi_polar)
         @ffi_polar = ffi_polar
         @classes = {}
-        @constructors = {}
         @instances = {}
       end
 
       def initialize_copy(other)
         @ffi_polar = other.ffi_polar
         @classes = other.classes.dup
-        @constructors = other.constructors.dup
         @instances = other.instances.dup
       end
 
@@ -44,38 +40,18 @@ module Oso
 
       # Store a Ruby class in the {#classes} cache.
       #
-      # @param cls [Class] the class to cache
-      # @param name [String] the name to cache the class as. Defaults to the name of the class.
-      # @param constructor [Proc] optional custom constructor function. Defaults to the :new method.
+      # @param cls [Class] the class to cache.
+      # @param name [String] the name to cache the class as.
       # @return [String] the name the class is cached as.
-      # @raise [UnregisteredClassError] if the class has not been registered.
-      def cache_class(cls, name:, constructor:) # rubocop:disable Metrics/MethodLength
-        name = cls.name if name.nil?
+      # @raise [DuplicateClassAliasError] if attempting to register a class
+      # under a previously-registered name.
+      def cache_class(cls, name:)
         raise DuplicateClassAliasError, name: name, old: get_class(name), new: cls if classes.key? name
 
         classes[name] = cls
-        if constructor.nil?
-          constructors[name] = :new
-        elsif constructor.respond_to? :call
-          constructors[name] = constructor
-        else
-          raise InvalidConstructorError
-        end
         name
       end
 
-      # Fetch a constructor from the {#constructors} cache.
-      #
-      # @param name [String]
-      # @return [Symbol] if constructor is the default of `:new`.
-      # @return [Proc] if a custom constructor was registered.
-      # @raise [MissingConstructorError] if the constructor has not been registered.
-      def get_constructor(name)
-        raise MissingConstructorError, name unless constructors.key? name
-
-        constructors[name]
-      end
-
       # Check if an instance exists in the {#instances} cache.
       #
       # @param id [Integer]
@@ -100,12 +76,12 @@ module Oso
         instances[id]
       end
 
-      # Cache a Ruby instance in the {#instances} cache, fetching a {#new_id}
-      # if one isn't provided.
+      # Cache a Ruby instance in the {#instances} cache, fetching a new id if
+      # one isn't provided.
       #
       # @param instance [Object]
-      # @param id [Integer]
-      # @return [Integer]
+      # @param id [Integer] the instance ID. Generated via FFI if not provided.
+      # @return [Integer] the instance ID.
       def cache_instance(instance, id: nil)
         id = ffi_polar.new_id if id.nil?
         instances[id] = instance
@@ -114,24 +90,17 @@ module Oso
 
       # Construct and cache a Ruby instance.
       #
-      # @param cls_name [String]
-      # @param args [Array<Object>]
-      # @param kwargs [Hash<String, Object>]
-      # @param id [Integer]
+      # @param cls_name [String] name of the instance's class.
+      # @param args [Array<Object>] positional args to the constructor.
+      # @param kwargs [Hash<String, Object>] keyword args to the constructor.
+      # @param id [Integer] the instance ID.
       # @raise [PolarRuntimeError] if instance construction fails.
-      def make_instance(cls_name, args:, kwargs:, id:) # rubocop:disable Metrics/MethodLength
-        constructor = get_constructor(cls_name)
-        # The kwargs.empty? checks are for Ruby < 2.7.
-        instance = if constructor == :new
-                     if kwargs.empty?
-                       get_class(cls_name).__send__(:new, *args)
-                     else
-                       get_class(cls_name).__send__(:new, *args, **kwargs)
-                     end
-                   elsif kwargs.empty?
-                     constructor.call(*args)
+      # @return [Integer] the instance ID.
+      def make_instance(cls_name, args:, kwargs:, id:)
+        instance = if kwargs.empty? # This check is for Ruby < 2.7.
+                     get_class(cls_name).__send__(:new, *args)
                    else
-                     constructor.call(*args, **kwargs)
+                     get_class(cls_name).__send__(:new, *args, **kwargs)
                    end
         cache_instance(instance, id: id)
       rescue StandardError => e

data/lib/oso/polar/polar.rb

@@ -1,10 +1,5 @@
 # frozen_string_literal: true
 
-require 'json'
-require 'pp'
-require 'set'
-require 'digest/md5'
-
 # Missing Ruby type.
 module PolarBoolean; end
 # Monkey-patch Ruby true type.
@@ -52,9 +47,12 @@ module Oso
         register_class String
       end
 
-      # Replace the current Polar instance but retain all registered classes and constructors.
-      def clear
-        @ffi_polar = FFI::Polar.create
+      # Clear all rules and rule sources from the current Polar instance
+      #
+      # @return [self] for chaining.
+      def clear_rules
+        ffi_polar.clear_rules
+        self
       end
 
       # Load a Polar policy file.
@@ -62,6 +60,7 @@ module Oso
       # @param name [String]
       # @raise [PolarFileExtensionError] if provided filename has invalid extension.
       # @raise [PolarFileNotFoundError] if provided filename does not exist.
+      # @return [self] for chaining.
       def load_file(name)
         raise PolarFileExtensionError, name unless File.extname(name) == '.polar'
 
@@ -78,6 +77,7 @@ module Oso
       # @raise [NullByteInPolarFileError] if str includes a non-terminating null byte.
       # @raise [InlineQueryFailedError] on the first failed inline query.
       # @raise [Error] if any of the FFI calls raise one.
+      # @return [self] for chaining.
       def load_str(str, filename: nil) # rubocop:disable Metrics/MethodLength
         raise NullByteInPolarFileError if str.chomp("\0").include?("\0")
 
@@ -92,6 +92,7 @@ module Oso
             raise InlineQueryFailedError, next_query.source
           end
         end
+        self
       end
 
       # Query for a Polar predicate or string.
@@ -129,18 +130,26 @@ module Oso
 
       # Register a Ruby class with Polar.
       #
-      # @param cls [Class]
-      # @param name [String]
-      # @param from_polar [Proc]
-      # @raise [InvalidConstructorError] if provided an invalid 'from_polar' constructor.
-      def register_class(cls, name: nil, from_polar: nil)
-        from_polar = Proc.new if block_given?
-        name = host.cache_class(cls, name: name, constructor: from_polar)
-        register_constant(name, value: cls)
+      # @param cls [Class] the class to register.
+      # @param name [String] the name to register the class as. Defaults to the name of the class.
+      # @raise [DuplicateClassAliasError] if attempting to register a class
+      # under a previously-registered name.
+      # @raise [FFI::Error] if the FFI call returns an error.
+      # @return [self] for chaining.
+      def register_class(cls, name: nil)
+        name = host.cache_class(cls, name: name || cls.name)
+        register_constant(cls, name: name)
       end
 
-      def register_constant(name, value:)
-        ffi_polar.register_constant(name, value: host.to_polar(value))
+      # Register a Ruby object with Polar.
+      #
+      # @param value [Object] the object to register.
+      # @param name [String] the name to register the object as.
+      # @return [self] for chaining.
+      # @raise [FFI::Error] if the FFI call returns an error.
+      def register_constant(value, name:)
+        ffi_polar.register_constant(host.to_polar(value), name: name)
+        self
       end
 
       # Start a REPL session.
@@ -162,10 +171,6 @@ module Oso
 
       # @return [FFI::Polar]
       attr_reader :ffi_polar
-      # @return [Hash<String, String>]
-      attr_reader :loaded_names
-      # @return [Hash<String, String>]
-      attr_reader :loaded_contents
 
       # The R and L in REPL for systems where readline is available.
       def repl_readline(prompt)

data/lib/oso/polar/query.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Oso
   module Polar
     # A single Polar query.
@@ -169,6 +171,8 @@ module Oso
               end
               command = JSON.dump(host.to_polar(input))
               ffi_query.debug_command(command)
+            when 'ExternalOp'
+              raise UnimplementedOperationError, 'comparison operators'
             else
               raise "Unhandled event: #{JSON.dump(event.inspect)}"
             end

data/lib/oso/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Oso
-  VERSION = '0.6.0'
+  VERSION = '0.7.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oso-oso
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Oso Security, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-09-22 00:00:00.000000000 Z
+date: 2020-10-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi