oso-oso 0.7.0 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 73b2001f3721fd450aaebcdf348ac8d05f1452f1
-  data.tar.gz: bf829788c21e9eb8b91ce05504800df3b13fd4fe
+  metadata.gz: c567d76126dbe08f29eb4f7c3bec635a17224718
+  data.tar.gz: a9632184c981bcd2501d21da0dbe8850c6b53446
 SHA512:
-  metadata.gz: 1590f8019ec1a5e13f8bb5b5f39a65a6e304d427312ea6996e41d6dfb56c0632a31d780dc55a9815734c7e3b6861d823a36878f46b26441d39c51296114b3086
-  data.tar.gz: 5dbcc691578bdcf01864895ab305aa9a97f7924e0f77a7ce33193dc047c99253f48f1ddfdfba65e290580ca6558132c6473911e5a54a5a64542e6f701f67796d
+  metadata.gz: 12d72946b6e4af9d109757b6fcc0f983e2bf2f53df5dbd6f02d13ec4e0ff46c3a42adceaec2cc5c8433481dc48d5742290ce7ea469bcad55120f70feb21a7460
+  data.tar.gz: a0914390d8667609a6d908c50212899111cc2324f9283383d9e17e6863cafa31bf6752ca4b975760e8c3c20714d3bed6defc4df26e95b05765336e00d8c99688

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    oso-oso (0.7.0)
+    oso-oso (0.9.0)
       ffi (~> 1.0)
 
 GEM

data/lib/oso.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
-require 'oso/http'
 require 'oso/oso'
-require 'oso/path_mapper'
 require 'oso/polar'
 require 'oso/version'
 

data/lib/oso/oso.rb

@@ -7,8 +7,6 @@ module Oso
   class Oso < Polar::Polar
     def initialize
       super
-      register_class(Http, name: 'Http')
-      register_class(PathMapper, name: 'PathMapper')
     end
 
     # Query the knowledge base to determine whether an actor is allowed to

data/lib/oso/polar/errors.rb

@@ -38,6 +38,7 @@ module Oso
     # TODO: I think this should probably have some arguments to say what the call is
     class InvalidCallError < PolarRuntimeError; end
     class InvalidConstructorError < PolarRuntimeError; end
+    class InvalidIteratorError < PolarRuntimeError; end
     class InvalidQueryTypeError < PolarRuntimeError; end
     class NullByteInPolarFileError < PolarRuntimeError; end
     class UnexpectedPolarTypeError < PolarRuntimeError; end

data/lib/oso/polar/polar.rb

@@ -38,6 +38,9 @@ module Oso
         @ffi_polar = FFI::Polar.create
         @host = Host.new(ffi_polar)
 
+        # Register global constants.
+        register_constant nil, name: 'nil'
+
         # Register built-in classes.
         register_class PolarBoolean, name: 'Boolean'
         register_class Integer

data/lib/oso/polar/query.rb

@@ -36,33 +36,6 @@ module Oso
         ffi_query.question_result(result, call_id: call_id)
       end
 
-      # Register a Ruby method call, wrapping the call result in a generator if
-      # it isn't already one.
-      #
-      # @param method [#to_sym]
-      # @param call_id [Integer]
-      # @param instance [Hash<String, Object>]
-      # @param args [Array<Hash>]
-      # @raise [InvalidCallError] if the method doesn't exist on the instance or
-      #   the args passed to the method are invalid.
-      def register_call(attribute, call_id:, instance:, args:, kwargs:) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
-        return if calls.key?(call_id)
-
-        instance = host.to_ruby(instance)
-        args = args.map { |a| host.to_ruby(a) }
-        kwargs = Hash[kwargs.map { |k, v| [k.to_sym, host.to_ruby(v)] }]
-        # The kwargs.empty? check is for Ruby < 2.7.
-        result = if kwargs.empty?
-                   instance.__send__(attribute, *args)
-                 else
-                   instance.__send__(attribute, *args, **kwargs)
-                 end
-        result = [result].to_enum unless result.is_a? Enumerator # Call must be a generator.
-        calls[call_id] = result.lazy
-      rescue ArgumentError, NoMethodError
-        raise InvalidCallError
-      end
-
       # Send next result of Ruby method call across FFI boundary.
       #
       # @param result [String]
@@ -97,13 +70,33 @@ module Oso
       # @param call_id [Integer]
       # @param instance [Hash<String, Object>]
       # @raise [Error] if the FFI call raises one.
-      def handle_call(attribute, call_id:, instance:, args:, kwargs:)
-        register_call(attribute, call_id: call_id, instance: instance, args: args, kwargs: kwargs)
-        result = JSON.dump(next_call_result(call_id))
+      def handle_call(attribute, call_id:, instance:, args:, kwargs:) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+        instance = host.to_ruby(instance)
+        args = args.map { |a| host.to_ruby(a) }
+        kwargs = Hash[kwargs.map { |k, v| [k.to_sym, host.to_ruby(v)] }]
+        # The kwargs.empty? check is for Ruby < 2.7.
+        result = if kwargs.empty?
+                   instance.__send__(attribute, *args)
+                 else
+                   instance.__send__(attribute, *args, **kwargs)
+                 end
+        result = JSON.dump(host.to_polar(result))
         call_result(result, call_id: call_id)
-      rescue InvalidCallError => e
+      rescue ArgumentError, NoMethodError => e
         application_error(e.message)
         call_result(nil, call_id: call_id)
+      end
+
+      def handle_next_external(call_id, iterable)
+        unless calls.key? call_id
+          value = host.to_ruby iterable
+          raise InvalidIteratorError unless value.is_a? Enumerable
+
+          calls[call_id] = value.lazy
+        end
+
+        result = JSON.dump(next_call_result(call_id))
+        call_result(result, call_id: call_id)
       rescue StopIteration
         call_result(nil, call_id: call_id)
       end
@@ -173,6 +166,10 @@ module Oso
               ffi_query.debug_command(command)
             when 'ExternalOp'
               raise UnimplementedOperationError, 'comparison operators'
+            when 'NextExternal'
+              call_id = event.data['call_id']
+              iterable = event.data['iterable']
+              handle_next_external(call_id, iterable)
             else
               raise "Unhandled event: #{JSON.dump(event.inspect)}"
             end

data/lib/oso/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Oso
-  VERSION = '0.7.0'
+  VERSION = '0.9.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oso-oso
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.9.0
 platform: ruby
 authors:
 - Oso Security, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-10-13 00:00:00.000000000 Z
+date: 2020-12-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -130,9 +130,7 @@ files:
 - ext/oso-oso/lib/libpolar.so
 - ext/oso-oso/lib/polar.dll
 - lib/oso.rb
-- lib/oso/http.rb
 - lib/oso/oso.rb
-- lib/oso/path_mapper.rb
 - lib/oso/polar.rb
 - lib/oso/polar/errors.rb
 - lib/oso/polar/ffi.rb

data/lib/oso/http.rb

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-module Oso
-  # An HTTP resource.
-  class Http
-    def initialize(hostname, path, query)
-      @hostname = hostname
-      @path = path
-      @query = query
-    end
-
-    private
-
-    attr_reader :hostname, :path, :query
-  end
-end

data/lib/oso/path_mapper.rb

@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-module Oso
-  # Map from a template string with capture groups of the form
-  # `{name}` to a dictionary of the form `{name: captured_value}`
-  class PathMapper
-    def initialize(template)
-      capture_group = /({([^}]+)})/
-
-      template = template.dup
-      template.scan(capture_group).each do |outer, inner|
-        template = if inner == '*'
-                     template.gsub! outer, '.*'
-                   else
-                     template.gsub! outer, "(?<#{inner}>[^/]+)"
-                   end
-      end
-      @pattern = /\A#{template}\Z/
-    end
-
-    def map(string)
-      string.match(pattern)&.named_captures || {}
-    end
-
-    private
-
-    attr_reader :pattern
-  end
-end