passwordstate 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: ab1c9b2c6cb3727612e991d77631ddf61d266c7a0b5ba26a5c835b5d349c51e6
+  data.tar.gz: 18f155663d7592f40c0dd54b09b13d075c0e2d1265a1e993ad1c2cc7811e1e3d
+SHA512:
+  metadata.gz: d3ad29d420d8bfb75bd7418747933716914b311fd87c8d50ee83451aed8de2a06d363ec2709823b3a3be11bfe68ea510359ab93638a483d45dcdd80fb1744b37
+  data.tar.gz: 6ddc4c5bcd72c5a03da7f046eeca3fec8113ba23c88d71a5d45901923ff01b0294eddf9dfa02cd937bc70698869bbdd68beb69673732a177879087ea159a251d

data/.gitignore

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/vendor/
+Gemfile.lock

data/.gitlab-ci.yml

@@ -0,0 +1,19 @@
+---
+image: "ruby:2.4"
+
+# Cache gems in between builds
+cache:
+  paths:
+    - vendor/ruby
+
+before_script:
+  - gem install bundler  --no-ri --no-rdoc
+  - bundle install -j $(nproc) --path vendor
+
+rubocop:
+  script:
+    - bundle exec rubocop
+
+# rspec:
+#   script:
+#   - rspec spec

data/.rubocop.yml

@@ -0,0 +1,65 @@
+---
+AllCops:
+  TargetRubyVersion: 2.4
+  Exclude:
+    - '*.spec'
+    - 'Rakefile'
+    - 'vendor/**/*'
+
+# Don't enforce documentation
+Style/Documentation:
+  Enabled: false
+
+Style/FrozenStringLiteralComment:
+  Enabled: false
+
+Style/MultilineBlockChain:
+  Enabled: false
+
+Style/SafeNavigation:
+  Enabled: false
+
+Layout/ClosingHeredocIndentation:
+  Enabled: false
+
+Layout/IndentHeredoc:
+  Enabled: false
+
+Metrics/PerceivedComplexity:
+  Enabled: false
+
+Metrics/CyclomaticComplexity:
+  Enabled: false
+
+Style/RescueModifier:
+  Enabled: false
+
+Metrics/MethodLength:
+  Max: 40
+
+Metrics/LineLength:
+  Max: 190
+
+Metrics/AbcSize:
+  Enabled: false
+
+Performance/FixedSize:
+  Exclude:
+    - 'test/**/*'
+
+Metrics/BlockLength:
+  Exclude:
+    - 'test/**/*'
+
+Metrics/ClassLength:
+  Max: 200
+  Exclude:
+    - 'test/**/*'
+
+Lint/AmbiguousBlockAssociation:
+  Enabled: false
+
+Style/ClassAndModuleChildren:
+  Exclude:
+    - 'test/**/*'
+    - 'app/controllers/concerns/foreman/**/*'

data/Gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in passwordstate.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 Alexander Olofsson
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,46 @@
+# Passwordstate
+
+A ruby gem for communicating with a Passwordstate instance
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'passwordstate'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install passwordstate
+
+## Usage example
+
+```irb
+irb(main):001:0> require 'passwordstate'
+irb(main):002:0> client = Passwordstate::Client.new 'https://passwordstate', username: 'user', password: 'password'
+irb(main):003:0> #        Passwordstate::Client.new 'https://passwordstate', apikey: 'key'
+irb(main):004:0> client.folders
+=> [#<Passwordstate::Resources::Folder:0x000055ed493636e8 @folder_name="Example", @folder_id=2, @tree_path="\\Example">, #<Passwordstate::Resources::Folder:0x000055ed49361fa0 @folder_name="Folder", @folder_id=3, @tree_path="\\Example\\Folder">]
+irb(main):005:0> client.password_lists.get(7).passwords
+=> [#<Passwordstate::Resources::Password:0x0000555fda8acdb8 @title="Webserver1", @user_name="test_web_account", @account_type_id=0, @password="[ REDACTED ]", @allow_export=false, @password_id=2>, #<Passwordstate::Resources::Password:0x0000555fda868640 @title="Webserver2", @user_name="test_web_account2", @account_type_id=0, @password="[ REDACTED ]", @allow_export=false, @password_id=3>, #<Passwordstate::Resources::Password:0x0000555fda84da48 @title="Webserver3", @user_name="test_web_account3", @account_type_id=0, @password="[ REDACTED ]", @allow_export=false, @password_id=4>]
+irb(main):006:0> pw = client.password_lists.first.passwords.create title: 'example', user_name: 'someone', generate_password: true
+=> #<Passwordstate::Resources::Password:0x0000555fdaf9ce98 @title="example", @user_name="someone", @account_type_id=0, @password="[ REDACTED ]", @allow_export=true, @password_id=12, @generate_password=true, @password_list_id=6>
+irb(main):007:0> pw.password
+=> "millionfE2rMrcb2LngBTHnDyxdpsGSmK3"
+irb(main):008:0> pw.delete
+=> true
+```
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/ananace/ruby-passwordstate
+The project lives at https://gitlab.liu.se/ITI/ruby-passwordstate
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,10 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/*_test.rb"]
+end
+
+task :default => :test

data/lib/passwordstate.rb

@@ -0,0 +1,20 @@
+require 'logging'
+require 'passwordstate/client'
+require 'passwordstate/errors'
+require 'passwordstate/resource'
+require 'passwordstate/resource_list'
+require 'passwordstate/util'
+require 'passwordstate/version'
+
+module Passwordstate
+  def self.debug!
+    logger.level = :debug
+  end
+
+  def self.logger
+    @logger ||= Logging.logger[self].tap do |logger|
+      logger.add_appenders Logging.appenders.stdout
+      logger.level = :warn
+    end
+  end
+end

data/lib/passwordstate/client.rb

@@ -0,0 +1,138 @@
+require 'json'
+
+module Passwordstate
+  class Client
+    USER_AGENT = "RubyPasswordstate/#{Passwordstate::VERSION}".freeze
+    DEFAULT_HEADERS = {
+      'accept'       => 'application/json',
+      'user-agent'   => USER_AGENT
+    }.freeze
+
+    attr_accessor :server_url, :auth_data, :headers, :validate_certificate
+    attr_writer :api_type
+
+    def initialize(url, options = {})
+      @server_url = URI(url)
+      @validate_certificate = true
+      @headers = DEFAULT_HEADERS
+      @auth_data = options.select { |k, _v| %i[apikey username password].include? k }
+      @api_type = options.fetch(:api_type) if options.key? :api_type
+    end
+
+    def logger
+      @logger ||= Logging.logger[self]
+    end
+
+    def api_type
+      @api_type || (auth_data.key?(:apikey) ? :api : :winapi)
+    end
+
+    def folders
+      ResourceList.new self, Passwordstate::Resources::Folder,
+                       only: %i[all search post]
+    end
+
+    def hosts
+      ResourceList.new self, Passwordstate::Resources::Host,
+                       only: %i[search post delete]
+    end
+
+    def passwords
+      ResourceList.new self, Passwordstate::Resources::Password
+    end
+
+    def password_lists
+      ResourceList.new self, Passwordstate::Resources::PasswordList,
+                       except: %i[put delete]
+    end
+
+    def valid?
+      version
+      true
+    rescue StandardError
+      false
+    end
+
+    def version
+      @version ||= begin
+        html = request(:get, '', allow_html: true)
+        version = html.find_line { |line| line.include? '<span>V</span>' }
+        version = />(\d\.\d) \(Build (.+)\)</.match(version)
+        "#{version[1]}.#{version[2]}"
+      end
+    end
+
+    def request(method, api_path, options = {})
+      uri = URI(server_url + "/#{api_type}/" + api_path)
+      uri.query = URI.encode_www_form(options.fetch(:query)) if options.key? :query
+      uri.query = nil if uri.query&.empty?
+
+      req_obj = Net::HTTP.const_get(method.to_s.capitalize.to_sym).new uri
+      if options.key? :body
+        req_obj.body = options.fetch(:body)
+        req_obj.body = req_obj.body.to_json unless req_obj.body.is_a?(String)
+        req_obj['content-type'] = 'application/json'
+      end
+
+      req_obj.ntlm_auth(auth_data[:username], auth_data[:password]) if api_type == :winapi
+      headers.each { |h, v| req_obj[h] = v }
+      req_obj['APIKey'] = auth_data[:apikey] if api_type == :api
+
+      print_http req_obj
+      res_obj = http.request req_obj
+      print_http res_obj
+
+      return true if res_obj.is_a? Net::HTTPNoContent
+
+      data = JSON.parse(res_obj.body) rescue nil
+      if data
+        return data if res_obj.is_a? Net::HTTPSuccess
+        data = data&.first
+        raise Passwordstate::HTTPError.new(res_obj.code, data&.fetch('errors', []) || [])
+      else
+        return res_obj.body if options.fetch(:allow_html, false)
+        raise Passwordstate::PasswordstateError, 'Response was not parseable as JSON'
+      end
+    end
+
+    def inspect
+      "#{to_s[0..-2]} #{instance_variables.reject { |k| %i[@auth_data @http @logger].include? k }.map { |k| "#{k}=#{instance_variable_get(k).inspect}" }.join ', '}>"
+    end
+
+    private
+
+    def http
+      @http ||= Net::HTTP.new server_url.host, server_url.port
+      return @http if @http.active?
+
+      @http.use_ssl = server_url.scheme == 'https'
+      @http.verify_mode = validate_certificate ? ::OpenSSL::SSL::VERIFY_NONE : nil
+      @http.start
+    end
+
+    def print_http(http)
+      return unless logger.debug?
+
+      if http.is_a? Net::HTTPRequest
+        dir = '>'
+        logger.debug "#{dir} Sending a #{http.method} request to `#{http.path}`:"
+      else
+        dir = '<'
+        logger.debug "#{dir} Received a #{http.code} #{http.message} response:"
+      end
+      http.to_hash.map { |k, v| "#{k}: #{%w[authorization apikey].include?(k.downcase) ? '[redacted]' : v.join(', ')}" }.each do |h|
+        logger.debug "#{dir} #{h}"
+      end
+      logger.debug dir
+
+      return if http.body.nil?
+      clean_body = JSON.parse(http.body) rescue nil
+      if clean_body
+        clean_body = clean_body.each { |k, v| v.replace('[ REDACTED ]') if k.is_a?(String) && %w[password apikey].include?(k.downcase) }.to_json if http.body
+      else
+        clean_body = http.body
+      end
+      logger.debug "#{dir} #{clean_body.length < 200 ? clean_body : clean_body.slice(0..200) + "... [truncated, #{clean_body.length} Bytes]"}" if clean_body
+    end
+  end
+end

data/lib/passwordstate/errors.rb

@@ -0,0 +1,17 @@
+module Passwordstate
+  class PasswordstateError < RuntimeError; end
+
+  class HTTPError < PasswordstateError
+    attr_reader :code, :errors
+
+    def initialize(code, errors = [])
+      @code = code.to_i
+      @errors = errors
+
+      super <<-ERRMSG
+Passwordstate responded with an error to the request;
+#{errors.map { |err| err['message'] || err['phrase'] }.join(', ')}
+ERRMSG
+    end
+  end
+end

data/lib/passwordstate/resource.rb

@@ -0,0 +1,222 @@
+module Passwordstate
+  # A simple resource DSL
+  class Resource
+    attr_reader :client
+
+    def get(query = {})
+      set! self.class.get(client, send(self.class.index_field), query)
+    end
+
+    def put(body = {}, query = {})
+      to_send = modified.merge(self.class.index_field => send(self.class.index_field))
+      set! self.class.put(client, to_send.merge(body), query).first
+    end
+
+    def post(body = {}, query = {})
+      set! self.class.post(client, attributes.merge(body), query)
+    end
+
+    def delete(query = {})
+      self.class.delete(client, send(self.class.index_field), query)
+    end
+
+    def initialize(data)
+      @client = data.delete :_client
+      set! data, false
+      old
+    end
+
+    def stored?
+      !send(self.class.index_field).nil?
+    end
+
+    def self.all(client, query = {})
+      path = query.fetch(:_api_path, api_path)
+      query = passwordstateify_hash query.reject { |k| k.to_s.start_with? '_' }
+
+      [client.request(:get, path, query: query)].flatten.map do |object|
+        new object.merge(_client: client)
+      end
+    end
+
+    def self.get(client, object, query = {})
+      path = query.fetch(:_api_path, api_path)
+      query = passwordstateify_hash query.reject { |k| k.to_s.start_with? '_' }
+
+      object = object.send(object.class.send(index_field)) if object.is_a? Resource
+      resp = client.request(:get, "#{path}/#{object}", query: query).map do |data|
+        new data.merge(_client: client)
+      end
+      return resp.first if resp.one? || resp.empty?
+      resp
+    end
+
+    def self.post(client, data, query = {})
+      path = query.fetch(:_api_path, api_path)
+      data = passwordstateify_hash data
+      query = passwordstateify_hash query.reject { |k| k.to_s.start_with? '_' }
+
+      new [client.request(:post, path, body: data, query: query)].flatten.first.merge(_client: client)
+    end
+
+    def self.put(client, data, query = {})
+      path = query.fetch(:_api_path, api_path)
+      data = passwordstateify_hash data
+      query = passwordstateify_hash query.reject { |k| k.to_s.start_with? '_' }
+
+      client.request :put, path, body: data, query: query
+    end
+
+    def self.delete(client, object, query = {})
+      path = query.fetch(:_api_path, api_path)
+      query = passwordstateify_hash query.reject { |k| k.to_s.start_with? '_' }
+
+      object = object.send(object.class.send(index_field)) if object.is_a? Resource
+      client.request :delete, "#{path}/#{object}", query: query
+    end
+
+    def self.passwordstateify_hash(hash)
+      Hash[hash.map  { |k, v| [ruby_to_passwordstate_field(k), v] }]
+    end
+
+    def api_path
+      self.class.instance_variable_get :@api_path
+    end
+
+    def attributes(ignore_redact = true)
+      Hash[(self.class.send(:accessor_field_names) + self.class.send(:read_field_names) + self.class.send(:write_field_names)).map do |field|
+        redact = self.class.send(:field_options)[field]&.fetch(:redact, false) && !ignore_redact
+        value = instance_variable_get("@#{field}".to_sym) unless redact
+        value = '[ REDACTED ]' if redact
+        [field, value]
+      end].reject { |_k, v| v.nil? }
+    end
+
+    def inspect
+      "#{to_s[0..-2]} #{attributes(false).reject { |_k, v| v.nil? }.map { |k, v| "@#{k}=#{v.inspect}" }.join(', ')}>"
+    end
+
+    protected
+
+    def modified
+      attribs = attributes
+      attribs.reject { |field| old[field] == attribs[field] }
+    end
+
+    def modified?(field)
+      modified.include? field
+    end
+
+    def old
+      @old ||= attributes.dup
+    end
+
+    def set!(data, store_old = true)
+      @old = attributes.dup if store_old
+      data = data.attributes if data.is_a? Passwordstate::Resource
+      data.each do |key, value|
+        field = self.class.passwordstate_to_ruby_field(key)
+        opts = self.class.send(:field_options)[field]
+
+        value = nil if value.is_a?(String) && value.empty?
+
+        if !value.nil? && opts&.key?(:is)
+          klass = opts.fetch(:is)
+          parsed_value = klass.send :parse, value rescue nil if klass.respond_to? :parse
+          parsed_value ||= klass.send :new, value rescue nil if klass.respond_to? :new
+        end
+
+        instance_variable_set "@#{field}".to_sym, parsed_value || value
+      end
+      self
+    end
+
+    class << self
+      alias search all
+
+      def api_path(path = nil)
+        @api_path = path unless path.nil?
+        @api_path
+      end
+
+      def index_field(field = nil)
+        @index_field = field unless field.nil?
+        @index_field
+      end
+
+      def passwordstate_to_ruby_field(field)
+        opts = send(:field_options).find { |(_k, v)| v[:name] == field }
+        opts&.first || field.to_s.snake_case.to_sym
+      end
+
+      def ruby_to_passwordstate_field(field)
+        send(:field_options)[field]&.[](:name) || field.to_s.camel_case
+      end
+
+      protected
+
+      def accessor_field_names
+        @accessor_field_names ||= []
+      end
+
+      def read_field_names
+        @read_field_names ||= []
+      end
+
+      def write_field_names
+        @write_field_names ||= []
+      end
+
+      def field_options
+        @field_options ||= {}
+      end
+
+      def read_only
+        # TODO
+      end
+
+      def accessor_fields(*fields)
+        fields.each do |field|
+          if field.is_a? Symbol
+            accessor_field_names << field
+            attr_accessor field
+          else
+            field_options[accessor_field_names.last] = field
+          end
+        end
+      end
+
+      def read_fields(*fields)
+        fields.each do |field|
+          if field.is_a? Symbol
+            read_field_names << field
+            attr_reader field
+          else
+            field_options[read_field_names.last] = field
+          end
+        end
+      end
+
+      def write_fields(*fields)
+        fields.each do |field|
+          if field.is_a? Symbol
+            write_field_names << field
+            attr_writer field
+          else
+            field_options[write_field_names.last] = field
+          end
+        end
+      end
+    end
+  end
+
+  module Resources
+    autoload :Document,        'passwordstate/resources/document'
+    autoload :Folder,          'passwordstate/resources/folder'
+    autoload :Host,            'passwordstate/resources/host'
+    autoload :PasswordList,    'passwordstate/resources/password_list'
+    autoload :Password,        'passwordstate/resources/password'
+    autoload :PasswordHistory, 'passwordstate/resources/password'
+    autoload :Report,          'passwordstate/resources/report'
+  end
+end

data/lib/passwordstate/resource_list.rb

@@ -0,0 +1,126 @@
+module Passwordstate
+  class ResourceList < Array
+    Array.public_instance_methods(false).each do |method|
+      next if %i[reject select slice clear inspect].include?(method.to_sym)
+      class_eval <<-EVAL, __FILE__, __LINE__ + 1
+        def #{method}(*args)
+          lazy_load unless @loaded
+          super
+        end
+      EVAL
+    end
+
+    %w[reject select slice].each do |method|
+      class_eval <<-EVAL, __FILE__, __LINE__ + 1
+        def #{method}(*args)
+          lazy_load unless @loaded
+          data = super
+          self.clone.clear.concat(data)
+        end
+      EVAL
+    end
+
+    def inspect
+      lazy_load unless @loaded
+      super
+    end
+
+    attr_reader :client, :resource, :options
+
+    def initialize(client, resource, options = {})
+      @client = client
+      @resource = resource
+      @loaded = false
+      @options = options
+
+      options[:only] = [options[:only]].flatten if options.key? :only
+      options[:except] = [options[:except]].flatten if options.key? :except
+    end
+
+    def clear
+      @loaded = super
+    end
+
+    def reload
+      clear && lazy_load
+      self
+    end
+
+    def load(entries)
+      clear && entries.each { |obj| self << obj }
+      true
+    end
+
+    def operation_supported?(operation)
+      return nil unless %i[search all get post put delete].include?(operation)
+      return false if options.key?(:only) && !options[:only].include?(operation)
+      return false if options.key?(:except) && options[:except].include?(operation)
+      !options.fetch("#{operation}_path".to_sym, '').nil?
+    end
+
+    def new(data)
+      resource.new options.fetch(:object_data, {}).merge(data).merge(_client: client)
+    end
+
+    def create(data)
+      raise 'Operation not supported' unless operation_supported?(:post)
+      obj = resource.new options.fetch(:object_data, {}).merge(data).merge(_client: client)
+      obj.post
+      obj
+    end
+
+    def search(query = {})
+      raise 'Operation not supported' unless operation_supported?(:search)
+      api_path = options.fetch(:search_path, resource.api_path)
+      query = options.fetch(:search_query, {}).merge(query)
+
+      resource.search(client, query.merge(_api_path: api_path))
+    end
+
+    def all(query = {})
+      raise 'Operation not supported' unless operation_supported?(:all)
+      api_path = options.fetch(:all_path, resource.api_path)
+      query = options.fetch(:all_query, {}).merge(query)
+
+      load resource.all(client, query.merge(_api_path: api_path))
+    end
+
+    def get(id, query = {})
+      raise 'Operation not supported' unless operation_supported?(:get)
+      api_path = options.fetch(:get_path, resource.api_path)
+      query = options.fetch(:get_query, {}).merge(query)
+
+      resource.get(client, id, query.merge(_api_path: api_path))
+    end
+
+    def post(data, query = {})
+      raise 'Operation not supported' unless operation_supported?(:post)
+      api_path = options.fetch(:post_path, resource.api_path)
+      query = options.fetch(:post_query, {}).merge(query)
+
+      resource.post(client, data, query.merge(_api_path: api_path))
+    end
+
+    def put(data, query = {})
+      raise 'Operation not supported' unless operation_supported?(:put)
+      api_path = options.fetch(:put_path, resource.api_path)
+      query = options.fetch(:put_query, {}).merge(query)
+
+      resource.put(client, data, query.merge(_api_path: api_path))
+    end
+
+    def delete(id, query = {})
+      raise 'Operation not supported' unless operation_supported?(:delete)
+      api_path = options.fetch(:delete_path, resource.api_path)
+      query = options.fetch(:delete_query, {}).merge(query)
+
+      resource.delete(client, id, query.merge(_api_path: api_path))
+    end
+
+    private
+
+    def lazy_load
+      all
+    end
+  end
+end

data/lib/passwordstate/resources/document.rb

@@ -0,0 +1,20 @@
+module Passwordstate
+  module Resources
+    class Document < Passwordstate::Resource
+      api_path 'document'
+
+      index_field :document_id
+
+      read_fields :document_id, { name: 'DocumentID' },
+                  :document_name
+
+      def self.search(client, store, options = {})
+        client.request :get, "#{api_path}/#{store}/", query: options
+      end
+
+      def self.get(client, store, object)
+        client.request :get, "#{api_path}/#{store}/#{object}"
+      end
+    end
+  end
+end

data/lib/passwordstate/resources/folder.rb

@@ -0,0 +1,25 @@
+module Passwordstate
+  module Resources
+    class Folder < Passwordstate::Resource
+      api_path 'folders'
+
+      index_field :folder_id
+
+      accessor_fields :folder_name,
+                      :description
+
+      read_fields :folder_id, { name: 'FolderID' },
+                  :tree_path,
+                  :site_id, { name: 'SiteID' },
+                  :site_location
+
+      def password_lists
+        Passwordstate::ResourceList.new client, Passwordstate::Resources::PasswordList,
+                                        search_query: { tree_path: tree_path },
+                                        all_path: 'searchpasswordlists',
+                                        all_query: { tree_path: tree_path },
+                                        object_data: { nest_undef_folder_id: folder_id }
+      end
+    end
+  end
+end

data/lib/passwordstate/resources/host.rb

@@ -0,0 +1,32 @@
+require 'ipaddr'
+
+module Passwordstate
+  module Resources
+    class Host < Passwordstate::Resource
+      api_path 'hosts'
+
+      index_field :host_name
+
+      accessor_fields :host_name,
+                      :host_type,
+                      :operating_system,
+                      :database_server_type,
+                      :sql_instance_name, { name: 'SQLInstanceName' },
+                      :database_port_number,
+                      :remote_connection_type,
+                      :remote_connection_port_number,
+                      :remote_connection_parameters,
+                      :tag,
+                      :title,
+                      :site_id, { name: 'SiteID' },
+                      :internal_ip, { name: 'InternalIP', is: IPAddr },
+                      :external_ip, { name: 'ExternalIP', is: IPAddr },
+                      :mac_address, { name: 'MACAddress' },
+                      :virtual_machine,
+                      :virtual_machine_type,
+                      :notes
+
+      read_fields :host_id, { name: 'HostID' } # rubocop:disable Style/BracesAroundHashParameters
+    end
+  end
+end

data/lib/passwordstate/resources/password.rb

@@ -0,0 +1,134 @@
+module Passwordstate
+  module Resources
+    class Password < Passwordstate::Resource
+      api_path 'passwords'
+
+      index_field :password_id
+
+      accessor_fields :title,
+                      :domain,
+                      :host_name,
+                      :user_name,
+                      :description,
+                      :generic_field_1,
+                      :generic_field_2,
+                      :generic_field_3,
+                      :generic_field_4,
+                      :generic_field_5,
+                      :generic_field_6,
+                      :generic_field_7,
+                      :generic_field_8,
+                      :generic_field_9,
+                      :generic_field_10,
+                      :account_type_id, { name: 'AccountTypeID' },
+                      :account_type,
+                      :notes,
+                      :url,
+                      :password, { redact: true },
+                      :expiry_date, { is: Time },
+                      :allow_export,
+                      :web_user_id, { name: 'WebUser_ID' },
+                      :web_password_id, { name: 'WebPassword_ID' } # rubocop:disable Style/BracesAroundHashParameters
+
+      read_fields :password_id, { name: 'PasswordID' } # rubocop:disable Style/BracesAroundHashParameters
+
+      # Things that can be set in a POST/PUT request
+      # TODO: Do this properly
+      write_fields :generate_password,
+                   :generate_gen_field_password,
+                   :password_reset_enabled,
+                   :enable_password_reset_schedule,
+                   :password_reset_schedule,
+                   :add_days_to_expiry_date,
+                   :script_id, { name: 'ScriptID' },
+                   :password_list_id, { name: 'PasswordListID' }, # POST only
+                   :privileged_account_id,
+                   :heartbeat_enabled,
+                   :heartbeat_schedule,
+                   :validation_script_id, { name: 'ValidationScriptID' },
+                   :host_name,
+                   :ad_domain_netbios, { name: 'ADDomainNetBIOS' },
+                   :validate_with_priv_account
+
+      def check_in
+        client.request :get, "passwords/#{password_id}", query: passwordstatify_hash(check_in: nil)
+      end
+
+      def history
+        raise 'Password history only available on stored passwords' unless stored?
+        Passwordstate::ResourceList.new client, PasswordHistory,
+                                        all_path: "passwordhistory/#{password_id}",
+                                        only: :all
+      end
+
+      def delete(recycle = false, query = {})
+        super query.merge(move_to_recycle_bin: recycle)
+      end
+
+      def add_dependency(data = {})
+        raise 'Password dependency creation only available for stored passwords' unless stored?
+        client.request :post, 'dependencies', body: self.class.passwordstatify_hash(data.merge(password_id: password_id))
+      end
+
+      def self.all(client, query = {})
+        super client, { query_all: true }.merge(query)
+      end
+
+      def self.search(client, query = {})
+        super client, query.merge(_api_path: 'searchpassword')
+      end
+
+      def self.generate(client, options = {})
+        results = client.request(:get, 'generatepassword', query: options).map { |r| r['Password'] }
+        return results.first if results.count == 1
+        results
+      end
+    end
+
+    class PasswordHistory < Passwordstate::Resource
+      read_only
+
+      api_path 'passwordhistory'
+
+      index_field :password_history_id
+
+      read_fields :password_history_id, { name: 'PasswordHistoryID' },
+                  :date_changed, { is: Time },
+                  :password_list,
+                  :user_id, { name: 'UserID' },
+                  :first_name,
+                  :surname
+
+      # Password object fields
+      read_fields :title,
+                  :domain,
+                  :host_name,
+                  :user_name,
+                  :description,
+                  :generic_field_1,
+                  :generic_field_2,
+                  :generic_field_3,
+                  :generic_field_4,
+                  :generic_field_5,
+                  :generic_field_6,
+                  :generic_field_7,
+                  :generic_field_8,
+                  :generic_field_9,
+                  :generic_field_10,
+                  :account_type_id, { name: 'AccountTypeID' },
+                  :account_type,
+                  :notes,
+                  :url,
+                  :password, { redact: true },
+                  :password_id, { name: 'PasswordID' },
+                  :expiry_date, { is: Time },
+                  :allow_export,
+                  :web_user_id, { name: 'WebUser_ID' },
+                  :web_password_id, { name: 'WebPassword_ID' } # rubocop:disable Style/BracesAroundHashParameters
+
+      def get
+        raise 'Not applicable'
+      end
+    end
+  end
+end

data/lib/passwordstate/resources/password_list.rb

@@ -0,0 +1,54 @@
+module Passwordstate
+  module Resources
+    class PasswordList < Passwordstate::Resource
+      api_path 'passwordlists'
+
+      index_field :password_list_id
+
+      accessor_fields :password_list,
+                      :description,
+                      :image_file_name,
+                      :guide,
+                      :allow_export,
+                      :private_password_list,
+                      :time_based_access_required,
+                      :handshake_approval_required,
+                      :password_strength_policy_id, { name: 'PasswordStrengthPolicyID' },
+                      :password_generator_id, { name: 'PasswordGeneratorID' },
+                      :code_page,
+                      :prevent_password_reuse,
+                      :authentication_type,
+                      :authentication_per_session,
+                      :prevent_expiry_date_modification,
+                      :reset_expiry_date,
+                      :prevent_drag_drop,
+                      :prevent_bad_password_use,
+                      :provide_access_reason,
+                      :password_reset_enabled,
+                      :force_password_generator,
+                      :hide_passwords,
+                      :show_guide,
+                      :enable_password_reset_schedule,
+                      :password_reset_schedule,
+                      :add_days_to_expiry_date
+
+      read_fields :password_list_id, { name: 'PasswordListID' },
+                  :tree_path,
+                  :total_passwords,
+                  :generator_name,
+                  :policy_name
+
+      def passwords
+        Passwordstate::ResourceList.new client, Passwordstate::Resources::Password,
+                                        all_path: "passwords/#{password_list_id}",
+                                        all_query: { query_all: nil },
+                                        search_path: "searchpasswords/#{password_list_id}",
+                                        object_data: { password_list_id: password_list_id }
+      end
+
+      def self.search(client, query = {})
+        super client, query.merge(_api_path: 'searchpasswordlists')
+      end
+    end
+  end
+end

data/lib/passwordstate/resources/report.rb

@@ -0,0 +1,54 @@
+module Passwordstate
+  module Resources
+    class Report < Passwordstate::Resource
+      REPORT_PARAMETERS = {
+        1  => %i[user_id],
+        2  => %i[user_id site_id],
+        3  => %i[user_id duration],
+        4  => %i[user_id site_id duration],
+        5  => %i[duration],
+        6  => %i[],
+        7  => %i[user_id site_id duration],
+        8  => %i[],
+        9  => %i[],
+        10 => %i[duration],
+        11 => %i[duration],
+        12 => %i[site_id],
+        13 => %i[site_id],
+        14 => %i[site_i],
+        15 => %i[site_id],
+        16 => %i[site_id],
+        17 => %i[duration password_list_ids query_expired_passwords],
+        18 => %i[site_id duration],
+        19 => %i[site_id],
+        20 => %i[site_id],
+        21 => %i[site_id],
+        22 => %i[site_id],
+        23 => %i[site_id],
+        24 => %i[site_id user_id],
+        25 => %i[site_id security_group_name],
+        26 => %i[duration],
+        27 => %i[duration],
+        28 => %i[duration],
+        29 => %i[duration],
+        30 => %i[duration],
+        31 => %i[duration],
+        32 => %i[duration],
+        33 => %i[duration],
+        34 => %i[duration]
+      }.freeze
+
+      api_path 'reporting'
+
+      index_field :report_id
+
+      read_fields :report_id, { name: 'ReportID' },
+                  :site_id, { name: 'SiteID' },
+                  :user_id, { name: 'UserID' },
+                  :security_group_name,
+                  :duration,
+                  :password_list_ids, { name: 'PasswordListIDs' },
+                  :query_expired_passwords
+    end
+  end
+end

data/lib/passwordstate/util.rb

@@ -0,0 +1,77 @@
+require 'net/http'
+require 'net/ntlm'
+
+module Net
+  module HTTPHeader
+    attr_reader :ntlm_auth_information, :ntlm_auth_options
+
+    def ntlm_auth(username, password, domain = nil, workstation = nil)
+      @ntlm_auth_information = {
+        user: username,
+        password: password
+      }
+      @ntlm_auth_information[:domain] = domain unless domain.nil?
+      @ntlm_auth_options = {}
+      @ntlm_auth_options[:workstation] = workstation unless workstation.nil?
+    end
+  end
+end
+
+class String
+  def camel_case
+    split('_').collect(&:capitalize).join
+  end
+
+  def snake_case
+    gsub(/([A-Z]+)([A-Z][a-z])/, '\1_\2')
+      .gsub(/([a-z\d])([A-Z])/, '\1_\2')
+      .tr('-', '_')
+      .downcase
+  end
+
+  def find_line(&_block)
+    raise ArgumentError, 'No block given' unless block_given?
+    each_line do |line|
+      return line if yield line
+    end
+  end
+end
+
+module Passwordstate
+  module NetHTTPExtensions
+    def request(req, body = nil, &block)
+      return super(req, body, &block) if req.ntlm_auth_information.nil?
+
+      unless started?
+        @last_body = req.body
+        req.body = nil
+        start do
+          req.delete('connection')
+          return request(req, body, &block)
+        end
+      end
+
+      type1 = Net::NTLM::Message::Type1.new
+      req['authorization'] = 'NTLM ' + type1.encode64
+      res = super(req, body)
+
+      challenge = res['www-authenticate'][/(?:NTLM|Negotiate) (.+)/, 1]
+
+      if challenge && res.code == '401'
+        type2 = Net::NTLM::Message.decode64 challenge
+        type3 = type2.response(req.ntlm_auth_information, req.ntlm_auth_options)
+
+        req['authorization'] = 'NTLM ' + type3.encode64
+        req.body_stream.rewind if req.body_stream
+        req.body = @last_body if @last_body
+
+        super(req, body, &block)
+      else
+        yield res if block_given?
+        res
+      end
+    end
+  end
+end
+
+Net::HTTP.send :prepend, Passwordstate::NetHTTPExtensions unless Net::HTTP.ancestors.include? Passwordstate::NetHTTPExtensions

data/lib/passwordstate/version.rb

@@ -0,0 +1,3 @@
+module Passwordstate
+  VERSION = '0.0.1'.freeze
+end

data/passwordstate.gemspec

@@ -0,0 +1,25 @@
+require File.join File.expand_path('lib', __dir__), 'passwordstate/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'passwordstate'
+  spec.version       = Passwordstate::VERSION
+  spec.authors       = ['Alexander Olofsson']
+  spec.email         = ['alexander.olofsson@liu.se']
+
+  spec.summary       = 'A ruby API client for interacting with a passwordstate server'
+  spec.description   = spec.summary
+  spec.homepage      = 'https://github.com/ananace/ruby-passwordstate'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'logging', '~> 2.2'
+  spec.add_dependency 'rubyntlm', '~> 0.6'
+
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'minitest'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rubocop'
+end

data/test/passwordstate_test.rb

@@ -0,0 +1,11 @@
+require 'test_helper'
+
+class PasswordstateTest < Minitest::Test
+  def test_that_it_has_a_version_number
+    refute_nil ::Passwordstate::VERSION
+  end
+
+  def test_it_does_something_useful
+    assert false
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,4 @@
+$LOAD_PATH.unshift File.expand_path('../lib', __dir__)
+require 'passwordstate'
+
+require 'minitest/autorun'

metadata

@@ -0,0 +1,153 @@
+--- !ruby/object:Gem::Specification
+name: passwordstate
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Alexander Olofsson
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-07-31 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: logging
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+- !ruby/object:Gem::Dependency
+  name: rubyntlm
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A ruby API client for interacting with a passwordstate server
+email:
+- alexander.olofsson@liu.se
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".gitlab-ci.yml"
+- ".rubocop.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/passwordstate.rb
+- lib/passwordstate/client.rb
+- lib/passwordstate/errors.rb
+- lib/passwordstate/resource.rb
+- lib/passwordstate/resource_list.rb
+- lib/passwordstate/resources/document.rb
+- lib/passwordstate/resources/folder.rb
+- lib/passwordstate/resources/host.rb
+- lib/passwordstate/resources/password.rb
+- lib/passwordstate/resources/password_list.rb
+- lib/passwordstate/resources/report.rb
+- lib/passwordstate/util.rb
+- lib/passwordstate/version.rb
+- passwordstate.gemspec
+- test/passwordstate_test.rb
+- test/test_helper.rb
+homepage: https://github.com/ananace/ruby-passwordstate
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: A ruby API client for interacting with a passwordstate server
+test_files:
+- test/passwordstate_test.rb
+- test/test_helper.rb