plunk 0.2.11 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. checksums.yaml +4 -4
  2. data/AUTHORS +1 -0
  3. data/Gemfile.lock +1 -1
  4. data/lib/plunk.rb +6 -1
  5. data/lib/plunk/helper.rb +55 -0
  6. data/lib/plunk/parser.rb +70 -48
  7. data/lib/plunk/result_set.rb +4 -49
  8. data/lib/plunk/transformer.rb +33 -114
  9. data/plunk.gemspec +9 -9
  10. data/spec/basic_spec.rb +30 -8
  11. data/spec/boolean_spec.rb +73 -27
  12. data/spec/chained_search_spec.rb +36 -44
  13. data/spec/field_value_spec.rb +28 -29
  14. data/spec/last_spec.rb +52 -49
  15. data/spec/nested_search_spec.rb +7 -7
  16. data/spec/regexp_spec.rb +16 -12
  17. data/spec/shared/dummy_client.rb +14 -0
  18. data/spec/spec_helper.rb +7 -2
  19. metadata +55 -15
data/spec/nested_search_spec.rb CHANGED
@@ -16,14 +16,14 @@ describe 'nested searches' do
16
16
  Plunk::ResultSet.any_instance.stub(:eval).and_return(fake_results)
17
17
  end
18
18
 
19
- it 'should transform' do
19
+ pending 'should transform' do
20
20
  results = @transformer.apply @parser.parse('foo=`bar=baz|baz,fass,fdsd`')
21
21
  expect(results.query).to eq({query:{filtered:{query:{query_string:{
22
22
  query: 'foo:(5)'
23
23
  }}}}})
24
24
  end
25
25
 
26
- it 'should parse a nested basic search' do
26
+ pending 'should parse a nested basic search' do
27
27
  @parsed = @parser.parse 'tshark.len = ` 226 | tshark.frame.time_epoch,tshark.ip.src`'
28
28
  expect(@parsed[:field].to_s).to eq 'tshark.len'
29
29
  expect(@parsed[:op].to_s).to eq '='
@@ -31,7 +31,7 @@ describe 'nested searches' do
31
31
  expect(@parsed[:value][:extractors].to_s).to eq 'tshark.frame.time_epoch,tshark.ip.src'
32
32
  end
33
33
 
34
- it 'should parse a nested regexp' do
34
+ pending 'should parse a nested regexp' do
35
35
  @parsed = @parser.parse 'tshark.len = ` cif.malicious_ips=/foo/ | tshark.frame.time_epoch,tshark.ip.src`'
36
36
  expect(@parsed[:field].to_s).to eq 'tshark.len'
37
37
  expect(@parsed[:op].to_s).to eq '='
@@ -41,7 +41,7 @@ describe 'nested searches' do
41
41
  expect(@parsed[:value][:extractors].to_s).to eq 'tshark.frame.time_epoch,tshark.ip.src'
42
42
  end
43
43
 
44
- it 'should parse a nested basic boolean' do
44
+ pending 'should parse a nested basic boolean' do
45
45
  @parsed = @parser.parse 'tshark.len = `(foo OR bar) | tshark.frame.time_epoch,tshark.ip.src`'
46
46
  expect(@parsed[:field].to_s).to eq 'tshark.len'
47
47
  expect(@parsed[:op].to_s).to eq '='
@@ -49,7 +49,7 @@ describe 'nested searches' do
49
49
  expect(@parsed[:value][:extractors].to_s).to eq 'tshark.frame.time_epoch,tshark.ip.src'
50
50
  end
51
51
 
52
- it 'should parse a nested field / value boolean' do
52
+ pending 'should parse a nested field / value boolean' do
53
53
  @parsed = @parser.parse 'tshark.len = `baz=(foo OR bar AND (bar OR fez)) | tshark.frame.time_epoch,tshark.ip.src`'
54
54
  expect(@parsed[:field].to_s).to eq 'tshark.len'
55
55
  expect(@parsed[:op].to_s).to eq '='
@@ -59,7 +59,7 @@ describe 'nested searches' do
59
59
  expect(@parsed[:value][:extractors].to_s).to eq 'tshark.frame.time_epoch,tshark.ip.src'
60
60
  end
61
61
 
62
- it 'should parse a nested last standalone timerange' do
62
+ pending 'should parse a nested last standalone timerange' do
63
63
  @parsed = @parser.parse 'tshark.len = `last 24h | tshark.frame.time_epoch,tshark.ip.src`'
64
64
  expect(@parsed[:field].to_s).to eq 'tshark.len'
65
65
  expect(@parsed[:op].to_s).to eq '='
@@ -68,7 +68,7 @@ describe 'nested searches' do
68
68
  expect(@parsed[:value][:extractors].to_s).to eq 'tshark.frame.time_epoch,tshark.ip.src'
69
69
  end
70
70
 
71
- it 'should parse a nested last timerange and field / value pair' do
71
+ pending 'should parse a nested last timerange and field / value pair' do
72
72
  @parsed = @parser.parse 'tshark.len = `last 24h foo=bar | tshark.frame.time_epoch,tshark.ip.src`'
73
73
  expect(@parsed[:field].to_s).to eq 'tshark.len'
74
74
  expect(@parsed[:op].to_s).to eq '='
data/spec/regexp_spec.rb CHANGED
@@ -1,24 +1,28 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe 'regexp searches' do
4
+
4
5
  it 'should parse foo=/blah foo/' do
5
- result = @transformer.apply @parser.parse('foo=/blah foo/')
6
- expect(result.query).to eq({query:{filtered:{query:{query_string:{
7
- query: 'foo:/blah foo/'
8
- }}}}})
6
+ result = Plunk.search 'foo=/blah foo/'
7
+ expected = Plunk::Helper.filter_builder(
8
+ Plunk::Helper.query_builder('foo:/blah foo/')
9
+ )
10
+ expect(result).to eq(expected)
9
11
  end
10
12
 
11
13
  it 'should parse foo=/blah\/ foo/' do
12
- result = @transformer.apply @parser.parse('foo=/blah\/ foo/')
13
- expect(result.query).to eq({query:{filtered:{query:{query_string:{
14
- query: 'foo:/blah\/ foo/'
15
- }}}}})
14
+ result = Plunk.search 'foo=/blah\/ foo/'
15
+ expected = Plunk::Helper.filter_builder(
16
+ Plunk::Helper.query_builder('foo:/blah\/ foo/')
17
+ )
18
+ expect(result).to eq(expected)
16
19
  end
17
20
 
18
21
  it 'should parse foo=/blah\. foo/' do
19
- result = @transformer.apply @parser.parse('foo=/blah\. foo/')
20
- expect(result.query).to eq({query:{filtered:{query:{query_string:{
21
- query: 'foo:/blah\. foo/'
22
- }}}}})
22
+ result = Plunk.search 'foo=/blah\. foo/'
23
+ expected = Plunk::Helper.filter_builder(
24
+ Plunk::Helper.query_builder('foo:/blah\. foo/')
25
+ )
26
+ expect(result).to eq(expected)
23
27
  end
24
28
  end
data/spec/shared/dummy_client.rb ADDED
@@ -0,0 +1,14 @@
1
+ # Dummy Elasticsearch Client for specs
2
+
3
+ module Elasticsearch
4
+ module Transport
5
+ class Client
6
+ def initialize(opts)
7
+ end
8
+
9
+ def search(payload)
10
+ payload[:body]
11
+ end
12
+ end
13
+ end
14
+ end
data/spec/spec_helper.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  require 'rspec'
2
2
  require 'plunk'
3
3
  require 'parslet/rig/rspec'
4
+ require 'shared/dummy_client'
4
5
 
5
6
  # Print ascii_tree when exception occurs
6
7
  module Plunk
@@ -17,7 +18,11 @@ end
17
18
 
18
19
  RSpec.configure do |config|
19
20
  config.before :all do
20
- @parser = Plunk::ParserWrapper.new
21
- @transformer = Plunk::Transformer.new
21
+
22
+ # configure test instance of Plunk to use wrapper parser
23
+ Plunk.configure do |c|
24
+ c.parser = Plunk::ParserWrapper.new
25
+ c.transformer = Plunk::Transformer.new
26
+ end
22
27
  end
23
28
  end
metadata CHANGED
@@ -1,104 +1,142 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: plunk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.11
4
+ version: 0.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ram Mehta
8
8
  - Jamil Bou Kheir
9
+ - Roman Heinrich
9
10
  autorequire:
10
11
  bindir: bin
11
12
  cert_chain: []
12
- date: 2014-02-21 00:00:00.000000000 Z
13
+ date: 2014-03-18 00:00:00.000000000 Z
13
14
  dependencies:
14
15
  - !ruby/object:Gem::Dependency
15
16
  name: json
16
17
  requirement: !ruby/object:Gem::Requirement
17
18
  requirements:
19
+ - - ~>
20
+ - !ruby/object:Gem::Version
21
+ version: '1.8'
18
22
  - - '>='
19
23
  - !ruby/object:Gem::Version
20
- version: '0'
24
+ version: 1.8.0
21
25
  type: :runtime
22
26
  prerelease: false
23
27
  version_requirements: !ruby/object:Gem::Requirement
24
28
  requirements:
29
+ - - ~>
30
+ - !ruby/object:Gem::Version
31
+ version: '1.8'
25
32
  - - '>='
26
33
  - !ruby/object:Gem::Version
27
- version: '0'
34
+ version: 1.8.0
28
35
  - !ruby/object:Gem::Dependency
29
36
  name: parslet
30
37
  requirement: !ruby/object:Gem::Requirement
31
38
  requirements:
39
+ - - ~>
40
+ - !ruby/object:Gem::Version
41
+ version: '1.5'
32
42
  - - '>='
33
43
  - !ruby/object:Gem::Version
34
- version: '0'
44
+ version: 1.5.0
35
45
  type: :runtime
36
46
  prerelease: false
37
47
  version_requirements: !ruby/object:Gem::Requirement
38
48
  requirements:
49
+ - - ~>
50
+ - !ruby/object:Gem::Version
51
+ version: '1.5'
39
52
  - - '>='
40
53
  - !ruby/object:Gem::Version
41
- version: '0'
54
+ version: 1.5.0
42
55
  - !ruby/object:Gem::Dependency
43
56
  name: elasticsearch
44
57
  requirement: !ruby/object:Gem::Requirement
45
58
  requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: '0.4'
46
62
  - - '>='
47
63
  - !ruby/object:Gem::Version
48
- version: '0'
64
+ version: 0.4.3
49
65
  type: :runtime
50
66
  prerelease: false
51
67
  version_requirements: !ruby/object:Gem::Requirement
52
68
  requirements:
69
+ - - ~>
70
+ - !ruby/object:Gem::Version
71
+ version: '0.4'
53
72
  - - '>='
54
73
  - !ruby/object:Gem::Version
55
- version: '0'
74
+ version: 0.4.3
56
75
  - !ruby/object:Gem::Dependency
57
76
  name: activesupport
58
77
  requirement: !ruby/object:Gem::Requirement
59
78
  requirements:
79
+ - - ~>
80
+ - !ruby/object:Gem::Version
81
+ version: '4.0'
60
82
  - - '>='
61
83
  - !ruby/object:Gem::Version
62
- version: '0'
84
+ version: 4.0.0
63
85
  type: :runtime
64
86
  prerelease: false
65
87
  version_requirements: !ruby/object:Gem::Requirement
66
88
  requirements:
89
+ - - ~>
90
+ - !ruby/object:Gem::Version
91
+ version: '4.0'
67
92
  - - '>='
68
93
  - !ruby/object:Gem::Version
69
- version: '0'
94
+ version: 4.0.0
70
95
  - !ruby/object:Gem::Dependency
71
96
  name: rspec
72
97
  requirement: !ruby/object:Gem::Requirement
73
98
  requirements:
99
+ - - ~>
100
+ - !ruby/object:Gem::Version
101
+ version: '2.0'
74
102
  - - '>='
75
103
  - !ruby/object:Gem::Version
76
- version: '0'
104
+ version: 2.14.1
77
105
  type: :development
78
106
  prerelease: false
79
107
  version_requirements: !ruby/object:Gem::Requirement
80
108
  requirements:
109
+ - - ~>
110
+ - !ruby/object:Gem::Version
111
+ version: '2.0'
81
112
  - - '>='
82
113
  - !ruby/object:Gem::Version
83
- version: '0'
114
+ version: 2.14.1
84
115
  - !ruby/object:Gem::Dependency
85
116
  name: timecop
86
117
  requirement: !ruby/object:Gem::Requirement
87
118
  requirements:
119
+ - - ~>
120
+ - !ruby/object:Gem::Version
121
+ version: '0.7'
88
122
  - - '>='
89
123
  - !ruby/object:Gem::Version
90
- version: '0'
124
+ version: 0.7.1
91
125
  type: :development
92
126
  prerelease: false
93
127
  version_requirements: !ruby/object:Gem::Requirement
94
128
  requirements:
129
+ - - ~>
130
+ - !ruby/object:Gem::Version
131
+ version: '0.7'
95
132
  - - '>='
96
133
  - !ruby/object:Gem::Version
97
- version: '0'
134
+ version: 0.7.1
98
135
  description: Human-friendly query language for Elasticsearch
99
136
  email:
100
137
  - ram.mehta@gmail.com
101
138
  - jamil@elbii.com
139
+ - roman.heinrich@gmail.com
102
140
  executables: []
103
141
  extensions: []
104
142
  extra_rdoc_files: []
@@ -112,6 +150,7 @@ files:
112
150
  - README.md
113
151
  - Rakefile
114
152
  - lib/plunk.rb
153
+ - lib/plunk/helper.rb
115
154
  - lib/plunk/parser.rb
116
155
  - lib/plunk/result_set.rb
117
156
  - lib/plunk/transformer.rb
@@ -124,6 +163,7 @@ files:
124
163
  - spec/last_spec.rb
125
164
  - spec/nested_search_spec.rb
126
165
  - spec/regexp_spec.rb
166
+ - spec/shared/dummy_client.rb
127
167
  - spec/shared/plunk_stubs.rb
128
168
  - spec/shared/time_stubs.rb
129
169
  - spec/spec_helper.rb
@@ -147,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
147
187
  version: '0'
148
188
  requirements: []
149
189
  rubyforge_project:
150
- rubygems_version: 2.1.11
190
+ rubygems_version: 2.2.2
151
191
  signing_key:
152
192
  specification_version: 4
153
193
  summary: Elasticsearch query language