plunk 0.3.1 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bb14cb961c9f1fcfadaeefc60ca753cb061bf2eb
-  data.tar.gz: ee823ac07dfcb711d8d35becf70aea8a4f3cde05
+  metadata.gz: 2166c154fb85131ea652ccc4409725b29b4dc250
+  data.tar.gz: 75503b3934ea91d1ba81ff934684ccd724af7a84
 SHA512:
-  metadata.gz: d77fa8591e0c76809bbec4e24d408073836dd517bd35fad324ed389826fa02d4a989933e2fc1c71c5a61628dfea50c81416ca3e20333789b4a5e73a676c2810d
-  data.tar.gz: 6c76177d7f17f571f9f6ad46808ea6c99b0c2eadd4fc87256345e44d5111ebad5ca29171b5484676ad16ba3d13c1089c962c638a1d1016568616c2515afbc50f
+  metadata.gz: bbeff1a1e3c8e36d0857662715b2b8c9392d6543ff7de11527f6748852feba47f449bb1e66c9a125918884c4d95bfa2d3cb952370c77cb87d9f8e1a3ae00f91f
+  data.tar.gz: 1d281d2a627594100c9ed502a96e82e01192248585cba14a8de91174fb5c8381145dd8d8a192a9a7259b0653eed029629fc2642593011fee14c6c7bee4b3aa14

data/Gemfile.lock

@@ -2,10 +2,10 @@ PATH
   remote: .
   specs:
     plunk (0.3.1)
-      activesupport
-      elasticsearch
-      json
-      parslet
+      activesupport (~> 4.0, >= 4.0.0)
+      elasticsearch (~> 0.4, >= 0.4.3)
+      json (~> 1.8, >= 1.8.0)
+      parslet (~> 1.5, >= 1.5.0)
 
 GEM
   remote: https://rubygems.org/
@@ -54,5 +54,5 @@ PLATFORMS
 
 DEPENDENCIES
   plunk!
-  rspec
-  timecop
+  rspec (~> 2.0, >= 2.14.1)
+  timecop (~> 0.7, >= 0.7.1)

data/lib/plunk/helper.rb

@@ -2,6 +2,14 @@ require 'active_support/core_ext'
 
 module Plunk
   class Helper
+    def self.combine_subtrees(left, right, op)
+      if right[op]
+        { op => [left] + right[op] }
+      else
+        { op => [left, right] }
+      end
+    end
+
     def self.query_builder(query_string)
       {
         query: {

data/lib/plunk/transformer.rb

@@ -2,7 +2,6 @@ require 'parslet'
 
 module Plunk
   class Transformer < Parslet::Transform
-
     # Field = Value
     rule(command: {
       field: simple(:field),
@@ -41,14 +40,15 @@ module Plunk
       left: subtree(:left),
       right: subtree(:right)
     }) do
-      { or: [left, right] }
+      Helper.combine_subtrees(left, right, :or)
     end
 
     rule(:and => {
       left: subtree(:left),
       right: subtree(:right)
     }) do
-      { and: [left, right] }
+      Helper.combine_subtrees(left, right, :and)
     end
+
   end
 end

data/plunk.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name                    = "plunk"
-  s.version                 = "0.3.1"
+  s.version                 = "0.3.2"
   s.add_runtime_dependency  "json", "~> 1.8", ">= 1.8.0"
   s.add_runtime_dependency  "parslet", "~> 1.5", ">= 1.5.0"
   s.add_runtime_dependency  "elasticsearch", "~> 0.4", ">= 0.4.3"

data/spec/boolean_spec.rb

@@ -40,6 +40,30 @@ describe 'boolean searches' do
     expect(result).to eq(expected)
   end
 
+  it 'should parse foo=bar & baz=fez & fad=bad' do
+    result = Plunk.search 'foo=bar & baz=fez & fad=bad'
+    expected = Plunk::Helper.filter_builder({
+      and: [
+        Plunk::Helper.query_builder('foo:bar'),
+        Plunk::Helper.query_builder('baz:fez'),
+        Plunk::Helper.query_builder('fad:bad')
+      ]
+    })
+    expect(result).to eq(expected)
+  end
+
+  it 'should parse foo=bar | foo=baz | fez=baz' do
+    result = Plunk.search 'foo=bar | foo=baz | fez=baz'
+    expected = Plunk::Helper.filter_builder({
+      or: [
+        Plunk::Helper.query_builder('foo:bar'),
+        Plunk::Helper.query_builder('foo:baz'),
+        Plunk::Helper.query_builder('fez:baz')
+      ]
+    })
+    expect(result).to eq(expected)
+  end
+
   it 'should parse (foo=bar OR foo=bar)' do
     result = Plunk.search '(foo=bar OR foo=bar)'
     expected = Plunk::Helper.filter_builder({

data/spec/chained_search_spec.rb

@@ -14,13 +14,9 @@ describe 'chained searches' do
           (@time - 24.hours).utc.to_datetime.iso8601(3),
           @time.utc.to_datetime.iso8601(3)
         ),
-        { and: [
-          Plunk::Helper.query_builder('foo_type:bar'),
-          { and: [
-            Plunk::Helper.query_builder('baz:"fez"'),
-            Plunk::Helper.query_builder('host:27.224.123.110')
-          ]}
-        ]}
+        Plunk::Helper.query_builder('foo_type:bar'),
+        Plunk::Helper.query_builder('baz:"fez"'),
+        Plunk::Helper.query_builder('host:27.224.123.110')
       ]
     })
     expect(result).to eq(expected)
@@ -34,13 +30,9 @@ describe 'chained searches' do
           (@time - 24.hours).utc.to_datetime.iso8601(3),
           @time.utc.to_datetime.iso8601(3)
         ),
-        { and: [
-          Plunk::Helper.query_builder('foo_type:bar'),
-          { and: [
-            Plunk::Helper.query_builder('baz:"fez"'),
-            Plunk::Helper.query_builder('host:27.224.123.110')
-          ]}
-        ]}
+        Plunk::Helper.query_builder('foo_type:bar'),
+        Plunk::Helper.query_builder('baz:"fez"'),
+        Plunk::Helper.query_builder('host:27.224.123.110')
       ]
     })
     expect(result).to eq(expected)

data/spec/field_value_spec.rb

@@ -41,4 +41,12 @@ describe 'field / value searches' do
     )
     expect(result).to eq(expected)
   end
+
+  it 'should parse !src_ip=0.0.0.0' do
+    result = Plunk.search '!src_ip=0.0.0.0'
+    expected = Plunk::Helper.filter_builder(
+      Plunk::Helper.query_builder('!src_ip:0.0.0.0')
+    )
+    expect(result).to eq(expected)
+  end
 end

data/spec/regexp_spec.rb

@@ -25,4 +25,12 @@ describe 'regexp searches' do
     )
     expect(result).to eq(expected)
   end
+
+  it 'should parse /.*User\-Agent\: Microsoft\-WebDAV.*/' do
+    result = Plunk.search '/.*User\-Agent\: Microsoft\-WebDAV.*/'
+    expected = Plunk::Helper.filter_builder(
+      Plunk::Helper.query_builder('/.*User\-Agent\: Microsoft\-WebDAV.*/')
+    )
+    expect(result).to eq(expected)
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: plunk
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors:
 - Ram Mehta
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-03-18 00:00:00.000000000 Z
+date: 2014-03-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json