w-stdlib 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f7cb8e2bf20665a3a90bfa7cdfbf7db465f5867bce893d78783b3ccfa38d245a
+  data.tar.gz: 3ce32ae202b1a5f77fa3cf90e97295d775a4c2fa6487daa92fbb8a4f6c6830fa
+SHA512:
+  metadata.gz: 43bae6362746dd9b6bbddf3fa1fc74a8272be4db2e15df2fb65daaa9905a7938b2a8f5faf45228e29348678bd2d390a3258eedae83218ff37ee68e1c5a4ed4b5
+  data.tar.gz: 7e8447678675d9df0e2c8fea625833c893a471403df9713aac377b06a86afbfbe34d2697e86b237e860708b2bd96073528fe427d8ff31b1311a42bf1c323873f

data/Gemfile

@@ -0,0 +1,10 @@
+source 'https://rubygems.org'
+
+gem 'parallel'
+gem 'activesupport'
+gem 'http'
+gem 'netaddr'
+gem 'aws-sdk', '~> 3'
+gem 'jwt'
+gem 'sys-proctable'
+gem 'rspec'

data/lib/aws.rb

@@ -0,0 +1,84 @@
+require_relative '../lib/glob'
+require_relative '../lib/core_ext/string'
+require_relative '../lib/core_ext/object'
+require_relative '../lib/core_ext/hash'
+
+using StringExt
+using ObjectExt
+using HashExt
+
+
+module IAM
+  class AssumeRoleStatement
+    def initialize(s)
+      @effect = s['Effect']
+      @action = s['Action']
+      @principal = s['Principal'].map_vals(&:lift_array) # principals can be string or string[]
+    end
+
+    def allow?
+      @effect.downcase == 'allow'
+    end
+
+    def deny?
+      @effect.downcase == 'deny'
+    end
+
+    def assume_role?
+      @action.include? 'sts:AssumeRole'
+    end
+
+    def applies_to_principal?(arn)
+      @principal.fetch('AWS', []).any? { Glob.new(_1).match? arn }
+    end
+  end
+
+  class AssumeRolePolicyDocument
+    def initialize(doc)
+      @doc = doc
+      @statements = doc['Statement'].map { AssumeRoleStatement.new _1 }
+    end
+
+    # initializes from a hash of params. it supports docs as
+    # url encoded json strings, like the aws api returns or
+    # docs that are nested hashes and arrays
+    def self.from_role(role)
+      doc = role[:assume_role_policy_document]
+      doc = role["AssumeRolePolicyDocument"] unless doc
+      raise 'invalid role' unless doc
+
+      doc = doc.url_decode.from_json if doc.is_a? String
+
+      self.new doc
+    end
+
+    def can_assume?(arn)
+      return false if explicitly_denied? arn
+      return true if explicitly_allowed? arn
+      false
+    end
+
+    private
+    def explicitly_denied?(arn)
+      @statements.any? { _1.deny? && _1.assume_role? && _1.applies_to_principal?(arn) }
+    end
+
+    def explicitly_allowed?(arn)
+      @statements.any? { _1.allow? && _1.assume_role? && _1.applies_to_principal?(arn) }
+    end
+  end
+
+  class Role
+    attr_reader :doc, :arn
+    def initialize(params)
+      @params = params
+      @arn = params[:arn]
+      @arn = params['Arn'] unless @arn
+      @doc = AssumeRolePolicyDocument.from_role params
+    end
+
+    def can_assume?(arn)
+      @doc.can_assume?(arn)
+    end
+  end
+end

data/lib/case_insensitive_hash.rb

@@ -0,0 +1,24 @@
+class CaseInsensitiveHash < Hash
+  def [](key)
+    super _insensitive(key)
+  end
+
+  def []=(key, value)
+    super _insensitive(key), value
+  end
+
+  # Keeping it DRY.
+  protected
+
+  def _insensitive(key)
+    key.respond_to?(:upcase) ? key.upcase : key
+  end
+
+  def self.from_pairs(pairs)
+    h = CaseInsensitiveHash.new
+    pairs.each do |k, v|
+      h[k] = v
+    end
+    h
+  end
+end

data/lib/core_ext/array.rb

@@ -0,0 +1,57 @@
+require 'parallel'
+require 'etc'
+require_relative '../../lib/core_ext/string'
+
+using StringExt
+
+module ArrayExt
+  refine Array do
+    def tail
+      self[1..self.length]
+    end
+
+    def but_last
+      self.tap(&:pop)
+    end
+
+    def choose
+      return first if length < 2
+      loop do
+        each_with_index { puts "#{_2 + 1}: #{block_given? ? yield(_1) : _1 }" }
+        print "> "
+        input = STDIN.gets.strip
+        break if input.downcase == 'q'
+
+        i = input.to_i
+        next if i <= 0 || i > length
+
+        return self[i - 1]
+      end
+    end
+
+    def p_each(opts=nil, &blk)
+      opts = {in_threads: Etc.nprocessors} if opts.nil?
+      Parallel.each(self, opts, &blk)
+    end
+
+    def p_map(opts=nil, &blk)
+      opts = {in_threads: Etc.nprocessors} if opts.nil?
+      Parallel.map(self, opts, &blk)
+    end
+
+    def puts_all
+      each { puts _1.to_s }
+    end
+
+    def search(str)
+      select do
+        s = block_given? ? yield(_1) : _1.to_s
+        s.matches_pat? str
+      end
+    end
+
+    def to_h_by
+      map { [yield(_1), _1] }.to_h
+    end
+  end
+end

data/lib/core_ext/aws.rb

@@ -0,0 +1,38 @@
+require_relative './string'
+require 'aws-sdk-iam'
+require 'aws-sdk-core/arn_parser'
+
+using StringExt
+
+module IamExt
+  refine Aws::IAM::Client do
+    def arn_to_policies(arn)
+      arn = arn.strip
+      type, name = Aws::ARNParser.parse(arn).resource.split('/', 2) rescue return []
+      return [] unless name && type
+
+      policies = []
+
+      attached_policies = send(:"list_attached_#{type}_policies", {:"#{type}_name" => name}).attached_policies
+      attached_policies.each do |p|
+        error "fetching #{p.policy_arn}"
+        version_id = list_policy_versions(policy_arn: p.policy_arn).versions.find { _1.is_default_version }.version_id
+        policy = get_policy_version(policy_arn: p.policy_arn, version_id: version_id).policy_version
+        policies << policy.document.url_decode.from_json
+      rescue Aws::IAM::Errors::NoSuchEntity
+        error "#{a} #{p.policy_name} not found"
+      end
+
+      inline_policies = send(:"list_#{type}_policies", {:"#{type}_name" => name}).policy_names
+      inline_policies.each do |policy_name|
+        error "fetching #{policy_name}"
+        policy = send(:"get_#{type}_policy", {:"#{type}_name" => name, :policy_name => policy_name})
+        policies << policy.policy_document.url_decode.from_json
+      rescue Aws::IAM::Errors::NoSuchEntity
+        error "#{a} #{p.policy_arn} not found"
+      end
+
+      policies
+    end
+  end
+end

data/lib/core_ext/file.rb

@@ -0,0 +1,19 @@
+require 'digest'
+
+module FileExt
+  refine File do
+    def md5
+      Digest::MD5.hexdigest(read)
+    end
+
+    alias_method :name, :path
+
+    def file?
+      File.file? name
+    end
+
+    def strings
+      `strings '#{name}'`
+    end
+  end
+end

data/lib/core_ext/hash.rb

@@ -0,0 +1,27 @@
+require_relative '../../lib/core_ext/string'
+
+using StringExt
+
+module HashExt
+  refine Hash do
+    def map_vals
+      map { [_1, yield(_2)] }.to_h
+    end
+
+    def map_keys
+      map { [yield(_1), _2] }.to_h
+    end
+
+    def search(pat)
+      select { _1.to_s.matches_pat?(pat) || _2.to_s.matches_pat?(pat) }
+    end
+
+    def search_keys(pat)
+      select { _1.to_s.matches_pat?(pat) }
+    end
+
+    def puts_all
+      each { puts "#{_1}: #{_2}"}
+    end
+  end
+end

data/lib/core_ext/io.rb

@@ -0,0 +1,20 @@
+require_relative './string'
+
+using StringExt
+
+module IOExt
+  refine IO do
+    def lines
+      read.lines.map(&:strip)
+    end
+
+    def json_props_or_lines(*path)
+      s = read
+      begin
+        s.from_json.lift_array.map { _1.dig(*path) }
+      rescue JSON::ParserError
+        s.lines
+      end
+    end
+  end
+end

data/lib/core_ext/ipv4net.rb

@@ -0,0 +1,9 @@
+require 'netaddr'
+
+module IPv4NetExt
+  refine NetAddr::IPv4Net do
+    def each
+      (0..len).each { yield nth(_1) }
+    end
+  end
+end

data/lib/core_ext/object.rb

@@ -0,0 +1,16 @@
+module ObjectExt
+  refine Object do
+    def not_nil?
+      !self.nil?
+    end
+
+    def _?
+      return self if self.not_nil?
+      yield
+    end
+
+    def lift_array
+      kind_of?(Array) ? self : [self]
+    end
+  end
+end

data/lib/core_ext/openssl.rb

@@ -0,0 +1,38 @@
+require 'openssl'
+require_relative '../case_insensitive_hash'
+
+module OpenSSLExt
+  refine OpenSSL::X509::Certificate do
+    def cn
+      subject['CN']
+    end
+
+    def sans
+      extensions
+          .find { _1.oid == 'subjectAltName' }
+          .value
+          .split(/,\s+/)
+          .map { _1.gsub(/^DNS:/,'') }
+    end
+
+    def dns_names
+      [cn] + sans
+    end
+  end
+  refine OpenSSL::X509::Name do
+    def to_h
+      str = to_s
+      if str.start_with?("/")
+        # /A=B/C=D format
+        CaseInsensitiveHash.from_pairs str[1..-1].split("/").map { _1.split('=', 2) }
+      else
+        # Comma-separated
+        CaseInsensitiveHash.from_pairs str.split(",").map { _1.split('=', 2) }
+      end
+    end
+
+    def [](key)
+      to_h[key]
+    end
+  end
+end

data/lib/core_ext/string.rb

@@ -0,0 +1,110 @@
+require 'base64'
+require 'json'
+require 'cgi'
+
+module StringExt
+  refine String do
+    def from_json
+      JSON.parse self
+    end
+
+    def to_b64
+      Base64.encode64 self
+    end
+
+    def to_bool
+      self.downcase == 'true'
+    end
+
+    def from_b64
+      Base64.decode64 self
+    end
+
+    def url_encode
+      CGI.escape self
+    end
+
+    def url_decode
+      CGI.unescape self
+    end
+
+    def words
+      self.split(/\s+/)
+    end
+
+    def chars
+      self.split('')
+    end
+
+    def map(&blk)
+      self.chars.map(&blk).join('')
+    end
+
+    def select(&blk)
+      self.chars.select(&blk).join('')
+    end
+
+    def reject(&blk)
+      self.chars.reject(&blk).join('')
+    end
+
+    def any?(&blk)
+      self.chars.any?(&blk)
+    end
+
+    def all?(&blk)
+      self.chars.all?(&blk)
+    end
+
+    def grep(pat)
+      self.lines.select { _1.matches_pat? pat }
+    end
+
+    def matches_pat?(pat)
+      case pat
+      when String
+        self.include_ignore_case? pat
+      when Regexp
+        self =~ pat
+      else
+        raise "matches_pat? only works on String and Regexp. You passed: #{pat.class}"
+      end
+    end
+
+    def prefix(p)
+      p + self
+    end
+
+    def to_bs
+      n, units = self.scan(/([0-9.]+)(B|KB|MB|GB)/).first
+      raise "Invalid size: #{self}" unless n && units
+      sizes = {
+        'B' => 1,
+        'KB' => 1024,
+        'MB' => 1024 ** 2,
+        'GB' => 1024 ** 3,
+      }
+      scale = sizes.fetch(units, 1)
+      n.to_f*scale
+    end
+
+    def to_regexp
+      Regexp.new self
+    end
+
+    def regexp_encode
+      Regexp.quote self
+    end
+
+    def include_ignore_case?(s)
+      downcase.include? s.downcase
+    end
+
+    def is_numeric?
+      Float(self)
+      true
+    rescue
+      false
+    end
+  end
+end

data/lib/core_ext/uri.rb

@@ -0,0 +1,21 @@
+require 'uri'
+
+module QueryParamsMixin
+  def query_params
+    query.nil? ? {} : URI.decode_www_form(query).to_h
+  end
+
+  def with_query_params
+    params = query_params
+    yield params
+    self.query = URI.encode_www_form(params)
+    self
+  end
+end
+
+module URI
+  class Generic
+    include QueryParamsMixin
+  end
+end
+

data/lib/github_client.rb

@@ -0,0 +1,59 @@
+require 'http'
+require 'json'
+require 'uri'
+require_relative '../lib/core_ext/uri'
+require_relative '../lib/uri'
+require_relative '../lib/core_ext/string'
+
+using StringExt
+
+class GithubClient
+  def initialize(username='', base_url='https://api.github.com')
+    @url = URI.parse base_url
+    @username = username
+  end
+
+  def repos
+    paginate('/repositories')
+  end
+
+  def repos_for_org(org)
+    paginate("/orgs/#{org}/repos")
+  end
+
+  def users
+    paginate('/users')
+  end
+
+  def user_perms(owner, repo, username)
+    url = @url.clone
+    url.path = "/repos/#{owner}/#{repo}/collaborators/#{username}/permission"
+    auth = {user: @username, pass: token}
+    puts url.to_s
+    HTTP.basic_auth(auth)
+        .headers({"Accept" => "application/vnd.github.v3+json"})
+        .get(url.to_s)
+        .to_s
+  end
+
+  private
+  def token
+    File.read(File.join(ENV['HOME'], '.keys', 'github')).strip
+  end
+  def paginate(path)
+    url = @url.clone
+    url.path = path
+    Enumerator.new do |e|
+      paged_uri = URI::Paged.new(url)
+      loop do
+        repos = HTTP.get(paged_uri.get).to_s.from_json
+        break if repos.empty?
+
+        repos.each { e.yield _1 }
+      rescue JSON::ParserError
+        break
+      end
+    end
+  end
+end
+

data/lib/glob.rb

@@ -0,0 +1,13 @@
+require_relative './core_ext/string'
+
+using StringExt
+
+class Glob
+  def initialize(pat)
+    @r = pat.regexp_encode.gsub('\*', '.*').to_regexp
+  end
+
+  def match?(s)
+    @r.match?(s)
+  end
+end

data/lib/prelude.rb

@@ -0,0 +1,25 @@
+def fatal(msg, code=1, pref='[!] ')
+  STDERR.puts pref + msg
+  exit code
+end
+
+def info(msg, pref='[+] ')
+  STDERR.puts pref + msg
+end
+
+def error(msg, pref='[!] ')
+  STDERR.puts pref + msg
+end
+
+def json_file(name)
+  JSON.parse File.read(name)
+end
+
+def home_join(*paths)
+  home = ENV['HOME']
+  if paths.empty?
+    home
+  else
+    File.join home, *paths
+  end
+end

data/lib/processes.rb

@@ -0,0 +1,74 @@
+require 'sys/proctable'
+require_relative '../lib/core_ext/file'
+require_relative '../lib/core_ext/string'
+using FileExt
+using StringExt
+
+module Processes
+  def self.snapshot
+    Snapshot.new Sys::ProcTable.ps
+  end
+
+  class Snapshot
+    def initialize(procs)
+      @procs = procs
+      @pid_to_proc = @procs.map { [_1.pid, _1] }.to_h
+    end
+
+    def all
+      @procs.map { Processes::Process.new self, _1 }
+    end
+
+    def for_pid(pid)
+      proc = @pid_to_proc[pid]
+      return nil unless proc
+      Processes::Process.new self, proc
+    end
+
+    def search_cmdline(name)
+      @procs
+        .select { _1.cmdline.downcase.include? name.downcase }
+        .reject { _1.pid == ::Process.pid }
+        .map { Processes::Process.new self, _1 }
+    end
+  end
+
+  class Process
+    def initialize(snapshot, proc)
+      raise 'proc cant be nil' unless proc
+      @snapshot = snapshot
+      @proc = proc
+    end
+
+    def parent
+      proc = @snapshot.for_pid(self.ppid)
+      return nil unless proc
+      Processes::Process.new @snapshot, proc
+    end
+
+    def open_files
+      raise unless pid.is_numeric?
+      `lsof -p #{pid}`
+        .lines
+        .drop(1)
+        .map { _1.strip.scan(/(\/.*$)/).first&.first }
+        .reject(&:nil?)
+        .uniq
+        .select { File.file? _1 }
+        .map { File.new _1 }
+    end
+
+    def sig_kill
+      raise unless pid.is_numeric?
+      `kill -9 #{pid}`
+    end
+
+    def children
+      @snapshot.all.select { _1.ppid == pid }.map { Process.new @snapshot, _1 }
+    end
+
+    private def method_missing(symbol, *args)
+      @proc.send symbol, *args
+    end
+  end
+end

data/lib/uri.rb

@@ -0,0 +1,16 @@
+
+module URI
+  class Paged
+    def initialize(url, start=1, name='page')
+      @url = url
+      @start = start
+      @name = name
+    end
+
+    def get
+      @url.with_query_params { _1[@name] = @start }
+      @start += 1
+      @url
+    end
+  end
+end

data/lib/w-stdlib.rb

@@ -0,0 +1 @@
+require ''

data/w-stdlib.gemspec

@@ -0,0 +1,9 @@
+Gem::Specification.new do |g| 
+  g.name = 'w-stdlib'
+  g.version = '0.0.1'
+  g.summary = 'Pre-alpha package that contains abstractions that I find useful when scripting. Not suitable for production use. Breaking changes highly likely even with minor version bumps. Use at your own risk'
+  g.description = g.summary
+  g.authors = ['will@btlr.dev']
+  g.email = 'will@btlr.dev'
+  g.files = Dir['lib/**/*'] + %w(Gemfile w-stdlib.gemspec)
+end

metadata

@@ -0,0 +1,65 @@
+--- !ruby/object:Gem::Specification
+name: w-stdlib
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- will@btlr.dev
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2021-10-27 00:00:00.000000000 Z
+dependencies: []
+description: Pre-alpha package that contains abstractions that I find useful when
+  scripting. Not suitable for production use. Breaking changes highly likely even
+  with minor version bumps. Use at your own risk
+email: will@btlr.dev
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- lib/aws.rb
+- lib/case_insensitive_hash.rb
+- lib/core_ext/array.rb
+- lib/core_ext/aws.rb
+- lib/core_ext/file.rb
+- lib/core_ext/hash.rb
+- lib/core_ext/io.rb
+- lib/core_ext/ipv4net.rb
+- lib/core_ext/object.rb
+- lib/core_ext/openssl.rb
+- lib/core_ext/string.rb
+- lib/core_ext/uri.rb
+- lib/github_client.rb
+- lib/glob.rb
+- lib/prelude.rb
+- lib/processes.rb
+- lib/uri.rb
+- lib/w-stdlib.rb
+- w-stdlib.gemspec
+homepage: 
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Pre-alpha package that contains abstractions that I find useful when scripting.
+  Not suitable for production use. Breaking changes highly likely even with minor
+  version bumps. Use at your own risk
+test_files: []