Class: Compliance::API
- Inherits:
-
Object
- Object
- Compliance::API
- Defined in:
- lib/bundles/inspec-compliance/api.rb
Overview
API Implementation does not hold any state by itself, everything will be stored in local Configuration store
Class Method Summary collapse
-
.exist?(profile) ⇒ Boolean
verifies that a profile.
- .get(url, username, password, insecure) ⇒ Object
-
.login(server, username, password, insecure, apipath) ⇒ Object
logs into the server, retrieves a token and stores it locally.
- .logout ⇒ Object
- .post(url, username, password, insecure) ⇒ Object
-
.post_file(url, username, password, file_path, insecure) ⇒ Object
upload a file.
-
.profiles ⇒ Object
return all compliance profiles available for the user.
- .send_request(uri, req, insecure) ⇒ Object
-
.version ⇒ Object
return the server api version.
Class Method Details
.exist?(profile) ⇒ Boolean
verifies that a profile
79 80 81 82 83 84 85 86 87 |
# File 'lib/bundles/inspec-compliance/api.rb', line 79 def self.exist?(profile) profiles = Compliance::API.profiles if !profiles.empty? index = profiles.index { |p| "#{p[:org]}/#{p[:name]}" == profile } !index.nil? && index >= 0 else false end end |
.get(url, username, password, insecure) ⇒ Object
89 90 91 92 93 94 95 |
# File 'lib/bundles/inspec-compliance/api.rb', line 89 def self.get(url, username, password, insecure) uri = URI.parse(url) req = Net::HTTP::Get.new(uri.path) req.basic_auth username, password send_request(uri, req, insecure) end |
.login(server, username, password, insecure, apipath) ⇒ Object
logs into the server, retrieves a token and stores it locally
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
# File 'lib/bundles/inspec-compliance/api.rb', line 13 def self.login(server, username, password, insecure, apipath) config = Compliance::Configuration.new config['server'] = "#{server}#{apipath}" url = "#{config['server']}/oauth/token" success, data = Compliance::API.post(url, username, password, insecure) if !data.nil? tokendata = JSON.parse(data) if tokendata['access_token'] config['user'] = username config['token'] = tokendata['access_token'] config['insecure'] = insecure config.store success = true msg = 'Successfully authenticated' else msg = 'Reponse does not include a token' end else msg = "Authentication failed for Server: #{url}" end [success, msg] end |
.logout ⇒ Object
37 38 39 40 41 42 |
# File 'lib/bundles/inspec-compliance/api.rb', line 37 def self.logout config = Compliance::Configuration.new url = "#{config['server']}/logout" Compliance::API.post(url, config['token'], nil, config['insecure']) config.destroy end |
.post(url, username, password, insecure) ⇒ Object
97 98 99 100 101 102 103 104 105 |
# File 'lib/bundles/inspec-compliance/api.rb', line 97 def self.post(url, username, password, insecure) # form request uri = URI.parse(url) req = Net::HTTP::Post.new(uri.path) req.basic_auth username, password req.form_data={} send_request(uri, req, insecure) end |
.post_file(url, username, password, file_path, insecure) ⇒ Object
upload a file
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 |
# File 'lib/bundles/inspec-compliance/api.rb', line 108 def self.post_file(url, username, password, file_path, insecure) uri = URI.parse(url) http = Net::HTTP.new(uri.host, uri.port) # set connection flags http.use_ssl = (uri.scheme == 'https') http.verify_mode = OpenSSL::SSL::VERIFY_NONE if insecure req = Net::HTTP::Post.new(uri.path) req.basic_auth username, password req.body_stream=File.open(file_path, 'rb') req.add_field('Content-Length', File.size(file_path)) req.add_field('Content-Type', 'application/x-gtar') boundary = 'INSPEC-PROFILE-UPLOAD' req.add_field('session', boundary) res=http.request(req) [res.is_a?(Net::HTTPSuccess), res.body] end |
.profiles ⇒ Object
return all compliance profiles available for the user
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/bundles/inspec-compliance/api.rb', line 58 def self.profiles config = Compliance::Configuration.new url = "#{config['server']}/user/compliance" _success, data = get(url, config['token'], '', config['insecure']) if !data.nil? profiles = JSON.parse(data) val = [] # iterate over profiles profiles.each_key { |org| profiles[org].each_key { |name| val.push({ org: org, name: name }) } } val else [] end end |
.send_request(uri, req, insecure) ⇒ Object
130 131 132 133 134 135 136 137 138 139 140 |
# File 'lib/bundles/inspec-compliance/api.rb', line 130 def self.send_request(uri, req, insecure) opts = { use_ssl: uri.scheme == 'https', } opts[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if insecure res = Net::HTTP.start(uri.host, uri.port, opts) {|http| http.request(req) } [res.is_a?(Net::HTTPSuccess), res.body] end |
.version ⇒ Object
return the server api version
45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/bundles/inspec-compliance/api.rb', line 45 def self.version config = Compliance::Configuration.new url = "#{config['server']}/version" _success, data = Compliance::API.get(url, nil, nil, config['insecure']) if !data.nil? JSON.parse(data) else {} end end |