Class: Compliance::API

Inherits:

Object

• Object
• Compliance::API

Defined in:

lib/bundles/inspec-compliance/api.rb

Overview

API Implementation does not hold any state by itself, everything will be stored in local Configuration store

Class Method Summary

• .exist?(profile) ⇒ Boolean

  verifies that a profile.

• .get(url, username, password, insecure) ⇒ Object
• .login(server, username, password, insecure, apipath) ⇒ Object

  logs into the server, retrieves a token and stores it locally.

• .logout ⇒ Object
• .post(url, username, password, insecure) ⇒ Object
• .post_file(url, username, password, file_path, insecure) ⇒ Object

  upload a file.

• .profiles ⇒ Object

  return all compliance profiles available for the user.

• .send_request(uri, req, insecure) ⇒ Object
• .version ⇒ Object

  return the server api version.

Class Method Details

.exist?(profile) ⇒ Boolean

verifies that a profile

Returns:

• (Boolean)

# File 'lib/bundles/inspec-compliance/api.rb', line 79

def self.exist?(profile)
  profiles = Compliance::API.profiles
  if !profiles.empty?
    index = profiles.index { |p| "#{p[:org]}/#{p[:name]}" == profile }
    !index.nil? && index >= 0
  else
    false
  end
end

.get(url, username, password, insecure) ⇒ Object

# File 'lib/bundles/inspec-compliance/api.rb', line 89

def self.get(url, username, password, insecure)
  uri = URI.parse(url)
  req = Net::HTTP::Get.new(uri.path)
  req.basic_auth username, password

  send_request(uri, req, insecure)
end

.login(server, username, password, insecure, apipath) ⇒ Object

logs into the server, retrieves a token and stores it locally

# File 'lib/bundles/inspec-compliance/api.rb', line 13

def self.login(server, username, password, insecure, apipath)
  config = Compliance::Configuration.new
  config['server'] = "#{server}#{apipath}"
  url = "#{config['server']}/oauth/token"

  success, data = Compliance::API.post(url, username, password, insecure)
  if !data.nil?
    tokendata = JSON.parse(data)
    if tokendata['access_token']
      config['user'] = username
      config['token'] = tokendata['access_token']
      config['insecure'] = insecure
      config.store
      success = true
      msg = 'Successfully authenticated'
    else
      msg = 'Reponse does not include a token'
    end
  else
    msg = "Authentication failed for Server: #{url}"
  end
  [success, msg]
end

.logout ⇒ Object

# File 'lib/bundles/inspec-compliance/api.rb', line 37

def self.logout
  config = Compliance::Configuration.new
  url = "#{config['server']}/logout"
  Compliance::API.post(url, config['token'], nil, config['insecure'])
  config.destroy
end

.post(url, username, password, insecure) ⇒ Object

# File 'lib/bundles/inspec-compliance/api.rb', line 97

def self.post(url, username, password, insecure)
  # form request
  uri = URI.parse(url)
  req = Net::HTTP::Post.new(uri.path)
  req.basic_auth username, password
  req.form_data={}

  send_request(uri, req, insecure)
end

.post_file(url, username, password, file_path, insecure) ⇒ Object

upload a file

# File 'lib/bundles/inspec-compliance/api.rb', line 108

def self.post_file(url, username, password, file_path, insecure)
  uri = URI.parse(url)
  http = Net::HTTP.new(uri.host, uri.port)

  # set connection flags
  http.use_ssl = (uri.scheme == 'https')
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE if insecure

  req = Net::HTTP::Post.new(uri.path)
  req.basic_auth username, password

  req.body_stream=File.open(file_path, 'rb')
  req.add_field('Content-Length', File.size(file_path))
  req.add_field('Content-Type', 'application/x-gtar')

  boundary = 'INSPEC-PROFILE-UPLOAD'
  req.add_field('session', boundary)
  res=http.request(req)

  [res.is_a?(Net::HTTPSuccess), res.body]
end

.profiles ⇒ Object

return all compliance profiles available for the user

# File 'lib/bundles/inspec-compliance/api.rb', line 58

def self.profiles
  config = Compliance::Configuration.new
  url = "#{config['server']}/user/compliance"
  _success, data = get(url, config['token'], '', config['insecure'])

  if !data.nil?
    profiles = JSON.parse(data)
    val = []
    # iterate over profiles
    profiles.each_key { |org|
      profiles[org].each_key { |name|
        val.push({ org: org, name: name })
      }
    }
    val
  else
    []
  end
end

.send_request(uri, req, insecure) ⇒ Object

# File 'lib/bundles/inspec-compliance/api.rb', line 130

def self.send_request(uri, req, insecure)
  opts = {
    use_ssl: uri.scheme == 'https',
  }
  opts[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if insecure

  res = Net::HTTP.start(uri.host, uri.port, opts) {|http|
    http.request(req)
  }
  [res.is_a?(Net::HTTPSuccess), res.body]
end

.version ⇒ Object

return the server api version

# File 'lib/bundles/inspec-compliance/api.rb', line 45

def self.version
  config = Compliance::Configuration.new
  url = "#{config['server']}/version"

  _success, data = Compliance::API.get(url, nil, nil, config['insecure'])
  if !data.nil?
    JSON.parse(data)
  else
    {}
  end
end