Class: Compliance::API
- Inherits:
-
Object
- Object
- Compliance::API
- Defined in:
- lib/bundles/inspec-compliance/api.rb
Overview
API Implementation does not hold any state by itself, everything will be stored in local Configuration store
Class Method Summary collapse
-
.exist?(config, profile) ⇒ Boolean
verifies that a profile.
-
.legacy_login_post(url, username, password, insecure) ⇒ Object
login method for pre-1.0 compliance server.
- .post_refresh_token(url, token, insecure) ⇒ Object
-
.profiles(config) ⇒ Object
return all compliance profiles available for the user.
- .upload(config, owner, profile_name, archive_path) ⇒ Object
-
.version(url, insecure) ⇒ Object
return the server api version NB this method does not use Compliance::Configuration to allow for using it before we know the version (e.g. oidc or not).
Class Method Details
.exist?(config, profile) ⇒ Boolean
verifies that a profile
57 58 59 60 61 62 63 64 65 |
# File 'lib/bundles/inspec-compliance/api.rb', line 57 def self.exist?(config, profile) profiles = Compliance::API.profiles(config) if !profiles.empty? index = profiles.index { |p| "#{p[:org]}/#{p[:name]}" == profile } !index.nil? && index >= 0 else false end end |
.legacy_login_post(url, username, password, insecure) ⇒ Object
login method for pre-1.0 compliance server
13 14 15 16 17 18 19 20 21 22 |
# File 'lib/bundles/inspec-compliance/api.rb', line 13 def self.legacy_login_post(url, username, password, insecure) # form request # TODO: reuse post function uri = URI.parse(url) req = Net::HTTP::Post.new(uri.path) req.basic_auth(username, password) req.form_data={} send_request(uri, req, insecure) end |
.post_refresh_token(url, token, insecure) ⇒ Object
74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 |
# File 'lib/bundles/inspec-compliance/api.rb', line 74 def self.post_refresh_token(url, token, insecure) uri = URI.parse("#{url}/login") req = Net::HTTP::Post.new(uri.path) # req['Authorization'] = "Bearer #{token}" req.body = { token: token }.to_json access_token = nil response = Compliance::HTTP.send_request(uri, req, insecure) data = response.body if !data.nil? begin tokendata = JSON.parse(data) access_token = tokendata['access_token'] msg = 'Successfully fetched access token' success = true rescue JSON::ParserError => e success = false msg = e. end else success = false msg = 'Invalid refresh_token' end [success, msg, access_token] end |
.profiles(config) ⇒ Object
return all compliance profiles available for the user
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/bundles/inspec-compliance/api.rb', line 25 def self.profiles(config) url = "#{config['server']}/user/compliance" # TODO, api should not be dependent on .supported? response = Compliance::HTTP.get(url, config['token'], config['insecure'], !config.supported?(:oidc)) data = response.body if !data.nil? profiles = JSON.parse(data) # iterate over profiles profiles.map do |owner, ps| ps.keys.map do |name| { org: owner, name: name } end end.flatten else [] end end |
.upload(config, owner, profile_name, archive_path) ⇒ Object
67 68 69 70 71 72 |
# File 'lib/bundles/inspec-compliance/api.rb', line 67 def self.upload(config, owner, profile_name, archive_path) # upload the tar to Chef Compliance url = "#{config['server']}/owners/#{owner}/compliance/#{profile_name}/tar" res = Compliance::HTTP.post_file(url, config['token'], archive_path, config['insecure'], !config.supported?(:oidc)) [res.is_a?(Net::HTTPSuccess), res.body] end |
.version(url, insecure) ⇒ Object
return the server api version NB this method does not use Compliance::Configuration to allow for using it before we know the version (e.g. oidc or not)
46 47 48 49 50 51 52 53 54 |
# File 'lib/bundles/inspec-compliance/api.rb', line 46 def self.version(url, insecure) response = Compliance::HTTP.get(url+'/version', nil, insecure) data = response.body if !data.nil? JSON.parse(data) else {} end end |