Class: Compliance::API

Inherits:
Object
  • Object
show all
Defined in:
lib/bundles/inspec-compliance/api.rb

Overview

API Implementation does not hold any state by itself, everything will be stored in local Configuration store

Class Method Summary collapse

Class Method Details

.exist?(profile) ⇒ Boolean

verifies that a profile

Returns:

  • (Boolean) 


79
80
81
82
83
84
85
86
87
 
# File 'lib/bundles/inspec-compliance/api.rb', line 79

def self.exist?(profile)
  profiles = Compliance::API.profiles
  if !profiles.empty?
    index = profiles.index { |p| "#{p[:org]}/#{p[:name]}" == profile }
    !index.nil? && index >= 0
  else
    false
  end
end

.get(url, username, password) ⇒ Object 



89
90
91
92
93
94
95
 
# File 'lib/bundles/inspec-compliance/api.rb', line 89

def self.get(url, username, password)
  uri = URI.parse(url)
  req = Net::HTTP::Get.new(uri.path)
  req.basic_auth username, password

  send_request(uri, req)
end

.login(server, username, password) ⇒ Object

logs into the server, retrieves a token and stores it locally



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/bundles/inspec-compliance/api.rb', line 13

def self.(server, username, password)
  config = Compliance::Configuration.new
  config['server'] = server
  url = "#{server}/oauth/token"

  success, data = Compliance::API.post(url, username, password)
  if !data.nil?
    tokendata = JSON.parse(data)
    if tokendata['access_token']
      config['user'] = username
      config['token'] = tokendata['access_token']
      config.store
      success = true
      msg = 'Successfully authenticated'
    else
      msg = 'Reponse does not include a token'
    end
  else
    msg = "Authentication failed for Server: #{url}"
  end
  [success, msg]
end

.logoutObject 



36
37
38
39
40
41
 
# File 'lib/bundles/inspec-compliance/api.rb', line 36

def self.logout
  config = Compliance::Configuration.new
  url = "#{config['server']}/logout"
  Compliance::API.post(url, config['token'], nil)
  config.destroy
end

.post(url, username, password) ⇒ Object 



97
98
99
100
101
102
103
104
105
 
# File 'lib/bundles/inspec-compliance/api.rb', line 97

def self.post(url, username, password)
  # form request
  uri = URI.parse(url)
  req = Net::HTTP::Post.new(uri.path)
  req.basic_auth username, password
  req.form_data={}

  send_request(uri, req)
end

.post_file(url, username, password, file_path) ⇒ Object

upload a file



108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 
# File 'lib/bundles/inspec-compliance/api.rb', line 108

def self.post_file(url, username, password, file_path)
  uri = URI.parse(url)
  http = Net::HTTP.new(uri.host, uri.port)
  req = Net::HTTP::Post.new(uri.path)
  req.basic_auth username, password

  req.body_stream=File.open(file_path)
  req['Content-Type'] = 'multipart/form-data'
  req.add_field('Content-Length', File.size(file_path))
  req.add_field('Content-Type', 'application/x-gtar')

  boundary = 'INSPEC-PROFILE-UPLOAD'
  req.add_field('session', boundary)
  res=http.request(req)

  [res.is_a?(Net::HTTPSuccess), res.body]
end

.profilesObject

return all compliance profiles available for the user



57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/bundles/inspec-compliance/api.rb', line 57

def self.profiles
  config = Compliance::Configuration.new

  url = "#{config['server']}/user/compliance"
  _success, data = get(url, config['token'], '')

  if !data.nil?
    profiles = JSON.parse(data)
    val = []
    # iterate over profiles
    profiles.each_key { |org|
      profiles[org].each_key { |name|
        val.push({ org: org, name: name })
      }
    }
    val
  else
    []
  end
end

.send_request(uri, req) ⇒ Object 



126
127
128
129
130
131
132
 
# File 'lib/bundles/inspec-compliance/api.rb', line 126

def self.send_request(uri, req)
  # send request
  res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https') {|http|
    http.request(req)
  }
  [res.is_a?(Net::HTTPSuccess), res.body]
end

.versionObject

return the server api version



44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/bundles/inspec-compliance/api.rb', line 44

def self.version
  config = Compliance::Configuration.new
  url = "#{config['server']}/version"

  _success, data = Compliance::API.get(url, nil, nil)
  if !data.nil?
    JSON.parse(data)
  else
    {}
  end
end