Class: Compliance::API

Inherits:
Object
  • Object
show all
Defined in:
lib/bundles/inspec-compliance/api.rb

Overview

API Implementation does not hold any state by itself, everything will be stored in local Configuration store

Class Method Summary collapse

Class Method Details

.exist?(config, profile) ⇒ Boolean

verifies that a profile

Returns:

  • (Boolean) 


57
58
59
60
61
62
63
64
65
 
# File 'lib/bundles/inspec-compliance/api.rb', line 57

def self.exist?(config, profile)
  profiles = Compliance::API.profiles(config)
  if !profiles.empty?
    index = profiles.index { |p| "#{p[:org]}/#{p[:name]}" == profile }
    !index.nil? && index >= 0
  else
    false
  end
end

.legacy_login_post(url, username, password, insecure) ⇒ Object

login method for pre-1.0 compliance server



13
14
15
16
17
18
19
20
21
22
 
# File 'lib/bundles/inspec-compliance/api.rb', line 13

def self.(url, username, password, insecure)
  # form request
  # TODO: reuse post function
  uri = URI.parse(url)
  req = Net::HTTP::Post.new(uri.path)
  req.basic_auth(username, password)
  req.form_data={}

  send_request(uri, req, insecure)
end

.post_refresh_token(url, token, insecure) ⇒ Object 



74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
# File 'lib/bundles/inspec-compliance/api.rb', line 74

def self.post_refresh_token(url, token, insecure)
  uri = URI.parse("#{url}/login")
  req = Net::HTTP::Post.new(uri.path)
  # req['Authorization'] = "Bearer #{token}"
  req.body = { token: token }.to_json
  access_token = nil
  response = Compliance::HTTP.send_request(uri, req, insecure)
  data = response.body
  if !data.nil?
    begin
      tokendata = JSON.parse(data)
      access_token = tokendata['access_token']
      msg = 'Successfully fetched access token'
      success = true
    rescue JSON::ParserError => e
      success = false
      msg = e.message
    end
  else
    success = false
    msg = 'Invalid refresh_token'
  end

  [success, msg, access_token]
end

.profiles(config) ⇒ Object

return all compliance profiles available for the user



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/bundles/inspec-compliance/api.rb', line 25

def self.profiles(config)
  url = "#{config['server']}/user/compliance"
  # TODO, api should not be dependent on .supported?
  response = Compliance::HTTP.get(url, config['token'], config['insecure'], !config.supported?(:oidc))
  data = response.body
  if !data.nil?
    profiles = JSON.parse(data)
    # iterate over profiles
    profiles.map do |owner, ps|
      ps.keys.map do |name|
        { org: owner, name: name }
      end
    end.flatten
  else
    []
  end
end

.upload(config, owner, profile_name, archive_path) ⇒ Object 



67
68
69
70
71
72
 
# File 'lib/bundles/inspec-compliance/api.rb', line 67

def self.upload(config, owner, profile_name, archive_path)
  # upload the tar to Chef Compliance
  url = "#{config['server']}/owners/#{owner}/compliance/#{profile_name}/tar"
  res = Compliance::HTTP.post_file(url, config['token'], archive_path, config['insecure'], !config.supported?(:oidc))
  [res.is_a?(Net::HTTPSuccess), res.body]
end

.version(url, insecure) ⇒ Object

return the server api version NB this method does not use Compliance::Configuration to allow for using it before we know the version (e.g. oidc or not)



46
47
48
49
50
51
52
53
54
 
# File 'lib/bundles/inspec-compliance/api.rb', line 46

def self.version(url, insecure)
  response = Compliance::HTTP.get(url+'/version', nil, insecure)
  data = response.body
  if !data.nil?
    JSON.parse(data)
  else
    {}
  end
end