
Research
/Security News
Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Bamboozled is a Ruby wrapper for the BambooHR API.
Bamboozled follows Semantic Versioning 2.0.0. Make sure to always bound the major version when installing if you want to avoid breaking changes.
This documentation tracks the latest changes in the master
branch of this
repo. Some of the features described might not be available in older versions of
the gem (including the current stable version). Please consult the relevant git
tag (e.g. v0.0.7) if you need documentation for a specific Bamboozled version.
Bamboozled's installation follows the standard gem installation process:
$ gem install bamboozled
If you prefer to install Bamboozled through bundler
then add it to your
Gemfile
:
gem "bamboozled"
Create a client
and provide it with your BambooHR subdomain and an API key:
# Create the client:
client = Bamboozled.client(subdomain: "your_subdomain", api_key: "your_api_key")
TIP! Create an API key by logging into your BambooHR account, then click your image in the upper right corner and select "API Keys".
You can pass an array of fields to all
or :all
to get all fields your user
is allowed to access. Because BambooHR's API doesn't allow for specifying fields
on the /employees/directory
API endpoint, passing a list of fields to retrieve
will be signifigantly slower than getting just the default fields since the gem
will get the directory of employees, then request the data for each individual
employee resulting in employees.count + 1
API calls. To get around this,
consider using a custom report.
# Returns an array of all employees
client.employee.all # Gets all employees with default fields
client.employee.all(:all) # Gets all fields for all employees
client.employee.all(["hireDate", "displayName"])
client.employee.all("hireDate,displayName")
# Get the employee records which have changed since a given date
client.employee.last_changed("2015-01-01T00:00:00-08:00", :updated)
client.employee.last_changed("2015-01-01T00:00:00-08:00", :inserted)
client.employee.last_changed("2015-01-01T00:00:00-08:00", :deleted)
client.employee.last_changed("2015-01-01T00:00:00-08:00") # Return all changes
# Returns a hash of a single employee
client.employee.find(employee_id, fields = nil)
# Adds an employee
client.employee.add(employee_details_hash)
# Tabular employee data
client.employee.job_info(employee_id)
client.employee.employment_status(employee_id)
client.employee.compensation(employee_id)
client.employee.dependents(employee_id)
client.employee.contacts(employee_id)
# Time off estimate for employee. Requires end date in Date or Time format or YY-MM-DD string.
client.employee.time_off_estimate(employee_id, end_date)
# Photos for an employee
client.employee.photo_url(employee_work_email)
client.employee.photo_url(employee_id)
client.employee.photo_binary(employee_id)
# Get time off requests filtered by a number of parameters
# :id - the ID of the time off request
# :action -
# :employeeId - the ID of the employee you're looking for
# :start - filter start date
# :end - filter end date
# :type - type of time off request
# :status - must be one or more of the following: approved denied superceded requested canceled
client.time_off.requests(:employeeId: employee_id, start: Time.now)
# See who is out when.
client.time_off.whos_out(Time.now, "2014-12-31")
# Get a list of employees with specified fields
# Send `:all` for `fields` to get all fields.
# Note that this can get a list of employees with additional fields via a single
# API request instead of one per employee when using the `employees` endpoint.
client.report.custom(fields, format = "JSON")
# Find a report by its number
client.report.find(report_number, format = "JSON", fd = true)
# Get fields
client.meta.fields
# Get lists
client.meta.lists
# Get tables
client.meta.tables
# Get users
# Note: this is all uses in the system, whereas client.employee.all only gets active employees
client.meta.users
Thank you for contributing! We always welcome bug reports and/or pull requests. Please take the time to go through our contribution guidelines.
Special thanks to all the awesome people who have helped make this gem better. You can see a list of them here.
lib/bamboozled/version.rb
fileThis project is licensed under the terms of the MIT license. See the LICENSE file.
FAQs
Unknown package
We found that bamboozled-gitlab demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.