MuranoCLI 3.0.0 → 3.0.1

data/lib/MrMurano/Config-Migrate.rb

@@ -1,4 +1,4 @@
-# Last Modified: 2017.08.16 /coding: utf-8
+# Last Modified: 2017.08.20 /coding: utf-8
 # frozen_string_literal: true
 
 # Copyright © 2016-2017 Exosite LLC.
@@ -21,8 +21,6 @@ module MrMurano
       return unless solsecret.exist?
       # Is in JSON, which as a subset of YAML, so use YAML parser
       solsecret.open do |io|
-        # rubocop:disable Security/YAMLLoad: Prefer using YAML.safe_load over YAML.load.
-        # MAYBE/2017-07-02: Switch to YAML.safe_load.
         ss = YAML.load(io)
 
         pff = $cfg.file_at('passwords', :user)

data/lib/MrMurano/Config.rb

@@ -1,4 +1,4 @@
-# Last Modified: 2017.08.18 /coding: utf-8
+# Last Modified: 2017.08.23 /coding: utf-8
 # frozen_string_literal: true
 
 # Copyright © 2016-2017 Exosite LLC.
@@ -335,6 +335,8 @@ module MrMurano
       @paths.each(&:load)
       # If user wants curl commands dumped to a file, open that file.
       init_curl_file
+      # If user doesn't want paging, disable it.
+      program :help_paging, !$cfg['tool.no-page'] unless $cfg['tool.no-page'].nil?
     end
 
     ## Load specified file into the config stack
@@ -354,6 +356,7 @@ module MrMurano
 
       section, ikey = key.split('.')
       paths.each do |path|
+        next if path.data.nil?
         next unless path.data.has_section?(section)
         sec = path.data[section]
         return sec if ikey.nil?
@@ -435,8 +438,12 @@ module MrMurano
       end
 
       paths = @paths.select { |p| scope == p.kind }
-      raise "Unknown scope ‘#{scope}’" if paths.empty?
-      raise "Too many scopes ‘#{scope}’" if paths.length > 1
+      if paths.empty? || paths.length > 1
+        scope_q = fancy_ticks(scope)
+        raise "Unknown scope: #{scope_q}" if paths.empty?
+        paths_q = fancy_ticks(paths)
+        raise "Too many paths: #{paths_q} / scope: #{scope_q}" if paths.length > 1
+      end
 
       cfg = paths.first
       data = cfg.data
@@ -488,7 +495,8 @@ module MrMurano
 
         cfg_paths = @paths.select { |p| p.kind == scope }
 
-        msg = "Scope: ‘#{scope}’\n\n"
+        scope_q = fancy_ticks(scope)
+        msg = "Scope: #{scope_q}\n\n"
         locats += Rainbow(msg).bright.underline
 
         if !cfg_paths.empty?
@@ -498,9 +506,9 @@ module MrMurano
             path = "Path: #{cfg.path}\n"
           elsif %i[internal defaults].include? cfg.kind
             # cfg.path is nil.
-            path = "Path: ‘#{scope}’ config is not saved.\n"
+            path = "Path: #{scope_q} config is not saved.\n"
           else
-            path = "Path: ‘#{scope}’ config does not exist.\n"
+            path = "Path: #{scope_q} config does not exist.\n"
           end
           #locats += Rainbow(path).bright
           locats += path
@@ -535,11 +543,11 @@ module MrMurano
             locats += msg
           end
         else
-          msg = "No config found for ‘#{scope}’.\n"
+          msg = "No config found for #{scope_q}.\n"
           if scope != :specified
             locats += Rainbow(msg).red.bright
           else
-            locats += "Path: ‘#{scope}’ config does not exist.\n\n"
+            locats += "Path: #{scope_q} config does not exist.\n\n"
             locats += "Use --configfile to specify this config file.\n"
           end
         end

data/lib/MrMurano/Content.rb

@@ -1,3 +1,10 @@
+# Last Modified: 2017.08.23 /coding: utf-8
+# frozen_string_literal: true
+
+# Copyright © 2016-2017 Exosite LLC.
+# License: MIT. See LICENSE.txt.
+#  vim:tw=0:ts=2:sw=2:et:ai
+
 require 'uri'
 require 'cgi'
 require 'net/http'
@@ -8,6 +15,7 @@ require 'MrMurano/Config'
 require 'MrMurano/http'
 require 'MrMurano/verbosing'
 require 'MrMurano/SolutionId'
+require 'MrMurano/SyncAllowed'
 require 'MrMurano/SyncUpDown'
 
 module MrMurano
@@ -17,6 +25,7 @@ module MrMurano
       include Http
       include Verbose
       include SolutionId
+      include SyncAllowed
 
       def initialize
         @solntype = 'product.id'
@@ -35,7 +44,7 @@ module MrMurano
       def endpoint(path='')
         super
         parts = ['https:/', $cfg['net.host'], 'api:1'] + @uriparts
-        s = parts.map{|v| v.to_s}.join('/')
+        s = parts.map(&:to_s).join('/')
         URI(s + path.to_s)
       end
 
@@ -73,16 +82,16 @@ module MrMurano
         # ?type=
         sha256 = Digest::SHA256.new
         sha256.file(local_path.to_s)
-        mime = MIME::Types.type_for(local_path.to_s)[0] || MIME::Types["application/octet-stream"][0]
+        mime = MIME::Types.type_for(local_path.to_s)[0] || MIME::Types['application/octet-stream'][0]
 
         params = {
-          :sha256 => sha256.hexdigest,
-          :expires_in => 30,
-          :type => mime,
+          sha256: sha256.hexdigest,
+          expires_in: 30,
+          type: mime,
         }
-        if not tags.nil? and tags.kind_of? Hash then
-          params[:tags] = tags.to_json
-        end
+        params[:tags] = tags.to_json if !tags.nil? && tags.is_a?(Hash)
+
+        return unless upload_item_allowed(name)
 
         ret = get("/#{CGI.escape(name)}/upload?#{URI.encode_www_form(params)}")
         debug "POST instructions: #{ret}"
@@ -91,24 +100,24 @@ module MrMurano
 
         uri = URI(ret[:url])
         request = Net::HTTP::Post.new(uri)
-        file = HTTP::FormData::File.new(local_path.to_s, {:content_type=>mime})
-        form = HTTP::FormData.create(ret[:inputs].merge({ret[:field]=>file}))
+        file = HTTP::FormData::File.new(local_path.to_s, content_type: mime)
+        form = HTTP::FormData.create(ret[:inputs].merge(ret[:field] => file))
 
         request['User-Agent'] = "MrMurano/#{MrMurano::VERSION}"
         request.content_type = form.content_type
         request.content_length = form.content_length
         request.body = form.to_s
 
-        if $cfg['tool.curldebug'] then
+        if $cfg['tool.curldebug']
           a = []
-          a << %{curl -s}
-          a << %{-H 'User-Agent: #{request['User-Agent']}'}
-          a << %{-X #{request.method}}
-          a << %{'#{request.uri.to_s}'}
+          a << %(curl -s)
+          a << %(-H 'User-Agent: #{request['User-Agent']}')
+          a << %(-X #{request.method})
+          a << %('#{request.uri}')
           ret[:inputs].each_pair do |key, value|
-            a << %{-F '#{key}=#{value}'}
+            a << %(-F '#{key}=#{value}')
           end
-          a << %{-F #{ret[:field]}=@#{local_path.to_s}}
+          a << %(-F #{ret[:field]}=@#{local_path})
           if $cfg.curlfile_f.nil?
             puts a.join(' ')
           else
@@ -117,14 +126,17 @@ module MrMurano
           end
         end
 
-        unless $cfg['tool.dry'] then
-          Net::HTTP.start(uri.host, uri.port, {:use_ssl=>true}) do |ihttp|
-            response = ihttp.request(request)
-            case response
-            when Net::HTTPSuccess
-            else
-              showHttpError(request, response)
-            end
+        return if $cfg['tool.dry']
+        Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |ihttp|
+          response = ihttp.request(request)
+          case response
+          # rubocop:disable Lint/EmptyWhen
+          # "Avoid when branches without a body."
+          # "I'm going to allow this."
+          when Net::HTTPSuccess
+            # pass
+          else
+            showHttpError(request, response)
           end
         end
       end
@@ -132,6 +144,7 @@ module MrMurano
       # Remove content by name
       # @param name [String] Name of content to be deleted
       def remove(name)
+        return unless remove_item_allowed(name)
         delete("/#{CGI.escape(name)}")
       end
 
@@ -139,6 +152,7 @@ module MrMurano
       # @param name [String] Name of content to be downloaded
       # @param block [Block] Block to process data as it is downloaded
       def download(name, &block)
+        return unless download_item_allowed(name)
         # This is a two step process.
         # 1: Get the get instructions for S3.
         # 2: fetch from S3.
@@ -150,12 +164,12 @@ module MrMurano
         request = Net::HTTP::Get.new(uri)
         request['User-Agent'] = "MrMurano/#{MrMurano::VERSION}"
 
-        if $cfg['tool.curldebug'] then
+        if $cfg['tool.curldebug']
           a = []
-          a << %{curl -s}
-          a << %{-H 'User-Agent: #{request['User-Agent']}'}
-          a << %{-X #{request.method}}
-          a << %{'#{request.uri.to_s}'}
+          a << %(curl -s)
+          a << %(-H 'User-Agent: #{request['User-Agent']}')
+          a << %(-X #{request.method})
+          a << %('#{request.uri}')
           if $cfg.curlfile_f.nil?
             puts a.join(' ')
           else
@@ -164,28 +178,25 @@ module MrMurano
           end
         end
 
-        unless $cfg['tool.dry'] then
-          Net::HTTP.start(uri.host, uri.port, {:use_ssl=>true}) do |ihttp|
-            ihttp.request(request) do |response|
-              case response
-              when Net::HTTPSuccess
-                if block_given? then
-                  response.read_body(&block)
-                else
-                  response.read_body do |chunk|
-                    $stdout.write chunk
-                  end
-                end
+        return if $cfg['tool.dry']
+        Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |ihttp|
+          ihttp.request(request) do |response|
+            case response
+            when Net::HTTPSuccess
+              if block_given?
+                response.read_body(&block)
               else
-                showHttpError(request, response)
+                response.read_body do |chunk|
+                  $stdout.write chunk
+                end
               end
+            else
+              showHttpError(request, response)
             end
           end
         end
       end
-
     end
   end
 end
 
-#  vim: set ai et sw=2 ts=2 :

data/lib/MrMurano/Gateway.rb

@@ -1,4 +1,4 @@
-# Last Modified: 2017.08.17 /coding: utf-8
+# Last Modified: 2017.08.23 /coding: utf-8
 # frozen_string_literal: true
 
 # Copyright © 2016-2017 Exosite LLC.
@@ -25,6 +25,7 @@ module MrMurano
       include Http
       include Verbose
       include SolutionId
+      include SyncAllowed
 
       def initialize
         @solntype = 'product.id'
@@ -155,10 +156,13 @@ module MrMurano
       end
 
       def remove(itemkey)
+        return unless remove_item_allowed(itemkey)
         @there.delete_if { |item| item[@itemkey] == itemkey }
       end
 
       def upload(_local, remote, _modify)
+        # Not calling, e.g., `return unless upload_item_allowed(local)`
+        #   See instead: syncup_after and syncdown_after/resources_write
         @there.delete_if { |item| item[@itemkey] == remote[@itemkey] }
         @there << remote.reject { |k, _v| %i[synckey synctype].include? k }
       end
@@ -192,6 +196,8 @@ module MrMurano
       end
 
       def download(_local, item)
+        # Not calling, e.g., `return unless download_item_allowed(item[@itemkey])`
+        #   See instead: syncup_after and syncdown_after/resources_write
         @here = locallist if @here.nil?
         # needs to append/merge with file
         @here.delete_if do |i|
@@ -218,7 +224,9 @@ module MrMurano
       end
 
       def removelocal(_local, item)
-        # needs to append/merge with file
+        # Not calling, e.g., `return unless removelocal_item_allowed(item[@itemkey])`
+        #   See instead: syncup_after and syncdown_after/resources_write
+        # Append/merge with file.
         key = @itemkey.to_sym
         @here.delete_if do |it|
           it[key] == item[key]
@@ -297,8 +305,6 @@ module MrMurano
         end
 
         here = {}
-        # rubocop:disable Security/YAMLLoad: Prefer using YAML.safe_load over YAML.load.
-        # MAYBE/2017-07-02: Convert to safe_load.
         from.open { |io| here = YAML.load(io) }
         here = {} if here == false
 
@@ -375,23 +381,39 @@ module MrMurano
       ## Create a device with given Identity
       # @param id [String] The new identity
       # @param opts [Hash] Options for the new device
+      # @option opts [Integer] :expire Time at microsecs since epoch when activation window closes.
+      #   (EXPLAIN/2017-08-23: For a certificate, is this different? Time when it must be reprovisioned?)
+      # @option opts [String,Pathname,IO] :key Shared secret for hash, password, token types;
+      #                                        or public key for certificate auth type.
+      #                                        May be string or IO/Pathname to file.
       # @option opts [String] :type One of: certificate, hash, password, signature, token
-      # @option opts [String,Pathname,IO] :publickey The certificate, or IO/Pathname to cert file
-      # @option opts [String] :privatekey Shared secret for hash, password, token types
-      # @option opts [String,Integer] :expire For Cert, when it must be reprovisioned, otherwise when the activation window closes.
+      DEVICE_AUTH_TYPES = %i[certificate hash password signature token].freeze
       def enable(id, opts=nil)
-        if !opts.nil?
-          #opts.reject! { |k, _v| !%i[type publickey privatekey expire].include?(k) }
-          opts.select! { |k, _v| %i[type publickey privatekey expire].include?(k) }
-          if opts.key?(:publickey) && !opts[:publickey].is_a?(String)
-            io = opts[:publickey]
-            opts[:publickey] = io.read
+        opts = {} if opts.nil?
+        props = { auth: {}, locked: false }
+        # See: okami_api/api/swagger/swagger.yaml
+        unless opts[:expire].nil?
+          begin
+            props[:auth][:expire] = Integer(opts[:expire])
+          rescue ArgumentError
+            # Callers should prevent this, so ugly raise is okay.
+            raise ':expire option is not a valid number: #{fancy_ticks(opts[:expire])}'
           end
-        else
-          opts = {}
+        end
+        unless opts[:type].nil?
+          opts[:type] = opts[:type].to_sym
+          unless DEVICE_AUTH_TYPES.include?(opts[:type])
+            complaint = ":type must be one of #{DEVICE_AUTH_TYPES.join('|')}"
+            raise complaint
+          end
+          props[:auth][:type] = opts[:type]
+        end
+        unless opts[:key].nil?
+          props[:auth][:key] = opts[:key].is_a?(String) && opts[:key] || opts[:key].read
+          props[:auth][:type] = :certificate if props[:auth][:type].nil?
         end
         whirly_start('Enabling Device...')
-        putted = put("/#{CGI.escape(id.to_s)}", opts)
+        putted = put("/#{CGI.escape(id.to_s)}", props)
         whirly_stop
         putted
       end
@@ -400,19 +422,21 @@ module MrMurano
 
       ## Create a bunch of devices at once
       # @param local [String, Pathname] CSV file of identifiers
-      # @param expire [Number] Expire time for all identities (ignored)
+      # @param expire [Number] Expire time for all identities
       # @return [void]
-      def enable_batch(local, _expire=nil)
+      def enable_batch(local, expire=nil)
         # Need to modify @uriparts for just this endpoint call.
         uriparts = @uriparts
         @uriparts[-1] = :identities
         uri = endpoint
         @uriparts = uriparts
-
         file = HTTP::FormData::File.new(local.to_s, content_type: 'text/csv')
-        form = HTTP::FormData.create(identities: file)
+        opts = {}
+        opts[:identities] = file
+        opts[:expire] = expire unless expire.nil?
+        form = HTTP::FormData.create(**opts)
         req = Net::HTTP::Post.new(uri)
-        set_def_headers(req)
+        add_headers(req)
         req.content_type = form.content_type
         req.content_length = form.content_length
         req.body = form.to_s
@@ -425,6 +449,7 @@ module MrMurano
       ## Delete a device
       # @param identifier [String] Who to delete.
       def remove(identifier)
+        return unless remove_item_allowed(identifier)
         delete("/#{CGI.escape(identifier.to_s)}")
       end
 
@@ -475,14 +500,30 @@ module MrMurano
       # @param values [Hash] Aliases and the values to write.
       def write(identifier, values)
         debug "Will Write: #{values}"
+        # EXPLAIN/2017-08-23: Why not escape the ID?
+        #   #{CGI.escape(identifier.to_s)}
         patch("/#{identifier}/state", values)
       end
 
       # Read the current state for a device
       # @param identifier [String] The identifier for the device to read.
       def read(identifier)
+        # EXPLAIN/2017-08-23: Why not escape the ID?
+        #   #{CGI.escape(identifier.to_s)}
         get("/#{identifier}/state")
       end
+
+      def lock(identifier)
+        patch("/#{CGI.escape(identifier.to_s)}", locked: true)
+      end
+
+      def unlock(identifier)
+        patch("/#{CGI.escape(identifier.to_s)}", locked: false)
+      end
+
+      def revoke(identifier)
+        patch("/#{CGI.escape(identifier.to_s)}", auth: { expire: 0 })
+      end
     end
   end
 end

data/lib/MrMurano/Mock.rb

@@ -1,3 +1,10 @@
+# Last Modified: 2017.08.20 /coding: utf-8
+# frozen_string_literal: true
+
+# Copyright © 2016-2017 Exosite LLC.
+# License: MIT. See LICENSE.txt.
+#  vim:tw=0:ts=2:sw=2:et:ai
+
 require 'erb'
 require 'securerandom'
 
@@ -9,55 +16,56 @@ module MrMurano
     end
 
     def show
-      file = Pathname.new(get_testpoint_path)
-      if file.exist? then
-        authorization = %{if request.headers["authorization"] == "}
+      file = Pathname.new(testpoint_path)
+      if file.exist?
+        authorization = %(if request.headers["authorization"] == ")
         file.open('rb') do |io|
           io.each_line do |line|
             auth_line = line.include?(authorization)
-            if auth_line then
+            if auth_line
               capture = /\=\= "(.*)"/.match(line)
               return capture.captures[0]
             end
           end
         end
       end
-      return false
+      false
     end
 
-    def get_mock_template
-      path = get_mock_template_path()
-      return ::File.read(path)
+    def mock_template
+      path = mock_template_path
+      ::File.read(path)
     end
 
-    def get_testpoint_path
+    def testpoint_path
       file_name = 'testpoint.post.lua'
-      path = %{#{$cfg['location.endpoints']}/#{file_name}}
-      return path
+      path = %(#{$cfg['location.endpoints']}/#{file_name})
+      path
     end
 
-    def get_mock_template_path
-      return ::File.join(::File.dirname(__FILE__), 'template', 'mock.erb')
+    def mock_template_path
+      ::File.join(::File.dirname(__FILE__), 'template', 'mock.erb')
     end
 
     def create_testpoint
       uuid = SecureRandom.uuid
-      template = ERB.new(get_mock_template)
+      template = ERB.new(mock_template)
       endpoint = template.result(binding)
 
-      Pathname.new(get_testpoint_path).open('wb') do |io|
+      Pathname.new(testpoint_path).open('wb') do |io|
         io << endpoint
       end
-      return uuid
+      uuid
     end
 
     def remove_testpoint
-      file = Pathname.new(get_testpoint_path)
-      if file.exist? then
+      file = Pathname.new(testpoint_path)
+      if file.exist?
         file.unlink
         return true
       end
-      return false
+      false
     end
   end
 end
+