aerospike 2.20.1 → 2.22.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5453ee9475d4868e6b65ed5a13868dac07e0628538330da6b8f6f1a1a65624c7
-  data.tar.gz: 74044cf1e3c30af803c2d04e7e17989cc49e699b229c1cd08b0cfb384ee004a4
+  metadata.gz: 2ad4dc9000e94d5dc8b3c4404e2b68907ba935c196e4061a843f49ec8ad54378
+  data.tar.gz: b55b74f657f46946eccd2ea4005075424234c5d12fa5a9bf77416870c2246928
 SHA512:
-  metadata.gz: aea8982415b6f606822ab4648dc48fea6f13ca1984eb7f0ba7a1708da03a975dbd484aeb206ad3472af1c867f40623a6db4cb9fd35d80b0b65f54dfc4f10a059
-  data.tar.gz: bab0149d85d4b90232bc2a9fad68aeda837b175ea981d671690cddf26e7713d5d8c7ef732abd2f1445e8bf880fb595f1b9aafd9b1b1028dd7c0ada94d70ccc97
+  metadata.gz: 37a3fb668569cbe8ff16318847cd99588f7d54afd342f3d45e397bcf2a241d44c7b1f3f5b2cfe6d98978b65d0babf812d6d51bb5051d9cc6a1aef43845e48c65
+  data.tar.gz: 3c13ca332594f6edc7cafb4eb68aa996afca8d09436053c31f0faf97b3005f011fa97afeb037aa17bc3a0bc9fcb48cfdad22a20639860dada568433055d47d09

data/CHANGELOG.md

@@ -2,6 +2,28 @@
 
 All notable changes to this project will be documented in this file.
 
+## [2.22.0] 2022-07-14
+
+* **Fixes**
+  * [CLIENT-1785] Fix Client#read_users to avoid error. PR #112 Thanks to [Dotan Mor](https://github.com/dotan-mor)
+  * [CLIENT-1787] Support multiple DNS IPs during connection.
+  * [CLIENT-1789] Authentication Retry fails in certain conditions.
+
+## [2.21.1] - 2022-06-21
+  
+This s hotfix release. It is recommended to upgrade your client if you use authentication.
+
+* **Bug Fixes**
+  * Fix called function name in Authenticate.
+
+## [2.21.0] - 2022-06-07
+
+* **New Features**
+  * Add support for new user management features. Adds `Client#query_role`, `Client#query_roles`, `Client#create_role`, `Client#drop_role`, `Client#grant_privileges`, `Client#revoke_privileges`. Adds the 'Role' class. Adds `UserRoles#read_info`, `UserRoles#write_info`, `UserRoles#conns_in_use` to the `UserRoles` class.
+
+* **Improvements**
+  * Do not run PredExp tests for server v6+.
+
 ## [2.20.1] - 2022-05-11
 
 * **Improvements**

data/lib/aerospike/client.rb

@@ -764,7 +764,7 @@ module Aerospike
     # before sending to server.
     def create_user(user, password, roles, options = nil)
       policy = create_policy(options, AdminPolicy, default_admin_policy)
-      hash = AdminCommand.hash_password(password)
+      hash = LoginCommand.hash_password(password)
       command = AdminCommand.new
       command.create_user(@cluster, policy, user, hash, roles)
     end
@@ -781,7 +781,7 @@ module Aerospike
       raise Aerospike::Exceptions::Aerospike.new(INVALID_USER) unless @cluster.user && @cluster.user != ""
       policy = create_policy(options, AdminPolicy, default_admin_policy)
 
-      hash = AdminCommand.hash_password(password)
+      hash = LoginCommand.hash_password(password)
       command = AdminCommand.new
 
       if user == @cluster.user
@@ -823,6 +823,50 @@ module Aerospike
       command.query_users(@cluster, policy)
     end
 
+    # Retrieve privileges for a given role.
+    def query_role(role, options = nil)
+      policy = create_policy(options, AdminPolicy, default_admin_policy)
+      command = AdminCommand.new
+      command.query_role(@cluster, policy, role)
+    end
+
+    # Retrieve all roles and their privileges.
+    def query_roles(options = nil)
+      policy = create_policy(options, AdminPolicy, default_admin_policy)
+      command = AdminCommand.new
+      command.query_roles(@cluster, policy)
+    end
+
+    # Create a user-defined role.
+    # Quotas require server security configuration "enable-quotas" to be set to true.
+    # Pass 0 for quota values for no limit.
+    def create_role(role_name, privileges = [], allowlist = [], read_quota = 0, write_quota = 0, options = nil)
+      policy = create_policy(options, AdminPolicy, default_admin_policy)
+      command = AdminCommand.new
+      command.create_role(@cluster, policy, role_name, privileges, allowlist, read_quota, write_quota)
+    end
+
+    # Remove a user-defined role.
+    def drop_role(role_name, options = nil)
+      policy = create_policy(options, AdminPolicy, default_admin_policy)
+      command = AdminCommand.new
+      command.drop_role(@cluster, policy, role_name)
+    end
+
+    # Grant privileges to a user-defined role.
+    def grant_privileges(role_name, privileges, options = nil)
+      policy = create_policy(options, AdminPolicy, default_admin_policy)
+      command = AdminCommand.new
+      command.grant_privileges(@cluster, policy, role_name, privileges)
+    end
+
+    # Revoke privileges from a user-defined role.
+    def revoke_privileges(role_name, privileges, options = nil)
+      policy = create_policy(options, AdminPolicy, default_admin_policy)
+      command = AdminCommand.new
+      command.revoke_privileges(@cluster, policy, role_name, privileges)
+    end
+
     private
 
     def set_default_policies(policies)

data/lib/aerospike/cluster/create_connection.rb

@@ -32,7 +32,7 @@ module Aerospike
           ).tap do |conn|
             if cluster.credentials_given?
               # Authenticate will raise and close connection if invalid credentials
-              Connection::Authenticate.(conn, cluster.user, cluster.password)
+              Connection::AuthenticateNew.(conn, cluster)
             end
           end
         end

data/lib/aerospike/cluster.rb

@@ -27,9 +27,12 @@ module Aerospike
     attr_reader :features, :tls_options
     attr_reader :cluster_id, :aliases
     attr_reader :cluster_name
+    attr_reader :client_policy
     attr_accessor :rack_aware, :rack_id
+    attr_accessor :session_token, :session_expiration
 
     def initialize(policy, hosts)
+      @client_policy = policy
       @cluster_seeds = hosts
       @fail_if_not_connected = policy.fail_if_not_connected
       @connection_queue_size = policy.connection_queue_size
@@ -56,7 +59,7 @@ module Aerospike
       # setup auth info for cluster
       if policy.requires_authentication
         @user = policy.user
-        @password = AdminCommand.hash_password(policy.password)
+        @password = LoginCommand.hash_password(policy.password)
       end
 
       initialize_tls_host_names(hosts) if tls_enabled?
@@ -78,6 +81,15 @@ module Aerospike
       !(@user.nil? || @user.empty?)
     end
 
+    def session_valid?
+      @session_token && @session_expiration && @session_expiration.to_i < Time.now.to_i
+    end
+
+    def reset_session_info
+      @session_token = nil
+      @session_expiration = nil
+    end
+
     def tls_enabled?
       !tls_options.nil? && tls_options[:enable] != false
     end
@@ -436,6 +448,7 @@ module Aerospike
         cluster_config_changed = true
       end
 
+
       cluster_config_changed
     end
 
@@ -450,7 +463,7 @@ module Aerospike
       count = -1
       done = false
 
-      # will run until the cluster is stablized
+      # will run until the cluster is stabilized
       thr = Thread.new do
         loop do
           tend
@@ -462,14 +475,17 @@ module Aerospike
           # Break if timed out
           break if done
 
-          sleep(0.001) # sleep for a milisecond
+          sleep(0.001) # sleep for a millisecond
 
           count = nodes.length
         end
       end
 
       # wait for the thread to finish or timeout
-      thr.join(@connection_timeout)
+      # This will give the client up to 10 times the timeout duration to find
+      # a host and connect successfully eventually, in case the DNS
+      # returns multiple IPs and some of them are not reachable.
+      thr.join(@connection_timeout * 10)
       done = true
       sleep(0.001)
       thr.kill if thr.alive?