RubyGems - aspera-cli - Versions diffs - 4.14.0 → 4.16.0 - Mend

aspera-cli 4.14.0 → 4.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (104) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/BUGS.md +29 -3
data/CHANGELOG.md +300 -185
data/CONTRIBUTING.md +74 -23
data/README.md +2346 -1619
data/bin/ascli +16 -25
data/bin/asession +15 -15
data/examples/dascli +2 -2
data/examples/proxy.pac +1 -1
data/lib/aspera/aoc.rb +216 -150
data/lib/aspera/ascmd.rb +25 -18
data/lib/aspera/assert.rb +45 -0
data/lib/aspera/cli/basic_auth_plugin.rb +9 -6
data/lib/aspera/cli/error.rb +17 -0
data/lib/aspera/cli/extended_value.rb +51 -16
data/lib/aspera/cli/formatter.rb +276 -174
data/lib/aspera/cli/hints.rb +81 -0
data/lib/aspera/cli/main.rb +114 -147
data/lib/aspera/cli/manager.rb +181 -136
data/lib/aspera/cli/plugin.rb +82 -64
data/lib/aspera/cli/plugins/alee.rb +0 -1
data/lib/aspera/cli/plugins/aoc.rb +327 -331
data/lib/aspera/cli/plugins/ats.rb +12 -8
data/lib/aspera/cli/plugins/bss.rb +2 -2
data/lib/aspera/cli/plugins/config.rb +575 -439
data/lib/aspera/cli/plugins/console.rb +40 -0
data/lib/aspera/cli/plugins/cos.rb +4 -5
data/lib/aspera/cli/plugins/faspex.rb +111 -92
data/lib/aspera/cli/plugins/faspex5.rb +245 -182
data/lib/aspera/cli/plugins/node.rb +239 -160
data/lib/aspera/cli/plugins/orchestrator.rb +56 -19
data/lib/aspera/cli/plugins/preview.rb +54 -38
data/lib/aspera/cli/plugins/server.rb +63 -20
data/lib/aspera/cli/plugins/shares.rb +64 -38
data/lib/aspera/cli/sync_actions.rb +68 -0
data/lib/aspera/cli/transfer_agent.rb +64 -67
data/lib/aspera/cli/transfer_progress.rb +73 -0
data/lib/aspera/cli/version.rb +1 -1
data/lib/aspera/colors.rb +3 -1
data/lib/aspera/command_line_builder.rb +27 -22
data/lib/aspera/cos_node.rb +6 -4
data/lib/aspera/coverage.rb +22 -0
data/lib/aspera/data_repository.rb +33 -2
data/lib/aspera/environment.rb +21 -8
data/lib/aspera/fasp/agent_alpha.rb +116 -0
data/lib/aspera/fasp/agent_base.rb +40 -76
data/lib/aspera/fasp/agent_connect.rb +21 -22
data/lib/aspera/fasp/agent_direct.rb +169 -179
data/lib/aspera/fasp/agent_httpgw.rb +200 -195
data/lib/aspera/fasp/agent_node.rb +43 -35
data/lib/aspera/fasp/agent_trsdk.rb +124 -41
data/lib/aspera/fasp/error_info.rb +2 -2
data/lib/aspera/fasp/faux_file.rb +52 -0
data/lib/aspera/fasp/installation.rb +89 -191
data/lib/aspera/fasp/management.rb +249 -0
data/lib/aspera/fasp/parameters.rb +86 -47
data/lib/aspera/fasp/parameters.yaml +75 -8
data/lib/aspera/fasp/products.rb +162 -0
data/lib/aspera/fasp/resume_policy.rb +7 -5
data/lib/aspera/fasp/sync.rb +273 -0
data/lib/aspera/fasp/transfer_spec.rb +10 -8
data/lib/aspera/fasp/uri.rb +6 -6
data/lib/aspera/faspex_gw.rb +11 -8
data/lib/aspera/faspex_postproc.rb +8 -7
data/lib/aspera/hash_ext.rb +2 -2
data/lib/aspera/id_generator.rb +3 -1
data/lib/aspera/json_rpc.rb +51 -0
data/lib/aspera/keychain/encrypted_hash.rb +46 -11
data/lib/aspera/keychain/macos_security.rb +15 -13
data/lib/aspera/line_logger.rb +23 -0
data/lib/aspera/log.rb +61 -19
data/lib/aspera/nagios.rb +7 -2
data/lib/aspera/node.rb +105 -21
data/lib/aspera/node_simulator.rb +214 -0
data/lib/aspera/oauth.rb +57 -36
data/lib/aspera/open_application.rb +4 -4
data/lib/aspera/persistency_action_once.rb +13 -14
data/lib/aspera/persistency_folder.rb +5 -4
data/lib/aspera/preview/file_types.rb +56 -268
data/lib/aspera/preview/generator.rb +28 -39
data/lib/aspera/preview/options.rb +2 -0
data/lib/aspera/preview/terminal.rb +36 -16
data/lib/aspera/preview/utils.rb +23 -29
data/lib/aspera/proxy_auto_config.rb +6 -3
data/lib/aspera/rest.rb +127 -80
data/lib/aspera/rest_call_error.rb +1 -1
data/lib/aspera/rest_error_analyzer.rb +16 -14
data/lib/aspera/rest_errors_aspera.rb +39 -34
data/lib/aspera/secret_hider.rb +18 -17
data/lib/aspera/ssh.rb +10 -5
data/lib/aspera/temp_file_manager.rb +11 -4
data/lib/aspera/web_auth.rb +10 -7
data/lib/aspera/web_server_simple.rb +11 -5
data.tar.gz.sig +0 -0
metadata +108 -39
metadata.gz.sig +0 -0
data/lib/aspera/cli/listener/line_dump.rb +0 -19
data/lib/aspera/cli/listener/logger.rb +0 -22
data/lib/aspera/cli/listener/progress.rb +0 -50
data/lib/aspera/cli/listener/progress_multi.rb +0 -84
data/lib/aspera/cli/plugins/sync.rb +0 -44
data/lib/aspera/fasp/listener.rb +0 -13
data/lib/aspera/sync.rb +0 -213

data/lib/aspera/cli/plugins/node.rb CHANGED Viewed

@@ -1,92 +1,91 @@
 # frozen_string_literal: true
+# cspell:ignore snid fnid bidi ssync asyncs rund asnodeadmin mkfile mklink asperabrowser asperabrowserurl watchfolders watchfolderd entsrv
 require 'aspera/cli/basic_auth_plugin'
-require 'aspera/cli/plugins/sync'
+require 'aspera/cli/sync_actions'
+require 'aspera/fasp/transfer_spec'
 require 'aspera/nagios'
 require 'aspera/hash_ext'
 require 'aspera/id_generator'
 require 'aspera/node'
 require 'aspera/aoc'
-require 'aspera/sync'
-require 'aspera/fasp/transfer_spec'
+require 'aspera/oauth'
+require 'aspera/node_simulator'
+require 'aspera/assert'
 require 'base64'
 require 'zlib'
 module Aspera
   module Cli
     module Plugins
-      class SyncSpecGen3
-        def initialize(api_node)
-          @api_node = api_node
-        end
-        def transfer_spec(direction, local_path, remote_path)
-          # empty transfer spec for authorization request
-          direction_sym = direction.to_sym
-          request_transfer_spec = {
-            type:  Aspera::Sync::DIRECTION_TO_REQUEST_TYPE[direction_sym],
-            paths: {
-              source:      remote_path,
-              destination: local_path
-            }
-          }
-          # add fixed parameters if any (for COS)
-          @api_node.add_tspec_info(request_transfer_spec) if @api_node.respond_to?(:add_tspec_info)
-          # prepare payload for single request
-          setup_payload = {transfer_requests: [{transfer_request: request_transfer_spec}]}
-          # only one request, so only one answer
-          transfer_spec = @api_node.create('files/sync_setup', setup_payload)[:data]['transfer_specs'].first['transfer_spec']
-          # API returns null tag... but async does not like it
-          transfer_spec.delete_if{ |_k, v| v.nil? }
-          # delete this part, as the returned value contains only destination, and not sources
-          # transfer_spec.delete('paths') if command.eql?(:upload)
-          Log.dump(:ts, transfer_spec)
-          return transfer_spec
-        end
-      end
-      class SyncSpecGen4
-        def initialize(api_node, top_file_id)
-          @api_node = api_node
-          @top_file_id = top_file_id
-        end
-        def transfer_spec(direction, local_path, remote_path)
-          # remote is specified by option to_folder
-          apifid = @api_node.resolve_api_fid(@top_file_id, remote_path)
-          transfer_spec = apifid[:api].transfer_spec_gen4(apifid[:file_id], Fasp::TransferSpec::DIRECTION_SEND)
-          Log.dump(:ts, transfer_spec)
-          return transfer_spec
-        end
-      end
       class Node < Aspera::Cli::BasicAuthPlugin
+        include SyncActions
         class << self
-          def detect(base_url)
-            api = Rest.new({ base_url: base_url})
-            result = api.call({ operation: 'GET', subpath: 'ping'})
-            if result[:http].body.eql?('')
-              return { product: :node, version: 'unknown'}
+          @@node_options_declared = false # rubocop:disable Style/ClassVars
+          def application_name
+            'HSTS Node API'
+          end
+          def detect(address_or_url)
+            urls = if address_or_url.match?(%r{^[a-z]{1,6}://})
+              [address_or_url]
+            else
+              [
+                "https://#{address_or_url}",
+                "https://#{address_or_url}:9092",
+                "http://#{address_or_url}:9091"
+              ]
+            end
+            urls.each do |base_url|
+              next unless base_url.match?('https?://')
+              api = Rest.new(base_url: base_url)
+              test_endpoint = 'ping'
+              result = api.call(operation: 'GET', subpath: test_endpoint)
+              next unless result[:http].body.eql?('')
+              url_length = -2 - test_endpoint.length
+              return {
+                url: result[:http].uri.to_s[0..url_length]
+              }
+            rescue StandardError => e
+              Log.log.debug{"detect error: #{e}"}
             end
             return nil
           end
-          def register_node_options(env)
-            env[:options].declare(:validator, 'Identifier of validator (optional for central)')
-            env[:options].declare(:asperabrowserurl, 'URL for simple aspera web ui', default: 'https://asperabrowser.mybluemix.net')
-            env[:options].declare(:sync_name, 'Sync name')
-            env[:options].declare(:default_ports, 'Use standard FASP ports or get from node api (gen4)', values: :bool, default: :yes)
-            env[:options].parse_options!
-            Aspera::Node.use_standard_ports = env[:options].get_option(:default_ports)
+          def wizard(object:, private_key_path: nil, pub_key_pem: nil)
+            options = object.options
+            return {
+              preset_value: {
+                url:      options.get_option(:url, mandatory: true),
+                username: options.get_option(:username, mandatory: true),
+                password: options.get_option(:password, mandatory: true)
+              },
+              test_args:    'info'
+            }
+          end
+          def declare_options(options, force: false)
+            return if @@node_options_declared && !force
+            @@node_options_declared = true # rubocop:disable Style/ClassVars
+            options.declare(:validator, 'Identifier of validator (optional for central)')
+            options.declare(:asperabrowserurl, 'URL for simple aspera web ui', default: 'https://asperabrowser.mybluemix.net')
+            options.declare(:sync_name, 'Sync name')
+            options.declare(
+              :default_ports, 'Use standard FASP ports or get from node api (gen4)', values: :bool, default: :yes,
+              handler: {o: Aspera::Node, m: :use_standard_ports})
+            options.declare(:root_id, 'File id of top folder if using bearer tokens')
+            SyncActions.declare_options(options)
+            options.parse_options!
           end
         end
         # spellchecker: disable
         # SOAP API call to test central API
-        CENTRAL_SOAP_API_TEST = '<?xml version="1.0" encoding="UTF-8"?>'\
-          '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="urn:Aspera:XML:FASPSessionNET:2009/11:Types">'\
-          '<soapenv:Header></soapenv:Header>'\
-          '<soapenv:Body><typ:GetSessionInfoRequest><SessionFilter><SessionStatus>running</SessionStatus></SessionFilter></typ:GetSessionInfoRequest></soapenv:Body>'\
+        CENTRAL_SOAP_API_TEST = '<?xml version="1.0" encoding="UTF-8"?>' \
+          '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="urn:Aspera:XML:FASPSessionNET:2009/11:Types">' \
+          '<soapenv:Header></soapenv:Header>' \
+          '<soapenv:Body><typ:GetSessionInfoRequest><SessionFilter><SessionStatus>running</SessionStatus></SessionFilter></typ:GetSessionInfoRequest></soapenv:Body>' \
           '</soapenv:Envelope>'
         # spellchecker: enable
@@ -94,17 +93,17 @@ module Aspera
         SEARCH_REMOVE_FIELDS = %w[basename permissions].freeze
         # actions in execute_command_gen3
-        COMMANDS_GEN3 = %i[search space mkdir mklink mkfile rename delete browse upload download sync]
+        COMMANDS_GEN3 = %i[search space mkdir mklink mkfile rename delete browse upload download http_node_download sync]
         BASE_ACTIONS = %i[api_details].concat(COMMANDS_GEN3).freeze
-        SPECIAL_ACTIONS = %i[health events info license].freeze
+        SPECIAL_ACTIONS = %i[health events info slash license].freeze
         # actions available in v3 in gen4
-        V3_IN_V4_ACTIONS = %i[access_key].concat(BASE_ACTIONS).concat(SPECIAL_ACTIONS).freeze
+        V3_IN_V4_ACTIONS = %i[access_keys].concat(BASE_ACTIONS).concat(SPECIAL_ACTIONS).freeze
         # actions used commonly when a node is involved
-        COMMON_ACTIONS = %i[access_key].concat(BASE_ACTIONS).concat(SPECIAL_ACTIONS).freeze
+        COMMON_ACTIONS = %i[access_keys].concat(BASE_ACTIONS).concat(SPECIAL_ACTIONS).freeze
         private_constant(*%i[CENTRAL_SOAP_API_TEST SEARCH_REMOVE_FIELDS BASE_ACTIONS SPECIAL_ACTIONS V3_IN_V4_ACTIONS COMMON_ACTIONS])
@@ -114,26 +113,22 @@ module Aspera
         # commands for execute_command_gen4
         COMMANDS_GEN4 = %i[mkdir rename delete upload download sync http_node_download show modify permission thumbnail v3].concat(NODE4_READ_ACTIONS).freeze
-        COMMANDS_COS = %i[upload download info access_key api_details transfer].freeze
+        COMMANDS_COS = %i[upload download info access_keys api_details transfer].freeze
         COMMANDS_SHARES = (BASE_ACTIONS - %i[search]).freeze
         COMMANDS_FASPEX = COMMON_ACTIONS
-        def initialize(env)
+        def initialize(env, api: nil)
           super(env)
-          self.class.register_node_options(env) unless env[:skip_node_options]
-          return if env[:man_only]
+          Node.declare_options(options, force: env[:all_manuals])
           @api_node =
-            if env.key?(:node_api)
+            if !api.nil? || env[:all_manuals]
               # this can be Aspera::Node or Aspera::Rest (shares)
-              env[:node_api]
-            elsif options.get_option(:password, mandatory: true).start_with?('Bearer ')
+              api
+            elsif Oauth.bearer?(options.get_option(:password, mandatory: true))
               # info is provided like node_info of aoc
               Aspera::Node.new(params: {
                 base_url: options.get_option(:url, mandatory: true),
-                headers:  {
-                  Aspera::Node::HEADER_X_ASPERA_ACCESS_KEY => options.get_option(:username, mandatory: true),
-                  'Authorization'                          => options.get_option(:password, mandatory: true)
-                }
+                headers:  Aspera::Node.bearer_headers(options.get_option(:password, mandatory: true))
               })
             else
               # this is normal case
@@ -147,26 +142,6 @@ module Aspera
             end
         end
-        def c_textify_browse(table_data)
-          return table_data.map do |i|
-                   i['permissions'] = i['permissions'].map { |x| x['name'] }.join(',')
-                   i
-                 end
-        end
-        # key/value is defined in main in hash_table
-        def c_textify_bool_list_result(list, name_list)
-          list.each_index do |i|
-            next unless name_list.include?(list[i]['key'])
-            list[i]['value'].each do |item|
-              list.push({'key' => item['name'], 'value' => item['value']})
-            end
-            list.delete_at(i)
-            # continue at same index because we delete current one
-            redo
-          end
-        end
         # reduce the path from a result on given named column
         def c_result_remove_prefix_path(result, column, path_prefix)
           if !path_prefix.nil?
@@ -222,7 +197,7 @@ module Aspera
           when :search
             search_root = get_next_arg_add_prefix(prefix_path, 'search root')
             parameters = {'path' => search_root}
-            other_options = value_or_query(allowed_types: Hash)
+            other_options = query_option
             parameters.merge!(other_options) unless other_options.nil?
             resp = @api_node.create('files/search', parameters)
             result = { type: :object_list, data: resp[:data]['items']}
@@ -268,17 +243,40 @@ module Aspera
             # if there is no items
             case send_result['self']['type']
             when 'directory', 'container' # directory: node, container: shares
-              result = { data: send_result['items'], type: :object_list, textify: lambda { |table_data| c_textify_browse(table_data) } }
+              result = { data: send_result['items'], type: :object_list }
               formatter.display_item_count(send_result['item_count'], send_result['total_count'])
             else # 'file','symbolic_link'
               result = { data: send_result['self'], type: :single_object}
-              # result={ data: [send_result['self']] , type: :object_list, textify: lambda { |table_data| c_textify_browse(table_data) } }
-              # raise "unknown type: #{send_result['self']['type']}"
             end
             return c_result_remove_prefix_path(result, 'path', prefix_path)
           when :sync
-            node_sync = SyncSpecGen3.new(@api_node)
-            return Plugins::Sync.new(@agents, sync_spec: node_sync).execute_action
+            return execute_sync_action do |sync_direction, local_path, remote_path|
+              # Gen3 API
+              # empty transfer spec for authorization request
+              request_transfer_spec = {
+                type:  case sync_direction
+                       when :push then :sync_upload
+                       when :pull then :sync_download
+                       when :bidi then :sync
+                       end,
+                paths: [{
+                  source:      remote_path,
+                  destination: local_path
+                }]
+              }
+              # add fixed parameters if any (for COS)
+              @api_node.add_tspec_info(request_transfer_spec) if @api_node.respond_to?(:add_tspec_info)
+              # prepare payload for single request
+              setup_payload = {transfer_requests: [{transfer_request: request_transfer_spec}]}
+              # only one request, so only one answer
+              transfer_spec = @api_node.create('files/sync_setup', setup_payload)[:data]['transfer_specs'].first['transfer_spec']
+              # API returns null tag... but async does not like it
+              transfer_spec.delete_if{ |_k, v| v.nil? }
+              # delete this part, as the returned value contains only destination, and not sources
+              # transfer_spec.delete('paths') if command.eql?(:upload)
+              Log.log.debug{Log.dump(:ts, transfer_spec)}
+              transfer_spec
+            end
           when :upload, :download
             # empty transfer spec for authorization request
             request_transfer_spec = {}
@@ -297,8 +295,16 @@ module Aspera
             # delete this part, as the returned value contains only destination, and not sources
             transfer_spec.delete('paths') if command.eql?(:upload)
             return Main.result_transfer(transfer.start(transfer_spec))
+          when :http_node_download
+            remote_path = get_next_arg_add_prefix(prefix_path, 'remote path')
+            file_name = File.basename(remote_path)
+            @api_node.call(
+              operation: 'GET',
+              subpath: "files/#{URI.encode_www_form_component(remote_path)}/contents",
+              save_to_file: File.join(transfer.destination_folder(Fasp::TransferSpec::DIRECTION_RECEIVE), file_name))
+            return Main.result_status("downloaded: #{file_name}")
           end
-          raise 'INTERNAL ERROR'
+          error_unreachable_line
         end
         # common API to node and Shares
@@ -307,20 +313,37 @@ module Aspera
           case command
           when *COMMANDS_GEN3
             execute_command_gen3(command, prefix_path)
-          when :access_key
-            ak_command = options.get_next_command([:do].concat(Plugin::ALL_OPS))
+          when :access_keys
+            ak_command = options.get_next_command(%i[do set_bearer_key].concat(Plugin::ALL_OPS))
             case ak_command
-            when *Plugin::ALL_OPS then return entity_command(ak_command, @api_node, 'access_keys', id_default: 'self')
+            when *Plugin::ALL_OPS
+              return entity_command(ak_command, @api_node, 'access_keys') do |field, value|
+                       raise 'only selector: %id:self' unless field.eql?('id') && value.eql?('self')
+                       @api_node.read('access_keys/self')[:data]['id']
+                     end
             when :do
-              access_key = options.get_next_argument('access key id')
-              ak_info = @api_node.read("access_keys/#{access_key}")[:data]
-              # change API credentials if different access key
-              if !access_key.eql?('self')
-                @api_node.params[:auth][:username] = ak_info['id']
-                @api_node.params[:auth][:password] = config.lookup_secret(url: @api_node.params[:base_url], username: ak_info['id'], mandatory: true)
+              access_key_id = options.get_next_argument('access key id')
+              root_file_id = options.get_option(:root_id)
+              if root_file_id.nil?
+                ak_info = @api_node.read("access_keys/#{access_key_id}")[:data]
+                # change API credentials if different access key
+                if !access_key_id.eql?('self')
+                  @api_node.params[:auth][:username] = ak_info['id']
+                  @api_node.params[:auth][:password] = config.lookup_secret(url: @api_node.params[:base_url], username: ak_info['id'], mandatory: true)
+                end
+                root_file_id = ak_info['root_file_id']
               end
               command_repo = options.get_next_command(COMMANDS_GEN4)
-              return execute_command_gen4(command_repo, ak_info['root_file_id'])
+              return execute_command_gen4(command_repo, root_file_id)
+            when :set_bearer_key
+              access_key_id = options.get_next_argument('access key id')
+              access_key_id = @api_node.read('access_keys/self')[:data]['id'] if access_key_id.eql?('self')
+              bearer_key_pem = options.get_next_argument('public or private RSA key PEM value', type: String)
+              key = OpenSSL::PKey.read(bearer_key_pem)
+              key = key.public_key if key.private?
+              bearer_key_pem = key.to_pem
+              @api_node.update("access_keys/#{access_key_id}", {token_verification_key: bearer_key_pem})
+              return Main.result_status('public key updated')
             end
           when :health
             nagios = Nagios.new
@@ -345,10 +368,13 @@ module Aspera
             return nagios.result
           when :events
             events = @api_node.read('events', query_read_delete)[:data]
-            return { type: :object_list, data: events}
+            return { type: :object_list, data: events, fields: ->(f){!f.start_with?('data')} }
           when :info
             nd_info = @api_node.read('info')[:data]
-            return { type: :single_object, data: nd_info, textify: lambda { |table_data| c_textify_bool_list_result(table_data, %w[capabilities settings])}}
+            return { type: :single_object, data: nd_info}
+          when :slash
+            nd_info = @api_node.read('')[:data]
+            return { type: :single_object, data: nd_info}
           when :license
             # requires: asnodeadmin -mu <node user> --acl-add=internal --internal
             node_license = @api_node.read('license')[:data]
@@ -364,7 +390,7 @@ module Aspera
         # @return [Hash] api and main file id for given path or id
         # Allows to specify a file by its path or by its id on the node
         def apifid_from_next_arg(top_file_id)
-          file_path = instance_identifier(description: 'path or id') do |attribute, value|
+          file_path = instance_identifier(description: 'path or %id:<id>') do |attribute, value|
             raise 'Only selection "id" is supported (file id)' unless attribute.eql?('id')
             # directly return result for method
             return {api: @api_node, file_id: value}
@@ -380,14 +406,14 @@ module Aspera
             command_legacy = options.get_next_command(V3_IN_V4_ACTIONS)
             # TODO: shall we support all methods here ? what if there is a link ?
             apifid = @api_node.resolve_api_fid(top_file_id, '')
-            return Node.new(@agents.merge(skip_basic_auth_options: true, skip_node_options: true, node_api: apifid[:api])).execute_action(command_legacy)
+            return Node.new(@agents, api: apifid[:api]).execute_action(command_legacy)
           when :node_info, :bearer_token_node
             apifid = @api_node.resolve_api_fid(top_file_id, options.get_next_argument('path'))
             result = {
               url:     apifid[:api].params[:base_url],
               root_id: apifid[:file_id]
             }
-            raise 'No auth for node' if apifid[:api].params[:auth].nil?
+            assert_values(apifid[:api].params[:auth][:type], %i[basic oauth2])
             case apifid[:api].params[:auth][:type]
             when :basic
               result[:username] = apifid[:api].params[:auth][:username]
@@ -395,10 +421,11 @@ module Aspera
             when :oauth2
               result[:username] = apifid[:api].params[:headers][Aspera::Node::HEADER_X_ASPERA_ACCESS_KEY]
               result[:password] = apifid[:api].oauth_token
-            else raise 'unknown'
+            else error_unreachable_line
             end
             return {type: :single_object, data: result} if command_repo.eql?(:node_info)
-            raise 'not bearer token' unless result[:password].start_with?('Bearer ')
+            # check format of bearer token
+            Oauth.bearer_extract(result[:password])
             return Main.result_status(result[:password])
           when :browse
             apifid = @api_node.resolve_api_fid(top_file_id, options.get_next_argument('path'))
@@ -413,7 +440,7 @@ module Aspera
             return {type: :object_list, data: items, fields: %w[name type recursive_size size modified_time access_level]}
           when :find
             apifid = @api_node.resolve_api_fid(top_file_id, options.get_next_argument('path'))
-            test_block = Aspera::Node.file_matcher(value_or_query(allowed_types: String))
+            test_block = Aspera::Node.file_matcher_from_argument(options)
             return {type: :object_list, data: @api_node.find_files(apifid[:file_id], test_block), fields: ['path']}
           when :mkdir
             containing_folder_path = options.get_next_argument('path').split(Aspera::Node::PATH_SEPARATOR)
@@ -428,15 +455,27 @@ module Aspera
             result = apifid[:api].update("files/#{apifid[:file_id]}", {name: newname})[:data]
             return Main.result_status("renamed to #{newname}")
           when :delete
-            return do_bulk_operation(options.get_next_argument('path'), 'deleted', id_result: 'path') do |l_path|
-              raise "expecting String (path), got #{l_path.class.name} (#{l_path})" unless l_path.is_a?(String)
+            return do_bulk_operation(command: command_repo, descr: 'path', values: String, id_result: 'path') do |l_path|
               apifid = @api_node.resolve_api_fid(top_file_id, l_path)
               result = apifid[:api].delete("files/#{apifid[:file_id]}")[:data]
               {'path' => l_path}
             end
           when :sync
-            node_sync = SyncSpecGen4.new(@api_node, top_file_id)
-            return Plugins::Sync.new(@agents, sync_spec: node_sync).execute_action
+            return execute_sync_action do |sync_direction, _local_path, remote_path|
+              # Gen4 API
+              # direction is push pull, bidi
+              assert_values(sync_direction, %i[push pull bidi])
+              ts_direction = case sync_direction
+              when :push, :bidi then Fasp::TransferSpec::DIRECTION_SEND
+              when :pull then Fasp::TransferSpec::DIRECTION_RECEIVE
+              else error_unreachable_line
+              end
+              # remote is specified by option to_folder
+              apifid = @api_node.resolve_api_fid(top_file_id, remote_path)
+              transfer_spec = apifid[:api].transfer_spec_gen4(apifid[:file_id], ts_direction)
+              Log.log.debug{Log.dump(:ts, transfer_spec)}
+              transfer_spec
+            end
           when :upload
             apifid = @api_node.resolve_api_fid(top_file_id, transfer.destination_folder(Fasp::TransferSpec::DIRECTION_SEND))
             return Main.result_transfer(transfer.start(apifid[:api].transfer_spec_gen4(apifid[:file_id], Fasp::TransferSpec::DIRECTION_SEND)))
@@ -475,7 +514,7 @@ module Aspera
               source_paths = [{'source' => source_folder.pop}]
               source_folder = source_folder.join(Aspera::Node::PATH_SEPARATOR)
             end
-            raise CliBadArgument, 'one file at a time only in HTTP mode' if source_paths.length > 1
+            raise Cli::BadArgument, 'one file at a time only in HTTP mode' if source_paths.length > 1
             file_name = source_paths.first['source']
             apifid = @api_node.resolve_api_fid(top_file_id, File.join(source_folder, file_name))
             apifid[:api].call(
@@ -499,8 +538,7 @@ module Aspera
               subpath: "files/#{apifid[:file_id]}/preview",
               headers: {'Accept' => 'image/png'}
             )
-            require 'aspera/preview/terminal'
-            return Main.result_status(Preview::Terminal.build(result[:http].body, reserved_lines: 3))
+            return Main.result_picture_in_terminal(options, result[:http].body)
           when :permission
             apifid = apifid_from_next_arg(top_file_id)
             command_perm = options.get_next_command(%i[list create delete])
@@ -514,10 +552,8 @@ module Aspera
               items = apifid[:api].read('permissions', list_options)[:data]
               return {type: :object_list, data: items}
             when :delete
-              perm_id = instance_identifier
-              return do_bulk_operation(perm_id, 'deleted') do |one_id|
-                # TODO: notify event ?
-                apifid[:api].delete("permissions/#{perm_id}")
+              return do_bulk_operation(command: command_perm, descr: 'identifier', values: :identifier) do |one_id|
+                apifid[:api].delete("permissions/#{one_id}")
                 # notify application of deletion
                 the_app[:api].permissions_send_event(created_data: created_data, app_info: the_app, types: ['permission.deleted']) unless the_app.nil?
                 {'id' => one_id}
@@ -535,11 +571,11 @@ module Aspera
               # notify application of creation
               the_app[:api].permissions_send_event(created_data: created_data, app_info: the_app) unless the_app.nil?
               return { type: :single_object, data: created_data}
-            else raise "internal error:shall not reach here (#{command_perm})"
+            else error_unreachable_line
             end
-          else raise "INTERNAL ERROR: no case for #{command_repo}"
+          else error_unreachable_line
           end # command_repo
-          # raise 'INTERNAL ERROR: missing return'
+          error_unreachable_line
         end # execute_command_gen4
         # This is older API
@@ -549,7 +585,7 @@ module Aspera
             async_name = options.get_option(:sync_name)
             if async_name.nil?
               async_id = instance_identifier
-              if async_id.eql?(VAL_ALL) && %i[show delete].include?(command)
+              if async_id.eql?(ExtendedValue::ALL) && %i[show delete].include?(command)
                 async_ids = @api_node.read('async/list')[:data]['sync_ids']
               else
                 Integer(async_id) # must be integer
@@ -572,7 +608,7 @@ module Aspera
           when :show
             resp = @api_node.create('async/summary', post_data)[:data]['sync_summaries']
             return Main.result_empty if resp.empty?
-            return { type: :object_list, data: resp, fields: %w[snid name local_dir remote_dir] } if async_id.eql?(VAL_ALL)
+            return { type: :object_list, data: resp, fields: %w[snid name local_dir remote_dir] } if async_id.eql?(ExtendedValue::ALL)
             return { type: :single_object, data: resp.first }
           when :delete
             resp = @api_node.create('async/delete', post_data)[:data]
@@ -589,7 +625,7 @@ module Aspera
             # filename str
             # skip int
             # status int
-            filter = value_or_query(allowed_types: Hash)
+            filter = query_option
             post_data.merge!(filter) unless filter.nil?
             resp = @api_node.create('async/files', post_data)[:data]
             data = resp['sync_files']
@@ -620,6 +656,20 @@ module Aspera
           end
         end
+        # @return [Integer] id of the sync
+        # @raise [Cli::BadArgument] if no such sync, or not by name
+        # @param [String] field name of the field to search
+        # @param [String] value value of the field to search
+        def ssync_lookup(field, value)
+          raise Cli::BadArgument, "Only search by name is supported (#{field})" unless field.eql?('name')
+          @api_node.read('asyncs')[:data]['ids'].each do |id|
+            sync_info = @api_node.read("asyncs/#{id}")[:data]['configuration']
+            # name is unique, so we can return
+            return id if sync_info[field].eql?(value)
+          end
+          raise Cli::BadArgument, "no such sync: #{field}=#{value}"
+        end
         ACTIONS = %i[
           async
           ssync
@@ -629,7 +679,9 @@ module Aspera
           watch_folder
           central
           asperabrowser
-          basic_token].concat(COMMON_ACTIONS).freeze
+          basic_token
+          bearer_token
+          simulator].concat(COMMON_ACTIONS).freeze
         def execute_action(command=nil, prefix_path=nil)
           command ||= options.get_next_command(ACTIONS)
@@ -640,17 +692,15 @@ module Aspera
             # newer API
             sync_command = options.get_next_command(%i[start stop bandwidth counters files state summary].concat(Plugin::ALL_OPS) - %i[modify])
             case sync_command
-            when *Plugin::ALL_OPS then return entity_command(sync_command, @api_node, 'asyncs', item_list_key: 'ids')
+            when *Plugin::ALL_OPS then return entity_command(sync_command, @api_node, 'asyncs', item_list_key: 'ids'){|field, value|ssync_lookup(field, value)}
             else
-              asyncs_id = instance_identifier
+              asyncs_id = instance_identifier {|field, value|ssync_lookup(field, value)}
               parameters = nil
               if %i[start stop].include?(sync_command)
                 @api_node.create("asyncs/#{asyncs_id}/#{sync_command}", parameters)
                 return Main.result_status('Done')
               end
-              if %i[bandwidth counters files].include?(sync_command)
-                parameters = value_or_query(allowed_types: Hash, mandatory: false) || {}
-              end
+              parameters = query_option(default: {}) if %i[bandwidth counters files].include?(sync_command)
               return { type: :single_object, data: @api_node.read("asyncs/#{asyncs_id}/#{sync_command}", parameters)[:data] }
             end
           when :stream
@@ -660,13 +710,13 @@ module Aspera
               resp = @api_node.read('ops/transfers', old_query_read_delete)
               return { type: :object_list, data: resp[:data], fields: %w[id status] } # TODO: useful?
             when :create
-              resp = @api_node.create('streams', value_create_modify(command: command, type: Hash))
+              resp = @api_node.create('streams', value_create_modify(command: command))
               return { type: :single_object, data: resp[:data] }
             when :show
               resp = @api_node.read("ops/transfers/#{options.get_next_argument('transfer id')}")
               return { type: :other_struct, data: resp[:data] }
             when :modify
-              resp = @api_node.update("streams/#{options.get_next_argument('transfer id')}", value_create_modify(command: command, type: Hash))
+              resp = @api_node.update("streams/#{options.get_next_argument('transfer id')}", value_create_modify(command: command))
               return { type: :other_struct, data: resp[:data] }
             when :cancel
               resp = @api_node.cancel("streams/#{options.get_next_argument('transfer id')}")
@@ -675,7 +725,7 @@ module Aspera
               raise 'error'
             end
           when :transfer
-            command = options.get_next_command(%i[list cancel show modify bandwidth_average])
+            command = options.get_next_command(%i[list cancel show modify bandwidth_average sessions])
             res_class_path = 'ops/transfers'
             if %i[cancel show modify].include?(command)
               one_res_id = instance_identifier
@@ -683,15 +733,24 @@ module Aspera
             end
             case command
             when :list
-              # could use ? subpath: 'transfers'
-              query = query_read_delete
-              raise 'Query must be a Hash' unless query.nil? || query.is_a?(Hash)
-              transfers_data = @api_node.read(res_class_path, query)[:data]
+              transfers_data = @api_node.read(res_class_path, query_read_delete)[:data]
               return {
                 type:   :object_list,
                 data:   transfers_data,
                 fields: %w[id status start_spec.direction start_spec.remote_user start_spec.remote_host start_spec.destination_path]
               }
+            when :sessions
+              transfers_data = @api_node.read(res_class_path, query_read_delete)[:data]
+              sessions = transfers_data.map{|t|t['sessions']}.flatten
+              sessions.each do |session|
+                session['start_time'] = Time.at(session['start_time_usec'] / 1_000_000.0).utc.iso8601(0)
+                session['end_time'] = Time.at(session['end_time_usec'] / 1_000_000.0).utc.iso8601(0)
+              end
+              return {
+                type:   :object_list,
+                data:   sessions,
+                fields: %w[id status start_time end_time target_rate_kbps]
+              }
             when :cancel
               resp = @api_node.cancel(one_res_path)
               return { type: :other_struct, data: resp[:data] }
@@ -702,7 +761,7 @@ module Aspera
               resp = @api_node.update(one_res_path, options.get_next_argument('update value', type: Hash))
               return { type: :other_struct, data: resp[:data] }
             when :bandwidth_average
-              transfers_data = @api_node.read(res_class_path, query)[:data]
+              transfers_data = @api_node.read(res_class_path, query_read_delete)[:data]
               # collect all key dates
               bandwidth_period = {}
               dir_info = %i[avg_kbps sessions].freeze
@@ -779,7 +838,7 @@ module Aspera
             @api_node.params[:headers]['X-aspera-WF-version'] = '2017_10_23'
             case command
             when :create
-              resp = @api_node.create(res_class_path, value_create_modify(command: command, type: Hash))
+              resp = @api_node.create(res_class_path, value_create_modify(command: command))
               return Main.result_status("#{resp[:data]['id']} created")
             when :list
               resp = @api_node.read(res_class_path, old_query_read_delete)
@@ -787,7 +846,7 @@ module Aspera
             when :show
               return { type: :single_object, data: @api_node.read(one_res_path)[:data]}
             when :modify
-              @api_node.update(one_res_path, value_or_query(mandatory: true, allowed_types: Hash))
+              @api_node.update(one_res_path, query_option(mandatory: true))
               return Main.result_status("#{one_res_id} updated")
             when :delete
               @api_node.delete(one_res_path)
@@ -799,7 +858,7 @@ module Aspera
             command = options.get_next_command(%i[session file])
             validator_id = options.get_option(:validator)
             validation = {'validator_id' => validator_id} unless validator_id.nil?
-            request_data = value_create_modify(default: {}, type: Hash)
+            request_data = query_option(default: {})
             case command
             when :session
               command = options.get_next_command([:list])
@@ -820,7 +879,7 @@ module Aspera
                 request_data.deep_merge!({'validation' => validation}) unless validation.nil?
                 resp = @api_node.create('services/rest/transfers/v1/files', request_data)[:data]
                 resp = JSON.parse(resp) if resp.is_a?(String)
-                Log.dump(:resp, resp)
+                Log.log.debug{Log.dump(:resp, resp)}
                 return { type: :object_list, data: resp['file_transfer_info_result']['file_transfer_info'], fields: %w[session_uuid file_id status path]}
               when :modify
                 request_data.deep_merge!(validation) unless validation.nil?
@@ -839,7 +898,27 @@ module Aspera
             OpenApplication.instance.uri(options.get_option(:asperabrowserurl) + '?goto=' + encoded_params)
             return Main.result_status('done')
           when :basic_token
-            return Main.result_status(Rest.basic_creds(options.get_option(:username, mandatory: true), options.get_option(:password, mandatory: true)))
+            return Main.result_status(Rest.basic_token(options.get_option(:username, mandatory: true), options.get_option(:password, mandatory: true)))
+          when :bearer_token
+            private_key = OpenSSL::PKey::RSA.new(options.get_next_argument('private RSA key PEM value', type: String))
+            token_info = options.get_next_argument('user and group identification', type: Hash)
+            access_key = options.get_option(:username, mandatory: true)
+            return Main.result_status(Aspera::Node.bearer_token(payload: token_info, access_key: access_key, private_key: private_key))
+          when :simulator
+            require 'aspera/node_simulator'
+            parameters = value_create_modify(command: command)
+            parameters = parameters.symbolize_keys
+            raise 'Missing key: url' unless parameters.key?(:url)
+            uri = URI.parse(parameters[:url])
+            server = WebServerSimple.new(uri, certificate: parameters[:certificate])
+            server.mount(uri.path, NodeSimulatorServlet, parameters[:credentials], transfer)
+            # on ctrl-c, tell server main loop to exit
+            trap('INT') { server.shutdown }
+            formatter.display_status("Node Simulator listening on #{uri.port}")
+            Log.log.info{"Listening on #{uri.port}"}
+            # this is blocking until server exits
+            server.start
+            return Main.result_status('Simulator terminated')
           end # case command
           raise 'ERROR: shall not reach this line'
         end # execute_action