aspera-cli 4.18.1 → 4.20.0

data/lib/aspera/environment.rb

@@ -5,6 +5,7 @@ require 'aspera/log'
 require 'aspera/assert'
 require 'rbconfig'
 require 'singleton'
+require 'English'
 
 # cspell:words MEBI mswin bccwin
 
@@ -31,7 +32,6 @@ module Aspera
     BYTES_PER_MEBIBIT = MEBI / BITS_PER_BYTE
 
     class << self
-      @terminal_supports_unicode = nil
       def ruby_version
         return RbConfig::CONFIG['RUBY_PROGRAM_VERSION']
       end
@@ -66,10 +66,13 @@ module Aspera
         raise "Unknown CPU: #{RbConfig::CONFIG['host_cpu']}"
       end
 
+      # normalized architecture name
+      # see constants: OS_* and CPU_*
       def architecture
         return "#{os}-#{cpu}"
       end
 
+      # executable file extension for current OS
       def exe_extension
         return '.exe' if os.eql?(OS_WINDOWS)
         return ''
@@ -83,6 +86,7 @@ module Aspera
         Log.log.debug{"Windows: set HOME to USERPROFILE: #{Dir.home}"}
       end
 
+      # empty variable binding for secure eval
       def empty_binding
         return Kernel.binding
       end
@@ -92,7 +96,46 @@ module Aspera
         Kernel.send('lave'.reverse, code, empty_binding, file, line)
       end
 
-      # value is provided in block
+      def log_spawn(env:, exec:, args:)
+        [
+          'execute:'.red,
+          env.map{|k, v| "#{k}=#{Shellwords.shellescape(v)}"},
+          Shellwords.shellescape(exec),
+          args.map{|a|Shellwords.shellescape(a)}
+        ].flatten.join(' ')
+      end
+
+      # start process in background, or raise exception
+      # caller can call Process.wait on returned value
+      def secure_spawn(exec:, args: [], env: [])
+        Log.log.debug {log_spawn(env: env, exec: exec, args: args)}
+        # start ascp in separate process
+        ascp_pid = Process.spawn(env, [exec, exec], *args, close_others: true)
+        Log.log.debug{"pid: #{ascp_pid}"}
+        return ascp_pid
+      end
+
+      # @param exec [String] path to executable
+      # @param args [Array] arguments to executable
+      # @param opts [Hash] options to capture3
+      # @return stdout of executable or raise expcetion
+      def secure_capture(exec:, args: [], **opts)
+        Aspera.assert_type(exec, String)
+        Aspera.assert_type(args, Array)
+        Aspera.assert_type(opts, Hash)
+        Log.log.debug {log_spawn(env: {}, exec: exec, args: args)}
+        stdout, stderr, status = Open3.capture3(exec, *args, **opts)
+        Log.log.debug{"status=#{status}, stderr=#{stderr}"}
+        Log.log.trace1{"stdout=#{stdout}"}
+        raise "process failed: #{status.exitstatus} : #{stderr}" unless status.success?
+        return stdout
+      end
+
+      # Write content to a file, with restricted access
+      # @param path [String] the file path
+      # @param force [Boolean] if true, overwrite the file
+      # @param mode [Integer] the file mode (permissions)
+      # @block [Proc] return the content to write to the file
       def write_file_restricted(path, force: false, mode: nil)
         Aspera.assert(block_given?, exception_class: Aspera::InternalError)
         if force || !File.exist?(path)
@@ -105,6 +148,7 @@ module Aspera
         return path
       end
 
+      # restrict access to a file or folder to user only
       def restrict_file_access(path, mode: nil)
         if mode.nil?
           # or FileUtils ?
@@ -121,18 +165,12 @@ module Aspera
         Log.log.warn(e.message)
       end
 
+      # @return true if we are in a terminal
       def terminal?
         $stdout.tty?
       end
 
-      # @return true if we can display Unicode characters
-      # https://www.gnu.org/software/libc/manual/html_node/Locale-Categories.html
-      # https://pubs.opengroup.org/onlinepubs/7908799/xbd/envvar.html
-      def terminal_supports_unicode?
-        @terminal_supports_unicode = terminal? && %w(LC_ALL LC_CTYPE LANG).any?{|var|ENV[var]&.include?('UTF-8')} if @terminal_supports_unicode.nil?
-        return @terminal_supports_unicode
-      end
-
+      # @return :text or :graphical depending on the environment
       def default_gui_mode
         # assume not remotely connected on macos and windows
         return :graphical if [Environment::OS_WINDOWS, Environment::OS_MACOS].include?(Environment.os)
@@ -141,6 +179,7 @@ module Aspera
         return :text
       end
 
+      # open a URI in a graphical browser
       # command must be non blocking
       def open_uri_graphical(uri)
         case Environment.os
@@ -152,6 +191,7 @@ module Aspera
         end
       end
 
+      # open a file in an editor
       def open_editor(file_path)
         if ENV.key?('EDITOR')
           system(ENV['EDITOR'], file_path.to_s)
@@ -166,6 +206,15 @@ module Aspera
 
     def initialize
       @url_method = self.class.default_gui_mode
+      @terminal_supports_unicode = nil
+    end
+
+    # @return true if we can display Unicode characters
+    # https://www.gnu.org/software/libc/manual/html_node/Locale-Categories.html
+    # https://pubs.opengroup.org/onlinepubs/7908799/xbd/envvar.html
+    def terminal_supports_unicode?
+      @terminal_supports_unicode = self.class.terminal? && %w(LC_ALL LC_CTYPE LANG).any?{|var|ENV[var]&.include?('UTF-8')} if @terminal_supports_unicode.nil?
+      return @terminal_supports_unicode
     end
 
     # Allows a user to open a Url

data/lib/aspera/faspex_gw.rb

@@ -29,7 +29,7 @@ module Aspera
         'recipients'   => faspex_pkg_delivery['recipients'],
         'workspace_id' => @app_context
       }
-      created_package = @app_api.create_package_simple(package_data, true, @new_user_option)
+      created_package = @app_api.create_package_simple(package_data, true, nil)
       # but we place it in a Faspex package creation response
       return {
         'links'         => { 'status' => 'unused' },
@@ -44,7 +44,7 @@ module Aspera
         'note'       => faspex_pkg_delivery['note'],
         'recipients' => faspex_pkg_delivery['recipients'].map{|name|{'name'=>name}}
       }
-      package = @app_api.create('packages', package_data)[:data]
+      package = @app_api.create('packages', package_data)
       # TODO: option to send from remote source or httpgw
       transfer_spec = @app_api.call(
         operation:   'POST',
@@ -85,7 +85,7 @@ module Aspera
         rescue => e
           response.status = 500
           response['Content-Type'] = 'application/json'
-          response.body = {error: e.message}.to_json
+          response.body = {error: e.message, stacktrace: e.backtrace}.to_json
           Log.log.error(e.message)
           Log.log.debug{e.backtrace.join("\n")}
         end

data/lib/aspera/json_rpc.rb

@@ -34,7 +34,7 @@ module Aspera
         method:  "#{@namespace}#{method}",
         params:  args,
         id:      @request_id += 1
-      })[:data]
+      })
       Aspera.assert_type(data, Hash){'response'}
       Aspera.assert(data['jsonrpc'] == JSON_RPC_VERSION){'bad version in response'}
       Aspera.assert(data.key?('id')){'missing id in response'}

data/lib/aspera/keychain/encrypted_hash.rb

@@ -16,10 +16,12 @@ module Aspera
       FILE_TYPE = 'encrypted_hash_vault'
       CONTENT_KEYS = %i[label username password url description].freeze
       FILE_KEYS = %w[version type cipher data].sort.freeze
+      private_constant :LEGACY_CIPHER_NAME, :DEFAULT_CIPHER_NAME, :FILE_TYPE, :CONTENT_KEYS, :FILE_KEYS
       def initialize(path, current_password)
         Aspera.assert_type(path, String){'path to vault file'}
         @path = path
         @all_secrets = {}
+        @cipher_name = DEFAULT_CIPHER_NAME
         vault_encrypted_data = nil
         if File.exist?(@path)
           vault_file = File.read(@path)

data/lib/aspera/keychain/macos_security.rb

@@ -4,7 +4,7 @@
 require 'aspera/cli/info'
 require 'aspera/log'
 require 'aspera/assert'
-require 'open3'
+require 'aspera/environment'
 
 # enhance the gem to support other key chains
 module Aspera
@@ -48,20 +48,15 @@ module Aspera
               options[:path] = uri.path unless ['', '/'].include?(uri.path)
               options[:port] = uri.port unless uri.port.eql?(443) && !url.include?(':443/')
             end
-            command_line = [SECURITY_UTILITY, command]
+            command_args = [command]
             options&.each do |k, v|
               Aspera.assert(supported.key?(k)){"unknown option: #{k}"}
               next if v.nil?
-              command_line.push("-#{supported[k]}")
-              command_line.push(v.shellescape) unless v.empty?
+              command_args.push("-#{supported[k]}")
+              command_args.push(v.shellescape) unless v.empty?
             end
-            command_line.push(last_opt) unless last_opt.nil?
-            Log.log.debug{"executing>>#{command_line.join(' ')}"}
-            stdout, stderr, status = Open3.capture3(*command_line)
-            Log.log.debug{"status=#{status}, stderr=#{stderr}"}
-            Log.log.trace1{"stdout=#{stdout}"}
-            raise "#{SECURITY_UTILITY} failed: #{status.exitstatus} : #{stderr}" unless status.success?
-            return stdout
+            command_args.push(last_opt) unless last_opt.nil?
+            return Environment.secure_capture(exec: SECURITY_UTILITY, args: command_args)
           end
 
           def key_chains(output)
@@ -78,7 +73,7 @@ module Aspera
 
           def list(options={})
             Aspera.assert_values(options[:domain], DOMAINS, exception_class: ArgumentError){'domain'} unless options[:domain].nil?
-            key_chains(execute('list-key_chains', options, LIST_OPTIONS))
+            key_chains(execute('list-keychains', options, LIST_OPTIONS))
           end
 
           def by_name(name)

data/lib/aspera/log.rb

@@ -1,11 +1,13 @@
 # frozen_string_literal: true
 
+require 'aspera/assert'
 require 'aspera/colors'
 require 'aspera/secret_hider'
 require 'logger'
 require 'pp'
 require 'json'
 require 'singleton'
+require 'stringio'
 
 old_verbose = $VERBOSE
 $VERBOSE = nil
@@ -72,8 +74,7 @@ module Aspera
             JSON.pretty_generate(object) rescue PP.pp(object, +'')
           when :ruby
             PP.pp(object, +'')
-          else
-            raise 'wrong parameter, expect ruby or json'
+          else error_unexpected_value(@@format){'dump format'}
           end
         "#{name.to_s.green} (#{@@format})=\n#{result}"
       end
@@ -126,8 +127,7 @@ module Aspera
           Syslog::Logger.make_methods(severity.downcase)
         end
         @logger = Syslog::Logger.new(@program_name, Syslog::LOG_LOCAL2)
-      else
-        raise "unknown log type: #{new_log_type}, use one of: #{LOG_TYPES.join(', ')}"
+      else error_unexpected_value(new_log_type){"log type (#{LOG_TYPES.join(', ')})"}
       end
       @logger.level = current_severity_integer
       @logger_type = new_log_type

data/lib/aspera/node_simulator.rb

@@ -39,7 +39,7 @@ module Aspera
         set_json_response(response, {
           application:                           'node',
           current_time:                          Time.now.utc.iso8601(0),
-          version:                               info['ascp_version'].gsub(/ .*$/, ''),
+          version:                               info['sdk_ascp_version'].gsub(/ .*$/, ''),
           license_expiration_date:               info['expiration_date'],
           license_max_rate:                      info['maximum_bandwidth'],
           os:                                    %x(uname -srv).chomp,

data/lib/aspera/oauth/base.rb

@@ -3,64 +3,66 @@
 require 'aspera/oauth/factory'
 require 'aspera/log'
 require 'aspera/assert'
-require 'aspera/id_generator'
 require 'date'
 
 module Aspera
   module OAuth
-    # Implement OAuth 2 for the REST client and generate a bearer token
-    # bearer tokens are cached in memory and in a file cache for later re-use
+    # OAuth 2 client for the REST client
+    # Generate bearer token
+    # Bearer tokens are cached in memory and in a file cache for later re-use
     # https://tools.ietf.org/html/rfc6749
     class Base
-      # scope can be modified after creation
-      attr_writer :scope
-
-      # [M]=mandatory [D]=has default value [O]=Optional/nil
-      # @param base_url            [M] URL of authentication API
-      # @param auth                [O] basic auth parameters
-      # @param client_id           [O]
-      # @param client_secret       [O]
-      # @param scope               [O]
-      # @param path_token          [D] API end point to create a token
-      # @param token_field         [D] field in result that contains the token
+      # @param **             Parameters for REST
+      # @param client_id      [String, nil]
+      # @param client_secret  [String, nil]
+      # @param scope          [String, nil]
+      # @param use_query      [bool]        Provide parameters in query instead of body
+      # @param path_token     [String]      API end point to create a token
+      # @param token_field    [String]      Field in result that contains the token
+      # @param cache_ids      [Array, nil]  List of unique identifiers for cache id generation
       def initialize(
-        base_url:,
-        auth: nil,
         client_id: nil,
         client_secret: nil,
         scope: nil,
         use_query: false,
-        path_token:  'token',       # default endpoint for /token to generate token
-        token_field: 'access_token' # field with token in result of call to path_token
+        path_token:  'token',
+        token_field: 'access_token',
+        cache_ids: nil,
+        **rest_params
       )
-        Aspera.assert_type(base_url, String)
         Aspera.assert(respond_to?(:create_token), 'create_token method must be defined', exception_class: InternalError)
-        @base_url = base_url
+        # this is the OAuth API
+        @api = Rest.new(**rest_params)
         @path_token = path_token
         @token_field = token_field
         @client_id = client_id
         @client_secret = client_secret
-        @scope = scope
         @use_query = use_query
-        @identifiers = []
-        @identifiers.push(auth[:username]) if auth.is_a?(Hash) && auth.key?(:username)
-        # this is the OAuth API
-        @api = Rest.new(
-          base_url:     @base_url,
-          redirect_max: 2,
-          auth:         auth)
+        @base_cache_ids = cache_ids.clone
+        @base_cache_ids = [] if @base_cache_ids.nil?
+        Aspera.assert_type(@base_cache_ids, Array)
+        if @api.auth_params.key?(:username)
+          cache_ids.push(@api.auth_params[:username])
+        end
+        @base_cache_ids.freeze
+        self.scope = scope
+      end
+
+      # Scope can be modified after creation, then update identifier for cache
+      def scope=(scope)
+        @scope = scope
+        # generate token unique identifier for persistency (memory/disk cache)
+        @token_cache_id = Factory.cache_id(@api.base_url, self.class, @base_cache_ids, @scope)
       end
 
       # helper method to create token as per RFC
       def create_token_call(creation_params)
         Log.log.debug{'Generating a new token'.bg_green}
-        payload = {
-          body:      creation_params,
-          body_type: :www
-        }
+        payload = { body_type: :www }
         if @use_query
           payload[:query] = creation_params
-          payload[:body] = {}
+        else
+          payload[:body] = creation_params
         end
         return @api.call(
           operation: 'POST',
@@ -85,16 +87,8 @@ module Aspera
       # @param cache set to false to disable cache
       # @param refresh set to true to force refresh or re-generation (if previous failed)
       def token(cache: true, refresh: false)
-        # generate token unique identifier for persistency (memory/disk cache)
-        token_id = IdGenerator.from_list(Factory.id(
-          @base_url,
-          Factory.class_to_id(self.class),
-          @identifiers,
-          @scope
-        ))
-
         # get token_data from cache (or nil), token_data is what is returned by /token
-        token_data = Factory.instance.persist_mgr.get(token_id) if cache
+        token_data = Factory.instance.persist_mgr.get(@token_cache_id) if cache
         token_data = JSON.parse(token_data) unless token_data.nil?
         # Optional optimization: check if node token is expired based on decoded content then force refresh if close enough
         # might help in case the transfer agent cannot refresh himself
@@ -120,7 +114,7 @@ module Aspera
             refresh_token = token_data['refresh_token']
           end
           # delete cache
-          Factory.instance.persist_mgr.delete(token_id)
+          Factory.instance.persist_mgr.delete(@token_cache_id)
           token_data = nil
           # lets try the existing refresh token
           if !refresh_token.nil?
@@ -132,7 +126,7 @@ module Aspera
               # save only if success
               json_data = resp[:http].body
               token_data = JSON.parse(json_data)
-              Factory.instance.persist_mgr.put(token_id, json_data)
+              Factory.instance.persist_mgr.put(@token_cache_id, json_data)
             else
               Log.log.debug{"refresh failed: #{resp[:http].body}".bg_red}
             end
@@ -144,7 +138,7 @@ module Aspera
           resp = create_token
           json_data = resp[:http].body
           token_data = JSON.parse(json_data)
-          Factory.instance.persist_mgr.put(token_id, json_data)
+          Factory.instance.persist_mgr.put(@token_cache_id, json_data)
         end
         Aspera.assert(token_data.key?(@token_field)){"API error: No such field in answer: #{@token_field}"}
         # ok we shall have a token here

data/lib/aspera/oauth/factory.rb

@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
-require 'singleton'
+require 'aspera/id_generator'
 require 'aspera/assert'
+require 'singleton'
 require 'base64'
 module Aspera
   module OAuth
@@ -29,11 +30,17 @@ module Aspera
           return token[BEARER_PREFIX.length..-1]
         end
 
-        def id(*params)
-          return [PERSIST_CATEGORY_TOKEN, *params].flatten
+        # @return a cache identifier
+        def cache_id(url, creator_class, *params)
+          return IdGenerator.from_list([
+            PERSIST_CATEGORY_TOKEN,
+            url,
+            Factory.class_to_id(creator_class),
+            *params
+          ].flatten)
         end
 
-        # snake version of class name is the identifier
+        # @return snake version of class name
         def class_to_id(creator_class)
           return creator_class.name.split('::').last.capital_to_snake.to_sym
         end

data/lib/aspera/oauth/generic.rb

@@ -13,17 +13,13 @@ module Aspera
         receiver_client_ids: nil,
         **base_params
       )
-        super(**base_params)
+        super(**base_params, cache_ids: [grant_type&.split(':')&.last, apikey, response_type])
         @create_params = {
           grant_type: grant_type
         }
-        @create_params[:response_type] = response_type if response_type
-        @create_params[:apikey] = apikey if apikey
-        @create_params[:receiver_client_ids] = receiver_client_ids if receiver_client_ids
-        @identifiers.push(
-          @create_params[:grant_type]&.split(':')&.last,
-          @create_params[:apikey],
-          @create_params[:response_type])
+        @create_params[:response_type] = response_type unless response_type.nil?
+        @create_params[:apikey] = apikey unless apikey.nil?
+        @create_params[:receiver_client_ids] = receiver_client_ids unless receiver_client_ids.nil?
       end
 
       def create_token

data/lib/aspera/oauth/jwt.rb

@@ -13,6 +13,7 @@ module Aspera
     # https://tools.ietf.org/html/rfc7523
     # https://tools.ietf.org/html/rfc7519
     class Jwt < Base
+      GRANT_TYPE = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
       # @param private_key_obj private key object
       # @param payload payload to be included in the JWT
       # @param headers headers to be included in the JWT
@@ -25,17 +26,16 @@ module Aspera
         Aspera.assert_type(private_key_obj, OpenSSL::PKey::RSA){'private_key_obj'}
         Aspera.assert_type(payload, Hash){'payload'}
         Aspera.assert_type(headers, Hash){'headers'}
-        super(**base_params)
+        super(**base_params, cache_ids: [payload[:sub]])
         @private_key_obj = private_key_obj
         @additional_payload = payload
         @headers = headers
-        @identifiers.push(@additional_payload[:sub])
       end
 
       def create_token
         require 'jwt'
         seconds_since_epoch = Time.new.to_i
-        Log.log.info{"seconds=#{seconds_since_epoch}"}
+        Log.log.debug{"seconds_since_epoch=#{seconds_since_epoch}"}
         jwt_payload = {
           exp: seconds_since_epoch + OAuth::Factory.instance.parameters[:jwt_expiry_offset_sec], # expiration time
           nbf: seconds_since_epoch - OAuth::Factory.instance.parameters[:jwt_accepted_offset_sec], # not before
@@ -46,7 +46,7 @@ module Aspera
         Log.log.debug{"private=[#{@private_key_obj}]"}
         assertion = JWT.encode(jwt_payload, @private_key_obj, 'RS256', @headers)
         Log.log.debug{"assertion=[#{assertion}]"}
-        return create_token_call(optional_scope_client_id.merge(grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', assertion: assertion))
+        return create_token_call(optional_scope_client_id.merge(grant_type: GRANT_TYPE, assertion: assertion))
       end
     end
     Factory.instance.register_token_creator(Jwt)

data/lib/aspera/oauth/url_json.rb

@@ -6,15 +6,16 @@ module Aspera
   module OAuth
     # This class is used to create a token using a JSON body and a URL
     class UrlJson < Base
+      # @param url  URL to send the JSON body
+      # @param json JSON body to send
       def initialize(
         url:,
         json:,
         **generic_params
       )
-        super(**generic_params)
+        super(**generic_params, cache_ids: [json[:url_token]])
         @body = json
         @query = url
-        @identifiers.push(@body[:url_token])
       end
 
       def create_token

data/lib/aspera/oauth/web.rb

@@ -8,8 +8,11 @@ module Aspera
   module OAuth
     # Authentication using Web browser
     class Web < Base
-      # @param g_o:redirect_uri    [M] for type :web
-      # @param g_o:path_authorize  [D] for type :web
+      class << self
+        attr_accessor :additionnal_info
+      end
+      # @param redirect_uri    url to receive the code after auth (to be exchanged for token)
+      # @param path_authorize  path to login page on web app
       def initialize(
         redirect_uri:,
         path_authorize: 'authorize',
@@ -21,18 +24,19 @@ module Aspera
         uri = URI.parse(@redirect_uri)
         Aspera.assert(%w[http https].include?(uri.scheme)){'redirect_uri scheme must be http or https'}
         Aspera.assert(!uri.port.nil?){'redirect_uri must have a port'}
-        # TODO: we could check that host is localhost or local address
+        # TODO: we could check that host is localhost or local address, as we are going to listen locally
       end
 
       def create_token
-        random_state = SecureRandom.uuid # used to check later
+        # generate secure state to check later
+        random_state = SecureRandom.uuid
         login_page_url = Rest.build_uri(
-          "#{@base_url}/#{@path_authorize}",
+          "#{@api.base_url}/#{@path_authorize}",
           optional_scope_client_id.merge(response_type: 'code', redirect_uri: @redirect_uri, state: random_state))
         # here, we need a human to authorize on a web page
         Log.log.info{"login_page_url=#{login_page_url}".bg_red.gray}
         # start a web server to receive request code
-        web_server = WebAuth.new(@redirect_uri)
+        web_server = WebAuth.new(@redirect_uri, self.class.additionnal_info)
         # start browser on login page
         Environment.instance.open_uri(login_page_url)
         # wait for code in request

data/lib/aspera/persistency_action_once.rb

@@ -7,6 +7,13 @@ require 'aspera/assert'
 module Aspera
   # Persist data on file system
   class PersistencyActionOnce
+    DELETE_DEFAULT = lambda{|d|d.empty?}
+    PARSE_DEFAULT = lambda {|t| JSON.parse(t)}
+    FORMAT_DEFAULT = lambda {|h| JSON.generate(h)}
+    MERGE_DEFAULT = lambda {|current, file| current.concat(file).uniq rescue current}
+    MANAGER_METHODS = %i[get put delete]
+    private_constant :DELETE_DEFAULT, :PARSE_DEFAULT, :FORMAT_DEFAULT, :MERGE_DEFAULT, :MANAGER_METHODS
+
     # @param :manager  Mandatory Database
     # @param :data     Mandatory object to persist, must be same object from begin to end (assume array by default)
     # @param :id       Mandatory identifiers
@@ -14,21 +21,22 @@ module Aspera
     # @param :parse    Optional  parse method (default to JSON)
     # @param :format   Optional  dump method (default to JSON)
     # @param :merge    Optional  merge data from file to current data
-    def initialize(manager:, data:, id:, delete: nil, parse: nil, format: nil, merge: nil)
-      Aspera.assert(!manager.nil?)
+    def initialize(manager:, data:, id:, delete: DELETE_DEFAULT, parse: PARSE_DEFAULT, format: FORMAT_DEFAULT, merge: MERGE_DEFAULT)
+      Aspera.assert(MANAGER_METHODS.all?{|i|manager.respond_to?(i)}){"Manager must answer to #{MANAGER_METHODS}"}
       Aspera.assert(!data.nil?)
       Aspera.assert_type(id, String)
       Aspera.assert(!id.empty?)
+      Aspera.assert_type(delete, Proc)
+      Aspera.assert_type(parse, Proc)
+      Aspera.assert_type(format, Proc)
+      Aspera.assert_type(merge, Proc)
       @manager = manager
       @persisted_object = data
       @object_id = id
-      # by default , at save time, file is deleted if data is nil
-      @delete_condition = delete || lambda{|d|d.empty?}
-      @persist_format = format || lambda {|h| JSON.generate(h)}
-      persist_parse = parse || lambda {|t| JSON.parse(t)}
-      persist_merge = merge || lambda {|current, file| current.concat(file).uniq rescue current}
+      @delete_condition = delete
+      @persist_format = format
       value = @manager.get(@object_id)
-      persist_merge.call(@persisted_object, persist_parse.call(value)) unless value.nil?
+      merge.call(@persisted_object, parse.call(value)) unless value.nil?
     end
 
     def save