aspera-cli 4.4.0 → 4.7.0

data/lib/aspera/log.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'aspera/colors'
 require 'logger'
 require 'pp'
@@ -7,32 +8,43 @@ require 'singleton'
 module Aspera
   # Singleton object for logging
   class Log
-
-    public
+    # display string for hidden secrets
+    HIDDEN_PASSWORD='🔑'
+    private_constant :HIDDEN_PASSWORD
     include Singleton
+    # class methods
+    class << self
+      # levels are :debug,:info,:warn,:error,fatal,:unknown
+      def levels; Logger::Severity.constants.sort{|a,b|Logger::Severity.const_get(a)<=>Logger::Severity.const_get(b)}.map{|c|c.downcase.to_sym};end
 
-    attr_reader :logger
-    attr_reader :logger_type
-    # levels are :debug,:info,:warn,:error,fatal,:unknown
-    def self.levels; Logger::Severity.constants.sort{|a,b|Logger::Severity.const_get(a)<=>Logger::Severity.const_get(b)}.map{|c|c.downcase.to_sym};end
-
-    # where logs are sent to
-    def self.logtypes; [:stderr,:stdout,:syslog];end
+      # where logs are sent to
+      def logtypes; [:stderr,:stdout,:syslog];end
 
-    # get the logger object of singleton
-    def self.log; self.instance.logger; end
+      # get the logger object of singleton
+      def log; instance.logger;end
 
-    # dump object in debug mode
-    # @param name string or symbol
-    # @param format either pp or json format
-    def self.dump(name,object,format=:json)
-      result=case format
-      when :ruby;PP.pp(object,'')
-      when :json;JSON.pretty_generate(object) rescue PP.pp(object,'')
-      else raise "wrong parameter, expect pp or json"
+      # dump object in debug mode
+      # @param name string or symbol
+      # @param format either pp or json format
+      def dump(name,object,format=:json)
+        log.debug() do
+          result=
+          case format
+          when :json
+            JSON.pretty_generate(object) rescue PP.pp(object,'')
+          when :ruby
+            PP.pp(object,'')
+          else
+            raise 'wrong parameter, expect pp or json'
+          end
+          "#{name.to_s.green} (#{format})=\n#{result}"
+        end
       end
-      self.log.debug("#{name.to_s.green} (#{format})=\n#{result}")
-    end
+    end # class
+
+    attr_reader :logger_type, :logger
+    attr_writer :program_name
+    attr_accessor :log_secrets
 
     # set log level of underlying logger given symbol level
     def level=(new_level)
@@ -44,25 +56,20 @@ module Aspera
       Logger::Severity.constants.each do |name|
         return name.downcase.to_sym if @logger.level.eql?(Logger::Severity.const_get(name))
       end
-      raise "error"
+      # should not happen
+      raise "INTERNAL ERROR: unexpected level #{@logger.level}"
     end
 
     # change underlying logger, but keep log level
     def logger_type=(new_logtype)
-      current_severity_integer=if @logger.nil?
-        if ENV.has_key?('AS_LOG_LEVEL')
-          ENV['AS_LOG_LEVEL']
-        else
-          Logger::Severity::WARN
-        end
-      else
-        @logger.level
-      end
+      current_severity_integer=@logger.level unless @logger.nil?
+      current_severity_integer=ENV['AS_LOG_LEVEL'] if current_severity_integer.nil? && ENV.has_key?('AS_LOG_LEVEL')
+      current_severity_integer=Logger::Severity::WARN if current_severity_integer.nil?
       case new_logtype
       when :stderr
-        @logger = Logger.new(STDERR)
+        @logger = Logger.new($stderr)
       when :stdout
-        @logger = Logger.new(STDOUT)
+        @logger = Logger.new($stdout)
       when :syslog
         require 'syslog/logger'
         @logger = Syslog::Logger.new(@program_name)
@@ -71,18 +78,29 @@ module Aspera
       end
       @logger.level=current_severity_integer
       @logger_type=new_logtype
+      original_formatter = @logger.formatter || Logger::Formatter.new
+      # update formatter with password hiding, note that @log_secrets may be set AFTER this init is done, so it's done at runtime
+      @logger.formatter=lambda do |severity, datetime, progname, msg|
+        if msg.is_a?(String) && !@log_secrets
+          msg=msg
+          .gsub(/(["':][^"]*(password|secret|private_key)[^"]*["']?[=>: ]+")([^"]+)(")/){"#{Regexp.last_match(1)}#{HIDDEN_PASSWORD}#{Regexp.last_match(4)}"}
+          .gsub(/("[^"]*(secret)[^"]*"=>{)([^}]+)(})/){"#{Regexp.last_match(1)}#{HIDDEN_PASSWORD}#{Regexp.last_match(4)}"}
+          .gsub(/((secrets)={)([^}]+)(})/){"#{Regexp.last_match(1)}#{HIDDEN_PASSWORD}#{Regexp.last_match(4)}"}
+          .gsub(/--+BEGIN[A-Z ]+KEY--+.+--+END[A-Z ]+KEY--+/m){HIDDEN_PASSWORD}
+        end
+        original_formatter.call(severity, datetime, progname, msg)
+      end
     end
 
-    attr_writer :program_name
-
     private
 
     def initialize
       @logger=nil
       @program_name='aspera'
-      # this sets @logger and @logger_type
+      @log_secrets=false
+      # this sets @logger and @logger_type (self needed to call method instead of local var)
       self.logger_type=:stderr
+      raise 'error logger shall be defined' if @logger.nil?
     end
-
   end
 end

data/lib/aspera/nagios.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'date'
 
 module Aspera
@@ -5,24 +6,24 @@ module Aspera
     # nagios levels
     LEVELS=[:ok,:warning,:critical,:unknown,:dependent]
     ADD_PREFIX='add_'
-    # add methods to add nagios error levels, each take component name and message
-    LEVELS.each_index do |code|
-      name="#{ADD_PREFIX}#{LEVELS[code]}".to_sym
-      define_method(name){|comp,msg|@data.push({:code=>code,:comp=>comp,:msg=>msg})}
-      public name
-    end
     # date offset levels
     DATE_WARN_OFFSET=2
     DATE_CRIT_OFFSET=5
     private_constant :LEVELS,:ADD_PREFIX,:DATE_WARN_OFFSET,:DATE_CRIT_OFFSET
 
+    # add methods to add nagios error levels, each take component name and message
+    LEVELS.each_index do |code|
+      name="#{ADD_PREFIX}#{LEVELS[code]}".to_sym
+      define_method(name){|comp,msg|@data.push({code: code,comp: comp,msg: msg})}
+    end
+
     attr_reader :data
     def initialize
       @data=[]
     end
 
     # comparte remote time with local time
-    def check_time_offset( remote_date, component )
+    def check_time_offset(remote_date, component)
       # check date if specified : 2015-10-13T07:32:01Z
       rtime = DateTime.strptime(remote_date)
       diff_time = (rtime - DateTime.now).abs
@@ -38,22 +39,22 @@ module Aspera
       end
     end
 
-    def check_product_version( component, product, version )
+    def check_product_version(component, _product, version)
       add_ok(component,"version #{version}")
       # TODO check on database if latest version
     end
 
     # translate for display
     def result
-      raise "missing result" if @data.empty?
-      {:type=>:object_list,:data=>@data.map{|i|{'status'=>LEVELS[i[:code]].to_s,'component'=>i[:comp],'message'=>i[:msg]}}}
+      raise 'missing result' if @data.empty?
+      {type: :object_list,data: @data.map{|i|{'status'=>LEVELS[i[:code]].to_s,'component'=>i[:comp],'message'=>i[:msg]}}}
     end
 
     # process results of a analysis and display status and exit with code
     def self.process(data)
-      raise "INTERNAL ERROR, result must be list and not empty" unless data.is_a?(Array) and !data.empty?
+      raise 'INTERNAL ERROR, result must be list and not empty' unless data.is_a?(Array) && !data.empty?
       ['status','component','message'].each{|c|raise "INTERNAL ERROR, result must have #{c}" unless data.first.has_key?(c)}
-      res_errors = data.select{|s|!s['status'].eql?('ok')}
+      res_errors = data.reject{|s|s['status'].eql?('ok')}
       # keep only errors in case of problem, other ok are assumed so
       data = res_errors unless res_errors.empty?
       # first is most critical

data/lib/aspera/node.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+require 'aspera/fasp/transfer_spec'
 require 'aspera/rest'
 require 'aspera/oauth'
 require 'aspera/log'
@@ -8,37 +10,40 @@ module Aspera
   # Provides additional functions using node API.
   class Node < Rest
     # permissions
-    ACCESS_LEVELS=['delete','list','mkdir','preview','read','rename','write']
+    ACCESS_LEVELS=%w[delete list mkdir preview read rename write].freeze
+    # prefix for ruby code for filter
     MATCH_EXEC_PREFIX='exec:'
-    # (public) default transfer username for access key based transfers
-    ACCESS_KEY_TRANSFER_USER='xfer'
-    SSH_PORT_DEFAULT=33001
-    UDP_PORT_DEFAULT=33001
 
     # register node special token decoder
     Oauth.register_decoder(lambda{|token|JSON.parse(Zlib::Inflate.inflate(Base64.decode64(token)).partition('==SIGNATURE==').first)})
 
-    def self.set_ak_basic_token(ts,ak,secret)
-      raise "ERROR: expected xfer" unless ts['remote_user'].eql?(ACCESS_KEY_TRANSFER_USER)
-      ts['token']="Basic #{Base64.strict_encode64("#{ak}:#{secret}")}"
-    end
+    class<<self
+      def set_ak_basic_token(ts,ak,secret)
+        Log.log.warn("Expected transfer user: #{Fasp::TransferSpec::ACCESS_KEY_TRANSFER_USER}, but have #{ts['remote_user']}") unless ts['remote_user'].eql?(Fasp::TransferSpec::ACCESS_KEY_TRANSFER_USER)
+        ts['token']="Basic #{Base64.strict_encode64("#{ak}:#{secret}")}"
+      end
 
-    # for access keys: provide expression to match entry in folder
-    # if no prefix: regex
-    # if prefix: ruby code
-    # if filder is nil, then always match
-    def self.file_matcher(match_expression)
-      match_expression||="#{MATCH_EXEC_PREFIX}true"
-      if match_expression.start_with?(MATCH_EXEC_PREFIX)
-        return eval "lambda{|f|#{match_expression[MATCH_EXEC_PREFIX.length..-1]}}"
+      def empty_binding
+        return Kernel.binding
       end
-      return lambda{|f|f['name'].match(/#{match_expression}/)}
-    end
 
-    def initialize(rest_params)
-      super(rest_params)
+      # for access keys: provide expression to match entry in folder
+      # if no prefix: regex
+      # if prefix: ruby code
+      # if filder is nil, then always match
+      def file_matcher(match_expression)
+        match_expression||="#{MATCH_EXEC_PREFIX}true"
+        if match_expression.start_with?(MATCH_EXEC_PREFIX)
+          return eval("lambda{|f|#{match_expression[MATCH_EXEC_PREFIX.length..-1]}}", empty_binding, __FILE__, __LINE__)
+        end
+        return lambda{|f|f['name'].match(/#{match_expression}/)}
+      end
     end
 
+    #    def initialize(rest_params)
+    #      super(rest_params)
+    #    end
+
     # recursively crawl in a folder.
     # subfolders a processed if the processing method returns true
     # @param processor must provide a method to process each entry
@@ -57,13 +62,13 @@ module Aspera
       #top_info=read("files/#{opt[:top_file_id]}")[:data]
       folders_to_explore=[{id: opt[:top_file_id], relpath: opt[:top_file_path]}]
       Log.dump(:folders_to_explore,folders_to_explore)
-      while !folders_to_explore.empty? do
+      while !folders_to_explore.empty?
         current_item = folders_to_explore.shift
         Log.log.debug("searching #{current_item[:relpath]}".bg_green)
         # get folder content
         folder_contents = begin
           read("files/#{current_item[:id]}/files")[:data]
-        rescue => e
+        rescue StandardError => e
           Log.log.warn("#{current_item[:relpath]}: #{e.class} #{e.message}")
           []
         end
@@ -72,8 +77,8 @@ module Aspera
           relative_path=File.join(current_item[:relpath],entry['name'])
           Log.log.debug("looking #{relative_path}".bg_green)
           # entry type is file, folder or link
-          if processor.send(opt[:method],entry,relative_path) and entry['type'].eql?('folder')
-            folders_to_explore.push({:id=>entry['id'],:relpath=>relative_path})
+          if processor.send(opt[:method],entry,relative_path) && entry['type'].eql?('folder')
+            folders_to_explore.push({id: entry['id'],relpath: relative_path})
           end
         end
       end