RubyGems - aspera-cli - Versions diffs - 4.9.0 → 4.11.0 - Mend

aspera-cli 4.9.0 → 4.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (95) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/BUGS.md +20 -0
data/CHANGELOG.md +509 -0
data/CONTRIBUTING.md +118 -0
data/README.md +1241 -916
data/bin/ascli +4 -4
data/bin/asession +11 -11
data/docs/test_env.conf +32 -21
data/examples/aoc.rb +4 -4
data/examples/dascli +16 -9
data/examples/faspex4.rb +8 -8
data/examples/node.rb +12 -12
data/examples/server.rb +10 -10
data/lib/aspera/aoc.rb +273 -266
data/lib/aspera/ascmd.rb +56 -54
data/lib/aspera/ats_api.rb +4 -4
data/lib/aspera/cli/basic_auth_plugin.rb +15 -12
data/lib/aspera/cli/extended_value.rb +5 -5
data/lib/aspera/cli/formater.rb +64 -64
data/lib/aspera/cli/info.rb +2 -2
data/lib/aspera/cli/listener/line_dump.rb +1 -1
data/lib/aspera/cli/listener/logger.rb +1 -1
data/lib/aspera/cli/listener/progress.rb +5 -6
data/lib/aspera/cli/listener/progress_multi.rb +14 -19
data/lib/aspera/cli/main.rb +66 -67
data/lib/aspera/cli/manager.rb +112 -110
data/lib/aspera/cli/plugin.rb +57 -36
data/lib/aspera/cli/plugins/alee.rb +4 -4
data/lib/aspera/cli/plugins/aoc.rb +309 -670
data/lib/aspera/cli/plugins/ats.rb +44 -46
data/lib/aspera/cli/plugins/bss.rb +10 -10
data/lib/aspera/cli/plugins/config.rb +497 -378
data/lib/aspera/cli/plugins/console.rb +12 -12
data/lib/aspera/cli/plugins/cos.rb +18 -20
data/lib/aspera/cli/plugins/faspex.rb +112 -114
data/lib/aspera/cli/plugins/faspex5.rb +71 -46
data/lib/aspera/cli/plugins/node.rb +379 -283
data/lib/aspera/cli/plugins/orchestrator.rb +46 -46
data/lib/aspera/cli/plugins/preview.rb +122 -114
data/lib/aspera/cli/plugins/server.rb +137 -83
data/lib/aspera/cli/plugins/shares.rb +30 -29
data/lib/aspera/cli/plugins/sync.rb +13 -33
data/lib/aspera/cli/transfer_agent.rb +60 -59
data/lib/aspera/cli/version.rb +1 -1
data/lib/aspera/colors.rb +3 -3
data/lib/aspera/command_line_builder.rb +27 -27
data/lib/aspera/cos_node.rb +22 -20
data/lib/aspera/data_repository.rb +1 -1
data/lib/aspera/environment.rb +35 -15
data/lib/aspera/fasp/agent_base.rb +15 -15
data/lib/aspera/fasp/agent_connect.rb +23 -21
data/lib/aspera/fasp/agent_direct.rb +66 -64
data/lib/aspera/fasp/agent_httpgw.rb +141 -78
data/lib/aspera/fasp/agent_node.rb +23 -21
data/lib/aspera/fasp/agent_trsdk.rb +20 -20
data/lib/aspera/fasp/error.rb +3 -2
data/lib/aspera/fasp/error_info.rb +11 -8
data/lib/aspera/fasp/installation.rb +79 -79
data/lib/aspera/fasp/listener.rb +1 -1
data/lib/aspera/fasp/parameters.rb +86 -71
data/lib/aspera/fasp/parameters.yaml +7 -4
data/lib/aspera/fasp/resume_policy.rb +8 -8
data/lib/aspera/fasp/transfer_spec.rb +35 -2
data/lib/aspera/fasp/uri.rb +7 -7
data/lib/aspera/faspex_gw.rb +7 -5
data/lib/aspera/hash_ext.rb +3 -3
data/lib/aspera/id_generator.rb +5 -5
data/lib/aspera/keychain/encrypted_hash.rb +38 -105
data/lib/aspera/keychain/macos_security.rb +128 -57
data/lib/aspera/log.rb +7 -7
data/lib/aspera/nagios.rb +19 -18
data/lib/aspera/node.rb +209 -35
data/lib/aspera/oauth.rb +37 -36
data/lib/aspera/open_application.rb +19 -11
data/lib/aspera/persistency_action_once.rb +4 -4
data/lib/aspera/persistency_folder.rb +16 -15
data/lib/aspera/preview/file_types.rb +8 -8
data/lib/aspera/preview/generator.rb +67 -67
data/lib/aspera/preview/utils.rb +27 -27
data/lib/aspera/proxy_auto_config.js +41 -41
data/lib/aspera/proxy_auto_config.rb +21 -14
data/lib/aspera/rest.rb +72 -67
data/lib/aspera/rest_call_error.rb +2 -1
data/lib/aspera/rest_error_analyzer.rb +18 -17
data/lib/aspera/rest_errors_aspera.rb +16 -16
data/lib/aspera/secret_hider.rb +15 -13
data/lib/aspera/ssh.rb +11 -10
data/lib/aspera/sync.rb +158 -44
data/lib/aspera/temp_file_manager.rb +2 -2
data/lib/aspera/uri_reader.rb +4 -4
data/lib/aspera/web_auth.rb +14 -13
data.tar.gz.sig +0 -0
metadata +11 -36
metadata.gz.sig +0 -0

data/lib/aspera/cli/plugins/node.rb CHANGED Viewed

@@ -1,10 +1,12 @@
 # frozen_string_literal: true
 require 'aspera/cli/basic_auth_plugin'
+require 'aspera/cli/plugins/sync'
 require 'aspera/nagios'
 require 'aspera/hash_ext'
 require 'aspera/id_generator'
 require 'aspera/node'
+require 'aspera/aoc'
 require 'aspera/fasp/transfer_spec'
 require 'base64'
 require 'zlib'
@@ -12,7 +14,7 @@ require 'zlib'
 module Aspera
   module Cli
     module Plugins
-      class Node < BasicAuthPlugin
+      class Node < Aspera::Cli::BasicAuthPlugin
         class << self
           def detect(base_url)
             api = Rest.new({ base_url: base_url})
@@ -22,55 +24,99 @@ module Aspera
             end
             return nil
           end
+          def register_node_options(env)
+            env[:options].add_opt_simple(:validator, 'identifier of validator (optional for central)')
+            env[:options].add_opt_simple(:asperabrowserurl, 'URL for simple aspera web ui')
+            env[:options].add_opt_simple(:sync_name, 'sync name')
+            env[:options].add_opt_simple(:path, 'file or folder path for gen4 operation "file"')
+            env[:options].add_opt_list(:token_type, %i[aspera basic hybrid], 'Type of token used for transfers')
+            env[:options].add_opt_boolean(:default_ports, 'use standard FASP ports or get from node api (gen4)')
+            env[:options].set_option(:asperabrowserurl, 'https://asperabrowser.mybluemix.net')
+            env[:options].set_option(:token_type, :aspera)
+            env[:options].set_option(:default_ports, :yes)
+            env[:options].parse_options!
+            Aspera::Node.use_standard_ports = env[:options].get_option(:default_ports)
+          end
         end
-        SAMPLE_SOAP_CALL = '<?xml version="1.0" encoding="UTF-8"?>'\
+        # SOAP API call to test central API
+        CENTRAL_SOAP_API_TEST = '<?xml version="1.0" encoding="UTF-8"?>'\
           '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="urn:Aspera:XML:FASPSessionNET:2009/11:Types">'\
           '<soapenv:Header></soapenv:Header>'\
           '<soapenv:Body><typ:GetSessionInfoRequest><SessionFilter><SessionStatus>running</SessionStatus></SessionFilter></typ:GetSessionInfoRequest></soapenv:Body>'\
           '</soapenv:Envelope>'
-        SEARCH_REMOVE_FIELDS=%w[basename permissions].freeze
-        private_constant :SAMPLE_SOAP_CALL,:SEARCH_REMOVE_FIELDS
+        # fields removed in result of search
+        SEARCH_REMOVE_FIELDS = %w[basename permissions].freeze
+        # actions in execute_command_gen3
+        COMMANDS_GEN3 = %i[search space mkdir mklink mkfile rename delete browse upload download]
+        BASE_ACTIONS = %i[api_details].concat(COMMANDS_GEN3).freeze
+        SPECIAL_ACTIONS = %i[health events info license].freeze
+        # actions available in v3 in gen4
+        V3_IN_V4_ACTIONS = %i[access_key].concat(BASE_ACTIONS).concat(SPECIAL_ACTIONS).freeze
+        # actions used commonly when a node is involved
+        COMMON_ACTIONS = %i[access_key].concat(BASE_ACTIONS).concat(SPECIAL_ACTIONS).freeze
+        private_constant(*%i[CENTRAL_SOAP_API_TEST SEARCH_REMOVE_FIELDS BASE_ACTIONS SPECIAL_ACTIONS V3_IN_V4_ACTIONS COMMON_ACTIONS])
+        # used in aoc
+        NODE4_READ_ACTIONS = %i[bearer_token_node node_info browse find].freeze
+        # commands for execute_command_gen4
+        COMMANDS_GEN4 = %i[mkdir rename delete upload download sync http_node_download file v3].concat(NODE4_READ_ACTIONS).freeze
+        COMMANDS_COS = %i[upload download info access_key api_details transfer].freeze
+        COMMANDS_SHARES = (BASE_ACTIONS - %i[search]).freeze
+        COMMANDS_FASPEX = COMMON_ACTIONS
         def initialize(env)
           super(env)
-          # this is added to transfer spec, for instance to add tags (COS)
-          @add_request_param = env[:add_request_param] || {}
-          options.add_opt_simple(:validator,'identifier of validator (optional for central)')
-          options.add_opt_simple(:asperabrowserurl,'URL for simple aspera web ui')
-          options.add_opt_simple(:sync_name,'sync name')
-          options.add_opt_list(:token_type,%i[aspera basic hybrid],'Type of token used for transfers')
-          options.set_option(:asperabrowserurl,'https://asperabrowser.mybluemix.net')
-          options.set_option(:token_type,:aspera)
-          options.parse_options!
+          self.class.register_node_options(env) unless env[:skip_node_options]
           return if env[:man_only]
           @api_node =
-            if env.has_key?(:node_api)
+            if env.key?(:node_api)
+              # this can be Aspera::Node or Aspera::Rest (shares)
               env[:node_api]
-            elsif options.get_option(:password,is_type: :mandatory).start_with?('Bearer ')
+            elsif options.get_option(:password, is_type: :mandatory).start_with?('Bearer ')
               # info is provided like node_info of aoc
-              Rest.new({
-                base_url: options.get_option(:url,is_type: :mandatory),
+              Aspera::Node.new(params: {
+                base_url: options.get_option(:url, is_type: :mandatory),
                 headers:  {
-                  'X-Aspera-AccessKey' => options.get_option(:username,is_type: :mandatory),
-                  'Authorization'      => options.get_option(:password,is_type: :mandatory)
+                  Aspera::Node::X_ASPERA_ACCESSKEY => options.get_option(:username, is_type: :mandatory),
+                  'Authorization'                  => options.get_option(:password, is_type: :mandatory)
                 }
               })
             else
               # this is normal case
-              basic_auth_api
+              Aspera::Node.new(params: {
+                base_url: options.get_option(:url, is_type: :mandatory),
+                auth:     {
+                  type:     :basic,
+                  username: options.get_option(:username, is_type: :mandatory),
+                  password: options.get_option(:password, is_type: :mandatory)
+                }})
             end
         end
         def c_textify_browse(table_data)
-          return table_data.map {|i| i['permissions'] = i['permissions'].map { |x| x['name'] }.join(','); i }
+          return table_data.map do |i|
+                   i['permissions'] = i['permissions'].map { |x| x['name'] }.join(',')
+                   i
+                 end
         end
         # key/value is defined in main in hash_table
-        def c_textify_bool_list_result(list,name_list)
+        def c_textify_bool_list_result(list, name_list)
           list.each_index do |i|
             next unless name_list.include?(list[i]['key'])
             list[i]['value'].each do |item|
-              list.push({'key' => item['name'],'value' => item['value']})
+              list.push({'key' => item['name'], 'value' => item['value']})
             end
             list.delete_at(i)
             # continue at same index because we delete current one
@@ -79,7 +125,7 @@ module Aspera
         end
         # reduce the path from a result on given named column
-        def c_result_remove_prefix_path(result,column,path_prefix)
+        def c_result_remove_prefix_path(result, column, path_prefix)
           if !path_prefix.nil?
             case result[:type]
             when :object_list
@@ -95,338 +141,376 @@ module Aspera
         end
         # translates paths results into CLI result, and removes prefix
-        def c_result_translate_rem_prefix(resp,type,success_msg,path_prefix)
-          resres = { data: [], type: :object_list, fields: [type,'result']}
+        def c_result_translate_rem_prefix(resp, type, success_msg, path_prefix)
+          errors = []
+          resres = { data: [], type: :object_list, fields: [type, 'result']}
           JSON.parse(resp[:http].body)['paths'].each do |p|
             result = success_msg
-            if p.has_key?('error')
-              Log.log.error("#{p['error']['user_message']} : #{p['path']}")
+            if p.key?('error')
+              Log.log.error{"#{p['error']['user_message']} : #{p['path']}"}
               result = 'ERROR: ' + p['error']['user_message']
+              errors.push([p['path'], p['error']['user_message']])
             end
-            resres[:data].push({type => p['path'],'result' => result})
+            resres[:data].push({type => p['path'], 'result' => result})
+          end
+          # one error make all fail
+          unless errors.empty?
+            raise errors.map{|i|"#{i.first}: #{i.last}"}.join(', ')
           end
-          return c_result_remove_prefix_path(resres,type,path_prefix)
+          return c_result_remove_prefix_path(resres, type, path_prefix)
         end
         # get path arguments from command line, and add prefix
-        def get_next_arg_add_prefix(path_prefix,name,number=:single)
-          thepath = options.get_next_argument(name,expected: number)
+        def get_next_arg_add_prefix(path_prefix, name, number=:single)
+          thepath = options.get_next_argument(name, expected: number)
           return thepath if path_prefix.nil?
-          return File.join(path_prefix,thepath) if thepath.is_a?(String)
-          return thepath.map {|p| File.join(path_prefix,p)} if thepath.is_a?(Array)
-          raise StandardError,'expect: nil, String or Array'
+          return File.join(path_prefix, thepath) if thepath.is_a?(String)
+          return thepath.map {|p| File.join(path_prefix, p)} if thepath.is_a?(Array)
+          raise StandardError, 'expect: nil, String or Array'
         end
-        SIMPLE_ACTIONS = %i[health events space info license mkdir mklink mkfile rename delete search].freeze
-        COMMON_ACTIONS = %i[browse upload download api_details].concat(SIMPLE_ACTIONS).freeze
-        # common API to node and Shares
-        # prefix_path is used to list remote sources in Faspex
-        def execute_simple_common(command,prefix_path)
+        # file and folder related commands
+        def execute_command_gen3(command, prefix_path)
           case command
-          when :health
-            nagios = Nagios.new
-            begin
-              info = @api_node.read('info')[:data]
-              nagios.add_ok('node api','accessible')
-              nagios.check_time_offset(info['current_time'],'node api')
-              nagios.check_product_version('node api','entsrv', info['version'])
-            rescue StandardError => e
-              nagios.add_critical('node api',e.to_s)
-            end
-            begin
-              @api_node.call(
-                operation: 'POST',
-                subpath: 'services/soap/Transfer-201210',
-                headers: {'Content-Type' => 'text/xml;charset=UTF-8','SOAPAction' => 'FASPSessionNET-200911#GetSessionInfo'},
-                text_body_params: SAMPLE_SOAP_CALL)[:http].body
-              nagios.add_ok('central','accessible by node')
-            rescue StandardError => e
-              nagios.add_critical('central',e.to_s)
-            end
-            return nagios.result
-          when :events
-            events = @api_node.read('events',options.get_option(:value))[:data]
-            return { type: :object_list, data: events}
-          when :info
-            node_info = @api_node.read('info')[:data]
-            return { type: :single_object, data: node_info, textify: lambda { |table_data| c_textify_bool_list_result(table_data,%w[capabilities settings])}}
-          when :license # requires: asnodeadmin -mu <node user> --acl-add=internal --internal
-            node_license = @api_node.read('license')[:data]
-            if node_license['failure'].is_a?(String) && node_license['failure'].include?('ACL')
-              Log.log.error('server must have: asnodeadmin -mu <node user> --acl-add=internal --internal')
-            end
-            return { type: :single_object, data: node_license}
           when :delete
-            paths_to_delete = get_next_arg_add_prefix(prefix_path,'file list',:multiple)
-            resp = @api_node.create('files/delete',{ paths: paths_to_delete.map{|i| {'path' => i.start_with?('/') ? i : '/' + i} }})
-            return c_result_translate_rem_prefix(resp,'file','deleted',prefix_path)
+            paths_to_delete = get_next_arg_add_prefix(prefix_path, 'file list', :multiple)
+            resp = @api_node.create('files/delete', { paths: paths_to_delete.map{|i| {'path' => i.start_with?('/') ? i : '/' + i} }})
+            return c_result_translate_rem_prefix(resp, 'file', 'deleted', prefix_path)
           when :search
-            search_root = get_next_arg_add_prefix(prefix_path,'search root')
+            search_root = get_next_arg_add_prefix(prefix_path, 'search root')
             parameters = {'path' => search_root}
             other_options = options.get_option(:value)
             parameters.merge!(other_options) unless other_options.nil?
-            resp = @api_node.create('files/search',parameters)
+            resp = @api_node.create('files/search', parameters)
             result = { type: :object_list, data: resp[:data]['items']}
             return Main.result_empty if result[:data].empty?
             result[:fields] = result[:data].first.keys.reject{|i|SEARCH_REMOVE_FIELDS.include?(i)}
             self.format.display_status("Items: #{resp[:data]['item_count']}/#{resp[:data]['total_count']}")
             self.format.display_status("params: #{resp[:data]['parameters'].keys.map{|k|"#{k}:#{resp[:data]['parameters'][k]}"}.join(',')}")
-            return c_result_remove_prefix_path(result,'path',prefix_path)
+            return c_result_remove_prefix_path(result, 'path', prefix_path)
           when :space
-            # TODO: could be a list of path
-            path_list = get_next_arg_add_prefix(prefix_path,'folder path or ext.val. list')
+            path_list = get_next_arg_add_prefix(prefix_path, 'folder path or ext.val. list')
             path_list = [path_list] unless path_list.is_a?(Array)
-            resp = @api_node.create('space',{ 'paths' => path_list.map {|i| { path: i} } })
+            resp = @api_node.create('space', { 'paths' => path_list.map {|i| { path: i} } })
             result = { data: resp[:data]['paths'], type: :object_list}
-            #return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
-            return c_result_remove_prefix_path(result,'path',prefix_path)
+            # return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
+            return c_result_remove_prefix_path(result, 'path', prefix_path)
           when :mkdir
-            path_list = get_next_arg_add_prefix(prefix_path,'folder path or ext.val. list')
+            path_list = get_next_arg_add_prefix(prefix_path, 'folder path or ext.val. list')
             path_list = [path_list] unless path_list.is_a?(Array)
-            #TODO: a command for that ?
-            #resp=@api_node.create('space',{ "paths" => path_list.map {|i| { type: :directory, path: i} } } )
-            resp = @api_node.create('files/create',{ 'paths' => [{ type: :directory, path: path_list }] })
-            return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
+            resp = @api_node.create('files/create', { 'paths' => [{ type: :directory, path: path_list }] })
+            return c_result_translate_rem_prefix(resp, 'folder', 'created', prefix_path)
           when :mklink
-            target = get_next_arg_add_prefix(prefix_path,'target')
-            path_list = get_next_arg_add_prefix(prefix_path,'link path')
-            resp = @api_node.create('files/create',{ 'paths' => [{ type: :symbolic_link, path: path_list, target: { path: target} }] })
-            return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
+            target = get_next_arg_add_prefix(prefix_path, 'target')
+            path_list = get_next_arg_add_prefix(prefix_path, 'link path')
+            resp = @api_node.create('files/create', { 'paths' => [{ type: :symbolic_link, path: path_list, target: { path: target} }] })
+            return c_result_translate_rem_prefix(resp, 'folder', 'created', prefix_path)
           when :mkfile
-            path_list = get_next_arg_add_prefix(prefix_path,'file path')
+            path_list = get_next_arg_add_prefix(prefix_path, 'file path')
             contents64 = Base64.strict_encode64(options.get_next_argument('contents'))
-            resp = @api_node.create('files/create',{ 'paths' => [{ type: :file, path: path_list, contents: contents64 }] })
-            return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
+            resp = @api_node.create('files/create', { 'paths' => [{ type: :file, path: path_list, contents: contents64 }] })
+            return c_result_translate_rem_prefix(resp, 'folder', 'created', prefix_path)
           when :rename
-            path_base = get_next_arg_add_prefix(prefix_path,'path_base')
-            path_src = get_next_arg_add_prefix(prefix_path,'path_src')
-            path_dst = get_next_arg_add_prefix(prefix_path,'path_dst')
-            resp = @api_node.create('files/rename',{ 'paths' => [{ 'path' => path_base, 'source' => path_src, 'destination' => path_dst }] })
-            return c_result_translate_rem_prefix(resp,'entry','moved',prefix_path)
+            path_base = get_next_arg_add_prefix(prefix_path, 'path_base')
+            path_src = get_next_arg_add_prefix(prefix_path, 'path_src')
+            path_dst = get_next_arg_add_prefix(prefix_path, 'path_dst')
+            resp = @api_node.create('files/rename', { 'paths' => [{ 'path' => path_base, 'source' => path_src, 'destination' => path_dst }] })
+            return c_result_translate_rem_prefix(resp, 'entry', 'moved', prefix_path)
           when :browse
-            thepath = get_next_arg_add_prefix(prefix_path,'path')
+            thepath = get_next_arg_add_prefix(prefix_path, 'path')
             query = { path: thepath}
             additional_query = options.get_option(:query)
             query.merge!(additional_query) unless additional_query.nil?
             send_result = @api_node.create('files/browse', query)[:data]
-            #example: send_result={'items'=>[{'file'=>"filename1","permissions"=>[{'name'=>'read'},{'name'=>'write'}]}]}
+            # example: send_result={'items'=>[{'file'=>"filename1","permissions"=>[{'name'=>'read'},{'name'=>'write'}]}]}
             # if there is no items
             case send_result['self']['type']
-            when 'directory','container' # directory: node, container: shares
+            when 'directory', 'container' # directory: node, container: shares
               result = { data: send_result['items'], type: :object_list, textify: lambda { |table_data| c_textify_browse(table_data) } }
               self.format.display_status("Items: #{send_result['item_count']}/#{send_result['total_count']}")
             else # 'file','symbolic_link'
               result = { data: send_result['self'], type: :single_object}
-              #result={ data: [send_result['self']] , type: :object_list, textify: lambda { |table_data| c_textify_browse(table_data) } }
-              #raise "unknown type: #{send_result['self']['type']}"
+              # result={ data: [send_result['self']] , type: :object_list, textify: lambda { |table_data| c_textify_browse(table_data) } }
+              # raise "unknown type: #{send_result['self']['type']}"
             end
-            return c_result_remove_prefix_path(result,'path',prefix_path)
-          when :upload,:download
+            return c_result_remove_prefix_path(result, 'path', prefix_path)
+          when :upload, :download
             token_type = options.get_option(:token_type)
             # nil if Shares 1.x
             token_type = :aspera if token_type.nil?
             case token_type
-            when :aspera,:hybrid
+            when :aspera, :hybrid
               # empty transfer spec for authorization request
-              request_transfer_spec={}
+              request_transfer_spec = {}
               # set requested paths depending on direction
               request_transfer_spec[:paths] = command.eql?(:download) ? transfer.ts_source_paths : [{ destination: transfer.destination_folder('send') }]
               # add fixed parameters if any (for COS)
-              request_transfer_spec.deep_merge!(@add_request_param)
+              @api_node.add_tspec_info(request_transfer_spec) if @api_node.respond_to?(:add_tspec_info)
               # prepare payload for single request
-              setup_payload={transfer_requests: [{transfer_request: request_transfer_spec}]}
+              setup_payload = {transfer_requests: [{transfer_request: request_transfer_spec}]}
               # only one request, so only one answer
-              transfer_spec = @api_node.create("files/#{command}_setup",setup_payload)[:data]['transfer_specs'].first['transfer_spec']
+              transfer_spec = @api_node.create("files/#{command}_setup", setup_payload)[:data]['transfer_specs'].first['transfer_spec']
               # delete this part, as the returned value contains only destination, and not sources
               transfer_spec.delete('paths') if command.eql?(:upload)
             when :basic
               raise 'shall have auth' unless @api_node.params[:auth].is_a?(Hash)
               raise 'shall be basic auth' unless @api_node.params[:auth][:type].eql?(:basic)
-              ts_direction =
-                case command
-                when :upload then Fasp::TransferSpec::DIRECTION_SEND
-                when :download then Fasp::TransferSpec::DIRECTION_RECEIVE
-                else raise 'Error: need upload or download'
-                end
-              transfer_spec = {
-                'remote_host'      => URI.parse(@api_node.params[:base_url]).host,
-                'remote_user'      => Aspera::Fasp::TransferSpec::ACCESS_KEY_TRANSFER_USER,
-                'ssh_port'         => Aspera::Fasp::TransferSpec::SSH_PORT,
-                'direction'        => ts_direction,
-                'destination_root' => transfer.destination_folder(ts_direction)
-              }.deep_merge(@add_request_param)
+              transfer_spec = {}.merge(Aspera::Fasp::TransferSpec::AK_TSPEC_BASE)
+              transfer_spec['remote_host'] = URI.parse(@api_node.params[:base_url]).host
+              Fasp::TransferSpec.action_to_direction(transfer_spec, command)
+              transfer_spec['destination_root'] = transfer.destination_folder(transfer_spec['direction'])
+              @api_node.add_tspec_info(transfer_spec) if @api_node.respond_to?(:add_tspec_info)
             else raise "ERROR: token_type #{tt}"
             end
             if %i[basic hybrid].include?(token_type)
-              Aspera::Node.set_ak_basic_token(transfer_spec,@api_node.params[:auth][:username],@api_node.params[:auth][:password])
+              @api_node.ts_basic_token(transfer_spec)
             end
-            return Main.result_transfer(transfer.start(transfer_spec,{ src: :node_gen3}))
+            return Main.result_transfer(transfer.start(transfer_spec))
+          end
+          raise 'INTERNAL ERROR'
+        end
+        # common API to node and Shares
+        # prefix_path is used to list remote sources in Faspex
+        def execute_simple_common(command, prefix_path)
+          case command
+          when *COMMANDS_GEN3
+            execute_command_gen3(command, prefix_path)
+          when :access_key
+            ak_command = options.get_next_command([:do].concat(Plugin::ALL_OPS))
+            case ak_command
+            when *Plugin::ALL_OPS then return entity_command(ak_command, @api_node, 'access_keys', id_default: 'self')
+            when :do
+              access_key = options.get_next_argument('access key id')
+              ak_info = @api_node.read("access_keys/#{access_key}")[:data]
+              # change API credentials if different access key
+              if !access_key.eql?('self')
+                @api_node.params[:auth][:username] = ak_info['id']
+                @api_node.params[:auth][:password] = config.lookup_secret(url: @api_node.params[:base_url], username: ak_info['id'], mandatory: true)
+              end
+              command_repo = options.get_next_command(COMMANDS_GEN4)
+              return execute_command_gen4(command_repo, ak_info['root_file_id'])
+            end
+          when :health
+            nagios = Nagios.new
+            begin
+              info = @api_node.read('info')[:data]
+              nagios.add_ok('node api', 'accessible')
+              nagios.check_time_offset(info['current_time'], 'node api')
+              nagios.check_product_version('node api', 'entsrv', info['version'])
+            rescue StandardError => e
+              nagios.add_critical('node api', e.to_s)
+            end
+            begin
+              @api_node.call(
+                operation: 'POST',
+                subpath: 'services/soap/Transfer-201210',
+                headers: {'Content-Type' => 'text/xml;charset=UTF-8', 'SOAPAction' => 'FASPSessionNET-200911#GetSessionInfo'},
+                text_body_params: CENTRAL_SOAP_API_TEST)[:http].body
+              nagios.add_ok('central', 'accessible by node')
+            rescue StandardError => e
+              nagios.add_critical('central', e.to_s)
+            end
+            return nagios.result
+          when :events
+            events = @api_node.read('events', options.get_option(:value))[:data]
+            return { type: :object_list, data: events}
+          when :info
+            nd_info = @api_node.read('info')[:data]
+            return { type: :single_object, data: nd_info, textify: lambda { |table_data| c_textify_bool_list_result(table_data, %w[capabilities settings])}}
+          when :license
+            # requires: asnodeadmin -mu <node user> --acl-add=internal --internal
+            node_license = @api_node.read('license')[:data]
+            if node_license['failure'].is_a?(String) && node_license['failure'].include?('ACL')
+              Log.log.error('server must have: asnodeadmin -mu <node user> --acl-add=internal --internal')
+            end
+            return { type: :single_object, data: node_license}
           when :api_details
             return { type: :single_object, data: @api_node.params }
           end
         end
-        # navigate the path from given file id
-        # @param id initial file id
-        # @param path file path
-        # @return {.api,.file_id}
-        def resolve_api_fid(id, path)
-          # TODO: implement
-          Log.log.debug("TODO #{path}")
-          return {api: @api_node, file_id: id}
+        def execute_node_gen4_file_command(command_node_file, top_file_id)
+          file_path = options.get_option(:path)
+          apifid =
+            if file_path.nil?
+              {api: @api_node, file_id: instance_identifier}
+            else
+              @api_node.resolve_api_fid(top_file_id, file_path) # TODO: allow follow link ?
+            end
+          case command_node_file
+          when :show
+            items = apifid[:api].read("files/#{apifid[:file_id]}")[:data]
+            return {type: :single_object, data: items}
+          when :modify
+            update_param = options.get_next_argument('update data', type: Hash)
+            apifid[:api].update("files/#{apifid[:file_id]}", update_param)[:data]
+            return Main.result_status('Done')
+          when :permission
+            command_perm = options.get_next_command(%i[list create delete])
+            case command_perm
+            when :list
+              # generic options : TODO: as arg ? option_url_query
+              list_options ||= {'include' => ['[]', 'access_level', 'permission_count']}
+              # add which one to get
+              list_options['file_id'] = apifid[:file_id]
+              list_options['inherited'] ||= false
+              items = apifid[:api].read('permissions', list_options)[:data]
+              return {type: :object_list, data: items}
+            when :delete
+              perm_id = instance_identifier
+              return do_bulk_operation(perm_id, 'deleted') do |one_id|
+                # TODO: notify event ?
+                apifid[:api].delete("permissions/#{perm_id}")
+                {'id' => one_id}
+              end
+            when :create
+              create_param = options.get_next_argument('creation data', type: Hash)
+              raise 'no file_id' if create_param.key?('file_id')
+              create_param['file_id'] = apifid[:file_id]
+              create_param['access_levels'] = Aspera::Node::ACCESS_LEVELS unless create_param.key?('access_levels')
+              # add application specific tags (AoC)
+              the_app = apifid[:api].app_info
+              the_app[:api].permissions_create_params(create_param: create_param, app_info: the_app) unless the_app.nil?
+              # create permission
+              created_data = apifid[:api].create('permissions', create_param)[:data]
+              # bnotify application of creation
+              the_app[:api].permissions_create_event(created_data: created_data, app_info: the_app) unless the_app.nil?
+              return { type: :single_object, data: created_data}
+            else raise "internal error:shall not reach here (#{command_perm})"
+            end
+          else raise "internal error:shall not reach here (#{command_node_file})"
+          end
         end
-        NODE4_COMMANDS = %i[browse find mkdir rename delete upload download http_node_download file permission bearer_token_node node_info].freeze
-        def execute_node_gen4_command(command_repo, top_file_id)
-          #@api_node
+        def execute_command_gen4(command_repo, top_file_id)
           case command_repo
-          when :node_info
+          when :v3
+            # NOTE: other common actions are unauthorized with user scope
+            command_legacy = options.get_next_command(V3_IN_V4_ACTIONS)
+            # TODO: shall we support all methods here ? what if there is a link ?
+            apifid = @api_node.resolve_api_fid(top_file_id, '')
+            return Node.new(@agents.merge(skip_basic_auth_options: true, skip_node_options: true, node_api: apifid[:api])).execute_action(command_legacy)
+          when :node_info, :bearer_token_node
             thepath = options.get_next_argument('path')
-            apifid = resolve_api_fid(top_file_id,thepath)
-            apifid[:api] = aoc_api.get_node_api(apifid[:node_info], use_secret: false)
-            return {type: :single_object,data: {
-              url:      apifid[:node_info]['url'],
-              username: apifid[:node_info]['access_key'],
-              password: apifid[:api].oauth_token,
-              root_id:  apifid[:file_id]
-            }}
+            apifid = @api_node.resolve_api_fid(top_file_id, thepath)
+            result = {
+              url:     apifid[:api].params[:base_url],
+              root_id: apifid[:file_id]
+            }
+            raise 'No auth for node' if apifid[:api].params[:auth].nil?
+            case apifid[:api].params[:auth][:type]
+            when :basic
+              result[:username] = apifid[:api].params[:auth][:username]
+              result[:password] = apifid[:api].params[:auth][:password]
+            when :oauth2
+              result[:username] = apifid[:api].params[:headers][Aspera::Node::X_ASPERA_ACCESSKEY]
+              result[:password] = apifid[:api].oauth_token
+            else raise 'unknown'
+            end
+            return {type: :single_object, data: result} if command_repo.eql?(:node_info)
+            raise 'not bearer token' unless result[:password].start_with?('Bearer ')
+            return Main.result_status(result[:password])
           when :browse
             thepath = options.get_next_argument('path')
-            apifid = resolve_api_fid(top_file_id,thepath)
+            apifid = @api_node.resolve_api_fid(top_file_id, thepath)
             file_info = apifid[:api].read("files/#{apifid[:file_id]}")[:data]
             if file_info['type'].eql?('folder')
-              result = apifid[:api].read("files/#{apifid[:file_id]}/files",options.get_option(:value))
+              result = apifid[:api].read("files/#{apifid[:file_id]}/files", options.get_option(:value))
               items = result[:data]
               self.format.display_status("Items: #{result[:data].length}/#{result[:http]['X-Total-Count']}")
             else
               items = [file_info]
             end
-            return {type: :object_list,data: items,fields: %w[name type recursive_size size modified_time access_level]}
+            return {type: :object_list, data: items, fields: %w[name type recursive_size size modified_time access_level]}
           when :find
             thepath = options.get_next_argument('path')
-            apifid = resolve_api_fid(top_file_id,thepath)
+            apifid = @api_node.resolve_api_fid(top_file_id, thepath)
             test_block = Aspera::Node.file_matcher(options.get_option(:value))
-            return {type: :object_list,data: aoc_api.find_files(apifid,test_block),fields: ['path']}
+            return {type: :object_list, data: @api_node.find_files(apifid[:file_id], test_block), fields: ['path']}
           when :mkdir
             thepath = options.get_next_argument('path')
-            containing_folder_path = thepath.split(AoC::PATH_SEPARATOR)
+            containing_folder_path = thepath.split(Aspera::Node::PATH_SEPARATOR)
             new_folder = containing_folder_path.pop
-            apifid = resolve_api_fid(top_file_id,containing_folder_path.join(AoC::PATH_SEPARATOR))
-            result = apifid[:api].create("files/#{apifid[:file_id]}/files",{name: new_folder,type: :folder})[:data]
+            apifid = @api_node.resolve_api_fid(top_file_id, containing_folder_path.join(Aspera::Node::PATH_SEPARATOR))
+            result = apifid[:api].create("files/#{apifid[:file_id]}/files", {name: new_folder, type: :folder})[:data]
             return Main.result_status("created: #{result['name']} (id=#{result['id']})")
           when :rename
             thepath = options.get_next_argument('source path')
             newname = options.get_next_argument('new name')
-            apifid = resolve_api_fid(top_file_id,thepath)
-            result = apifid[:api].update("files/#{apifid[:file_id]}",{name: newname})[:data]
+            apifid = @api_node.resolve_api_fid(top_file_id, thepath)
+            result = apifid[:api].update("files/#{apifid[:file_id]}", {name: newname})[:data]
             return Main.result_status("renamed #{thepath} to #{newname}")
           when :delete
             thepath = options.get_next_argument('path')
-            return do_bulk_operation(thepath,'deleted','path') do |l_path|
+            return do_bulk_operation(thepath, 'deleted', id_result: 'path') do |l_path|
               raise "expecting String (path), got #{l_path.class.name} (#{l_path})" unless l_path.is_a?(String)
-              apifid = resolve_api_fid(top_file_id,l_path)
+              apifid = @api_node.resolve_api_fid(top_file_id, l_path)
               result = apifid[:api].delete("files/#{apifid[:file_id]}")[:data]
               {'path' => l_path}
             end
+          when :sync
+            # remote is specified by option to_folder
+            apifid = @api_node.resolve_api_fid(top_file_id, transfer.destination_folder(Fasp::TransferSpec::DIRECTION_SEND))
+            transfer_spec = apifid[:api].transfer_spec_gen4(apifid[:file_id], Fasp::TransferSpec::DIRECTION_SEND)
+            Log.dump(:ts, transfer_spec)
+            sync_plugin = Plugins::Sync.new(@agents, transfer_spec: transfer_spec)
+            return sync_plugin.execute_action
           when :upload
-            apifid = resolve_api_fid(top_file_id,transfer.destination_folder(Fasp::TransferSpec::DIRECTION_SEND))
-            add_ts = {'tags' => {'aspera' => {'files' => {'parentCwd' => "#{apifid[:node_info]['id']}:#{apifid[:file_id]}"}}}}
-            return Main.result_transfer(transfer_start(AoC::FILES_APP,Fasp::TransferSpec::DIRECTION_SEND,apifid,add_ts))
+            apifid = @api_node.resolve_api_fid(top_file_id, transfer.destination_folder(Fasp::TransferSpec::DIRECTION_SEND))
+            return Main.result_transfer(transfer.start(apifid[:api].transfer_spec_gen4(apifid[:file_id], Fasp::TransferSpec::DIRECTION_SEND)))
           when :download
             source_paths = transfer.ts_source_paths
             # special case for AoC : all files must be in same folder
             source_folder = source_paths.shift['source']
             # if a single file: split into folder and path
+            apifid = @api_node.resolve_api_fid(top_file_id, source_folder)
             if source_paths.empty?
-              source_folder = source_folder.split(AoC::PATH_SEPARATOR)
-              source_paths = [{'source' => source_folder.pop}]
-              source_folder = source_folder.join(AoC::PATH_SEPARATOR)
+              file_info = apifid[:api].read("files/#{apifid[:file_id]}")[:data]
+              case file_info['type']
+              when 'file'
+                # if the single source is a file, we need to split into folder path and filename
+                src_dir_elements = source_folder.split(Aspera::Node::PATH_SEPARATOR)
+                # filename is the last one
+                source_paths = [{'source' => src_dir_elements.pop}]
+                # source folder is what remains
+                source_folder = src_dir_elements.join(Aspera::Node::PATH_SEPARATOR)
+                # TODO: instead of creating a new object, use the same, and change file id with parent folder id ? possible ?
+                apifid = @api_node.resolve_api_fid(top_file_id, source_folder)
+              when 'link', 'folder'
+                # single source is 'folder' or 'link'
+                # TODO: add this ? , 'destination'=>file_info['name']
+                source_paths = [{'source' => '.'}]
+              else
+                raise "Unknown source type: #{file_info['type']}"
+              end
             end
-            apifid = resolve_api_fid(top_file_id,source_folder)
-            # override paths with just filename
-            add_ts = {'tags' => {'aspera' => {'files' => {'parentCwd' => "#{apifid[:node_info]['id']}:#{apifid[:file_id]}"}}}}
-            add_ts['paths'] = source_paths
-            return Main.result_transfer(transfer_start(AoC::FILES_APP,Fasp::TransferSpec::DIRECTION_RECEIVE,apifid,add_ts))
+            return Main.result_transfer(transfer.start(apifid[:api].transfer_spec_gen4(apifid[:file_id], Fasp::TransferSpec::DIRECTION_RECEIVE, {'paths'=>source_paths})))
           when :http_node_download
             source_paths = transfer.ts_source_paths
             source_folder = source_paths.shift['source']
             if source_paths.empty?
-              source_folder = source_folder.split(AoC::PATH_SEPARATOR)
+              source_folder = source_folder.split(Aspera::Node::PATH_SEPARATOR)
               source_paths = [{'source' => source_folder.pop}]
-              source_folder = source_folder.join(AoC::PATH_SEPARATOR)
+              source_folder = source_folder.join(Aspera::Node::PATH_SEPARATOR)
             end
-            raise CliBadArgument,'one file at a time only in HTTP mode' if source_paths.length > 1
+            raise CliBadArgument, 'one file at a time only in HTTP mode' if source_paths.length > 1
             file_name = source_paths.first['source']
-            apifid = resolve_api_fid(top_file_id,File.join(source_folder,file_name))
+            apifid = @api_node.resolve_api_fid(top_file_id, File.join(source_folder, file_name))
             apifid[:api].call(
               operation: 'GET',
               subpath: "files/#{apifid[:file_id]}/content",
-              save_to_file: File.join(transfer.destination_folder(Fasp::TransferSpec::DIRECTION_RECEIVE),file_name))
+              save_to_file: File.join(transfer.destination_folder(Fasp::TransferSpec::DIRECTION_RECEIVE), file_name))
             return Main.result_status("downloaded: #{file_name}")
-          when :permission
-            command_perm = options.get_next_command(%i[list create])
-            case command_perm
-            when :list
-              # generic options : TODO: as arg ? option_url_query
-              list_options ||= {'include' => ['[]','access_level','permission_count']}
-              # special value: ALL will show all permissions
-              if !VAL_ALL.eql?(apifid[:file_id])
-                # add which one to get
-                list_options['file_id'] = apifid[:file_id]
-                list_options['inherited'] ||= false
-              end
-              items = apifid[:api].read('permissions',list_options)[:data]
-              return {type: :object_list,data: items}
-            when :create
-              #create_param=self.options.get_next_argument('creation data (Hash)')
-              set_workspace_info
-              access_id = "#{ID_AK_ADMIN}_WS_#{@workspace_id}"
-              apifid[:node_info]
-              params = {
-                'file_id'       => apifid[:file_id], # mandatory
-                'access_type'   => 'user', # mandatory: user or group
-                'access_id'     => access_id, # id of user or group
-                'access_levels' => Aspera::Node::ACCESS_LEVELS,
-                'tags'          => {'aspera' => {'files' => {'workspace' => {
-                  'id'                => @workspace_id,
-                  'workspace_name'    => @workspace_name,
-                  'user_name'         => aoc_api.user_info['name'],
-                  'shared_by_user_id' => aoc_api.user_info['id'],
-                  'shared_by_name'    => aoc_api.user_info['name'],
-                  'shared_by_email'   => aoc_api.user_info['email'],
-                  'shared_with_name'  => access_id,
-                  'access_key'        => apifid[:node_info]['access_key'],
-                  'node'              => apifid[:node_info]['name']}}}}}
-              item = apifid[:api].create('permissions',params)[:data]
-              return {type: :single_object,data: item}
-            else raise "internal error:shall not reach here (#{command_perm})"
-            end
           when :file
-            command_node_file = options.get_next_command(%i[show modify])
-            file_path = options.get_option(:path)
-            apifid =
-              if !file_path.nil?
-                resolve_api_fid(top_file_id,file_path) # TODO: allow follow link ?
-              else
-                {node_info: top_file_id[:node_info],file_id: instance_identifier}
-              end
-            case command_node_file
-            when :show
-              items = apifid[:api].read("files/#{apifid[:file_id]}")[:data]
-              return {type: :single_object,data: items}
-            when :modify
-              update_param = options.get_next_argument('update data (Hash)')
-              res = apifid[:api].update("files/#{apifid[:file_id]}",update_param)[:data]
-              return {type: :single_object,data: res}
-            else raise "internal error:shall not reach here (#{command_node_file})"
-            end
+            command_node_file = options.get_next_command(%i[show modify permission])
+            return execute_node_gen4_file_command(command_node_file, top_file_id)
+          else raise "INTERNAL ERROR: no case for #{command_repo}"
           end # command_repo
-          raise 'ERR'
-        end # execute_node_gen4_command
+          # raise 'INTERNAL ERROR: missing return'
+        end # execute_command_gen4
+        # This is older API
         def execute_async
           command = options.get_next_command(%i[list delete files show counters bandwidth])
           unless command.eql?(:list)
@@ -441,7 +525,7 @@ module Aspera
               end
             else
               asyncids = @api_node.read('async/list')[:data]['sync_ids']
-              summaries = @api_node.create('async/summary',{'syncs' => asyncids})[:data]['sync_summaries']
+              summaries = @api_node.create('async/summary', {'syncs' => asyncids})[:data]['sync_summaries']
               selected = summaries.find{|s|s['name'].eql?(asyncname)}
               raise "no such sync: #{asyncname}" if selected.nil?
               asyncid = selected['snid']
@@ -454,16 +538,16 @@ module Aspera
             resp = @api_node.read('async/list')[:data]['sync_ids']
             return { type: :value_list, data: resp, name: 'id' }
           when :show
-            resp = @api_node.create('async/summary',pdata)[:data]['sync_summaries']
+            resp = @api_node.create('async/summary', pdata)[:data]['sync_summaries']
             return Main.result_empty if resp.empty?
             return { type: :object_list, data: resp, fields: %w[snid name local_dir remote_dir] } if asyncid.eql?('ALL')
             return { type: :single_object, data: resp.first }
           when :delete
-            resp = @api_node.create('async/delete',pdata)[:data]
+            resp = @api_node.create('async/delete', pdata)[:data]
             return { type: :single_object, data: resp, name: 'id' }
           when :bandwidth
             pdata['seconds'] = 100 # TODO: as parameter with --value
-            resp = @api_node.create('async/bandwidth',pdata)[:data]
+            resp = @api_node.create('async/bandwidth', pdata)[:data]
             data = resp['bandwidth_data']
             return Main.result_empty if data.empty?
             data = data.first[asyncid]['data']
@@ -475,19 +559,19 @@ module Aspera
             # status int
             filter = options.get_option(:value)
             pdata.merge!(filter) unless filter.nil?
-            resp = @api_node.create('async/files',pdata)[:data]
+            resp = @api_node.create('async/files', pdata)[:data]
             data = resp['sync_files']
             data = data.first[asyncid] unless data.empty?
             iteration_data = []
             skip_ids_persistency = nil
-            if options.get_option(:once_only,is_type: :mandatory)
+            if options.get_option(:once_only, is_type: :mandatory)
               skip_ids_persistency = PersistencyActionOnce.new(
                 manager: @agents[:persistency],
                 data:    iteration_data,
                 id:      IdGenerator.from_list([
                   'sync_files',
-                  options.get_option(:url,is_type: :mandatory),
-                  options.get_option(:username,is_type: :mandatory),
+                  options.get_option(:url, is_type: :mandatory),
+                  options.get_option(:username, is_type: :mandatory),
                   asyncid]))
               unless iteration_data.first.nil?
                 data.select!{|l| l['fnid'].to_i > iteration_data.first}
@@ -498,27 +582,50 @@ module Aspera
             skip_ids_persistency&.save
             return { type: :object_list, data: data, name: 'id' }
           when :counters
-            resp = @api_node.create('async/counters',pdata)[:data]['sync_counters'].first[asyncid].last
+            resp = @api_node.create('async/counters', pdata)[:data]['sync_counters'].first[asyncid].last
             return Main.result_empty if resp.nil?
             return { type: :single_object, data: resp }
           end
         end
-        ACTIONS = %i[postprocess stream transfer cleanup forward access_key watch_folder service async central asperabrowser basic_token].concat(COMMON_ACTIONS).freeze
+        ACTIONS = %i[
+          async
+          sync
+          stream
+          transfer
+          service
+          watch_folder
+          central
+          asperabrowser
+          basic_token].concat(COMMON_ACTIONS).freeze
-        def execute_action(command=nil,prefix_path=nil)
+        def execute_action(command=nil, prefix_path=nil)
           command ||= options.get_next_command(ACTIONS)
           case command
-          when *COMMON_ACTIONS then return execute_simple_common(command,prefix_path)
+          when *COMMON_ACTIONS then return execute_simple_common(command, prefix_path)
           when :async then return execute_async
+          when :sync
+            # newer api
+            sync_command = options.get_next_command(%i[bandwidth counters files start state stop summary].concat(Plugin::ALL_OPS) - %i[modify])
+            case sync_command
+            when *Plugin::ALL_OPS then return entity_command(sync_command, @api_node, 'asyncs', item_list_key: 'ids')
+            else
+              parameters = options.get_option(:value)
+              asyncs_id = instance_identifier
+              if %i[start stop].include?(sync_command)
+                @api_node.create("asyncs/#{asyncs_id}/#{sync_command}", parameters)
+                return Main.result_status('ok')
+              end
+              return { type: :single_object, data: @api_node.read("asyncs/#{asyncs_id}/#{sync_command}", parameters)[:data] }
+            end
           when :stream
             command = options.get_next_command(%i[list create show modify cancel])
             case command
             when :list
-              resp = @api_node.read('ops/transfers',options.get_option(:value))
+              resp = @api_node.read('ops/transfers', options.get_option(:value))
               return { type: :object_list, data: resp[:data], fields: %w[id status] } # TODO: useful?
             when :create
-              resp = @api_node.create('streams',options.get_option(:value,is_type: :mandatory))
+              resp = @api_node.create('streams', options.get_option(:value, is_type: :mandatory))
               return { type: :single_object, data: resp[:data] }
             when :show
               trid = options.get_next_argument('transfer id')
@@ -526,7 +633,7 @@ module Aspera
               return { type: :other_struct, data: resp[:data] }
             when :modify
               trid = options.get_next_argument('transfer id')
-              resp = @api_node.update('streams/' + trid,options.get_option(:value,is_type: :mandatory))
+              resp = @api_node.update('streams/' + trid, options.get_option(:value, is_type: :mandatory))
               return { type: :other_struct, data: resp[:data] }
             when :cancel
               trid = options.get_next_argument('transfer id')
@@ -545,7 +652,9 @@ module Aspera
             case command
             when :list
               # could use ? subpath: 'transfers'
-              resp = @api_node.read(res_class_path,options.get_option(:value))
+              query = options.get_option(:value) || options.get_option(:query)
+              raise 'Query must be a Hash' unless query.nil? || query.is_a?(Hash)
+              resp = @api_node.read(res_class_path, query)
               return {
                 type:   :object_list,
                 data:   resp[:data],
@@ -560,22 +669,6 @@ module Aspera
             else
               raise 'error'
             end
-          when :access_key
-            ak_command = options.get_next_command([Plugin::ALL_OPS,:do].flatten)
-            case ak_command
-            when *Plugin::ALL_OPS then return entity_command(ak_command,@api_node,'access_keys',id_default: 'self')
-            when :do
-              access_key = options.get_next_argument('access key id')
-              ak_info=@api_node.read("access_keys/#{access_key}")[:data]
-              # change API if needed
-              if !access_key.eql?('self')
-                secret=config.vault.get(username: access_key)[:secret] #, url: @api_node.params[:base_url] : TODO: better handle vault
-                @api_node.params[:auth][:username]=access_key
-                @api_node.params[:auth][:password]=secret
-              end
-              command_repo = options.get_next_command(NODE4_COMMANDS)
-              return execute_node_gen4_command(command_repo,ak_info['root_file_id'])
-            end
           when :service
             command = options.get_next_command(%i[list create delete])
             if [:delete].include?(command)
@@ -588,7 +681,7 @@ module Aspera
             when :create
               # @json:'{"type":"WATCHFOLDERD","run_as":{"user":"user1"}}'
               params = options.get_next_argument('Run creation data (structure)')
-              resp = @api_node.create('rund/services',params)
+              resp = @api_node.create('rund/services', params)
               return Main.result_status("#{resp[:data]['id']} created")
             when :delete
               @api_node.delete("rund/services/#{svcid}")
@@ -606,15 +699,15 @@ module Aspera
             @api_node.params[:headers]['X-aspera-WF-version'] = '2017_10_23'
             case command
             when :create
-              resp = @api_node.create(res_class_path,options.get_option(:value,is_type: :mandatory))
+              resp = @api_node.create(res_class_path, options.get_option(:value, is_type: :mandatory))
               return Main.result_status("#{resp[:data]['id']} created")
             when :list
-              resp = @api_node.read(res_class_path,options.get_option(:value))
+              resp = @api_node.read(res_class_path, options.get_option(:value))
               return { type: :value_list, data: resp[:data]['ids'], name: 'id' }
             when :show
               return { type: :single_object, data: @api_node.read(one_res_path)[:data]}
             when :modify
-              @api_node.update(one_res_path,options.get_option(:value,is_type: :mandatory))
+              @api_node.update(one_res_path, options.get_option(:value, is_type: :mandatory))
               return Main.result_status("#{one_res_id} updated")
             when :delete
               @api_node.delete(one_res_path)
@@ -634,37 +727,40 @@ module Aspera
               case command
               when :list
                 request_data.deep_merge!({'validation' => validation}) unless validation.nil?
-                resp = @api_node.create('services/rest/transfers/v1/sessions',request_data)
-                return { type: :object_list, data: resp[:data]['session_info_result']['session_info'],
-fields: %w[session_uuid status transport direction bytes_transferred]}
+                resp = @api_node.create('services/rest/transfers/v1/sessions', request_data)
+                return {
+                  type:   :object_list,
+                  data:   resp[:data]['session_info_result']['session_info'],
+                  fields: %w[session_uuid status transport direction bytes_transferred]
+                }
               end
             when :file
               command = options.get_next_command(%i[list modify])
               case command
               when :list
                 request_data.deep_merge!({'validation' => validation}) unless validation.nil?
-                resp = @api_node.create('services/rest/transfers/v1/files',request_data)[:data]
+                resp = @api_node.create('services/rest/transfers/v1/files', request_data)[:data]
                 resp = JSON.parse(resp) if resp.is_a?(String)
-                Log.dump(:resp,resp)
+                Log.dump(:resp, resp)
                 return { type: :object_list, data: resp['file_transfer_info_result']['file_transfer_info'], fields: %w[session_uuid file_id status path]}
               when :modify
                 request_data.deep_merge!(validation) unless validation.nil?
-                @api_node.update('services/rest/transfers/v1/files',request_data)
+                @api_node.update('services/rest/transfers/v1/files', request_data)
                 return Main.result_status('updated')
               end
             end
           when :asperabrowser
             browse_params = {
-              'nodeUser' => options.get_option(:username,is_type: :mandatory),
-              'nodePW'   => options.get_option(:password,is_type: :mandatory),
-              'nodeURL'  => options.get_option(:url,is_type: :mandatory)
+              'nodeUser' => options.get_option(:username, is_type: :mandatory),
+              'nodePW'   => options.get_option(:password, is_type: :mandatory),
+              'nodeURL'  => options.get_option(:url, is_type: :mandatory)
             }
             # encode parameters so that it looks good in url
             encoded_params = Base64.strict_encode64(Zlib::Deflate.deflate(JSON.generate(browse_params))).gsub(/=+$/, '').tr('+/', '-_').reverse
             OpenApplication.instance.uri(options.get_option(:asperabrowserurl) + '?goto=' + encoded_params)
             return Main.result_status('done')
           when :basic_token
-            return Main.result_status(Rest.basic_creds(options.get_option(:username,is_type: :mandatory),options.get_option(:password,is_type: :mandatory)))
+            return Main.result_status(Rest.basic_creds(options.get_option(:username, is_type: :mandatory), options.get_option(:password, is_type: :mandatory)))
           end # case command
           raise 'ERROR: shall not reach this line'
         end # execute_action