RubyGems - aspera-cli - Versions diffs - 4.9.0 → 4.11.0 - Mend

aspera-cli 4.9.0 → 4.11.0

Files changed (95) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/BUGS.md +20 -0
data/CHANGELOG.md +509 -0
data/CONTRIBUTING.md +118 -0
data/README.md +1241 -916
data/bin/ascli +4 -4
data/bin/asession +11 -11
data/docs/test_env.conf +32 -21
data/examples/aoc.rb +4 -4
data/examples/dascli +16 -9
data/examples/faspex4.rb +8 -8
data/examples/node.rb +12 -12
data/examples/server.rb +10 -10
data/lib/aspera/aoc.rb +273 -266
data/lib/aspera/ascmd.rb +56 -54
data/lib/aspera/ats_api.rb +4 -4
data/lib/aspera/cli/basic_auth_plugin.rb +15 -12
data/lib/aspera/cli/extended_value.rb +5 -5
data/lib/aspera/cli/formater.rb +64 -64
data/lib/aspera/cli/info.rb +2 -2
data/lib/aspera/cli/listener/line_dump.rb +1 -1
data/lib/aspera/cli/listener/logger.rb +1 -1
data/lib/aspera/cli/listener/progress.rb +5 -6
data/lib/aspera/cli/listener/progress_multi.rb +14 -19
data/lib/aspera/cli/main.rb +66 -67
data/lib/aspera/cli/manager.rb +112 -110
data/lib/aspera/cli/plugin.rb +57 -36
data/lib/aspera/cli/plugins/alee.rb +4 -4
data/lib/aspera/cli/plugins/aoc.rb +309 -670
data/lib/aspera/cli/plugins/ats.rb +44 -46
data/lib/aspera/cli/plugins/bss.rb +10 -10
data/lib/aspera/cli/plugins/config.rb +497 -378
data/lib/aspera/cli/plugins/console.rb +12 -12
data/lib/aspera/cli/plugins/cos.rb +18 -20
data/lib/aspera/cli/plugins/faspex.rb +112 -114
data/lib/aspera/cli/plugins/faspex5.rb +71 -46
data/lib/aspera/cli/plugins/node.rb +379 -283
data/lib/aspera/cli/plugins/orchestrator.rb +46 -46
data/lib/aspera/cli/plugins/preview.rb +122 -114
data/lib/aspera/cli/plugins/server.rb +137 -83
data/lib/aspera/cli/plugins/shares.rb +30 -29
data/lib/aspera/cli/plugins/sync.rb +13 -33
data/lib/aspera/cli/transfer_agent.rb +60 -59
data/lib/aspera/cli/version.rb +1 -1
data/lib/aspera/colors.rb +3 -3
data/lib/aspera/command_line_builder.rb +27 -27
data/lib/aspera/cos_node.rb +22 -20
data/lib/aspera/data_repository.rb +1 -1
data/lib/aspera/environment.rb +35 -15
data/lib/aspera/fasp/agent_base.rb +15 -15
data/lib/aspera/fasp/agent_connect.rb +23 -21
data/lib/aspera/fasp/agent_direct.rb +66 -64
data/lib/aspera/fasp/agent_httpgw.rb +141 -78
data/lib/aspera/fasp/agent_node.rb +23 -21
data/lib/aspera/fasp/agent_trsdk.rb +20 -20
data/lib/aspera/fasp/error.rb +3 -2
data/lib/aspera/fasp/error_info.rb +11 -8
data/lib/aspera/fasp/installation.rb +79 -79
data/lib/aspera/fasp/listener.rb +1 -1
data/lib/aspera/fasp/parameters.rb +86 -71
data/lib/aspera/fasp/parameters.yaml +7 -4
data/lib/aspera/fasp/resume_policy.rb +8 -8
data/lib/aspera/fasp/transfer_spec.rb +35 -2
data/lib/aspera/fasp/uri.rb +7 -7
data/lib/aspera/faspex_gw.rb +7 -5
data/lib/aspera/hash_ext.rb +3 -3
data/lib/aspera/id_generator.rb +5 -5
data/lib/aspera/keychain/encrypted_hash.rb +38 -105
data/lib/aspera/keychain/macos_security.rb +128 -57
data/lib/aspera/log.rb +7 -7
data/lib/aspera/nagios.rb +19 -18
data/lib/aspera/node.rb +209 -35
data/lib/aspera/oauth.rb +37 -36
data/lib/aspera/open_application.rb +19 -11
data/lib/aspera/persistency_action_once.rb +4 -4
data/lib/aspera/persistency_folder.rb +16 -15
data/lib/aspera/preview/file_types.rb +8 -8
data/lib/aspera/preview/generator.rb +67 -67
data/lib/aspera/preview/utils.rb +27 -27
data/lib/aspera/proxy_auto_config.js +41 -41
data/lib/aspera/proxy_auto_config.rb +21 -14
data/lib/aspera/rest.rb +72 -67
data/lib/aspera/rest_call_error.rb +2 -1
data/lib/aspera/rest_error_analyzer.rb +18 -17
data/lib/aspera/rest_errors_aspera.rb +16 -16
data/lib/aspera/secret_hider.rb +15 -13
data/lib/aspera/ssh.rb +11 -10
data/lib/aspera/sync.rb +158 -44
data/lib/aspera/temp_file_manager.rb +2 -2
data/lib/aspera/uri_reader.rb +4 -4
data/lib/aspera/web_auth.rb +14 -13
data.tar.gz.sig +0 -0
metadata +11 -36
metadata.gz.sig +0 -0

data/lib/aspera/cli/plugins/node.rb CHANGED Viewed

@@ -1,10 +1,12 @@
 # frozen_string_literal: true
 require 'aspera/cli/basic_auth_plugin'
+require 'aspera/cli/plugins/sync'
 require 'aspera/nagios'
 require 'aspera/hash_ext'
 require 'aspera/id_generator'
 require 'aspera/node'
+require 'aspera/aoc'
 require 'aspera/fasp/transfer_spec'
 require 'base64'
 require 'zlib'
@@ -12,7 +14,7 @@ require 'zlib'
 module Aspera
   module Cli
     module Plugins
-      class Node < BasicAuthPlugin
+      class Node < Aspera::Cli::BasicAuthPlugin
         class << self
           def detect(base_url)
             api = Rest.new({ base_url: base_url})
@@ -22,55 +24,99 @@ module Aspera
             end
             return nil
           end
+          def register_node_options(env)
+            env[:options].add_opt_simple(:validator, 'identifier of validator (optional for central)')
+            env[:options].add_opt_simple(:asperabrowserurl, 'URL for simple aspera web ui')
+            env[:options].add_opt_simple(:sync_name, 'sync name')
+            env[:options].add_opt_simple(:path, 'file or folder path for gen4 operation "file"')
+            env[:options].add_opt_list(:token_type, %i[aspera basic hybrid], 'Type of token used for transfers')
+            env[:options].add_opt_boolean(:default_ports, 'use standard FASP ports or get from node api (gen4)')
+            env[:options].set_option(:asperabrowserurl, 'https://asperabrowser.mybluemix.net')
+            env[:options].set_option(:token_type, :aspera)
+            env[:options].set_option(:default_ports, :yes)
+            env[:options].parse_options!
+            Aspera::Node.use_standard_ports = env[:options].get_option(:default_ports)
+          end
         end
-        SAMPLE_SOAP_CALL = '<?xml version="1.0" encoding="UTF-8"?>'\
+        # SOAP API call to test central API
+        CENTRAL_SOAP_API_TEST = '<?xml version="1.0" encoding="UTF-8"?>'\
           '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="urn:Aspera:XML:FASPSessionNET:2009/11:Types">'\
           '<soapenv:Header></soapenv:Header>'\
           '<soapenv:Body><typ:GetSessionInfoRequest><SessionFilter><SessionStatus>running</SessionStatus></SessionFilter></typ:GetSessionInfoRequest></soapenv:Body>'\
           '</soapenv:Envelope>'
-        SEARCH_REMOVE_FIELDS=%w[basename permissions].freeze
-        private_constant :SAMPLE_SOAP_CALL,:SEARCH_REMOVE_FIELDS
+        # fields removed in result of search
+        SEARCH_REMOVE_FIELDS = %w[basename permissions].freeze
+        # actions in execute_command_gen3
+        COMMANDS_GEN3 = %i[search space mkdir mklink mkfile rename delete browse upload download]
+        BASE_ACTIONS = %i[api_details].concat(COMMANDS_GEN3).freeze
+        SPECIAL_ACTIONS = %i[health events info license].freeze
+        # actions available in v3 in gen4
+        V3_IN_V4_ACTIONS = %i[access_key].concat(BASE_ACTIONS).concat(SPECIAL_ACTIONS).freeze
+        # actions used commonly when a node is involved
+        COMMON_ACTIONS = %i[access_key].concat(BASE_ACTIONS).concat(SPECIAL_ACTIONS).freeze
+        private_constant(*%i[CENTRAL_SOAP_API_TEST SEARCH_REMOVE_FIELDS BASE_ACTIONS SPECIAL_ACTIONS V3_IN_V4_ACTIONS COMMON_ACTIONS])
+        # used in aoc
+        NODE4_READ_ACTIONS = %i[bearer_token_node node_info browse find].freeze
+        # commands for execute_command_gen4
+        COMMANDS_GEN4 = %i[mkdir rename delete upload download sync http_node_download file v3].concat(NODE4_READ_ACTIONS).freeze
+        COMMANDS_COS = %i[upload download info access_key api_details transfer].freeze
+        COMMANDS_SHARES = (BASE_ACTIONS - %i[search]).freeze
+        COMMANDS_FASPEX = COMMON_ACTIONS
         def initialize(env)
           super(env)
-          # this is added to transfer spec, for instance to add tags (COS)
-          @add_request_param = env[:add_request_param] || {}
-          options.add_opt_simple(:validator,'identifier of validator (optional for central)')
-          options.add_opt_simple(:asperabrowserurl,'URL for simple aspera web ui')
-          options.add_opt_simple(:sync_name,'sync name')
-          options.add_opt_list(:token_type,%i[aspera basic hybrid],'Type of token used for transfers')
-          options.set_option(:asperabrowserurl,'https://asperabrowser.mybluemix.net')
-          options.set_option(:token_type,:aspera)
-          options.parse_options!
+          self.class.register_node_options(env) unless env[:skip_node_options]
           return if env[:man_only]
           @api_node =
-            if env.has_key?(:node_api)
+            if env.key?(:node_api)
+              # this can be Aspera::Node or Aspera::Rest (shares)
               env[:node_api]
-            elsif options.get_option(:password,is_type: :mandatory).start_with?('Bearer ')
+            elsif options.get_option(:password, is_type: :mandatory).start_with?('Bearer ')
               # info is provided like node_info of aoc
-              Rest.new({
-                base_url: options.get_option(:url,is_type: :mandatory),
+              Aspera::Node.new(params: {
+                base_url: options.get_option(:url, is_type: :mandatory),
                 headers:  {
-                  'X-Aspera-AccessKey' => options.get_option(:username,is_type: :mandatory),
-                  'Authorization'      => options.get_option(:password,is_type: :mandatory)
+                  Aspera::Node::X_ASPERA_ACCESSKEY => options.get_option(:username, is_type: :mandatory),
+                  'Authorization'                  => options.get_option(:password, is_type: :mandatory)
                 }
               })
             else
               # this is normal case
-              basic_auth_api
+              Aspera::Node.new(params: {
+                base_url: options.get_option(:url, is_type: :mandatory),
+                auth:     {
+                  type:     :basic,
+                  username: options.get_option(:username, is_type: :mandatory),
+                  password: options.get_option(:password, is_type: :mandatory)
+                }})
             end
         end
         def c_textify_browse(table_data)
-          return table_data.map {|i| i['permissions'] = i['permissions'].map { |x| x['name'] }.join(','); i }
+          return table_data.map do |i|
+                   i['permissions'] = i['permissions'].map { |x| x['name'] }.join(',')
+                   i
+                 end
         end
         # key/value is defined in main in hash_table
-        def c_textify_bool_list_result(list,name_list)
+        def c_textify_bool_list_result(list, name_list)
           list.each_index do |i|
             next unless name_list.include?(list[i]['key'])
             list[i]['value'].each do |item|
-              list.push({'key' => item['name'],'value' => item['value']})
+              list.push({'key' => item['name'], 'value' => item['value']})
             end
             list.delete_at(i)
             # continue at same index because we delete current one
@@ -79,7 +125,7 @@ module Aspera
         end
         # reduce the path from a result on given named column
-        def c_result_remove_prefix_path(result,column,path_prefix)
+        def c_result_remove_prefix_path(result, column, path_prefix)
           if !path_prefix.nil?
             case result[:type]
             when :object_list
@@ -95,338 +141,376 @@ module Aspera
         end
         # translates paths results into CLI result, and removes prefix
-        def c_result_translate_rem_prefix(resp,type,success_msg,path_prefix)
-          resres = { data: [], type: :object_list, fields: [type,'result']}
+        def c_result_translate_rem_prefix(resp, type, success_msg, path_prefix)
+          errors = []
+          resres = { data: [], type: :object_list, fields: [type, 'result']}
           JSON.parse(resp[:http].body)['paths'].each do |p|
             result = success_msg
-            if p.has_key?('error')
-              Log.log.error("#{p['error']['user_message']} : #{p['path']}")
+            if p.key?('error')
+              Log.log.error{"#{p['error']['user_message']} : #{p['path']}"}
               result = 'ERROR: ' + p['error']['user_message']
+              errors.push([p['path'], p['error']['user_message']])
             end
-            resres[:data].push({type => p['path'],'result' => result})
+            resres[:data].push({type => p['path'], 'result' => result})
+          end
+          # one error make all fail
+          unless errors.empty?
+            raise errors.map{|i|"#{i.first}: #{i.last}"}.join(', ')
           end
-          return c_result_remove_prefix_path(resres,type,path_prefix)
+          return c_result_remove_prefix_path(resres, type, path_prefix)
         end
         # get path arguments from command line, and add prefix
-        def get_next_arg_add_prefix(path_prefix,name,number=:single)
-          thepath = options.get_next_argument(name,expected: number)
+        def get_next_arg_add_prefix(path_prefix, name, number=:single)
+          thepath = options.get_next_argument(name, expected: number)
           return thepath if path_prefix.nil?
-          return File.join(path_prefix,thepath) if thepath.is_a?(String)
-          return thepath.map {|p| File.join(path_prefix,p)} if thepath.is_a?(Array)
-          raise StandardError,'expect: nil, String or Array'
+          return File.join(path_prefix, thepath) if thepath.is_a?(String)
+          return thepath.map {|p| File.join(path_prefix, p)} if thepath.is_a?(Array)
+          raise StandardError, 'expect: nil, String or Array'
         end
-        SIMPLE_ACTIONS = %i[health events space info license mkdir mklink mkfile rename delete search].freeze
-        COMMON_ACTIONS = %i[browse upload download api_details].concat(SIMPLE_ACTIONS).freeze
-        # common API to node and Shares
-        # prefix_path is used to list remote sources in Faspex
-        def execute_simple_common(command,prefix_path)
+        # file and folder related commands
+        def execute_command_gen3(command, prefix_path)
           case command
-          when :health
-            nagios = Nagios.new
-            begin
-              info = @api_node.read('info')[:data]
-              nagios.add_ok('node api','accessible')
-              nagios.check_time_offset(info['current_time'],'node api')
-              nagios.check_product_version('node api','entsrv', info['version'])
-            rescue StandardError => e
-              nagios.add_critical('node api',e.to_s)
-            end
-            begin
-              @api_node.call(
-                operation: 'POST',
-                subpath: 'services/soap/Transfer-201210',
-                headers: {'Content-Type' => 'text/xml;charset=UTF-8','SOAPAction' => 'FASPSessionNET-200911#GetSessionInfo'},
-                text_body_params: SAMPLE_SOAP_CALL)[:http].body
-              nagios.add_ok('central','accessible by node')
-            rescue StandardError => e
-              nagios.add_critical('central',e.to_s)
-            end
-            return nagios.result
-          when :events
-            events = @api_node.read('events',options.get_option(:value))[:data]
-            return { type: :object_list, data: events}
-          when :info
-            node_info = @api_node.read('info')[:data]
-            return { type: :single_object, data: node_info, textify: lambda { |table_data| c_textify_bool_list_result(table_data,%w[capabilities settings])}}
-          when :license # requires: asnodeadmin -mu <node user> --acl-add=internal --internal
-            node_license = @api_node.read('license')[:data]
-            if node_license['failure'].is_a?(String) && node_license['failure'].include?('ACL')
-              Log.log.error('server must have: asnodeadmin -mu <node user> --acl-add=internal --internal')
-            end
-            return { type: :single_object, data: node_license}
           when :delete
-            paths_to_delete = get_next_arg_add_prefix(prefix_path,'file list',:multiple)
-            resp = @api_node.create('files/delete',{ paths: paths_to_delete.map{|i| {'path' => i.start_with?('/') ? i : '/' + i} }})
-            return c_result_translate_rem_prefix(resp,'file','deleted',prefix_path)
+            paths_to_delete = get_next_arg_add_prefix(prefix_path, 'file list', :multiple)
+            resp = @api_node.create('files/delete', { paths: paths_to_delete.map{|i| {'path' => i.start_with?('/') ? i : '/' + i} }})
+            return c_result_translate_rem_prefix(resp, 'file', 'deleted', prefix_path)
           when :search
-            search_root = get_next_arg_add_prefix(prefix_path,'search root')
+            search_root = get_next_arg_add_prefix(prefix_path, 'search root')
             parameters = {'path' => search_root}
             other_options = options.get_option(:value)
             parameters.merge!(other_options) unless other_options.nil?
-            resp = @api_node.create('files/search',parameters)
+            resp = @api_node.create('files/search', parameters)
             result = { type: :object_list, data: resp[:data]['items']}
             return Main.result_empty if result[:data].empty?
             result[:fields] = result[:data].first.keys.reject{|i|SEARCH_REMOVE_FIELDS.include?(i)}
             self.format.display_status("Items: #{resp[:data]['item_count']}/#{resp[:data]['total_count']}")
             self.format.display_status("params: #{resp[:data]['parameters'].keys.map{|k|"#{k}:#{resp[:data]['parameters'][k]}"}.join(',')}")
-            return c_result_remove_prefix_path(result,'path',prefix_path)
+            return c_result_remove_prefix_path(result, 'path', prefix_path)
           when :space
-            # TODO: could be a list of path
-            path_list = get_next_arg_add_prefix(prefix_path,'folder path or ext.val. list')
+            path_list = get_next_arg_add_prefix(prefix_path, 'folder path or ext.val. list')
             path_list = [path_list] unless path_list.is_a?(Array)
-            resp = @api_node.create('space',{ 'paths' => path_list.map {|i| { path: i} } })
+            resp = @api_node.create('space', { 'paths' => path_list.map {|i| { path: i} } })
             result = { data: resp[:data]['paths'], type: :object_list}
-            #return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
-            return c_result_remove_prefix_path(result,'path',prefix_path)
+            # return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
+            return c_result_remove_prefix_path(result, 'path', prefix_path)
           when :mkdir
-            path_list = get_next_arg_add_prefix(prefix_path,'folder path or ext.val. list')
+            path_list = get_next_arg_add_prefix(prefix_path, 'folder path or ext.val. list')
             path_list = [path_list] unless path_list.is_a?(Array)
-            #TODO: a command for that ?
-            #resp=@api_node.create('space',{ "paths" => path_list.map {|i| { type: :directory, path: i} } } )
-            resp = @api_node.create('files/create',{ 'paths' => [{ type: :directory, path: path_list }] })
-            return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
+            resp = @api_node.create('files/create', { 'paths' => [{ type: :directory, path: path_list }] })
+            return c_result_translate_rem_prefix(resp, 'folder', 'created', prefix_path)
           when :mklink
-            target = get_next_arg_add_prefix(prefix_path,'target')
-            path_list = get_next_arg_add_prefix(prefix_path,'link path')
-            resp = @api_node.create('files/create',{ 'paths' => [{ type: :symbolic_link, path: path_list, target: { path: target} }] })
-            return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
+            target = get_next_arg_add_prefix(prefix_path, 'target')
+            path_list = get_next_arg_add_prefix(prefix_path, 'link path')
+            resp = @api_node.create('files/create', { 'paths' => [{ type: :symbolic_link, path: path_list, target: { path: target} }] })
+            return c_result_translate_rem_prefix(resp, 'folder', 'created', prefix_path)
           when :mkfile
-            path_list = get_next_arg_add_prefix(prefix_path,'file path')
+            path_list = get_next_arg_add_prefix(prefix_path, 'file path')
             contents64 = Base64.strict_encode64(options.get_next_argument('contents'))
-            resp = @api_node.create('files/create',{ 'paths' => [{ type: :file, path: path_list, contents: contents64 }] })
-            return c_result_translate_rem_prefix(resp,'folder','created',prefix_path)
+            resp = @api_node.create('files/create', { 'paths' => [{ type: :file, path: path_list, contents: contents64 }] })
+            return c_result_translate_rem_prefix(resp, 'folder', 'created', prefix_path)
           when :rename
-            path_base = get_next_arg_add_prefix(prefix_path,'path_base')
-            path_src = get_next_arg_add_prefix(prefix_path,'path_src')
-            path_dst = get_next_arg_add_prefix(prefix_path,'path_dst')
-            resp = @api_node.create('files/rename',{ 'paths' => [{ 'path' => path_base, 'source' => path_src, 'destination' => path_dst }] })
-            return c_result_translate_rem_prefix(resp,'entry','moved',prefix_path)
+            path_base = get_next_arg_add_prefix(prefix_path, 'path_base')
+            path_src = get_next_arg_add_prefix(prefix_path, 'path_src')
+            path_dst = get_next_arg_add_prefix(prefix_path, 'path_dst')
+            resp = @api_node.create('files/rename', { 'paths' => [{ 'path' => path_base, 'source' => path_src, 'destination' => path_dst }] })
+            return c_result_translate_rem_prefix(resp, 'entry', 'moved', prefix_path)
           when :browse
-            thepath = get_next_arg_add_prefix(prefix_path,'path')
+            thepath = get_next_arg_add_prefix(prefix_path, 'path')
             query = { path: thepath}
             additional_query = options.get_option(:query)
             query.merge!(additional_query) unless additional_query.nil?
             send_result = @api_node.create('files/browse', query)[:data]
-            #example: send_result={'items'=>[{'file'=>"filename1","permissions"=>[{'name'=>'read'},{'name'=>'write'}]}]}
+            # example: send_result={'items'=>[{'file'=>"filename1","permissions"=>[{'name'=>'read'},{'name'=>'write'}]}]}
             # if there is no items
             case send_result['self']['type']
-            when 'directory','container' # directory: node, container: shares
+            when 'directory', 'container' # directory: node, container: shares
               result = { data: send_result['items'], type: :object_list, textify: lambda { |table_data| c_textify_browse(table_data) } }
               self.format.display_status("Items: #{send_result['item_count']}/#{send_result['total_count']}")
             else # 'file','symbolic_link'
               result = { data: send_result['self'], type: :single_object}
-              #result={ data: [send_result['self']] , type: :object_list, textify: lambda { |table_data| c_textify_browse(table_data) } }
-              #raise "unknown type: #{send_result['self']['type']}"
+              # result={ data: [send_result['self']] , type: :object_list, textify: lambda { |table_data| c_textify_browse(table_data) } }
+              # raise "unknown type: #{send_result['self']['type']}"
             end
-            return c_result_remove_prefix_path(result,'path',prefix_path)
-          when :upload,:download
+            return c_result_remove_prefix_path(result, 'path', prefix_path)
+          when :upload, :download
             token_type = options.get_option(:token_type)
             # nil if Shares 1.x
             token_type = :aspera if token_type.nil?
             case token_type
-            when :aspera,:hybrid
+            when :aspera, :hybrid
               # empty transfer spec for authorization request
-              request_transfer_spec={}
+              request_transfer_spec = {}
               # set requested paths depending on direction
               request_transfer_spec[:paths] = command.eql?(:download) ? transfer.ts_source_paths : [{ destination: transfer.destination_folder('send') }]
               # add fixed parameters if any (for COS)
-              request_transfer_spec.deep_merge!(@add_request_param)
+              @api_node.add_tspec_info(request_transfer_spec) if @api_node.respond_to?(:add_tspec_info)
               # prepare payload for single request
-              setup_payload={transfer_requests: [{transfer_request: request_transfer_spec}]}
+              setup_payload = {transfer_requests: [{transfer_request: request_transfer_spec}]}
               # only one request, so only one answer
-              transfer_spec = @api_node.create("files/#{command}_setup",setup_payload)[:data]['transfer_specs'].first['transfer_spec']
+              transfer_spec = @api_node.create("files/#{command}_setup", setup_payload)[:data]['transfer_specs'].first['transfer_spec']
               # delete this part, as the returned value contains only destination, and not sources
               transfer_spec.delete('paths') if command.eql?(:upload)
             when :basic
               raise 'shall have auth' unless @api_node.params[:auth].is_a?(Hash)
               raise 'shall be basic auth' unless @api_node.params[:auth][:type].eql?(:basic)
-              ts_direction =
-                case command
-                when :upload then Fasp::TransferSpec::DIRECTION_SEND
-                when :download then Fasp::TransferSpec::DIRECTION_RECEIVE
-                else raise 'Error: need upload or download'
-                end
-              transfer_spec = {
-                'remote_host'      => URI.parse(@api_node.params[:base_url]).host,
-                'remote_user'      => Aspera::Fasp::TransferSpec::ACCESS_KEY_TRANSFER_USER,
-                'ssh_port'         => Aspera::Fasp::TransferSpec::SSH_PORT,
-                'direction'        => ts_direction,
-                'destination_root' => transfer.destination_folder(ts_direction)
-              }.deep_merge(@add_request_param)
+              transfer_spec = {}.merge(Aspera::Fasp::TransferSpec::AK_TSPEC_BASE)
+              transfer_spec['remote_host'] = URI.parse(@api_node.params[:base_url]).host
+              Fasp::TransferSpec.action_to_direction(transfer_spec, command)
+              transfer_spec['destination_root'] = transfer.destination_folder(transfer_spec['direction'])
+              @api_node.add_tspec_info(transfer_spec) if @api_node.respond_to?(:add_tspec_info)
             else raise "ERROR: token_type #{tt}"
             end
             if %i[basic hybrid].include?(token_type)
-              Aspera::Node.set_ak_basic_token(transfer_spec,@api_node.params[:auth][:username],@api_node.params[:auth][:password])
+              @api_node.ts_basic_token(transfer_spec)
             end
-            return Main.result_transfer(transfer.start(transfer_spec,{ src: :node_gen3}))
+            return Main.result_transfer(transfer.start(transfer_spec))
+          end
+          raise 'INTERNAL ERROR'
+        end
+        # common API to node and Shares
+        # prefix_path is used to list remote sources in Faspex
+        def execute_simple_common(command, prefix_path)
+          case command
+          when *COMMANDS_GEN3
+            execute_command_gen3(command, prefix_path)
+          when :access_key
+            ak_command = options.get_next_command([:do].concat(Plugin::ALL_OPS))
+            case ak_command
+            when *Plugin::ALL_OPS then return entity_command(ak_command, @api_node, 'access_keys', id_default: 'self')
+            when :do
+              access_key = options.get_next_argument('access key id')
+              ak_info = @api_node.read("access_keys/#{access_key}")[:data]
+              # change API credentials if different access key
+              if !access_key.eql?('self')
+                @api_node.params[:auth][:username] = ak_info['id']
+                @api_node.params[:auth][:password] = config.lookup_secret(url: @api_node.params[:base_url], username: ak_info['id'], mandatory: true)
+              end
+              command_repo = options.get_next_command(COMMANDS_GEN4)
+              return execute_command_gen4(command_repo, ak_info['root_file_id'])
+            end
+          when :health
+            nagios = Nagios.new
+            begin
+              info = @api_node.read('info')[:data]
+              nagios.add_ok('node api', 'accessible')
+              nagios.check_time_offset(info['current_time'], 'node api')
+              nagios.check_product_version('node api', 'entsrv', info['version'])
+            rescue StandardError => e
+              nagios.add_critical('node api', e.to_s)
+            end
+            begin
+              @api_node.call(
+                operation: 'POST',
+                subpath: 'services/soap/Transfer-201210',
+                headers: {'Content-Type' => 'text/xml;charset=UTF-8', 'SOAPAction' => 'FASPSessionNET-200911#GetSessionInfo'},
+                text_body_params: CENTRAL_SOAP_API_TEST)[:http].body
+              nagios.add_ok('central', 'accessible by node')
+            rescue StandardError => e
+              nagios.add_critical('central', e.to_s)
+            end
+            return nagios.result
+          when :events
+            events = @api_node.read('events', options.get_option(:value))[:data]
+            return { type: :object_list, data: events}
+          when :info
+            nd_info = @api_node.read('info')[:data]
+            return { type: :single_object, data: nd_info, textify: lambda { |table_data| c_textify_bool_list_result(table_data, %w[capabilities settings])}}
+          when :license
+            # requires: asnodeadmin -mu <node user> --acl-add=internal --internal
+            node_license = @api_node.read('license')[:data]
+            if node_license['failure'].is_a?(String) && node_license['failure'].include?('ACL')
+              Log.log.error('server must have: asnodeadmin -mu <node user> --acl-add=internal --internal')
+            end
+            return { type: :single_object, data: node_license}
           when :api_details
             return { type: :single_object, data: @api_node.params }
           end
         end
-        # navigate the path from given file id
-        # @param id initial file id
-        # @param path file path
-        # @return {.api,.file_id}
-        def resolve_api_fid(id, path)
-          # TODO: implement
-          Log.log.debug("TODO #{path}")
-          return {api: @api_node, file_id: id}
+        def execute_node_gen4_file_command(command_node_file, top_file_id)
+          file_path = options.get_option(:path)
+          apifid =
+            if file_path.nil?
+              {api: @api_node, file_id: instance_identifier}
+            else
+              @api_node.resolve_api_fid(top_file_id, file_path) # TODO: allow follow link ?
+            end
+          case command_node_file
+          when :show
+            items = apifid[:api].read("files/#{apifid[:file_id]}")[:data]
+            return {type: :single_object, data: items}
+          when :modify
+            update_param = options.get_next_argument('update data', type: Hash)
+            apifid[:api].update("files/#{apifid[:file_id]}", update_param)[:data]
+            return Main.result_status('Done')
+          when :permission
+            command_perm = options.get_next_command(%i[list create delete])
+            case command_perm
+            when :list
+              # generic options : TODO: as arg ? option_url_query
+              list_options ||= {'include' => ['[]', 'access_level', 'permission_count']}
+              # add which one to get
+              list_options['file_id'] = apifid[:file_id]
+              list_options['inherited'] ||= false
+              items = apifid[:api].read('permissions', list_options)[:data]
+              return {type: :object_list, data: items}
+            when :delete
+              perm_id = instance_identifier
+              return do_bulk_operation(perm_id, 'deleted') do |one_id|
+                # TODO: notify event ?
+                apifid[:api].delete("permissions/#{perm_id}")
+                {'id' => one_id}
+              end
+            when :create
+              create_param = options.get_next_argument('creation data', type: Hash)
+              raise 'no file_id' if create_param.key?('file_id')
+              create_param['file_id'] = apifid[:file_id]
+              create_param['access_levels'] = Aspera::Node::ACCESS_LEVELS unless create_param.key?('access_levels')
+              # add application specific tags (AoC)
+              the_app = apifid[:api].app_info
+              the_app[:api].permissions_create_params(create_param: create_param, app_info: the_app) unless the_app.nil?
+              # create permission
+              created_data = apifid[:api].create('permissions', create_param)[:data]
+              # bnotify application of creation
+              the_app[:api].permissions_create_event(created_data: created_data, app_info: the_app) unless the_app.nil?
+              return { type: :single_object, data: created_data}
+            else raise "internal error:shall not reach here (#{command_perm})"
+            end
+          else raise "internal error:shall not reach here (#{command_node_file})"
+          end
         end
-        NODE4_COMMANDS = %i[browse find mkdir rename delete upload download http_node_download file permission bearer_token_node node_info].freeze
-        def execute_node_gen4_command(command_repo, top_file_id)
-          #@api_node
+        def execute_command_gen4(command_repo, top_file_id)
           case command_repo
-          when :node_info
+          when :v3
+            # NOTE: other common actions are unauthorized with user scope
+            command_legacy = options.get_next_command(V3_IN_V4_ACTIONS)
+            # TODO: shall we support all methods here ? what if there is a link ?
+            apifid = @api_node.resolve_api_fid(top_file_id, '')
+            return Node.new(@agents.merge(skip_basic_auth_options: true, skip_node_options: true, node_api: apifid[:api])).execute_action(command_legacy)
+          when :node_info, :bearer_token_node
             thepath = options.get_next_argument('path')
-            apifid = resolve_api_fid(top_file_id,thepath)
-            apifid[:api] = aoc_api.get_node_api(apifid[:node_info], use_secret: false)
-            return {type: :single_object,data: {
-              url:      apifid[:node_info]['url'],
-              username: apifid[:node_info]['access_key'],
-              password: apifid[:api].oauth_token,
-              root_id:  apifid[:file_id]
-            }}
+            apifid = @api_node.resolve_api_fid(top_file_id, thepath)
+            result = {
+              url:     apifid[:api].params[:base_url],
+              root_id: apifid[:file_id]
+            }
+            raise 'No auth for node' if apifid[:api].params[:auth].nil?
+            case apifid[:api].params[:auth][:type]
+            when :basic
+              result[:username] = apifid[:api].params[:auth][:username]
+              result[:password] = apifid[:api].params[:auth][:password]
+            when :oauth2
+              result[:username] = apifid[:api].params[:headers][Aspera::Node::X_ASPERA_ACCESSKEY]
+              result[:password] = apifid[:api].oauth_token
+            else raise 'unknown'
+            end
+            return {type: :single_object, data: result} if command_repo.eql?(:node_info)
+            raise 'not bearer token' unless result[:password].start_with?('Bearer ')
+            return Main.result_status(result[:password])
           when :browse
             thepath = options.get_next_argument('path')
-            apifid = resolve_api_fid(top_file_id,thepath)
+            apifid = @api_node.resolve_api_fid(top_file_id, thepath)
             file_info = apifid[:api].read("files/#{apifid[:file_id]}")[:data]
             if file_info['type'].eql?('folder')
-              result = apifid[:api].read("files/#{apifid[:file_id]}/files",options.get_option(:value))
+              result = apifid[:api].read("files/#{apifid[:file_id]}/files", options.get_option(:value))
               items = result[:data]
               self.format.display_status("Items: #{result[:data].length}/#{result[:http]['X-Total-Count']}")
             else
               items = [file_info]
             end
-            return {type: :object_list,data: items,fields: %w[name type recursive_size size modified_time access_level]}
+            return {type: :object_list, data: items, fields: %w[name type recursive_size size modified_time access_level]}
           when :find
             thepath = options.get_next_argument('path')
-            apifid = resolve_api_fid(top_file_id,thepath)
+            apifid = @api_node.resolve_api_fid(top_file_id, thepath)
             test_block = Aspera::Node.file_matcher(options.get_option(:value))
-            return {type: :object_list,data: aoc_api.find_files(apifid,test_block),fields: ['path']}
+            return {type: :object_list, data: @api_node.find_files(apifid[:file_id], test_block), fields: ['path']}
           when :mkdir
             thepath = options.get_next_argument('path')
-            containing_folder_path = thepath.split(AoC::PATH_SEPARATOR)
+            containing_folder_path = thepath.split(Aspera::Node::PATH_SEPARATOR)
             new_folder = containing_folder_path.pop
-            apifid = resolve_api_fid(top_file_id,containing_folder_path.join(AoC::PATH_SEPARATOR))
-            result = apifid[:api].create("files/#{apifid[:file_id]}/files",{name: new_folder,type: :folder})[:data]
+            apifid = @api_node.resolve_api_fid(top_file_id, containing_folder_path.join(Aspera::Node::PATH_SEPARATOR))
+            result = apifid[:api].create("files/#{apifid[:file_id]}/files", {name: new_folder, type: :folder})[:data]
             return Main.result_status("created: #{result['name']} (id=#{result['id']})")
           when :rename
             thepath = options.get_next_argument('source path')
             newname = options.get_next_argument('new name')
-            apifid = resolve_api_fid(top_file_id,thepath)
-            result = apifid[:api].update("files/#{apifid[:file_id]}",{name: newname})[:data]
+            apifid = @api_node.resolve_api_fid(top_file_id, thepath)
+            result = apifid[:api].update("files/#{apifid[:file_id]}", {name: newname})[:data]
             return Main.result_status("renamed #{thepath} to #{newname}")
           when :delete
             thepath = options.get_next_argument('path')
-            return do_bulk_operation(thepath,'deleted','path') do |l_path|
+            return do_bulk_operation(thepath, 'deleted', id_result: 'path') do |l_path|
               raise "expecting String (path), got #{l_path.class.name} (#{l_path})" unless l_path.is_a?(String)
-              apifid = resolve_api_fid(top_file_id,l_path)
+              apifid = @api_node.resolve_api_fid(top_file_id, l_path)
               result = apifid[:api].delete("files/#{apifid[:file_id]}")[:data]
               {'path' => l_path}
             end
+          when :sync
+            # remote is specified by option to_folder
+            apifid = @api_node.resolve_api_fid(top_file_id, transfer.destination_folder(Fasp::TransferSpec::DIRECTION_SEND))
+            transfer_spec = apifid[:api].transfer_spec_gen4(apifid[:file_id], Fasp::TransferSpec::DIRECTION_SEND)
+            Log.dump(:ts, transfer_spec)
+            sync_plugin = Plugins::Sync.new(@agents, transfer_spec: transfer_spec)
+            return sync_plugin.execute_action
           when :upload
-            apifid = resolve_api_fid(top_file_id,transfer.destination_folder(Fasp::TransferSpec::DIRECTION_SEND))
-            add_ts = {'tags' => {'aspera' => {'files' => {'parentCwd' => "#{apifid[:node_info]['id']}:#{apifid[:file_id]}"}}}}
-            return Main.result_transfer(transfer_start(AoC::FILES_APP,Fasp::TransferSpec::DIRECTION_SEND,apifid,add_ts))
+            apifid = @api_node.resolve_api_fid(top_file_id, transfer.destination_folder(Fasp::TransferSpec::DIRECTION_SEND))
+            return Main.result_transfer(transfer.start(apifid[:api].transfer_spec_gen4(apifid[:file_id], Fasp::TransferSpec::DIRECTION_SEND)))
           when :download
             source_paths = transfer.ts_source_paths
             # special case for AoC : all files must be in same folder
             source_folder = source_paths.shift['source']
             # if a single file: split into folder and path
+            apifid = @api_node.resolve_api_fid(top_file_id, source_folder)
             if source_paths.empty?
-              source_folder = source_folder.split(AoC::PATH_SEPARATOR)
-              source_paths = [{'source' => source_folder.pop}]
-              source_folder = source_folder.join(AoC::PATH_SEPARATOR)
+              file_info = apifid[:api].read("files/#{apifid[:file_id]}")[:data]
+              case file_info['type']
+              when 'file'
+                # if the single source is a file, we need to split into folder path and filename
+                src_dir_elements = source_folder.split(Aspera::Node::PATH_SEPARATOR)
+                # filename is the last one
+                source_paths = [{'source' => src_dir_elements.pop}]
+                # source folder is what remains
+                source_folder = src_dir_elements.join(Aspera::Node::PATH_SEPARATOR)
+                # TODO: instead of creating a new object, use the same, and change file id with parent folder id ? possible ?
+                apifid = @api_node.resolve_api_fid(top_file_id, source_folder)
+              when 'link', 'folder'
+                # single source is 'folder' or 'link'
+                # TODO: add this ? , 'destination'=>file_info['name']
+                source_paths = [{'source' => '.'}]
+              else
+                raise "Unknown source type: #{file_info['type']}"
+              end
             end
-            apifid = resolve_api_fid(top_file_id,source_folder)
-            # override paths with just filename
-            add_ts = {'tags' => {'aspera' => {'files' => {'parentCwd' => "#{apifid[:node_info]['id']}:#{apifid[:file_id]}"}}}}
-            add_ts['paths'] = source_paths
-            return Main.result_transfer(transfer_start(AoC::FILES_APP,Fasp::TransferSpec::DIRECTION_RECEIVE,apifid,add_ts))
+            return Main.result_transfer(transfer.start(apifid[:api].transfer_spec_gen4(apifid[:file_id], Fasp::TransferSpec::DIRECTION_RECEIVE, {'paths'=>source_paths})))
           when :http_node_download
             source_paths = transfer.ts_source_paths
             source_folder = source_paths.shift['source']
             if source_paths.empty?
-              source_folder = source_folder.split(AoC::PATH_SEPARATOR)
+              source_folder = source_folder.split(Aspera::Node::PATH_SEPARATOR)
               source_paths = [{'source' => source_folder.pop}]
-              source_folder = source_folder.join(AoC::PATH_SEPARATOR)
+              source_folder = source_folder.join(Aspera::Node::PATH_SEPARATOR)
             end
-            raise CliBadArgument,'one file at a time only in HTTP mode' if source_paths.length > 1
+            raise CliBadArgument, 'one file at a time only in HTTP mode' if source_paths.length > 1
             file_name = source_paths.first['source']
-            apifid = resolve_api_fid(top_file_id,File.join(source_folder,file_name))
+            apifid = @api_node.resolve_api_fid(top_file_id, File.join(source_folder, file_name))
             apifid[:api].call(
               operation: 'GET',
               subpath: "files/#{apifid[:file_id]}/content",
-              save_to_file: File.join(transfer.destination_folder(Fasp::TransferSpec::DIRECTION_RECEIVE),file_name))
+              save_to_file: File.join(transfer.destination_folder(Fasp::TransferSpec::DIRECTION_RECEIVE), file_name))
             return Main.result_status("downloaded: #{file_name}")
-          when :permission
-            command_perm = options.get_next_command(%i[list create])
-            case command_perm
-            when :list
-              # generic options : TODO: as arg ? option_url_query
-              list_options ||= {'include' => ['[]','access_level','permission_count']}
-              # special value: ALL will show all permissions
-              if !VAL_ALL.eql?(apifid[:file_id])
-                # add which one to get
-                list_options['file_id'] = apifid[:file_id]
-                list_options['inherited'] ||= false
-              end
-              items = apifid[:api].read('permissions',list_options)[:data]
-              return {type: :object_list,data: items}
-            when :create
-              #create_param=self.options.get_next_argument('creation data (Hash)')
-              set_workspace_info
-              access_id = "#{ID_AK_ADMIN}_WS_#{@workspace_id}"
-              apifid[:node_info]
-              params = {
-                'file_id'       => apifid[:file_id], # mandatory
-                'access_type'   => 'user', # mandatory: user or group
-                'access_id'     => access_id, # id of user or group
-                'access_levels' => Aspera::Node::ACCESS_LEVELS,
-                'tags'          => {'aspera' => {'files' => {'workspace' => {
-                  'id'                => @workspace_id,
-                  'workspace_name'    => @workspace_name,
-                  'user_name'         => aoc_api.user_info['name'],
-                  'shared_by_user_id' => aoc_api.user_info['id'],
-                  'shared_by_name'    => aoc_api.user_info['name'],
-                  'shared_by_email'   => aoc_api.user_info['email'],
-                  'shared_with_name'  => access_id,
-                  'access_key'        => apifid[:node_info]['access_key'],
-                  'node'              => apifid[:node_info]['name']}}}}}
-              item = apifid[:api].create('permissions',params)[:data]
-              return {type: :single_object,data: item}
-            else raise "internal error:shall not reach here (#{command_perm})"
-            end
           when :file
-            command_node_file = options.get_next_command(%i[show modify])
-            file_path = options.get_option(:path)
-            apifid =
-              if !file_path.nil?
-                resolve_api_fid(top_file_id,file_path) # TODO: allow follow link ?
-              else
-                {node_info: top_file_id[:node_info],file_id: instance_identifier}
-              end
-            case command_node_file
-            when :show
-              items = apifid[:api].read("files/#{apifid[:file_id]}")[:data]
-              return {type: :single_object,data: items}
-            when :modify
-              update_param = options.get_next_argument('update data (Hash)')
-              res = apifid[:api].update("files/#{apifid[:file_id]}",update_param)[:data]
-              return {type: :single_object,data: res}
-            else raise "internal error:shall not reach here (#{command_node_file})"
-            end
+            command_node_file = options.get_next_command(%i[show modify permission])
+            return execute_node_gen4_file_command(command_node_file, top_file_id)
+          else raise "INTERNAL ERROR: no case for #{command_repo}"
           end # command_repo
-          raise 'ERR'
-        end # execute_node_gen4_command
+          # raise 'INTERNAL ERROR: missing return'
+        end # execute_command_gen4
+        # This is older API
         def execute_async
           command = options.get_next_command(%i[list delete files show counters bandwidth])
           unless command.eql?(:list)
@@ -441,7 +525,7 @@ module Aspera
               end
             else
               asyncids = @api_node.read('async/list')[:data]['sync_ids']
-              summaries = @api_node.create('async/summary',{'syncs' => asyncids})[:data]['sync_summaries']
+              summaries = @api_node.create('async/summary', {'syncs' => asyncids})[:data]['sync_summaries']
               selected = summaries.find{|s|s['name'].eql?(asyncname)}
               raise "no such sync: #{asyncname}" if selected.nil?
               asyncid = selected['snid']
@@ -454,16 +538,16 @@ module Aspera
             resp = @api_node.read('async/list')[:data]['sync_ids']
             return { type: :value_list, data: resp, name: 'id' }
           when :show
-            resp = @api_node.create('async/summary',pdata)[:data]['sync_summaries']
+            resp = @api_node.create('async/summary', pdata)[:data]['sync_summaries']
             return Main.result_empty if resp.empty?
             return { type: :object_list, data: resp, fields: %w[snid name local_dir remote_dir] } if asyncid.eql?('ALL')
             return { type: :single_object, data: resp.first }
           when :delete
-            resp = @api_node.create('async/delete',pdata)[:data]
+            resp = @api_node.create('async/delete', pdata)[:data]
             return { type: :single_object, data: resp, name: 'id' }
           when :bandwidth
             pdata['seconds'] = 100 # TODO: as parameter with --value
-            resp = @api_node.create('async/bandwidth',pdata)[:data]
+            resp = @api_node.create('async/bandwidth', pdata)[:data]
             data = resp['bandwidth_data']
             return Main.result_empty if data.empty?
             data = data.first[asyncid]['data']
@@ -475,19 +559,19 @@ module Aspera
             # status int
             filter = options.get_option(:value)
             pdata.merge!(filter) unless filter.nil?
-            resp = @api_node.create('async/files',pdata)[:data]
+            resp = @api_node.create('async/files', pdata)[:data]
             data = resp['sync_files']
             data = data.first[asyncid] unless data.empty?
             iteration_data = []
             skip_ids_persistency = nil
-            if options.get_option(:once_only,is_type: :mandatory)
+            if options.get_option(:once_only, is_type: :mandatory)
               skip_ids_persistency = PersistencyActionOnce.new(
                 manager: @agents[:persistency],
                 data:    iteration_data,
                 id:      IdGenerator.from_list([
                   'sync_files',
-                  options.get_option(:url,is_type: :mandatory),
-                  options.get_option(:username,is_type: :mandatory),
+                  options.get_option(:url, is_type: :mandatory),
+                  options.get_option(:username, is_type: :mandatory),
                   asyncid]))
               unless iteration_data.first.nil?
                 data.select!{|l| l['fnid'].to_i > iteration_data.first}
@@ -498,27 +582,50 @@ module Aspera
             skip_ids_persistency&.save
             return { type: :object_list, data: data, name: 'id' }
           when :counters
-            resp = @api_node.create('async/counters',pdata)[:data]['sync_counters'].first[asyncid].last
+            resp = @api_node.create('async/counters', pdata)[:data]['sync_counters'].first[asyncid].last
             return Main.result_empty if resp.nil?
             return { type: :single_object, data: resp }
           end
         end
-        ACTIONS = %i[postprocess stream transfer cleanup forward access_key watch_folder service async central asperabrowser basic_token].concat(COMMON_ACTIONS).freeze
+        ACTIONS = %i[
+          async
+          sync
+          stream
+          transfer
+          service
+          watch_folder
+          central
+          asperabrowser
+          basic_token].concat(COMMON_ACTIONS).freeze
-        def execute_action(command=nil,prefix_path=nil)
+        def execute_action(command=nil, prefix_path=nil)
           command ||= options.get_next_command(ACTIONS)
           case command
-          when *COMMON_ACTIONS then return execute_simple_common(command,prefix_path)
+          when *COMMON_ACTIONS then return execute_simple_common(command, prefix_path)
           when :async then return execute_async
+          when :sync
+            # newer api
+            sync_command = options.get_next_command(%i[bandwidth counters files start state stop summary].concat(Plugin::ALL_OPS) - %i[modify])
+            case sync_command
+            when *Plugin::ALL_OPS then return entity_command(sync_command, @api_node, 'asyncs', item_list_key: 'ids')
+            else
+              parameters = options.get_option(:value)
+              asyncs_id = instance_identifier
+              if %i[start stop].include?(sync_command)
+                @api_node.create("asyncs/#{asyncs_id}/#{sync_command}", parameters)
+                return Main.result_status('ok')
+              end
+              return { type: :single_object, data: @api_node.read("asyncs/#{asyncs_id}/#{sync_command}", parameters)[:data] }
+            end
           when :stream
             command = options.get_next_command(%i[list create show modify cancel])
             case command
             when :list
-              resp = @api_node.read('ops/transfers',options.get_option(:value))
+              resp = @api_node.read('ops/transfers', options.get_option(:value))
               return { type: :object_list, data: resp[:data], fields: %w[id status] } # TODO: useful?
             when :create
-              resp = @api_node.create('streams',options.get_option(:value,is_type: :mandatory))
+              resp = @api_node.create('streams', options.get_option(:value, is_type: :mandatory))
               return { type: :single_object, data: resp[:data] }
             when :show
               trid = options.get_next_argument('transfer id')
@@ -526,7 +633,7 @@ module Aspera
               return { type: :other_struct, data: resp[:data] }
             when :modify
               trid = options.get_next_argument('transfer id')
-              resp = @api_node.update('streams/' + trid,options.get_option(:value,is_type: :mandatory))
+              resp = @api_node.update('streams/' + trid, options.get_option(:value, is_type: :mandatory))
               return { type: :other_struct, data: resp[:data] }
             when :cancel
               trid = options.get_next_argument('transfer id')
@@ -545,7 +652,9 @@ module Aspera
             case command
             when :list
               # could use ? subpath: 'transfers'
-              resp = @api_node.read(res_class_path,options.get_option(:value))
+              query = options.get_option(:value) || options.get_option(:query)
+              raise 'Query must be a Hash' unless query.nil? || query.is_a?(Hash)
+              resp = @api_node.read(res_class_path, query)
               return {
                 type:   :object_list,
                 data:   resp[:data],
@@ -560,22 +669,6 @@ module Aspera
             else
               raise 'error'
             end
-          when :access_key
-            ak_command = options.get_next_command([Plugin::ALL_OPS,:do].flatten)
-            case ak_command
-            when *Plugin::ALL_OPS then return entity_command(ak_command,@api_node,'access_keys',id_default: 'self')
-            when :do
-              access_key = options.get_next_argument('access key id')
-              ak_info=@api_node.read("access_keys/#{access_key}")[:data]
-              # change API if needed
-              if !access_key.eql?('self')
-                secret=config.vault.get(username: access_key)[:secret] #, url: @api_node.params[:base_url] : TODO: better handle vault
-                @api_node.params[:auth][:username]=access_key
-                @api_node.params[:auth][:password]=secret
-              end
-              command_repo = options.get_next_command(NODE4_COMMANDS)
-              return execute_node_gen4_command(command_repo,ak_info['root_file_id'])
-            end
           when :service
             command = options.get_next_command(%i[list create delete])
             if [:delete].include?(command)
@@ -588,7 +681,7 @@ module Aspera
             when :create
               # @json:'{"type":"WATCHFOLDERD","run_as":{"user":"user1"}}'
               params = options.get_next_argument('Run creation data (structure)')
-              resp = @api_node.create('rund/services',params)
+              resp = @api_node.create('rund/services', params)
               return Main.result_status("#{resp[:data]['id']} created")
             when :delete
               @api_node.delete("rund/services/#{svcid}")
@@ -606,15 +699,15 @@ module Aspera
             @api_node.params[:headers]['X-aspera-WF-version'] = '2017_10_23'
             case command
             when :create
-              resp = @api_node.create(res_class_path,options.get_option(:value,is_type: :mandatory))
+              resp = @api_node.create(res_class_path, options.get_option(:value, is_type: :mandatory))
               return Main.result_status("#{resp[:data]['id']} created")
             when :list
-              resp = @api_node.read(res_class_path,options.get_option(:value))
+              resp = @api_node.read(res_class_path, options.get_option(:value))
               return { type: :value_list, data: resp[:data]['ids'], name: 'id' }
             when :show
               return { type: :single_object, data: @api_node.read(one_res_path)[:data]}
             when :modify
-              @api_node.update(one_res_path,options.get_option(:value,is_type: :mandatory))
+              @api_node.update(one_res_path, options.get_option(:value, is_type: :mandatory))
               return Main.result_status("#{one_res_id} updated")
             when :delete
               @api_node.delete(one_res_path)
@@ -634,37 +727,40 @@ module Aspera
               case command
               when :list
                 request_data.deep_merge!({'validation' => validation}) unless validation.nil?
-                resp = @api_node.create('services/rest/transfers/v1/sessions',request_data)
-                return { type: :object_list, data: resp[:data]['session_info_result']['session_info'],
-fields: %w[session_uuid status transport direction bytes_transferred]}
+                resp = @api_node.create('services/rest/transfers/v1/sessions', request_data)
+                return {
+                  type:   :object_list,
+                  data:   resp[:data]['session_info_result']['session_info'],
+                  fields: %w[session_uuid status transport direction bytes_transferred]
+                }
               end
             when :file
               command = options.get_next_command(%i[list modify])
               case command
               when :list
                 request_data.deep_merge!({'validation' => validation}) unless validation.nil?
-                resp = @api_node.create('services/rest/transfers/v1/files',request_data)[:data]
+                resp = @api_node.create('services/rest/transfers/v1/files', request_data)[:data]
                 resp = JSON.parse(resp) if resp.is_a?(String)
-                Log.dump(:resp,resp)
+                Log.dump(:resp, resp)
                 return { type: :object_list, data: resp['file_transfer_info_result']['file_transfer_info'], fields: %w[session_uuid file_id status path]}
               when :modify
                 request_data.deep_merge!(validation) unless validation.nil?
-                @api_node.update('services/rest/transfers/v1/files',request_data)
+                @api_node.update('services/rest/transfers/v1/files', request_data)
                 return Main.result_status('updated')
               end
             end
           when :asperabrowser
             browse_params = {
-              'nodeUser' => options.get_option(:username,is_type: :mandatory),
-              'nodePW'   => options.get_option(:password,is_type: :mandatory),
-              'nodeURL'  => options.get_option(:url,is_type: :mandatory)
+              'nodeUser' => options.get_option(:username, is_type: :mandatory),
+              'nodePW'   => options.get_option(:password, is_type: :mandatory),
+              'nodeURL'  => options.get_option(:url, is_type: :mandatory)
             }
             # encode parameters so that it looks good in url
             encoded_params = Base64.strict_encode64(Zlib::Deflate.deflate(JSON.generate(browse_params))).gsub(/=+$/, '').tr('+/', '-_').reverse
             OpenApplication.instance.uri(options.get_option(:asperabrowserurl) + '?goto=' + encoded_params)
             return Main.result_status('done')
           when :basic_token
-            return Main.result_status(Rest.basic_creds(options.get_option(:username,is_type: :mandatory),options.get_option(:password,is_type: :mandatory)))
+            return Main.result_status(Rest.basic_creds(options.get_option(:username, is_type: :mandatory), options.get_option(:password, is_type: :mandatory)))
           end # case command
           raise 'ERROR: shall not reach this line'
         end # execute_action