blix-rest 0.9.3 → 0.11.2

data/lib/blix/rest/cache.rb

@@ -48,32 +48,4 @@ module Blix::Rest
 
   end
 
-  # implement cache as a simple ruby hash
-  class MemoryCache < Cache
-
-    def cache
-      @cache ||= {}
-    end
-
-    def get(key)
-      cache[key]
-    end
-
-    def set(key, data)
-      cache[key] = data
-    end
-
-    def clear
-      cache.clear
-    end
-
-    def key?(key)
-      cache.key?(key)
-    end
-
-    def delete(key)
-      cache.delete(key)
-    end
-
-  end
-end
+end

data/lib/blix/rest/controller.rb

@@ -29,7 +29,8 @@ module Blix::Rest
     :format,
     :response,
     :method,
-    :server
+    :server,
+    :response_options          # can be set during a call.
   )
 
   class Controller
@@ -76,11 +77,16 @@ module Blix::Rest
     end
 
     def body
-      @_body ||= env['rack.input'].read
-      #      env['rack.input'].rewindreq.POST #env["body"]
+      @_body ||= begin
+        if env['rack.input']
+          env['rack.input'].read
+        else
+          ''
+        end
+      end
     end
 
-    # ovverride the path method to return the internal path.
+    # override the path method to return the internal path.
     def path
       p = CGI.unescape(req.path)
       p = '/' + p if p[0, 1] != '/' # ensure a leading slash on path
@@ -241,6 +247,35 @@ module Blix::Rest
       [login, password]
     end
 
+    def throttle_basic_auth(realm=nil, options={})
+      login, password = get_basic_auth(realm)
+      # check that the waiting time has expired
+      info       = self.class.basic_store.get_hash(login) || {}
+      fail_count = info['fail_count'].to_i
+      if fail_count > 3
+        now       = Time.now
+        fail_time = info['fail_time']
+        delta     = 60                             # one minute
+        delta     = 60*10      if fail_count > 10  # 10 minutes
+        delta     = 60*60*24   if fail_count > 100 # one day
+        if (fail_time + delta) > now
+          raise Blix::Rest::AuthorizationError.new("try again after #{(fail_time + delta)}", realm)
+        end
+      end
+      if yield(login,password)
+        # auth success - set error count to 0
+        info['fail_count'] = 0
+        self.class.basic_store.store_hash(login, info)
+        true
+      else
+        # auth failure - increment error count / set error time
+        info['fail_count'] = fail_count + 1
+        info['fail_time']  = Time.now
+        self.class.basic_store.store_hash(login, info)
+        raise Blix::Rest::AuthorizationError.new("invalid login or password", realm)
+      end
+    end
+
     # set the cors headers
     def set_accept_cors(opts={})
       origin  = opts[:origin] || env['HTTP_ORIGIN'] || '*'
@@ -269,6 +304,11 @@ module Blix::Rest
       @_response.status = value.to_i
     end
 
+    def set_options(value)
+      @_context.response_options ||= {}
+      @_context.response_options.merge!(value)
+    end
+
     def add_headers(headers)
       @_response.headers.merge!(headers.map{|k,v| [k.to_s.downcase,v]}.to_h)
     end
@@ -371,6 +411,57 @@ module Blix::Rest
       value
     end
 
+    # only allow so many exceptions in a given time.
+    # the delay applies to
+    #   - 3x failure
+    #   - 10x failure
+    #   - 100x failure
+
+    # options:
+    #  :prefix    # the prefix to use in the cache
+    #  :cache     # a cache object  ( server_cache )
+    #  :times     # array of delays in seconds to apply default: [60, 600, 86400]
+    #
+    def rate_limit(name, options = {})
+      # check that the waiting time has expired
+      cache      = options[:cache]  || server_cache()
+      prefix     = options[:prefix] || 'rlimit'
+      key        = "#{prefix}|#{name}"
+      info       = cache.get(key) || {}
+      fail_count = info['fc'].to_i
+      times      = options[:times] || []
+      if fail_count > 2
+        now       = Time.now
+        fail_time = info['ft']
+        delta     = times[0] || 60                               # one minute
+        delta     = times[1] || 60 * 10      if fail_count > 10  # 10 minutes
+        delta     = times[2] || 60 * 60 * 24 if fail_count > 100 # one day
+        ltime     = fail_time + delta
+        if ltime > now
+          raise RateError, ltime.to_s
+        end
+      end
+      exception = nil
+      result = begin
+                yield(key)
+               rescue Exception => e
+                 exception = e
+                 nil
+              end
+      if exception
+        # auth failure - increment error count / set error time
+        info['fc'] = fail_count + 1
+        info['ft']  = Time.now
+        cache.set(key, info)
+        raise exception
+      else
+        # auth success - set error count to 0
+        info['fc'] = 0
+        cache.set(key, info)
+        result
+      end
+    end
+
     # manage session handling --------------------------------------------------
     # setup the session and retrieve the session_id
     # this id can be used to retrieve and data associated

data/lib/blix/rest/memory_cache.rb

@@ -0,0 +1,30 @@
+module Blix::Rest
+  # implement cache as a simple ruby hash
+  class MemoryCache < Cache
+
+    def cache
+      @cache ||= {}
+    end
+
+    def get(key)
+      cache[key]
+    end
+
+    def set(key, data)
+      cache[key] = data
+    end
+
+    def clear
+      cache.clear
+    end
+
+    def key?(key)
+      cache.key?(key)
+    end
+
+    def delete(key)
+      cache.delete(key)
+    end
+
+  end
+end

data/lib/blix/rest/request_mapper.rb

@@ -14,8 +14,9 @@ module Blix::Rest
     PATH_SEP         = '/'
     STAR_PLACEHOLDER = '*'
 
-    # the
-
+    # the TableNode class is used to build a tree structure to
+    # represent the routes.
+    #
     class TableNode
 
       attr_accessor :blk
@@ -27,19 +28,7 @@ module Blix::Rest
 
       def initialize(name)
         @children = {}
-        if name[0, 1] == ':'
-          @parameter = name[1..-1].to_sym
-          @value     = WILD_PLACEHOLDER
-        elsif name[0, 1] == '*'
-          @parameter = if name[1..-1].empty?
-                         :wildpath
-                       else
-                         name[1..-1].to_sym
-                       end
-          @value = STAR_PLACEHOLDER
-        else
-          @value = name
-        end
+        @value, @parameter = parse_name(name)
         @extract_format = true
       end
 
@@ -51,6 +40,19 @@ module Blix::Rest
         @children[k] = v
       end
 
+      private
+
+      def parse_name(name)
+        case name[0]
+        when ':'
+          [WILD_PLACEHOLDER, name[1..].to_sym]
+        when '*'
+          [STAR_PLACEHOLDER, name[1..].empty? ? :wildpath : name[1..].to_sym]
+        else
+          [name, nil]
+        end
+      end
+
     end
 
     class << self
@@ -58,18 +60,20 @@ module Blix::Rest
       # the root always starts with '/' and finishes with '/'
       def set_path_root(root)
         root = root.to_s
-        root = '/' + root if root[0, 1] != '/'
-        root += '/' if root[-1, 1] != '/'
+        root = '/' + root unless root.start_with?('/')
+        root += '/' unless root.end_with?('/')
         @path_root = root
         @path_root_length = @path_root.length - 1
       end
 
+      # if the path_root has not been set then return '/'
       def path_root
         @path_root || '/'
       end
 
+      # return 0 if the path_root has not been set   
       def path_root_length
-        @path_root_length.to_i
+        @path_root_length || 0
       end
 
       def full_path(path)
@@ -91,7 +95,7 @@ module Blix::Rest
 
       def table
         # compile the table in one thread only.
-        @table ||= @@mutex.synchronize{@table ||= compile}
+        @table || @@mutex.synchronize{@table ||= compile}
       end
 
       def dump
@@ -325,21 +329,25 @@ module Blix::Rest
         end
         str
       end
-
     end
 
   end # RequestMapper
 
-  def self.set_path_root(*args)
-    RequestMapper.set_path_root(*args)
-  end
+  class << self
 
-  def self.path_root
-    RequestMapper.path_root
-  end
 
-  def self.full_path(path)
-    RequestMapper.full_path(path)
+    def set_path_root(*args)
+      RequestMapper.set_path_root(*args)
+    end
+
+    def path_root
+      RequestMapper.path_root
+    end
+
+    def full_path(path)
+      RequestMapper.full_path(path)
+    end
+
   end
 
   RequestMapper.set_path_root(ENV['BLIX_REST_ROOT']) if ENV['BLIX_REST_ROOT']

data/lib/blix/rest/response.rb

@@ -1,6 +1,10 @@
 # pass a response object to the controller to set
 # header status and content.
 
+unless defined?(Rack::Headers)
+  class Rack::Headers < Hash; end
+end
+
 module Blix::Rest
 
 
@@ -22,5 +26,11 @@ module Blix::Rest
       @headers.merge!(headers) if headers
     end
 
+    def set_options(options={})
+      @status = options[:status].to_i if options[:status]
+      @headers.merge!(options[:headers]) if options[:headers]
+      @headers['content-type'] = options[:content_type] if options[:content_type]
+    end
+
   end
 end

data/lib/blix/rest/server.rb

@@ -3,18 +3,11 @@
 module Blix::Rest
   class Server
 
-    def initialize(opts = {})
+    def initialize(options = {})
       @_parsers = {}
       @_mime_types = {}
-
-      # register the default parsers and any passed in as options.
-
-      register_parser('html', HtmlFormatParser.new)
-      register_parser('json', JsonFormatParser.new)
-      register_parser('xml', XmlFormatParser.new)
-      register_parser('raw', RawFormatParser.new)
-      extract_parsers_from_options(opts)
-      @_options = opts
+      @_options = options
+      setup_parsers(options)
     end
 
     # options passed to the server
@@ -22,7 +15,6 @@ module Blix::Rest
       @_options
     end
 
-
     # the object serving as a cache
     def _cache
       @_cache ||= begin
@@ -36,16 +28,15 @@ module Blix::Rest
       end
     end
 
-    def extract_parsers_from_options(opts)
-      opts.each do |k, v|
-        next unless k =~ /^(\w*)_parser&/
+    def extract_parsers_from_options(options)
+      options.each do |k, v|
+        next unless k =~ /^(\w*)_parser$/
 
         format = Regexp.last_match(1)
         parser = v
         register_parser(format, parser)
       end
     end
-
     def set_custom_headers(format, headers)
       parser = get_parser(format)
       raise "parser not found for custom headers format=>#{format}" unless parser
@@ -61,7 +52,7 @@ module Blix::Rest
     end
 
     def register_parser(format, parser)
-      raise "#{k} must be an object with parent class Blix::Rest::FormatParser" unless parser.is_a?(FormatParser)
+      raise "#{format} must be an object with parent class Blix::Rest::FormatParser" unless parser.is_a?(FormatParser)
 
       parser._format = format
       @_parsers[format.to_s.downcase] = parser
@@ -71,7 +62,7 @@ module Blix::Rest
     # retrieve parameters from the http request
     def retrieve_params(env)
       post_params = {}
-      body        = ''
+      body = ''
       params = env['params'] || {}
       params.merge!(::Rack::Utils.parse_nested_query(env['QUERY_STRING']))
 
@@ -85,19 +76,15 @@ module Blix::Rest
             post_params = {}
           else
             begin
-              post_params = case (env['CONTENT_TYPE'])
+              post_params = case env['CONTENT_TYPE']
                             when URL_ENCODED
                               ::Rack::Utils.parse_nested_query(body)
-                            when JSON_ENCODED then
+                            when JSON_ENCODED
                               json = MultiJson.load(body)
-                              if json.is_a?(Hash)
-                                json
-                              else
-                                { '_json' => json }
-                              end
+                              json.is_a?(Hash) ? json : { '_json' => json }
                             else
                               {}
-              end
+                            end
             rescue StandardError => e
               raise BadRequestError, "Invalid parameters: #{e.class}"
             end
@@ -124,13 +111,22 @@ module Blix::Rest
       case mime
       when 'application/json' then :json
       when 'text/html' then :html
-      when 'application/xml'  then :xml
+      when 'application/xml' then :xml
       when 'application/xhtml+xml' then :xhtml
       when '*/*' then :*
       end
     end
 
-    # attempt to handle mjltiple accept formats here..
+    def setup_parsers(options)
+      # Register default parsers
+      register_parser('html', HtmlFormatParser.new)
+      register_parser('json', JsonFormatParser.new)
+      register_parser('xml', XmlFormatParser.new)
+      register_parser('raw', RawFormatParser.new)
+      extract_parsers_from_options(options)
+    end
+
+    # attempt to handle multiple accept formats here..
     # mime can include '.../*' and '*/*'
     # FIXME
     def get_format_new(env, options)
@@ -156,28 +152,25 @@ module Blix::Rest
 
     # the call function is the interface with the rack framework
     def call(env)
+      t1 = Time.now
       req = Rack::Request.new(env)
 
-      verb  = env['REQUEST_METHOD']
-      path  = req.path
-      path  = CGI.unescape(path) unless _options[:unescape] == false
+      verb = env['REQUEST_METHOD']
+      path = req.path
+      path = CGI.unescape(path) unless _options[:unescape] == false
 
       blk, path_params, options, is_wild = RequestMapper.match(verb, path)
 
       match_all = RequestMapper.match('ALL', path) unless blk && !is_wild
-      blk, path_params, options = match_all if match_all && match_all[0] # override
-
+      blk, path_params, options = match_all if match_all && match_all[0]
 
       default_format = options && options[:default] && options[:default].to_sym
-      force_format = options && options[:force] && options[:force].to_sym
-      do_cache     = options && options[:cache] && !Blix::Rest.cache_disabled
-      clear_cache  = options && options[:cache_reset]
-
-      query_format = options && options[:query] && req.GET['format'] && req.GET['format'].to_sym
-
-      format = query_format || path_params[:format] || get_format_new(env, options) || default_format || :json
-
-      parser = get_parser(force_format || format)
+      force_format   = options && options[:force] && options[:force].to_sym
+      do_cache       = options && options[:cache] && !Blix::Rest.cache_disabled
+      clear_cache    = options && options[:cache_reset]
+      query_format   = options && options[:query] && req.GET['format'] && req.GET['format'].to_sym
+      format         = query_format || path_params[:format] || get_format_new(env, options) || default_format || :json
+      parser         = get_parser(force_format || format)
 
       unless parser
         if blk
@@ -189,54 +182,59 @@ module Blix::Rest
 
       parser._options = options
 
-      # check for cached response end return with cached response if found.
-      #
-      if do_cache && ( response = _cache["#{verb}|#{format}|#{path}"] )
+      # check for cached response and return with cached response if found.
+      if do_cache && (response = _cache["#{verb}|#{format}|#{path}"])
         return [response.status, response.headers.merge('x-blix-cache' => 'cached'), response.content]
       end
 
       response = Response.new
 
       if blk
-
         begin
           params = env['params']
           context = Context.new(path_params, params, req, format, response, verb, self)
-          value  = blk.call(context)
+          value   = blk.call(context)
+          response_options = context.response_options || {}
         rescue ServiceError => e
-          set_default_headers(parser,response)
+          set_default_headers(parser, response)
           response.set(e.status, parser.format_error(e.message), e.headers)
+          logger << e.message if $VERBOSE
         rescue RawResponse => e
           value = e.content
-          value = [value.to_s] unless value.respond_to?(:each) ||  value.respond_to?(:call)
-          response.status  = e.status if e.status
+          value = [value.to_s] unless value.respond_to?(:each) || value.respond_to?(:call)
+          response.status = e.status if e.status
           response.content = value
           response.headers.merge!(e.headers) if e.headers
         rescue AuthorizationError => e
-          set_default_headers(parser,response)
+          set_default_headers(parser, response)
           response.set(401, parser.format_error(e.message), AUTH_HEADER => "#{e.type} realm=\"#{e.realm}\", charset=\"UTF-8\"")
         rescue Exception => e
-          set_default_headers(parser,response)
+          set_default_headers(parser, response)
           response.set(500, parser.format_error('internal error'))
-          ::Blix::Rest.logger <<  "----------------------------\n#{$!}\n----------------------------"
-          ::Blix::Rest.logger <<  "----------------------------\n#{$@}\n----------------------------"
+          logger << e.message
+          logger << e.backtrace.join("\n")
         else # no error
-          set_default_headers(parser,response)
-          parser.format_response(value, response)
+          response.set_options(response_options)
+          if response_options[:raw]
+            response.content = value
+          else
+            set_default_headers(parser, response)
+            parser.format_response(value, response)
+          end
           # cache response if requested
           _cache.clear if clear_cache
           _cache["#{verb}|#{format}|#{path}"] = response if do_cache
         end
-
       else
-        set_default_headers(parser,response)
+        set_default_headers(parser, response)
         response.set(404, parser.format_error('Invalid Url'))
       end
 
+      logger << "#{verb} #{path} total time=#{((Time.now - t1) * 1000).round(2)}ms" if $VERBOSE
       [response.status.to_i, response.headers, response.content]
     end
 
-    def set_default_headers(parser,response)
+    def set_default_headers(parser, response)
       if parser.__custom_headers
         response.headers.merge! parser.__custom_headers
       else
@@ -244,5 +242,10 @@ module Blix::Rest
       end
     end
 
+    private
+
+    def logger
+      Blix::Rest.logger
+    end
   end
 end

data/lib/blix/rest/session.rb

@@ -26,6 +26,11 @@ module Blix::Rest
       self.class.get_session_manager
     end
 
+    def session_skip_update
+      @__session_id = nil
+    end
+
+
     def session_name
       self.class.get_session_name
     end
@@ -67,9 +72,9 @@ module Blix::Rest
           end
       end
 
-      if opts[:csrf]
-        if env["HTTP_X_CSRF_TOKEN"] != csrf_token
-          send_error("invalid csrf token")
+      if opts[:csrf] && (ENV['RACK_ENV']!='test')
+        if env["HTTP_X_CSRF_TOKEN"] != csrf_token 
+          send_error("error [0100]")
         end
       end
 

data/lib/blix/rest/version.rb

@@ -1,5 +1,5 @@
 module Blix
   module Rest
-    VERSION = "0.9.3"
+    VERSION = "0.11.2"
   end
 end

data/lib/blix/rest.rb

@@ -33,6 +33,10 @@ module Blix
       @_environment ||= ENV['RACK_ENV'] || 'development'
     end
 
+    def self.init
+      RequestMapper.table  # compile the table
+    end
+
     def self.environment?(val)
       environment == val.to_s
     end
@@ -127,6 +131,8 @@ module Blix
         @type = type || 'Basic'
       end
     end
+
+    class RateError < StandardError; end
   end
 end
 
@@ -154,6 +160,7 @@ require 'blix/rest/response'
 require 'blix/rest/format_parser'
 require 'blix/rest/request_mapper'
 require 'blix/rest/cache'
+require 'blix/rest/memory_cache'
 require 'blix/rest/server'
 require 'blix/rest/route'
 require 'blix/rest/controller'

data/lib/blix/utils/misc.rb

@@ -7,6 +7,45 @@ module Blix
      Dir.glob("#{path}/*.rb").each {|file| require File.expand_path(file)[0..-4] }
   end
 
+  def self.klass_to_name(klass)
+     return unless klass
+     klass = klass.to_s.split('::')[-1]
+     klass.gsub(/([a-z]+)([A-Z]+)/){"#{$1}_#{$2}"}.downcase
+   end
+
+   def self.name_to_klass(name)
+     construct_klass(name)
+   end
+
+   # construct a klass from a name
+   def self.construct_klass(name)
+     name && name.to_s.downcase.split('_').map(&:capitalize).join
+   end
+
+   def self.construct_singular(name)
+     name && name.to_s.sub(/s$/,'')
+   end
+
+   def self.construct_plural(name)
+     name && name.plural
+   end
+
+   def self.camelcase(str)
+     downcase_front(construct_klass(str))
+   end
+
+   def self.downcase_front(str)
+     str[0, 1].downcase + str[1..-1]
+   end
+
+   def self.underscore(str)
+     str.gsub(/::/, '/')
+        .gsub(/([A-Z]+)([A-Z][a-z])/, '\1_\2')
+        .gsub(/([a-z\d])([A-Z])/, '\1_\2')
+        .tr('-', '_')
+        .downcase
+   end
+
 
 
   # filter the hash using the supplied filter