bosh-director 1.2999.0 → 1.3000.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/lib/bosh/director.rb +1 -0
  3. data/lib/bosh/director/api/controllers/releases_controller.rb +15 -0
  4. data/lib/bosh/director/api/extensions/scoping.rb +3 -3
  5. data/lib/bosh/director/api/local_identity_provider.rb +19 -3
  6. data/lib/bosh/director/api/release_manager.rb +8 -0
  7. data/lib/bosh/director/api/uaa_identity_provider.rb +27 -15
  8. data/lib/bosh/director/jobs/export_release.rb +26 -0
  9. data/lib/bosh/director/version.rb +1 -1
  10. metadata +22 -21
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 314dd17fbbb059aaaae50d56efba07c3b0893445
4
- data.tar.gz: 89dd10046a5b22f8e1424878c432cfc69f6d51da
3
+ metadata.gz: ba2ff6a9c8c7c521d934f1f35d503ca599c61716
4
+ data.tar.gz: 5cecae6a2b9ad5d9276a02f22cfaced254f93318
5
5
  SHA512:
6
- metadata.gz: 6477ca1a6659b9661203e54493c553fd1e4c61a18f28431b8ccb373273d136c8a967891f86437795bb94555af1d7c80eb9d7eb5faa9a5db52b1e9547c2c708fd
7
- data.tar.gz: d492ee6cc46b18579cd1f0094e5b5f35e82b4a986badab2a5b5b7768011c3338c5c424cb60c849a179006087cea79b851dbf32d268f6840696a900870edbc246
6
+ metadata.gz: 32db876c4d563a6118289e956926b957c636bbe9ae00636f723b3adf2832a5d880b779b50b7ba2c10bd55d9d9849066c17e1dc0500babd85bd8d728d5b101b81
7
+ data.tar.gz: 021630149470426da1313f8af9e008ca2a4724dff5f144f26e2b4ff8459359fefb0ca1650de4e1a7c0e7d57b560dcb273638339af8173e57c4c2aa591d6684ea
data/lib/bosh/director.rb CHANGED
@@ -112,6 +112,7 @@ require 'bosh/director/jobs/delete_deployment_snapshots'
112
112
  require 'bosh/director/jobs/delete_release'
113
113
  require 'bosh/director/jobs/delete_snapshots'
114
114
  require 'bosh/director/jobs/delete_stemcell'
115
+ require 'bosh/director/jobs/export_release'
115
116
  require 'bosh/director/jobs/update_deployment'
116
117
  require 'bosh/director/jobs/update_release'
117
118
  require 'bosh/director/jobs/update_stemcell'
data/lib/bosh/director/api/controllers/releases_controller.rb CHANGED
@@ -42,6 +42,21 @@ module Bosh::Director
42
42
  json_encode(releases)
43
43
  end
44
44
 
45
+ post '/export', consumes: :json do
46
+ body_params = JSON.parse(request.body.read)
47
+
48
+ deployment_name = body_params['deployment_name']
49
+ release_name = body_params['release_name']
50
+ release_version = body_params['release_version']
51
+ stemcell_os = body_params['stemcell_os']
52
+ stemcell_version = body_params['stemcell_version']
53
+
54
+ task = @release_manager.export_release(
55
+ current_user, deployment_name, release_name, release_version, stemcell_os, stemcell_version)
56
+
57
+ redirect "/tasks/#{task.id}"
58
+ end
59
+
45
60
  get '/:name', scope: :read do
46
61
  name = params[:name].to_s.strip
47
62
  release = @release_manager.find_by_name(name)
data/lib/bosh/director/api/extensions/scoping.rb CHANGED
@@ -4,7 +4,7 @@ module Bosh::Director
4
4
  module Scoping
5
5
  module Helpers
6
6
  def current_user
7
- @user
7
+ @user.username if @user
8
8
  end
9
9
  end
10
10
 
@@ -29,12 +29,12 @@ module Bosh::Director
29
29
 
30
30
  if auth_provided
31
31
  begin
32
- @user = identity_provider.corroborate_user(request.env, scope)
32
+ @user = identity_provider.get_user(request.env)
33
33
  rescue AuthenticationError
34
34
  end
35
35
  end
36
36
 
37
- if requires_authentication? && @user.nil?
37
+ if (@user.nil? || !@user.has_access?(scope)) && requires_authentication?
38
38
  response['WWW-Authenticate'] = 'Basic realm="BOSH Director"'
39
39
  throw(:halt, [401, "Not authorized\n"])
40
40
  end
data/lib/bosh/director/api/local_identity_provider.rb CHANGED
@@ -18,16 +18,32 @@ module Bosh
18
18
  {'type' => 'basic', 'options' => {}}
19
19
  end
20
20
 
21
- def corroborate_user(request_env, _)
21
+ def get_user(request_env)
22
22
  auth ||= Rack::Auth::Basic::Request.new(request_env)
23
23
  raise AuthenticationError unless auth.provided? && auth.basic? && auth.credentials
24
-
25
24
  if @user_manager.authenticate(*auth.credentials)
26
- auth.credentials.first
25
+ username = auth.credentials.first
26
+ password = auth.credentials[1]
27
+ LocalUser.new(@user_manager, username, password)
27
28
  else
28
29
  raise AuthenticationError
29
30
  end
30
31
  end
32
+
33
+ class LocalUser
34
+
35
+ attr_reader :username
36
+
37
+ def initialize(user_manager, username, password)
38
+ @user_manager = user_manager
39
+ @username = username
40
+ @password = password
41
+ end
42
+
43
+ def has_access?(_)
44
+ @user_manager.authenticate(@username, @password)
45
+ end
46
+ end
31
47
  end
32
48
  end
33
49
  end
data/lib/bosh/director/api/release_manager.rb CHANGED
@@ -62,6 +62,14 @@ module Bosh::Director
62
62
  def delete_release(username, release, options = {})
63
63
  JobQueue.new.enqueue(username, Jobs::DeleteRelease, "delete release: #{release.name}", [release.name, options])
64
64
  end
65
+
66
+ def export_release(username, deployment_name, release_name, release_version, stemcell_os, stemcell_version)
67
+ JobQueue.new.enqueue(
68
+ username,
69
+ Jobs::ExportRelease,
70
+ "export release: #{release_name}/#{release_version} for #{stemcell_os}/#{stemcell_version}",
71
+ [deployment_name, release_name, release_version, stemcell_os, stemcell_version])
72
+ end
65
73
  end
66
74
  end
67
75
  end
data/lib/bosh/director/api/uaa_identity_provider.rb CHANGED
@@ -7,7 +7,7 @@ module Bosh
7
7
  def initialize(options, director_uuid_provider)
8
8
  @url = options.fetch('url')
9
9
  Config.logger.debug "Initializing UAA Identity provider with url #{@url}"
10
- @director_uuid_provider = director_uuid_provider
10
+ @director_uuid = director_uuid_provider.uuid
11
11
  @token_coder = CF::UAA::TokenCoder.new(skey: options.fetch('symmetric_key', nil), pkey: options.fetch('public_key', nil), scope: [])
12
12
  end
13
13
 
@@ -24,38 +24,50 @@ module Bosh
24
24
  }
25
25
  end
26
26
 
27
- def corroborate_user(request_env, requested_access)
27
+ def get_user(request_env)
28
28
  auth_header = request_env['HTTP_AUTHORIZATION']
29
29
  token = @token_coder.decode(auth_header)
30
- validate_access(token, requested_access)
31
-
32
- token['user_name'] || token['client_id']
30
+ UaaUser.new(token, @director_uuid)
33
31
  rescue CF::UAA::DecodeError, CF::UAA::AuthError => e
34
32
  raise AuthenticationError, e.message
35
33
  end
34
+ end
36
35
 
37
- private
36
+ class UaaUser
37
+
38
+ attr_reader :token
39
+
40
+ def initialize(token, director_uuid)
41
+ @token = token
42
+ @director_uuid = director_uuid
43
+ end
38
44
 
39
- def validate_access(token, requested_access)
40
- if token['scope']
41
- if token_has_admin_scope?(token['scope'])
42
- return
45
+ def username
46
+ @token['user_name'] || @token['client_id']
47
+ end
48
+
49
+ def has_access?(requested_access)
50
+ if @token['scope']
51
+ if token_has_admin_scope?(@token['scope'])
52
+ return true
43
53
  end
44
54
 
45
- if requested_access == :read && token_has_read_scope?(token['scope'])
46
- return
55
+ if requested_access == :read && token_has_read_scope?(@token['scope'])
56
+ return true
47
57
  end
48
58
  end
49
59
 
50
- raise AuthenticationError, 'Requested access is not allowed by the scope'
60
+ false
51
61
  end
52
62
 
63
+ private
64
+
53
65
  def token_has_read_scope?(token_scope)
54
- token_scope.include?('bosh.read') || token_scope.include?("bosh.#{@director_uuid_provider.uuid}.read")
66
+ token_scope.include?('bosh.read') || token_scope.include?("bosh.#{@director_uuid}.read")
55
67
  end
56
68
 
57
69
  def token_has_admin_scope?(token_scope)
58
- token_scope.include?('bosh.admin') || token_scope.include?("bosh.#{@director_uuid_provider.uuid}.admin")
70
+ token_scope.include?('bosh.admin') || token_scope.include?("bosh.#{@director_uuid}.admin")
59
71
  end
60
72
  end
61
73
  end
data/lib/bosh/director/jobs/export_release.rb ADDED
@@ -0,0 +1,26 @@
1
+ require 'securerandom'
2
+ require 'common/version/release_version'
3
+
4
+ module Bosh::Director
5
+ module Jobs
6
+ class ExportRelease < BaseJob
7
+ include LockHelper
8
+
9
+ @queue = :normal
10
+
11
+ def self.job_type
12
+ :export_release
13
+ end
14
+
15
+ def initialize(deployment_name, release_name, release_version, stemcell_os, stemcell_version, options = {})
16
+ # DO some initilization
17
+ logger.info("we are in ExportRelease:initialize #{release_name}/#{release_version} #{stemcell_os}/#{stemcell_version}")
18
+ end
19
+
20
+ # @return [void]
21
+ def perform
22
+ logger.info("we are in ExportRelease:perform")
23
+ end
24
+ end
25
+ end
26
+ end
data/lib/bosh/director/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Bosh
2
2
  module Director
3
- VERSION = '1.2999.0'
3
+ VERSION = '1.3000.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bosh-director
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2999.0
4
+ version: 1.3000.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - VMware
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-23 00:00:00.000000000 Z
11
+ date: 2015-06-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bcrypt-ruby
@@ -30,126 +30,126 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.2999.0
33
+ version: 1.3000.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.2999.0
40
+ version: 1.3000.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: bosh-core
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: 1.2999.0
47
+ version: 1.3000.0
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: 1.2999.0
54
+ version: 1.3000.0
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: bosh-director-core
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 1.2999.0
61
+ version: 1.3000.0
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 1.2999.0
68
+ version: 1.3000.0
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: bosh_common
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
73
  - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: 1.2999.0
75
+ version: 1.3000.0
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: 1.2999.0
82
+ version: 1.3000.0
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: bosh-template
85
85
  requirement: !ruby/object:Gem::Requirement
86
86
  requirements:
87
87
  - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: 1.2999.0
89
+ version: 1.3000.0
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: 1.2999.0
96
+ version: 1.3000.0
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: bosh_cpi
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 1.2999.0
103
+ version: 1.3000.0
104
104
  type: :runtime
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 1.2999.0
110
+ version: 1.3000.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: bosh_openstack_cpi
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 1.2999.0
117
+ version: 1.3000.0
118
118
  type: :runtime
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 1.2999.0
124
+ version: 1.3000.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: bosh_aws_cpi
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.2999.0
131
+ version: 1.3000.0
132
132
  type: :runtime
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.2999.0
138
+ version: 1.3000.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: bosh_vsphere_cpi
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
143
  - - "~>"
144
144
  - !ruby/object:Gem::Version
145
- version: 1.2999.0
145
+ version: 1.3000.0
146
146
  type: :runtime
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
150
  - - "~>"
151
151
  - !ruby/object:Gem::Version
152
- version: 1.2999.0
152
+ version: 1.3000.0
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: bosh_vcloud_cpi
155
155
  requirement: !ruby/object:Gem::Requirement
@@ -572,7 +572,7 @@ dependencies:
572
572
  version: '0'
573
573
  description: |-
574
574
  BOSH Director
575
- 321dd5
575
+ 277382
576
576
  email: support@cloudfoundry.com
577
577
  executables:
578
578
  - bosh-director
@@ -767,6 +767,7 @@ files:
767
767
  - lib/bosh/director/jobs/delete_release.rb
768
768
  - lib/bosh/director/jobs/delete_snapshots.rb
769
769
  - lib/bosh/director/jobs/delete_stemcell.rb
770
+ - lib/bosh/director/jobs/export_release.rb
770
771
  - lib/bosh/director/jobs/fetch_logs.rb
771
772
  - lib/bosh/director/jobs/import_compiled_packages.rb
772
773
  - lib/bosh/director/jobs/run_errand.rb