chef-zero 15.0.17 → 15.0.21

data/bin/chef-zero

@@ -1,111 +1,111 @@
-#!/usr/bin/env ruby
-
-# Trap interrupts to quit cleanly.
-Signal.trap("INT") { exit 1 }
-
-require "rubygems" unless defined?(Gem)
-$:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
-
-require "chef_zero/log"
-require "chef_zero/dist"
-require "chef_zero/version"
-require "chef_zero/server"
-require "chef_zero/data_store/raw_file_store"
-require "optparse" unless defined?(OptionParser)
-
-def parse_port(port)
-  array = []
-  port.split(",").each do |part|
-    a, b = part.split("-", 2)
-    if b
-      array = array.concat(a.to_i.upto(b.to_i).to_a)
-    else
-      array = array.concat([a.to_i])
-    end
-  end
-  array
-end
-
-options = {}
-
-OptionParser.new do |opts|
-  opts.banner = "Usage: #{ChefZero::Dist::CLIENT} [ARGS]"
-
-  opts.on("-H", "--host HOST", "Host to bind to (default: 127.0.0.1)") do |value|
-    options[:host] ||= []
-    options[:host] << value
-  end
-
-  opts.on("-p", "--port PORT", "Port to listen on (e.g. 8889, or 8500-8600 or 8885,8888)") do |value|
-    options[:port] ||= []
-    options[:port] += parse_port(value)
-  end
-
-  opts.on("--[no-]generate-keys", "Whether to generate actual keys or fake it (faster).  Default: false.") do |value|
-    options[:generate_real_keys] = value
-  end
-
-  opts.on("-d", "--daemon", "Run as a daemon process") do |value|
-    options[:daemon] = value
-  end
-
-  opts.on("-l", "--log-level LEVEL", "Set the output log level") do |value|
-    options[:log_level] = value
-  end
-
-  opts.on("--log-file FILE", "Log to a file") do |value|
-    options[:log_file] = value
-  end
-
-  opts.on("--enterprise", "Whether to run in enterprise mode") do |value|
-    options[:single_org] = nil
-    options[:osc_compat] = false
-  end
-
-  opts.on("--multi-org", "Whether to run in multi-org mode") do |value|
-    options[:single_org] = nil
-  end
-
-  opts.on("--file-store PATH", "Persist data to files at the given path") do |value|
-    options[:data_store] = ChefZero::DataStore::RawFileStore.new(value)
-  end
-
-  opts.on("--[no-]ssl", "Use SSL with self-signed certificate(Auto generate before every run).  Default: false.") do |value|
-    options[:ssl] = value
-  end
-
-  opts.on_tail("-h", "--help", "Show this message") do
-    puts opts
-    exit
-  end
-
-  opts.on_tail("--version", "Show version") do
-    puts ChefZero::VERSION
-    exit
-  end
-end.parse!
-
-if options[:data_store]
-  options[:data_store] = ChefZero::DataStore::DefaultFacade.new(options[:data_store], options[:single_org], false)
-end
-
-if options[:log_file]
-  ChefZero::Log.init(options[:log_file])
-end
-
-server = ChefZero::Server.new(options)
-
-if options[:daemon]
-  if Process.respond_to?(:daemon)
-    Process.daemon(true)
-    server.start(true)
-  else
-    if ENV["OS"] == "Windows_NT"
-      abort "Daemonization is not supported on Windows. Running 'start #{ChefZero::Dist::CLIENT}' will fork the process."
-    else
-      abort "Process.daemon requires Ruby >= 1.9"
-    end
-  end
-else
-  server.start(true)
-end
+#!/usr/bin/env ruby
+
+# Trap interrupts to quit cleanly.
+Signal.trap("INT") { exit 1 }
+
+require "rubygems" unless defined?(Gem)
+$:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
+
+require "chef_zero/log"
+require "chef_zero/dist"
+require "chef_zero/version"
+require "chef_zero/server"
+require "chef_zero/data_store/raw_file_store"
+require "optparse" unless defined?(OptionParser)
+
+def parse_port(port)
+  array = []
+  port.split(",").each do |part|
+    a, b = part.split("-", 2)
+    if b
+      array = array.concat(a.to_i.upto(b.to_i).to_a)
+    else
+      array = array.push(a.to_i)
+    end
+  end
+  array
+end
+
+options = {}
+
+OptionParser.new do |opts|
+  opts.banner = "Usage: #{ChefZero::Dist::CLIENT} [ARGS]"
+
+  opts.on("-H", "--host HOST", "Host to bind to (default: 127.0.0.1)") do |value|
+    options[:host] ||= []
+    options[:host] << value
+  end
+
+  opts.on("-p", "--port PORT", "Port to listen on (e.g. 8889, or 8500-8600 or 8885,8888)") do |value|
+    options[:port] ||= []
+    options[:port] += parse_port(value)
+  end
+
+  opts.on("--[no-]generate-keys", "Whether to generate actual keys or fake it (faster).  Default: false.") do |value|
+    options[:generate_real_keys] = value
+  end
+
+  opts.on("-d", "--daemon", "Run as a daemon process") do |value|
+    options[:daemon] = value
+  end
+
+  opts.on("-l", "--log-level LEVEL", "Set the output log level") do |value|
+    options[:log_level] = value
+  end
+
+  opts.on("--log-file FILE", "Log to a file") do |value|
+    options[:log_file] = value
+  end
+
+  opts.on("--enterprise", "Whether to run in enterprise mode") do |value|
+    options[:single_org] = nil
+    options[:osc_compat] = false
+  end
+
+  opts.on("--multi-org", "Whether to run in multi-org mode") do |value|
+    options[:single_org] = nil
+  end
+
+  opts.on("--file-store PATH", "Persist data to files at the given path") do |value|
+    options[:data_store] = ChefZero::DataStore::RawFileStore.new(value)
+  end
+
+  opts.on("--[no-]ssl", "Use SSL with self-signed certificate(Auto generate before every run).  Default: false.") do |value|
+    options[:ssl] = value
+  end
+
+  opts.on_tail("-h", "--help", "Show this message") do
+    puts opts
+    exit
+  end
+
+  opts.on_tail("--version", "Show version") do
+    puts ChefZero::VERSION
+    exit
+  end
+end.parse!
+
+if options[:data_store]
+  options[:data_store] = ChefZero::DataStore::DefaultFacade.new(options[:data_store], options[:single_org], false)
+end
+
+if options[:log_file]
+  ChefZero::Log.init(options[:log_file])
+end
+
+server = ChefZero::Server.new(options)
+
+if options[:daemon]
+  if Process.respond_to?(:daemon)
+    Process.daemon(true)
+    server.start(true)
+  else
+    if ENV["OS"] == "Windows_NT"
+      abort "Daemonization is not supported on Windows. Running 'start #{ChefZero::Dist::CLIENT}' will fork the process."
+    else
+      abort "Process.daemon requires Ruby >= 1.9"
+    end
+  end
+else
+  server.start(true)
+end

data/chef-zero.gemspec

@@ -1,33 +1,34 @@
-$:.unshift(__dir__ + "/lib")
-require "chef_zero/version"
-
-Gem::Specification.new do |s|
-  s.name = "chef-zero"
-  s.version = ChefZero::VERSION
-  s.summary = "Self-contained, easy-setup, fast-start in-memory Chef server for testing and solo setup purposes"
-  s.description = s.summary
-  s.author = "Chef Software, Inc."
-  s.email = "oss@chef.io"
-  s.homepage = "https://github.com/chef/chef-zero"
-  s.license = "Apache-2.0"
-
-  s.required_ruby_version = ">= 3.0"
-
-  # Note: 7.1.0 does not defaults its cache_format_version to 7.1 but 6.1 instead which gives deprecation warnings
-  # Remove the version constraint when we can upgrade to 7.1.1 post stable release of Activesupport 7.1
-  # Similar issue with 7.0 existed: https://github.com/rails/rails/pull/45293
-  s.add_dependency "activesupport", "~> 7.0", "< 7.1"
-  s.add_dependency "mixlib-log", ">= 2.0", "< 4.0"
-  s.add_dependency "hashie", ">= 2.0", "< 5.0"
-  s.add_dependency "uuidtools", "~> 2.1"
-  s.add_dependency "ffi-yajl", "~> 2.2"
-  s.add_dependency "rack", "~> 3.1", ">= 3.1.10"
-  s.add_dependency "rackup", "~> 2.2", ">= 2.2.1"
-  s.add_dependency "webrick"
-
-  s.bindir       = "bin"
-  s.executables  = ["chef-zero"]
-  s.require_path = "lib"
-  s.files = %w{LICENSE Gemfile Rakefile} + Dir.glob("*.gemspec") +
-    Dir.glob("{lib,spec}/**/*", File::FNM_DOTMATCH).reject { |f| File.directory?(f) }
-end
+$:.unshift(__dir__ + "/lib")
+require "chef_zero/version"
+
+Gem::Specification.new do |s|
+  s.name = "chef-zero"
+  s.version = ChefZero::VERSION
+  s.summary = "Self-contained, easy-setup, fast-start in-memory Chef server for testing and solo setup purposes"
+  s.description = s.summary
+  s.author = "Chef Software, Inc."
+  s.email = "oss@chef.io"
+  s.homepage = "https://github.com/chef/chef-zero"
+  s.license = "Apache-2.0"
+
+  s.required_ruby_version = ">= 3.0"
+
+  # Note: 7.1.0 does not defaults its cache_format_version to 7.1 but 6.1 instead which gives deprecation warnings
+  # Remove the version constraint when we can upgrade to 7.1.1 post stable release of Activesupport 7.1
+  # Similar issue with 7.0 existed: https://github.com/rails/rails/pull/45293
+  s.add_dependency "activesupport", ">= 7", "< 8.1"
+  s.add_dependency "mixlib-log", ">= 2.0", "< 4.0"
+  s.add_dependency "hashie", ">= 2.0", "< 6.0"
+  s.add_dependency "uuidtools", "~> 2.1"
+  s.add_dependency "ffi-yajl", ">= 2.2", "< 4.0"
+  s.add_dependency "rack", "~> 3.1", ">= 3.1.16"
+  s.add_dependency "rackup", "~> 2.2", ">= 2.2.1"
+  s.add_dependency "unf_ext", "~> 0.0.8"
+  s.add_dependency "webrick"
+
+  s.bindir       = "bin"
+  s.executables  = ["chef-zero"]
+  s.require_path = "lib"
+  s.files = %w{LICENSE Gemfile Rakefile} + Dir.glob("*.gemspec") +
+    Dir.glob("{lib,spec}/**/*", File::FNM_DOTMATCH).reject { |f| File.directory?(f) }
+end

data/lib/chef_zero/chef_data/acl_path.rb

@@ -1,140 +1,140 @@
-module ChefZero
-  module ChefData
-    # Manages translations between REST and ACL data paths
-    # and parent paths.
-    #
-    # Suggestions
-    # - make /organizations/ORG/_acl and deprecate organization/_acl and organizations/_acl
-    # - add endpoints for /containers/(users|organizations|containers)(/_acl)
-    # - add PUT for */_acl
-    # - add endpoints for /organizations/ORG/data/containers and /organizations/ORG/cookbooks/containers
-    # - sane, fully documented ACL model
-    # - sane inheritance / override model: if actors or groups are explicitly
-    #   specified on X, they are not inherited from X's parent
-    # - stop adding pivotal to acls (he already has access to what he needs)
-    module AclPath
-      ORG_DATA_TYPES = %w{clients cookbook_artifacts cookbooks containers data environments groups
-                          nodes policies policy_groups roles sandboxes}.freeze
-      TOP_DATA_TYPES = %w{containers organizations users}.freeze
-
-      # ACL data paths for a partition are:
-      # /          -> /acls/root
-      # /TYPE      -> /acls/containers/TYPE
-      # /TYPE/NAME -> /acls/TYPE/NAME
-      #
-      # The root partition "/" has its own acls, so it looks like this:
-      #
-      # / -> /acls/root
-      # /users -> /acls/containers/users
-      # /organizations -> /acls/containers/organizations
-      # /users/schlansky -> /acls/users/schlansky
-      #
-      # Each organization is its own partition, so it looks like this:
-      #
-      # /organizations/blah           -> /organizations/blah/acls/root
-      # /organizations/blah/roles     -> /organizations/blah/acls/containers/roles
-      # /organizations/blah/roles/web -> /organizations/blah/acls/roles/web
-      # /organizations/ORG is its own partition.  ACLs for anything under it follow
-
-      # This method takes a Chef REST path and returns the chef-zero path
-      # used to look up the ACL.  If an object does not have an ACL directly,
-      # it will return nil.  Paths like /organizations/ORG/data/bag/item will
-      # return nil, because it is the parent path (data/bag) that has an ACL.
-      def self.get_acl_data_path(path)
-        # Things under organizations have their own acls hierarchy
-        if path[0] == "organizations" && path.size >= 2
-          under_org = partition_acl_data_path(path[2..-1], ORG_DATA_TYPES)
-          if under_org
-            path[0..1] + under_org
-          end
-        else
-          partition_acl_data_path(path, TOP_DATA_TYPES)
-        end
-      end
-
-      #
-      # Reverse transform from acl_data_path to path.
-      # /acls/root -> /
-      # /acls/** -> /**
-      # /organizations/ORG/acls/root -> /organizations/ORG
-      # /organizations/ORG/acls/** -> /organizations/ORG/**
-      #
-      # This means that /acls/containers/nodes maps to
-      # /containers/nodes, not /nodes.
-      #
-      def self.get_object_path(acl_data_path)
-        if acl_data_path[0] == "acls"
-          if acl_data_path[1] == "root"
-            []
-          else
-            acl_data_path[1..-1]
-          end
-        elsif acl_data_path[0] == "organizations" && acl_data_path[2] == "acls"
-          if acl_data_path[3] == "root"
-            acl_data_path[0..1]
-          else
-            acl_data_path[0..1] + acl_data_path[3..-1]
-          end
-        end
-      end
-
-      # Method *assumes* acl_data_path is valid.
-      # /organizations/BLAH's parent is /organizations
-      #
-      # An example traversal up the whole tree:
-      # /organizations/foo/acls/nodes/mario ->
-      # /organizations/foo/acls/containers/nodes ->
-      # /organizations/foo/acls/containers/containers ->
-      # /organizations/foo/acls/root ->
-      # /acls/containers/organizations ->
-      # /acls/containers/containers ->
-      # /acls/root ->
-      # nil
-      def self.parent_acl_data_path(acl_data_path)
-        if acl_data_path[0] == "organizations"
-          under_org = partition_parent_acl_data_path(acl_data_path[2..-1])
-          if under_org
-            acl_data_path[0..1] + under_org
-          else
-            # ACL data path is /organizations/X/acls/root; therefore parent is "/organizations"
-            %w{acls containers organizations}
-          end
-        else
-          partition_parent_acl_data_path(acl_data_path)
-        end
-      end
-
-      # /acls/root -> nil
-      # /acls/containers/containers -> /acls/root
-      # /acls/TYPE/X -> /acls/containers/TYPE
-      #
-      # Method *assumes* acl_data_path is valid.
-      # Returns nil if the path is /acls/root
-      private_class_method
-      def self.partition_parent_acl_data_path(acl_data_path)
-        if acl_data_path.size == 3
-          if acl_data_path == %w{acls containers containers}
-            %w{acls root}
-          else
-            [ "acls", "containers", acl_data_path[1]]
-          end
-        else
-          nil
-        end
-      end
-
-      private_class_method
-      def self.partition_acl_data_path(path, data_types)
-        if path.size == 0
-          %w{acls root}
-        elsif data_types.include?(path[0])
-          if path.size == 0
-            [ "acls", "containers", path[0] ]
-          elsif path.size == 2
-            [ "acls", path[0], path[1] ]
-          end
-        end
-      end
-    end
-  end
-end
+module ChefZero
+  module ChefData
+    # Manages translations between REST and ACL data paths
+    # and parent paths.
+    #
+    # Suggestions
+    # - make /organizations/ORG/_acl and deprecate organization/_acl and organizations/_acl
+    # - add endpoints for /containers/(users|organizations|containers)(/_acl)
+    # - add PUT for */_acl
+    # - add endpoints for /organizations/ORG/data/containers and /organizations/ORG/cookbooks/containers
+    # - sane, fully documented ACL model
+    # - sane inheritance / override model: if actors or groups are explicitly
+    #   specified on X, they are not inherited from X's parent
+    # - stop adding pivotal to acls (he already has access to what he needs)
+    module AclPath
+      ORG_DATA_TYPES = %w{clients cookbook_artifacts cookbooks containers data environments groups
+                          nodes policies policy_groups roles sandboxes}.freeze
+      TOP_DATA_TYPES = %w{containers organizations users}.freeze
+
+      # ACL data paths for a partition are:
+      # /          -> /acls/root
+      # /TYPE      -> /acls/containers/TYPE
+      # /TYPE/NAME -> /acls/TYPE/NAME
+      #
+      # The root partition "/" has its own acls, so it looks like this:
+      #
+      # / -> /acls/root
+      # /users -> /acls/containers/users
+      # /organizations -> /acls/containers/organizations
+      # /users/schlansky -> /acls/users/schlansky
+      #
+      # Each organization is its own partition, so it looks like this:
+      #
+      # /organizations/blah           -> /organizations/blah/acls/root
+      # /organizations/blah/roles     -> /organizations/blah/acls/containers/roles
+      # /organizations/blah/roles/web -> /organizations/blah/acls/roles/web
+      # /organizations/ORG is its own partition.  ACLs for anything under it follow
+
+      # This method takes a Chef REST path and returns the chef-zero path
+      # used to look up the ACL.  If an object does not have an ACL directly,
+      # it will return nil.  Paths like /organizations/ORG/data/bag/item will
+      # return nil, because it is the parent path (data/bag) that has an ACL.
+      def self.get_acl_data_path(path)
+        # Things under organizations have their own acls hierarchy
+        if path[0] == "organizations" && path.size >= 2
+          under_org = partition_acl_data_path(path[2..-1], ORG_DATA_TYPES)
+          if under_org
+            path[0..1] + under_org
+          end
+        else
+          partition_acl_data_path(path, TOP_DATA_TYPES)
+        end
+      end
+
+      #
+      # Reverse transform from acl_data_path to path.
+      # /acls/root -> /
+      # /acls/** -> /**
+      # /organizations/ORG/acls/root -> /organizations/ORG
+      # /organizations/ORG/acls/** -> /organizations/ORG/**
+      #
+      # This means that /acls/containers/nodes maps to
+      # /containers/nodes, not /nodes.
+      #
+      def self.get_object_path(acl_data_path)
+        if acl_data_path[0] == "acls"
+          if acl_data_path[1] == "root"
+            []
+          else
+            acl_data_path[1..-1]
+          end
+        elsif acl_data_path[0] == "organizations" && acl_data_path[2] == "acls"
+          if acl_data_path[3] == "root"
+            acl_data_path[0..1]
+          else
+            acl_data_path[0..1] + acl_data_path[3..-1]
+          end
+        end
+      end
+
+      # Method *assumes* acl_data_path is valid.
+      # /organizations/BLAH's parent is /organizations
+      #
+      # An example traversal up the whole tree:
+      # /organizations/foo/acls/nodes/mario ->
+      # /organizations/foo/acls/containers/nodes ->
+      # /organizations/foo/acls/containers/containers ->
+      # /organizations/foo/acls/root ->
+      # /acls/containers/organizations ->
+      # /acls/containers/containers ->
+      # /acls/root ->
+      # nil
+      def self.parent_acl_data_path(acl_data_path)
+        if acl_data_path[0] == "organizations"
+          under_org = partition_parent_acl_data_path(acl_data_path[2..-1])
+          if under_org
+            acl_data_path[0..1] + under_org
+          else
+            # ACL data path is /organizations/X/acls/root; therefore parent is "/organizations"
+            %w{acls containers organizations}
+          end
+        else
+          partition_parent_acl_data_path(acl_data_path)
+        end
+      end
+
+      # /acls/root -> nil
+      # /acls/containers/containers -> /acls/root
+      # /acls/TYPE/X -> /acls/containers/TYPE
+      #
+      # Method *assumes* acl_data_path is valid.
+      # Returns nil if the path is /acls/root
+      private_class_method
+      def self.partition_parent_acl_data_path(acl_data_path)
+        if acl_data_path.size == 3
+          if acl_data_path == %w{acls containers containers}
+            %w{acls root}
+          else
+            [ "acls", "containers", acl_data_path[1]]
+          end
+        else
+          nil
+        end
+      end
+
+      private_class_method
+      def self.partition_acl_data_path(path, data_types)
+        if path.size == 0
+          %w{acls root}
+        elsif data_types.include?(path[0])
+          if path.size == 0
+            [ "acls", "containers", path[0] ]
+          elsif path.size == 2
+            [ "acls", path[0], path[1] ]
+          end
+        end
+      end
+    end
+  end
+end