chef-zero 4.3.2 → 4.4.0

data/lib/chef_zero/endpoints/policy_endpoint.rb

@@ -0,0 +1,24 @@
+require 'chef_zero/chef_data/data_normalizer'
+
+module ChefZero
+  module Endpoints
+    # /organizations/ORG/policies/NAME
+    class PolicyEndpoint < RestBase
+      # GET /organizations/ORG/policies/NAME
+      def get(request)
+        revisions = list_data(request, request.rest_path + ["revisions"])
+        data = { revisions: hashify_list(revisions) }
+        return json_response(200, data)
+      end
+
+      # DELETE /organizations/ORG/policies/NAME
+      def delete(request)
+        revisions = list_data(request, request.rest_path + ["revisions"])
+        data = { revisions: hashify_list(revisions) }
+
+        delete_data_dir(request, nil, :recursive)
+        return json_response(200, data)
+      end
+    end
+  end
+end

data/lib/chef_zero/endpoints/policy_group_endpoint.rb

@@ -0,0 +1,46 @@
+require 'ffi_yajl'
+require 'chef_zero/rest_base'
+require 'chef_zero/chef_data/data_normalizer'
+
+module ChefZero
+  module Endpoints
+    # /organizations/ORG/policy_groups/NAME
+    class PolicyGroupEndpoint < RestBase
+
+      # GET /organizations/ORG/policy_groups/NAME
+      def get(request)
+        data = {
+          uri: build_uri(request.base_uri, request.rest_path),
+          policies: get_policy_group_policies(request)
+        }
+        json_response(200, data)
+      end
+
+      # build a hash of {"some_policy_name"=>{"revision_id"=>"909c26701e291510eacdc6c06d626b9fa5350d25"}}
+      def get_policy_group_policies(request)
+        policies_revisions = {}
+
+        policies_path = request.rest_path + ["policies"]
+        policy_names = list_data(request, policies_path)
+        policy_names.each do |policy_name|
+          revision = parse_json(get_data(request, policies_path + [policy_name]))
+          policies_revisions[policy_name] = { revision_id: revision}
+        end
+
+        policies_revisions
+      end
+
+      # DELETE /organizations/ORG/policy_groups/NAME
+      def delete(request)
+        policy_group_policies = get_policy_group_policies(request)
+        delete_data_dir(request, nil, :recursive)
+
+        data = {
+          uri: build_uri(request.base_uri, request.rest_path),
+          policies: policy_group_policies
+        }
+        json_response(200, data)
+      end
+    end
+  end
+end

data/lib/chef_zero/endpoints/policy_group_policy_endpoint.rb

@@ -0,0 +1,84 @@
+require 'ffi_yajl'
+require 'chef_zero/rest_base'
+require 'chef_zero/chef_data/data_normalizer'
+
+module ChefZero
+  module Endpoints
+    # /organizations/ORG/policy_groups/GROUP/policies/NAME
+    #
+    # in the data store, this REST path actually stores the revision ID of ${policy_name} that's currently
+    # associated with ${policy_group}.
+    class PolicyGroupPolicyEndpoint < RestBase
+
+      # GET /organizations/ORG/policy_groups/GROUP/policies/NAME
+      def get(request)
+        policy_name = request.rest_path[5]
+
+        # fetch /organizations/{organization}/policies/{policy_name}/revisions/{revision_id}
+        revision_id = parse_json(get_data(request))
+        result = get_data(request, request.rest_path[0..1] +
+                                   ["policies", policy_name, "revisions", revision_id])
+        result = ChefData::DataNormalizer.normalize_policy(parse_json(result), policy_name, revision_id)
+        json_response(200, result)
+      end
+
+      # Create or update the policy document for the given policy group and policy name. If no policy group
+      # with the given name exists, it will be created. If no policy with the given revision_id exists, it
+      # will be created from the document in the request body. If a policy with that revision_id exists, the
+      # Chef Server simply associates that revision id with the given policy group. When successful, the
+      # document that was created or updated is returned.
+
+      ## MANDATORY FIELDS AND FORMATS
+      # * `revision_id`: String; Must be < 255 chars, matches /^[\-[:alnum:]_\.\:]+$/
+      # * `name`: String; Must match name in URI; Must be <= 255 chars, matches /^[\-[:alnum:]_\.\:]+$/
+      # * `run_list`: Array
+      # * `run_list[i]`: Fully Qualified Recipe Run List Item
+      # * `cookbook_locks`: JSON Object
+      # * `cookbook_locks(key)`: CookbookName
+      # * `cookbook_locks[item]`: JSON Object, mandatory keys: "identifier", "dotted_decimal_identifier"
+      # * `cookbook_locks[item]["identifier"]`: varchar(255) ?
+      # * `cookbook_locks[item]["dotted_decimal_identifier"]` ChefCompatibleVersionNumber
+
+      # PUT /organizations/ORG/policy_groups/GROUP/policies/NAME
+      def put(request)
+        policyfile_data = parse_json(request.body)
+        policy_name = request.rest_path[5]
+        revision_id = policyfile_data["revision_id"]
+
+        # If the policy revision being submitted does not exist, create it.
+        # Storage: /organizations/ORG/policies/POLICY/revisions/REVISION
+        policyfile_path = request.rest_path[0..1] + ["policies", policy_name, "revisions", revision_id]
+        if !exists_data?(request, policyfile_path)
+          create_data(request, policyfile_path[0..-2], revision_id, request.body, :create_dir)
+        end
+
+        # if named policy exists and the given revision ID exists, associate the revision ID with the policy
+        # group.
+        # Storage: /organizations/ORG/policies/POLICY/revisions/REVISION
+        response_code = exists_data?(request) ? 200 : 201
+        set_data(request, nil, to_json(revision_id), :create_dir)
+
+        already_json_response(response_code, request.body)
+      end
+
+      # DELETE /organizations/ORG/policy_groups/GROUP/policies/NAME
+      def delete(request)
+        # Save the existing association.
+        current_revision_id = parse_json(get_data(request))
+
+        # delete the association.
+        delete_data(request)
+
+        # return the full policy document at the no-longer-associated revision.
+        policy_name = request.rest_path[5]
+        policy_path = request.rest_path[0..1] + ["policies", policy_name,
+                                                 "revisions", current_revision_id]
+
+
+        full_policy_doc = parse_json(get_data(request, policy_path))
+        full_policy_doc = ChefData::DataNormalizer.normalize_policy(full_policy_doc, policy_name, current_revision_id)
+        return json_response(200, full_policy_doc)
+      end
+    end
+  end
+end

data/lib/chef_zero/endpoints/policy_groups_endpoint.rb

@@ -0,0 +1,38 @@
+require 'ffi_yajl'
+require 'chef_zero/rest_base'
+require 'chef_zero/chef_data/data_normalizer'
+
+module ChefZero
+  module Endpoints
+    # /organizations/ORG/policy_groups
+    #
+    # in the data store, this REST path actually stores the revision ID of ${policy_name} that's currently
+    # associated with ${policy_group}.
+    class PolicyGroupsEndpoint < RestBase
+      # GET /organizations/ORG/policy_groups
+      def get(request)
+        # each policy group has policies and associated revisions under
+        # /policy_groups/{group name}/policies/{policy name}.
+        response_data = {}
+        list_data(request).each do |group_name|
+          group_path = request.rest_path + [group_name]
+          policy_list = list_data(request, group_path + ["policies"])
+
+          # build the list of policies with their revision ID associated with this policy group.
+          policies = {}
+          policy_list.each do |policy_name|
+            revision_id = parse_json(get_data(request, group_path + ["policies", policy_name]))
+            policies[policy_name] = { revision_id: revision_id }
+          end
+
+          response_data[group_name] = {
+            uri: build_uri(request.base_uri, group_path)
+          }
+          response_data[group_name][:policies] = policies unless policies.empty?
+        end
+
+        json_response(200, response_data)
+      end
+    end
+  end
+end

data/lib/chef_zero/endpoints/policy_revision_endpoint.rb

@@ -0,0 +1,23 @@
+require 'chef_zero/chef_data/data_normalizer'
+
+module ChefZero
+  module Endpoints
+    # /organizations/ORG/policies/NAME/revisions/REVISION
+    class PolicyRevisionEndpoint < RestBase
+      # GET /organizations/ORG/policies/NAME/revisions/REVISION
+      def get(request)
+        data = parse_json(get_data(request))
+        data = ChefData::DataNormalizer.normalize_policy(data, request.rest_path[3], request.rest_path[5])
+        return json_response(200, data)
+      end
+
+      # DELETE /organizations/ORG/policies/NAME/revisions/REVISION
+      def delete(request)
+        policyfile_data = parse_json(get_data(request))
+        policyfile_data = ChefData::DataNormalizer.normalize_policy(policyfile_data, request.rest_path[3], request.rest_path[5])
+        delete_data(request)
+        return json_response(200, policyfile_data)
+      end
+    end
+  end
+end

data/lib/chef_zero/endpoints/policy_revisions_endpoint.rb

@@ -0,0 +1,15 @@
+require 'chef_zero/chef_data/data_normalizer'
+
+module ChefZero
+  module Endpoints
+    # /organizations/ORG/policies/NAME/revisions
+    class PolicyRevisionsEndpoint < RestBase
+      # POST /organizations/ORG/policies/NAME/revisions
+      def post(request)
+        policyfile_data = parse_json(request.body)
+        create_data(request, request.rest_path, policyfile_data["revision_id"], request.body, :create_dir)
+        return already_json_response(201, request.body)
+      end
+    end
+  end
+end

data/lib/chef_zero/endpoints/principal_endpoint.rb

@@ -8,16 +8,20 @@ module ChefZero
     class PrincipalEndpoint < RestBase
       def get(request)
         name = request.rest_path[-1]
+        # If /organizations/ORG/users/NAME exists, use this user (only org members have precedence over clients).        hey are an org member.
         json = get_data(request, request.rest_path[0..1] + [ 'users', name ], :nil)
         if json
           type = 'user'
           org_member = true
         else
+          # If /organizations/ORG/clients/NAME exists, use the client.
           json = get_data(request, request.rest_path[0..1] + [ 'clients', name ], :nil)
           if json
             type = 'client'
             org_member = true
           else
+            # If there is no client with that name, check for a user (/users/NAME) and return that with
+            # org_member = false.
             json = get_data(request, [ 'users', name ], :nil)
             if json
               type = 'user'

data/lib/chef_zero/rest_base.rb

@@ -195,12 +195,13 @@ module ChefZero
       data_store.exists_dir?(rest_path)
     end
 
-    def error(response_code, error)
-      json_response(response_code, {"error" => [error]})
+    def error(response_code, error, opts={})
+      json_response(response_code, {"error" => [error]}, 0, 0, opts)
     end
 
-    def json_response(response_code, json, request_version=0, response_version=0)
-      already_json_response(response_code, FFI_Yajl::Encoder.encode(json, :pretty => true), request_version, response_version)
+    def json_response(response_code, json, request_version=0, response_version=0, opts={pretty: true})
+      do_pretty_json = opts[:pretty] && true
+      already_json_response(response_code, FFI_Yajl::Encoder.encode(json, :pretty => do_pretty_json), request_version, response_version)
     end
 
     def text_response(response_code, text)
@@ -238,5 +239,39 @@ module ChefZero
     def populate_defaults(request, response)
       response
     end
+
+    def parse_json(json)
+      FFI_Yajl::Parser.parse(json, create_additions: false)
+    end
+
+    def to_json(data)
+      FFI_Yajl::Encoder.encode(data, :pretty => true)
+    end
+
+    def get_data_or_else(request, path, or_else_value)
+      if exists_data?(request, path)
+        parse_json(get_data(request, path))
+      else
+        or_else_value
+      end
+    end
+
+    def list_data_or_else(request, path, or_else_value)
+      if exists_data_dir?(request, path)
+        list_data(request, path)
+      else
+        or_else_value
+      end
+    end
+
+    def hashify_list(list)
+      list.reduce({}) { |acc, obj| acc.merge( obj => {} ) }
+    end
+
+    def policy_name_invalid?(name)
+      !name.is_a?(String) ||
+       name.size > 255 ||
+       name =~ /[+ !]/
+    end
   end
 end

data/lib/chef_zero/rspec.rb

@@ -125,6 +125,10 @@ module ChefZero
         end
       end
 
+      def cookbook_artifact(name, data, &block)
+        before(chef_server_options[:server_scope]) { cookbook_artifact(name, data, &block) }
+      end
+
       def data_bag(name, data, &block)
         before(chef_server_options[:server_scope]) { data_bag(name, data, &block) }
       end
@@ -149,6 +153,14 @@ module ChefZero
         before(chef_server_options[:server_scope]) { org_member(*usernames) }
       end
 
+      def policy(name, data, &block)
+        before(chef_server_options[:server_scope]) { policy(name, data, &block) }
+      end
+
+      def policy_group(name, data, &block)
+        before(chef_server_options[:server_scope]) { policy_group(name, data, &block) }
+      end
+
       def role(name, data, &block)
         before(chef_server_options[:server_scope]) { role(name, data, &block) }
       end
@@ -215,6 +227,13 @@ module ChefZero
         end
       end
 
+      def cookbook_artifact(name, identifier, data, &block)
+        with_object_path("cookbook_artifacts/#{name}") do
+          ChefZero::RSpec.server.load_data({ 'cookbook_artifact' => { name => { identifier => data } } }, current_org)
+          instance_eval(&block) if block_given?
+        end
+      end
+
       def data_bag(name, data, &block)
         with_object_path("data/#{name}") do
           ChefZero::RSpec.server.load_data({ 'data' => { name => data }}, current_org)
@@ -251,6 +270,20 @@ module ChefZero
         ChefZero::RSpec.server.load_data({ 'members' => usernames }, current_org)
       end
 
+      def policy(name, version, data, &block)
+        with_object_path("policies/#{name}") do
+          ChefZero::RSpec.server.load_data({ 'policies' => { name => { version => data } } }, current_org)
+          instance_eval(&block) if block_given?
+        end
+      end
+
+      def policy_group(name, data, &block)
+        with_object_path("policy_groups/#{name}") do
+          ChefZero::RSpec.server.load_data({ 'policy_groups' => { name => data } }, current_org)
+          instance_eval(&block) if block_given?
+        end
+      end
+
       def role(name, data, &block)
         with_object_path("roles/#{name}") do
           ChefZero::RSpec.server.load_data({ 'roles' => { name => data } }, current_org)

data/lib/chef_zero/server.rb

@@ -45,8 +45,12 @@ require 'chef_zero/endpoints/actor_endpoint'
 require 'chef_zero/endpoints/cookbooks_endpoint'
 require 'chef_zero/endpoints/cookbook_endpoint'
 require 'chef_zero/endpoints/cookbook_version_endpoint'
+require 'chef_zero/endpoints/cookbook_artifacts_cookbook_endpoint'
+require 'chef_zero/endpoints/cookbook_artifacts_cookbook_identifier'
+require 'chef_zero/endpoints/cookbook_artifacts_endpoint'
 require 'chef_zero/endpoints/containers_endpoint'
 require 'chef_zero/endpoints/container_endpoint'
+require 'chef_zero/endpoints/dummy_endpoint'
 require 'chef_zero/endpoints/data_bags_endpoint'
 require 'chef_zero/endpoints/data_bag_endpoint'
 require 'chef_zero/endpoints/data_bag_item_endpoint'
@@ -61,6 +65,7 @@ require 'chef_zero/endpoints/environment_recipes_endpoint'
 require 'chef_zero/endpoints/environment_role_endpoint'
 require 'chef_zero/endpoints/license_endpoint'
 require 'chef_zero/endpoints/node_endpoint'
+require 'chef_zero/endpoints/nodes_endpoint'
 require 'chef_zero/endpoints/node_identifiers_endpoint'
 require 'chef_zero/endpoints/organizations_endpoint'
 require 'chef_zero/endpoints/organization_endpoint'
@@ -70,8 +75,14 @@ require 'chef_zero/endpoints/organization_authenticate_user_endpoint'
 require 'chef_zero/endpoints/organization_users_endpoint'
 require 'chef_zero/endpoints/organization_user_endpoint'
 require 'chef_zero/endpoints/organization_validator_key_endpoint'
-require 'chef_zero/endpoints/principal_endpoint'
 require 'chef_zero/endpoints/policies_endpoint'
+require 'chef_zero/endpoints/policy_endpoint'
+require 'chef_zero/endpoints/policy_revisions_endpoint'
+require 'chef_zero/endpoints/policy_revision_endpoint'
+require 'chef_zero/endpoints/policy_groups_endpoint'
+require 'chef_zero/endpoints/policy_group_endpoint'
+require 'chef_zero/endpoints/policy_group_policy_endpoint'
+require 'chef_zero/endpoints/principal_endpoint'
 require 'chef_zero/endpoints/role_endpoint'
 require 'chef_zero/endpoints/role_environments_endpoint'
 require 'chef_zero/endpoints/sandboxes_endpoint'
@@ -89,6 +100,7 @@ require 'chef_zero/endpoints/version_endpoint'
 require 'chef_zero/endpoints/server_api_version_endpoint'
 
 module ChefZero
+
   class Server
 
     DEFAULT_OPTIONS = {
@@ -443,6 +455,24 @@ module ChefZero
         end
       end
 
+      if contents['policies']
+        contents['policies'].each_pair do |policy_name, policy_struct|
+          # data_store.create_dir(['organizations', org_name, 'policies', policy_name], "revisions", :recursive)
+          dejsonize_children(policy_struct).each do |revision, policy_data|
+            data_store.set(['organizations', org_name, 'policies', policy_name,
+                            "revisions", revision], policy_data, :create, :create_dir)
+          end
+        end
+      end
+
+      if contents['policy_groups']
+        contents['policy_groups'].each_pair do |group_name, group|
+          group['policies'].each do |policy_name, policy_revision|
+            data_store.set(['organizations', org_name, 'policy_groups', group_name, 'policies', policy_name], FFI_Yajl::Encoder.encode(policy_revision['revision_id'], :pretty => true), :create, :create_dir)
+          end
+        end
+      end
+
       if contents['cookbooks']
         contents['cookbooks'].each_pair do |name_version, cookbook|
           if name_version =~ /(.+)-(\d+\.\d+\.\d+)$/
@@ -481,7 +511,7 @@ module ChefZero
 
     private
 
-    def open_source_endpoints
+    def endpoints
       result = if options[:osc_compat]
         # OSC-only
         [
@@ -525,11 +555,15 @@ module ChefZero
       end
       result + [
         # Both
+        [ "/dummy", DummyEndpoint.new(self) ],
         [ "/organizations/*/clients", ActorsEndpoint.new(self) ],
         [ "/organizations/*/clients/*", ActorEndpoint.new(self) ],
         [ "/organizations/*/cookbooks", CookbooksEndpoint.new(self) ],
         [ "/organizations/*/cookbooks/*", CookbookEndpoint.new(self) ],
         [ "/organizations/*/cookbooks/*/*", CookbookVersionEndpoint.new(self) ],
+        [ "/organizations/*/cookbook_artifacts", CookbookArtifactsEndpoint.new(self) ],
+        [ "/organizations/*/cookbook_artifacts/*", CookbookArtifactsCookbookEndpoint.new(self) ],
+        [ "/organizations/*/cookbook_artifacts/*/*", CookbookArtifactsCookbookIdentifierEndpoint.new(self) ],
         [ "/organizations/*/data", DataBagsEndpoint.new(self) ],
         [ "/organizations/*/data/*", DataBagEndpoint.new(self) ],
         [ "/organizations/*/data/*/*", DataBagItemEndpoint.new(self) ],
@@ -541,10 +575,16 @@ module ChefZero
         [ "/organizations/*/environments/*/nodes", EnvironmentNodesEndpoint.new(self) ],
         [ "/organizations/*/environments/*/recipes", EnvironmentRecipesEndpoint.new(self) ],
         [ "/organizations/*/environments/*/roles/*", EnvironmentRoleEndpoint.new(self) ],
-        [ "/organizations/*/nodes", RestListEndpoint.new(self) ],
+        [ "/organizations/*/nodes", NodesEndpoint.new(self) ],
         [ "/organizations/*/nodes/*", NodeEndpoint.new(self) ],
         [ "/organizations/*/nodes/*/_identifiers", NodeIdentifiersEndpoint.new(self) ],
-        [ "/organizations/*/policies/*/*", PoliciesEndpoint.new(self) ],
+        [ "/organizations/*/policies", PoliciesEndpoint.new(self) ],
+        [ "/organizations/*/policies/*", PolicyEndpoint.new(self) ],
+        [ "/organizations/*/policies/*/revisions", PolicyRevisionsEndpoint.new(self) ],
+        [ "/organizations/*/policies/*/revisions/*", PolicyRevisionEndpoint.new(self) ],
+        [ "/organizations/*/policy_groups", PolicyGroupsEndpoint.new(self) ],
+        [ "/organizations/*/policy_groups/*", PolicyGroupEndpoint.new(self) ],
+        [ "/organizations/*/policy_groups/*/policies/*", PolicyGroupPolicyEndpoint.new(self) ],
         [ "/organizations/*/principals/*", PrincipalEndpoint.new(self) ],
         [ "/organizations/*/roles", RestListEndpoint.new(self) ],
         [ "/organizations/*/roles/*", RoleEndpoint.new(self) ],
@@ -570,7 +610,7 @@ module ChefZero
 
     def app
       return @app if @app
-      router = RestRouter.new(open_source_endpoints)
+      router = RestRouter.new(endpoints)
       router.not_found = NotFoundEndpoint.new
 
       if options[:single_org]