chef_fixie 0.4.0 → 1.0.3

data/lib/chef_fixie/check_org_associations.rb

@@ -18,40 +18,44 @@
 # Author: Mark Anderson <mark@chef.io>
 #
 
-require_relative 'config'
-require_relative 'authz_objects'
-require_relative 'authz_mapper'
-require_relative 'utility_helpers'
+require_relative "config"
+require_relative "authz_objects"
+require_relative "authz_mapper"
+require_relative "utility_helpers"
 
 module ChefFixie
   module CheckOrgAssociations
     def self.orgs
       @orgs ||= ChefFixie::Sql::Orgs.new
     end
+
     def self.users
       @users ||= ChefFixie::Sql::Users.new
     end
+
     def self.assocs
       @assocs ||= ChefFixie::Sql::Associations.new
     end
+
     def self.invites
       invites ||= ChefFixie::Sql::Invites.new
     end
 
     def self.make_user(user)
       if user.is_a?(String)
-        return users[user]
+        users[user]
       elsif user.is_a?(ChefFixie::Sql::User)
-        return user
+        user
       else
         raise "Expected a user, got a #{user.class}"
       end
     end
+
     def self.make_org(org)
       if org.is_a?(String)
-        return orgs[org]
+        orgs[org]
       elsif org.is_a?(ChefFixie::Sql::Org)
-        return org
+        org
       else
         raise "Expected an org, got a #{org.class}"
       end
@@ -61,7 +65,6 @@ module ChefFixie
       user = make_user(user)
       org = make_org(org)
       org.groups[user.id]
-
     end
 
     def self.check_association(org, user, global_admins = nil)
@@ -85,7 +88,7 @@ module ChefFixie
         return :user_not_in_usag
       end
 
-      if !org.groups['users'].member?(usag)
+      if !org.groups["users"].member?(usag)
         return :usag_not_in_users
       end
 
@@ -96,7 +99,7 @@ module ChefFixie
       if invites.by_org_id_user_id(org.id, user.id)
         return :zombie_invite
       end
-      return true
+      true
     end
 
     def self.fix_association(org, user, global_admins = nil)
@@ -105,7 +108,7 @@ module ChefFixie
       user = users[user] if user.is_a?(String)
       global_admins ||= org.global_admins
 
-      failure = check_association(org,user,global_admins)
+      failure = check_association(org, user, global_admins)
 
       case failure
       when true
@@ -115,14 +118,14 @@ module ChefFixie
         usag.group_add(user)
       when :usag_not_in_users
         usag = org.groups[user.id]
-        org.groups['users'].group_add(usag)
+        org.groups["users"].group_add(usag)
       when :global_admins_lacks_read
         user.ace_add(:read, global_admins)
       else
         puts "#{org.name} #{user.name} can't fix problem #{failure} yet"
         return false
       end
-      return true
+      true
     end
 
     def self.check_associations(org)
@@ -140,56 +143,54 @@ module ChefFixie
       users_assoc = assocs.by_org_id(org.id).all(:all)
       users_invite = invites.by_org_id(org.id).all(:all)
 
-      user_ids = users_assoc.map {|a| a.user_id }
-      users_in_org = user_ids.map {|i| users.by_id(i).all.first }
-      usernames = users_in_org.map {|u| u.name }
-
+      user_ids = users_assoc.map { |a| a.user_id }
+      users_in_org = user_ids.map { |i| users.by_id(i).all.first }
+      usernames = users_in_org.map { |u| u.name }
 
       # check that users aren't both invited and associated
-      invited_ids = users_invite.map {|a| a.user_id }
+      invited_ids = users_invite.map { |a| a.user_id }
       overlap_ids = user_ids & invited_ids
 
       if !overlap_ids.empty?
-        overlap_names = overlap_ids.map {|i| users.by_id(i).all.first.name rescue "#{i}" }
-        puts "#{orgname} users both associated and invited: #{overlap_names.join(', ') }"
+        overlap_names = overlap_ids.map { |i| users.by_id(i).all.first.name rescue "#{i}" }
+        puts "#{orgname} users both associated and invited: #{overlap_names.join(', ')}"
         success = false
       end
 
       # Check that we don't have zombie USAGs left around (not 100% reliable)
       # because someone could create a group that looks like a USAG
       possible_usags = org.groups.list(:all) - user_ids
-      usags = possible_usags.select {|n| n =~ /^\h+{20}$/ }
+      usags = possible_usags.select { |n| n =~ /^\h+{20}$/ }
       if !usags.empty?
-        puts "#{orgname} Suspicious USAGS without associated user #{usags.join(', ') }"
+        puts "#{orgname} Suspicious USAGS without associated user #{usags.join(', ')}"
       end
 
       # Check group membership for sanity
-      success &= check_group(org, 'billing-admins', usernames)
-      success &= check_group(org, 'admins', usernames)
+      success &= check_group(org, "billing-admins", usernames)
+      success &= check_group(org, "admins", usernames)
 
       # TODO check for non-usags in users!
-      users_members = org.groups['users'].group
-      users_actors = users_members['actors'] - [[:global, "pivotal"]]
+      users_members = org.groups["users"].group
+      users_actors = users_members["actors"] - [[:global, "pivotal"]]
       if !users_actors.empty?
         puts "#{orgname} has actors in it's users group #{users_actors}"
       end
-      non_usags = users_members['groups'].map {|g| g[1] } - user_ids
+      non_usags = users_members["groups"].map { |g| g[1] } - user_ids
       if !non_usags.empty?
         puts "#{orgname} warning: has non usags in it's users group #{non_usags.join(', ')}"
       end
 
-
       # Check individual associations
       users_in_org.each do |user|
-        result = self.check_association(org,user,global_admins)
-        if (result != true)
+        result = check_association(org, user, global_admins)
+        if result != true
           puts "Org #{orgname} Association check failed for #{user.name} #{result}"
           success = false
         end
       end
 
       puts "Org #{orgname} is #{success ? 'ok' : 'bad'} (#{users_in_org.count} users)"
-      return success
+      success
     end
 
     # expect at least one current user to be in admins and billing admins
@@ -199,21 +200,21 @@ module ChefFixie
         puts "#{orgname} Missing group #{groupname}"
         return :no_such_group
       end
-      actors = g.group['actors'].map {|x| x[1] }
+      actors = g.group["actors"].map { |x| x[1] }
       live = actors & users
 
       if live.count == 0
         puts "Org #{org.name} has no active users in #{groupname}"
         return false
       end
-      return true
+      true
     end
-    
+
     def self.remove_association(org, user)
       # magic to make usage easier
       org = make_org(org)
       user = make_user(user)
-      
+
       # remove USAG
       usag = org.groups[user.id]
       usag.delete if usag
@@ -222,16 +223,16 @@ module ChefFixie
       org.groups.all(:all).each do |g|
         g.group_delete(user) if g.member?(user)
       end
-      
+
       # remove read ACE
       user.ace_delete(:read, org.global_admins)
 
       # remove association record
-      assoc = assocs.by_org_id_user_id(org.id,user.id)
+      assoc = assocs.by_org_id_user_id(org.id, user.id)
       assoc.delete if assoc
 
       # remove any invites
-      invite = invites.by_org_id_user_id(org.id,user.id)
+      invite = invites.by_org_id_user_id(org.id, user.id)
       invite.delete if invite
     end
   end

data/lib/chef_fixie/config.rb

@@ -18,10 +18,10 @@
 #
 # Much of this code was orginally derived from the orgmapper tool, which had many varied authors.
 
-require 'singleton'
-require 'ffi_yajl'
-require 'pathname'
-require 'veil'
+require "singleton"
+require "ffi_yajl"
+require "pathname"
+require "veil"
 
 module ChefFixie
   def self.configure
@@ -66,7 +66,7 @@ module ChefFixie
     KEYS = [:authz_uri, :sql_database, :superuser_id, :pivotal_key]
     KEYS.each { |k| attr_accessor k }
 
-    def merge_opts(opts={})
+    def merge_opts(opts = {})
       opts.each do |key, value|
         send("#{key}=".to_sym, value)
       end
@@ -84,7 +84,7 @@ module ChefFixie
         key_len > max ? key_len : max
       end
       KEYS.each do |key|
-        value = send(key) || 'default'
+        value = send(key) || "default"
         txt << "# %#{max_key_len}s: %s" % [key.to_s, value]
       end
       txt.join("\n")
@@ -102,25 +102,25 @@ module ChefFixie
     def load_from_pc(dir = "/etc/opscode")
       configdir = Pathname.new(dir)
 
-      config_files = %w(chef-server-running.json)
+      config_files = %w{chef-server-running.json}
       config = load_json_from_path([configdir], config_files)
 
-      secrets = load_secrets_from_path([configdir], %w(private-chef-secrets.json) )
+      secrets = load_secrets_from_path([configdir], %w{private-chef-secrets.json} )
 
-      authz_config = config['private_chef']['oc_bifrost']
-      authz_vip = authz_config['vip']
-      authz_port = authz_config['port']
+      authz_config = config["private_chef"]["oc_bifrost"]
+      authz_vip = authz_config["vip"]
+      authz_port = authz_config["port"]
       @authz_uri = "http://#{authz_vip}:#{authz_port}"
 
-      @superuser_id = dig(secrets,['oc_bifrost','superuser_id']) || authz_config['superuser_id']
+      @superuser_id = dig(secrets, %w{oc_bifrost superuser_id}) || authz_config["superuser_id"]
 
-      sql_config = config['private_chef']['postgresql']
-      erchef_config = config['private_chef']['opscode-erchef']
+      sql_config = config["private_chef"]["postgresql"]
+      erchef_config = config["private_chef"]["opscode-erchef"]
 
-      sql_user = sql_config['sql_user'] || erchef_config['sql_user']
-      sql_pw = dig(secrets, ['opscode_erchef', 'sql_password']) || sql_config['sql_password'] || erchef_config['sql_password']
-      sql_vip = sql_config['vip']
-      sql_port = sql_config['port']
+      sql_user = sql_config["sql_user"] || erchef_config["sql_user"]
+      sql_pw = dig(secrets, %w{opscode_erchef sql_password}) || sql_config["sql_password"] || erchef_config["sql_password"]
+      sql_vip = sql_config["vip"]
+      sql_port = sql_config["port"]
 
       @sql_database = "postgres://#{sql_user}:#{sql_pw}@#{sql_vip}/opscode_chef"
 
@@ -139,6 +139,7 @@ module ChefFixie
         end
       end
     end
+
     def load_secrets_from_path(pathlist, filelist)
       pathlist.each do |path|
         filelist.each do |file|
@@ -156,7 +157,7 @@ module ChefFixie
       if hash.respond_to?(:get)
         hash.get(*list)
       elsif hash.nil?
-        nil?
+        nil
       elsif list.empty?
         hash
       else

data/lib/chef_fixie/console.rb

@@ -18,12 +18,12 @@
 #
 # Much of this code was orginally derived from the orgmapper tool, which had many varied authors.
 
-require 'optparse'
-require 'pp'
-require 'pry'
+require "optparse"
+require "pp"
+require "pry"
 
-require_relative '../chef_fixie'
-require_relative 'context'
+require_relative "../chef_fixie"
+require_relative "context"
 
 module ChefFixie
   module Console
@@ -47,9 +47,9 @@ module ChefFixie
       options = {}
       OptionParser.new do |opt|
         opt.banner = "Usage: fixie [config] [options]"
-        opt.on('--authz_uri AUTH_URI', "The URI of the opscode authz service") { |v| options[:authz_uri] =v }
-        opt.on("--sql_database DATABASE", 'The URI of the opscode_chef database') { |v| options[:sql_database] = v }
-        opt.on_tail('-h', '--help', 'Show this message') do
+        opt.on("--authz_uri AUTH_URI", "The URI of the opscode authz service") { |v| options[:authz_uri] = v }
+        opt.on("--sql_database DATABASE", "The URI of the opscode_chef database") { |v| options[:sql_database] = v }
+        opt.on_tail("-h", "--help", "Show this message") do
           puts opt
           puts "\nExample configuration file:\n\n"
           puts ChefFixie::Config.instance.example_config
@@ -68,7 +68,7 @@ module ChefFixie
       Pry.config.history.file = "~/.fixie_history"
       Pry.config.prompt_name = "fixie"
       Pry::Commands.block_command("fixie-help", "Show fixie's help") do
-      output.puts(<<-HALP)
+        output.puts(<<-HALP)
 ** ORGS **
 * access with ORGS or ORGS
 * access a specific org: ORGS['orgname']

data/lib/chef_fixie/context.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2015 Chef Software Inc. 
+# Copyright (c) 2015 Chef Software Inc.
 # License :: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,9 +18,8 @@
 #
 # Much of this code was orginally derived from the orgmapper tool, which had many varied authors.
 
-
 module ChefFixie
-    module Context
+  module Context
 
     def describe_orgs
       OrgMetrics.org_stats(orgs)
@@ -67,6 +66,5 @@ module ChefFixie
 
       ChefFixie::Dissociator.dissociate_user(org, user)
     end
-
   end
 end

data/lib/chef_fixie/sql.rb

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2014-2015 Chef Software Inc. 
+# Copyright (c) 2014-2015 Chef Software Inc.
 # License :: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,20 +16,20 @@
 #
 # Author: Mark Anderson <mark@chef.io>
 
-require 'ffi_yajl'
-require 'uuidtools'
-require 'sequel'
+require "ffi_yajl"
+require "uuidtools"
+require "sequel"
 
-require_relative 'config'
+require_relative "config"
 
 Sequel.default_timezone = :utc
 
 module ChefFixie
   module Sql
-    
+
     class InvalidConfig < StandardError
     end
-    
+
     # A connection string passed to Sequel.connect()
     #
     # Examples:
@@ -46,25 +46,25 @@ module ChefFixie
 
     # Returns the connection string or raises an error if you didn't set one.
     def self.connection_string
-      @connection_string ||= ChefFixie.configure {|x| x.sql_database }
+      @connection_string ||= ChefFixie.configure { |x| x.sql_database }
     end
-    
+
     # Returns a Sequel::Data baseobject, which wraps access to the database.
     def self.default_connection
       @database ||= Sequel.connect(connection_string, :max_connections => 2)
       #      @database.loggers << Logger.new($stdout)
     end
-    
+
     # Generate a new UUID. Currently uses the v1 UUID scheme.
     def new_uuid
       UUIDTools::UUID.timestamp_create.hexdigest
     end
-    
+
     # Parse the portion of the object that's stored as a blob o' JSON
     def from_json(serialized_data)
       FFI_Yajl::Parser.parse(serialized_data, :symbolize_keys => true)
     end
-    
+
     # Encode the portion of the object that's stored as a blob o' JSON
     def as_json(data)
       FFI_Yajl::Encoder.encode(data)