chook 1.0.1.b2 → 1.1.5

data/lib/chook/server/routes/handle_webhook_event.rb

@@ -29,9 +29,33 @@ module Chook
   class Server < Sinatra::Base
 
     post '/handle_webhook_event' do
-      request.body.rewind # in case someone already read it
-      event = Chook::HandledEvent.parse_event request.body.read
-      event.handle
+      # enforce http basic auth if needed
+      protect_via_basic_auth!
+
+      # rewind to ensure read-pointer is at the start
+      request.body.rewind #
+      raw_json = request.body.read
+
+      event = Chook::HandledEvent.parse_event raw_json
+      if event.nil?
+        logger.error "Empty JSON from #{request.ip}"
+        result = 400
+      else
+
+        event.logger.debug "START From #{request.ip}, WebHook '#{event.webhook_name}' (id: #{event.webhook_id})"
+        event.logger.debug "Thread id: #{Thread.current.object_id}; JSON: #{raw_json}"
+
+        result = event.handle
+
+        event.logger.debug "END #{result}"
+      end
+
+      # this route shouldn't have a session expiration
+      # And when it does, the date format is wrong, and the
+      # JAMFSoftwareServerLog complains about it for every
+      # webhook sent.
+      env['rack.session.options'].delete :expire_after
+      result
     end # post
 
   end # class

data/lib/chook/server/routes/handlers.rb

@@ -0,0 +1,52 @@
+### Copyright 2017 Pixar
+
+###
+###    Licensed under the Apache License, Version 2.0 (the "Apache License")
+###    with the following modification; you may not use this file except in
+###    compliance with the Apache License and the following modification to it:
+###    Section 6. Trademarks. is deleted and replaced with:
+###
+###    6. Trademarks. This License does not grant permission to use the trade
+###       names, trademarks, service marks, or product names of the Licensor
+###       and its affiliates, except as required to comply with Section 4(c) of
+###       the License and to reproduce the content of the NOTICE file.
+###
+###    You may obtain a copy of the Apache License at
+###
+###        http://www.apache.org/licenses/LICENSE-2.0
+###
+###    Unless required by applicable law or agreed to in writing, software
+###    distributed under the Apache License with the above modification is
+###    distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+###    KIND, either express or implied. See the Apache License for the specific
+###    language governing permissions and limitations under the Apache License.
+###
+###
+
+module Chook
+
+  # see server.rb
+  class Server < Sinatra::Base
+
+    # reload the handlers
+    get '/reload_handlers' do
+      logger.info 'Reloading handlers'
+      Chook::HandledEvent::Handlers.load_handlers reload: true
+      'Handlers reloaded'
+    end # get /
+
+    # used by javascript to fetch the content of a handler file
+    get '/handler_code' do
+      file = Pathname.new params[:filepath]
+
+      # only if its a known handler path
+      if Chook::HandledEvent::Handlers.all_handler_paths.include?(file) && file.file?
+        body file.read
+      else
+        404
+      end
+    end
+
+  end # class
+
+end # module

data/lib/chook/server/routes/home.rb

@@ -29,7 +29,54 @@ module Chook
   class Server < Sinatra::Base
 
     get '/' do
-      body "Hello, this is Chook, a Jamf Pro WebHook handling service from Pixar Animation Studios!\n"
+
+      # a list of current handlers for the admin page
+      @handlers_for_admin_page = []
+
+      Chook::HandledEvent::Handlers.handlers.keys.sort.each do |eventname|
+        Chook::HandledEvent::Handlers.handlers[eventname].each do |handler|
+          if handler.is_a? Pathname
+            file = handler
+            type = :external
+          else
+            file = handler.handler_file
+            type = :internal
+          end # if else
+          @handlers_for_admin_page << { event: eventname, file: file, type: type }
+        end # handlers each
+      end # Handlers.handlers.each
+
+      # a list of current named handlers for the admin page
+      @named_handlers_for_admin_page = []
+
+      Chook::HandledEvent::Handlers.named_handlers.each do |name, handler|
+        if handler.is_a? Pathname
+          file = handler
+          type = :external
+        else
+          file = handler.handler_file
+          type = :internal
+        end # if else
+        @named_handlers_for_admin_page << { file: file, type: type }
+      end # handlers each
+
+
+      # the current config, for the admin page
+      @config_text =
+        if Chook::Configuration::DEFAULT_CONF_FILE.file?
+          @config_src = Chook::Configuration::DEFAULT_CONF_FILE.to_s
+          Chook::Configuration::DEFAULT_CONF_FILE.read
+
+        elsif Chook::Configuration::SAMPLE_CONF_FILE.file?
+          @config_src = "Using default values, showing sample config file at #{Chook::Configuration::SAMPLE_CONF_FILE}"
+          Chook::Configuration::SAMPLE_CONF_FILE.read
+
+        else
+          @config_src = "No #{Chook::Configuration::DEFAULT_CONF_FILE} or sample config file found."
+          @config_src
+        end
+
+      haml :admin
     end # get /
 
   end # class

data/lib/chook/server/routes/log.rb

@@ -0,0 +1,105 @@
+### Copyright 2017 Pixar
+
+###
+###    Licensed under the Apache License, Version 2.0 (the "Apache License")
+###    with the following modification; you may not use this file except in
+###    compliance with the Apache License and the following modification to it:
+###    Section 6. Trademarks. is deleted and replaced with:
+###
+###    6. Trademarks. This License does not grant permission to use the trade
+###       names, trademarks, service marks, or product names of the Licensor
+###       and its affiliates, except as required to comply with Section 4(c) of
+###       the License and to reproduce the content of the NOTICE file.
+###
+###    You may obtain a copy of the Apache License at
+###
+###        http://www.apache.org/licenses/LICENSE-2.0
+###
+###    Unless required by applicable law or agreed to in writing, software
+###    distributed under the Apache License with the above modification is
+###    distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+###    KIND, either express or implied. See the Apache License for the specific
+###    language governing permissions and limitations under the Apache License.
+###
+###
+
+module Chook
+
+  # see server.rb
+  class Server < Sinatra::Base
+
+    # External Handlers can use this route to make log entries.
+    #
+    # The request body must be a JSON object (Hash) wth 2 keys 'level' and 'message'
+    # where both values are strings
+    #
+    # Here's an example with curl, split to multi-line for clarity:
+    #
+    # curl -H "Content-Type: application/json" \
+    #   -X POST \
+    #   --data '{"level":"debug", "message":"It Worked"}' \
+    #   https://user:passwd@chookserver.myorg.org:443/log
+    #
+    post '/log' do
+      protect_via_basic_auth!
+
+      request.body.rewind # in case someone already read it
+      raw = request.body.read
+
+      begin
+        logentry = JSON.parse raw, symbolize_names: true
+        raise if logentry[:level].to_s.empty? || logentry[:message].to_s.empty?
+      rescue
+        Chook::Server::Log.logger.error "Malformed log entry JSON from #{request.ip}: #{raw}"
+        halt 409, "Malformed log entry JSON: #{raw}"
+      end
+
+      level = logentry[:level].to_sym
+      level = :unknown unless Chook::Server::Log::LOG_LEVELS.key? level
+      Chook::Server::Log.logger.send level, "ExternalEntry: #{logentry[:message]}"
+
+      { result: 'logged', level: level }.to_json
+    end # post /
+
+    # AJAXy access to a log stream
+    # When an admin displays the log on the chook admin/home page,
+    # the page's javascript starts the stream as an EventSource
+    # from this url.
+    #
+    # The innards are taken almost verbatim from the Sinatra README
+    # docs.
+    #
+    # See also logstream.js and views/admin.haml
+    #
+    #
+    get '/subscribe_to_log_stream', provides: 'text/event-stream' do
+      content_type 'text/event-stream'
+      cache_control 'no-cache'
+
+      # register a client's interest in server events
+      stream(:keep_open) do |outbound_stream|
+        # add this connection to the array of streams
+        Chook::Server::Log.log_streams[outbound_stream] = request.ip
+        logger.debug "Added log stream for #{request.ip}"
+        # purge dead connections
+        Chook::Server::Log.clean_log_streams
+      end # stream
+    end
+
+    # set the log level via the admin page.
+    put '/set_log_level/:level' do
+      level = params[:level].to_sym
+      level = :unknown unless Chook::Server::Log::LOG_LEVELS.key? level
+      Chook.logger.level = level
+      Chook.logger.unknown "Log level changed, now: #{level}"
+      { result: 'level changed', level: level }.to_json
+    end
+
+    # get the log level via the admin page.
+    get '/current_log_level' do
+      Chook::Server::Log::LOG_LEVELS.invert[Chook.logger.level].to_s
+    end
+
+  end # class
+
+end # module

data/lib/chook/server/routes/login_logout.rb

@@ -0,0 +1,48 @@
+### Copyright 2017 Pixar
+
+###
+###    Licensed under the Apache License, Version 2.0 (the "Apache License")
+###    with the following modification; you may not use this file except in
+###    compliance with the Apache License and the following modification to it:
+###    Section 6. Trademarks. is deleted and replaced with:
+###
+###    6. Trademarks. This License does not grant permission to use the trade
+###       names, trademarks, service marks, or product names of the Licensor
+###       and its affiliates, except as required to comply with Section 4(c) of
+###       the License and to reproduce the content of the NOTICE file.
+###
+###    You may obtain a copy of the Apache License at
+###
+###        http://www.apache.org/licenses/LICENSE-2.0
+###
+###    Unless required by applicable law or agreed to in writing, software
+###    distributed under the Apache License with the above modification is
+###    distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+###    KIND, either express or implied. See the Apache License for the specific
+###    language governing permissions and limitations under the Apache License.
+###
+###
+
+module Chook
+
+  # see server.rb
+  class Server < Sinatra::Base
+
+    # reload the handlers
+    get '/logout' do
+      session[:authed_admin] = nil
+      session[:auth_failed] = nil
+      redirect '/'
+    end # get /
+
+    # reload the handlers
+    post '/login' do
+      Chook.logger.debug "Attempting to log in #{params[:username]}"
+      session[:auth_failed] = !authenticate_admin(params[:username], params[:password])
+      redirect '/'
+    end # get /
+
+
+  end # class
+
+end # module

data/lib/chook/server/views/admin.haml

@@ -0,0 +1,11 @@
+%hr/
+%hr/
+= haml :logstream
+
+%hr/
+%hr/
+= haml :handlers
+
+%hr/
+%hr/
+= haml :config

data/lib/chook/server/views/bak.haml

@@ -0,0 +1,48 @@
+%hr/
+.section_label#log_label
+  The Live Chook Log
+      
+  %button#view_log_btn{ type: 'button', onClick: 'view_log();', title: 'view the live Chook log' }
+    View
+  %button#hide_log_btn{ type: 'button', onClick: 'hide_log();', title: 'hide the live Chook log' }
+    Hide
+       Log Level:
+  %select#log_level_select{ onchange: 'change_log_level();' }
+    %option{ value: 'fatal', selected: Chook.logger.level == Logger::FATAL } fatal
+    %option{ value: 'error', selected: Chook.logger.level == Logger::ERROR } error
+    %option{ value: 'warn', selected: Chook.logger.level == Logger::WARN } warn
+    %option{ value: 'info', selected: Chook.logger.level == Logger::INFO } info
+    %option{ value: 'debug', selected: Chook.logger.level == Logger::DEBUG } debug
+
+#logbox_div
+  #logbox_btns
+    %input#pause_log{ type: 'checkbox', checked: false, onclick: 'update_logbox();' }
+      Pause
+        
+    %button#clear_log_btn{ type: 'button', onClick: 'clear_log();', title: 'clear the live Chook log' }
+      Clear
+
+  // Log Level: [popup list] (set)
+  %textarea.monospaced#logbox{ readonly: true, rows: 20, cols: 150 }
+
+%hr/
+.section_label#handlers_label
+  Current Webhook Handlers (#{@handlers_for_admin_page.size})
+      
+
+  %button#view_handlers_btn{ type: 'button', onClick: 'view_handlers();', title: 'view the handler list' }
+    View
+  %button#hide_handlers_btn{ type: 'button', onClick: 'hide_handlers();', title: 'hide the handler list' }
+    Hide
+      
+
+  Handler Directory:
+  %span.monospaced
+    = Chook.config.handler_dir.to_s
+
+#handlers_div
+  %table#handlers_table
+    %tr
+      %th Event
+      %th Handler Type
+      %th File Name

data/lib/chook/server/views/config.haml

@@ -0,0 +1,15 @@
+.section_label#config_label
+  %button#view_config_btn{ type: 'button', onClick: 'view_config();', title: 'view the config file' }
+    View
+  %button#hide_config_btn{ type: 'button', onClick: 'hide_config();', title: 'hide the config file' }
+    Hide
+      
+
+  Configuration
+
+#config_div
+  Config file:
+  %span.monospaced= @config_src
+
+  #config_viewer_div
+    %textarea.monospaced#config_box{ readonly: true, rows: 20, cols: 150 }= @config_text

data/lib/chook/server/views/handlers.haml

@@ -0,0 +1,63 @@
+.section_label#handlers_label
+  %button#view_handlers_btn{ type: 'button', onClick: 'view_handlers();', title: 'view the handler list' }
+    View
+  %button#hide_handlers_btn{ type: 'button', onClick: 'hide_handlers();', title: 'hide the handler list' }
+    Hide
+      
+
+  Current Webhook Handlers (#{@handlers_for_admin_page.size + @named_handlers_for_admin_page.size})
+
+  %button#reload_all_handlers_btn{ type: 'button', onClick: 'reload_handlers();', title: 'reload all handlers' }
+    Reload All
+    
+  %span#reloaded_notification
+
+#handlers_div
+  General Handler Directory:
+  %span.monospaced= Chook.config.handler_dir.to_s
+      
+
+  %table#handlers_table
+    %tr#handlers_table_header_row
+      %th.handlers_table_cell File Name
+      %th.handlers_table_cell{ width: '10%' } Handler Type
+      %th.handlers_table_cell Actions
+
+    - @handlers_for_admin_page.each do |hndlr_info|
+      %tr
+        %td.handlers_table_cell= hndlr_info[:file].basename.to_s
+        %td.handlers_table_cell= hndlr_info[:type].to_s
+        %td.handlers_table_cell
+          %button.edit_handler_btn{ type: 'button', onClick: "view_handler_code('#{hndlr_info[:file]}', '#{hndlr_info[:type]}');", title: 'View this handler' }
+            View
+  %br
+  %br
+  Named Handler Directory:
+  %span.monospaced= Chook.config.handler_dir.to_s + "/#{Chook::HandledEvent::Handlers::NAMED_HANDLER_SUBDIR}"
+      
+
+  %table#handlers_table
+    %tr#handlers_table_header_row
+      %th.handlers_table_cell File Name
+      %th.handlers_table_cell{ width: '10%' } Handler Type
+      %th.handlers_table_cell Actions
+
+    - @named_handlers_for_admin_page.each do |hndlr_info|
+      %tr
+        %td.handlers_table_cell= hndlr_info[:file].basename.to_s
+        %td.handlers_table_cell= hndlr_info[:type].to_s
+        %td.handlers_table_cell
+          %button.edit_handler_btn{ type: 'button', onClick: "view_handler_code('#{hndlr_info[:file]}', '#{hndlr_info[:type]}');", title: 'View this handler' }
+            View
+
+  #handler_viewer_div
+    %input#currently_viewing_handler_file{ name: 'currently_viewing_handler_file', type: :hidden }
+    %input#currently_editing_handler_type{ name: 'currently_editing_handler_type', type: :hidden }
+    #currently_viewing_handler_label
+      %button#hide_handler_viewer_btn{ type: 'button', onClick: 'hide_handler_viewer();', title: 'hide the handler editor' }
+        Hide
+          
+      %span.monospaced#currently_viewing_filename -nothing-
+
+
+    %textarea.monospaced#handler_viewer{ rows: 35 , readonly: true }

data/lib/chook/server/views/layout.haml

@@ -0,0 +1,64 @@
+!!!
+%html{ lang: 'en' }
+
+  %head
+
+    %meta{ charset: 'UTF-8' }
+    %title
+      Chook
+
+    / CSS
+    %link{ href: '/css/chook.css', rel: 'stylesheet' }
+
+    / JavaScript
+    %script{ type: 'text/javascript', language: 'javascript', src: '/js/chook.js' }
+    %script{ type: 'text/javascript', language: 'javascript', src: '/js/logstream.js' }
+
+  %body
+    / Top
+    #pageheader
+      %table{ width: '100%' }
+        %tr
+          %td{ valign: 'bottom', width: '120' }
+            #header_logo
+              %img{ alt: '', height: '120', src: '/imgs/ChookLogoAlMcWhiggin.png', width: '120' }
+            #header_version
+              v#{Chook::VERSION}
+          %td
+            #definition
+              %span.chook_title Chook
+              %br/
+              %span.def_pronunciation /tʃʊk/ (also chookie /ˈtʃʊki/ )
+              %br/
+              %span.def_part_of_speech noun
+              %span.def_dialect Australian/NZ informal
+              %br/
+              %span.def_definition a chicken or fowl
+          %td#serverstats{ valign: 'bottom' }
+            Server started: #{Chook::Server.starttime.strftime '%Y-%m-%d %H:%M:%S'}
+            %br/
+            (#{Chook::Server.uptime})
+
+    %hr/
+    - if Chook.config.admin_user
+      #login_logout_div
+
+      - if session[:authed_admin]
+        %a{ href: '/logout' }
+          %button#logout_btn{ type: 'button' } Log Out
+        = yield
+
+      - else
+        %form#login_form{ name: 'login_form', method: 'POST', action: '/login' }
+          - if Chook.config.admin_user == Chook::Server::Auth::USE_JAMF_ADMIN_USER
+            Jamf Pro
+          Username:
+          %input#username{ type: :text, name: 'username' }
+          Password:
+          %input#password{ type: :password, name: 'password' }
+          %input#login_btn{ type: :submit, value: 'Log In' }
+          - if session[:auth_failed]
+            %span#login_incorrect     Login Incorrect!
+
+    - else
+      = yield