diaspora-vines 0.1.2 → 0.1.21

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a91e59620021a2556bf0d50d4075e0941fb584fe
-  data.tar.gz: 0f6e7afc2dd98e85c11b4880eda96e724d0db2ba
+  metadata.gz: a2e10ea8cd78c49254b4e8dc363d3d23759b40f6
+  data.tar.gz: aeedf0672a7578414f0b174b2ab0d61403c0f5b2
 SHA512:
-  metadata.gz: 5cc89b54b4ef8b580d80682fb292bc822b41d0cae04202764b2fd34c7c5b0fefd9b92b051f5ea885d2c6c5bb38680853e691221f95776c3c4f68b9debb205524
-  data.tar.gz: 2075d78c54789a78c626f37800f73b656645ade285f47eacdfd55d55c3f9561668229696c9e418db913a9c4046dfbd63c034a570b52d2776d79601ab2746b299
+  metadata.gz: 59a644d8dbd8cab888548ea2d49466ad27d5acc79f99097414d440f3942c72d7ec128ed33df3991841e6d409fca9fccaffc87552925532f0276e4a55e23ead3d
+  data.tar.gz: 7c85dcaaa5359bc99714cf24528b7e0f25731681339503e394b3c3856b5457cc81918395a2fce021d8172dc7ec9ef46e0137948e2ac8dcbee7323d87da4c38ba

data/README.md

@@ -1,6 +1,9 @@
 Diaspora XMPP Integration
 =========================
 
+**master** [ ![Build Status](https://travis-ci.org/diaspora/vines.svg?branch=master) ](https://travis-ci.org/diaspora/vines)  
+**develop** [ ![Build Status](https://travis-ci.org/diaspora/vines.svg?branch=develop) ](https://travis-ci.org/diaspora/vines)
+
 This XMPP server was forked from [Negativecode](http://www.getvines.org/)  
 and was slimmed down for [Diaspora](https://diasporafoundation.org) usage only!
 

data/conf/config.rb

@@ -1,12 +1,16 @@
 Vines::Config.configure do
   # Set the logging level to debug, info, warn, error, or fatal. The debug
   # level logs all XML sent and received by the server.
-  log :info
+  # If you want logging to STDOUT remove the path
+  # e.g. `log 'log/vines.log' do` becomes `log do`
+  log 'log/vines.log' do
+    level :info
+  end
 
   # Set the directory in which to look for virtual hosts' TLS certificates.
   # This is optional and defaults to the conf/certs directory created during
   # `vines init`.
-  #certs 'config/vines'
+  certs 'conf/certs'
 
   # Setup a pepper to generate the encrypted password.
   pepper "065eb8798b181ff0ea2c5c16aee0ff8b70e04e2ee6bd6e08b49da46924223e39127d5335e466207d42bf2a045c12be5f90e92012a4f05f7fc6d9f3c875f4c95b"

data/lib/vines/cluster/subscriber.rb

@@ -2,7 +2,7 @@
 
 module Vines
   class Cluster
-    # Subscribes to the redis nodes:all broadcast channel to listen for
+    # Subscribes to the redis `nodes:all` broadcast channel to listen for
     # heartbeats from other cluster members. Also subscribes to a channel
     # exclusively for this particular node, listening for stanzas routed to us
     # from other nodes.
@@ -22,6 +22,8 @@ module Vines
       # Create a new redis connection and subscribe to the nodes:all broadcast
       # channel as well as the channel for this cluster node. Redis connections
       # in subscribe mode cannot be used for other key/value operations.
+      #
+      # Returns nothing.
       def subscribe
         conn = @cluster.connect
         conn.subscribe(ALL)
@@ -35,6 +37,8 @@ module Vines
 
       # Recursively process incoming messages from the queue, guaranteeing they
       # are processed in the order they are received.
+      #
+      # Returns nothing.
       def process_messages
         @messages.pop do |channel, message|
           Fiber.new do
@@ -46,6 +50,11 @@ module Vines
 
       # Process messages as they arrive on the pubsub channels to which we're
       # subscribed.
+      #
+      # channel - The String channel name on which the message was received.
+      # message - The JSON formatted message String.
+      #
+      # Returns nothing.
       def on_message(channel, message)
         doc = JSON.parse(message)
         case channel
@@ -56,9 +65,13 @@ module Vines
         log.error("Cluster subscription message failed: #{e}")
       end
 
-      # Process a message sent to the nodes:all broadcast channel. In the case
+      # Process a message sent to the `nodes:all` broadcast channel. In the case
       # of node heartbeats, we update the last time we heard from this node so
       # we can cleanup its session if it goes offline.
+      #
+      # message - The parsed Hash of received message data.
+      #
+      # Returns nothing.
       def to_all(message)
         case message[TYPE]
         when ONLINE, HEARTBEAT
@@ -71,6 +84,10 @@ module Vines
       # Process a message published to this node's channel. Messages sent to
       # this channel are stanzas that need to be routed to connections attached
       # to this node.
+      #
+      # message - The parsed Hash of received message data.
+      #
+      # Returns nothing.
       def to_node(message)
         case message[TYPE]
         when STANZA then route_stanza(message)
@@ -80,6 +97,10 @@ module Vines
 
       # Send the stanza, from a remote cluster node, to locally connected
       # streams for the destination user.
+      #
+      # message - The parsed Hash of received message data.
+      #
+      # Returns nothing.
       def route_stanza(message)
         node = Nokogiri::XML(message[STANZA]).root rescue nil
         return unless node
@@ -95,6 +116,10 @@ module Vines
 
       # Update the roster information, that's cached in locally connected
       # streams, for this user.
+      #
+      # message - The parsed Hash of received message data.
+      #
+      # Returns nothing.
       def update_user(message)
         jid = JID.new(message['jid']).bare
         if user = @cluster.storage(jid.domain).find_user(jid)

data/lib/vines/config.rb

@@ -21,6 +21,7 @@ module Vines
     end
 
     def initialize(&block)
+      @pepper = "" # no pepper set
       @certs = File.expand_path('conf/certs')
       @vhosts, @ports, @cluster = {}, {}, nil
       @null = Storage::Null.new
@@ -47,7 +48,7 @@ module Vines
     end
 
     def pepper(pepper=nil)
-      pepper ? @pepper = pepper : @pepper = ""
+      pepper ? @pepper = pepper : @pepper
     end
 
     def domain_name
@@ -72,7 +73,20 @@ module Vines
       @cluster = Cluster.new(self, &block)
     end
 
-    def log(level)
+    def log(file=nil, &block)
+      unless file.nil?
+        unless File.exists?(file)
+          File.new(file, 'w') rescue raise "log directory doesn't exists"
+        end
+        
+        if File.exists?(file)
+          Vines::Log.set_log_file(file)
+        end
+      end
+      instance_eval(&block) if block  
+    end
+
+    def level(level)
       const = Logger.const_get(level.to_s.upcase) rescue nil
       unless LOG_LEVELS.include?(level.to_s) && const
         raise "log level must be one of: #{LOG_LEVELS.join(', ')}"

data/lib/vines/log.rb

@@ -20,5 +20,9 @@ module Vines
       end
       @@logger
     end
+
+    def self.set_log_file(file)
+      @@logger = Logger.new(file)
+    end
   end
 end

data/lib/vines/storage/sql.rb

@@ -1,19 +1,39 @@
-require 'active_record'
+# encoding: UTF-8
 
 module Vines
   class Storage
     class Sql < Storage
+      include Vines::Log
+
       register :sql
 
       class Person < ActiveRecord::Base; end
+      class Aspect < ActiveRecord::Base
+        belongs_to :users
+
+        has_many :aspect_memberships
+        has_many :contacts
+      end
+
+      class AspectMembership < ActiveRecord::Base
+        belongs_to :aspect
+        belongs_to :contact
+      
+        has_one :users, :through => :contact
+        has_one :person, :through => :contact
+      end
+
       class Contact < ActiveRecord::Base
-        belongs_to :user
+        belongs_to :users
         belongs_to :person
+
+        has_many :aspect_memberships
+        has_many :aspects, :through => :aspect_memberships
       end
 
       class User < ActiveRecord::Base
-        has_many :contacts#, through: :user_id
-        has_many :contact_people, :through => :contacts, :source => :person
+        has_many :contacts
+
         has_one :person, :foreign_key => :owner_id
       end
 
@@ -33,15 +53,15 @@ module Vines
       end
 
       def initialize(&block)
-        raise "You configured diaspora-sql adapter without Diaspora" unless defined? AppConfig
-        @config = {
-          :adapter => AppConfig.adapter.to_s,
-          :database => AppConfig.database.to_s,
-          :host => AppConfig.host.to_s,
-          :port => AppConfig.port.to_i,
-          :username => AppConfig.username.to_s,
-          :password => AppConfig.password.to_s
-        }
+        @config = {}
+        unless defined? Rails
+          raise "You configured diaspora-sql adapter without Diaspora environment"
+        end
+        
+        config = Rails.application.config.database_configuration[Rails.env]
+        %w[adapter database host port username password].each do |key|
+          @config[key.to_sym] = config[key]
+        end
 
         required = [:adapter, :database]
         required << [:host, :port] unless @config[:adapter] == 'sqlite3'
@@ -55,30 +75,16 @@ module Vines
         return if jid.empty?
         xuser = user_by_jid(jid)
         return Vines::User.new(jid: jid).tap do |user|
-          user.name, user.password = xuser.username, xuser.authentication_token
+          user.name, user.password, user.token =
+            xuser.username,
+            xuser.encrypted_password,
+            xuser.authentication_token
 
           xuser.contacts.each do |contact|
-            handle = contact.person.diaspora_handle
-            ask = 'none'
-            subscription = 'none'
-
-            if contact.sharing && contact.receiving
-              subscription = 'both'
-            elsif contact.sharing && !contact.receiving
-              ask = 'suscribe'
-              subscription = 'from'
-            elsif !contact.sharing && contact.receiving
-              subscription = 'to'
-            else
-              ask = 'suscribe'
+            entry = build_roster_entry(contact)
+            unless entry.nil?
+              user.roster << entry
             end
-            # finally build the roster entry
-            user.roster << Vines::Contact.new(
-              jid: handle,
-              name: handle.gsub(/\@.*?$/, ''),
-              subscription: subscription,
-              ask: ask
-            ) if handle
           end
         end if xuser
       end
@@ -87,17 +93,18 @@ module Vines
       def authenticate(username, password)
         user = find_user(username)
 
+        pepper = password
+        pepper << Config.instance.pepper unless Config
         dbhash = BCrypt::Password.new(user.password) rescue nil
-        hash = BCrypt::Engine.hash_secret("#{password}#{Config.instance.pepper}", dbhash.salt) rescue nil
+        hash = BCrypt::Engine.hash_secret(pepper, dbhash.salt) rescue nil
 
         userAuth = ((hash && dbhash) && hash == dbhash)
-        tokenAuth = ((password && user.password) && password == user.password)
+        tokenAuth = ((password && user) && password == user.token)
         (tokenAuth || userAuth)? user : nil
       end
 
       def save_user(user)
         # do nothing
-        #log.error("You cannot save a user via XMPP server!")
       end
       with_connection :save_user
 
@@ -125,7 +132,7 @@ module Vines
 
       private
         def establish_connection
-          ActiveRecord::Base.logger = Logger.new('/dev/null')
+          ActiveRecord::Base.logger = log # using vines logger
           ActiveRecord::Base.establish_connection(@config)
         end
 
@@ -133,6 +140,37 @@ module Vines
           name = JID.new(jid).node
           Sql::User.find_by_username(name)
         end
+
+        def build_roster_entry(contact)
+          groups = Array.new
+          contact.aspects.each do |aspect|
+            groups.push(aspect.name)
+          end
+
+          handle = contact.person.diaspora_handle
+          ask = 'none'
+          subscription = 'none'
+          
+          if contact.sharing && contact.receiving
+            subscription = 'both'
+          elsif contact.sharing && !contact.receiving
+            ask = 'suscribe'
+            subscription = 'from'
+          elsif !contact.sharing && contact.receiving
+            subscription = 'to'
+          else
+            ask = 'suscribe'
+          end
+
+          # finally build the roster entry
+          return Vines::Contact.new(
+            jid: handle,
+            name: handle.gsub(/\@.*?$/, ''),
+            subscription: subscription,
+            groups: groups,
+            ask: ask
+          ) || nil
+        end
     end
   end
 end

data/lib/vines/store.rb

@@ -1,37 +1,33 @@
 # encoding: UTF-8
 
 module Vines
-
   # An X509 certificate store that validates certificate trust chains.
   # This uses the conf/certs/*.crt files as the list of trusted root
   # CA certificates.
   class Store
-    include Vines::Log
-
     @@sources = nil
 
     # Create a certificate store to read certificate files from the given
     # directory.
+    #
+    # dir - The String directory name (absolute or relative).
     def initialize(dir)
       @dir = File.expand_path(dir)
       @store = OpenSSL::X509::Store.new
-      certs.each {|c|
-        begin
-          @store.add_cert(c)
-        rescue
-          # do nothing cert is already known
-          log.warn("WARNING! There are duplicate certificates")
-        end
-      }
+      certs.each {|cert| append(cert) }
     end
 
     # Return true if the certificate is signed by a CA certificate in the
     # store. If the certificate can be trusted, it's added to the store so
     # it can be used to trust other certs.
+    #
+    # pem - The PEM encoded certificate String.
+    #
+    # Returns true if the certificate is trusted.
     def trusted?(pem)
       if cert = OpenSSL::X509::Certificate.new(pem) rescue nil
         @store.verify(cert).tap do |trusted|
-          @store.add_cert(cert) if trusted rescue nil
+          append(cert) if trusted
         end
       end
     end
@@ -39,6 +35,11 @@ module Vines
     # Return true if the domain name matches one of the names in the
     # certificate. In other words, is the certificate provided to us really
     # for the domain to which we think we're connected?
+    #
+    # pem    - The PEM encoded certificate String.
+    # domain - The domain name String.
+    #
+    # Returns true if the certificate was issued for the domain.
     def domain?(pem, domain)
       if cert = OpenSSL::X509::Certificate.new(pem) rescue nil
         OpenSSL::SSL.verify_certificate_identity(cert, domain) rescue false
@@ -48,8 +49,10 @@ module Vines
     # Return the trusted root CA certificates installed in conf/certs. These
     # certificates are used to start the trust chain needed to validate certs
     # we receive from clients and servers.
+    #
+    # Returns an Array of OpenSSL::X509::Certificate objects.
     def certs
-      unless @@sources
+      @@sources ||= begin
         pattern = /-{5}BEGIN CERTIFICATE-{5}\n.*?-{5}END CERTIFICATE-{5}\n/m
         files = Dir[File.join(@dir, '*.crt')]
         files << AppConfig.environment.certificate_authorities if defined?(AppConfig)
@@ -61,7 +64,7 @@ module Vines
             [name, certs]
           end
         end
-        @@sources = Hash[pairs]
+        Hash[pairs]
       end
       @@sources.values.flatten
     end
@@ -71,31 +74,43 @@ module Vines
     # wildcard certificate files to serve several subdomains.
     #
     # Finding the certificate and private key file for a domain follows these steps:
-    # - look for <domain>.crt and <domain>.key files in the conf/certs directory.
-    #   if found, return those file names, else
-    # - inspect all conf/certs/*.crt files for certificates that contain the
+    #
+    # - Look for <domain>.crt and <domain>.key files in the conf/certs
+    #   directory. If found, return those file names, otherwise . . .
+    #
+    # - Inspect all conf/certs/*.crt files for certificates that contain the
     #   domain name either as the subject common name (CN) or as a DNS
     #   subjectAltName. The corresponding private key must be in a file of the
     #   same name as the certificate's, but with a .key extension.
     #
-    # So in the simplest configuration, the tea.wonderland.lit encryption files would
-    # be named conf/certs/tea.wonderland.lit.crt and conf/certs/tea.wonderland.lit.key.
+    # So in the simplest configuration, the tea.wonderland.lit encryption files
+    # would be named:
+    #
+    # - conf/certs/tea.wonderland.lit.crt
+    # - conf/certs/tea.wonderland.lit.key
     #
-    # However, in the case of a wildcard certificate for *.wonderland.lit, the
-    # files would be conf/certs/wonderland.lit.crt and conf/certs/wonderland.lit.key.
-    # These same two files would be returned for the subdomains of tea.wonderland.lit,
-    # crumpets.wonderland.lit, etc.
+    # However, in the case of a wildcard certificate for *.wonderland.lit,
+    # the files would be:
+    #
+    # - conf/certs/wonderland.lit.crt
+    # - conf/certs/wonderland.lit.key
+    #
+    # These same two files would be returned for the subdomains of:
+    #
+    # - tea.wonderland.lit
+    # - crumpets.wonderland.lit
+    # - etc.
+    #
+    # domain - The String domain name.
+    #
+    # Returns a two element String array for the certificate and private key
+    #   file names or nil if not found.
     def files_for_domain(domain)
       crt = File.expand_path("#{domain}.crt", @dir)
       key = File.expand_path("#{domain}.key", @dir)
-      # diaspora keys will be prioritized
-      if defined?(AppConfig)
-        crt = AppConfig.server.chat.certificate 
-        key = AppConfig.server.chat.key
-      end
       return [crt, key] if File.exists?(crt) && File.exists?(key)
 
-      # might be a wildcard cert file
+      # Might be a wildcard cert file.
       @@sources.each do |file, certs|
         certs.each do |cert|
           if OpenSSL::SSL.verify_certificate_identity(cert, domain)
@@ -106,5 +121,19 @@ module Vines
       end
       nil
     end
+
+    private
+
+    # Add a trusted certificate to the store, suppressing any OpenSSL errors
+    # caused by the certificate already being stored.
+    #
+    # cert - The OpenSSL::X509::Certificate to add.
+    #
+    # Returns nothing.
+    def append(cert)
+      @store.add_cert(cert)
+    rescue OpenSSL::X509::StoreError
+      # Already added to store.
+    end
   end
 end

data/lib/vines/user.rb

@@ -4,7 +4,7 @@ module Vines
   class User
     include Comparable
 
-    attr_accessor :name, :password, :roster
+    attr_accessor :name, :token, :password, :roster
     attr_reader :jid
 
     def initialize(args={})
@@ -13,6 +13,7 @@ module Vines
 
       @name = args[:name]
       @password = args[:password]
+      @token = args[:token]
       @roster = args[:roster] || []
     end
 
@@ -30,6 +31,7 @@ module Vines
     def update_from(user)
       @name = user.name
       @password = user.password
+      @token = user.token
       @roster = user.roster.map {|c| c.clone }
     end
 

data/lib/vines/version.rb

@@ -2,5 +2,5 @@
 
 module Vines
   # vines forked version 0.4.9
-  VERSION = '0.1.2'
+  VERSION = '0.1.21'
 end

data/lib/vines.rb

@@ -55,13 +55,13 @@ module Vines
 end
 
 begin
-  # try to initialize diaspora AppConfig
+  # try to initialize diaspora configuration
+  require "#{Dir.pwd}/config/application.rb"
   require "#{Dir.pwd}/config/load_config.rb"
-rescue LoadError
-  puts "Cannot find Diaspora environment! Fallback to vines configuration."
-end
+rescue LoadError; end
 
 %w[
+  active_record
   base64
   bcrypt
   digest/sha1

data/test/config_test.rb

@@ -353,10 +353,23 @@ describe Vines::Config do
     assert_equal 1, config.ports.size
   end
 
+  def test_not_existing_file_path
+    assert_raises(RuntimeError) do
+      config = Vines::Config.new do
+        log 'not/existing/path.log'
+      end
+      host 'wonderland.lit' do
+        storage(:fs) { dir Dir.tmpdir }
+      end
+    end
+  end
+
   def test_invalid_log_level
     assert_raises(RuntimeError) do
       config = Vines::Config.new do
-        log 'bogus'
+        log 'vines.log' do
+          level 'bogus'
+        end
         host 'wonderland.lit' do
           storage(:fs) { dir Dir.tmpdir }
         end
@@ -366,7 +379,9 @@ describe Vines::Config do
 
   def test_valid_log_level
     config = Vines::Config.new do
-      log :error
+      log 'vines.log' do
+        level :error
+      end
       host 'wonderland.lit' do
         storage(:fs) { dir Dir.tmpdir }
       end

data/test/storage/sql.rb

@@ -0,0 +1,78 @@
+# encoding: UTF-8
+
+require 'test_helper'
+require 'storage/sql_schema'
+
+module Diaspora
+  class Application < Rails::Application
+    def config.database_configuration
+      {
+        "development" => {
+          "adapter" => "sqlite3",
+          "database" => "test.db"
+        }
+      }
+    end
+  end
+end
+
+describe Vines::Storage::Sql do
+  include SqlSchema
+
+  before do
+    storage && create_schema(:force => true)
+    
+    Vines::Storage::Sql::User.new(
+      username: "test",
+      email: "test@test.de",
+      encrypted_password: "$2a$10$c2G6rHjGeamQIOFI0c1/b.4mvFBw4AfOtgVrAkO1QPMuAyporj5e6", # pppppp
+      authentication_token: "1234"
+    ).save
+  end
+
+  after do
+    db = Rails.application.config.database_configuration["development"]["database"]
+    File.delete(db) if File.exist?(db)
+  end
+
+  def test_find_user
+    fibered do
+      db = storage
+      user = db.find_user(nil)
+      assert_nil user
+
+      user = db.find_user("test@local.host")
+      assert (user != nil), "no user found"
+      assert_equal "test", user.name
+
+      user = db.find_user(Vines::JID.new("test@local.host"))
+      assert (user != nil), "no user found"
+      assert_equal "test", user.name
+
+      user = db.find_user(Vines::JID.new("test@local.host/resource"))
+      assert (user != nil), "no user found"
+      assert_equal "test", user.name
+    end
+  end
+
+  def test_authenticate
+    fibered do
+      db = storage
+
+      assert_nil db.authenticate(nil, nil)
+      assert_nil db.authenticate(nil, "secret")
+      assert_nil db.authenticate("bogus", nil)
+
+      # user credential auth
+      pepper = "065eb8798b181ff0ea2c5c16aee0ff8b70e04e2ee6bd6e08b49da46924223e39127d5335e466207d42bf2a045c12be5f90e92012a4f05f7fc6d9f3c875f4c95b"
+      user = db.authenticate("test@test.de", "pppppp#{pepper}")
+      assert (user != nil), "no user found"
+      assert_equal "test", user.name
+
+      # user token auth
+      user = db.authenticate("test@test.de", "1234")
+      assert (user != nil), "no user found"
+      assert_equal "test", user.name
+    end
+  end
+end

data/test/storage/sql_schema.rb

@@ -0,0 +1,117 @@
+module SqlSchema
+  def fibered
+    EM.run do
+      Fiber.new do
+        yield
+        EM.stop
+      end.resume
+    end
+  end
+
+  def storage
+    Vines::Storage::Sql.new
+  end
+
+  def create_schema(args={})
+    args[:force] ||= false
+    
+    ActiveRecord::Schema.define do
+      create_table "people", :force => true do |t|
+        t.string   "guid",                                     :null => false
+        t.text     "url",                                      :null => false
+        t.string   "diaspora_handle",                          :null => false
+        t.text     "serialized_public_key",                    :null => false
+        t.integer  "owner_id"
+        t.datetime "created_at",                               :null => false
+        t.datetime "updated_at",                               :null => false
+        t.boolean  "closed_account",        :default => false
+        t.integer  "fetch_status",          :default => 0
+      end
+      
+      add_index "people", ["diaspora_handle"], :name => "index_people_on_diaspora_handle", :unique => true
+      add_index "people", ["guid"], :name => "index_people_on_guid", :unique => true
+      add_index "people", ["owner_id"], :name => "index_people_on_owner_id", :unique => true
+
+      create_table "aspects", :force => true do |t|
+        t.string   "name",                               :null => false
+        t.integer  "user_id",                            :null => false
+        t.datetime "created_at",                         :null => false
+        t.datetime "updated_at",                         :null => false
+        t.boolean  "contacts_visible", :default => true, :null => false
+        t.integer  "order_id"
+      end
+      
+      add_index "aspects", ["user_id", "contacts_visible"], :name => "index_aspects_on_user_id_and_contacts_visible"
+      add_index "aspects", ["user_id"], :name => "index_aspects_on_user_id"
+
+      create_table "aspect_memberships", :force => true do |t|
+        t.integer  "aspect_id",  :null => false
+        t.integer  "contact_id", :null => false
+        t.datetime "created_at", :null => false
+        t.datetime "updated_at", :null => false
+      end
+      
+      add_index "aspect_memberships", ["aspect_id", "contact_id"], :name => "index_aspect_memberships_on_aspect_id_and_contact_id", :unique => true
+      add_index "aspect_memberships", ["aspect_id"], :name => "index_aspect_memberships_on_aspect_id"
+      add_index "aspect_memberships", ["contact_id"], :name => "index_aspect_memberships_on_contact_id"
+
+      create_table "contacts", :force => true do |t|
+        t.integer  "user_id",                       :null => false
+        t.integer  "person_id",                     :null => false
+        t.datetime "created_at",                    :null => false
+        t.datetime "updated_at",                    :null => false
+        t.boolean  "sharing",    :default => false, :null => false
+        t.boolean  "receiving",  :default => false, :null => false
+      end
+      
+      add_index "contacts", ["person_id"], :name => "index_contacts_on_person_id"
+      add_index "contacts", ["user_id", "person_id"], :name => "index_contacts_on_user_id_and_person_id", :unique => true
+
+      create_table "users", :force => true do |t|
+        t.string   "username"
+        t.text     "serialized_private_key"
+        t.boolean  "getting_started",                                   :default => true,  :null => false
+        t.boolean  "disable_mail",                                      :default => false, :null => false
+        t.string   "language"
+        t.string   "email",                                             :default => "",    :null => false
+        t.string   "encrypted_password",                                :default => "",    :null => false
+        t.string   "invitation_token",                   :limit => 60
+        t.datetime "invitation_sent_at"
+        t.string   "reset_password_token"
+        t.datetime "remember_created_at"
+        t.integer  "sign_in_count",                                     :default => 0
+        t.datetime "current_sign_in_at"
+        t.datetime "last_sign_in_at"
+        t.string   "current_sign_in_ip"
+        t.string   "last_sign_in_ip"
+        t.datetime "created_at",                                                           :null => false
+        t.datetime "updated_at",                                                           :null => false
+        t.string   "invitation_service",                 :limit => 127
+        t.string   "invitation_identifier",              :limit => 127
+        t.integer  "invitation_limit"
+        t.integer  "invited_by_id"
+        t.string   "invited_by_type"
+        t.string   "authentication_token",               :limit => 30
+        t.string   "unconfirmed_email"
+        t.string   "confirm_email_token",                :limit => 30
+        t.datetime "locked_at"
+        t.boolean  "show_community_spotlight_in_stream",                :default => true,  :null => false
+        t.boolean  "auto_follow_back",                                  :default => false
+        t.integer  "auto_follow_back_aspect_id"
+        t.text     "hidden_shareables"
+        t.datetime "reset_password_sent_at"
+        t.datetime "last_seen"
+      end
+      
+      add_index "users", ["authentication_token"], :name => "index_users_on_authentication_token", :unique => true
+      add_index "users", ["email"], :name => "index_users_on_email"
+      add_index "users", ["invitation_service", "invitation_identifier"], :name => "index_users_on_invitation_service_and_invitation_identifier", :unique => true
+      add_index "users", ["invitation_token"], :name => "index_users_on_invitation_token"
+      add_index "users", ["username"], :name => "index_users_on_username", :unique => true
+      
+      #add_foreign_key "aspect_memberships", "aspects", name: "aspect_memberships_aspect_id_fk", dependent: :delete
+      #add_foreign_key "aspect_memberships", "contacts", name: "aspect_memberships_contact_id_fk", dependent: :delete
+      #add_foreign_key "contacts", "people", name: "contacts_person_id_fk", dependent: :delete
+    end
+  end
+end

data/test/store_test.rb

@@ -3,96 +3,113 @@
 require 'test_helper'
 
 describe Vines::Store do
-  before do
-    dir = 'conf/certs'
-
-    domain, key = certificate('wonderland.lit')
-    File.open("#{dir}/wonderland.lit.crt", 'w') {|f| f.write(domain) }
-    File.open("#{dir}/wonderland.lit.key", 'w') {|f| f.write(key) }
-
-    wildcard, key = certificate('*.wonderland.lit')
-    File.open("#{dir}/wildcard.lit.crt", 'w') {|f| f.write(wildcard) }
-    File.open("#{dir}/wildcard.lit.key", 'w') {|f| f.write(key) }
+  let(:dir) { 'conf/certs' }
+  let(:domain_pair) { certificate('wonderland.lit') }
+  let(:wildcard_pair) { certificate('*.wonderland.lit') }
+  subject { Vines::Store.new(dir) }
 
-    @store = Vines::Store.new('conf/certs')
+  before do
+    @files =
+      save('wonderland.lit', domain_pair) +
+      save('wildcard.lit', wildcard_pair) +
+      save('duplicate.lit', domain_pair)
   end
 
   after do
-    %w[wonderland.lit.crt wonderland.lit.key wildcard.lit.crt wildcard.lit.key].each do |f|
-      name = "conf/certs/#{f}"
+    @files.each do |name|
       File.delete(name) if File.exists?(name)
     end
   end
 
-  it 'parses certificate files' do
-    refute @store.certs.empty?
-    assert_equal OpenSSL::X509::Certificate, @store.certs.first.class
-  end
+  describe 'creating a store' do
+    it 'parses certificate files' do
+      refute subject.certs.empty?
+      assert_equal OpenSSL::X509::Certificate, subject.certs.first.class
+    end
+
+    it 'ignores expired certificates' do
+      assert subject.certs.all? {|c| c.not_after > Time.new }
+    end
 
-  it 'ignores expired certificates' do
-    assert @store.certs.all? {|c| c.not_after > Time.new }
+    it 'does not raise an error for duplicate certificates' do
+      assert Vines::Store.new(dir)
+    end
   end
 
   describe 'files_for_domain' do
     it 'handles invalid input' do
-      assert_nil @store.files_for_domain(nil)
-      assert_nil @store.files_for_domain('')
+      assert_nil subject.files_for_domain(nil)
+      assert_nil subject.files_for_domain('')
     end
 
     it 'finds files by name' do
-      refute_nil @store.files_for_domain('wonderland.lit')
-      cert, key = @store.files_for_domain('wonderland.lit')
+      refute_nil subject.files_for_domain('wonderland.lit')
+      cert, key = subject.files_for_domain('wonderland.lit')
       assert_certificate_matches_key cert, key
       assert_equal 'wonderland.lit.crt', File.basename(cert)
       assert_equal 'wonderland.lit.key', File.basename(key)
     end
 
     it 'finds files for wildcard' do
-      refute_nil @store.files_for_domain('foo.wonderland.lit')
-      cert, key = @store.files_for_domain('foo.wonderland.lit')
+      refute_nil subject.files_for_domain('foo.wonderland.lit')
+      cert, key = subject.files_for_domain('foo.wonderland.lit')
       assert_certificate_matches_key cert, key
       assert_equal 'wildcard.lit.crt', File.basename(cert)
       assert_equal 'wildcard.lit.key', File.basename(key)
     end
   end
 
+  describe 'trusted?' do
+    it 'does not trust malformed certificates' do
+      refute subject.trusted?('bogus')
+    end
+
+    it 'does not trust unsigned certificates' do
+      pair = certificate('something.lit')
+      refute subject.trusted?(pair.cert)
+    end
+  end
+
   describe 'domain?' do
     it 'handles invalid input' do
-      cert, key = certificate('wonderland.lit')
-      refute @store.domain?(nil, nil)
-      refute @store.domain?(cert, nil)
-      refute @store.domain?(cert, '')
-      refute @store.domain?(nil, '')
-      assert @store.domain?(cert, 'wonderland.lit')
+      pair = certificate('wonderland.lit')
+      refute subject.domain?(nil, nil)
+      refute subject.domain?(pair.cert, nil)
+      refute subject.domain?(pair.cert, '')
+      refute subject.domain?(nil, '')
+      assert subject.domain?(pair.cert, 'wonderland.lit')
     end
 
     it 'verifies certificate subject domains' do
-      cert, key = certificate('wonderland.lit')
-      refute @store.domain?(cert, 'bogus')
-      refute @store.domain?(cert, 'www.wonderland.lit')
-      assert @store.domain?(cert, 'wonderland.lit')
+      pair = certificate('wonderland.lit')
+      refute subject.domain?(pair.cert, 'bogus')
+      refute subject.domain?(pair.cert, 'www.wonderland.lit')
+      assert subject.domain?(pair.cert, 'wonderland.lit')
     end
 
     it 'verifies certificate subject alt domains' do
-      cert, key = certificate('wonderland.lit', 'www.wonderland.lit')
-      refute @store.domain?(cert, 'bogus')
-      refute @store.domain?(cert, 'tea.wonderland.lit')
-      assert @store.domain?(cert, 'www.wonderland.lit')
-      assert @store.domain?(cert, 'wonderland.lit')
+      pair = certificate('wonderland.lit', 'www.wonderland.lit')
+      refute subject.domain?(pair.cert, 'bogus')
+      refute subject.domain?(pair.cert, 'tea.wonderland.lit')
+      assert subject.domain?(pair.cert, 'www.wonderland.lit')
+      assert subject.domain?(pair.cert, 'wonderland.lit')
     end
 
     it 'verifies certificate wildcard domains' do
-      cert, key = certificate('wonderland.lit', '*.wonderland.lit')
-      refute @store.domain?(cert, 'bogus')
-      refute @store.domain?(cert, 'one.two.wonderland.lit')
-      assert @store.domain?(cert, 'tea.wonderland.lit')
-      assert @store.domain?(cert, 'www.wonderland.lit')
-      assert @store.domain?(cert, 'wonderland.lit')
+      pair = certificate('wonderland.lit', '*.wonderland.lit')
+      refute subject.domain?(pair.cert, 'bogus')
+      refute subject.domain?(pair.cert, 'one.two.wonderland.lit')
+      assert subject.domain?(pair.cert, 'tea.wonderland.lit')
+      assert subject.domain?(pair.cert, 'www.wonderland.lit')
+      assert subject.domain?(pair.cert, 'wonderland.lit')
     end
   end
 
   private
 
+  # A public certificate + private key pair.
+  Pair = Struct.new(:cert, :key)
+
   def assert_certificate_matches_key(cert, key)
     refute_nil cert
     refute_nil key
@@ -102,7 +119,7 @@ describe Vines::Store do
   end
 
   def certificate(domain, altname=nil)
-    # use small key so tests are fast
+    # Use small key so tests are fast.
     key = OpenSSL::PKey::RSA.generate(256)
 
     name = OpenSSL::X509::Name.parse("/C=US/ST=Colorado/L=Denver/O=Test/CN=#{domain}")
@@ -125,6 +142,21 @@ describe Vines::Store do
       ].map {|k, v| factory.create_ext(k, v) }
     end
 
-    [cert.to_pem, key.to_pem]
+    Pair.new(cert.to_pem, key.to_pem)
+  end
+
+  # Write the domain's certificate and private key files to the filesystem for
+  # the store to use.
+  #
+  # domain - The domain name String to use in the file name (e.g. wonderland.lit).
+  # pair   - The Pair containing the public certificate and private key data.
+  #
+  # Returns a String Array of file names that were written.
+  def save(domain, pair)
+    crt = File.expand_path("#{domain}.crt", dir)
+    key = File.expand_path("#{domain}.key", dir)
+    File.open(crt, 'w') {|f| f.write(pair.cert) }
+    File.open(key, 'w') {|f| f.write(pair.key) }
+    [crt, key]
   end
 end

data/test/test_helper.rb

@@ -4,6 +4,7 @@ require 'tmpdir'
 require 'vines'
 require 'ext/nokogiri'
 require 'minitest/autorun'
+require 'rails/all'
 
 class MiniTest::Spec
 

data/vines.gemspec

@@ -18,11 +18,15 @@ Gem::Specification.new do |s|
 
   s.add_dependency 'bcrypt', '~> 3.1'
   s.add_dependency 'em-hiredis', '~> 0.1.1'
-  s.add_dependency 'eventmachine', '~> 1.0.3'
-  s.add_dependency 'http_parser.rb', '~> 0.5.3'
-  s.add_dependency 'net-ldap', '~> 0.3.1'
-  s.add_dependency 'nokogiri', '>= 1.5.10'
+  s.add_dependency 'eventmachine', '~> 1.0'
+  s.add_dependency 'http_parser.rb', '~> 0.6'
+  s.add_dependency 'net-ldap', '~> 0.6'
+  s.add_dependency 'nokogiri', '~> 1.6'
+  s.add_dependency 'activerecord', '~> 4.1.4'
 
+
+  s.add_development_dependency 'rails', '~> 4.1.4'
+  s.add_development_dependency 'sqlite3', '~> 1.3.9'
   s.add_development_dependency 'minitest', '~> 5.3'
   s.add_development_dependency 'rake', '~> 10.3'
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: diaspora-vines
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.21
 platform: ruby
 authors:
 - David Graham
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-07-29 00:00:00.000000000 Z
+date: 2014-09-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -45,56 +45,98 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 1.0.3
+        version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 1.0.3
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: http_parser.rb
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.5.3
+        version: '0.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.5.3
+        version: '0.6'
 - !ruby/object:Gem::Dependency
   name: net-ldap
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.3.1
+        version: '0.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.3.1
+        version: '0.6'
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.5.10
+        version: 4.1.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.4
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.4
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.1.4
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.3.9
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.5.10
+        version: 1.3.9
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -282,6 +324,8 @@ files:
 - test/storage/local_test.rb
 - test/storage/mock_redis.rb
 - test/storage/null_test.rb
+- test/storage/sql.rb
+- test/storage/sql_schema.rb
 - test/storage/storage_tests.rb
 - test/storage_test.rb
 - test/store_test.rb
@@ -325,7 +369,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.3.0
+rubygems_version: 2.4.1
 signing_key: 
 specification_version: 4
 summary: Diaspora-vines is a Vines fork build for diaspora integration.
@@ -381,7 +425,9 @@ test_files:
 - test/config_test.rb
 - test/test_helper.rb
 - test/storage/storage_tests.rb
+- test/storage/sql_schema.rb
 - test/storage/null_test.rb
 - test/storage/mock_redis.rb
 - test/storage/ldap_test.rb
 - test/storage/local_test.rb
+- test/storage/sql.rb