forest_admin_rpc_agent 1.30.4 → 1.30.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/lib/forest_admin_rpc_agent/middleware/authentication.rb +1 -28
  3. data/lib/forest_admin_rpc_agent/routes/action_execute.rb +0 -2
  4. data/lib/forest_admin_rpc_agent/routes/action_form.rb +0 -2
  5. data/lib/forest_admin_rpc_agent/routes/aggregate.rb +1 -3
  6. data/lib/forest_admin_rpc_agent/routes/base_route.rb +13 -13
  7. data/lib/forest_admin_rpc_agent/routes/chart.rb +0 -2
  8. data/lib/forest_admin_rpc_agent/routes/create.rb +0 -2
  9. data/lib/forest_admin_rpc_agent/routes/delete.rb +0 -2
  10. data/lib/forest_admin_rpc_agent/routes/list.rb +0 -2
  11. data/lib/forest_admin_rpc_agent/routes/update.rb +0 -2
  12. data/lib/forest_admin_rpc_agent/version.rb +1 -1
  13. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bd30b9ebff36413cfe4e1bd1ae0e5b06683273ba7f9ba9be13a2e4b208fee7f2
4
- data.tar.gz: f85a704df4609325c50c85cb0fd61b9b543b3bb8e7fd88db0f8a2318148a9c22
3
+ metadata.gz: 53b5e12f818c23964ae83123b35aa0c519c3ff2ac455ba2c518fea37b37e4d2c
4
+ data.tar.gz: fd85d6d60ab150a0375dbfb9681696b28b6f93c4f1e94a30646e2e34c3a8adad
5
5
  SHA512:
6
- metadata.gz: 93097366142e92fb3f3636262f76666903d18cdd7d01e35a8a4d4719f204c9639448959afec7f2a3c475291423cfc1b5f8852d080a19b13607c07f45da25087f
7
- data.tar.gz: e933c8b5e1f911e88ec3b9b0ea8ecef28c763817e832743b9de3729135026e84294fb4798c1de2046cbdcb196bb579e8e1a4b667accaba47d4b5b4447b2ab19c
6
+ metadata.gz: 80e426d3044d3d93494696987be64a46d2033d8547bb5aecb09cb101b69268864d450fc8a4a7c17ac813a1c1db56a173f82a699d4a6ff2b4b73aa420451338c6
7
+ data.tar.gz: 739cd6a8a363d9bc8ebb28480d958f5aed1fd488021cba32ee1568512c5a11517698f9d2f856776dcfcd0f4ab6936f1640c780c3c78e2ef3246aea0a282a8e86
data/lib/forest_admin_rpc_agent/middleware/authentication.rb CHANGED
@@ -4,9 +4,6 @@ module ForestAdminRpcAgent
4
4
  module Middleware
5
5
  class Authentication
6
6
  ALLOWED_TIME_DIFF = 300
7
- SIGNATURE_REUSE_WINDOW = 5
8
- @@used_signatures = {}
9
- @@signatures_mutex = Mutex.new
10
7
 
11
8
  def initialize(app)
12
9
  @app = app
@@ -41,25 +38,7 @@ module ForestAdminRpcAgent
41
38
 
42
39
  expected_signature = OpenSSL::HMAC.hexdigest('SHA256', auth_secret, timestamp)
43
40
 
44
- return false unless Rack::Utils.secure_compare(signature, expected_signature)
45
-
46
- # check if this signature has already been used (replay attack)
47
- # Reject if signature was used recently (within SIGNATURE_REUSE_WINDOW seconds)
48
- # Use mutex to prevent race conditions in multi-threaded environments
49
- now = current_time_in_seconds
50
-
51
- @@signatures_mutex.synchronize do
52
- if @@used_signatures.key?(signature)
53
- last_used = @@used_signatures[signature]
54
- time_since_last_use = now - last_used
55
- return false if time_since_last_use <= SIGNATURE_REUSE_WINDOW
56
- end
57
- @@used_signatures[signature] = now
58
-
59
- cleanup_old_signatures
60
- end
61
-
62
- true
41
+ Rack::Utils.secure_compare(signature, expected_signature)
63
42
  end
64
43
 
65
44
  def valid_timestamp?(timestamp)
@@ -73,12 +52,6 @@ module ForestAdminRpcAgent
73
52
  (current_time_in_seconds - time.to_i).abs <= ALLOWED_TIME_DIFF
74
53
  end
75
54
 
76
- def cleanup_old_signatures
77
- # Should be called within mutex synchronize block
78
- now = current_time_in_seconds
79
- @@used_signatures.delete_if { |_signature, last_used| now - last_used > ALLOWED_TIME_DIFF }
80
- end
81
-
82
55
  def current_time_in_seconds
83
56
  defined?(Time.current) ? Time.current.to_i : Time.now.utc.to_i
84
57
  end
data/lib/forest_admin_rpc_agent/routes/action_execute.rb CHANGED
@@ -12,8 +12,6 @@ module ForestAdminRpcAgent
12
12
  end
13
13
 
14
14
  def handle_request(args)
15
- return {} unless args[:params]['collection_name']
16
-
17
15
  datasource = ForestAdminRpcAgent::Facades::Container.datasource
18
16
  collection = get_collection_safe(datasource, args[:params]['collection_name'])
19
17
  filter = FilterFactory.from_plain_object(args[:params]['filter'])
data/lib/forest_admin_rpc_agent/routes/action_form.rb CHANGED
@@ -12,8 +12,6 @@ module ForestAdminRpcAgent
12
12
  end
13
13
 
14
14
  def handle_request(args)
15
- return {} unless args[:params]['collection_name']
16
-
17
15
  datasource = ForestAdminRpcAgent::Facades::Container.datasource
18
16
  collection = get_collection_safe(datasource, args[:params]['collection_name'])
19
17
  filter = FilterFactory.from_plain_object(args[:params]['filter'])
data/lib/forest_admin_rpc_agent/routes/aggregate.rb CHANGED
@@ -12,15 +12,13 @@ module ForestAdminRpcAgent
12
12
  end
13
13
 
14
14
  def handle_request(args)
15
- return {} unless args[:params]['collection_name']
16
-
17
15
  datasource = ForestAdminRpcAgent::Facades::Container.datasource
18
16
  collection = get_collection_safe(datasource, args[:params]['collection_name'])
19
17
 
20
18
  aggregation = Aggregation.new(
21
19
  operation: args[:params]['aggregation']['operation'],
22
20
  field: args[:params]['aggregation']['field'],
23
- groups: args[:params]['aggregation']['groups']
21
+ groups: args[:params]['aggregation']['groups'] || []
24
22
  )
25
23
  filter = FilterFactory.from_plain_object(args[:params]['filter'])
26
24
 
data/lib/forest_admin_rpc_agent/routes/base_route.rb CHANGED
@@ -39,16 +39,16 @@ module ForestAdminRpcAgent
39
39
 
40
40
  # Skip authentication for health check (root path)
41
41
  if @url == '/'
42
- params = deep_symbolize_keys(request.query_parameters.merge(request.request_parameters))
43
- result = handle_request({ params: params.with_indifferent_access, caller: nil, request: request })
42
+ params = extract_request_params(request)
43
+ result = handle_request({ params: params, caller: nil, request: request })
44
44
  build_rails_response(result)
45
45
  else
46
46
  auth_middleware = ForestAdminRpcAgent::Middleware::Authentication.new(->(_env) { [200, {}, ['OK']] })
47
47
  status, headers, response = auth_middleware.call(request.env)
48
48
 
49
49
  if status == 200
50
- params = deep_symbolize_keys(request.query_parameters.merge(request.request_parameters))
51
- result = handle_request({ params: params.with_indifferent_access, caller: headers[:caller], request: request })
50
+ params = extract_request_params(request)
51
+ result = handle_request({ params: params, caller: headers[:caller], request: request })
52
52
  build_rails_response(result)
53
53
  else
54
54
  [status, headers, response]
@@ -87,15 +87,15 @@ module ForestAdminRpcAgent
87
87
 
88
88
  private
89
89
 
90
- def deep_symbolize_keys(obj)
91
- case obj
92
- when Hash
93
- obj.transform_keys(&:to_sym).transform_values { |v| deep_symbolize_keys(v) }
94
- when Array
95
- obj.map { |v| deep_symbolize_keys(v) }
96
- else
97
- obj
98
- end
90
+ # Merge path params (e.g. :collection_name from the URL) with query and body params so
91
+ # consumers that don't duplicate `collection_name` in the body (the Node datasource-rpc)
92
+ # still resolve the route correctly.
93
+ def extract_request_params(request)
94
+ request.path_parameters
95
+ .except(:controller, :action, :format)
96
+ .merge(request.query_parameters)
97
+ .merge(request.request_parameters)
98
+ .with_indifferent_access
99
99
  end
100
100
 
101
101
  def serialize_response(result)
data/lib/forest_admin_rpc_agent/routes/chart.rb CHANGED
@@ -10,8 +10,6 @@ module ForestAdminRpcAgent
10
10
  end
11
11
 
12
12
  def handle_request(args)
13
- return {} unless args[:params]['collection_name']
14
-
15
13
  chart_name = args[:params]['chart']
16
14
  parameters = args[:params]['parameters']
17
15
  datasource = ForestAdminRpcAgent::Facades::Container.datasource
data/lib/forest_admin_rpc_agent/routes/create.rb CHANGED
@@ -8,8 +8,6 @@ module ForestAdminRpcAgent
8
8
  end
9
9
 
10
10
  def handle_request(args)
11
- return {} unless args[:params]['collection_name']
12
-
13
11
  datasource = ForestAdminRpcAgent::Facades::Container.datasource
14
12
  collection = get_collection_safe(datasource, args[:params]['collection_name'])
15
13
 
data/lib/forest_admin_rpc_agent/routes/delete.rb CHANGED
@@ -12,8 +12,6 @@ module ForestAdminRpcAgent
12
12
  end
13
13
 
14
14
  def handle_request(args)
15
- return {} unless args[:params]['collection_name']
16
-
17
15
  datasource = ForestAdminRpcAgent::Facades::Container.datasource
18
16
  collection = get_collection_safe(datasource, args[:params]['collection_name'])
19
17
  filter = FilterFactory.from_plain_object(args[:params]['filter'])
data/lib/forest_admin_rpc_agent/routes/list.rb CHANGED
@@ -12,8 +12,6 @@ module ForestAdminRpcAgent
12
12
  end
13
13
 
14
14
  def handle_request(args)
15
- return {} unless args[:params]['collection_name']
16
-
17
15
  datasource = ForestAdminRpcAgent::Facades::Container.datasource
18
16
  collection = get_collection_safe(datasource, args[:params]['collection_name'])
19
17
  projection = Projection.new(args[:params]['projection'])
data/lib/forest_admin_rpc_agent/routes/update.rb CHANGED
@@ -10,8 +10,6 @@ module ForestAdminRpcAgent
10
10
  end
11
11
 
12
12
  def handle_request(args)
13
- return {} unless args[:params]['collection_name']
14
-
15
13
  datasource = ForestAdminRpcAgent::Facades::Container.datasource
16
14
  collection = get_collection_safe(datasource, args[:params]['collection_name'])
17
15
  filter = FilterFactory.from_plain_object(args[:params]['filter'])
data/lib/forest_admin_rpc_agent/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ForestAdminRpcAgent
2
- VERSION = "1.30.4"
2
+ VERSION = "1.30.6"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: forest_admin_rpc_agent
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.30.4
4
+ version: 1.30.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matthieu