grass 0.0.1

data/lib/grass/endpoints/front.rb

@@ -0,0 +1,122 @@
+require 'goliath/api'
+require 'json'
+require 'grass'
+require 'grass/key'
+require 'grass/source'
+require 'grass/helpers/i18n_helper'
+require 'grass/goliath/rack/secure_headers'
+require 'grass/goliath/rack/cache'
+require 'active_support/inflector'
+
+module Grass
+  
+  class Front < Goliath::API
+    
+    module Helper
+      def request_data
+        {
+          language_info: language_info(), 
+          country_info: country_info(), 
+          params: params,           
+          http_host: env['HTTP_HOST'], 
+          request_path: env["REQUEST_PATH"]
+        }
+      end
+    end
+    
+    DEFAULT_PAGE = ENV['DEFAULT_PAGE'] || "index"
+    
+    include Helpers::I18nHelper
+    include Helper
+    
+    Dir.glob("#{Grass.app_root}/helpers/*.rb").each do |file|
+      require file
+      include File.basename(file,".rb").classify.constantize
+    end
+    
+    use Goliath::Rack::SecureHeaders     
+    use Goliath::Rack::Params
+    use Goliath::Rack::Render
+    use Goliath::Rack::Validation::RequestMethod, %w(GET)
+    use(Rack::Static,
+    :root => "#{Grass.root}/public",
+    :urls => Dir.glob("#{Grass.root}/public/*").map{|file| "/#{::File.basename(file)}" },
+    :cache_control => ENV['CACHE_CONTROL'] || "no-cache")
+    use Goliath::Rack::Cache     
+        
+    def response(env)
+      self.public_send env['REQUEST_METHOD'].downcase, env
+    end
+
+    def get(env)
+      
+      set_locale
+
+      id = get_id
+      
+      data = id =~ /scripts|styles/ ? {} : request_data
+      
+      headers = {}
+      
+      return fresh(id,data) if Grass.env == "development" && !config['enable_cache_for_development']
+
+      # try memcache or render freshly
+      if cached_response = Source.read_cache(Source.generate_cachekey(id,data))
+        # puts "----> CACHED!!!"
+
+        mime_type, body = cached_response
+        headers = {"Content-Type" => mime_type}     
+        status = 200   
+          
+      else
+        status, headers, body = fresh(id,data)
+        
+      end
+      
+      [status,headers,body]
+
+    end    
+    
+    private
+
+    def get_id
+      # set default home
+      id = env["REQUEST_PATH"] == "/" ? "/pages/#{DEFAULT_PAGE}" : env["REQUEST_PATH"]
+
+      # remove trailing slash
+      id = id[0..-2] if id.end_with?("/")
+
+      # ensure locale
+      unless id =~ /#{Key::KEY_REGEX[:locale]}/      
+        id = "/#{I18n.locale}/#{id}"
+      end
+
+      # add pages as default collection
+      unless id =~ /#{Key::KEY_REGEX[:dir]}/      
+        id = id.split("/").insert(2,"pages").join("/") 
+      end
+
+      id.gsub("//","/")
+    end
+
+    def get_file key
+      raise Goliath::Validation::NotFoundError unless source = Source[key].first
+      # if Grass.env == "development"
+      #   source.file.read 
+      #   source.commit!
+      # end
+      source
+    end
+    
+    def fresh id, data = {}
+      file = get_file(id)
+      if file.type == "page"   
+        file.render(data) 
+        file.cache!
+      end
+      [200, {"Content-Type" => file.mime_type} ,file.read]
+    end
+    
+  end
+  
+end

data/lib/grass/file_sync.rb

@@ -0,0 +1,70 @@
+require 'fileutils'
+
+module Grass
+  
+  module FileSync
+    
+    class FileProxy
+    
+      def initialize source
+        @source = source
+        FileUtils.mkdir_p File.dirname(@source.filepath)
+        exists? ? read : write(@source.raw)
+      end
+      
+      def exists?
+        File.exists? @source.filepath
+      end
+    
+      def read
+        begin
+          value = File.read(@source.filepath)
+          @source.update(raw: value) if dirty?
+          value
+        end rescue nil
+      end
+      
+      def write value
+        begin
+          File.open(@source.filepath,File::RDWR|File::CREAT){ |f| 
+            f.truncate(0); f.rewind; f.write(value)
+          }
+          value
+        end rescue nil
+      end 
+      
+      def delete
+        File.delete(@source.filepath) rescue nil
+      end
+      
+      def dirty?
+        @source.raw.nil? || File.mtime(@source.filepath).to_i > @source.updated_at.to_i
+      end
+      
+    end
+    
+    def self.included(base)
+      base.send :after_initialize, :init_file, if: 'binary.nil?'
+      base.send :before_save, :write_file, if: 'binary.nil?'
+      base.send :after_destroy, :delete_file, if: 'binary.nil?'
+    end
+    
+    attr_reader :file
+    
+    private
+    
+    def init_file
+      @file = FileProxy.new(self)
+    end
+    
+    def delete_file
+      @file.delete
+    end
+    
+    def write_file
+      @file.write(self.raw)
+    end
+    
+  end
+  
+end

data/lib/grass/goliath/rack/auth_barrier.rb

@@ -0,0 +1,109 @@
+module Goliath
+  module Rack
+    class AuthBarrier
+      
+      include Goliath::Rack::BarrierAroundware
+      include Goliath::Validation
+      
+      attr_reader   :db # Memcache Client
+      attr_accessor :access_token
+      
+      class MissingApikeyError     < BadRequestError   ; end
+      class InvalidApikeyError     < UnauthorizedError ; end
+      
+      def initialize(env, db_name)
+        @db = env.config[db_name]
+        super(env)
+      end
+      
+      def pre_process
+        env.trace('pre_process_beg')
+        validate_apikey!
+
+        # the results of the afirst deferrable will be set right into access_token (and the request into successes)
+        get_access_token
+
+        # On non-GET non-HEAD requests, we have to check auth now.
+        unless lazy_authorization?
+          perform     # yield execution until user_info has arrived
+          check_authorization!
+        end
+
+        env.trace('pre_process_end')
+        return Goliath::Connection::AsyncResponse
+      end
+      
+      def post_process
+        env.trace('post_process_beg')
+        # [:access_token, :status, :headers, :body].each{|attr| env.logger.info(("%23s\t%s" % [attr, self.send(attr).inspect[0..200]])) }
+
+        # inject_headers
+
+        # We have to check auth now, we skipped it before
+        if lazy_authorization?
+          check_authorization!
+        end
+
+        env.trace('post_process_end')
+        [status, headers, body]
+      end
+
+      def lazy_authorization?
+        (env['REQUEST_METHOD'] == 'GET') || (env['REQUEST_METHOD'] == 'HEAD')
+      end
+      
+      def get_access_token 
+        @access_token = db.get(apikey_path) rescue nil
+        # puts "GET KEY #{apikey_path.inspect} -> #{@access_token.inspect}"
+        @access_token
+      end
+      
+      def accept_response(handle, *args)
+        env.trace("received_#{handle}")
+        super(handle, *args)
+      end
+      
+      # =======================================================================
+
+      def validate_apikey!
+        raise MissingApikeyError.new("Missing Api Key") if apikey.to_s.empty?
+      end
+
+      def check_authorization!
+        unless access_token && account_valid?
+          raise InvalidApikeyError.new("Invalid Api Key")
+        else
+          renew_token
+        end
+      end
+      
+      def apikey
+        env.params['apikey']
+      end
+      
+      def apikey_path
+        Arms::Auth.keypath(apikey)
+      end
+      
+      def account_valid?
+        # puts "VALID? #{Digest::MD5.hexdigest(apikey) == access_token[:token]},#{account_belongs_to_host?},#{Arms::Auth.can?(access_token[:mode],env['REQUEST_METHOD'])}"
+        # is token or key altered?
+        Digest::MD5.hexdigest(apikey) == access_token[:token] && 
+        # is on right host?
+        account_belongs_to_host? &&
+        # mode is able to do HTTP VERB?
+        Arms::Auth.can?(access_token[:mode],env['REQUEST_METHOD'])
+      end
+      
+      def renew_token
+        db.touch apikey_path, Arms::Auth::TTLS[access_token[:mode]] unless access_token[:ttl].nil?
+      end
+      
+      def account_belongs_to_host?
+        return true if access_token[:mode] == Arms::Auth::ADMIN
+        [access_token[:hosts]].flatten.join(",") =~ /#{env['HTTP_ORIGIN'] || env['SERVER_NAME']}/
+      end
+          
+    end
+  end
+end

data/lib/grass/goliath/rack/cache.rb

@@ -0,0 +1,37 @@
+# Very Simple Middleware to deal with ETag & If-None_Match Headers
+ 
+require "goliath/rack/async_middleware"
+
+module Goliath
+  module Rack
+    class Cache
+    
+      include Goliath::Rack::AsyncMiddleware
+    
+      def post_process(env, status, headers, body)
+        if body.is_a?(String) && (Grass.env == "production" || env.config['enable_cache_for_development'])
+          # Generate ETag for body
+          etag = etag_for(body)
+          
+          # Add ETag header
+          headers['ETag'] = etag
+          
+          # Response with status 304 without body
+          if env['HTTP_IF_NONE_MATCH'] == etag
+            status = 304
+            body = nil
+          end
+        end
+        [status,headers,body]
+      end
+        
+      private
+        
+      # Generates ETag for given string
+      def etag_for content
+        Digest::MD5.hexdigest(content)
+      end
+        
+    end
+  end
+end

data/lib/grass/goliath/rack/cors.rb

@@ -0,0 +1,45 @@
+require 'goliath/rack'
+
+module Goliath
+  module Rack
+    class Cors
+      include Goliath::Rack::AsyncMiddleware
+      
+      DEFAULT_OPTIONS = {
+        :origin => '*',
+        :methods => 'GET',
+        :headers => 'Accept, Authorization, Content-Type, Origin',
+        :expose_headers => 'Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Location, Pragma'
+      }
+
+      def initialize(app, options = {})
+        super(app)
+        @options = DEFAULT_OPTIONS.merge(options)
+      end
+
+      def call(env)
+        if env['REQUEST_METHOD'] == 'OPTIONS'
+          [200, cors_headers, []]
+        else
+          super(env)
+        end
+      end
+
+      def post_process(env, status, headers, body)
+        [status, cors_headers.merge(headers), body]
+      end
+
+      private
+
+        def cors_headers
+          headers = {}
+          headers['Access-Control-Allow-Origin'] = @options[:origin]
+          headers['Access-Control-Allow-Methods'] = @options[:methods]
+          headers['Access-Control-Allow-Headers'] = @options[:headers]
+          headers['Access-Control-Expose-Headers'] = @options[:expose_headers]
+          headers
+        end
+
+    end
+  end
+end

data/lib/grass/goliath/rack/secure_headers.rb

@@ -0,0 +1,20 @@
+module Goliath
+  module Rack
+    class SecureHeaders
+      
+      include Goliath::Rack::AsyncMiddleware
+      
+      HEADERS = {
+        'X-Frame-Options' => 'SAMEORIGIN',
+        'X-XSS-Protection' => '1; mode=block',
+        'X-Content-Type-Options' => 'nosniff'
+      }
+      
+      def post_process(env, status, headers, body)
+        headers.update HEADERS
+        [status, headers, body]
+      end
+      
+    end
+  end
+end

data/lib/grass/goliath/rack/validator.rb

@@ -0,0 +1,52 @@
+module Goliath
+  module Rack
+    module Validator
+      module_function
+      ERROR = 'error'
+
+      # @param status_code [Integer] HTTP status code for this error.
+      # @param msg [String] message to inject into the response body.
+      # @param headers [Hash] Response headers to preserve in an error response;
+      #   (the Content-Length header, if any, is removed)
+      def validation_error(status_code, msg, headers={})
+        headers.delete('Content-Length')
+        [status_code, headers, {ERROR => msg}]
+      end
+
+      # Execute a block of code safely.
+      #
+      # If the block raises any exception that derives from
+      # Goliath::Validation::Error (see specifically those in
+      # goliath/validation/standard_http_errors.rb), it will be turned into the
+      # corresponding 4xx response with a corresponding message.
+      #
+      # If the block raises any other kind of error, we log it and return a
+      # less-communicative 500 response.
+      #
+      # @example
+      #   # will convert the ForbiddenError exception into a 403 response
+      #   # and an uncaught error in do_something_risky! into a 500 response
+      #   safely(env, headers) do
+      #     raise ForbiddenError unless account_info['valid'] == true
+      #     do_something_risky!
+      #     [status, headers, body]
+      #   end
+      #
+      #
+      # @param env [Goliath::Env] The current request env
+      # @param headers [Hash] Response headers to preserve in an error response
+      #
+      def safely(env, headers={})
+        begin
+          yield
+        rescue Goliath::Validation::Error => e
+          validation_error(e.status_code, e.message, headers)
+        rescue Exception => e
+          env.logger.error(e.message)
+          env.logger.error(e.backtrace.join("\n"))
+          validation_error(500, e.message, headers)
+        end
+      end
+    end
+  end
+end