hieraviz 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6c1283ce82b3cdaba2917c8bd1f2d6606f6272b5
-  data.tar.gz: 789132864aef111d8cbc4c1d5dc4b8478ac1aa60
+  metadata.gz: 7943ca0a1cce06662064ff153e6574e667a9aebe
+  data.tar.gz: de8240ae22c0afff43b068cf4af11fc84a3247a9
 SHA512:
-  metadata.gz: 856f47c9edd3e9333bc8e795258e916935be940d6ba216c72aba7e70ffa280f1a459dda96601c0ea3c15e0fdd46aa6bf3913fcd0ea9955c39204264b0759c968
-  data.tar.gz: 559f5c324a0db557223502df3f302ed9399e547a797790737da0946e90ecbd2c898c9718eb1d61b79a26ca6a01dc19e32ff6be9c2153a6809bf2c4851cd36784
+  metadata.gz: 7e5839350259c94f8ed16c922570e507647bc89d0cc6dd478a37763ed5bdb2601317613a13244295e8f876fa7123e0a07e6f8c55e7164e2139cacea54dda6fc7
+  data.tar.gz: fc6cd1e5c0a66630be9b33268234e5ee234778e35c6b15aba708e6d6061b5b0e8fab71203a6a0f93fa0b5e6483b8b81e3acce86de3f2fcd40242bfefe8ea4027

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Hieraviz Changelog
 ========================
 
+### v0.0.2 - 2016-01-18
+- add oauth2 auth method against gitlab server
+- add session persistence on disk
+- protect api calls with usage of the web session
+
 ### v0.0.1 - 2015-12-30
 - still pretty alpha at this stage, more to come soon
 - made basic auth work (with logout too)

data/README.md

@@ -4,7 +4,7 @@ Hieraviz
 [![Gem Version](https://img.shields.io/gem/v/hieraviz.svg)](http://rubygems.org/gems/hieraviz)
 [![Downloads](http://img.shields.io/gem/dt/hieraviz.svg)](https://rubygems.org/gems/hieraviz)
 [![Build Status](https://img.shields.io/travis/Gandi/hieraviz.svg)](https://travis-ci.org/Gandi/hieraviz)
-[![Coverage Status](https://img.shields.io/coveralls/Gandi/hieraviz.svg)](https://coveralls.io/github/Gandi/hieraviz?branch=master)
+[![Coverage Status](https://img.shields.io/coveralls/Gandi/hieraviz.svg)](https://coveralls.io/github/Gandi/hieraviz)
 [![Dependency Status](https://gemnasium.com/Gandi/hieraviz.svg)](https://gemnasium.com/Gandi/hieraviz)
 [![Code Climate](https://img.shields.io/codeclimate/github/Gandi/hieraviz.svg)](https://codeclimate.com/github/Gandi/hieraviz)
 
@@ -19,9 +19,9 @@ Install it from Rubygens:
 
     gem install hieraviz
 
-Usage
-----------
-`hv-ctl` is a control script to manipulate Hieraviz server. It is not written yet, unfortunately, but will be ready in the very next versions.
+Development
+--------------
+Launch it with `shotgun` or `rackup`.
 
 Contributing
 ----------------

data/app/apiv1.rb

@@ -12,44 +12,78 @@ require File.expand_path '../common.rb', __FILE__
 module HieravizApp
   class ApiV1 < Common
 
+    configure do
+      set :session_secret, settings.configdata['session_seed']
+      enable :sessions
+    end
+
+    helpers do
+      def check_authorization
+        if !session['access_token'] && !request.env['HTTP_X_AUTH']
+          redirect '/v1/not_logged'
+        else
+          token = session['access_token'] || request.env['HTTP_X_AUTH']
+          session_info = Hieraviz::Store.get(token, settings.configdata['session_renew'])
+          if !session_info
+            redirect '/v1/unauthorized'
+          end
+        end
+      end
+    end
+
     get '/test' do
       json data: Time.new 
     end
 
     get '/nodes' do
+      check_authorization
       json Hieracles::Registry.nodes(settings.config)
     end
 
     get '/node/:n/info' do |node|
+      check_authorization
       node = Hieracles::Node.new(node, settings.config)
       json node.info
     end
 
     get '/node/:n/params' do |node|
+      check_authorization
       node = Hieracles::Node.new(node, settings.config)
       json node.params
     end
 
     get '/node/:n/allparams' do |node|
+      check_authorization
       node = Hieracles::Node.new(node, settings.config)
       json node.params(false)
     end
 
     get '/node/:n' do |node|
+      check_authorization
       node = Hieracles::Node.new(node, settings.config)
       json node.params
     end
 
     get '/farms' do
+      check_authorization
       json Hieracles::Registry.farms(settings.config)
     end
 
     get '/farm/:n' do |farm|
+      check_authorization
       req = Hieracles::Puppetdb::Request.new(settings.configdata['puppetdb'])
       farm_nodes = req.facts('farm', farm)
       json farm_nodes.data
     end
 
+    get '/not_logged' do
+      json({ error: "Not connected." })
+    end
+
+    get '/unauthorized' do
+      json({ error: "Unauthorized" })
+    end
+
     not_found do
       json({ error: "data not found" })
     end

data/app/common.rb

@@ -1,21 +1,15 @@
 require 'sinatra/base'
 require 'dotenv'
-require 'hieracles'
-require 'hieraviz'
 
 module HieravizApp
   class Common < Sinatra::Base
 
     configure do
       set :app_name, 'HieraViz'
-      configfile = ENV['HIERAVIZ_CONFIG_FILE'] || File.join("config", "hieraviz.yml")
-      configfile = File.join(root, configfile) unless configfile[0] == '/'
-      set :configfile, configfile
-      set :configdata, YAML.load_file(configfile)
-      set :config, Hieracles::Config.new({ config: configfile })
+      set :configdata, Hieraviz::Config.load
+      set :config, Hieracles::Config.new({ config: Hieraviz::Config.configfile })
       enable :session
       enable :logging
-      set :store, Hieraviz::Store.new
     end
 
   end

data/app/main.rb

@@ -1,3 +1,6 @@
+require 'hieracles'
+require 'hieraviz'
+
 require File.expand_path '../web.rb', __FILE__
 require File.expand_path '../apiv1.rb', __FILE__
 

data/app/public/css/main.css

@@ -80,6 +80,14 @@ input {
   background-color: #fff;
   color: #000;
 }
+.head .auth a#login {
+  background-color: #fff;
+  color: #000;
+}
+.head .auth .username {
+  display: inline-block;
+  margin-right: 1em;
+}
 /* ----- Content ---- */
 .content {
   background-color: #eee;
@@ -87,14 +95,20 @@ input {
   top: 3em;
   bottom: 8em;
   width: 100%;
+  height: 90%;
 }
-
-  /* ----- Sidebar ---- */
+.error {
+  padding: 2em;
+}
+/* ----- Sidebar ---- */
 .side {
   background-color: #eee;
   display: inline-block;
   float: left;
   width: 330px;
+  height: 100%;
+  overflow-y: auto;
+  overflow-x: hidden;
 }
 .side .filter {
   margin: 0;
@@ -113,6 +127,7 @@ input {
   border-right: 1px solid #ccc;
 }
 .side ul li {
+  font-size: .9em;
   padding: .1em 1em;
   cursor: pointer;
   border-bottom: 1px solid #ccc;
@@ -130,6 +145,8 @@ input {
   background-color: #fff;
   margin-left: 330px;
   position: relative;
+  height: 100%;
+  overflow-y: auto;
 }
 .meat.text {
   padding: 1em 2em;
@@ -239,3 +256,30 @@ input {
   line-height: 1em;
   width: 100%;
 }
+.foot .debug {
+  font-family: monospace;
+  font-size: .9em;
+  background-color: #333;
+  padding: .2em 1em;
+  float: right;
+}
+
+/* ------ flash messages ----- */
+.flash {
+  position: relative;
+  padding: 1em;
+  cursor: pointer;
+}
+.flash.info {
+  background-color: #4d4;
+  color: #000;
+}
+.flash.warning {
+  background-color: #d63;
+  color: #fff;
+}
+.flash.fatal {
+  background-color: #a20;
+  color: #fff;
+  font-weight: bold;
+}

data/app/public/js/farms.js

@@ -42,14 +42,15 @@ ready( () => {
     item.addEventListener('click', (ev) => {
       addClass(meat, 'wait');
       el = ev.target;
-      fetch('/v1/farm/' + el.innerText).
+      fetch('/v1/farm/' + el.dataset.item, auth_header()).
         then(res => res.json()).
         then(j => {
-          build_list(meat, el.innerText, j);
+          build_list(meat, el.dataset.item, j);
           Array.prototype.forEach.call(farms, (item, i) => {
             removeClass(item, 'focus')
           });
           addClass(el, 'focus');
+          update_footer('/v1/farm/' + el.dataset.item);
           removeClass(meat, 'wait');
         });
     });

data/app/public/js/fetch.js

@@ -0,0 +1,381 @@
+(function() {
+  'use strict';
+
+  if (self.fetch) {
+    return
+  }
+
+  function normalizeName(name) {
+    if (typeof name !== 'string') {
+      name = String(name)
+    }
+    if (/[^a-z0-9\-#$%&'*+.\^_`|~]/i.test(name)) {
+      throw new TypeError('Invalid character in header field name')
+    }
+    return name.toLowerCase()
+  }
+
+  function normalizeValue(value) {
+    if (typeof value !== 'string') {
+      value = String(value)
+    }
+    return value
+  }
+
+  function Headers(headers) {
+    this.map = {}
+
+    if (headers instanceof Headers) {
+      headers.forEach(function(value, name) {
+        this.append(name, value)
+      }, this)
+
+    } else if (headers) {
+      Object.getOwnPropertyNames(headers).forEach(function(name) {
+        this.append(name, headers[name])
+      }, this)
+    }
+  }
+
+  Headers.prototype.append = function(name, value) {
+    name = normalizeName(name)
+    value = normalizeValue(value)
+    var list = this.map[name]
+    if (!list) {
+      list = []
+      this.map[name] = list
+    }
+    list.push(value)
+  }
+
+  Headers.prototype['delete'] = function(name) {
+    delete this.map[normalizeName(name)]
+  }
+
+  Headers.prototype.get = function(name) {
+    var values = this.map[normalizeName(name)]
+    return values ? values[0] : null
+  }
+
+  Headers.prototype.getAll = function(name) {
+    return this.map[normalizeName(name)] || []
+  }
+
+  Headers.prototype.has = function(name) {
+    return this.map.hasOwnProperty(normalizeName(name))
+  }
+
+  Headers.prototype.set = function(name, value) {
+    this.map[normalizeName(name)] = [normalizeValue(value)]
+  }
+
+  Headers.prototype.forEach = function(callback, thisArg) {
+    Object.getOwnPropertyNames(this.map).forEach(function(name) {
+      this.map[name].forEach(function(value) {
+        callback.call(thisArg, value, name, this)
+      }, this)
+    }, this)
+  }
+
+  function consumed(body) {
+    if (body.bodyUsed) {
+      return Promise.reject(new TypeError('Already read'))
+    }
+    body.bodyUsed = true
+  }
+
+  function fileReaderReady(reader) {
+    return new Promise(function(resolve, reject) {
+      reader.onload = function() {
+        resolve(reader.result)
+      }
+      reader.onerror = function() {
+        reject(reader.error)
+      }
+    })
+  }
+
+  function readBlobAsArrayBuffer(blob) {
+    var reader = new FileReader()
+    reader.readAsArrayBuffer(blob)
+    return fileReaderReady(reader)
+  }
+
+  function readBlobAsText(blob) {
+    var reader = new FileReader()
+    reader.readAsText(blob)
+    return fileReaderReady(reader)
+  }
+
+  var support = {
+    blob: 'FileReader' in self && 'Blob' in self && (function() {
+      try {
+        new Blob();
+        return true
+      } catch(e) {
+        return false
+      }
+    })(),
+    formData: 'FormData' in self,
+    arrayBuffer: 'ArrayBuffer' in self
+  }
+
+  function Body() {
+    this.bodyUsed = false
+
+
+    this._initBody = function(body) {
+      this._bodyInit = body
+      if (typeof body === 'string') {
+        this._bodyText = body
+      } else if (support.blob && Blob.prototype.isPrototypeOf(body)) {
+        this._bodyBlob = body
+      } else if (support.formData && FormData.prototype.isPrototypeOf(body)) {
+        this._bodyFormData = body
+      } else if (!body) {
+        this._bodyText = ''
+      } else if (support.arrayBuffer && ArrayBuffer.prototype.isPrototypeOf(body)) {
+        // Only support ArrayBuffers for POST method.
+        // Receiving ArrayBuffers happens via Blobs, instead.
+      } else {
+        throw new Error('unsupported BodyInit type')
+      }
+    }
+
+    if (support.blob) {
+      this.blob = function() {
+        var rejected = consumed(this)
+        if (rejected) {
+          return rejected
+        }
+
+        if (this._bodyBlob) {
+          return Promise.resolve(this._bodyBlob)
+        } else if (this._bodyFormData) {
+          throw new Error('could not read FormData body as blob')
+        } else {
+          return Promise.resolve(new Blob([this._bodyText]))
+        }
+      }
+
+      this.arrayBuffer = function() {
+        return this.blob().then(readBlobAsArrayBuffer)
+      }
+
+      this.text = function() {
+        var rejected = consumed(this)
+        if (rejected) {
+          return rejected
+        }
+
+        if (this._bodyBlob) {
+          return readBlobAsText(this._bodyBlob)
+        } else if (this._bodyFormData) {
+          throw new Error('could not read FormData body as text')
+        } else {
+          return Promise.resolve(this._bodyText)
+        }
+      }
+    } else {
+      this.text = function() {
+        var rejected = consumed(this)
+        return rejected ? rejected : Promise.resolve(this._bodyText)
+      }
+    }
+
+    if (support.formData) {
+      this.formData = function() {
+        return this.text().then(decode)
+      }
+    }
+
+    this.json = function() {
+      return this.text().then(JSON.parse)
+    }
+
+    return this
+  }
+
+  // HTTP methods whose capitalization should be normalized
+  var methods = ['DELETE', 'GET', 'HEAD', 'OPTIONS', 'POST', 'PUT']
+
+  function normalizeMethod(method) {
+    var upcased = method.toUpperCase()
+    return (methods.indexOf(upcased) > -1) ? upcased : method
+  }
+
+  function Request(input, options) {
+    options = options || {}
+    var body = options.body
+    if (Request.prototype.isPrototypeOf(input)) {
+      if (input.bodyUsed) {
+        throw new TypeError('Already read')
+      }
+      this.url = input.url
+      this.credentials = input.credentials
+      if (!options.headers) {
+        this.headers = new Headers(input.headers)
+      }
+      this.method = input.method
+      this.mode = input.mode
+      if (!body) {
+        body = input._bodyInit
+        input.bodyUsed = true
+      }
+    } else {
+      this.url = input
+    }
+
+    this.credentials = options.credentials || this.credentials || 'omit'
+    if (options.headers || !this.headers) {
+      this.headers = new Headers(options.headers)
+    }
+    this.method = normalizeMethod(options.method || this.method || 'GET')
+    this.mode = options.mode || this.mode || null
+    this.referrer = null
+
+    if ((this.method === 'GET' || this.method === 'HEAD') && body) {
+      throw new TypeError('Body not allowed for GET or HEAD requests')
+    }
+    this._initBody(body)
+  }
+
+  Request.prototype.clone = function() {
+    return new Request(this)
+  }
+
+  function decode(body) {
+    var form = new FormData()
+    body.trim().split('&').forEach(function(bytes) {
+      if (bytes) {
+        var split = bytes.split('=')
+        var name = split.shift().replace(/\+/g, ' ')
+        var value = split.join('=').replace(/\+/g, ' ')
+        form.append(decodeURIComponent(name), decodeURIComponent(value))
+      }
+    })
+    return form
+  }
+
+  function headers(xhr) {
+    var head = new Headers()
+    var pairs = xhr.getAllResponseHeaders().trim().split('\n')
+    pairs.forEach(function(header) {
+      var split = header.trim().split(':')
+      var key = split.shift().trim()
+      var value = split.join(':').trim()
+      head.append(key, value)
+    })
+    return head
+  }
+
+  Body.call(Request.prototype)
+
+  function Response(bodyInit, options) {
+    if (!options) {
+      options = {}
+    }
+
+    this._initBody(bodyInit)
+    this.type = 'default'
+    this.status = options.status
+    this.ok = this.status >= 200 && this.status < 300
+    this.statusText = options.statusText
+    this.headers = options.headers instanceof Headers ? options.headers : new Headers(options.headers)
+    this.url = options.url || ''
+  }
+
+  Body.call(Response.prototype)
+
+  Response.prototype.clone = function() {
+    return new Response(this._bodyInit, {
+      status: this.status,
+      statusText: this.statusText,
+      headers: new Headers(this.headers),
+      url: this.url
+    })
+  }
+
+  Response.error = function() {
+    var response = new Response(null, {status: 0, statusText: ''})
+    response.type = 'error'
+    return response
+  }
+
+  var redirectStatuses = [301, 302, 303, 307, 308]
+
+  Response.redirect = function(url, status) {
+    if (redirectStatuses.indexOf(status) === -1) {
+      throw new RangeError('Invalid status code')
+    }
+
+    return new Response(null, {status: status, headers: {location: url}})
+  }
+
+  self.Headers = Headers;
+  self.Request = Request;
+  self.Response = Response;
+
+  self.fetch = function(input, init) {
+    return new Promise(function(resolve, reject) {
+      var request
+      if (Request.prototype.isPrototypeOf(input) && !init) {
+        request = input
+      } else {
+        request = new Request(input, init)
+      }
+
+      var xhr = new XMLHttpRequest()
+
+      function responseURL() {
+        if ('responseURL' in xhr) {
+          return xhr.responseURL
+        }
+
+        // Avoid security warnings on getResponseHeader when not allowed by CORS
+        if (/^X-Request-URL:/m.test(xhr.getAllResponseHeaders())) {
+          return xhr.getResponseHeader('X-Request-URL')
+        }
+
+        return;
+      }
+
+      xhr.onload = function() {
+        var status = (xhr.status === 1223) ? 204 : xhr.status
+        if (status < 100 || status > 599) {
+          reject(new TypeError('Network request failed'))
+          return
+        }
+        var options = {
+          status: status,
+          statusText: xhr.statusText,
+          headers: headers(xhr),
+          url: responseURL()
+        }
+        var body = 'response' in xhr ? xhr.response : xhr.responseText;
+        resolve(new Response(body, options))
+      }
+
+      xhr.onerror = function() {
+        reject(new TypeError('Network request failed'))
+      }
+
+      xhr.open(request.method, request.url, true)
+
+      if (request.credentials === 'include') {
+        xhr.withCredentials = true
+      }
+
+      if ('responseType' in xhr && support.blob) {
+        xhr.responseType = 'blob'
+      }
+
+      request.headers.forEach(function(value, name) {
+        xhr.setRequestHeader(name, value)
+      })
+
+      xhr.send(typeof request._bodyInit === 'undefined' ? null : request._bodyInit)
+    })
+  }
+  self.fetch.polyfill = true
+})();

data/app/public/js/main.js

@@ -68,7 +68,7 @@ function filterBox(input, els) {
       });
     else
       Array.prototype.forEach.call(els, (item, i) => {
-        if (item.innerText.match(el.value))
+        if (item.textContent.match(el.value))
           item.style.display = 'block';
         else
           item.style.display = 'none';
@@ -96,3 +96,26 @@ function restore_url(list) {
     });
   }
 }
+
+function update_footer(path) {
+  var debug = document.querySelector('.foot .debug');
+  debug.innerHTML = "curl -s http://" + window.location.host + path + " | jq '.'";
+}
+
+
+function auth_header() {
+  var h = new Headers({"x-auth": session_key});
+  return { headers: h }
+}
+
+
+ready( () => {
+
+  var flash = document.querySelectorAll('div.flash');
+  Array.prototype.forEach.call(flash, (item, i) => {
+    item.addEventListener('click', (ev) => {
+      ev.target.style.display = 'none';
+    });
+  });
+
+});