hieraviz 0.1.2 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -11,7 +11,9 @@
11
11
  <script src="/js/base-switch.js"></script>
12
12
  <% end -%>
13
13
  <% if session['access_token'] -%>
14
- <script>var session_key = "<%= session['access_token'] %>";</script>
14
+ <script>
15
+ var session_key = "<%= session['access_token'] %>";
16
+ </script>
15
17
  <% end -%>
16
18
  <%= yield_content :more_js %>
17
19
  </head>
data/app/views/home.erb CHANGED
@@ -3,6 +3,6 @@ Welcome to hieraviz<br>
3
3
 
4
4
  <% if settings.configdata['debug'] -%>
5
5
  <%= session['access_token'] %><br>
6
- <pre><%= Hieraviz::Store.get session['access_token'] if session['access_token'] %></pre>
6
+ <pre><%= settings.store.get(session['access_token'], settings.configdata['session_renew']) if session['access_token'] %></pre>
7
7
  </div>
8
8
  <% end %>
data/app/views/store.erb CHANGED
@@ -1,6 +1,6 @@
1
1
  <div class="meat text">
2
2
  <h1>Store</h1>
3
3
  <%= session['access_token'] %><br>
4
- <pre><%= Hieraviz::Store.dump %></pre>
5
- <pre><%= Hieraviz::Store.tmpdir %></pre>
4
+ <pre><%= settings.store.dump %></pre>
5
+ <pre><%= settings.store.tmpdir %></pre>
6
6
  </div>
data/app/web.rb CHANGED
@@ -11,14 +11,15 @@ require 'hieraviz'
11
11
  require File.expand_path '../common.rb', __FILE__
12
12
 
13
13
  module HieravizApp
14
+ # the unique web endpoints management
14
15
  class Web < Common
15
16
  helpers Sinatra::ContentFor
16
17
  register Sinatra::Flash
17
18
 
18
19
  configure do
19
20
  set :session_secret, settings.configdata['session_seed']
20
- set :public_folder, Proc.new { File.join(root, "public") }
21
- set :views_folder, Proc.new { File.join(root, "views") }
21
+ set :public_folder, -> { File.join(root, 'public') }
22
+ set :views_folder, -> { File.join(root, 'views') }
22
23
  set :erb, layout: :_layout
23
24
  enable :sessions
24
25
  end
@@ -32,26 +33,29 @@ module HieravizApp
32
33
  when 'dummy'
33
34
 
34
35
  get '/logout' do
35
- session.delete :access_token
36
+ session.delete 'access_token'
36
37
  erb :logout
37
38
  end
38
39
 
39
40
  get '/login' do
40
- session[:access_token] = '0000'
41
+ session['access_token'] = '0000'
41
42
  redirect '/'
42
43
  end
43
44
 
44
45
  helpers do
45
46
  def check_authorization
46
- 'dummy'
47
+ if session['access_token']
48
+ return 'dummy'
49
+ end
50
+ false
47
51
  end
48
52
  end
49
53
 
50
54
  when 'http'
51
55
 
52
- use Rack::Auth::Basic, "Puppet Private Access" do |username, password|
53
- username == settings.configdata['http_auth']['username'] &&
54
- password == settings.configdata['http_auth']['password']
56
+ use Rack::Auth::Basic, 'Puppet Private Access' do |user, pass|
57
+ user == settings.configdata['http_auth']['username'] &&
58
+ pass == settings.configdata['http_auth']['password']
55
59
  end
56
60
 
57
61
  get '/logout' do
@@ -60,10 +64,11 @@ module HieravizApp
60
64
 
61
65
  helpers do
62
66
  def check_authorization
63
- if !session['access_token']
64
- session[:access_token] = settings.configdata['http_auth']['access_token']
67
+ http_auth = settings.configdata['http_auth']
68
+ unless session['access_token']
69
+ session[:access_token] = http_auth['access_token']
65
70
  end
66
- settings.configdata['http_auth']['username']
71
+ http_auth['username']
67
72
  end
68
73
  end
69
74
 
@@ -72,24 +77,32 @@ module HieravizApp
72
77
  set :oauth, Hieraviz::AuthGitlab.new(settings.configdata['gitlab_auth'])
73
78
 
74
79
  helpers do
75
-
76
80
  def check_authorization
77
- if !session['access_token']
78
- redirect settings.oauth.login_url(request)
79
- else
80
- session_info = Hieraviz::Store.get(session['access_token'], settings.configdata['session_renew'])
81
- if !session_info
82
- if !settings.oauth.authorized?(session['access_token'])
83
- flash[:fatal] = "Sorry you are not authorized to read puppet repo on gitlab."
84
- redirect '/'
85
- else
86
- Hieraviz::Store.set session['access_token'], settings.oauth.user_info(session['access_token'])
87
- session_info = Hieraviz::Store.get(session['access_token'], settings.configdata['session_renew'])
88
- end
89
- end
81
+ if session_info['username']
90
82
  session_info['username']
83
+ else
84
+ access_token = session['access_token']
85
+ oauth = settings.oauth
86
+ redirect oauth.login_url(request) unless access_token
87
+ return init_session(oauth, access_token) if oauth.authorized?(access_token)
88
+ sorry
91
89
  end
92
90
  end
91
+
92
+ def session_info
93
+ settings.store.get session['access_token'], settings.configdata['session_renew']
94
+ end
95
+
96
+ def init_session(oauth, access_token)
97
+ user_info = oauth.user_info(access_token)
98
+ settings.store.set access_token, user_info
99
+ user_info['username']
100
+ end
101
+
102
+ def sorry
103
+ flash[:fatal] = 'Sorry you are not authorized to read puppet repo on gitlab.'
104
+ redirect '/'
105
+ end
93
106
  end
94
107
 
95
108
  get '/login' do
@@ -99,8 +112,8 @@ module HieravizApp
99
112
  get '/logged-in' do
100
113
  access_token = settings.oauth.access_token(request, params[:code])
101
114
  session[:access_token] = access_token.token
102
- Hieraviz::Store.set access_token.token, settings.oauth.user_info(access_token.token)
103
- flash['info'] = "Successfully authenticated with the server"
115
+ settings.store.set access_token.token, settings.oauth.user_info(access_token.token)
116
+ flash['info'] = 'Successfully authenticated with the server'
104
117
  redirect '/'
105
118
  end
106
119
 
@@ -109,15 +122,13 @@ module HieravizApp
109
122
  redirect '/'
110
123
  end
111
124
 
112
- else
113
125
  end
114
126
 
115
127
  get '/' do
116
128
  if settings.basepaths
117
129
  redirect "/#{File.basename(settings.configdata['basepath'])}"
118
130
  else
119
- @username = get_username
120
- hieracles_config = prepare_config(nil)
131
+ @username = username
121
132
  erb :home
122
133
  end
123
134
  end
@@ -126,7 +137,7 @@ module HieravizApp
126
137
  @username = check_authorization
127
138
  hieracles_config = prepare_config(base)
128
139
  @nodes = Hieracles::Registry.nodes(hieracles_config)
129
- erb :nodes
140
+ erb :nodes
130
141
  end
131
142
 
132
143
  get %r{^/?([-_\.a-zA-Z0-9]+)?/farms} do |base|
@@ -137,37 +148,33 @@ module HieravizApp
137
148
  end
138
149
 
139
150
  get %r{^/?([-_\.a-zA-Z0-9]+)?/modules} do |base|
151
+ prepare_config(base)
140
152
  @username = check_authorization
141
- hieracles_config = prepare_config(base)
142
153
  erb :modules
143
154
  end
144
155
 
145
156
  get %r{^/?([-_\.a-zA-Z0-9]+)?/resources} do |base|
157
+ prepare_config(base)
146
158
  @username = check_authorization
147
- hieracles_config = prepare_config(base)
148
159
  erb :resources
149
160
  end
150
161
 
151
162
  get %r{^/?([-_\.a-zA-Z0-9]+)?/user} do |base|
163
+ prepare_config(base)
152
164
  @username = check_authorization
153
- hieracles_config = prepare_config(base)
154
- if session[:access_token]
155
- @userinfo = get_userinfo
156
- else
157
- @userinfo = {}
158
- end
165
+ @userinfo = session[:access_token] ? userinfo : {}
159
166
  erb :user
160
167
  end
161
168
 
162
169
  get %r{^/([-_\.a-zA-Z0-9]+)$} do |base|
163
- @username = get_username
164
- hieracles_config = prepare_config(base)
170
+ prepare_config(base)
171
+ @username = username
165
172
  erb :home
166
173
  end
167
174
 
168
175
  # debug pages --------------------
169
176
  # get '/store' do
170
- # # Hieraviz::Store.set 'woot', 'nada'
177
+ # # settings.store.set 'woot', 'nada'
171
178
  # erb :store
172
179
  # end
173
180
  # error 401 do
@@ -180,10 +187,9 @@ module HieravizApp
180
187
  # debug pages --------------------
181
188
 
182
189
  not_found do
183
- @username = get_username
190
+ @username = username
184
191
  erb :not_found, layout: :_layout
185
192
  end
186
193
 
187
-
188
194
  end
189
195
  end
data/config.ru CHANGED
@@ -2,7 +2,5 @@ require 'rubygems'
2
2
  require 'sinatra'
3
3
  require File.expand_path '../app/main.rb', __FILE__
4
4
 
5
- run Rack::URLMap.new({
6
- '/' => HieravizApp::Web,
7
- '/v1' => HieravizApp::ApiV1
8
- })
5
+ run Rack::URLMap.new('/' => HieravizApp::Web,
6
+ '/v1' => HieravizApp::ApiV1)
@@ -1,50 +1,53 @@
1
1
  require 'oauth2'
2
+ require 'hieraviz/utilities'
2
3
 
3
4
  module Hieraviz
5
+ # class to manage gitlab oauth2 connection and authorization checks
4
6
  class AuthGitlab
7
+ include Utilities
5
8
 
6
9
  def initialize(settings)
7
- @@client ||= OAuth2::Client.new(
8
- settings['application_id'],
9
- settings['secret'],
10
- :site => settings['host']
11
- )
12
10
  @settings = settings
11
+ @client = OAuth2::Client.new(
12
+ @settings['application_id'],
13
+ @settings['secret'],
14
+ site: @settings['host']
15
+ )
13
16
  end
14
17
 
15
18
  def access_token(request, code)
16
- @@client.auth_code.get_token(code, :redirect_uri => redirect_uri(request.url))
19
+ @client.auth_code.get_token(code, redirect_uri: redirect_uri(request.url))
17
20
  end
18
21
 
19
22
  def get_response(url, token)
20
- a_token = OAuth2::AccessToken.new(@@client, token)
23
+ a_token = OAuth2::AccessToken.new(@client, token)
21
24
  begin
22
25
  JSON.parse(a_token.get(url).body)
23
- rescue Exception => e
24
- { 'error' => JSON.parse(e.message.split(/\n/)[1])['message'] }
26
+ rescue StandardError => error
27
+ { 'error' => JSON.parse(error.message.split(/\n/)[1])['message'] }
25
28
  end
26
29
  end
27
30
 
28
- def redirect_uri(url)
29
- uri = URI.parse(url)
30
- uri.path = '/logged-in'
31
- uri.query = nil
32
- uri.fragment = nil
33
- uri.to_s
34
- end
35
-
36
31
  def login_url(request)
37
- @@client.auth_code.authorize_url(:redirect_uri => redirect_uri(request.url))
32
+ @client.auth_code.authorize_url(redirect_uri: redirect_uri(request.url))
38
33
  end
39
34
 
40
35
  def authorized?(token)
41
- if @settings['resource_required']
42
- resp = get_response(@settings['resource_required'], token)
43
- if resp['error'] ||
44
- (resp[@settings['required_response_key']] &&
45
- resp[@settings['required_response_key']] != resp[@settings['required_response_value']])
46
- return false
47
- end
36
+ resource_required = @settings['resource_required']
37
+ if resource_required
38
+ return check_authorization(resource_required, token)
39
+ end
40
+ true
41
+ end
42
+
43
+ def check_authorization(resource_required, token)
44
+ resp = get_response(resource_required, token)
45
+ resp_required_response_key = resp[@settings['required_response_key']].to_s
46
+ resp_required_response_value = @settings['required_response_value'].to_s
47
+ if resp['error'] ||
48
+ ( resp_required_response_key &&
49
+ resp_required_response_key != resp_required_response_value)
50
+ return false
48
51
  end
49
52
  true
50
53
  end
@@ -1,18 +1,18 @@
1
1
  module Hieraviz
2
+ # module to manage parsing and holding of configuration variables
2
3
  module Config
3
- extend self
4
-
5
4
  def load
6
5
  @_config = YAML.load_file(configfile)
7
6
  end
8
7
 
9
8
  def configfile
10
- root_path(ENV['HIERAVIZ_CONFIG_FILE'] || File.join("config", "hieraviz.yml"))
9
+ root_path(ENV['HIERAVIZ_CONFIG_FILE'] || File.join('config', 'hieraviz.yml'))
11
10
  end
12
11
 
13
12
  def basepaths
14
- if @_config && @_config['basepath_dir']
15
- Dir.glob(root_path(@_config['basepath_dir'])).map { |p| File.expand_path(p) }
13
+ basepath_dir = @_config['basepath_dir']
14
+ if @_config && basepath_dir
15
+ Dir.glob(root_path(basepath_dir)).map { |path| File.expand_path(path) }
16
16
  end
17
17
  end
18
18
 
@@ -27,6 +27,7 @@ module Hieraviz
27
27
  File.join(root, path)
28
28
  end
29
29
  end
30
-
30
+
31
+ module_function :load, :configfile, :basepaths, :root, :root_path
31
32
  end
32
33
  end
@@ -1,10 +1,11 @@
1
1
  module Hieraviz
2
+ # class for storage and retrieval of customized facts that can overlay hiera facts
2
3
  class Facts
3
4
 
4
5
  def initialize(tmpdir, base, node, user)
5
6
  @filename = File.join(tmpdir, "#{base}__#{node}__#{user}")
6
7
  end
7
-
8
+
8
9
  def exist?
9
10
  File.exist? @filename
10
11
  end
@@ -12,11 +13,13 @@ module Hieraviz
12
13
  def read
13
14
  if exist?
14
15
  Marshal.load(File.binread(@filename))
16
+ else
17
+ {}
15
18
  end
16
19
  end
17
-
20
+
18
21
  def write(data)
19
- File.open(@filename, 'wb') {|f| f.write(Marshal.dump(data)) }
22
+ File.open(@filename, 'wb') { |file| file.write(Marshal.dump(data)) }
20
23
  end
21
24
 
22
25
  def remove
@@ -1,4 +1,5 @@
1
1
  module Hieraviz
2
+ # wrapper class to call hieracles puppetdb class
2
3
  class Puppetdb
3
4
 
4
5
  def initialize(config)
@@ -1,25 +1,37 @@
1
1
  module Hieraviz
2
- module Store
3
- extend self
2
+ class Store
3
+
4
+ def initialize(storedir)
5
+ @tmpdir = init_tmpdir(storedir)
6
+ end
4
7
 
5
8
  def data
6
- @_data ||= Hash.new
9
+ @_data ||= {}
10
+ end
11
+
12
+ def clear_data
13
+ @_data = {}
14
+ data
7
15
  end
8
16
 
9
17
  def set(key, value)
10
- File.open(tmpfile(key), 'w') do |f|
11
- f.print Marshal::dump(value)
18
+ File.open(tmpfile(key), 'w') do |file|
19
+ file.print Marshal.dump(value)
12
20
  end
13
21
  data[key] = value
14
22
  end
15
23
 
16
- def get(key, expiration=false)
17
- f = tmpfile(key)
18
- if File.exist?(f) && expiration && expired?(f, expiration)
19
- File.unlink(f)
20
- end
21
- if File.exist?(f)
22
- data[key] ||= Marshal::load(File.read(f).chomp)
24
+ def get(key, expiration)
25
+ file = tmpfile(key)
26
+ if File.exist?(file)
27
+ if expiration && expired?(file, expiration)
28
+ File.unlink(file)
29
+ clear_data
30
+ else
31
+ data[key] ||= Marshal.load(File.read(file).chomp)
32
+ end
33
+ else
34
+ clear_data
23
35
  end
24
36
  end
25
37
 
@@ -28,19 +40,14 @@ module Hieraviz
28
40
  end
29
41
 
30
42
  def tmpfile(name)
31
- File.join tmpdir, name.gsub(/[^a-z0-9]/,'')
32
- end
33
-
34
- def tmpdir
35
- @_tmpdir ||= init_tmpdir
43
+ File.join @tmpdir, name.gsub(/[^a-z0-9]/, '')
36
44
  end
37
45
 
38
- def init_tmpdir
39
- config = Hieraviz::Config.load
40
- tmp = config['tmpdir'] || '/tmp'
46
+ def init_tmpdir(storedir)
47
+ tmp = storedir || '/tmp'
41
48
  begin
42
49
  FileUtils.mkdir_p(tmp) unless Dir.exist?(tmp)
43
- rescue Exception => e
50
+ rescue
44
51
  tmp = '/tmp'
45
52
  end
46
53
  tmp
@@ -0,0 +1,14 @@
1
+ module Hieraviz
2
+ # Convenience methods used by various other classes
3
+ module Utilities
4
+
5
+ def redirect_uri(url)
6
+ uri = URI.parse(url)
7
+ uri.path = '/logged-in'
8
+ uri.query = nil
9
+ uri.fragment = nil
10
+ uri.to_s
11
+ end
12
+
13
+ end
14
+ end
data/lib/hieraviz.rb CHANGED
@@ -1,10 +1,10 @@
1
1
  require 'hieracles'
2
- require "hieraviz/version"
3
- require "hieraviz/config"
4
- require "hieraviz/store"
5
- require "hieraviz/facts"
6
- require "hieraviz/auth_gitlab"
7
- require "hieraviz/puppetdb"
2
+ require 'hieraviz/version'
3
+ require 'hieraviz/config'
4
+ require 'hieraviz/store'
5
+ require 'hieraviz/facts'
6
+ require 'hieraviz/auth_gitlab'
7
+ require 'hieraviz/puppetdb'
8
8
 
9
9
  module Hieraviz
10
10
  # Your code goes here...