jerakia 1.1.2 → 1.2.0

data/lib/jerakia/schema.rb

@@ -1,19 +1,17 @@
 class Jerakia::Schema
-
   # Arguments: request(Jerakia::Request), opts(Hash)
   #
-  def initialize(request,opts)
-    schema_datasource=datasource(opts)
-    schema_request=Jerakia::Request.new(
+  def initialize(request, opts)
+    schema_datasource = datasource(opts)
+    schema_request = Jerakia::Request.new(
       :metadata   => request.metadata,
       :key        => request.key,
       :namespace  => request.namespace,
-      :use_schema => false,
+      :use_schema => false
     )
 
     Jerakia.log.debug("Schema lookup invoked for #{request.key} namespace: #{request.namespace}")
-    schema_lookup = Jerakia::Launcher.new(schema_request) 
-
+    schema_lookup = Jerakia::Launcher.new(schema_request)
 
     begin
       schema_lookup.evaluate do
@@ -27,58 +25,48 @@ class Jerakia::Schema
       raise Jerakia::SchemaError, "Schema lookup for #{request.key} failed: #{e.message}"
     end
 
-    
     @schema_data = schema_lookup.answer.payload || {}
 
     # Validate the returned data from the schema
     raise Jerakia::SchemaError, "Schema must return a hash for key #{request.key}" unless @schema_data.is_a?(Hash)
 
-    valid_opts = [ "alias", "cascade", "merge" ]
+    valid_opts = %w(alias cascade merge)
     @schema_data.keys.each do |key|
       unless valid_opts.include?(key)
         raise Jerakia::SchemaError, "Unknown schema option #{key} for key #{request.key}"
       end
     end
 
-    
-
-
     Jerakia.log.debug("Schema returned #{@schema_data}")
 
-    if salias = @schema_data["alias"]
-      Jerakia.log.debug("Schema alias found to #{@schema_data["alias"]}")
-      request.namespace=Array(salias["namespace"]) if salias["namespace"]
-      request.key = salias["key"] if salias["key"]
+    if salias = @schema_data['alias']
+      Jerakia.log.debug("Schema alias found to #{@schema_data['alias']}")
+      request.namespace = Array(salias['namespace']) if salias['namespace']
+      request.key = salias['key'] if salias['key']
     end
 
-
-    if @schema_data["cascade"]
+    if @schema_data['cascade']
       Jerakia.log.debug("Overriding lookup_type from #{request.lookup_type} to :cascade")
-      request.lookup_type= :cascade
+      request.lookup_type = :cascade
     end
 
-    if @schema_data["merge"]
-      if ["array", "hash", "deep_hash"].include?(@schema_data["merge"])
-        request.merge = @schema_data["merge"].to_sym
+    if @schema_data['merge']
+      if %w(array hash deep_hash).include?(@schema_data['merge'])
+        request.merge = @schema_data['merge'].to_sym
       else
-        raise Jerakia::SchemaError, "Invalid merge type #{@schema_data['merge']} found in schema for key #{request.key}" 
+        raise Jerakia::SchemaError, "Invalid merge type #{@schema_data['merge']} found in schema for key #{request.key}"
       end
     end
-
   end
 
-  def datasource(opts={})
-    [ 
+  def datasource(opts = {})
+    [
       :file, {
-        :docroot        => opts["docroot"] || "/var/lib/jerakia/schema",
-        :format         => opts["format"]  || :json,
-        :enable_caching => opts["enable_caching"] || true,
-        :searchpath     => [ '' ],
+        :docroot        => opts['docroot'] || '/var/lib/jerakia/schema',
+        :format         => opts['format']  || :json,
+        :enable_caching => opts['enable_caching'] || true,
+        :searchpath     => ['']
       }
-    ] 
+    ]
   end
-
-
 end
-
-

data/lib/jerakia/scope/metadata.rb

@@ -15,4 +15,3 @@ class Jerakia::Scope
     end
   end
 end
-

data/lib/jerakia/scope/puppetdb.rb

@@ -0,0 +1,38 @@
+require 'lookup_http'
+class Jerakia::Scope
+  module Puppetdb
+    def create
+      yaml_file = request.scope_options['file'] || './jerakia_scope.yaml'
+      puppetdb_host = request.scope_options['puppetdb_host'] || 'localhost'
+      puppetdb_port = request.scope_options['puppetdb_port'] || 8080
+      puppetdb_api  = request.scope_options['puppetdb_api'] || 4
+      node = request.scope_options['node']
+
+      raise Jerakia::Error, "Must pass the option node to the puppetdb scope handler" unless node
+
+      connection_opts = {
+        :host => puppetdb_host,
+        :port => puppetdb_port,
+        :output => 'json',
+        :ignore_404 => true
+      }.merge(request.scope_options['puppetdb_http_opts'] || {})
+
+      puppetdb_con = LookupHttp.new(connection_opts)
+      
+      case puppetdb_api
+      when 4
+        path = "/pdb/query/v4/nodes/#{node}/facts"
+      else
+        raise Jerakia::Error, "Unsupported PuppetDB API version, #{puppetdb_api}"
+      end
+
+      Jerakia.log.debug("Sending HTTP query to PuppetDB #{puppetdb_host}:#{puppetdb_port} at path #{path}")
+
+      response = puppetdb_con.get_parsed(path)
+
+      raise Jerakia::Error, "PuppetDB returned no data for node #{node}" unless response.is_a?(Array)
+
+      response.each { |r| value[r['name'].to_sym] =  r['value'] }
+    end
+  end
+end

data/lib/jerakia/scope/server.rb

@@ -0,0 +1,60 @@
+require 'securerandom'
+require 'data_mapper'
+# The server scope handler can store and retrieve scope data server side
+#
+class Jerakia::Scope
+  module Server
+    class Database
+      DataMapper.setup(:scope, "sqlite://#{Jerakia.config[:databasedir]}/scope.db")
+
+      class Resource
+        include DataMapper::Resource
+
+
+        def self.default_repository_name
+          :scope
+        end
+
+        property :id, Serial, :key => true
+        property :identifier, String, :index => true
+        property :realm, String, :index => true
+        property :uuid, String
+        property :scope, Object
+      end
+
+      DataMapper.repository(:scope).auto_upgrade!
+      DataMapper.repository(:scope).auto_migrate!
+    end
+
+    def create
+      realm = request.scope_options['realm']
+      identifier = request.scope_options['identifier']
+
+      raise Jerakia::Error, "Must supply realm and identifier for server scope handler" unless realm and identifier
+      resource = Jerakia::Scope::Server.find(realm, identifier)
+      raise Jerakia::Error, "No scope data found for realm:#{realm} identifier:#{identifier}" if resource.nil?
+      scope = resource.scope
+      raise Jerakia::Error, "Scope did not return a hash for realm:#{realm} identifier:#{identifier}" unless scope.is_a?(Hash)
+      @value = Hash[ scope.map { |k,v| [ k.to_sym, v ] } ]
+    end
+
+    class << self
+      def find(realm, identifier)
+        Database::Resource.first(:identifier => identifier, :realm => realm)
+      end
+
+
+      def store(realm, identifier, scope)
+        uuid = SecureRandom.uuid
+        entry = find(realm, identifier)
+        if entry.nil?
+          Database::Resource.create(:identifier => identifier, :realm => realm, :scope => scope, :uuid => uuid)
+        else
+          entry.update({:scope => scope, :uuid => uuid})
+          entry.save
+        end
+        uuid
+      end
+    end
+  end
+end

data/lib/jerakia/scope/yaml.rb

@@ -2,13 +2,12 @@
 class Jerakia::Scope
   module Yaml
     def create
-      yaml_file = request.scope_options["file"] || "./jerakia_scope.yaml"
-      raise Jerakia::Error, "Scope file #{yaml_file} not found" unless File.exists?(yaml_file)
+      yaml_file = request.scope_options['file'] || './jerakia_scope.yaml'
+      raise Jerakia::Error, "Scope file #{yaml_file} not found" unless File.exist?(yaml_file)
       data = YAML.load(File.read(yaml_file))
-      data.each do |key,val|
+      data.each do |key, val|
         value[key.to_sym] = val
       end
     end
   end
 end
-

data/lib/jerakia/scope.rb

@@ -1,5 +1,4 @@
 class Jerakia::Scope
-
   attr_reader :value
   attr_reader :handler
   attr_reader :request
@@ -12,5 +11,4 @@ class Jerakia::Scope
     instance_eval "extend Jerakia::Scope::#{@handler.to_s.capitalize}"
     create
   end
-
 end

data/lib/jerakia/server/auth/token.rb

@@ -0,0 +1,35 @@
+require 'data_mapper'
+require 'dm-sqlite-adapter'
+require 'bcrypt'
+require 'jerakia'
+require 'jerakia/config'
+class Jerakia
+  class Server
+    class Auth
+
+      Jerakia.log.debug("Authentication database sqlite://#{Jerakia.config[:vardir]}/tokens.db")
+
+      DataMapper.setup(:tokens, "sqlite://#{Jerakia.config[:databasedir]}/tokens.db")
+
+      class Token
+
+        include DataMapper::Resource
+        include BCrypt
+
+        def self.default_repository_name
+          :tokens
+        end
+
+        property :api_id, String, :key => true
+        property :token, BCryptHash
+        property :active, Boolean, :default => true
+        property :last_seen, DateTime, :default => DateTime.now
+      end
+
+      DataMapper.finalize
+      DataMapper.auto_upgrade!
+    end
+  end
+end
+
+

data/lib/jerakia/server/auth.rb

@@ -0,0 +1,72 @@
+require 'jerakia/server/auth/token'
+require 'securerandom'
+
+class Jerakia
+  class Server
+    class Auth
+
+      class << self
+
+        def generate_token
+          SecureRandom.hex(40)
+        end
+  
+  
+        def get_entry(api_id)
+          Jerakia::Server::Auth::Token.get(api_id)
+        end
+
+        def update(api_id, fields)
+          entry = get_entry(api_id)
+          entry.update(fields)
+          entry.save
+        end
+
+        def seen!(api_id)
+          update(api_id, { :last_seen => DateTime.now })
+        end
+
+        def disable(api_id)
+          update(api_id, { :active => false })
+        end
+
+        def enable(api_id)
+          update(api_id, { :active => true })
+        end
+
+        def destroy(api_id)
+          entry = get_entry(api_id)
+          entry.destroy
+        end
+  
+        def exists?(api_id)
+          get_entry(api_id)
+        end
+  
+        def create(api_id)
+          raise Jerakia::Error, "API ID #{api_id} already exists" if exists?(api_id)
+          token = generate_token
+          entry = Jerakia::Server::Auth::Token.new(:api_id => api_id, :token => token)
+          entry.save
+          api_id + ":" + token
+        end
+
+        def get_tokens
+          Jerakia::Server::Auth::Token.find
+        end
+  
+        def authenticate(token_string)
+          api_id, token = token_string.split(/:/)
+          entry = get_entry(api_id)
+          return false if entry.nil?
+          if entry.token == token and entry.active
+            seen!(api_id)
+            true
+          else
+            false
+          end
+        end
+      end
+    end
+  end
+end

data/lib/jerakia/server/rest.rb

@@ -0,0 +1,140 @@
+require 'sinatra'
+require 'jerakia'
+require 'jerakia/server/auth'
+require 'json'
+require 'jerakia/scope/server'
+
+class Jerakia
+  class Server
+    class Rest < Sinatra::Base
+
+      def self.jerakia
+        Jerakia::Server.jerakia
+      end
+
+      def initialize
+        @authorized_tokens={}
+        super
+      end
+
+      def jerakia
+        self.class.jerakia
+      end
+
+      def auth_denied
+        request_failed('unauthorized', 401)
+      end
+
+      def token_ttl
+        Jerakia::Server.config["token_ttl"]
+      end
+
+      def token_valid?(token)
+        return false unless @authorized_tokens[token].is_a?(Time)
+        (Time.now - @authorized_tokens[token]) < token_ttl.to_i
+      end
+
+      def authenticate!
+        token = env['HTTP_X_AUTHENTICATION']
+        auth_denied if token.nil?
+        return true if token_valid?(token)
+        unless Jerakia::Server::Auth.authenticate(token)
+          auth_denied
+        end
+        @authorized_tokens[token] = Time.now
+      end
+
+      before do
+        content_type 'application/json'
+      end
+
+      get '/' do
+        auth_denied
+      end
+
+      def request_failed(message, status_code=501)
+        halt(status_code, {
+          :status => 'failed',
+          :message => message,
+        }.to_json)
+      end
+
+      def mandatory_params(mandatory, params)
+        mandatory.each do |m|
+          unless params.include?(m)
+            request_failed("Must include parameter #{m} in request", 400)
+          end
+        end
+      end
+
+      get '/v1/lookup' do
+        request_failed("Keyless lookups not supported in this version of Jerakia")
+      end
+
+      get '/v1/lookup/:key' do
+        mandatory_params(['namespace'], params)
+        request_opts = {
+          :key => params['key'],
+          :namespace => params['namespace'].split(/\//),
+        }
+
+        metadata = params.select { |k,v| k =~ /^metadata_.*/ }
+        scope_opts = params.select { |k,v| k =~ /^scope_.*/ }
+
+        request_opts[:metadata] = Hash[metadata.map { |k,v| [k.gsub(/^metadata_/, ""), v] }]
+        request_opts[:scope_options] = Hash[scope_opts.map { |k,v| [k.gsub(/^scope_/, ""), v] }]
+
+
+        request_opts[:policy] = params['policy'].to_sym if params['policy']
+        request_opts[:lookup_type] = params['lookup_type'].to_sym if params['lookup_type']
+        request_opts[:merge] = params['merge'].to_sym if params['merge']
+        request_opts[:scope] = params['scope'].to_sym if params['scope']
+        request_opts[:use_schema] = false if params['use_schema'] == 'false'
+
+        begin
+          request = Jerakia::Request.new(request_opts)
+          answer = jerakia.lookup(request)
+        rescue Jerakia::Error => e
+          request_failed(e.message, 501)
+        end
+        {
+          :status => 'ok',
+          :payload => answer.payload
+        }.to_json
+      end
+
+      get '/v1/scope/:realm/:identifier' do
+        resource = Jerakia::Scope::Server.find(params['realm'], params['identifier'])
+        if resource.nil?
+          halt(404, { :status => 'failed', :message => "No scope data found" }.to_json)
+        else
+          {
+            :status => 'ok',
+            :payload => resource.scope
+          }.to_json
+        end
+      end
+
+      put '/v1/scope/:realm/:identifier' do
+        scope = JSON.parse(request.body.read)
+        uuid = Jerakia::Scope::Server.store(params['realm'], params['identifier'], scope)
+        {
+          :status => 'ok',
+          :uuid => uuid
+        }.to_json
+      end
+
+      get '/v1/scope/:realm/:identifier/uuid' do
+        resource = Jerakia::Scope::Server.find(params['realm'], params['identifier'])
+        if resource.nil?
+          request_failed('No scope data found', 404)
+        else
+          {
+            :status => 'ok',
+            :uuid => resource.uuid
+          }.to_json
+        end
+      end
+    end
+  end
+end

data/lib/jerakia/server.rb

@@ -0,0 +1,41 @@
+require 'sinatra'
+require 'jerakia'
+require 'thin'
+class Jerakia
+  class Server
+
+    def jerakia
+      self.class.jerakia
+    end
+
+    class << self
+
+      @jerakia = nil
+      @config = {}
+
+      attr_reader :config
+
+      def default_config
+        {
+        'bind' => '127.0.0.1',
+        'port' => '9843',
+        'token_ttl' => 300,
+        }
+      end
+
+      def jerakia
+        @jerakia
+      end
+
+      def start(opts)
+        @jerakia = Jerakia.new(opts)
+        require 'jerakia/server/rest'
+        @config = default_config.merge(Jerakia.config[:server] || {})
+        Thin::Logging.logger=Jerakia.log.logger
+        Jerakia::Server::Rest.set :bind, @config['bind']
+        Jerakia::Server::Rest.set :port, @config['port']
+        Jerakia::Server::Rest.run!
+      end
+    end
+  end
+end

data/lib/jerakia/util.rb

@@ -1,9 +1,9 @@
 class Jerakia
   module Util
     class << self
-      def autoload(path,mod)
+      def autoload(path, mod)
         Jerakia.log.debug "autoloading #{path} #{mod}"
-        require "jerakia/#{path}/#{mod.to_s}"
+        require "jerakia/#{path}/#{mod}"
       end
 
       def walk(data)
@@ -21,7 +21,7 @@ class Jerakia
       end
 
       def walk_hash(data)
-        data.inject({}) do |h,(k,v)|
+        data.each_with_object({}) do |(_k, v), h|
           if v.is_a?(Hash)
             walk_hash(v) { |x| yield x }
           elsif v.is_a?(Array)
@@ -29,9 +29,9 @@ class Jerakia
           else
             yield v
           end
-        h
+          h
         end
-        return data
+        data
       end
 
       def walk_array(data)
@@ -44,9 +44,8 @@ class Jerakia
             yield element
           end
           element
-          end
+        end
       end
     end
   end
 end
-

data/lib/jerakia/version.rb

@@ -1,9 +1,7 @@
 class Jerakia
-
   # Public API to retrieve the latest released version of the code
   #
   # This should be updated when a new gem is released and it is read from the gemspec file
   #
-  VERSION = "1.1.2"
-
+  VERSION = '1.2.0'.freeze
 end