marty 2.5.7 → 2.5.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e21e7788214cabe5b48e33e15fbefcdbc30ba526f1a8870a3c5c7ab240b48b4d
-  data.tar.gz: 285129ffcd5648deeaa816a7923efc6b146adc01ba2a75624f0a5944063c7372
+  metadata.gz: 17d4c8cca5e227120b347328f76f6b5c2844a3662fe4fa31c186d4ac5b422f9b
+  data.tar.gz: 5ae6f1ec90da4b1543ed781e2bd9b9ef88224d9b51bde8257f9e9188dc44b82c
 SHA512:
-  metadata.gz: 16931641ca8a4478ee399f24fe50398989d35aae7353efebd550e371ad76d45de9faf465f4e139cf4bbb28ae5502fb734f0be49de1f9e054d2d85369c059b190
-  data.tar.gz: de0f280f2a9d0077134e8d717d2e5882c0e35cb3909b9049b4127435b9cb34040bdc8de5081946be80e5085325aee769e48fe8906a919f07fcdc217486e2cf3e
+  metadata.gz: 5705fbd63836311b4f6b2847d9b2b2fe998a413980a5a795a98494f94e8dc0dda78dc0a3a05d994c821102e8bf8320afe6465393dd663674cb22b5cfa2b63a52
+  data.tar.gz: 806137fda06674d6d4fa937689a0da78898f1c4589ee1f52833030aea10537e48a76037ebbe2acc7a1c90eaccee1bb4d2af7ea325a09f93dbbc35028af5f37e9

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    marty (2.5.7)
+    marty (2.5.8)
       aws-sigv4 (~> 1.0, >= 1.0.2)
       axlsx (= 3.0.0pre)
       coderay

data/app/components/marty/promise_view.rb

@@ -1,5 +1,6 @@
 class Marty::PromiseView < Netzke::Tree::Base
   extend ::Marty::Permissions
+  has_marty_permissions read: :any
 
   client_styles do |config|
     config.require :promise_view
@@ -15,11 +16,17 @@ class Marty::PromiseView < Netzke::Tree::Base
     c.include :promise_view
   end
 
-  def configure(config)
+  ######################################################################
+
+  def class_can?(op)
+    self.class.can_perform_action?(op)
+  end
+
+  def configure(c)
     super
-    config.title = I18n.t('jobs.promise_view')
-    config.model = 'Marty::VwPromise'
-    config.attributes = [
+    c.title = I18n.t('jobs.promise_view')
+    c.model = 'Marty::VwPromise'
+    c.attributes = [
       { name: :title, xtype: :treecolumn },
       :user__login,
       :job_id,
@@ -29,14 +36,17 @@ class Marty::PromiseView < Netzke::Tree::Base
       :cformat,
       :error,
     ]
-    config.root_visible = false
-    config.paging = :none
-    config.bbar = bbar
-    config.read_only = true
-    config.permissions = { update: false,
-                           create: false,
-                           delete: false,
-                         }
+    c.root_visible = false
+    c.paging = :none
+    c.bbar = bbar
+    c.read_only = true
+    c.permissions = {
+      create: class_can?(:create),
+      read:   class_can?(:read),
+      update: class_can?(:update),
+      delete: class_can?(:delete)
+    }
+
     # garbage collect old promises (hacky to do this here)
     Marty::Promise.cleanup(false)
   end

data/app/controllers/marty/rpc_controller.rb

@@ -1,56 +1,54 @@
 class Marty::RpcController < ActionController::Base
+  INTERNAL_SERVER_ERROR   = { error: 'internal server error' }
+  PERMISSION_DENIED_ERROR = { error: 'Permission denied' }
+
   def evaluate
-      # set default result and params in case of unexpected errors
-      # to ensure logging capabilities
-      result          = nil
-      api_params      = {}
-      start_time      = nil
-      auth            = nil
-
-      # massage request params
-      massaged_params = massage_params(params)
-
-      # resolve api config in order to determine api class and settings
-      api_config = Marty::ApiConfig.lookup(*massaged_params.values_at(
-        :script,
-        :node,
-        :attr)
-                                          ) || {}
-
-      # default to base class if no config is present
-      api = api_config.present? ? api_config[:api_class].constantize :
-              Marty::Api::Base
-
-      return result = massaged_params if massaged_params.include?(:error)
-
-      api_params = api.process_params(massaged_params)
-      auth       = api.is_authorized?(api_params)
-      return result = { error: 'Permission denied' } unless auth
-
-      start_time = Time.zone.now
-      api.before_evaluate(api_params)
-      result = api.evaluate(api_params, request, api_config)
-      api.after_evaluate(api_params, result)
-  rescue StandardError => e
-      # log unexpected failures in rpc controller and respond with
-      # generic server error
-      Marty::Logger.log('rpc_controller', 'failure', e.message)
-      result = { error: 'internal server error' }
-  ensure
-      # if logging is enabled, always log the result even on error
-      if api_config && api_config[:logged] && api
-        api.log(result,
-                api_params + { start_time: start_time, auth: auth },
-                request)
-      end
+    massaged_params = massage_params(params)
+
+    # resolve api config in order to determine api class and settings
+    api_config = get_api_config(massaged_params) || {}
+
+    # default to base class if no config is present
+    api = api_config[:api_class].try(:constantize) || Marty::Api::Base
+
+    api.respond_to(self) do
+      begin
+        next massaged_params if massaged_params.include?(:error)
+
+        api_params = api.process_params(massaged_params)
+        auth       = api.is_authorized?(api_params)
+
+        next PERMISSION_DENIED_ERROR unless auth
 
-      api.respond_to(self) do
-        result || { 'error' => 'internal server error' }
+        # allow api classes to return hashes with error key for custom responses
+        next auth if auth.is_a?(Hash) && auth[:error]
+
+        start_time = Time.zone.now
+        api.before_evaluate(api_params)
+
+        result = api.evaluate(api_params, request, api_config)
+        api.after_evaluate(api_params, result)
+
+        if api_config[:logged]
+          log_params = api_params + { start_time: start_time, auth: auth }
+          api.log(result, log_params, request)
+        end
+
+        result
+      rescue StandardError => e
+        Marty::Logger.log('rpc_controller', 'failure', e.message)
+        INTERNAL_SERVER_ERROR
       end
+    end
   end
 
   private
 
+  def get_api_config params
+    config_attrs = params.values_at(:script, :node, :attr)
+    Marty::ApiConfig.lookup(*config_attrs)
+  end
+
   def process_active_params params
     # must permit params before conversion to_h
     # convert hash to json and parse to get expected hash (not indifferent)

data/app/models/marty/user.rb

@@ -53,6 +53,23 @@ class Marty::User < Marty::Base
     authenticate_with?(login, password) || nil
   end
 
+  def self.ldap_login(login, password)
+    # IMPORTANT NOTE: if server allows anonymous LDAP access, empty
+    # passwords will succeed!  i.e. if a valid user with empty
+    # password is sent in, ldap.bind will return OK.
+    cf = Rails.configuration.marty.ldap
+    ldap = Net::LDAP.new(host: cf.host,
+                         port: cf.port,
+                         base: cf.base_dn,
+                         encryption: cf.encryption,
+                         auth: {
+                           method: :simple,
+                           username: cf.domain + '\\' + login,
+                           password: password,
+                         })
+    ldap.bind
+  end
+
   def self.authenticate_with?(login, password)
     cf = Rails.configuration.marty
 
@@ -61,20 +78,7 @@ class Marty::User < Marty::Base
     if auth_source == 'local'
       ok = password == cf.local_password
     elsif auth_source == 'ldap'
-      # IMPORTANT NOTE: if server allows anonymous LDAP access, empty
-      # passwords will succeed!  i.e. if a valid user with empty
-      # password is sent in, ldap.bind will return OK.
-      cf = Rails.configuration.marty.ldap
-      ldap = Net::LDAP.new(host: cf.host,
-                           port: cf.port,
-                           base: cf.base_dn,
-                           encryption: cf.encryption,
-                           auth: {
-                             method: :simple,
-                             username: cf.domain + '\\' + login,
-                             password: password,
-                           })
-      ok = ldap.bind
+      ok = ldap_login(login, password)
     else
       raise "bad auth_source: #{auth_source.inspect}"
     end

data/lib/marty/version.rb

@@ -1,3 +1,3 @@
 module Marty
-  VERSION = '2.5.7'
+  VERSION = '2.5.8'
 end

data/other/marty/api/base.rb

@@ -168,25 +168,28 @@ class Marty::Api::Base
     return unless hash
 
     pf = ActionDispatch::Http::ParameterFilter.new(filter_params)
-    pf.filter(hash)
+    pf.filter(hash.stringify_keys)
   end
 
   def self.log_hash result, params, request
-    res     = result.is_a?(Hash) ? result.stringify_keys : result
     ret_arr = params[:return_array]
+
+    # filter sensitive information from input/output
+    is_hash = result.is_a?(Hash)
+    res     = is_hash ? filter_hash(result, engine_params_filter) : result
     input   = filter_hash(params[:params], engine_params_filter)
+    error   = res['error'] if is_hash && res.include?('error')
+
     { script:     params[:script],
-     node:       params[:node],
-     attrs:      ret_arr ? [params[:attr]] : params[:attr],
-     input:      input,
-     output:     (res.is_a?(Hash) &&
-                  res.include?('error')) ? nil : res,
-     start_time: params[:start_time],
-     end_time:   Time.zone.now,
-     error:      (res.is_a?(Hash) &&
-                  res.include?('error')) ? res['error'] : nil,
-     remote_ip:  request.remote_ip,
-     auth_name:  params[:auth]
+      node:       params[:node],
+      attrs:      ret_arr ? [params[:attr]] : params[:attr],
+      input:      input,
+      output:     error ? nil : res,
+      start_time: params[:start_time],
+      end_time:   Time.zone.now,
+      error:      error,
+      remote_ip:  request.remote_ip,
+      auth_name:  params[:auth]
     }
   end
 

data/other/marty/diagnostic/delayed_job_workers.rb

@@ -1,4 +1,6 @@
 module Marty::Diagnostic; class DelayedJobWorkers < Base
+  DIAG_NAME          = 'Delayed Workers / Node'
+  DIAG_CONFIG_TARGET = 'DIAG_DELAYED_TARGET'
   diagnostic_fn do
     my_ip = Node.my_ip
     workers = Database.current_connections.map do |c|
@@ -6,7 +8,16 @@ module Marty::Diagnostic; class DelayedJobWorkers < Base
       name = c['application_name']
       name if name.include?('delayed') && (ip == my_ip || ip == '127.0.0.1')
     end.compact.uniq.count
-    { 'Delayed Workers / Node' => workers.zero? ? error(workers) : workers }
+
+    target_count = Marty::Config[DIAG_CONFIG_TARGET]
+
+    next { DIAG_NAME => workers.zero? ? error(workers) : workers } unless
+      target_count
+
+    next { DIAG_NAME => error("invalid type for #{DIAG_CONFIG_TARGET}") } unless
+      target_count.is_a?(Integer)
+
+    { DIAG_NAME => workers == target_count ? workers : error(workers) }
   end
 end
 end

data/spec/other/diagnostic/delayed_job_workers_spec.rb

@@ -2,12 +2,13 @@ require 'spec_helper'
 require 'job_helper'
 
 describe Marty::Diagnostic::DelayedJobWorkers do
-  def sample_data ip = nil, error = false
+  def sample_data opts={}
+    ip, error, status = opts.values_at(:ip, :error, :status)
     {
       ip || Marty::Helper.my_ip => {
         'Delayed Workers / Node' => {
           'description' => error ? '3' : '4',
-          'status'      => true,
+          'status'      => status,
           'consistent'  => nil
         },
       }
@@ -16,10 +17,10 @@ describe Marty::Diagnostic::DelayedJobWorkers do
 
   def sample_aggregate error = false
     [
-      sample_data(ip = '0.0.0.0'),
-      sample_data(ip = '0.0.0.1'),
-      sample_data(ip = '0.0.0.2', error = error),
-      sample_data(ip = '0.0.0.3'),
+      sample_data(ip: '0.0.0.0'),
+      sample_data(ip: '0.0.0.1'),
+      sample_data(ip: '0.0.0.2', error: error),
+      sample_data(ip: '0.0.0.3'),
     ].reduce(:merge)
   end
 
@@ -37,8 +38,10 @@ describe Marty::Diagnostic::DelayedJobWorkers do
     expect(described_class.consistent?(inconsistent)).to eq(false)
   end
 
-  it 'recognizes zero workers as an error' do
-    data = described_class.generate.values[0]
-    expect(data['Delayed Workers / Node']['status']).to eq(false)
+  it 'allows a config to set the target workers' do
+    Marty::Config['DIAG_DELAYED_TARGET'] = 2
+    start_delayed_job
+    expect(described_class.generate).to eq(sample_data(status: false))
+    stop_delayed_job
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: marty
 version: !ruby/object:Gem::Version
-  version: 2.5.7
+  version: 2.5.8
 platform: ruby
 authors:
 - Arman Bostani
@@ -429,7 +429,6 @@ files:
 - other/marty/diagnostic/connections.rb
 - other/marty/diagnostic/database.rb
 - other/marty/diagnostic/delayed_job_version.rb
-- other/marty/diagnostic/delayed_job_worker_total_count.rb
 - other/marty/diagnostic/delayed_job_workers.rb
 - other/marty/diagnostic/environment_variables.rb
 - other/marty/diagnostic/fatal.rb

data/other/marty/diagnostic/delayed_job_worker_total_count.rb

@@ -1,10 +0,0 @@
-module Marty::Diagnostic; class DelayedJobWorkerTotalCount < Base
-  diagnostic_fn(aggregatable: false) do
-    count = Database.current_connections.map do |c|
-      [c['application_name'], c['client_addr'] || '127.0.0.1'] if
-        c['application_name'].include?('delayed')
-    end.compact.uniq.count
-    { 'Delayed Workers' => count.zero? ? error(count) : count }
-  end
-end
-end