midb 1.1.1 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d5ef9483dfada39d3e9f8bccc1c44e1e418a49b1
-  data.tar.gz: 954831b1336e3d3402279f2d5b1cd49f99850d50
+  metadata.gz: 644f4e1de9aa34f81c03df7a4632ed0c809c2347
+  data.tar.gz: ba52f668994e64f7425ed9d001dd86083c3dec7e
 SHA512:
-  metadata.gz: 50e11179acc6827bb9fc7ece5f5ecaf4b7938dac3838d82601d2c496a62fd5f6f4fa00fbab474c927a1c925e7aec4ede32603542256627c806e020c7d8010bbb
-  data.tar.gz: e148bf8571b0f54652a79945f92df92ebde4ab67e3898acc4541f1c34342b93fb6fa9d20f8d006e3eb9f44a4f0a9145293e1706e227f993dcceed68d1d50aee5
+  metadata.gz: d05f26de94df71818137d79bef6cb23b79e9ad68d4fa3c853494959d75e670177d8b0065ae24a34fd767c145a5066df37548a666c912f58dfd54d12ff540063a
+  data.tar.gz: 82b54f559776bcb5a7dc5bc19a437e8a804c12703cde686bdc57f37048d85a70ea0e8ab0967ea954e96d7905f5b6270455cbf1a02641cdfa0b1f59467daf2cd6

data/lib/midb/dbengine_model.rb

@@ -1,6 +1,6 @@
 require 'sqlite3'
 require 'mysql2'
-
+require 'midb/errors_view'
 module MIDB
   module API
     # @author unrar
@@ -38,14 +38,19 @@ module MIDB
       #
       # @return [SQLite3::Database, Mysql2::Client] A resource referencing to the database
       def connect()
-        # Connect to an SQLite3 database
-        if @engine == :sqlite3
-          sq = SQLite3::Database.open("./db/#{@db}.db")
-          sq.results_as_hash = true
-          return sq
-        # Connect to a MySQL database
-        elsif @engine == :mysql
-          return Mysql2::Client.new(:host => @host, :username => @uname, :password => @pwd, :database => @db)
+        begin
+          # Connect to an SQLite3 database
+          if @engine == :sqlite3
+            sq = SQLite3::Database.open("./db/#{@db}.db")
+            sq.results_as_hash = true
+            return sq
+          # Connect to a MySQL database
+          elsif @engine == :mysql
+            return Mysql2::Client.new(:host => @host, :username => @uname, :password => @pwd, :database => @db)
+          end
+        rescue
+          MIDB::Interface::Errors.exception(:database_error, $!)
+          return false
         end
       end
 
@@ -56,10 +61,15 @@ module MIDB
       #
       # @return [Array, Hash] Returns an array of hashes for SQLite3 or a hash for MySQL
       def query(res, query)
-        if @engine == :sqlite3
-          return res.execute(query)
-        elsif @engine == :mysql
-          return res.query(query)
+        begin
+          if @engine == :sqlite3
+            return res.execute(query)
+          elsif @engine == :mysql
+            return res.query(query)
+          end
+        rescue
+          MIDB::Interface::Errors.exception(:query_error, $!)
+          return false
         end
       end
 

data/lib/midb/errors_view.rb

@@ -25,6 +25,14 @@ module MIDB
         end
         abort("Fatal error: #{errmsg}")
       end
+      def self.exception(exc, more="")
+        excmsg = case exc
+          when :database_error then "An error occurred when trying to connect to the database. #{more}"
+          when :query_error then "An error occurred when trying to query the database. #{more}"
+          else "Unknown exception: #{exc.to_s} #{more}"
+        end
+        puts "(exception)\t#{excmsg}"
+      end
     end
   end
 end

data/lib/midb/server_controller.rb

@@ -31,6 +31,19 @@ module MIDB
       #   @return [Object] MIDB::API::Hooks instance
       attr_accessor :args, :config, :db, :http_status, :port, :hooks
 
+      # Convert an on/off string to a boolean
+      #
+      # @param text [String] Text to convert to bool
+      def to_bool(text) 
+        if text == "on" || text == "true" || text == "yes"
+          return true
+        elsif text == "off" || text == "false" || text == "no"
+          return false
+        else
+          return nil
+        end
+      end
+
       # Constructor for this controller.
       #
       # @param args [Array<String>] Arguments passed to the binary.
@@ -92,12 +105,20 @@ module MIDB
           @config["serves"] = []
           @config["status"] = :asleep    # The server is initially asleep
           @config["apikey"] = "midb-api" # This should be changed, it's the private API key
+          # Optional API key for GET methods (void by default)
+          @config["apigetkey"] = nil
           @config["dbengine"] = :sqlite3  # SQLite is the default engine
           # Default DB configuration for MySQL and other engines
           @config["dbhost"] = "localhost"
           @config["dbport"] = 3306
           @config["dbuser"] = "nobody"
           @config["dbpassword"] = "openaccess" 
+          # New settings - privacy
+          @config["privacyget"] = false
+          @config["privacypost"] = true
+          @config["privacyput"] = true
+          @config["privacydelete"] = true
+
           File.open(".midb.yaml", 'w') do |l|
             l.write @config.to_yaml
           end
@@ -155,6 +176,30 @@ module MIDB
           when "key"
             @config["apikey"] = setter if set
             MIDB::Interface::Server.out_config(:apikey, @config)
+          when "getkey"
+            if setter == "nil"
+              @config["apigetkey"] = nil if set
+            else
+              @config["apigetkey"] = setter if set
+            end
+            MIDB::Interface::Server.out_config(:apigetkey, @config)
+          end
+        when "privacy"
+          case subcmd
+          when "get"
+            @config["privacyget"] = self.to_bool(setter) if set
+            MIDB::Interface::Server.out_config(:privacyget, @config)
+          when "post"
+            @config["privacypost"] = self.to_bool(setter) if set
+            MIDB::Interface::Server.out_config(:privacypost, @config)
+          when "put"
+            @config["privacyput"] = self.to_bool(setter) if set
+            MIDB::Interface::Server.out_config(:privacyput, @config)
+          when "delete"
+            @config["privacydelete"] = self.to_bool(setter) if set
+            MIDB::Interface::Server.out_config(:privacydelete, @config)
+          else 
+            MIDB::Interface::Errors.die(:syntax)
           end
         else
           MIDB::Interface::Errors.die(:syntax)

data/lib/midb/server_model.rb

@@ -247,10 +247,12 @@ module MIDB
         dbe = MIDB::API::Dbengine.new(@engine.config, @db)
         dblink = dbe.connect()
         rows = dbe.query(dblink, "SELECT * FROM #{self.get_structure.values[0].split('/')[0]} WHERE id=#{id};")
+        if rows == false
+          return MIDB::Interface::Server.json_error(400, "Bad Request")
+        end
         if dbe.length(rows) > 0
           rows.each do |row|
             jso[row["id"]] = self.get_structure
-
             self.get_structure.each do |name, dbi|
               table = dbi.split("/")[0]
               field = dbi.split("/")[1]
@@ -263,6 +265,9 @@ module MIDB
               else
                 query = dbe.query(dblink, "SELECT #{field} from #{table} WHERE id=#{row['id']};")
               end
+              if query == false
+                return MIDB::Interface::Server.json_error(400, "Bad Request")
+              end
               jso[row["id"]][name] = dbe.length(query) > 0 ? dbe.extract(query,field) : "unknown"
               jso[row["id"]][name] = @hooks.format_field(name, jso[row["id"]][name])
             end
@@ -284,10 +289,124 @@ module MIDB
         dbe = MIDB::API::Dbengine.new(@engine.config, @db)
         dblink = dbe.connect()
         rows = dbe.query(dblink, "SELECT * FROM #{self.get_structure.values[0].split('/')[0]};")
+        if rows == false
+          return MIDB::Interface::Server.json_error(400, "Bad Request")
+        end
+        # Iterate over all rows of this table
+        rows.each do |row|
+          jso[row["id"]] = self.get_structure
+          self.get_structure.each do |name, dbi|
+            table = dbi.split("/")[0]
+            field = dbi.split("/")[1]
+            # Must-match relations ("table2/field/table2-field->row-field")
+            if dbi.split("/").length > 2
+              match = dbi.split("/")[2]
+              matching_field = match.split("->")[0]
+              row_field = match.split("->")[1]
+              query = dbe.query(dblink, "SELECT #{field} FROM #{table} WHERE #{matching_field}=#{row[row_field]};")
+            else
+              query = dbe.query(dblink, "SELECT #{field} from #{table} WHERE id=#{row['id']};")
+            end
+            if query == false
+              return MIDB::Interface::Server.json_error(400, "Bad Request")
+            end
+            jso[row["id"]][name] = dbe.length(query) > 0 ? dbe.extract(query,field) : "unknown"
+            jso[row["id"]][name] = @hooks.format_field(name, jso[row["id"]][name])
+          end
+        end
+        @hooks.after_get_all_entries(dbe.length(rows))
+        return jso
+      end
+
+
+      # Get all the entries from the database belonging to a column
+      def get_column_entries(column)
+        jso = Hash.new() 
+        jss = self.get_structure()
+        db_column = nil
+        # Is the column recognized?
+        if jss.has_key? column then
+          db_column = jss[column].split("/")[1]
+        else
+          return MIDB::Interface::Server.json_error(400, "Bad Request")
+        end
+  
+        # Connect to database
+        dbe = MIDB::API::Dbengine.new(@engine.config, @db)
+        dblink = dbe.connect()
+        rows = dbe.query(dblink, "SELECT * FROM #{self.get_structure.values[0].split('/')[0]};")
+        if rows == false
+          return MIDB::Interface::Server.json_error(400, "Bad Request")
+        end
+        # Iterate over all rows of this table
+        rows.each do |row|
+
+          name = column
+          dbi = jss[name]
+          table = dbi.split("/")[0]
+          field = dbi.split("/")[1]
+          # Must-match relations ("table2/field/table2-field->row-field")
+          if dbi.split("/").length > 2
+            match = dbi.split("/")[2]
+            matching_field = match.split("->")[0]
+            row_field = match.split("->")[1]
+            query = dbe.query(dblink, "SELECT #{field} FROM #{table} WHERE #{matching_field}=#{row[row_field]};")
+          else
+            query = dbe.query(dblink, "SELECT #{field} from #{table} WHERE id=#{row['id']};")
+          end
+          if query == false
+            return MIDB::Interface::Server.json_error(400, "Bad Request")
+          end
+          jso[row["id"]] = {}
+          jso[row["id"]][name] = dbe.length(query) > 0 ? dbe.extract(query,field) : "unknown"
+          jso[row["id"]][name] = @hooks.format_field(name, jso[row["id"]][name])
+        end
+        @hooks.after_get_all_entries(dbe.length(rows))
+        return jso
+      end
 
+      # Get all the entries from the database belonging to a column matching a pattern
+      def get_matching_rows(column, pattern)
+        jso = Hash.new() 
+        jss = self.get_structure()
+        db_column = nil
+        # Is the column recognized?
+        if jss.has_key? column then
+          db_column = jss[column].split("/")[1]
+        else
+          return MIDB::Interface::Server.json_error(400, "Bad Request")
+        end
+  
+        # Connect to database
+        dbe = MIDB::API::Dbengine.new(@engine.config, @db)
+        dblink = dbe.connect()
+        rows = dbe.query(dblink, "SELECT * FROM #{self.get_structure.values[0].split('/')[0]};")
+        if rows == false
+          return MIDB::Interface::Server.json_error(400, "Bad Request")
+        end
         # Iterate over all rows of this table
         rows.each do |row|
-          # Replace the "id" in the given JSON with the actual ID and expand it with the fields
+          # Does this row match?
+          bufd = jss[column]
+          b_table = bufd.split("/")[0]
+          b_field = bufd.split("/")[1]
+          # The column is in another table, let's find it
+          if bufd.split("/").length > 2    
+            b_match = bufd.split("/")[2]
+            b_m_field = b_match.split("->")[0]
+            b_r_field = b_match.split("->")[1]
+
+            bquery = dbe.query(dblink, "SELECT #{b_field} FROM #{b_table} WHERE (#{b_m_field}=#{row[b_r_field]} AND #{db_column} LIKE '%#{pattern}%');")
+          else
+            # It's in the same main table, let's see if it matches
+            bquery = dbe.query(dblink, "SELECT #{b_field} FROM #{b_table} WHERE (id=#{row['id']} AND #{db_column} LIKE '%#{pattern}%');")
+          end
+
+          # Unless the query has been successful (thus this row matches), skip to the next row
+          unless dbe.length(bquery) > 0
+            next
+          end
+
           jso[row["id"]] = self.get_structure
 
           self.get_structure.each do |name, dbi|
@@ -302,11 +421,14 @@ module MIDB
             else
               query = dbe.query(dblink, "SELECT #{field} from #{table} WHERE id=#{row['id']};")
             end
+            if query == false
+              next
+            end
             jso[row["id"]][name] = dbe.length(query) > 0 ? dbe.extract(query,field) : "unknown"
             jso[row["id"]][name] = @hooks.format_field(name, jso[row["id"]][name])
           end
         end
-        @hooks.after_get_all_entries(rows.length)
+        @hooks.after_get_all_entries(dbe.length(rows))
         return jso
       end
     end

data/lib/midb/server_view.rb

@@ -47,6 +47,7 @@ module MIDB
               when :no_auth then ">> No authentication header - sending a 401 error."
               when :auth_success then ">> Successfully authenticated the request."
               when :bootstrap then "> Successfully bootstraped!"
+              when :fetch then ">> Fetching response... [#{info}]"
               end
         puts msg
       end
@@ -56,16 +57,11 @@ module MIDB
       # @param what [Symbol] What to show the config for.
       # @param cnf [Array<String>] The array for the config.
       def self.out_config(what, cnf)
-        msg = case what
-              when :dbengine then "Database engine: #{cnf['dbengine']}."
-              when :dbhost then "Database server host: #{cnf['dbhost']}."
-              when :dbport then "Database server port: #{cnf['dbport']}."
-              when :dbuser then "Database server user: #{cnf['dbuser']}."
-              when :dbpassword then "Database server password: #{cnf['dbpassword']}."
-              when :apikey then "Private API key: #{cnf['apikey']}"
-              else "Error??"
-              end
-        puts msg
+        if cnf.has_key? what.to_s
+          puts "#{what.to_s} set to #{cnf[what.to_s]}"
+        else
+          puts "Unknown setting."
+        end
       end
 
       # Shows the help

data/lib/midb/serverengine_controller.rb

@@ -27,6 +27,12 @@ module MIDB
       #   @return [Object] MIDB::API::Hooks instance
       attr_accessor :config, :db, :http_status, :hooks
 
+      # Handle an unauthorized request
+      def unauth_request
+        @http_status = "401 Unauthorized"
+        MIDB::Interface::Server.info(:no_auth)
+        MIDB::Interface::Server.json_error(401, "Unauthorized").to_json
+      end
 
       # Constructor
       #
@@ -72,7 +78,11 @@ module MIDB
 
           # Endpoint syntax: ["", FILE, ID, (ACTION)]
           endpoint = request[1].split("/")
-          ep_file = endpoint[1]
+          if endpoint.length >= 2
+            ep_file = endpoint[1].split("?")[0]
+          else
+            ep_file = ""
+          end
 
           method = request[0]
           endpoints = [] # Valid endpoints
@@ -92,35 +102,74 @@ module MIDB
               # Create the model
               dbop = MIDB::API::Model.new(ep, @db, self)
               # Analyze the request and pass it to the model
-              if method == "GET"
-                case endpoint.length
-                when 2
-                  # No ID has been specified. Return all the entries
-                  # Pass it to the model and get the JSON
-                  response_json = dbop.get_all_entries().to_json
-                when 3
-                  # An ID has been specified. Should it exist, return all of its entries.
-                  response_json = dbop.get_entries(endpoint[2]).to_json
-                end
+              # Is the method accepted?
+              accepted_methods = ["GET", "POST", "PUT", "DELETE"]
+              unless accepted_methods.include? method
+                @http_status = "405 Method Not Allowed"
+                response_json = MIDB::Interface::Server.json_error(405, "Method Not Allowed").to_json
               else
-                # An action has been specified. We're going to need HTTP authentification here.
-                MIDB::Interface::Server.info(:auth_required)
-
-                if (not headers.has_key? "Authentication") ||
-                   (not MIDB::API::Security.check?(headers["Authentication"], data, @config["apikey"]))
-                  @http_status = "401 Unauthorized"
-                  response_json = MIDB::Interface::Server.json_error(401, "Unauthorized").to_json
-                  MIDB::Interface::Server.info(:no_auth)
+                # Do we need authentication?
+                auth_req = false
+                unauthenticated = false
+                if @config["privacy#{method.downcase}"] == true
+                  MIDB::Interface::Server.info(:auth_required)
+                  auth_req = true
+                  
+                  # For GET and DELETE requests, the object of the digest is the endpoint
+                  if (method == "GET") || (method == "DELETE")
+                    data = ep_file
+                  end
 
+                  # If it's a GET request and we have a different key for GET methods...
+                  if (@config["apigetkey"] != nil) && (method == "GET")
+                    unauthenticated = (not headers.has_key? "Authentication") ||
+                     (not MIDB::API::Security.check?(headers["Authentication"], data, @config["apigetkey"]))
+                  else
+                    unauthenticated = (not headers.has_key? "Authentication") ||
+                       (not MIDB::API::Security.check?(headers["Authentication"], data, @config["apikey"]))
+                  end
+                end
+                # Proceed to handle the request
+                if unauthenticated
+                  response_json = self.unauth_request
+                  puts ">> has header: #{headers.has_key? "Authentication"}"
                 else
-                  MIDB::Interface::Server.info(:auth_success)
-                  if method == "POST"
+                  MIDB::Interface::Server.info(:auth_success) if (not unauthenticated) && auth_req
+                  if method == "GET"
+                    case endpoint.length
+                    when 2
+                      # No ID has been specified. Return all the entries
+                      # Pass it to the model and get the JSON
+                      MIDB::Interface::Server.info(:fetch, "get_all_entries()")
+                      response_json = dbop.get_all_entries().to_json
+                    when 3
+                      # This regular expression checks if it contains an integer
+                      if /\A[-+]?\d+\z/ === endpoint[2]
+                        # An ID has been specified. Should it exist, return all of its entries.
+                        MIDB::Interface::Server.info(:fetch, "get_entries(#{endpoint[2]})")
+                        response_json = dbop.get_entries(endpoint[2].to_i).to_json
+                      else
+                        # A row has been specified, but no pattern
+                        MIDB::Interface::Server.info(:fetch, "get_column_entries(#{endpoint[2]})")
+                        response_json = dbop.get_column_entries(endpoint[2]).to_json
+                      end
+                    when 4
+                      if (endpoint[2].is_a? String) && (endpoint[3].is_a? String) then
+                        # A row and a pattern have been specified
+                        MIDB::Interface::Server.info(:fetch, "get_matching_rows(#{endpoint[2]}, #{endpoint[3]})")
+                        response_json = dbop.get_matching_rows(endpoint[2], endpoint[3]).to_json
+                      end
+                    end
+                  elsif method == "POST"
+                    MIDB::Interface::Server.info(:fetch, "post(#{data})")
                     response_json = dbop.post(data).to_json
                   else
                     if endpoint.length >= 3
                       if method == "DELETE"
+                        MIDB::Interface::Server.info(:fetch, "delete(#{endpoint[2]})")
                         response_json = dbop.delete(endpoint[2]).to_json 
                       elsif method == "PUT"
+                        MIDB::Interface::Server.info(:fetch, "put(#{endpoint[2]}, data)")
                         response_json = dbop.put(endpoint[2], data).to_json
                       end
                     else
@@ -129,7 +178,7 @@ module MIDB
                     end
                   end
                 end
-              end
+              end 
               MIDB::Interface::Server.info(:response, response_json)
               # Return the results via HTTP
               socket.print "HTTP/1.1 #{@http_status}\r\n" +

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: midb
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 2.0.0
 platform: ruby
 authors:
 - unrar
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-20 00:00:00.000000000 Z
+date: 2016-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mysql2