ood_core 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 782152957ec640f1ad747a00996a8f1dd723831e
+  data.tar.gz: 46bc4f5f5697cf66af2de7628be05d83c75eb9f7
+SHA512:
+  metadata.gz: 37ae31a647021f728f49fc57c4c6c88c194ce14e458dd2c127f2fc6a1de9f3cdd115f9bd0acbf23e4c7f0783ade982a172b1a14e439b06495c719bee4366ece6
+  data.tar.gz: 7207ff48dcb977700d2974426eb9e993830c661e17d4db2ab9c020e3b984d07c4afe990763606bca9f169555e0fb397baf580f8d1c4799d5a8eb1488bf7d1738

data/.gitignore

@@ -0,0 +1,50 @@
+*.gem
+*.rbc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+# Used by dotenv library to load environment variables.
+# .env
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+*.bridgesupport
+build-iPhoneOS/
+build-iPhoneSimulator/
+
+## Specific to RubyMotion (use of CocoaPods):
+#
+# We recommend against adding the Pods directory to your .gitignore. However
+# you should judge for yourself, the pros and cons are mentioned at:
+# https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
+#
+# vendor/Pods/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+Gemfile.lock
+.ruby-version
+.ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

data/.travis.yml

@@ -0,0 +1,9 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.2.2
+before_install: gem install bundler -v 1.7.8
+notifications:
+  email:
+    on_success: never
+    on_failure: always

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+## Unreleased
+
+## 0.0.1 (2017-04-17)
+
+Initial release!

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in ood_core.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Ohio Supercomputer Center
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,60 @@
+# OodCore
+
+[![Build Status](https://travis-ci.org/OSC/ood_core.svg?branch=master)](https://travis-ci.org/OSC/ood_core)
+![GitHub Release](https://img.shields.io/github/release/osc/ood_core.svg)
+![GitHub License](https://img.shields.io/github/license/osc/ood_core.svg)
+
+Welcome to your new gem! In this directory, you'll find the files you need to
+be able to package up your Ruby library into a gem. Put your Ruby code in the
+file `lib/ood_core`. To experiment with that code, run `bin/console` for an
+interactive prompt.
+
+TODO: Delete this and the text above, and describe your gem
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'ood_core'
+```
+
+And then execute:
+
+```sh
+bundle
+```
+
+Or install it yourself as:
+
+```sh
+gem install ood_core
+```
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run
+`bundle exec rspec spec` to run the tests. You can also run `bin/console` for
+an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To
+release a new version, update and commit the version number in `version.rb`,
+and then run `bundle exec rake release`, which will create a git tag for the
+version, push git commits and tags, and push the `.gem` file to
+[rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at
+https://github.com/OSC/ood_core.
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT
+License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,11 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "ood_core"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+require "pry"
+Pry.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install --path=vendor/bundle
+
+# Do any other automated setup that you need to do here

data/lib/ood_core.rb

@@ -0,0 +1,34 @@
+require "ood_core/version"
+require "ood_core/errors"
+require "ood_core/cluster"
+require "ood_core/clusters"
+
+# The main namespace for ood_core
+module OodCore
+  # A namespace for job access
+  module Job
+    require "ood_core/job/node_info"
+    require "ood_core/job/node_request"
+    require "ood_core/job/script"
+    require "ood_core/job/info"
+    require "ood_core/job/status"
+    require "ood_core/job/adapter"
+    require "ood_core/job/factory"
+
+    # A namespace for job adapters
+    # @note These are dynamically loaded upon request
+    module Adapters
+    end
+  end
+
+  # A namespace for acl code
+  module Acl
+    require "ood_core/acl/adapter"
+    require "ood_core/acl/factory"
+
+    # A namespace for acl adapters
+    # @note These are dynamically loaded upon request
+    module Adapters
+    end
+  end
+end

data/lib/ood_core/acl/adapter.rb

@@ -0,0 +1,17 @@
+require "ood_support"
+
+module OodCore
+  module Acl
+    # A class that handles the permissions for a resource through an ACL
+    # @abstract
+    class Adapter
+      # Whether this ACL allows access for the principle
+      # @abstract Subclass is expected to implement {#allow?}
+      # @raise [NotImplementedError] if subclass did not define {#allow?}
+      # @return [Boolean] whether principle is allowed
+      def allow?
+        raise NotImplementedError, "subclass did not define #allow?"
+      end
+    end
+  end
+end

data/lib/ood_core/acl/adapters/group.rb

@@ -0,0 +1,59 @@
+require "ood_core/refinements/hash_extensions"
+
+module OodCore
+  module Acl
+    class Factory
+      using Refinements::HashExtensions
+
+      # Build the group acl adapter from a configuration
+      # @param config [#to_h] the configuration for an acl adapter
+      # @option config [Array<#to_s>] :groups The list of groups
+      # @option config [#to_s] :type ('whitelist') The type of ACL ('whitelist' or 'blacklist')
+      def self.build_group(config)
+        c = config.to_h.symbolize_keys
+
+        groups = c.fetch(:groups) { raise ArgumentError, "No groups specified. Missing argument: groups" }.map(&:to_s)
+        acl = OodSupport::ACL.new(entries: groups.map { |g| OodSupport::ACLEntry.new principle: g })
+
+        type   = c.fetch(:type, "whitelist").to_s
+        if type == "whitelist"
+          allow = true
+        elsif type == "blacklist"
+          allow = false
+        else
+          raise ArgumentError, "Invalid type specified. Valid types: whitelist, blacklist"
+        end
+
+        Adapters::Group.new(acl: acl, allow: allow)
+      end
+    end
+
+    module Adapters
+      # An adapter object that describes a group permission ACL
+      class Group < Adapter
+        using Refinements::HashExtensions
+
+        # @api private
+        # @param opts [#to_h] the options defining this adapter
+        # @option opts [OodSupport::ACL] :acl The ACL permission
+        # @option opts [Boolean] :allow (true) Whether this ACL allows access
+        # @see Factory.build_group
+        def initialize(opts)
+          o = opts.to_h.symbolize_keys
+          @acl = o.fetch(:acl) { raise ArgumentError, "No acl specified. Missing argument: acl" }
+          @allow = o.fetch(:allow, true)
+        end
+
+        # Whether this ACL allows the active user access based on their groups
+        # @return [Boolean] whether principle is allowed
+        def allow?
+          if @allow
+            OodSupport::User.new.groups.map(&:to_s).any? { |g| @acl.allow?(principle: g) }
+          else
+            OodSupport::User.new.groups.map(&:to_s).none? { |g| @acl.allow?(principle: g) }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ood_core/acl/factory.rb

@@ -0,0 +1,41 @@
+require "ood_core/refinements/hash_extensions"
+
+module OodCore
+  module Acl
+    # A factory that builds acl adapter objects from a configuration.
+    class Factory
+      using Refinements::HashExtensions
+
+      class << self
+        # Build an acl adapter from a configuration
+        # @param config [#to_h] configuration describing acl adapter
+        # @option config [#to_s] :adapter The acl adapter to use
+        # @raise [AdapterNotSpecified] if no adapter is specified
+        # @raise [AdapterNotFound] if the specified adapter does not exist
+        # @return [Acl::Adapter] the acl adapter object
+        def build(config)
+          c = config.to_h.symbolize_keys
+
+          adapter = c.fetch(:adapter) { raise AdapterNotSpecified, "acl configuration does not specify adapter" }.to_s
+
+          path_to_adapter = "ood_core/acl/adapters/#{adapter}"
+          begin
+            require path_to_adapter
+          rescue Gem::LoadError => e
+            raise Gem::LoadError, "Specified '#{adapter}' for acl adapter, but the gem is not loaded."
+          rescue LoadError => e
+            raise LoadError, "Could not load '#{adapter}'. Make sure that the acl adapter in the configuration file is valid."
+          end
+
+          adapter_method = "build_#{adapter}"
+
+          unless respond_to?(adapter_method)
+            raise AdapterNotFound, "acl configuration specifies nonexistent #{adapter} adapter"
+          end
+
+          send(adapter_method, c)
+        end
+      end
+    end
+  end
+end

data/lib/ood_core/cluster.rb

@@ -0,0 +1,143 @@
+require "ostruct"
+
+require "ood_core/refinements/hash_extensions"
+
+module OodCore
+  # An object that describes a cluster and its given features that third-party
+  # code can take advantage of.
+  class Cluster
+    using Refinements::HashExtensions
+
+    # The unique identifier for a given cluster
+    # @return [Symbol] the cluster id
+    attr_reader :id
+
+    # Metadata configuration providing descriptive information about cluster
+    # @return [Hash] the metadata configuration
+    attr_reader :metadata_config
+
+    # The login configuration used for this cluster
+    # @return [Hash] the login configuration
+    attr_reader :login_config
+
+    # The job adapter configuration used for this cluster
+    # @return [Hash] the job configuration
+    attr_reader :job_config
+
+    # The acls configuration describing the permissions for this cluster
+    # @return [Hash] the acls configuration
+    attr_reader :acls_config
+
+    # @param cluster [#to_h] the cluster object
+    # @option cluster [#to_sym] :id The cluster id
+    # @option cluster [#to_h] :metadata ({}) The cluster's metadata
+    # @option cluster [#to_h] :login ({}) The cluster's SSH host
+    # @option cluster [#to_h] :job ({}) The job adapter for this cluster
+    # @option cluster [#to_h] :custom ({}) Any custom resources for this cluster
+    # @option cluster [Array<#to_h>] :acls ([]) List of ACLs to validate against
+    def initialize(cluster)
+      c = cluster.to_h.symbolize_keys
+
+      # Required options
+      @id = c.fetch(:id) { raise ArgumentError, "No id specified. Missing argument: id" }.to_sym
+
+      # General options
+      @metadata_config = c.fetch(:metadata, {}).to_h.symbolize_keys
+      @login_config    = c.fetch(:login, {})   .to_h.symbolize_keys
+      @job_config      = c.fetch(:job, {})     .to_h.symbolize_keys
+      @custom_config   = c.fetch(:custom, {})  .to_h.symbolize_keys
+      @acls_config     = c.fetch(:acls, [])    .map(&:to_h)
+    end
+
+    # Metadata that provides extra information about this cluster
+    # @return [OpenStruct] the metadata
+    def metadata
+      OpenStruct.new metadata_config
+    end
+
+    # The login used for this cluster
+    # @return [OpenStruct] the login
+    def login
+      OpenStruct.new(login_config)
+    end
+
+    # Whether the login feature is allowed
+    # @return [Boolean] is login allowed
+    def login_allow?
+      allow? && !login.empty?
+    end
+
+    # Build a job adapter from the job configuration
+    # @return [Job::Adapter] the job adapter
+    def job_adapter
+      Job::Factory.build(job_config)
+    end
+
+    # Whether the job feature is allowed based on the ACLs
+    # @return [Boolean] is the job feature allowed
+    def job_allow?
+      allow? &&
+        !job_config.empty? &&
+        build_acls(job_config.fetch(:acls, []).map(&:to_h)).all?(&:allow?)
+    end
+
+    # The configuration for any custom features or resources for this cluster
+    # @param feature [#to_sym, nil] the feature or resource
+    # @return [Hash] configuration for custom feature or resource
+    def custom_config(feature = nil)
+      feature ? @custom_config.fetch(feature.to_sym, {}).to_h.symbolize_keys : @custom_config
+    end
+
+    # Whether the custom feature is allowed based on the ACLs
+    # @return [Boolean] is this custom feature allowed
+    def custom_allow?(feature)
+      allow? &&
+        !custom_config(feature).empty? &&
+        build_acls(custom_config(feature).fetch(:acls, []).map(&:to_h)).all?(&:allow?)
+    end
+
+    # Build the ACL adapters from the ACL list configuration
+    # @return [Array<Acl::Adapter>] the acl adapter list
+    def acls
+      build_acls acls_config
+    end
+
+    # Whether this cluster is allowed to be used
+    # @return [Boolean] whether cluster is allowed
+    def allow?
+      acls.all?(&:allow?)
+    end
+
+    # The comparison operator
+    # @param other [#to_sym] object to compare against
+    # @return [Boolean] whether objects are equivalent
+    def ==(other)
+      id == other.to_sym
+    end
+
+    # Convert object to symbol
+    # @return [Symbol] the symbol describing this object
+    def to_sym
+      id
+    end
+
+    # Convert object to hash
+    # @return [Hash] the hash describing this object
+    def to_h
+      {
+        id:        id,
+        metadata:  metadata_config,
+        login:     login_config,
+        job:       job_config,
+        custom:    custom_config,
+        acls:      acls_config
+      }
+    end
+
+    private
+      # Build acl adapter objects from array
+      def build_acls(ary)
+        ary.map { |a| Acl::Factory.build a }
+      end
+  end
+end