openc3 6.9.0 → 6.9.2

data/lib/openc3/models/plugin_model.rb

@@ -56,6 +56,13 @@ module OpenC3
     attr_accessor :plugin_txt_lines
     attr_accessor :needs_dependencies
     attr_accessor :store_id
+    attr_accessor :title
+    attr_accessor :description
+    attr_accessor :licenses
+    attr_accessor :homepage
+    attr_accessor :repository
+    attr_accessor :keywords
+    attr_accessor :img_path
 
     # NOTE: The following three class methods are used by the ModelController
     # and are reimplemented to enable various Model class methods to work
@@ -179,11 +186,31 @@ module OpenC3
             raise "Invalid screen filename: #{filename}. Screen filenames must be lowercase."
           end
         end
+
+        # Process app store metadata
+        plugin_model.title = pkg.spec.metadata['openc3_store_title'] || pkg.spec.summary.strip
+        plugin_model.description = pkg.spec.metadata['openc3_store_description'] || pkg.spec.description.strip
+        plugin_model.licenses = pkg.spec.licenses
+        plugin_model.homepage = pkg.spec.homepage
+        plugin_model.repository = pkg.spec.metadata['source_code_uri'] # this key because it's in the official gemspec examples
+        plugin_model.keywords = pkg.spec.metadata['openc3_store_keywords']&.split(/, ?/)
+        img_path = pkg.spec.metadata['openc3_store_image']
+        unless img_path
+          default_img_path = 'public/store_img.png'
+          full_default_path = File.join(gem_path, default_img_path)
+          img_path = default_img_path if File.exist? full_default_path
+        end
+        plugin_model.img_path = File.join('gems', gem_name.split(".gem")[0], img_path) if img_path # convert this filesystem path to volumes mount path
+        plugin_model.update() unless validate_only
+
         needs_dependencies = pkg.spec.runtime_dependencies.length > 0
         needs_dependencies = true if Dir.exist?(File.join(gem_path, 'lib'))
 
-        # Handle python requirements.txt
-        if File.exist?(File.join(gem_path, 'requirements.txt'))
+        # Handle python dependencies (pyproject.toml or requirements.txt)
+        pyproject_path = File.join(gem_path, 'pyproject.toml')
+        requirements_path = File.join(gem_path, 'requirements.txt')
+        
+        if File.exist?(pyproject_path) || File.exist?(requirements_path)
           begin
             pypi_url = get_setting('pypi_url', scope: scope)
             if pypi_url
@@ -202,11 +229,20 @@ module OpenC3
             end
           end
           unless validate_only
-            Logger.info "Installing python packages from requirements.txt with pypi_url=#{pypi_url}"
-            if ENV['PIP_ENABLE_TRUSTED_HOST'].nil?
-              pip_args = "--no-warn-script-location -i #{pypi_url} -r #{File.join(gem_path, 'requirements.txt')}"
+            if File.exist?(pyproject_path)
+              Logger.info "Installing python packages from pyproject.toml with pypi_url=#{pypi_url}"
+              if ENV['PIP_ENABLE_TRUSTED_HOST'].nil?
+                pip_args = "--no-warn-script-location -i #{pypi_url} #{gem_path}"
+              else
+                pip_args = "--no-warn-script-location -i #{pypi_url} --trusted-host #{URI.parse(pypi_url).host} #{gem_path}"
+              end
             else
-              pip_args = "--no-warn-script-location -i #{pypi_url} --trusted-host #{URI.parse(pypi_url).host} -r #{File.join(gem_path, 'requirements.txt')}"
+              Logger.info "Installing python packages from requirements.txt with pypi_url=#{pypi_url}"
+              if ENV['PIP_ENABLE_TRUSTED_HOST'].nil?
+                pip_args = "--no-warn-script-location -i #{pypi_url} -r #{requirements_path}"
+              else
+                pip_args = "--no-warn-script-location -i #{pypi_url} --trusted-host #{URI.parse(pypi_url).host} -r #{requirements_path}"
+              end
             end
             puts `/openc3/bin/pipinstall #{pip_args}`
           end
@@ -302,6 +338,13 @@ module OpenC3
       plugin_txt_lines: [],
       needs_dependencies: false,
       store_id: nil,
+      title: nil,
+      description: nil,
+      keywords: nil,
+      licenses: nil,
+      homepage: nil,
+      repository: nil,
+      img_path: nil,
       updated_at: nil,
       scope:
     )
@@ -310,6 +353,13 @@ module OpenC3
       @plugin_txt_lines = plugin_txt_lines
       @needs_dependencies = ConfigParser.handle_true_false(needs_dependencies)
       @store_id = store_id
+      @title = title
+      @description = description
+      @keywords = keywords
+      @licenses = licenses
+      @homepage = homepage
+      @repository = repository
+      @img_path = img_path
     end
 
     def create(update: false, force: false, queued: false)
@@ -329,6 +379,13 @@ module OpenC3
         'plugin_txt_lines' => @plugin_txt_lines,
         'needs_dependencies' => @needs_dependencies,
         'store_id' => @store_id,
+        'title' => @title,
+        'description' => @description,
+        'keywords' => @keywords,
+        'licenses' => @licenses,
+        'homepage' => @homepage,
+        'repository' => @repository,
+        'img_path' => @img_path,
         'updated_at' => @updated_at
       }
     end

data/lib/openc3/models/queue_model.rb

@@ -51,11 +51,11 @@ module OpenC3
       if model.state != 'DISABLE'
         result = Store.zrevrange("#{scope}:#{name}", 0, 0, with_scores: true)
         if result.empty?
-          index = 1.0
+          id = 1.0
         else
-          index = result[0][1].to_f + 1
+          id = result[0][1].to_f + 1
         end
-        Store.zadd("#{scope}:#{name}", index, { username: username, value: command, timestamp: Time.now.to_nsec_from_epoch }.to_json)
+        Store.zadd("#{scope}:#{name}", id, { username: username, value: command, timestamp: Time.now.to_nsec_from_epoch }.to_json)
         model.notify(kind: 'command')
       else
         raise QueueError, "Queue '#{name}' is disabled. Command '#{command}' not queued."
@@ -103,55 +103,55 @@ module OpenC3
       QueueTopic.write_notification(notification, scope: @scope)
     end
 
-    def insert_command(index, command_data)
+    def insert_command(id, command_data)
       if @state == 'DISABLE'
         raise QueueError, "Queue '#{@name}' is disabled. Command '#{command_data['value']}' not queued."
       end
 
-      unless index
+      unless id
         result = Store.zrevrange("#{@scope}:#{@name}", 0, 0, with_scores: true)
         if result.empty?
-          index = 1.0
+          id = 1.0
         else
-          index = result[0][1].to_f + 1
+          id = result[0][1].to_f + 1
         end
       end
-      Store.zadd("#{@scope}:#{@name}", index, command_data.to_json)
+      Store.zadd("#{@scope}:#{@name}", id, command_data.to_json)
       notify(kind: 'command')
     end
 
-    def update_command(index:, command:, username:)
+    def update_command(id:, command:, username:)
       if @state == 'DISABLE'
-        raise QueueError, "Queue '#{@name}' is disabled. Command at index #{index} not updated."
+        raise QueueError, "Queue '#{@name}' is disabled. Command at id #{id} not updated."
       end
 
-      # Check if command exists at the given index
-      existing = Store.zrangebyscore("#{@scope}:#{@name}", index, index)
+      # Check if command exists at the given id
+      existing = Store.zrangebyscore("#{@scope}:#{@name}", id, id)
       if existing.empty?
-        raise QueueError, "No command found at index #{index} in queue '#{@name}'"
+        raise QueueError, "No command found at id #{id} in queue '#{@name}'"
       end
 
-      # Remove the existing command and add the new one at the same index
-      Store.zremrangebyscore("#{@scope}:#{@name}", index, index)
+      # Remove the existing command and add the new one at the same id
+      Store.zremrangebyscore("#{@scope}:#{@name}", id, id)
       command_data = { username: username, value: command, timestamp: Time.now.to_nsec_from_epoch }
-      Store.zadd("#{@scope}:#{@name}", index, command_data.to_json)
+      Store.zadd("#{@scope}:#{@name}", id, command_data.to_json)
       notify(kind: 'command')
     end
 
-    def remove_command(index = nil)
+    def remove_command(id = nil)
       if @state == 'DISABLE'
         raise QueueError, "Queue '#{@name}' is disabled. Command not removed."
       end
 
-      if index
-        # Remove specific index
-        result = Store.zrangebyscore("#{@scope}:#{@name}", index, index)
+      if id
+        # Remove specific id
+        result = Store.zrangebyscore("#{@scope}:#{@name}", id, id)
         if result.empty?
           return nil
         else
-          Store.zremrangebyscore("#{@scope}:#{@name}", index, index)
+          Store.zremrangebyscore("#{@scope}:#{@name}", id, id)
           command_data = JSON.parse(result[0])
-          command_data['index'] = index.to_f
+          command_data['id'] = id.to_f
           notify(kind: 'command')
           return command_data
         end
@@ -164,7 +164,7 @@ module OpenC3
           score = result[0][1]
           Store.zremrangebyscore("#{@scope}:#{@name}", score, score)
           command_data = JSON.parse(result[0][0])
-          command_data['index'] = score.to_f
+          command_data['id'] = score.to_f
           notify(kind: 'command')
           return command_data
         end
@@ -174,7 +174,7 @@ module OpenC3
     def list
       return Store.zrange("#{@scope}:#{@name}", 0, -1, with_scores: true).map do |item|
         result = JSON.parse(item[0])
-        result['index'] = item[1].to_f
+        result['id'] = item[1].to_f
         result
       end
     end

data/lib/openc3/models/reaction_model.rb

@@ -143,7 +143,7 @@ module OpenC3
       unless triggers.is_a?(Array)
         raise ReactionInputError.new "invalid triggers, must be array of hashes: #{triggers}"
       end
-      trigger_hash = Hash.new()
+      trigger_hash = {}
       triggers.each do | trigger |
         unless trigger.is_a?(Hash)
           raise ReactionInputError.new "invalid trigger, must be hash: #{trigger}"

data/lib/openc3/models/target_model.rb

@@ -166,10 +166,14 @@ module OpenC3
     end
 
     def self.download(target_name, scope:)
+      # Validate target_name to not allow directory traversal
+      if target_name.include?('..') || target_name.include?('/') || target_name.include?('\\')
+        raise ArgumentError, "Invalid target_name: #{target_name.inspect}"
+      end
       tmp_dir = Dir.mktmpdir
       zip_filename = File.join(tmp_dir, "#{target_name}.zip")
       Zip.continue_on_exists_proc = true
-      zip = Zip::File.open(zip_filename, Zip::File::CREATE)
+      zip = Zip::File.open(zip_filename, create: true)
 
       if ENV['OPENC3_LOCAL_MODE']
         OpenC3::LocalMode.zip_target(target_name, zip, scope: scope)
@@ -756,7 +760,7 @@ module OpenC3
       prefix = File.dirname(target_folder) + '/'
       output_file = File.join(temp_dir, @name + '_' + @id + '.zip')
       Zip.continue_on_exists_proc = true
-      Zip::File.open(output_file, Zip::File::CREATE) do |zipfile|
+      Zip::File.open(output_file, create: true) do |zipfile|
         target_files.each do |target_file|
           zip_file_path = target_file.delete_prefix(prefix)
           if File.directory?(target_file)
@@ -807,7 +811,7 @@ module OpenC3
             Logger.error("Invalid text present in #{target_name} #{packet_name} tlm packet")
             raise e
           end
-          json_hash = Hash.new
+          json_hash = {}
           packet.sorted_items.each do |item|
             json_hash[item.name] = nil
             TargetModel.add_to_target_allitems_list(target_name, item.name, scope: @scope)

data/lib/openc3/models/trigger_model.rb

@@ -237,7 +237,7 @@ module OpenC3
 
     # ["#{@scope}__DECOM__{#{@target}}__#{@packet}"]
     def generate_topics
-      topics = Hash.new
+      topics = {}
       if @left['type'] == ITEM_TYPE
         topics["#{@scope}__DECOM__{#{left['target']}}__#{left['packet']}"] = 1
       end

data/lib/openc3/script/queue.rb

@@ -31,7 +31,7 @@ module OpenC3
         raise "Failed to #{action}. No response from server."
       elsif response.status != 200 and response.status != 201
         result = JSON.parse(response.body, allow_nan: true, create_additions: true)
-        raise "Failed to #{action} due to #{result['message']}"
+        raise "#{action} failed with status #{response.status}. #{result['message']}."
       end
       return JSON.parse(response.body, allow_nan: true, create_additions: true)
     end
@@ -66,12 +66,20 @@ module OpenC3
       return _make_request(action: 'disable queue', verb: 'post', uri: "/openc3-api/queues/#{name}/disable", scope: scope)
     end
 
-    def queue_exec(name, index: nil, scope: $openc3_scope)
+    def queue_exec(name, id=nil, scope: $openc3_scope)
       data = {}
-      data['index'] = index if index
+      data['id'] = id if id
       return _make_request(action: 'exec command', verb: 'post', uri: "/openc3-api/queues/#{name}/exec_command", data: data, scope: scope)
     end
 
+    # No queue_insert because we do that through the cmd APIs with the queue kwarg
+
+    def queue_remove(name, id=nil, scope: $openc3_scope)
+      data = {}
+      data['id'] = id if id
+      return _make_request(action: 'remove command', verb: 'post', uri: "/openc3-api/queues/#{name}/remove_command", data: data, scope: scope)
+    end
+
     def queue_delete(name, scope: $openc3_scope)
       return _make_request(action: 'delete queue', verb: 'delete', uri: "/openc3-api/queues/#{name}", scope: scope)
     end

data/lib/openc3/script/script.rb

@@ -232,7 +232,7 @@ module OpenC3
         raise "initialize_offline_access only valid in COSMOS Enterprise. OPENC3_KEYCLOAK_URL environment variable must be set."
       end
       auth = OpenC3KeycloakAuthentication.new(keycloak_url)
-      auth.token(include_bearer: true, openid_scope: 'openid%20offline_access')
+      auth.token(include_bearer: true, openid_scope: 'openid offline_access')
       set_offline_access(auth.refresh_token)
     end
 

data/lib/openc3/system/system.rb

@@ -95,11 +95,11 @@ module OpenC3
           bucket_key = "#{scope}/target_archives/#{target_name}/#{target_name}_current.zip"
           Logger.info("Retrieving #{bucket_key} from targets bucket")
           bucket.get_object(bucket: ENV['OPENC3_CONFIG_BUCKET'], key: bucket_key, path: zip_path)
+          targets_path = "#{base_dir}/targets"
+          FileUtils.mkdir_p(targets_path)
           Zip::File.open(zip_path) do |zip_file|
             zip_file.each do |entry|
-              path = File.join("#{base_dir}/targets", entry.name)
-              FileUtils.mkdir_p(File.dirname(path))
-              zip_file.extract(entry, path) unless File.exist?(path)
+              zip_file.extract(entry.name, destination_directory: targets_path)
             end
           end
 

data/lib/openc3/utilities/authentication.rb

@@ -23,6 +23,7 @@
 require 'openc3/version'
 require 'openc3/io/json_drb'
 require 'faraday'
+require 'uri'
 
 module OpenC3
   # Basic exception for known errors
@@ -112,9 +113,13 @@ module OpenC3
       client_id = ENV['OPENC3_API_CLIENT'] || 'api'
       if ENV['OPENC3_API_USER'] and ENV['OPENC3_API_PASSWORD']
         # Username and password
-        data = "username=#{ENV['OPENC3_API_USER']}&password=#{ENV['OPENC3_API_PASSWORD']}"
-        data << "&client_id=#{client_id}"
-        data << "&grant_type=password&scope=#{openid_scope}"
+        data = {
+          'username' => ENV['OPENC3_API_USER'],
+          'password' => ENV['OPENC3_API_PASSWORD'],
+          'client_id' => client_id,
+          'grant_type' => 'password',
+          'scope' => openid_scope
+        }
         headers = {
           'Content-Type' => 'application/x-www-form-urlencoded',
           'User-Agent' => "OpenC3KeycloakAuthorization / #{OPENC3_VERSION} (ruby/openc3/lib/utilities/authentication)",
@@ -134,7 +139,11 @@ module OpenC3
     # Refresh the token and save token to instance
     def _refresh_token(current_time)
       client_id = ENV['OPENC3_API_CLIENT'] || 'api'
-      data = "client_id=#{client_id}&refresh_token=#{@refresh_token}&grant_type=refresh_token"
+      data = {
+        'client_id' => client_id,
+        'refresh_token' => @refresh_token,
+        'grant_type' => 'refresh_token'
+      }
       headers = {
         'Content-Type' => 'application/x-www-form-urlencoded',
         'User-Agent' => "OpenC3KeycloakAuthorization / #{OPENC3_VERSION} (ruby/openc3/lib/utilities/authentication)",
@@ -150,11 +159,21 @@ module OpenC3
     def _make_request(headers, data)
       realm = ENV['OPENC3_KEYCLOAK_REALM'] || 'openc3'
       uri = URI("#{@url}/realms/#{realm}/protocol/openid-connect/token")
-      @log[0] = "request uri: #{uri} header: #{headers} body: #{data}"
+      # Obfuscate password and refresh token in logs unless debug mode is enabled
+      if JsonDRb.debug?
+        log_data = data.inspect
+      else
+        # Create a copy of the hash with sensitive values obfuscated
+        log_data = data.dup
+        log_data['password'] = '***' if log_data.key?('password')
+        log_data['refresh_token'] = '***' if log_data.key?('refresh_token')
+        log_data = log_data.inspect
+      end
+      @log[0] = "request uri: #{uri} header: #{headers} body: #{log_data}"
       STDOUT.puts @log[0] if JsonDRb.debug?
       saved_verbose = $VERBOSE; $VERBOSE = nil
       begin
-        resp = @http.post(uri, data, headers)
+        resp = @http.post(uri, URI.encode_www_form(data), headers)
       ensure
         $VERBOSE = saved_verbose
       end