opensecret 0.0.9925 → 0.0.9949

data/lib/usecase/files/read.rb

@@ -0,0 +1,169 @@
+#!/usr/bin/ruby
+	
+module OpenSecret
+
+  # The <b>read use case</b> pulls a file in from either an accessible filesystem
+  # or from a remote http, https, git, S3, GoogleDrive and/or ssh source.
+  #
+  # This use case expects a @file_url parameter. The actions it takes are to
+  #
+  # - register @in.url to mirror @file_url
+  # - register @out.url to mirror @file_url
+  # - check the location of @file_url
+  # - if no file exists it humbly finishes up
+  #
+  # If a file does exist at the @in.url this use case
+  #
+  # - handles HOME directory enabling portability
+  # - creates an encryption key and random iv
+  # - creates a file (name) id
+  # - stores the file byte and human readable size
+  # - stores the extension if it has one
+  # - stores the last created date
+  # - stores the last modified date
+  # - stores the (now) in date
+  #
+  # Once done it displays <b><em>key facts about the file</em></b>.
+  class Read < UseCase
+
+# -- ---------------------- --#
+# -- ---------------------- --#
+# -- [SAFE] Name Changes    --#
+# -- ---------------------- --#
+# -- Change env.path ~> open.chapter
+# -- Change key.path ~> open.verse
+# -- Change envelope@xxxx ~> chapter@xxxx
+# --
+# -- Change filenames to ~~~~~> book.db.breadcrumbs
+# -- Change filenames to ~~~~~> chapter.cipher.file
+# -- Change filenames to ~~~~~> safe.db.abc123xyzpq
+# -- ---------------------- --#
+# --    {
+# --        "db.create.date": "Sat Aug 11 11:20:16 2018 ( 18223.1120.07.511467675 )",
+# --        "db.domain.name": "ab.com",
+# --        "db.domain.id": "uhow-ku9l",
+# --        "env.path": "aa",
+# --        "key.path": "aa",
+# --        "envelope@aa": {
+# --            "content.xid": "3uzk12dxity",
+# --            "content.iv": "XTVe%qIGKVvWw@EKcgSa153nfVPaMVJH",
+# --            "content.key": "1u3b2o6KLiAUmt11yYEDThJw1E5Mh4%1iHYOpJQjWiYLthUGgl8IZ5szus8Fz2Jt"
+# --        }
+# --    }
+# -- ---------------------- --#
+# -- ---------------------- --#
+
+    attr_writer :file_url
+
+    # The <b>read use case</b> pulls a file in from either an accessible filesystem
+    # or from a remote http, https, git, S3, GoogleDrive and/or ssh source.
+    def execute
+
+      return unless ops_key_exists?
+      master_db = OpenKey::KeyApi.read_master_db()
+      return if unopened_envelope?( master_db )
+
+      # -- Get the open chapter identifier (id).
+      # -- Decide whether chapter already exists.
+      # -- Then get (or instantiate) the chapter's hash data structure
+      # --
+      chapter_id = ENVELOPE_KEY_PREFIX + master_db[ ENV_PATH ]
+      chapter_exists = OpenKey::KeyApi.db_envelope_exists?( master_db[ chapter_id ] )
+      chapter_data = OpenKey::KeyDb.from_json( OpenKey::KeyApi.content_unlock( master_db[ chapter_id ] ) ) if chapter_exists
+      chapter_data = OpenKey::KeyDb.new() unless chapter_exists
+
+      content_hdr = create_header()
+
+      # -- If no content envelope exists we need to place
+      # -- an empty one inside the appdb content database.
+      # --
+      master_db[ chapter_id ] = {} unless chapter_exists
+
+      # -- We populate (PUT) file instance attributes into
+      # -- the mini-dictionary at the [VERSE] location.
+      # --
+      verse_id = master_db[ KEY_PATH ]
+      file_absolute_path = ::File.absolute_path( @file_url )
+      chapter_data.create_entry( verse_id, "@in.url", file_absolute_path )
+      chapter_data.create_entry( verse_id, "@out.url", file_absolute_path )
+
+      # -- Lock No.1
+      # --
+      # -- Lock the file content and leave the 3 breadcrumbs
+      # -- (content id, content iv and content key) inside
+      # -- the file attributes mini dictionary to facilitate
+      # -- decrypting and writing out the file again.
+      # --
+      OpenKey::KeyApi.content_lock( chapter_data[ verse_id ], ::File.read( @file_url ), content_hdr )
+
+      # -- Lock No.2
+      # --
+      # -- Lock the chapter's data which includes the new or
+      # -- updated mini-dictionary that holds the breadcrumbs
+      # -- (content id, content iv and content key) that will
+      # -- be used to decrypt and write out the file content.
+      # --
+      # -- Leave another set of breadcrumbs inside the master
+      # -- database (content id, content iv and content key)
+      # -- to facilitate decrypting the chapter's data.
+      # --
+      OpenKey::KeyApi.content_lock( master_db[ chapter_id ], chapter_data.to_json, content_hdr )
+
+      # -- Lock No.3
+      # --
+      # -- Re-lock the master database including the breadcrumbs
+      # -- (content id, content iv and content key) that will
+      # -- (in the future) decrypt this chapter's data.
+      # --
+      OpenKey::KeyApi.write_master_db( content_hdr, master_db )
+
+
+      # -- Communicate that the indicated file has just been
+      # -- successfully ingested into the safe.
+      # --
+      print_file_success master_db[ ENV_PATH ], verse_id, file_absolute_path
+
+    end
+
+
+    private
+
+
+    def print_file_success chapter_id, verse_id, file_url
+
+      puts ""
+      puts "|-"
+      puts "|- Chapter ~> #{chapter_id}"
+      puts "|- + Verse ~> #{verse_id}"
+      puts "|-"
+      puts "|- In File ~> #{file_url}"
+      puts "|-"
+      puts "|- File cocooned inside your safe."
+      puts "|-"
+      puts "|-Command Options"
+      puts "|-"
+      puts "|-    #{COMMANDMENT} put out.dir ~/this/folder"
+      puts "|-    #{COMMANDMENT} put out.name new-filename.txt"
+      puts "|-    #{COMMANDMENT} write"
+      puts "|-"
+      puts ""
+
+    end
+
+
+    # Perform pre-conditional validations in preparation to executing the main flow
+    # of events for this use case. This method may throw the below exceptions.
+    #
+    # @raise [SafeDirNotConfigured] if the safe's url has not been configured
+    # @raise [EmailAddrNotConfigured] if the email address has not been configured
+    # @raise [StoreUrlNotConfigured] if the crypt store url is not configured
+    def pre_validation
+
+
+    end
+
+
+  end
+
+
+end

data/lib/usecase/files/write.rb

@@ -0,0 +1,89 @@
+#!/usr/bin/ruby
+	
+module OpenSecret
+
+  # The <b>write use case</b> writes (or overwrites) a file at the
+  # out url destination.
+  class Write < UseCase
+
+    attr_writer :file_url
+
+    # The <b>read use case</b> pulls a file in from either an accessible filesystem
+    # or from a remote http, https, git, S3, GoogleDrive and/or ssh source.
+    def execute
+
+      return unless ops_key_exists?
+      master_db = get_master_database()
+      return if unopened_envelope?( master_db )
+
+      # Get the open chapter identifier (id).
+      # Decide whether chapter already exists.
+      # Then get (or instantiate) the chapter's hash data structure
+      chapter_id = ENVELOPE_KEY_PREFIX + master_db[ ENV_PATH ]
+      verse_id = master_db[ KEY_PATH ]
+      chapter_exists = OpenKey::KeyApi.db_envelope_exists?( master_db[ chapter_id ] )
+
+
+      # @todo begin
+      # Throw an exception (error) if the chapter
+      # either exists and is empty or does not exist.
+      # @todo end
+
+
+      # Unlock the chapter data structure by supplying
+      # key/value mini-dictionary breadcrumbs sitting
+      # within the master database at the section labelled
+      # envelope@<<actual_chapter_id>>.
+      chapter_data = OpenKey::KeyDb.from_json( OpenKey::KeyApi.content_unlock( master_db[ chapter_id ] ) )
+
+
+      # Unlock the file content by supplying the
+      # key/value mini-dictionary breadcrumbs sitting
+      # within the chapter's data structure in the
+      # section labelled <<verse_id>>.
+      file_content = OpenKey::KeyApi.content_unlock( chapter_data[ verse_id ] )
+
+
+      # We read the location url we plan to eject the
+      # file out into.
+      file_path = @file_url ? @file_url : chapter_data[ verse_id ][ "@out.url" ]
+      file_name = ::File.basename( file_path)
+
+      # If the directory the file will be exported to does
+      # not exist we promptly create it.
+      FileUtils.mkdir_p( File.dirname( file_path ) )
+
+      # Create a backup file if we can detect that a
+      # file occupies the eject (write) filepath.
+      backup_file_path = ::File.join( ::File.dirname( file_path ), OpenKey::KeyNow.yyjjj_hhmm_sst() + "-" + file_name )
+      ::File.write( backup_file_path, ::File.read( file_path ) ) if ::File.file?( file_path )
+
+
+      # Now write (and if necessary overwrite) the eject
+      # file url path with the previously ingested content.
+      ::File.write( file_path, file_content )
+
+
+      # Communicate that the indicated file has just been
+      # successfully written out from the safe.
+      print_file_success( master_db[ ENV_PATH ], verse_id, file_path )
+
+    end
+
+
+    private
+
+
+    # Document a successful write of a file cocooned in the safe.
+    # @param chapter_id the chapter of the file written out
+    # @param verse_id the verse of the file written out
+    # @param file_url the filepath the file was written to
+    def print_file_success chapter_id, verse_id, file_url
+      puts "File [#{file_url}] written out of safe at chapter [#{chapter_id}] and verse [#{verse_id}]."
+    end
+
+
+  end
+
+
+end

data/lib/usecase/goto.rb

@@ -0,0 +1,57 @@
+#!/usr/bin/ruby
+
+module OpenSecret
+
+  # Goto is a shortcut (or alias even) for the open command that takes an integer
+  # index that effectively specifies which <envelope> and <key> to open.
+  #
+  # Use <b>view</b> to list the valid integer indices for each envelope and key
+  # combination.
+  #
+  # View maps out and numbers each envelope/key combination.
+  # Goto with the number effectively shortcuts the open pin pointer command.
+  # Show prints the dictionary at the opened path masking any secrets.
+  #
+  # Once goto is enacted all path CRUD commands come into play as if you had
+  # opened the path. These include put, copy, paste, show, tell and delete.
+  class Goto < UseCase
+
+    # The index (number) starting with 1 of the envelope and key-path
+    # combination that should be opened.
+    attr_writer :index
+
+    def execute
+
+      return unless ops_key_exists?
+      master_db = OpenKey::KeyApi.read_master_db()
+
+      goto_location = 0
+      envelope_dictionaries = OpenKey::KeyApi.to_matching_dictionary( master_db, ENVELOPE_KEY_PREFIX )
+      envelope_dictionaries.each_pair do | envelope_name, crumb_dictionary |
+
+        envelope_content = OpenKey::KeyDb.from_json( OpenKey::KeyApi.content_unlock( crumb_dictionary ) )
+        envelope_content.each_key do | envelope_key |
+
+          goto_location += 1
+          next unless @index.to_i == goto_location
+
+          open_uc = Open.new
+          open_uc.env_path = envelope_name
+          open_uc.key_path = envelope_key
+          open_uc.flow_of_events
+
+          return
+
+        end
+
+
+      end
+
+
+    end
+
+
+  end
+
+
+end

data/lib/usecase/id.rb

@@ -3,7 +3,7 @@
 module OpenSecret
 
 
-  class Id < Command
+  class Id < UseCase
 
 
     def execute

data/lib/usecase/import.rb

@@ -2,8 +2,6 @@
 	
 module OpenSecret
 
-  require 'openssl'
-
   # The <b>import use case</b> follows <b>open</b> and it pulls a file into an
   # <em>(encrypted at rest)</em> <b>envelope</b> while writing metadata about
   # the file into the opened tree dictionary position.
@@ -27,7 +25,7 @@ module OpenSecret
   # remove immediately - remove on next login - remove after a time period
   # or to never remove (manual garbage collection).
   #
-  class Import < Command
+  class Import < UseCase
 
     attr_writer :secret_id, :secret_value
 
@@ -56,34 +54,19 @@ module OpenSecret
     # - a new session id and encryption key is generated and used to re-encrypt
     def execute
 
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-## @todo - rename appdb_content as master_db
-
       return unless ops_key_exists?
-      appdb_content = OpenKey::KeyApi.read_app_content()
+      master_db = OpenKey::KeyApi.read_master_db()
 
       puts "---\n"
       puts "--- The Master Database (Before)\n"
       puts "---\n"
-      puts JSON.pretty_generate( appdb_content )
+      puts JSON.pretty_generate( master_db )
       puts "---\n"
 
-      return if unopened_envelope?( appdb_content )
+      return if unopened_envelope?( master_db )
 
-      envelope_id = ENVELOPE_KEY_PREFIX + appdb_content[ ENV_PATH ]
-      has_content = OpenKey::KeyApi.content_exists?( appdb_content[ envelope_id ] )
+      envelope_id = ENVELOPE_KEY_PREFIX + master_db[ ENV_PATH ]
+      has_content = OpenKey::KeyApi.db_envelope_exists?( master_db[ envelope_id ] )
 
       # --
       # -- To get hold of the content we must either
@@ -91,7 +74,7 @@ module OpenSecret
       # --   a) unlock it using the breadcrumbs or
       # --   b) start afresh with a new content db
       # --
-      content_box = OpenKey::KeyApi.content_unlock( appdb_content[ envelope_id ] ) if has_content
+      content_box = OpenKey::KeyDb.from_json( OpenKey::KeyApi.content_unlock( master_db[ envelope_id ] ) ) if has_content
       content_box = OpenKey::KeyDb.new() unless has_content
       content_hdr = create_header()
 
@@ -99,7 +82,7 @@ module OpenSecret
       # -- If no content envelope exists we need to place
       # -- an empty one inside the appdb content database.
       # --
-      appdb_content[ envelope_id ] = {} unless has_content
+      master_db[ envelope_id ] = {} unless has_content
 
       # --
       # -- This is the PUT use case so we append a
@@ -110,14 +93,14 @@ module OpenSecret
       # -- into the current content envelope and write
       # -- the envelope to the content filepath.
       # --
-      crumbs_dict = appdb_content[ envelope_id ]
-      content_box.create_entry( appdb_content[ KEY_PATH ], @secret_id, @secret_value )
+      crumbs_dict = master_db[ envelope_id ]
+      content_box.create_entry( master_db[ KEY_PATH ], @secret_id, @secret_value )
       OpenKey::KeyApi.content_lock( crumbs_dict, content_box.to_json, content_hdr )
 
       puts "---\n"
       puts "--- The Master Database (After)\n"
       puts "---\n"
-      puts JSON.pretty_generate( appdb_content )
+      puts JSON.pretty_generate( master_db )
       puts "---\n"
 
       # --
@@ -125,7 +108,7 @@ module OpenSecret
       # -- random iv and the crypt key are written afreshinto
       # -- the master database.
       # --
-      OpenKey::KeyApi.write_app_content( content_hdr, appdb_content )
+      OpenKey::KeyApi.write_master_db( content_hdr, master_db )
       print_put_success
 
       return
@@ -150,7 +133,7 @@ module OpenSecret
       puts "Success putting a key/value pair into the open envelope."
       puts "You can put more in and then close the envelope."
       puts ""
-      puts "    ops close"
+      puts "    #{COMMANDMENT} close"
       puts ""
 
     end

data/lib/usecase/init.rb

@@ -2,8 +2,6 @@
 	
 module OpenSecret
 
-  require 'openssl'
-
   # The <b>init use case</b> initializes opensecret thus preparing it
   # for the ability to lock secrets, unlock them, transport their keys and
   # much more.
@@ -11,21 +9,11 @@ module OpenSecret
   # opensecret is a <b>(glorified) placeholder</b>. It takes things in now,
   # keeps them safe and gives them back later, in a <b>helpful manner</b>.
   #
-  # ---
-  #
-  #    ops init bob@gmail.com $HOME/bob.credentials
-  #
-  #       or
-  #
-  #    xport init bob@gmail.com $HOME/apollo.team.x
-  #
-  # ---
-  #
   # == Alternat Error Flows
   #
   # An error will be thrown
   #
-  # - if ops can't create or extend the base directory
+  # - if opensecret cannot create, extend, read or write the drive folder
   # - if the domain is already in the configuration file
   # - if domain has non alphanums, excl hyphens, underscores, @ symbols, periods
   # - if domain does not begin or end with alphanums.
@@ -34,7 +22,7 @@ module OpenSecret
   # - if the domain string's length is less than 5
   # - if "base.opensecret.io" appears twice (or more) in a directory tree
   #
-  class Init < Command
+  class Init < UseCase
 
     attr_writer :master_p4ss, :domain_name, :base_path
 
@@ -42,9 +30,6 @@ module OpenSecret
     # The init use case prepares <b>opensecret</b> so that you can <b>open</b> an envelope,
     # <b>put</b> secrets into it and then <b>seal</b> (lock) it. Locking effectively writes
     # crypted blocks to both keystore and crypt store.
-    #
-    #     ops init apollo@work $HOME/apollo.work.drive
-    #
     def execute
 
       return unless ops_key_exists?