opentox-client 0.0.1pre → 0.0.2pre

data/lib/policy.rb

@@ -1,28 +1,29 @@
 module OpenTox
   require "rexml/document"
 
-  #Module for policy-processing 
+  #Module for policy-processing
   # @see also http://www.opentox.org/dev/apis/api-1.2/AA for opentox API specs
   # Class Policies corresponds to <policies> container of an xml-policy-fle
-  class Policies 
-  
-    attr_accessor :name, :policies
-    
+  class Policies
+
+    #Hash for policy objects see {Policy Policy}
+    attr_accessor :policies, :name
+
     def initialize()
       @policies = {}
     end
-    
+
     #create new policy instance with name
     # @param [String]name of the policy
     def new_policy(name)
       @policies[name] = Policy.new(name)
     end
-    
+
     #drop a specific policy in a policies instance
     # @param [String]name of the policy
     # @return [Boolean]
     def drop_policy(name)
-      return true if @policies.delete(name) 
+      return true if @policies.delete(name)
     end
 
     #drop all policies in a policies instance
@@ -32,58 +33,63 @@ module OpenTox
       end
       return true
     end
-    
+
     # @return [Array] set of arrays affected by policies
     def uris
-      @policies.collect{ |k,v| v.uris }.flatten.uniq
+      @policies.collect{ |k,v| v.uri }.flatten.uniq
     end
 
-        #drop all policies in a policies instance
+    #list all policy names in a policies instance
+    # @return [Array]
     def names
       out = []
       @policies.each do |name, policy|
-        out << name 
+        out << name
       end
       return out
     end
 
-    #loads a default policy template in policies instance
-    def load_default_policy(user, uri, group="member")    
+    # Loads a default policy template in a policies instance
+    # @param [String]user username in LDAP string of user policy: 'uid=<user>,ou=people,dc=opentox,dc=org'
+    # @param [String]uri URI
+    # @param [String]group groupname in LDAP string of group policy: 'cn=<group>,ou=groups,dc=opentox,dc=org'
+    def load_default_policy(user, uri, group="member")
       template = case user
         when "guest", "anonymous" then "default_guest_policy"
-        else "default_policy"     
+        else "default_policy"
       end
       xml = File.read(File.join(File.dirname(__FILE__), "templates/#{template}.xml"))
       self.load_xml(xml)
       datestring = Time.now.strftime("%Y-%m-%d-%H-%M-%S-x") + rand(1000).to_s
-       
+
       @policies["policy_user"].name = "policy_user_#{user}_#{datestring}"
-      @policies["policy_user"].rules["rule_user"].uri = uri
-      @policies["policy_user"].rules["rule_user"].name = "rule_user_#{user}_#{datestring}"
-      @policies["policy_user"].subjects["subject_user"].name = "subject_user_#{user}_#{datestring}"
-      @policies["policy_user"].subjects["subject_user"].value = "uid=#{user},ou=people,dc=opentox,dc=org"
+      @policies["policy_user"].rule.uri = uri
+      @policies["policy_user"].rule.name = "rule_user_#{user}_#{datestring}"
+      @policies["policy_user"].subject.name = "subject_user_#{user}_#{datestring}"
+      @policies["policy_user"].subject.value = "uid=#{user},ou=people,dc=opentox,dc=org"
       @policies["policy_user"].subject_group = "subjects_user_#{user}_#{datestring}"
-            
-      @policies["policy_group"].name = "policy_group_#{group}_#{datestring}" 
-      @policies["policy_group"].rules["rule_group"].uri = uri
-      @policies["policy_group"].rules["rule_group"].name = "rule_group_#{group}_#{datestring}"
-      @policies["policy_group"].subjects["subject_group"].name = "subject_group_#{group}_#{datestring}"
-      @policies["policy_group"].subjects["subject_group"].value = "cn=#{group},ou=groups,dc=opentox,dc=org"
-      @policies["policy_group"].subject_group = "subjects_#{group}_#{datestring}" 
+
+      @policies["policy_group"].name = "policy_group_#{group}_#{datestring}"
+      @policies["policy_group"].rule.uri = uri
+      @policies["policy_group"].rule.name = "rule_group_#{group}_#{datestring}"
+      @policies["policy_group"].subject.name = "subject_group_#{group}_#{datestring}"
+      @policies["policy_group"].subject.value = "cn=#{group},ou=groups,dc=opentox,dc=org"
+      @policies["policy_group"].subject_group = "subjects_#{group}_#{datestring}"
       return true
-    end    
+    end
 
-    #loads a xml template    
+    #loads a xml template
     def load_xml(xml)
       rexml = REXML::Document.new(xml)
       rexml.elements.each("Policies/Policy") do |pol|    #Policies
         policy_name = pol.attributes["name"]
         new_policy(policy_name)
-        #@policies[policy_name] = Policy.new(policy_name)      
+        #@policies[policy_name] = Policy.new(policy_name)
         rexml.elements.each("Policies/Policy[@name='#{policy_name}']/Rule") do |r|    #Rules
-          rule_name = r.attributes["name"]        
+          rule_name = r.attributes["name"]
           uri = rexml.elements["Policies/Policy[@name='#{policy_name}']/Rule[@name='#{rule_name}']/ResourceName"].attributes["name"]
-          @policies[policy_name].rules[rule_name] = @policies[policy_name].new_rule(rule_name, uri)
+          @policies[policy_name].rule.name = rule_name
+          @policies[policy_name].uri = uri
           rexml.elements.each("Policies/Policy[@name='#{policy_name}']/Rule[@name='#{rule_name}']/AttributeValuePair") do |attribute_pairs|
             action=nil; value=nil;
             attribute_pairs.each_element do |elem|
@@ -93,163 +99,234 @@ module OpenTox
             if action and value
               case action
               when "GET"
-                @policies[policy_name].rules[rule_name].get    = value
+                @policies[policy_name].rule.get    = value
               when "POST"
-                @policies[policy_name].rules[rule_name].post   = value
+                @policies[policy_name].rule.post   = value
               when "PUT"
-                @policies[policy_name].rules[rule_name].put    = value
-              when "DELETE"    
-                @policies[policy_name].rules[rule_name].delete = value
+                @policies[policy_name].rule.put    = value
+              when "DELETE"
+                @policies[policy_name].rule.delete = value
               end
             end
-          end        
+          end
         end
         rexml.elements.each("Policies/Policy[@name='#{policy_name}']/Subjects") do |subjects|    #Subjects
-          @policies[policy_name].subject_group = subjects.attributes["name"]        
+          @policies[policy_name].subject_group = subjects.attributes["name"]
           rexml.elements.each("Policies/Policy[@name='#{policy_name}']/Subjects[@name='#{@policies[policy_name].subject_group}']/Subject") do |s|    #Subject
             subject_name  = s.attributes["name"]
             subject_type  = s.attributes["type"]
             subject_value = rexml.elements["Policies/Policy[@name='#{policy_name}']/Subjects[@name='#{@policies[policy_name].subject_group}']/Subject[@name='#{subject_name}']/AttributeValuePair/Value"].text
-            @policies[policy_name].new_subject(subject_name, subject_type, subject_value) if subject_name and subject_type and subject_value
+            if subject_name and subject_type and subject_value
+              @policies[policy_name].subject.name = subject_name
+              @policies[policy_name].type = subject_type
+              @policies[policy_name].value = subject_value
+            end
           end
-        end      
-      end    
+        end
+      end
     end
-    
+
     #generates xml from policies instance
     def to_xml
       doc = REXML::Document.new()
       doc <<  REXML::DocType.new("Policies", "PUBLIC  \"-//Sun Java System Access Manager7.1 2006Q3\n Admin CLI DTD//EN\" \"jar://com/sun/identity/policy/policyAdmin.dtd\"")
       doc.add_element(REXML::Element.new("Policies"))
-      
+
       @policies.each do |name, pol|
         policy = REXML::Element.new("Policy")
         policy.attributes["name"] = pol.name
         policy.attributes["referralPolicy"] = false
         policy.attributes["active"] = true
-        @policies[name].rules.each do |r,rl|
-          rule = @policies[name].rules[r]
-          out_rule = REXML::Element.new("Rule")
-          out_rule.attributes["name"] = rule.name
-          servicename = REXML::Element.new("ServiceName")
-          servicename.attributes["name"]="iPlanetAMWebAgentService"
-          out_rule.add_element(servicename)
-          rescourcename = REXML::Element.new("ResourceName")
-          rescourcename.attributes["name"] = rule.uri
-          out_rule.add_element(rescourcename)
-          
-          ["get","post","delete","put"].each do |act|
-            if rule.method(act).call
-              attribute = REXML::Element.new("Attribute") 
-              attribute.attributes["name"] = act.upcase
-              attributevaluepair = REXML::Element.new("AttributeValuePair")
-              attributevaluepair.add_element(attribute)
-              attributevalue = REXML::Element.new("Value")
-              attributevaluepair.add_element(attributevalue)
-              attributevalue.add_text REXML::Text.new(rule.method(act).call)
-              out_rule.add_element(attributevaluepair)
-              
-            end
+        rule = @policies[name].rule
+        out_rule = REXML::Element.new("Rule")
+        out_rule.attributes["name"] = rule.name
+        servicename = REXML::Element.new("ServiceName")
+        servicename.attributes["name"]="iPlanetAMWebAgentService"
+        out_rule.add_element(servicename)
+        rescourcename = REXML::Element.new("ResourceName")
+        rescourcename.attributes["name"] = rule.uri
+        out_rule.add_element(rescourcename)
+
+        ["get","post","delete","put"].each do |act|
+          if rule.method(act).call
+            attribute = REXML::Element.new("Attribute")
+            attribute.attributes["name"] = act.upcase
+            attributevaluepair = REXML::Element.new("AttributeValuePair")
+            attributevaluepair.add_element(attribute)
+            attributevalue = REXML::Element.new("Value")
+            attributevaluepair.add_element(attributevalue)
+            attributevalue.add_text REXML::Text.new(rule.method(act).call)
+            out_rule.add_element(attributevaluepair)
           end
-          policy.add_element(out_rule)
-        end      
+        end
+        policy.add_element(out_rule)
 
         subjects = REXML::Element.new("Subjects")
         subjects.attributes["name"] = pol.subject_group
         subjects.attributes["description"] = ""
-        @policies[name].subjects.each do |subj, subjs|
-          subject = REXML::Element.new("Subject")
-          subject.attributes["name"] = pol.subjects[subj].name
-          subject.attributes["type"] = pol.subjects[subj].type
-          subject.attributes["includeType"] = "inclusive"
-          attributevaluepair = REXML::Element.new("AttributeValuePair")
-          attribute = REXML::Element.new("Attribute") 
-          attribute.attributes["name"] = "Values"
-          attributevaluepair.add_element(attribute)
-          attributevalue = REXML::Element.new("Value")
-          attributevalue.add_text REXML::Text.new(pol.subjects[subj].value)
-          attributevaluepair.add_element(attributevalue)
-          subject.add_element(attributevaluepair)
-          subjects.add_element(subject)
-        end
+        subj = @policies[name].subject.name
+        subject = REXML::Element.new("Subject")
+        subject.attributes["name"] = pol.subject.name
+        subject.attributes["type"] = pol.subject.type
+        subject.attributes["includeType"] = "inclusive"
+        attributevaluepair = REXML::Element.new("AttributeValuePair")
+        attribute = REXML::Element.new("Attribute")
+        attribute.attributes["name"] = "Values"
+        attributevaluepair.add_element(attribute)
+        attributevalue = REXML::Element.new("Value")
+        attributevalue.add_text REXML::Text.new(pol.subject.value)
+        attributevaluepair.add_element(attributevalue)
+        subject.add_element(attributevaluepair)
+        subjects.add_element(subject)
         policy.add_element(subjects)
         doc.root.add_element(policy)
-      end    
+      end
       out = ""
       doc.write(out, 2)
       return out
-    end  
-    
+    end
+
   end
-  
-  #single policy in a policies instance
-  class Policy 
-  
-    attr_accessor :name, :rules, :subject_group, :subjects
-  
+
+  #single policy in a {Policies Policies} instance
+  class Policy
+
+    attr_accessor :name, :rule, :subject_group, :subject, :value, :type, :uri, :group, :user
+
     def initialize(name)
       @name = name
-      @rules = {}
-      @subject_group = ""
-      @subjects = {}
+      @rule = Rule.new("#{name}_rule", nil)
+      @subject_group = "#{name}_subjects"
+      @subject = Subject.new("#{name}_subject", nil, nil)
     end
-    
-    #create a new rule instance for the policy
-    def new_rule(name, uri)
-      @rules[name] = Rule.new(name, uri)
+
+    # Subject type LDAPUsers or LDAPGroups
+    def type
+      @subject.type
     end
-    
-    #create a new subject instance for the policy 
-    def new_subject(name, type, value)
-      @subjects[name] = Subject.new(name, type, value)
+
+    # Set subject type <LDAPUsers, LDAPGroups>
+    # @param [String],type
+    def type=(type)
+      @subject.type = type
     end
-    
-    # @return [Array] set of uris affected by policy
-    def uris
-      @rules.collect{ |k,v| v.uri }.uniq
+
+    # returns LDAP Distinguished Name (DN) e.g. uid=username,ou=people,dc=opentox,dc=org or cn=membergroup,ou=groups,dc=opentox,dc=org
+    def value
+      @subject.value
+    end
+
+    # sets LDAP Distinguished Name (DN) for policy e.g.
+    # @param [String],LDAPString
+    def value=(value)
+      @subject.value = value
+    end
+
+    # uri affected by policy
+    # @return uri affected by policy
+    def uri
+      @rule.uri
+    end
+
+    # sets uri affected by policy
+    # @param [String] set URI
+    def uri=(uri)
+      @rule.uri = uri
+    end
+
+    # Get the groupname from within the LDAP Distinguished Name (DN)
+    def group
+      return false if !value && type != "LDAPGroups"
+      value.split(",").each{|part| return part.gsub("cn=","") if part.match("cn=")}
+    end
+
+    # Get the username from within the LDAP Distinguished Name (DN)
+    def user
+      return false if !value && type != "LDAPUsers"
+      value.split(",").each{|part| return part.gsub("uid=","") if part.match("uid=")}
+    end
+
+    # helper method sets value and type to opentox LDAP Distinguished Name (DN) of a user
+    def set_ot_user(username)
+      self.value = "uid=#{username},ou=people,dc=opentox,dc=org"
+      self.type = "LDAPUsers"
+      true
+    end
+
+    def set_ot_group(groupname)
+      self.value = "cn=#{groupname},ou=groups,dc=opentox,dc=org"
+      self.type = "LDAPGroups"
+      true
     end
-    
+
     #rule inside a policy
     class Rule
-      
-      attr_accessor :name, :uri, :get, :post, :put, :delete
-      
+
+      attr_accessor :name, :uri, :get, :post, :put, :delete, :read, :readwrite
+
       def initialize(name, uri)
         @name = name
         @uri = uri
       end
-      
-      def rename(new, old)
-        self[new] = self.delete(old)
-        self[new].name = new
-      end
-      
+
+      #Set Rule attribute for request-method GET
+      # @param [String]value (allow,deny,nil)
       def get=(value)
         @get = check_value(value, @get)
       end
-    
+
+      #Set Rule attribute for request-method POST
+      # @param [String]value (allow,deny,nil)
       def post=(value)
         @post = check_value(value, @post)
       end
-          
+
+      #Set Rule attribute for request-method DELETE
+      # @param [String]value (allow,deny,nil)
       def delete=(value)
         @delete = check_value(value, @delete)
       end
-      
+
+      #Set Rule attribute for request-method PUT
+      # @param [String]value (allow,deny,nil)
       def put=(value)
         @put = check_value(value, @put)
       end
-          
+
+      def read
+        return true if @get == "allow" && (@put == "deny" || !@put) && (@post == "deny" || !@post)
+      end
+
+      def readwrite
+        return true if @get == "allow" && @put == "allow" && @post == "allow"
+      end
+
+      def read=(value)
+        if value
+          @get = "allow"; @put = nil; @post = nil
+        else
+          @get = nil; @put = nil; @post = nil
+        end
+      end
+
+      def readwrite=(value)
+        if value
+          @get = "allow"; @put = "allow"; @post = "allow"
+        else
+          @get = nil; @put = nil; @post = nil
+        end
+      end
+
       private
-      #checks if value is allow or deny. returns old value if not valid. 
+      #checks if value is allow, deny or nil. returns old value if not valid.
       def check_value(new_value, old_value)
-        return (new_value=="allow" || new_value=="deny" || new_value==nil) ? new_value : old_value 
+        return (new_value=="allow" || new_value=="deny" || new_value==nil) ? new_value : old_value
       end
     end
-    
+
     class Subject
 
-      attr_accessor :name, :type, :value  
+      attr_accessor :name, :type, :value
 
       def initialize(name, type, value)
         @name  = name
@@ -258,4 +335,4 @@ module OpenTox
       end
     end
   end
-end
+end

data/lib/rest-client-wrapper.rb

@@ -16,12 +16,16 @@ module OpenTox
       define_singleton_method method do |uri,payload={},headers={}|
 
         # check input 
+        @subjectid = headers[:subjectid] ? headers[:subjectid] : nil
         bad_request_error "Invalid URI: '#{uri}'" unless URI.valid? uri
-        not_found_error "URI '#{uri}' not found." unless URI.accessible? uri
+        not_found_error "URI '#{uri}' not found." unless URI.accessible?(uri, @subjectid) unless URI.ssl?(uri)
         bad_request_error "Headers are not a hash: #{headers.inspect}" unless headers==nil or headers.is_a?(Hash)
         # make sure that no header parameters are set in the payload
         [:accept,:content_type,:subjectid].each do |header|
-          bad_request_error "#{header} should be submitted in the headers" if payload and payload.is_a?(Hash) and payload[header] 
+          if defined? $aa || URI(uri).host == URI($aa[:uri]).host
+          else
+            bad_request_error "#{header} should be submitted in the headers" if payload and payload.is_a?(Hash) and payload[header]
+          end
         end
       
         # create request
@@ -33,13 +37,16 @@ module OpenTox
         headers.each{ |k,v| headers.delete(k) if v==nil } if headers #remove keys with empty values, as this can cause problems
         args[:headers] = headers 
 
-        # perform request
         @request = RestClient::Request.new(args)
-        # do not throw RestClient exceptions in order to create a @response object (needed for error reports) in every case
-        @response = @request.execute { |response, request, result| return response }
         # ignore error codes from Task services (may return error codes >= 400 according to API, which causes exceptions in RestClient and RDF::Reader)
-        raise OpenTox::RestCallError.new @request, @response, "Response code is #{@response.code}." unless @response.code < 400 or URI.task? uri
-        @response
+        @response = @request.execute do |response, request, result|
+          if [301, 302, 307].include? response.code and request.method == :get
+            response.follow_redirection(request, result)
+          else
+            raise OpenTox::RestCallError.new response.to_s, request, uri unless response.code < 400 or URI.task? uri
+            response
+          end
+        end
       end
     end
 

data/lib/task.rb

@@ -1,4 +1,3 @@
-require File.join(File.dirname(__FILE__),'error')
 DEFAULT_TASK_MAX_DURATION = 36000
 module OpenTox
 
@@ -9,17 +8,14 @@ module OpenTox
 
     def self.create service_uri, params={}
 
-      # TODO set/enforce request uri
-      # TODO: run observer in same process?
       task = Task.new RestClientWrapper.post(service_uri,params).chomp
       pid = fork do
         begin
           result_uri = yield 
           task.completed result_uri
         rescue 
-          RestClientWrapper.put(File.join(task.uri,'Error'),{:errorReport => $!.report.to_yaml})
+          RestClientWrapper.put(File.join(task.uri,'Error'),{:errorReport => $!.report.to_yaml}) if $!.respond_to? :report
           task.kill
-          #raise $!
         end
       end
       Process.detach(pid)
@@ -43,7 +39,7 @@ module OpenTox
     def kill
       Process.kill(9,@pid)
       Process.kill(9,@observer_pid)
-      rescue # no need to raise an exeption if processes are not running
+    rescue # no need to raise an exeption if processes are not running
     end
 
     def description
@@ -62,23 +58,27 @@ module OpenTox
     end
 
     def completed(uri)
-      not_found_error "Result URI \"#{uri}\" does not exist." unless URI.accessible? uri
+      #not_found_error "Result URI \"#{uri}\" does not exist." unless URI.accessible? uri
       RestClientWrapper.put(File.join(@uri,'Completed'),{:resultURI => uri})
     end
 
     # waits for a task, unless time exceeds or state is no longer running
     # @param [optional,Numeric] dur seconds pausing before checking again for completion
-    def wait(dur=0.3)
-      due_to_time = Time.new + DEFAULT_TASK_MAX_DURATION
-      while running?
+    # TODO: add waiting task
+    def wait
+      start_time = Time.new
+      due_to_time = start_time + DEFAULT_TASK_MAX_DURATION
+      dur = 0
+      while running? 
         sleep dur
+        dur = [[(Time.new - start_time)/20.0,0.3].max,300.0].min
         time_out_error "max wait time exceeded ("+DEFAULT_TASK_MAX_DURATION.to_s+"sec), task: '"+@uri.to_s+"'" if (Time.new > due_to_time)
       end
     end
 
   end
 
-  # get only header for ststus requests
+  # get only header for status requests
   def running?
     RestClientWrapper.head(@uri).code == 202 
   end
@@ -96,28 +96,19 @@ module OpenTox
     code >= 400 and code != 503
   end
 
-  def method_missing(method,*args)
-    method = method.to_s
-    begin
-      case method
-      when /=/
-        res = RestClientWrapper.put(File.join(@uri,method.sub(/=/,'')),{})
-        super unless res.code == 200
-      else
-        pull
-        response = self.[](RDF::OT[method])
-        response = self.[](RDF::OT1[method]) if response.empty?  # API 1.1 compatibility
-        internal_server_error "No #{method} metadata for #{@uri} " if response.empty?
-        return response.uniq.first.to_s
-      end
-    rescue OpenTox::Error
-      raise $!
-    rescue
-      $logger.error "Unknown #{self.class} method #{method}"
-      super
+  def errorReport
+    # TODO: fix rdf output at task service
+    not_implemented_error "RDF output of errorReports has to be fixed at task service"
+  end
+
+  [:hasStatus, :resultURI].each do |method|
+    define_method method do
+      response = self.[](RDF::OT[method])
+      response = self.[](RDF::OT1[method]) unless response  # API 1.1 compatibility
+      response
     end
   end
 
-  #TODO: subtasks
+  #TODO: subtasks (only for progress)
 
 end

data/opentox-client.gemspec

@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
 
 Gem::Specification.new do |s|
   s.name        = "opentox-client"
-  s.version     = "0.0.1pre"
+  s.version     = "0.0.2pre"
   s.authors     = ["Christoph Helma, Martin Guetlein, Andreas Maunz, Micha Rautenberg, David Vorgrimmler"]
   s.email       = ["helma@in-silico.ch"]
   s.homepage    = "http://github.com/opentox/opentox-client"
@@ -24,4 +24,8 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency "rdf"
   s.add_runtime_dependency "rdf-raptor"
   s.add_runtime_dependency "open4"
+  
+  # external requirements
+  ["libraptor-dev"].each{|r| s.requirements << r}
+  s.post_install_message = "Please check the version of your libraptor library, if installation of rdf.rb fails"
 end