passenger 5.1.7 → 5.1.8

data/src/cxx_supportlib/ConfigKit/Schema.h

@@ -35,7 +35,7 @@
 #include <jsoncpp/json.h>
 
 #include <Exceptions.h>
-#include <Logging.h>
+#include <LoggingKit/LoggingKit.h>
 #include <ConfigKit/Common.h>
 #include <ConfigKit/DummyTranslator.h>
 #include <ConfigKit/Utils.h>
@@ -59,16 +59,19 @@ public:
 		Type type;
 		Flags flags;
 		ValueGetter defaultValueGetter;
+		ValueFilter inspectFilter;
 
 		Entry()
 			: type(UNKNOWN_TYPE),
 			  flags(OPTIONAL)
 			{ }
 
-		Entry(Type _type, Flags _flags, const ValueGetter &_defaultValueGetter)
+		Entry(Type _type, Flags _flags, const ValueGetter &_defaultValueGetter,
+			const ValueFilter &_inspectFilter)
 			: type(_type),
 			  flags(_flags),
-			  defaultValueGetter(_defaultValueGetter)
+			  defaultValueGetter(_defaultValueGetter),
+			  inspectFilter(_inspectFilter)
 			{ }
 
 		Json::Value inspect() const {
@@ -85,18 +88,43 @@ public:
 			if (flags & READ_ONLY) {
 				doc["read_only"] = true;
 			}
+			if (flags & SECRET) {
+				doc["secret"] = true;
+			}
 			if (defaultValueGetter) {
-				doc["has_default_value"] = true;
+				if (flags & _DYNAMIC_DEFAULT_VALUE) {
+					doc["has_default_value"] = "dynamic";
+				} else {
+					doc["has_default_value"] = "static";
+					doc["default_value"] = Schema::getStaticDefaultValue(*this);
+				}
 			}
 		}
 	};
 
+	class EntryBuilder {
+	private:
+		Entry *entry;
+
+	public:
+		EntryBuilder(Entry &_entry)
+			: entry(&_entry)
+			{ }
+
+		EntryBuilder &setInspectFilter(const ValueFilter &filter) {
+			entry->inspectFilter = filter;
+			return *this;
+		}
+	};
+
 	typedef StringKeyTable<Entry>::ConstIterator ConstIterator;
 	typedef boost::function<void (const Store &store, vector<Error> &errors)> Validator;
+	typedef boost::function<Json::Value (const Json::Value &effectiveValues)> Normalizer;
 
 private:
 	StringKeyTable<Entry> entries;
 	boost::container::vector<Validator> validators;
+	boost::container::vector<Normalizer> normalizers;
 	bool finalized;
 
 	static Json::Value returnJsonValue(const Store &store, Json::Value v) {
@@ -114,6 +142,13 @@ private:
 		const Schema *subschema, const Translator *translator,
 		const Validator &origValidator);
 
+	template<typename Translator>
+	static Json::Value normalizeSubSchema(const Json::Value &effectiveValues,
+		const Schema *mainSchema, const Schema *subschema,
+		const Translator *translator, const Normalizer &origNormalizer);
+
+	static Json::Value getStaticDefaultValue(const Schema::Entry &entry);
+
 public:
 	Schema()
 		: finalized(false)
@@ -122,28 +157,29 @@ public:
 	/**
 	 * Register a new schema entry, possibly with a static default value.
 	 */
-	void add(const HashedStaticString &key, Type type, unsigned int flags,
+	EntryBuilder add(const HashedStaticString &key, Type type, unsigned int flags,
 		const Json::Value &defaultValue = Json::Value(Json::nullValue))
 	{
 		assert(!finalized);
 		if (defaultValue.isNull()) {
-			Entry entry(type, (Flags) flags, ValueGetter());
-			entries.insert(key, entry);
+			Entry entry(type, (Flags) flags, ValueGetter(), ValueFilter());
+			return EntryBuilder(entries.insert(key, entry)->value);
 		} else {
 			if (flags & REQUIRED) {
 				throw ArgumentException(
 					"A key cannot be required and have a default value at the same time");
 			}
 			Entry entry(type, (Flags) flags,
-				boost::bind(returnJsonValue, boost::placeholders::_1, defaultValue));
-			entries.insert(key, entry);
+				boost::bind(returnJsonValue, boost::placeholders::_1, defaultValue),
+				ValueFilter());
+			return EntryBuilder(entries.insert(key, entry)->value);
 		}
 	}
 
 	/**
 	 * Register a new schema entry with a dynamic default value.
 	 */
-	void addWithDynamicDefault(const HashedStaticString &key, Type type, unsigned int flags,
+	EntryBuilder addWithDynamicDefault(const HashedStaticString &key, Type type, unsigned int flags,
 		const ValueGetter &defaultValueGetter)
 	{
 		if (flags & REQUIRED) {
@@ -151,8 +187,9 @@ public:
 				"A key cannot be required and have a default value at the same time");
 		}
 		assert(!finalized);
-		Entry entry(type, (Flags) (flags | _DYNAMIC_DEFAULT_VALUE), defaultValueGetter);
-		entries.insert(key, entry);
+		Entry entry(type, (Flags) (flags | _DYNAMIC_DEFAULT_VALUE), defaultValueGetter,
+			ValueFilter());
+		return EntryBuilder(entries.insert(key, entry)->value);
 	}
 
 	void addSubSchema(const Schema &subschema) {
@@ -182,18 +219,25 @@ public:
 			}
 
 			Entry entry2(entry.type, (Flags) (entry.flags | _FROM_SUBSCHEMA),
-				valueGetter);
+				valueGetter, entry.inspectFilter);
 			entries.insert(translator.reverseTranslateOne(key), entry2);
 			it.next();
 		}
 
-		boost::container::vector<Schema::Validator>::const_iterator v_it, v_end
+		boost::container::vector<Validator>::const_iterator v_it, v_end
 			= subschema.getValidators().end();
 		for (v_it = subschema.getValidators().begin(); v_it != v_end; v_it++) {
 			validators.push_back(boost::bind(validateSubSchema<Translator>,
 				boost::placeholders::_1, boost::placeholders::_2,
 				&subschema, &translator, *v_it));
 		}
+
+		boost::container::vector<Normalizer>::const_iterator n_it, n_end
+			= subschema.getNormalizers().end();
+		for (n_it = subschema.getNormalizers().begin(); n_it != n_end; n_it++) {
+			normalizers.push_back(boost::bind(normalizeSubSchema<Translator>,
+				boost::placeholders::_1, this, &subschema, &translator, *n_it));
+		}
 	}
 
 	void addValidator(const Validator &validator) {
@@ -201,11 +245,17 @@ public:
 		validators.push_back(validator);
 	}
 
+	void addNormalizer(const Normalizer &normalizer) {
+		assert(!finalized);
+		normalizers.push_back(normalizer);
+	}
+
 	void finalize() {
 		assert(!finalized);
 		entries.compact();
 		finalized = true;
 		validators.shrink_to_fit();
+		normalizers.shrink_to_fit();
 	}
 
 	bool get(const HashedStaticString &key, const Entry **entry) const {
@@ -241,7 +291,6 @@ public:
 
 		switch (entry->type) {
 		case STRING_TYPE:
-		case PASSWORD_TYPE:
 			if (value.isConvertibleTo(Json::stringValue)) {
 				return true;
 			} else {
@@ -302,6 +351,15 @@ public:
 				error = Error("'{{" + key + "}}' must be an array");
 				return false;
 			}
+		case OBJECT_TYPE:
+			if (value.isObject()) {
+				return true;
+			} else {
+				error = Error("'{{" + key + "}}' must be a JSON object");
+				return false;
+			}
+		case ANY_TYPE:
+			return true;
 		default:
 			P_BUG("Unknown type " + Passenger::toString((int) entry->type));
 			return false;
@@ -313,6 +371,11 @@ public:
 		return validators;
 	}
 
+	const boost::container::vector<Normalizer> &getNormalizers() const {
+		assert(finalized);
+		return normalizers;
+	}
+
 	ConstIterator getIterator() const {
 		assert(finalized);
 		return ConstIterator(entries);

data/src/cxx_supportlib/ConfigKit/Store.h

@@ -28,12 +28,24 @@
 
 #include <string>
 #include <vector>
+#include <cassert>
+// for std::swap()
+#if __cplusplus >= 201103L
+	#include <utility>
+#else
+	#include <algorithm>
+#endif
+#include <boost/config.hpp>
+
+#include <jsoncpp/json.h>
 
 #include <ConfigKit/Common.h>
 #include <ConfigKit/Schema.h>
 #include <ConfigKit/Utils.h>
-#include <jsoncpp/json.h>
+#include <LoggingKit/Assert.h>
+#include <Exceptions.h>
 #include <DataStructures/StringKeyTable.h>
+#include <Utils/StrIntUtils.h>
 
 namespace Passenger {
 namespace ConfigKit {
@@ -87,7 +99,7 @@ private:
 		}
 	};
 
-	const Schema &schema;
+	const Schema *schema;
 	StringKeyTable<Entry> entries;
 	bool updatedOnce;
 
@@ -101,8 +113,8 @@ private:
 		}
 	}
 
-	static Json::Value maybeFilterPassword(const Entry &entry, const Json::Value &value) {
-		if (entry.schemaEntry->type == PASSWORD_TYPE) {
+	static Json::Value maybeFilterSecret(const Entry &entry, const Json::Value &value) {
+		if (entry.schemaEntry->flags & SECRET) {
 			if (value.isNull()) {
 				return Json::nullValue;
 			} else {
@@ -113,12 +125,24 @@ private:
 		}
 	}
 
+	void initialize() {
+		Schema::ConstIterator it = schema->getIterator();
+
+		while (*it != NULL) {
+			Entry entry(it.getValue());
+			entries.insert(it.getKey(), entry);
+			it.next();
+		}
+
+		entries.compact();
+	}
+
 	bool isWritable(const Entry &entry) const {
 		return !(entry.schemaEntry->flags & READ_ONLY) || !updatedOnce;
 	}
 
 	void applyCustomValidators(const Json::Value &updates, vector<Error> &errors) const {
-		Store tempStore(schema);
+		Store tempStore(*schema);
 		StringKeyTable<Entry>::Iterator it(tempStore.entries);
 
 		while (*it != NULL) {
@@ -133,31 +157,157 @@ private:
 		}
 
 		boost::container::vector<Schema::Validator>::const_iterator v_it, v_end
-			= schema.getValidators().end();
-		for (v_it = schema.getValidators().begin(); v_it != v_end; v_it++) {
+			= schema->getValidators().end();
+		for (v_it = schema->getValidators().begin(); v_it != v_end; v_it++) {
 			const Schema::Validator &validator = *v_it;
 			validator(tempStore, errors);
 		}
 	}
 
+	void applyNormalizers(Json::Value &doc) const {
+		boost::container::vector<Schema::Normalizer>::const_iterator n_it, n_end;
+
+		n_it = schema->getNormalizers().begin();
+		n_end = schema->getNormalizers().end();
+		for (; n_it != n_end; n_it++) {
+			const Schema::Normalizer &normalizer = *n_it;
+			Json::Value effectiveValues(Json::objectValue);
+			Json::Value::iterator it, end = doc.end();
+
+			for (it = doc.begin(); it != end; it++) {
+				string name = it.name();
+				effectiveValues[name] = doc[name]["effective_value"];
+			}
+
+			Json::Value updates = normalizer(effectiveValues);
+			if (OXT_UNLIKELY(!updates.isNull() && !updates.isObject())) {
+				P_BUG("ConfigKit normalizers may only return null or object values");
+			}
+			if (updates.isNull() || updates.empty()) {
+				continue;
+			}
+
+			end = updates.end();
+			for (it = updates.begin(); it != end; it++) {
+				string name = it.name();
+				if (doc.isMember(name)) {
+					Json::Value &subdoc = doc[name];
+					subdoc["user_value"] = *it;
+					subdoc["effective_value"] = *it;
+				} else {
+					P_BUG("A ConfigKit normalizer returned a key that is not part of the schema: "
+						<< name);
+				}
+			}
+		}
+	}
+
+	void applyInspectFilters(Json::Value &doc) const {
+		StringKeyTable<Entry>::ConstIterator it(entries);
+		while (*it != NULL) {
+			const Entry &entry = it.getValue();
+			if (entry.schemaEntry->inspectFilter == NULL) {
+				it.next();
+				continue;
+			}
+
+			const HashedStaticString &key = it.getKey();
+			Json::Value &subdoc = doc[key];
+
+			Json::Value &userValue = subdoc["user_value"];
+			userValue = entry.schemaEntry->inspectFilter(userValue);
+
+			if (subdoc.isMember("default_value")) {
+				Json::Value &defaultValue = subdoc["default_value"];
+				defaultValue = entry.schemaEntry->inspectFilter(defaultValue);
+			}
+
+			Json::Value &effectiveValue = subdoc["effective_value"];
+			effectiveValue = entry.schemaEntry->inspectFilter(effectiveValue);
+
+			it.next();
+		}
+	}
+
+	void doFilterSecrets(Json::Value &doc) const {
+		StringKeyTable<Entry>::ConstIterator it(entries);
+		while (*it != NULL) {
+			const HashedStaticString &key = it.getKey();
+			const Entry &entry = it.getValue();
+			Json::Value &subdoc = doc[key];
+
+			Json::Value &userValue = subdoc["user_value"];
+			userValue = maybeFilterSecret(entry, userValue);
+
+			if (subdoc.isMember("default_value")) {
+				Json::Value &defaultValue = subdoc["default_value"];
+				defaultValue = maybeFilterSecret(entry, defaultValue);
+			}
+
+			Json::Value &effectiveValue = subdoc["effective_value"];
+			effectiveValue = maybeFilterSecret(entry, effectiveValue);
+
+			it.next();
+		}
+	}
+
 public:
+	Store()
+		: schema(NULL),
+		  entries(0, 0),
+		  updatedOnce(false)
+		{ }
+
 	Store(const Schema &_schema)
-		: schema(_schema),
+		: schema(&_schema),
 		  updatedOnce(false)
 	{
-		Schema::ConstIterator it = _schema.getIterator();
+		initialize();
+	}
 
-		while (*it != NULL) {
-			Entry entry(it.getValue());
-			entries.insert(it.getKey(), entry);
-			it.next();
+	Store(const Schema &_schema, const Json::Value &initialValues)
+		: schema(&_schema),
+		  updatedOnce(false)
+	{
+		vector<Error> errors;
+		initialize();
+		if (!update(initialValues, errors)) {
+			throw ArgumentException("Invalid initial configuration: "
+				+ toString(errors));
 		}
+	}
 
-		entries.compact();
+	template<typename Translator>
+	Store(const Schema &_schema, const Json::Value &initialValues,
+		const Translator &translator)
+		: schema(&_schema),
+		  updatedOnce(false)
+	{
+		vector<Error> errors;
+		initialize();
+		if (!update(translator.translate(initialValues), errors)) {
+			errors = translator.reverseTranslate(errors);
+			throw ArgumentException("Invalid initial configuration: "
+				+ toString(errors));
+		}
+	}
+
+	Store(const Store &other, const Json::Value &updates, vector<Error> &errors)
+		: schema(other.schema),
+		  updatedOnce(false)
+	{
+		initialize();
+		if (update(other.inspectUserValues(), errors)) {
+			update(updates, errors);
+		}
 	}
 
 	const Schema &getSchema() const {
-		return schema;
+		return *schema;
+	}
+
+	bool hasBeenUpdatedAtLeastOnce() const {
+		return updatedOnce;
 	}
 
 	/**
@@ -188,17 +338,22 @@ public:
 	 * and whether it passes validation, without actually updating the
 	 * stored configuration.
 	 *
-	 * You can use the `forceApplyUpdatePreview` method to apply the result, but
-	 * be sure to do that only if validation passes.
-	 *
 	 * If validation fails then any validation errors will be added to `errors`.
 	 *
 	 * Any keys in `updates` that are not registered are omitted from the result.
 	 * Any keys not in `updates` do not affect existing values stored in the store.
 	 *
-	 * The format returned by this method is the same as that of `dump()`.
+	 * The format returned by this method is the same as that of `inspect()`,
+	 * with the following exceptions:
+	 *
+	 *  - If `filterSecrets` is set to false, values of fields
+	 *    marked with the `SECRET` flag are not filtered.
+	 *  - If `shouldApplyInspectFilters` is set to false, values of fields
+	 *    are not passed through inspect filters.
 	 */
-	Json::Value previewUpdate(const Json::Value &updates, vector<Error> &errors) const {
+	Json::Value previewUpdate(const Json::Value &updates, vector<Error> &errors,
+		bool filterSecrets = true, bool shouldApplyInspectFilters = true) const
+	{
 		if (!updates.isNull() && !updates.isObject()) {
 			errors.push_back(Error("The JSON document must be an object"));
 			return inspect();
@@ -206,6 +361,7 @@ public:
 
 		Json::Value result(Json::objectValue);
 		StringKeyTable<Entry>::ConstIterator it(entries);
+		vector<Error> tmpErrors;
 		Error error;
 
 		while (*it != NULL) {
@@ -213,6 +369,8 @@ public:
 			const Entry &entry = it.getValue();
 			Json::Value subdoc(Json::objectValue);
 
+			entry.schemaEntry->inspect(subdoc);
+
 			if (isWritable(entry) && updates.isMember(key)) {
 				subdoc["user_value"] = updates[key];
 			} else {
@@ -226,41 +384,33 @@ public:
 				subdoc["effective_value"] =
 					getEffectiveValue(subdoc["user_value"],
 						subdoc["default_value"]);
-			if (!schema.validateValue(it.getKey(), effectiveValue, error)) {
-				errors.push_back(error);
+			if (!schema->validateValue(it.getKey(), effectiveValue, error)) {
+				tmpErrors.push_back(error);
 			}
 
-			entry.schemaEntry->inspect(subdoc);
-
 			result[it.getKey()] = subdoc;
 			it.next();
 		}
 
-		if (!schema.getValidators().empty()) {
-			applyCustomValidators(updates, errors);
+		if (!schema->getValidators().empty()) {
+			applyCustomValidators(updates, tmpErrors);
 		}
 
-		return result;
-	}
+		if (tmpErrors.empty()) {
+			applyNormalizers(result);
+		}
 
-	/**
-	 * Applies the result of `updatePreview()` without performing any
-	 * validation. Be sure to only call this if you've verified that
-	 * `updatePreview()` passes validation, otherwise you will end up
-	 * with invalid data in the store.
-	 */
-	void forceApplyUpdatePreview(const Json::Value &preview) {
-		StringKeyTable<Entry>::Iterator it(entries);
-		while (*it != NULL) {
-			Entry &entry = it.getValue();
-			const Json::Value &subdoc =
-				const_cast<const Json::Value &>(preview)[it.getKey()];
-			if (isWritable(entry)) {
-				entry.userValue = subdoc["user_value"];
-			}
-			it.next();
+		if (shouldApplyInspectFilters) {
+			applyInspectFilters(result);
 		}
-		updatedOnce = true;
+
+		if (filterSecrets) {
+			doFilterSecrets(result);
+		}
+
+		errors.insert(errors.end(), tmpErrors.begin(), tmpErrors.end());
+
+		return result;
 	}
 
 	/**
@@ -273,9 +423,19 @@ public:
 	 * Any keys not in `updates` do not affect existing values stored in the store.
 	 */
 	bool update(const Json::Value &updates, vector<Error> &errors) {
-		Json::Value preview = previewUpdate(updates, errors);
+		Json::Value preview = previewUpdate(updates, errors, false, false);
 		if (errors.empty()) {
-			forceApplyUpdatePreview(preview);
+			StringKeyTable<Entry>::Iterator it(entries);
+			while (*it != NULL) {
+				Entry &entry = it.getValue();
+				if (isWritable(entry)) {
+					const Json::Value &subdoc =
+						const_cast<const Json::Value &>(preview)[it.getKey()];
+					entry.userValue = subdoc["user_value"];
+				}
+				it.next();
+			}
+			updatedOnce = true;
 			return true;
 		} else {
 			return false;
@@ -292,7 +452,7 @@ public:
 		while (*it != NULL) {
 			const HashedStaticString &subSchemaKey = it.getKey();
 			Entry &subSchemaEntry = it.getValue();
-			const StaticString mainSchemaKey = translator.reverseTranslateOne(
+			const string mainSchemaKey = translator.reverseTranslateOne(
 				subSchemaKey);
 			const Entry *mainSchemaEntry;
 
@@ -306,6 +466,12 @@ public:
 		return result;
 	}
 
+	void swap(Store &other) BOOST_NOEXCEPT_OR_NOTHROW {
+		std::swap(schema, other.schema);
+		entries.swap(other.entries);
+		std::swap(updatedOnce, other.updatedOnce);
+	}
+
 	/**
 	 * Inspects the current store's configuration keys and values in a format
 	 * that displays user-supplied and effective values, as well as
@@ -320,17 +486,20 @@ public:
 			const Entry &entry = it.getValue();
 			Json::Value subdoc(Json::objectValue);
 
-			subdoc["user_value"] = maybeFilterPassword(entry, entry.userValue);
-			if (entry.schemaEntry->defaultValueGetter) {
-				subdoc["default_value"] = maybeFilterPassword(entry, entry.getDefaultValue(*this));
-			}
-			subdoc["effective_value"] = maybeFilterPassword(entry, entry.getEffectiveValue(*this));
 			entry.schemaEntry->inspect(subdoc);
+			subdoc["user_value"] = entry.userValue;
+			subdoc["effective_value"] = entry.getEffectiveValue(*this);
+			if (entry.schemaEntry->defaultValueGetter && entry.schemaEntry->flags & _DYNAMIC_DEFAULT_VALUE) {
+				subdoc["default_value"] = entry.getDefaultValue(*this);
+			}
 
 			result[it.getKey()] = subdoc;
 			it.next();
 		}
 
+		applyInspectFilters(result);
+		doFilterSecrets(result);
+
 		return result;
 	}
 
@@ -339,6 +508,7 @@ public:
 	 * values only. This is like `inspect()` but much less verbose.
 	 * See the README's "Inspecting all data" section to learn more
 	 * about the format.
+	 * Note that values with the SECRET flag are not filtered.
 	 */
 	Json::Value inspectEffectiveValues() const {
 		Json::Value result(Json::objectValue);
@@ -352,6 +522,24 @@ public:
 
 		return result;
 	}
+
+	/**
+	 * Inspects the current store's configuration keys and user
+	 * values only. This is like `inspect()` but much less verbose.
+	 * Note that values with the SECRET flag are not filtered.
+	 */
+	Json::Value inspectUserValues() const {
+		Json::Value result(Json::objectValue);
+		StringKeyTable<Entry>::ConstIterator it(entries);
+
+		while (*it != NULL) {
+			const Entry &entry = it.getValue();
+			result[it.getKey()] = entry.userValue;
+			it.next();
+		}
+
+		return result;
+	}
 };
 
 
@@ -390,6 +578,37 @@ Schema::validateSubSchema(const Store &store, vector<Error> &errors,
 	}
 }
 
+template<typename Translator>
+inline Json::Value
+Schema::normalizeSubSchema(const Json::Value &effectiveValues,
+	const Schema *mainSchema, const Schema *subschema,
+	const Translator *translator, const Normalizer &origNormalizer)
+{
+	Json::Value translatedEffectiveValues(Json::objectValue);
+	StringKeyTable<Entry>::ConstIterator it(subschema->entries);
+
+	while (*it != NULL) {
+		const HashedStaticString &subSchemaKey = it.getKey();
+		const string mainSchemaKey = translator->reverseTranslateOne(
+			subSchemaKey);
+		const Entry *mainSchemaEntry;
+
+		if (mainSchema->entries.lookup(mainSchemaKey, &mainSchemaEntry)) {
+			translatedEffectiveValues[subSchemaKey] = effectiveValues[mainSchemaKey];
+		}
+
+		it.next();
+	}
+
+	return translator->reverseTranslate(origNormalizer(translatedEffectiveValues));
+}
+
+inline Json::Value
+Schema::getStaticDefaultValue(const Schema::Entry &entry) {
+	Store::Entry storeEntry(entry);
+	return Store::maybeFilterSecret(storeEntry, storeEntry.getDefaultValue(Store()));
+}
+
 
 } // namespace ConfigKit
 } // namespace Passenger