phoseum-cli 0.0.16 → 0.0.21

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b9b6d70c029b61bd0b79fa9b273127031722834e15ce61e3c9af70c4df351257
-  data.tar.gz: 785291e7e82d36150ec29aafcdcc965af92f2fed9e2fad501ed16c49961922b4
+  metadata.gz: 3e2bd25792289a6beebdf3d17cb4b4365086d407348c4ca7e17862b65522f57d
+  data.tar.gz: f4fbfa8dc826cfb429b15b3ccbc79446af45d6a44dbd99e01ce96ee77dfa15b6
 SHA512:
-  metadata.gz: 50c263d913f571b9c55a31e6aab978568067105fb663c3ed2c41a244942e2e06b9c7fa16a3933e53a25f735ec3cefb1a63598fdc000f1d4fe38771b8090ec7e9
-  data.tar.gz: ba3c420ac178f153baef9815486cd902cb3f42906bf66bc038bdff0478ea0c52092926e41cf704a5b7e5939cc9bedc88b65872dab94c4182153d89ca0ea5a9df
+  metadata.gz: f25658cea0878061423c1761a5017fcbc4e78535bbce0175266539732f7eb862db30342d7a7276e182a71461548f021112c460c8d253dabc5624d17bc2597285
+  data.tar.gz: 7cd9478c899d770e8cb15e1d83f1e0a030783ac3f5f10bdf99d2e8c046588001c77818b9d6abeb900fa2b979fa9bd47f87427f2305db0074d4cd501b4daabb77

data/bin/phoseum-cli

@@ -277,6 +277,15 @@ def user_mgmt(action,user,pass='',role='')
 end
 
 def user_login(puser='',ppass='')
+
+  server_value = cross_versions()
+  if server_value['version'] != VERSION_SIGN
+    puts "Server and Client version won't match, please make them match to continue.".red
+    puts "Remote version: #{server_value['version']}"
+    puts "Local version: #{VERSION_SIGN}"
+    exit 1
+  end
+
   post_body={}
   user= !puser ? '' : puser
   pass= !ppass ? '' : ppass
@@ -332,7 +341,6 @@ def user_login(puser='',ppass='')
   return false
 end
 
-
 def delete(what='',path='')
   if !validate_token($config['TOKEN'])
     if token = user_login()
@@ -380,20 +388,28 @@ case options
     end
     health(what,value)
   when -> (cre) { cre[:create_user] }
-    puts "Creating User".green if !$QUIET
     if options[:create_user]
       value=check_string_sanity(options[:create_user])
+      username_sanity(value)
+      puts "Creating User #{value}".green if !$QUIET
       what='add_user'
-      if !options[:role]
-        puts "You need to select one of the valid Roles".red
+      if !options[:role] || options[:role] != "Super" && options[:role] != "User"
+        puts "You need to select one of the valid Roles (Super or User)".red
         exit 1
       else
         print "Please type the password twice for user #{value}.\n\t"
         new_password=STDIN.getpass('Password: ')
         print "\t"
         confirm=STDIN.getpass('Confirm: ')
+        password_sanity(new_password)
         if new_password == confirm
-          user_mgmt(what,value,new_password,options[:role])
+          if add_user(value,new_password,options[:role])
+            puts "User #{value} added successfully".green
+            exit 0
+          else
+            puts "Failed to add User #{value}".red
+            exit 1
+          end  
         end
       end
     end
@@ -435,15 +451,24 @@ case options
     if options[:user]
       what='user'
       value=options[:user]
-      if confirm_action("Are you sure you want to delete the #{what} #{value}")
-        puts "Deleting #{what} #{value}".green if !$QUIET
-        if delete_user(value)
-          puts "#{value} successfully deleted.".green
+      secretinfo = api_caller({"action" => "check-secret"},true)
+      if secretinfo['error']
+        err_msg = JSON.parse(secretinfo)
+        puts err_msg['error'].red
+        puts "You cannot delete users if you don't have the Server Secret."
+        exit 1
+      end
+      if secretinfo['success']
+        if confirm_action("Are you sure you want to delete the #{what} #{value}")
+          puts "Deleting #{what} #{value}".green if !$QUIET
+          if delete_user(value)
+            puts "#{value} successfully deleted.".green
+          else
+            puts "#{value} failed to be deleted.".red
+          end
         else
-          puts "#{value} failed to be deleted.".red
+          puts "Deleting #{what} cancelled.".green
         end
-      else
-        puts "Deleting #{what} cancelled.".green
       end
     end
     if !what
@@ -452,17 +477,116 @@ case options
     end
   when -> (o) { o[:options] }
     if options[:user]
-      print "Please confirm #{options[:user]} password.\n\t"
-      current_password=STDIN.getpass('Password: ')
-      if token = user_login(options[:user],current_password)
-        print "\n Change [P]assword, [U]sername, [R]ole :[P/U/R]: "
-        confirm=STDIN.gets.chomp
-      else
-        puts "User Check Failed".red
+      user_work=check_string_sanity(options[:user])
+      tokeninfo = api_caller({"action" => "token-payload", "token" => "#{$config['TOKEN']}"})
+      if tokeninfo['error']
+        puts "Your token seems invalid, please login again (-l or -c)".red
         exit 1
       end
+      auth_user = ''
+      role_user = ''
+      if tokeninfo['success']
+        payload = tokeninfo['payload']
+        tkdata = JSON.parse(payload)
+        auth_user = tkdata[0]['data']['user'].clone
+        role_user = tkdata[0]['data']['role'].clone
+        puts "Current user is #{auth_user}".green
+      end
+
+      secretinfo = api_caller({"action" => "check-secret"},true)
+      if secretinfo['error']
+        err_msg = JSON.parse(secretinfo)
+        puts err_msg['error'].red
+        puts "You will only be able to change your own password."
+        if user_work != auth_user
+          puts "Requesting other user than your own at command line is wrong, aborting. (#{user_work} is not #{auth_user})".red
+          exit 1
+        end
+      end
+      if secretinfo['success']
+        puts secretinfo['success'].green
+        if role_user == "Super"
+          puts "You will be able to change any user on the system".green
+        else
+          if user_work != auth_user
+            puts "Having a regular user will now allow to change other users's options".yellow
+            puts "Requesting other user than your own at command line is wrong, aborting. (#{user_work} is not #{auth_user})".red
+            exit 1
+          end
+        end
+      end
+
+      if user_work == auth_user
+        print "Please type new password for user #{user_work} .\n\t"
+        new_password=STDIN.getpass('Password: ')
+        print "\t"
+        check_password=STDIN.getpass('Confirm: ')
+        if new_password != check_password
+          puts "Passwords won't match, try again.".red
+          exit 1
+        end
+        if change_user_password(auth_user,check_password)
+          puts "Password changed successfully".green
+          exit 0
+        else
+          puts "Could not change user password.".red
+          exit 1
+        end
+      end
+
+      if user_work != auth_user && secretinfo['success']
+        print "\n Change [P]assword, [U]sername, [R]ole from user #{user_work} :[P/U/R]: "
+        opt_action=STDIN.gets.chomp
+        if opt_action == "P"
+          print "Please type new password for user #{user_work} .\n\t"
+          new_password=STDIN.getpass('Password: ')
+          print "\t"
+          check_password=STDIN.getpass('Confirm: ')
+          if new_password != check_password
+            puts "Passwords won't match, try again.".red
+            exit 1
+          end
+          password_sanity(new_password)
+          if change_user_password(options[:user],check_password,true)
+            puts "Password changed successfully".green
+            exit 0
+          else
+            puts "Could not change user password.".red
+            exit 1
+          end
+        end
+        if opt_action == "U"
+          print "\tPlease type new username for user #{user_work} : "
+          new_user_proto=STDIN.gets.chomp
+          new_user=check_string_sanity(new_user_proto)
+          username_sanity(new_user)
+          if change_username(user_work,new_user)
+            puts "Username changed successfully".green
+            exit 0
+          else
+            puts "Could not change username.".red
+            exit 1
+          end
+        end
+        if opt_action == "R"
+          print " Please select between roles [S]uper,[U]ser for user #{user_work} :[S/U]: "
+          new_role=STDIN.gets.chomp
+          if new_role == "S" || new_role == "U"
+            role_nominal = new_role == "S" ? "Super" : "User"
+            if change_role(user_work,role_nominal)
+              puts "Username changed successfully".green
+              exit 0
+            else
+              puts "Could not change username.".red
+              exit 1
+            end
+          else
+            puts "Unknown option: #{new_role} .".red
+            exit 1
+          end
+        end
+      end
     else
-    # if !what
       puts "Got no user to work with. Exiting.".red
       exit 1
     end
@@ -498,13 +622,6 @@ case options
       upload(album_clean,usable_name,usable_desc)
     end
   when -> (l) { l[:login] }
-    server_value = cross_versions()
-    if server_value['version'] != VERSION_SIGN
-      puts "Server and Client version won't match, please make them match to continue.".red
-      puts "Remote version: #{server_value['version']}"
-      puts "Local version: #{VERSION_SIGN}"
-      exit 1
-    end
     puts "Start login process".green if !$QUIET
     if user_login
       puts "Login successful".green
@@ -524,6 +641,7 @@ case options
     test
   else
     ARGV[0] = '--help'
+    local_version
     option_parser(ARGV)
     exit 1
 end

data/lib/phoseum/phoseum-cli-lib.rb

@@ -1,4 +1,12 @@
 
+# Provide some help and options!
+#
+# Example:
+#   >> options = option_parser(ARGV)
+#   => puts options[:option]
+#
+# Arguments:
+#   ARGV: (Array or command line parameters)
 def option_parser(opts)
   options = {}
   OptionParser.new do |opts|
@@ -60,7 +68,7 @@ def option_parser(opts)
       options[:role] = r
     end
 
-    opts.on("-o", "--options", "Update options from object. Use with: [user]") do |o|
+    opts.on("-o", "--options", "Update options from User. Use with: [user]") do |o|
       options[:options] = o
     end
 
@@ -88,6 +96,15 @@ def option_parser(opts)
   return options
 end
 
+# Give yes/no prompt!
+#
+# Example:
+#   >> confirm_action("message")
+#   => You must write 'YES' to confirm, otherwise NO is assumed
+#   => message :[YES/NO]:
+#
+# Arguments:
+#   msg: (String)
 def confirm_action(msg)
   puts "You must write 'YES' to confirm, otherwise NO is assumed".yellow
   print "#{msg} :[YES/NO]: "
@@ -138,16 +155,6 @@ def client_checks
     puts "I could not find a valid SERVERURL configuration. Contains: #{$config['SERVERURL']}".red
     exit 1
   end
-  if !$config['DEFAULT_SECRET']
-    puts "I could not find the DEFAULT_SECRET from Phoseum config, this will limit our actions.".red
-    exit 1
-  elsif $config['DEFAULT_SECRET'] == 'copy-secret-from-server'
-    puts "DEFAULT_SECRET from Phoseum config. Still on self generated value, copy a valid one from the server.".red
-    exit 1
-  elsif $config['DEFAULT_SECRET'] == ''
-    puts "I could not find the DEFAULT_SECRET from Phoseum config, Variable is empty.".red
-    exit 1
-  end
   if !$config['SERVERURL']
     puts "I could not find the SERVERURL from Phoseum config, this client is then useless.".red
     exit 1
@@ -228,45 +235,31 @@ def search_image(sign,album='')
   end
 end
 
-def validate_token(token)
+def api_caller(json_body,auth=false,cli=false)
   headers = {}
-  if $config['TOKEN']
-    headers={ "bearer" => "#{$config['TOKEN']}" }
-  else
-    return false
+  if !auth
+    if $config['TOKEN']
+      headers={ "bearer" => "#{$config['TOKEN']}" }
+    else
+      return false
+    end
   end
   base = URI.parse("#{$config['SERVERURL']}")
   request = Net::HTTP::Post.new(base,headers)
-  request.body = JSON.generate({"action" => "check-token" })
-  response = Net::HTTP.start(base.hostname, $config['PORT'],
-                             :timeout => $config['CALL_TIMEOUT'],
-                             :use_ssl => base.scheme == "https",
-                             :verify_mode => OpenSSL::SSL::VERIFY_PEER,
-                             :ca_file => $config['CA_TRUST']
-                             ) do |http|
-    http.request(request)
-  end
-  begin
-    list = JSON.parse(response.body)
-    if list['error']
-      return false
+  request.body = JSON.generate(json_body)
+
+  if auth
+    if cli
+      request.basic_auth("cli", "loginNOauth")
+    else
+      request.basic_auth("auth", $config['DEFAULT_SECRET'])
     end
-    if list['success']
-      return true
+  else
+    if cli
+      request.basic_auth("cli", "loginNOauth")
     end
-  rescue
-    puts "\nThe server sent out an Error:".red
-    puts clean_html(response.body)
-    exit 1
   end
-end
 
-def cross_versions
-  headers = {}
-  base = URI.parse("#{$config['SERVERURL']}")
-  request = Net::HTTP::Post.new(base,headers)
-  request.basic_auth("cli", "loginNOauth")
-  request.body = JSON.generate({"action" => "version-check" })
   response = Net::HTTP.start(base.hostname, $config['PORT'],
                              :timeout => $config['CALL_TIMEOUT'],
                              :use_ssl => base.scheme == "https",
@@ -278,56 +271,103 @@ def cross_versions
   begin
     list = JSON.parse(response.body)
     return list
-    # if list['error']
-    #   return false
-    # end
-    # if list['success']
-    #   return true
-    # end
   rescue
-    puts "\nThe server sent out an Error:".red
-    puts clean_html(response.body)
-    exit 1
+    if !auth
+      puts "\nThe server sent out an Error:".red
+      puts clean_html(response.body)
+      exit 1
+    else
+      return '{"error": "Secret is invalid"}'
+    end
   end
 end
 
+def validate_token(token)
+  result = api_caller({"action" => "check-token" })
+  if result['error']
+    return false
+  end
+  if result['success']
+    return true
+  end
+end
 
-def delete_user(username)
-  headers = {}
-  if $config['TOKEN']
-    headers={ "bearer" => "#{$config['TOKEN']}" }
-  else
+def change_user_password(user,pass,auth=false)
+  result = api_caller({"action" => "change-password", "username" => user, "password" => pass},auth)
+  if result['error']
     return false
   end
-  base = URI.parse("#{$config['SERVERURL']}")
-  request = Net::HTTP::Post.new(base,headers)
-  request.body = JSON.generate({"action" => "delete-user", "username" => username })
-  response = Net::HTTP.start(base.hostname, $config['PORT'],
-                             :timeout => $config['CALL_TIMEOUT'],
-                             :use_ssl => base.scheme == "https",
-                             :verify_mode => OpenSSL::SSL::VERIFY_PEER,
-                             :ca_file => $config['CA_TRUST']
-                             ) do |http|
-    http.request(request)
+  if result['success']
+    return true
   end
-  begin
-    list = JSON.parse(response.body)
-    if list['error']
-      return false
-    end
-    if list['success']
-      return true
-    end
-  rescue
-    puts "\nThe server sent out an Error:".red
-    puts clean_html(response.body)
+end
+
+def change_username(user,new_user)
+  result = api_caller({"action" => "change-username", "username" => user, "new-username" => new_user},true)
+  if result['error']
+    return false
+  end
+  if result['success']
+    return true
+  end
+end
+
+def add_user(user,password,role)
+  result = api_caller({"action" => "create-user", "user" => user, "password" => password, "role" => role},true)
+  if result['error']
+    return false
+  end
+  if result['success']
+    return true
+  end
+end
+
+
+def change_role(user,new_role)
+  result = api_caller({"action" => "change-role", "username" => user, "new-role" => new_role},true)
+  if result['error']
+    return false
+  end
+  if result['success']
+    return true
+  end
+end
+
+def password_sanity(password)
+  if password.length < MIN_PASS
+    puts "New password is shorter than #{MIN_PASS} chars, please use a bigger password.".red
+    exit 1
+  end
+  if !password.test_password
+    puts "Password must be at least #{MIN_PASS} and contain at least one capital, one symbol, one number, one regular characters.".red
+    exit 1
+  end
+end
+
+def username_sanity(username)
+  if username.length < MIN_USER
+    puts "New Username is shorter than #{MIN_USER} chars, please use a bigger username.".red
     exit 1
   end
 end
 
+def cross_versions
+  return api_caller({"action" => "version-check" },true,true)
+end
+
+def delete_user(username)
+  result = api_caller({"action" => "delete-user", "username" => username},true)
+  if result['error']
+    return false
+  end
+  if result['success']
+    return true
+  end
+end
+
 def local_version
   puts "This CLI library is running version: #{VERSION_SIGN}"
   return
 end
 
-VERSION_SIGN="0.0.16"
+VERSION_SIGN="0.0.21"

data/lib/phoseum/phoseum-common-lib.rb

@@ -1,17 +1,51 @@
+MIN_USER = 3
+MIN_PASS = 7
+
 class String
   def remove_non_ascii(replacement='')
-      n=self.split("")
-      self.slice!(0..self.size)
-      n.each { |b|
-       if b.ord < 48 || b.ord > 57 && b.ord < 65 || b.ord > 90 && b.ord < 97 || b.ord > 122 then
-         self.concat(replacement)
-       else
-         self.concat(b)
-       end
-      }
-      self.to_s
-    end
+    n=self.split("")
+    self.slice!(0..self.size)
+    n.each { |b|
+     if b.ord < 48 || b.ord > 57 && b.ord < 65 || b.ord > 90 && b.ord < 97 || b.ord > 122 then
+       self.concat(replacement)
+     else
+       self.concat(b)
+     end
+    }
+    self.to_s
+  end
 
+  def test_password()
+    symbol = false
+    number = false
+    capital= false
+    regular= false
+    all_valid= true
+    puts "Testing #{self}"
+    n=self.split("")
+    self.slice!(0..self.size)
+    n.each { |b|
+     # test symbols
+     if b.ord > 32 && b.ord < 48 || b.ord > 58 && b.ord < 65 || b.ord > 91 && b.ord < 97 || b.ord > 123 && b.ord < 126 then
+       symbol = true
+     # test capital letters
+     elsif b.ord > 65 && b.ord < 91 then
+       capital = true
+     # test numbers
+     elsif b.ord > 47 && b.ord < 58 then
+       number = true
+     # test regular alphabet
+     elsif b.ord > 96 && b.ord < 123 then
+       regular = true
+     else
+       # com character out of the acceptable ranges
+       all_valid = false
+     end
+    }
+    if symbol && capital && number && regular && all_valid
+      return true
+    end
+  end
 end
 
 def check_string_sanity(album)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: phoseum-cli
 version: !ruby/object:Gem::Version
-  version: 0.0.16
+  version: 0.0.21
 platform: ruby
 authors:
 - Julio C Hegedus
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-10-13 00:00:00.000000000 Z
+date: 2020-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: yaml