proxes 0.9.13 → 0.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. checksums.yaml +4 -4
  2. data/lib/ditty/components/proxes.rb +61 -16
  3. data/lib/proxes/controllers/permissions.rb +1 -6
  4. data/lib/proxes/controllers/search.rb +12 -10
  5. data/lib/proxes/controllers/status.rb +23 -86
  6. data/lib/proxes/controllers/status_checks.rb +18 -0
  7. data/lib/proxes/forwarder.rb +44 -20
  8. data/lib/proxes/middleware/error_handling.rb +5 -3
  9. data/lib/proxes/middleware/security.rb +4 -3
  10. data/lib/proxes/models/permission.rb +47 -3
  11. data/lib/proxes/models/status_check.rb +76 -0
  12. data/lib/proxes/models/status_checks/cluster_health_status_check.rb +19 -0
  13. data/lib/proxes/models/status_checks/cpu_status_check.rb +29 -0
  14. data/lib/proxes/models/status_checks/file_system_status_check.rb +32 -0
  15. data/lib/proxes/models/status_checks/jvm_heap_status_check.rb +28 -0
  16. data/lib/proxes/models/status_checks/memory_status_check.rb +29 -0
  17. data/lib/proxes/models/status_checks/nodes_status_check.rb +53 -0
  18. data/lib/proxes/policies/permission_policy.rb +3 -3
  19. data/lib/proxes/policies/request/bulk_policy.rb +0 -12
  20. data/lib/proxes/policies/request/create_policy.rb +0 -3
  21. data/lib/proxes/policies/request/index_policy.rb +0 -5
  22. data/lib/proxes/policies/request/mget_policy.rb +12 -0
  23. data/lib/proxes/policies/request/msearch_policy.rb +12 -0
  24. data/lib/proxes/policies/request/root_policy.rb +0 -3
  25. data/lib/proxes/policies/request/snapshot_policy.rb +0 -3
  26. data/lib/proxes/policies/request_policy.rb +24 -25
  27. data/lib/proxes/policies/search_policy.rb +6 -2
  28. data/lib/proxes/policies/status_check_policy.rb +37 -0
  29. data/lib/proxes/request.rb +19 -5
  30. data/lib/proxes/request/bulk.rb +8 -24
  31. data/lib/proxes/request/cat.rb +6 -0
  32. data/lib/proxes/request/create.rb +4 -0
  33. data/lib/proxes/request/index.rb +4 -0
  34. data/lib/proxes/request/mget.rb +24 -0
  35. data/lib/proxes/request/msearch.rb +24 -0
  36. data/lib/proxes/request/multi.rb +40 -0
  37. data/lib/proxes/request/search.rb +4 -0
  38. data/lib/proxes/request/stats.rb +4 -0
  39. data/lib/proxes/services/es.rb +5 -1
  40. data/lib/proxes/services/listener.rb +29 -6
  41. data/lib/proxes/services/search.rb +4 -1
  42. data/lib/proxes/version.rb +1 -1
  43. data/migrate/20180908_index_specific_permissions.rb +9 -0
  44. data/migrate/20190109_add_status_checks_table.rb +17 -0
  45. data/views/layout.haml +17 -6
  46. metadata +81 -25
  47. data/lib/proxes/helpers/indices.rb +0 -35
@@ -32,6 +32,10 @@ module ProxES
32
32
  def indices?
33
33
  type != ['scroll']
34
34
  end
35
+
36
+ def indices
37
+ @index || []
38
+ end
35
39
  end
36
40
  end
37
41
  end
@@ -30,6 +30,10 @@ module ProxES
30
30
  def indices?
31
31
  true
32
32
  end
33
+
34
+ def indices
35
+ @index || []
36
+ end
33
37
  end
34
38
  end
35
39
  end
@@ -1,6 +1,8 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require 'openssl'
4
+ require 'typhoeus'
5
+ require 'typhoeus/adapters/faraday'
4
6
  require 'elasticsearch'
5
7
  require 'ditty/services/logger'
6
8
 
@@ -16,7 +18,9 @@ module ProxES
16
18
  cert_store: ssl_store
17
19
  }
18
20
  },
19
- logger: Ditty::Services::Logger.instance
21
+ log: ENV['APP_ENV'] == 'development',
22
+ logger: Ditty::Services::Logger,
23
+ request_timeout: (ENV['ELASTICSEARCH_REQUEST_TIMEOUT'] || 300).to_i
20
24
  )
21
25
  end
22
26
 
@@ -3,26 +3,49 @@
3
3
  require 'wisper'
4
4
  require 'ditty/models/audit_log'
5
5
  require 'ditty/services/logger'
6
+ require 'browser/browser'
6
7
 
7
8
  module ProxES
8
9
  class Listener
10
+ def user_login(details)
11
+ target = details[:target]
12
+ if target.request.session['omniauth.origin'].nil? && target.request.accept?('text/html')
13
+ target.request.session['omniauth.origin'] = '/_proxes'
14
+ end
15
+ end
16
+
9
17
  def es_request_failed(request, response)
10
18
  Ditty::AuditLog.create(
11
- action: :es_request_failed,
12
- user: request.user,
13
- details: "#{request.detail} > #{response[0]}"
19
+ user_traits(request).merge(
20
+ action: :es_request_failed,
21
+ user: request.user,
22
+ details: "#{request.detail} > #{response[0]}"
23
+ )
14
24
  )
15
25
  end
16
26
 
17
27
  def es_request_denied(request, exception = nil)
18
28
  detail = request.detail
19
29
  detail = "#{detail} - #{exception.class}" if exception
30
+ Ditty::Services::Logger.error exception if exception
20
31
  Ditty::AuditLog.create(
21
- action: :es_request_denied,
22
- user: request.user,
23
- details: detail
32
+ user_traits(request).merge(
33
+ action: :es_request_denied,
34
+ user: request.user,
35
+ details: detail
36
+ )
24
37
  )
25
38
  end
39
+
40
+ def user_traits(request)
41
+ browser = Browser.new(request.user_agent, accept_language: request.env['HTTP_ACCEPT_LANGUAGE'])
42
+ {
43
+ platform: browser.platform.name,
44
+ device: browser.device.name,
45
+ browser: browser.name,
46
+ ip_address: request.ip
47
+ }
48
+ end
26
49
  end
27
50
  end
28
51
 
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'proxes/services/es'
2
4
 
3
5
  # TODO: This needs to be filtered.
@@ -9,7 +11,7 @@ module ProxES
9
11
  include ES
10
12
 
11
13
  def indices
12
- client.indices.get_mapping(index: '_all').keys
14
+ client.indices.get_mapping(index: '_all', ignore: 404).keys
13
15
  end
14
16
 
15
17
  def fields(index: '_all', names_only: false)
@@ -17,6 +19,7 @@ module ProxES
17
19
  client.indices.get_mapping(index: index).each do |_idx, index_map|
18
20
  index_map['mappings'].each do |_type, type_map|
19
21
  next if type_map['properties'].nil?
22
+
20
23
  type_map['properties'].each do |name, details|
21
24
  if details['type'] != 'keyword' && details['fields'] && (names_only == false)
22
25
  keyword = details['fields'].find do |v|
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module ProxES
4
- VERSION = '0.9.13'.freeze
4
+ VERSION = '0.10.1'
5
5
  end
@@ -0,0 +1,9 @@
1
+ # frozen_string_literal: true
2
+
3
+ Sequel.migration do
4
+ change do
5
+ alter_table :permissions do
6
+ add_column :index, String, default: '*', null: false
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,17 @@
1
+ # frozen_string_literal: true
2
+
3
+ Sequel.migration do
4
+ change do
5
+ create_table :status_checks do
6
+ primary_key :id
7
+ String :type, nullable: false
8
+ String :name, nullable: false
9
+ String :source, nullable: false
10
+ String :required_value, nullable: true, default: nil
11
+ Integer :order, nullable: false, default: 1
12
+ DateTime :created_at, default: Sequel::CURRENT_TIMESTAMP
13
+ DateTime :updated_at, default: Sequel::CURRENT_TIMESTAMP
14
+ unique [:name]
15
+ end
16
+ end
17
+ end
@@ -6,13 +6,13 @@
6
6
  %meta{ name: 'viewport', content: 'width=device-width, initial-scale=1' }
7
7
  %meta{ name: 'theme-color', content: '#ffffff' }
8
8
  %link{ rel: 'manifest', href: '/_proxes/manifest.json' }
9
- %link{ rel: 'icon', type: 'image/png', sizes: '32x32', href: '/_proxes/images/favicon-32x32.png' }
10
- %link{ rel: 'icon', type: 'image/png', sizes: '16x16', href: '/_proxes/images/favicon-16x16.png' }
9
+ %link{ rel: 'shortcut icon', type: 'image/png', sizes: '32x32', href: '/_proxes/images/favicon-32x32.png' }
10
+ %link{ rel: 'shortcut icon', type: 'image/png', sizes: '16x16', href: '/_proxes/images/favicon-16x16.png' }
11
11
  %link{ rel: 'apple-touch-icon', sizes: '76x76', href: '/_proxes/images/apple-icon.png' }
12
12
  %link{ rel: 'mask-icon', href: '/_proxes/images/safari-pinned-tab.svg', color: '#5bbad5' }
13
13
 
14
14
  %title
15
- ProxES
15
+ = config('ditty.title', 'ProxES')
16
16
  - if defined? title
17
17
  = "- #{title}"
18
18
 
@@ -24,6 +24,8 @@
24
24
  %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/startbootstrap-sb-admin-2/3.3.7+1/css/sb-admin-2.min.css', media: 'screen' }
25
25
  %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/metisMenu/2.5.2/metisMenu.min.css', media: 'screen' }
26
26
  %link{ rel: 'stylesheet', href: 'https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css', media: 'screen' }
27
+ %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/select2.min.css', media: 'screen' }
28
+ %link{ rel: 'stylesheet', href: '/_proxes/css/typeahead.css', media: 'screen' }
27
29
  /[if lt IE 9] <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js"></script>
28
30
  /[if lt IE 9] <script src="https://cdnjs.cloudflare.com/ajax/libs/respond.js/1.4.2/respond.min.js"></script>
29
31
 
@@ -33,11 +35,17 @@
33
35
  %body
34
36
  #wrapper
35
37
  = haml :'partials/navbar', locals: { title: (defined?(title) ? title : 'ProxES') }
36
- #page-wrapper{ style: 'opacity: 0.8' }
38
+ #page-wrapper
39
+ -if defined?(title) || defined?(actions)
40
+ .row
41
+ %h1.col-md-9= defined?(title) ? title : '&nbsp'
42
+ .col-md-3.text-right{ style: 'margin-top: 20px' }
43
+ = haml :'partials/actions', locals: { actions: defined?(actions) ? actions : {} }
44
+ -else
45
+ %div{ style: 'padding-top: 20px' }
46
+
37
47
  .row
38
48
  .col-md-12
39
- -if defined? title
40
- %h1.page-header= title
41
49
  = haml :'partials/notifications'
42
50
 
43
51
  = yield
@@ -52,9 +60,12 @@
52
60
  %script{ type: 'text/javascript', src: 'https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js' }
53
61
  %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/15.4.1/react.min.js' }
54
62
  %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/15.4.1/react-dom.min.js' }
63
+ %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.js' }
64
+ %script{ type: 'text/javascript', src: '/_proxes/js/typeahead.bundle.min.js' }
55
65
  %script{ type: 'text/javascript', src: '/_proxes/js/bundle.js' }
56
66
  :javascript
57
67
  $(function() {
58
68
  $('.sidebar-nav').metisMenu();
69
+ $('.select2').select2();
59
70
  });
60
71
 
metadata CHANGED
@@ -1,29 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: proxes
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.13
4
+ version: 0.10.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jurgens du Toit
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-09-06 00:00:00.000000000 Z
11
+ date: 2019-02-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '1.12'
19
+ version: '1'
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: '1.12'
26
+ version: '1'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: database_cleaner
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -94,6 +94,34 @@ dependencies:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
96
  version: '3.0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rspec_sequel_matchers
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: 0.4.0
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: 0.4.0
111
+ - !ruby/object:Gem::Dependency
112
+ name: sequel-annotate
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
97
125
  - !ruby/object:Gem::Dependency
98
126
  name: timecop
99
127
  requirement: !ruby/object:Gem::Requirement
@@ -150,20 +178,34 @@ dependencies:
150
178
  - - "~>"
151
179
  - !ruby/object:Gem::Version
152
180
  version: '3.1'
181
+ - !ruby/object:Gem::Dependency
182
+ name: browser
183
+ requirement: !ruby/object:Gem::Requirement
184
+ requirements:
185
+ - - "~>"
186
+ - !ruby/object:Gem::Version
187
+ version: '2.5'
188
+ type: :runtime
189
+ prerelease: false
190
+ version_requirements: !ruby/object:Gem::Requirement
191
+ requirements:
192
+ - - "~>"
193
+ - !ruby/object:Gem::Version
194
+ version: '2.5'
153
195
  - !ruby/object:Gem::Dependency
154
196
  name: ditty
155
197
  requirement: !ruby/object:Gem::Requirement
156
198
  requirements:
157
199
  - - ">="
158
200
  - !ruby/object:Gem::Version
159
- version: 0.7.0
201
+ version: 0.8.0
160
202
  type: :runtime
161
203
  prerelease: false
162
204
  version_requirements: !ruby/object:Gem::Requirement
163
205
  requirements:
164
206
  - - ">="
165
207
  - !ruby/object:Gem::Version
166
- version: 0.7.0
208
+ version: 0.8.0
167
209
  - !ruby/object:Gem::Dependency
168
210
  name: elasticsearch
169
211
  requirement: !ruby/object:Gem::Requirement
@@ -234,20 +276,6 @@ dependencies:
234
276
  - - "~>"
235
277
  - !ruby/object:Gem::Version
236
278
  version: '1.0'
237
- - !ruby/object:Gem::Dependency
238
- name: net-http-persistent
239
- requirement: !ruby/object:Gem::Requirement
240
- requirements:
241
- - - ">="
242
- - !ruby/object:Gem::Version
243
- version: '0'
244
- type: :runtime
245
- prerelease: false
246
- version_requirements: !ruby/object:Gem::Requirement
247
- requirements:
248
- - - ">="
249
- - !ruby/object:Gem::Version
250
- version: '0'
251
279
  - !ruby/object:Gem::Dependency
252
280
  name: omniauth
253
281
  requirement: !ruby/object:Gem::Requirement
@@ -402,6 +430,20 @@ dependencies:
402
430
  - - ">="
403
431
  - !ruby/object:Gem::Version
404
432
  version: '2'
433
+ - !ruby/object:Gem::Dependency
434
+ name: typhoeus
435
+ requirement: !ruby/object:Gem::Requirement
436
+ requirements:
437
+ - - ">="
438
+ - !ruby/object:Gem::Version
439
+ version: '0'
440
+ type: :runtime
441
+ prerelease: false
442
+ version_requirements: !ruby/object:Gem::Requirement
443
+ requirements:
444
+ - - ">="
445
+ - !ruby/object:Gem::Version
446
+ version: '0'
405
447
  - !ruby/object:Gem::Dependency
406
448
  name: wisper
407
449
  requirement: !ruby/object:Gem::Requirement
@@ -432,30 +474,43 @@ files:
432
474
  - lib/proxes/controllers/permissions.rb
433
475
  - lib/proxes/controllers/search.rb
434
476
  - lib/proxes/controllers/status.rb
477
+ - lib/proxes/controllers/status_checks.rb
435
478
  - lib/proxes/forwarder.rb
436
- - lib/proxes/helpers/indices.rb
437
479
  - lib/proxes/loggers/elasticsearch.rb
438
480
  - lib/proxes/middleware/error_handling.rb
439
481
  - lib/proxes/middleware/metrics.rb
440
482
  - lib/proxes/middleware/security.rb
441
483
  - lib/proxes/models/permission.rb
484
+ - lib/proxes/models/status_check.rb
485
+ - lib/proxes/models/status_checks/cluster_health_status_check.rb
486
+ - lib/proxes/models/status_checks/cpu_status_check.rb
487
+ - lib/proxes/models/status_checks/file_system_status_check.rb
488
+ - lib/proxes/models/status_checks/jvm_heap_status_check.rb
489
+ - lib/proxes/models/status_checks/memory_status_check.rb
490
+ - lib/proxes/models/status_checks/nodes_status_check.rb
442
491
  - lib/proxes/policies/permission_policy.rb
443
492
  - lib/proxes/policies/request/bulk_policy.rb
444
493
  - lib/proxes/policies/request/cat_policy.rb
445
494
  - lib/proxes/policies/request/create_policy.rb
446
495
  - lib/proxes/policies/request/index_policy.rb
496
+ - lib/proxes/policies/request/mget_policy.rb
497
+ - lib/proxes/policies/request/msearch_policy.rb
447
498
  - lib/proxes/policies/request/root_policy.rb
448
499
  - lib/proxes/policies/request/search_policy.rb
449
500
  - lib/proxes/policies/request/snapshot_policy.rb
450
501
  - lib/proxes/policies/request/stats_policy.rb
451
502
  - lib/proxes/policies/request_policy.rb
452
503
  - lib/proxes/policies/search_policy.rb
504
+ - lib/proxes/policies/status_check_policy.rb
453
505
  - lib/proxes/policies/status_policy.rb
454
506
  - lib/proxes/request.rb
455
507
  - lib/proxes/request/bulk.rb
456
508
  - lib/proxes/request/cat.rb
457
509
  - lib/proxes/request/create.rb
458
510
  - lib/proxes/request/index.rb
511
+ - lib/proxes/request/mget.rb
512
+ - lib/proxes/request/msearch.rb
513
+ - lib/proxes/request/multi.rb
459
514
  - lib/proxes/request/root.rb
460
515
  - lib/proxes/request/search.rb
461
516
  - lib/proxes/request/snapshot.rb
@@ -466,6 +521,8 @@ files:
466
521
  - lib/proxes/version.rb
467
522
  - migrate/20170209_permissions.rb
468
523
  - migrate/20170416_user_specific_permissions.rb
524
+ - migrate/20180908_index_specific_permissions.rb
525
+ - migrate/20190109_add_status_checks_table.rb
469
526
  - public/browserconfig.xml
470
527
  - public/manifest.json
471
528
  - views/index.haml
@@ -489,8 +546,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
489
546
  - !ruby/object:Gem::Version
490
547
  version: '0'
491
548
  requirements: []
492
- rubyforge_project:
493
- rubygems_version: 2.7.7
549
+ rubygems_version: 3.0.2
494
550
  signing_key:
495
551
  specification_version: 4
496
552
  summary: Rack wrapper around Elasticsearch to provide security and management features
@@ -1,35 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'active_support'
4
- require 'active_support/core_ext/object/blank'
5
-
6
- module ProxES
7
- module Helpers
8
- module Indices
9
- def filter(asked, against)
10
- return against.map { |a| a.gsub(/\.\*/, '*') } if asked == ['*'] || asked.blank?
11
-
12
- answer = []
13
- against.each do |pattern|
14
- answer.concat(asked.select { |idx| idx =~ /#{pattern}/ })
15
- end
16
- answer
17
- end
18
-
19
- def patterns
20
- current_user = user || Ditty::User.anonymous_user
21
- return [] if current_user.nil?
22
- patterns_for('INDEX').map do |permission|
23
- return nil if permission.pattern.blank?
24
- permission.pattern.gsub(/\{user.(.*)\}/) { |_match| current_user.send(Regexp.last_match[1].to_sym) }
25
- end.compact
26
- end
27
-
28
- def patterns_for(action)
29
- current_user = user || Ditty::User.anonymous_user
30
- return [] if current_user.nil?
31
- Permission.for_user(current_user, action)
32
- end
33
- end
34
- end
35
- end