proxes 0.9.7 → 0.9.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- metadata +4 -92
- data/.codeclimate.yml +0 -24
- data/.gitignore +0 -20
- data/.pryrc +0 -6
- data/.rspec +0 -2
- data/.rubocop.yml +0 -15
- data/.ruby-version +0 -1
- data/.travis.yml +0 -46
- data/Dockerfile +0 -42
- data/Gemfile +0 -4
- data/Gemfile.ci +0 -23
- data/Gemfile.deploy +0 -8
- data/Gemfile.deploy.lock +0 -147
- data/Gemfile.dev +0 -13
- data/LICENSE.txt +0 -8
- data/README.md +0 -98
- data/Rakefile +0 -23
- data/Vagrantfile +0 -47
- data/config.ru +0 -71
- data/config/puma.rb +0 -15
- data/config/settings.yml +0 -7
- data/deploy_docker.sh +0 -8
- data/docker-compose.yml +0 -20
- data/gulpfile.js +0 -80
- data/lib/ditty/components/proxes.rb +0 -80
- data/lib/proxes/controllers/permissions.rb +0 -41
- data/lib/proxes/controllers/search.rb +0 -45
- data/lib/proxes/controllers/status.rb +0 -115
- data/lib/proxes/forwarder.rb +0 -49
- data/lib/proxes/helpers/indices.rb +0 -33
- data/lib/proxes/loggers/elasticsearch.rb +0 -10
- data/lib/proxes/middleware/error_handling.rb +0 -62
- data/lib/proxes/middleware/metrics.rb +0 -25
- data/lib/proxes/middleware/security.rb +0 -59
- data/lib/proxes/models/permission.rb +0 -53
- data/lib/proxes/policies/permission_policy.rb +0 -37
- data/lib/proxes/policies/request/bulk_policy.rb +0 -24
- data/lib/proxes/policies/request/cat_policy.rb +0 -12
- data/lib/proxes/policies/request/create_policy.rb +0 -15
- data/lib/proxes/policies/request/index_policy.rb +0 -19
- data/lib/proxes/policies/request/root_policy.rb +0 -13
- data/lib/proxes/policies/request/search_policy.rb +0 -14
- data/lib/proxes/policies/request/snapshot_policy.rb +0 -15
- data/lib/proxes/policies/request/stats_policy.rb +0 -12
- data/lib/proxes/policies/request_policy.rb +0 -65
- data/lib/proxes/policies/status_policy.rb +0 -21
- data/lib/proxes/request.rb +0 -84
- data/lib/proxes/request/bulk.rb +0 -40
- data/lib/proxes/request/cat.rb +0 -32
- data/lib/proxes/request/create.rb +0 -33
- data/lib/proxes/request/index.rb +0 -33
- data/lib/proxes/request/root.rb +0 -11
- data/lib/proxes/request/search.rb +0 -37
- data/lib/proxes/request/snapshot.rb +0 -17
- data/lib/proxes/request/stats.rb +0 -35
- data/lib/proxes/services/es.rb +0 -34
- data/lib/proxes/services/listener.rb +0 -29
- data/lib/proxes/services/search.rb +0 -43
- data/lib/proxes/version.rb +0 -5
- data/migrate/20170209_permissions.rb +0 -13
- data/migrate/20170416_user_specific_permissions.rb +0 -9
- data/package.json +0 -35
- data/proxes.gemspec +0 -53
- data/public/browserconfig.xml +0 -9
- data/public/css/typeahead.css +0 -94
- data/public/images/apple-icon.png +0 -0
- data/public/images/favicon-16x16.png +0 -0
- data/public/images/favicon-32x32.png +0 -0
- data/public/images/launcher-icon-1x.png +0 -0
- data/public/images/launcher-icon-2x.png +0 -0
- data/public/images/launcher-icon-4x.png +0 -0
- data/public/images/mstile-150x150.png +0 -0
- data/public/images/safari-pinned-tab.svg +0 -43
- data/public/js/bundle.js +0 -43636
- data/public/js/typeahead.bundle.min.js +0 -8
- data/public/js/vendors.js +0 -1
- data/public/manifest.json +0 -25
- data/src/scripts/app.js +0 -12
- data/startup.sh +0 -19
- data/views/index.haml +0 -1
- data/views/layout.haml +0 -60
- data/views/partials/navbar.haml +0 -25
- data/views/permissions/display.haml +0 -27
- data/views/permissions/edit.haml +0 -11
- data/views/permissions/form.haml +0 -4
- data/views/permissions/index.haml +0 -32
- data/views/permissions/new.haml +0 -10
- data/views/search/index.haml +0 -95
- data/views/status/check.haml +0 -12
@@ -1,53 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'ditty/models/base'
|
4
|
-
require 'ditty/models/user'
|
5
|
-
require 'ditty/models/role'
|
6
|
-
|
7
|
-
module ProxES
|
8
|
-
class Permission < ::Sequel::Model
|
9
|
-
include ::Ditty::Base
|
10
|
-
|
11
|
-
many_to_one :role, class: ::Ditty::Role
|
12
|
-
many_to_one :user, class: ::Ditty::User
|
13
|
-
|
14
|
-
dataset_module do
|
15
|
-
def for_user(a_user, action)
|
16
|
-
where(verb: action).where { Sequel.|({ role: a_user.roles }, { user_id: a_user.id }) }
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
20
|
-
def validate
|
21
|
-
validates_presence %i[verb pattern]
|
22
|
-
validates_presence :role_id unless user_id
|
23
|
-
validates_presence :user_id unless role_id
|
24
|
-
validates_includes self.class.verbs, :verb
|
25
|
-
end
|
26
|
-
|
27
|
-
class << self
|
28
|
-
def verbs
|
29
|
-
%w[GET POST PUT DELETE HEAD OPTIONS TRACE INDEX]
|
30
|
-
end
|
31
|
-
|
32
|
-
def from_audit_log(audit_log)
|
33
|
-
match = audit_log.details.match(/^(\w)+ (\S+)/)
|
34
|
-
{
|
35
|
-
verb: match[1],
|
36
|
-
path: match[2]
|
37
|
-
}
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
module Ditty
|
44
|
-
class User < ::Sequel::Model
|
45
|
-
one_to_many :permissions, class: ::ProxES::Permission
|
46
|
-
end
|
47
|
-
end
|
48
|
-
|
49
|
-
module Ditty
|
50
|
-
class Role < ::Sequel::Model
|
51
|
-
one_to_many :permissions, class: ::ProxES::Permission
|
52
|
-
end
|
53
|
-
end
|
@@ -1,37 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'ditty/policies/application_policy'
|
4
|
-
|
5
|
-
module ProxES
|
6
|
-
class PermissionPolicy < Ditty::ApplicationPolicy
|
7
|
-
def create?
|
8
|
-
user && user.super_admin?
|
9
|
-
end
|
10
|
-
|
11
|
-
def list?
|
12
|
-
create?
|
13
|
-
end
|
14
|
-
|
15
|
-
def read?
|
16
|
-
create?
|
17
|
-
end
|
18
|
-
|
19
|
-
def update?
|
20
|
-
read?
|
21
|
-
end
|
22
|
-
|
23
|
-
def delete?
|
24
|
-
create?
|
25
|
-
end
|
26
|
-
|
27
|
-
def permitted_attributes
|
28
|
-
%i[verb pattern role_id user_id]
|
29
|
-
end
|
30
|
-
|
31
|
-
class Scope < Ditty::ApplicationPolicy::Scope
|
32
|
-
def resolve
|
33
|
-
user && user.super_admin? ? scope : scope.where(id: -1)
|
34
|
-
end
|
35
|
-
end
|
36
|
-
end
|
37
|
-
end
|
@@ -1,24 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'active_support'
|
4
|
-
require 'active_support/core_ext/object/blank'
|
5
|
-
require 'proxes/policies/request_policy'
|
6
|
-
|
7
|
-
module ProxES
|
8
|
-
class Request
|
9
|
-
class BulkPolicy < RequestPolicy
|
10
|
-
def post?
|
11
|
-
return false if user.nil? ||
|
12
|
-
(request.index && !index_allowed?) ||
|
13
|
-
(request.bulk_indices == '' || patterns.blank?)
|
14
|
-
|
15
|
-
patterns.find do |pattern|
|
16
|
-
request.bulk_indices.find { |idx| idx !~ /#{pattern}/ }
|
17
|
-
end.nil?
|
18
|
-
end
|
19
|
-
|
20
|
-
class Scope < RequestPolicy::Scope
|
21
|
-
end
|
22
|
-
end
|
23
|
-
end
|
24
|
-
end
|
@@ -1,15 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'proxes/policies/request_policy'
|
4
|
-
|
5
|
-
module ProxES
|
6
|
-
class Request
|
7
|
-
class CreatePolicy < RequestPolicy
|
8
|
-
class Scope < RequestPolicy::Scope
|
9
|
-
def resolve
|
10
|
-
super.count > 0 ? request.index : []
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|
15
|
-
end
|
@@ -1,19 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'ditty/db'
|
4
|
-
require 'proxes/models/permission'
|
5
|
-
require 'proxes/policies/request_policy'
|
6
|
-
|
7
|
-
module ProxES
|
8
|
-
class Request
|
9
|
-
class IndexPolicy < RequestPolicy
|
10
|
-
class Scope < RequestPolicy::Scope
|
11
|
-
def resolve
|
12
|
-
result = super
|
13
|
-
return [] unless result.count > 0
|
14
|
-
%w[POST PUT].include?(request.request_method) ? request.index : result
|
15
|
-
end
|
16
|
-
end
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|
@@ -1,14 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'active_support'
|
4
|
-
require 'active_support/core_ext/object/blank'
|
5
|
-
require 'proxes/policies/request_policy'
|
6
|
-
|
7
|
-
module ProxES
|
8
|
-
class Request
|
9
|
-
class SearchPolicy < RequestPolicy
|
10
|
-
class Scope < RequestPolicy::Scope
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|
@@ -1,65 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'active_support'
|
4
|
-
require 'active_support/core_ext/object/blank'
|
5
|
-
require 'ditty/services/logger'
|
6
|
-
require 'proxes/models/permission'
|
7
|
-
require 'proxes/helpers/indices'
|
8
|
-
|
9
|
-
module ProxES
|
10
|
-
class RequestPolicy
|
11
|
-
include Helpers::Indices
|
12
|
-
|
13
|
-
attr_reader :user, :record
|
14
|
-
alias request record
|
15
|
-
|
16
|
-
def initialize(user, record)
|
17
|
-
@user = user
|
18
|
-
@record = record
|
19
|
-
end
|
20
|
-
|
21
|
-
def method_missing(method_sym, *arguments, &block)
|
22
|
-
return super if method_sym.to_s[-1] != '?'
|
23
|
-
|
24
|
-
return false if request.indices? && !index_allowed?
|
25
|
-
action_allowed? method_sym[0..-2].upcase
|
26
|
-
end
|
27
|
-
|
28
|
-
def respond_to_missing?(name, _include_private = false)
|
29
|
-
name[-1] == '?'
|
30
|
-
end
|
31
|
-
|
32
|
-
def index_allowed?
|
33
|
-
patterns = patterns_for('INDEX').map do |permission|
|
34
|
-
return nil if permission.pattern.blank?
|
35
|
-
permission.pattern.gsub(/\{user.(.*)\}/) { |_match| user.send(Regexp.last_match[1].to_sym) }
|
36
|
-
end
|
37
|
-
filter(request.index, patterns).count > 0
|
38
|
-
end
|
39
|
-
|
40
|
-
def action_allowed?(action)
|
41
|
-
# Give me all the user's permissions that match the verb
|
42
|
-
patterns_for(action).each do |permission|
|
43
|
-
return true unless (request.path =~ /#{permission.pattern}/).nil?
|
44
|
-
end
|
45
|
-
false
|
46
|
-
end
|
47
|
-
|
48
|
-
class Scope
|
49
|
-
include Helpers::Indices
|
50
|
-
|
51
|
-
attr_reader :user, :scope
|
52
|
-
alias request scope
|
53
|
-
|
54
|
-
def initialize(user, scope)
|
55
|
-
@user = user
|
56
|
-
@scope = scope
|
57
|
-
end
|
58
|
-
|
59
|
-
def resolve
|
60
|
-
return [] if user.nil?
|
61
|
-
filter request.index, patterns
|
62
|
-
end
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
@@ -1,21 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'ditty/policies/application_policy'
|
4
|
-
|
5
|
-
module ProxES
|
6
|
-
class StatusPolicy < Ditty::ApplicationPolicy
|
7
|
-
def check?
|
8
|
-
user
|
9
|
-
end
|
10
|
-
|
11
|
-
def list?
|
12
|
-
check?
|
13
|
-
end
|
14
|
-
|
15
|
-
class Scope < Ditty::ApplicationPolicy::Scope
|
16
|
-
def resolve
|
17
|
-
[]
|
18
|
-
end
|
19
|
-
end
|
20
|
-
end
|
21
|
-
end
|
data/lib/proxes/request.rb
DELETED
@@ -1,84 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'rack'
|
4
|
-
|
5
|
-
module ProxES
|
6
|
-
class Request < Rack::Request
|
7
|
-
ID_ENDPOINTS = %w[_create _explain _mlt _percolate _source _termvector _update].freeze
|
8
|
-
WRITE_METHODS = %w[POST PUT DELETE].freeze
|
9
|
-
|
10
|
-
def initialize(env)
|
11
|
-
@started = Time.now.to_f
|
12
|
-
super
|
13
|
-
parse
|
14
|
-
end
|
15
|
-
|
16
|
-
def endpoint
|
17
|
-
path_parts[0]
|
18
|
-
end
|
19
|
-
|
20
|
-
def parse
|
21
|
-
path_parts
|
22
|
-
end
|
23
|
-
|
24
|
-
def indices?
|
25
|
-
false
|
26
|
-
end
|
27
|
-
|
28
|
-
def html?
|
29
|
-
get_header('HTTP_ACCEPT') && get_header('HTTP_ACCEPT').include?('text/html')
|
30
|
-
end
|
31
|
-
|
32
|
-
def duration
|
33
|
-
Time.now.to_f - @started
|
34
|
-
end
|
35
|
-
|
36
|
-
def user_id
|
37
|
-
return env['omniauth.auth'].uid if env['omniauth.auth']
|
38
|
-
env['rack.session']['user_id'] if env['rack.session']
|
39
|
-
end
|
40
|
-
|
41
|
-
def user
|
42
|
-
return nil if user_id.nil?
|
43
|
-
@user ||= Ditty::User[user_id]
|
44
|
-
end
|
45
|
-
|
46
|
-
def detail
|
47
|
-
"#{request_method.upcase} #{fullpath} (#{self.class.name})"
|
48
|
-
end
|
49
|
-
|
50
|
-
private
|
51
|
-
|
52
|
-
def path_parts
|
53
|
-
@path_parts ||= path.split('?')[0][1..-1].split('/')
|
54
|
-
end
|
55
|
-
|
56
|
-
def check_part(val)
|
57
|
-
return val if val.nil?
|
58
|
-
return [] if [endpoint, '_all'].include?(val) && !WRITE_METHODS.include?(request_method)
|
59
|
-
val.split(',')
|
60
|
-
end
|
61
|
-
|
62
|
-
class << self
|
63
|
-
def from_env(env)
|
64
|
-
endpoint = path_endpoint(env['REQUEST_PATH'])
|
65
|
-
endpoint_class = endpoint.nil? ? 'index' : endpoint[1..-1]
|
66
|
-
begin
|
67
|
-
require 'proxes/request/' + endpoint_class.downcase
|
68
|
-
Request.const_get(endpoint_class.titlecase).new(env)
|
69
|
-
rescue LoadError
|
70
|
-
new(env)
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
|
-
def path_endpoint(path)
|
75
|
-
return '_root' if ['', nil, '/'].include? path
|
76
|
-
path_parts = path[1..-1].split('/')
|
77
|
-
return path_parts[-1] if ID_ENDPOINTS.include? path_parts[-1]
|
78
|
-
return path_parts[-2] if path_parts[-1] == 'count' && path_parts[-2] == '_percolate'
|
79
|
-
return path_parts[-2] if path_parts[-1] == 'scroll' && path_parts[-2] == '_search'
|
80
|
-
path_parts.find { |part| part[0] == '_' }
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|
84
|
-
end
|
data/lib/proxes/request/bulk.rb
DELETED
@@ -1,40 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'proxes/request'
|
4
|
-
require 'proxes/policies/request/bulk_policy'
|
5
|
-
|
6
|
-
module ProxES
|
7
|
-
class Request
|
8
|
-
class Bulk < Request
|
9
|
-
attr_reader :index, :type
|
10
|
-
|
11
|
-
REGEX = /"(index|delete|create|update)".*"_index"\s*:\s*"(.*?)"/
|
12
|
-
|
13
|
-
def bulk_indices
|
14
|
-
@bulk_indices ||= begin
|
15
|
-
body.read.scan(REGEX).tap { |_r| body.rewind }
|
16
|
-
end.map { |e| e[1] }.uniq
|
17
|
-
end
|
18
|
-
|
19
|
-
def index=(idx)
|
20
|
-
@index = idx
|
21
|
-
self.path_info = '/' + [index, type, endpoint].compact
|
22
|
-
.map { |v| v.is_a?(Array) ? v.join(',') : v }
|
23
|
-
.select { |v| !v.nil? && v != '' }.join('/')
|
24
|
-
end
|
25
|
-
|
26
|
-
def endpoint
|
27
|
-
'_bulk'
|
28
|
-
end
|
29
|
-
|
30
|
-
def parse
|
31
|
-
@index ||= check_part(path_parts[0]) unless path_parts[0] == endpoint
|
32
|
-
@type ||= check_part(path_parts[1]) unless path_parts[1] == endpoint
|
33
|
-
end
|
34
|
-
|
35
|
-
def indices?
|
36
|
-
!@index.nil?
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
data/lib/proxes/request/cat.rb
DELETED
@@ -1,32 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'proxes/request'
|
4
|
-
require 'proxes/policies/request/cat_policy'
|
5
|
-
|
6
|
-
module ProxES
|
7
|
-
class Request
|
8
|
-
class Cat < Request
|
9
|
-
attr_reader :index, :type
|
10
|
-
|
11
|
-
def index=(idx)
|
12
|
-
@index = idx
|
13
|
-
self.path_info = '/' + [endpoint, type, index].compact
|
14
|
-
.map { |v| v.is_a?(Array) ? v.join(',') : v }
|
15
|
-
.select { |v| !v.nil? && v != '' }.join('/')
|
16
|
-
end
|
17
|
-
|
18
|
-
def endpoint
|
19
|
-
'_cat'
|
20
|
-
end
|
21
|
-
|
22
|
-
def parse
|
23
|
-
@type ||= check_part(path_parts[1])
|
24
|
-
@index ||= check_part(path_parts[2])
|
25
|
-
end
|
26
|
-
|
27
|
-
def indices?
|
28
|
-
%w[shards indices segments count recovery].include? type.first
|
29
|
-
end
|
30
|
-
end
|
31
|
-
end
|
32
|
-
end
|