RubyGems - proxes - Versions diffs - 0.9.8 → 0.9.9 - Mend

proxes 0.9.8 → 0.9.9

Files changed (44) hide show

checksums.yaml +4 -4
data/lib/ditty/components/proxes.rb +89 -0
data/lib/proxes/controllers/permissions.rb +41 -0
data/lib/proxes/controllers/search.rb +55 -0
data/lib/proxes/controllers/status.rb +115 -0
data/lib/proxes/forwarder.rb +49 -0
data/lib/proxes/helpers/indices.rb +33 -0
data/lib/proxes/loggers/elasticsearch.rb +10 -0
data/lib/proxes/middleware/error_handling.rb +64 -0
data/lib/proxes/middleware/metrics.rb +25 -0
data/lib/proxes/middleware/security.rb +59 -0
data/lib/proxes/models/permission.rb +55 -0
data/lib/proxes/policies/permission_policy.rb +37 -0
data/lib/proxes/policies/request/bulk_policy.rb +24 -0
data/lib/proxes/policies/request/cat_policy.rb +12 -0
data/lib/proxes/policies/request/create_policy.rb +15 -0
data/lib/proxes/policies/request/index_policy.rb +19 -0
data/lib/proxes/policies/request/root_policy.rb +13 -0
data/lib/proxes/policies/request/search_policy.rb +14 -0
data/lib/proxes/policies/request/snapshot_policy.rb +15 -0
data/lib/proxes/policies/request/stats_policy.rb +12 -0
data/lib/proxes/policies/request_policy.rb +62 -0
data/lib/proxes/policies/search_policy.rb +29 -0
data/lib/proxes/policies/status_policy.rb +21 -0
data/lib/proxes/request.rb +84 -0
data/lib/proxes/request/bulk.rb +40 -0
data/lib/proxes/request/cat.rb +32 -0
data/lib/proxes/request/create.rb +33 -0
data/lib/proxes/request/index.rb +33 -0
data/lib/proxes/request/root.rb +11 -0
data/lib/proxes/request/search.rb +37 -0
data/lib/proxes/request/snapshot.rb +17 -0
data/lib/proxes/request/stats.rb +35 -0
data/lib/proxes/services/es.rb +34 -0
data/lib/proxes/services/listener.rb +29 -0
data/lib/proxes/services/search.rb +45 -0
data/lib/proxes/version.rb +5 -0
data/migrate/20170209_permissions.rb +13 -0
data/migrate/20170416_user_specific_permissions.rb +9 -0
data/public/browserconfig.xml +9 -0
data/public/manifest.json +25 -0
data/views/index.haml +1 -0
data/views/layout.haml +60 -0
metadata +44 -2

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/bulk_policy'
+module ProxES
+  class Request
+    class Bulk < Request
+      attr_reader :index, :type
+      REGEX = /"(index|delete|create|update)".*"_index"\s*:\s*"(.*?)"/
+      def bulk_indices
+        @bulk_indices ||= begin
+          body.read.scan(REGEX).tap { |_r| body.rewind }
+        end.map { |e| e[1] }.uniq
+      end
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, type, endpoint].compact
+                                                      .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                      .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_bulk'
+      end
+      def parse
+        @index ||= check_part(path_parts[0]) unless path_parts[0] == endpoint
+        @type  ||= check_part(path_parts[1]) unless path_parts[1] == endpoint
+      end
+      def indices?
+        !@index.nil?
+      end
+    end
+  end
+end

data/lib/proxes/request/cat.rb ADDED

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/cat_policy'
+module ProxES
+  class Request
+    class Cat < Request
+      attr_reader :index, :type
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [endpoint, type, index].compact
+                                                      .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                      .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_cat'
+      end
+      def parse
+        @type  ||= check_part(path_parts[1])
+        @index ||= check_part(path_parts[2])
+      end
+      def indices?
+        %w[shards indices segments count recovery].include? type.first
+      end
+    end
+  end
+end

data/lib/proxes/request/create.rb ADDED

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/create_policy'
+module ProxES
+  class Request
+    class Create < Request
+      attr_reader :index, :type, :id
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, type, id, endpoint].compact
+                                                          .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                          .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_create'
+      end
+      def parse
+        @index ||= check_part(path_parts[0])
+        @type ||= check_part(path_parts[1])
+        @id ||= check_part(path_parts[2])
+      end
+      def indices?
+        true
+      end
+    end
+  end
+end

data/lib/proxes/request/index.rb ADDED

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/index_policy'
+module ProxES
+  class Request
+    class Index < Request
+      attr_reader :index, :type, :id
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, type, id].compact
+                                                .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        nil
+      end
+      def parse
+        @index ||= check_part(path_parts[0])
+        @type ||= check_part(path_parts[1])
+        @id ||= check_part(path_parts[2])
+      end
+      def indices?
+        true
+      end
+    end
+  end
+end

data/lib/proxes/request/root.rb ADDED

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/root_policy'
+module ProxES
+  class Request
+    class Root < Request
+    end
+  end
+end

data/lib/proxes/request/search.rb ADDED

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/search_policy'
+module ProxES
+  class Request
+    class Search < Request
+      attr_reader :index, :type
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, type, id, endpoint].compact
+                                                          .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                          .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_search'
+      end
+      def parse
+        @index ||= check_part(path_parts[0]) unless path_parts[0] == endpoint
+        @type  ||= check_part(path_parts[1]) unless path_parts[1] == endpoint
+        @id    ||= check_part(path_parts[2]) unless path_parts[2] == endpoint
+      end
+      def id
+        @id == [] ? nil : @id
+      end
+      def indices?
+        type != ['scroll']
+      end
+    end
+  end
+end

data/lib/proxes/request/snapshot.rb ADDED

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/snapshot_policy'
+module ProxES
+  class Request
+    class Snapshot < Request
+      attr_reader :repository
+      def parse
+        @repository ||= check_part(path_parts[1])
+        @repository = [] if repository.nil?
+      end
+    end
+  end
+end

data/lib/proxes/request/stats.rb ADDED

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/stats_policy'
+module ProxES
+  class Request
+    class Stats < Request
+      attr_reader :index
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, endpoint].compact
+                                                .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_stats'
+      end
+      def parse
+        @index ||= check_part(path_parts[0])
+      end
+      def stats
+        @stats ||= check_part(path_parts[2])
+      end
+      def indices?
+        true
+      end
+    end
+  end
+end

data/lib/proxes/services/es.rb ADDED

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+require 'openssl'
+require 'elasticsearch'
+require 'ditty/services/logger'
+module ProxES
+  module Services
+    module ES
+      def client
+        @client ||= Elasticsearch::Client.new(
+          url: ENV['ELASTICSEARCH_URL'],
+          transport_options: {
+            ssl: {
+              verify: ENV['SSL_VERIFY_NONE'].to_i != 1,
+              cert_store: ssl_store
+            }
+          },
+          logger: Ditty::Services::Logger.instance
+        )
+      end
+      def ssl_store
+        store = OpenSSL::X509::Store.new
+        store.set_default_paths
+        store
+      end
+      def conn
+        client.transport.connections.get_connection.connection
+      end
+    end
+  end
+end

data/lib/proxes/services/listener.rb ADDED

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+require 'wisper'
+require 'ditty/models/audit_log'
+require 'ditty/services/logger'
+module ProxES
+  class Listener
+    def es_request_failed(request, response)
+      Ditty::AuditLog.create(
+        action: :es_request_failed,
+        user: request.user,
+        details: "#{request.detail} > #{response[0]}"
+      )
+    end
+    def es_request_denied(request, exception = nil)
+      detail = request.detail
+      detail = "#{detail} - #{exception.class}" if exception
+      Ditty::AuditLog.create(
+        action: :es_request_denied,
+        user: request.user,
+        details: detail
+      )
+    end
+  end
+end
+Wisper.subscribe(ProxES::Listener.new) unless ENV['RACK_ENV'] == 'test'

data/lib/proxes/services/search.rb ADDED

@@ -0,0 +1,45 @@
+require 'proxes/services/es'
+# TODO: This needs to be filtered.
+module ProxES
+  module Services
+    module Search
+      class << self
+        include ES
+        def indices
+          client.indices.get_mapping(index: '_all').keys
+        end
+        def fields(index: '_all', names_only: false)
+          fields = {}
+          client.indices.get_mapping(index: index).each do |_idx, index_map|
+            index_map['mappings'].each do |_type, type_map|
+              next if type_map['properties'].nil?
+              type_map['properties'].each do |name, details|
+                if details['type'] != 'keyword' && details['fields'] && (names_only == false)
+                  keyword = details['fields'].find do |v|
+                    v[1]['type'] == 'keyword'
+                  end
+                  fields["#{name}.#{keyword[0]}"] ||= keyword[1]['type'] if keyword
+                end
+                fields[name] ||= details['type'] unless details['type'].nil?
+              end
+            end.to_h
+          end
+          fields
+        end
+        def values(field, index = '_all', size = 25)
+          result = client.search index: index, body: { size: 0, aggs: { values: { terms: { field: field, size: size } } } }
+          result['aggregations']['values']['buckets'].map { |e| e['key'] }
+        end
+        def search(qs, options = {})
+          client.search options.merge(q: qs) # , explain: true
+        end
+      end
+    end
+  end
+end

data/lib/proxes/version.rb ADDED

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+module ProxES
+  VERSION = '0.9.9'.freeze
+end

data/migrate/20170209_permissions.rb ADDED

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+Sequel.migration do
+  change do
+    create_table :permissions do
+      primary_key :id
+      String :verb
+      String :pattern
+      DateTime :created_at
+      foreign_key :role_id, :roles
+    end
+  end
+end

data/migrate/20170416_user_specific_permissions.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+Sequel.migration do
+  change do
+    alter_table :permissions do
+      add_foreign_key :user_id, :users
+    end
+  end
+end

data/public/browserconfig.xml ADDED

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<browserconfig>
+    <msapplication>
+        <tile>
+            <square150x150logo src="/_proxes/images/mstile-150x150.png"/>
+            <TileColor>#da532c</TileColor>
+        </tile>
+    </msapplication>
+</browserconfig>

data/public/manifest.json ADDED

@@ -0,0 +1,25 @@
+{
+  "short_name": "ProxES",
+  "name": "ProxES",
+  "icons": [
+    {
+      "src": "_proxes/images/launcher-icon-1x.png",
+      "type": "image/png",
+      "sizes": "48x48"
+    },
+    {
+      "src": "_proxes/images/launcher-icon-2x.png",
+      "type": "image/png",
+      "sizes": "96x96"
+    },
+    {
+      "src": "_proxes/images/launcher-icon-4x.png",
+      "type": "image/png",
+      "sizes": "192x192"
+    }
+  ],
+  "start_url": "_proxes/auth/login",
+  "theme_color": "#bebebe",
+  "background_color": "#bebebe",
+  "display": "fullscreen"
+}

data/views/index.haml ADDED

	@@ -0,0 +1 @@
1	+ #react-dashboard{ 'data-elasticsearch-url' => '..'}

data/views/layout.haml ADDED

@@ -0,0 +1,60 @@
+!!! 5
+%html{ lang: 'en' }
+  %head
+    %meta{ charset: 'utf-8' }
+    %meta{ 'http-equiv' => 'X-UA-Compatible', 'content' => 'IE=edge,chrome=1' }
+    %meta{ name: 'viewport', content: 'width=device-width, initial-scale=1' }
+    %meta{ name: 'theme-color', content: '#ffffff' }
+    %link{ rel: 'manifest', href: '/_proxes/manifest.json' }
+    %link{ rel: 'icon', type: 'image/png', sizes: '32x32', href: '/_proxes/images/favicon-32x32.png' }
+    %link{ rel: 'icon', type: 'image/png', sizes: '16x16', href: '/_proxes/images/favicon-16x16.png' }
+    %link{ rel: 'apple-touch-icon', sizes: '76x76', href: '/_proxes/images/apple-icon.png' }
+    %link{ rel: 'mask-icon', href: '/_proxes/images/safari-pinned-tab.svg', color: '#5bbad5' }
+    %title
+      ProxES
+      - if defined? title
+        = "- #{title}"
+    %meta{ name: 'description', content: '' }
+    %meta{ name: 'author', content: '' }
+    / Le styles
+    %link{ rel: 'stylesheet', href: 'https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css', media: 'screen' }
+    %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/startbootstrap-sb-admin-2/3.3.7+1/css/sb-admin-2.min.css', media: 'screen' }
+    %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/metisMenu/2.5.2/metisMenu.min.css', media: 'screen' }
+    %link{ rel: 'stylesheet', href: 'https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css', media: 'screen' }
+    /[if lt IE 9] <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js"></script>
+    /[if lt IE 9] <script src="https://cdnjs.cloudflare.com/ajax/libs/respond.js/1.4.2/respond.min.js"></script>
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/startbootstrap-sb-admin-2/3.3.7+1/js/sb-admin-2.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/metisMenu/2.5.2/metisMenu.min.js' }
+  %body
+    #wrapper
+      = haml :'partials/navbar', locals: { title: (defined?(title) ? title : 'ProxES') }
+      #page-wrapper{ style: 'opacity: 0.8' }
+        .row
+          .col-md-12
+            -if defined? title
+              %h1.page-header= title
+            = haml :'partials/notifications'
+        = yield
+        %footer.footer.text-muted.text-center
+          %hr
+          .copyright
+            :plain
+              &copy; <script>document.write(new Date().getFullYear())</script>, DataTools.io
+    / Placed at the end of the document so the pages load faster
+    %script{ type: 'text/javascript', src: 'https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/15.4.1/react.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/15.4.1/react-dom.min.js' }
+    %script{ type: 'text/javascript', src: '/_proxes/js/bundle.js' }
+    :javascript
+        $(function() {
+            $('.sidebar-nav').metisMenu();
+        });