RubyGems - proxes - Versions diffs - 0.9.8 → 0.9.9 - Mend

proxes 0.9.8 → 0.9.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

checksums.yaml +4 -4
data/lib/ditty/components/proxes.rb +89 -0
data/lib/proxes/controllers/permissions.rb +41 -0
data/lib/proxes/controllers/search.rb +55 -0
data/lib/proxes/controllers/status.rb +115 -0
data/lib/proxes/forwarder.rb +49 -0
data/lib/proxes/helpers/indices.rb +33 -0
data/lib/proxes/loggers/elasticsearch.rb +10 -0
data/lib/proxes/middleware/error_handling.rb +64 -0
data/lib/proxes/middleware/metrics.rb +25 -0
data/lib/proxes/middleware/security.rb +59 -0
data/lib/proxes/models/permission.rb +55 -0
data/lib/proxes/policies/permission_policy.rb +37 -0
data/lib/proxes/policies/request/bulk_policy.rb +24 -0
data/lib/proxes/policies/request/cat_policy.rb +12 -0
data/lib/proxes/policies/request/create_policy.rb +15 -0
data/lib/proxes/policies/request/index_policy.rb +19 -0
data/lib/proxes/policies/request/root_policy.rb +13 -0
data/lib/proxes/policies/request/search_policy.rb +14 -0
data/lib/proxes/policies/request/snapshot_policy.rb +15 -0
data/lib/proxes/policies/request/stats_policy.rb +12 -0
data/lib/proxes/policies/request_policy.rb +62 -0
data/lib/proxes/policies/search_policy.rb +29 -0
data/lib/proxes/policies/status_policy.rb +21 -0
data/lib/proxes/request.rb +84 -0
data/lib/proxes/request/bulk.rb +40 -0
data/lib/proxes/request/cat.rb +32 -0
data/lib/proxes/request/create.rb +33 -0
data/lib/proxes/request/index.rb +33 -0
data/lib/proxes/request/root.rb +11 -0
data/lib/proxes/request/search.rb +37 -0
data/lib/proxes/request/snapshot.rb +17 -0
data/lib/proxes/request/stats.rb +35 -0
data/lib/proxes/services/es.rb +34 -0
data/lib/proxes/services/listener.rb +29 -0
data/lib/proxes/services/search.rb +45 -0
data/lib/proxes/version.rb +5 -0
data/migrate/20170209_permissions.rb +13 -0
data/migrate/20170416_user_specific_permissions.rb +9 -0
data/public/browserconfig.xml +9 -0
data/public/manifest.json +25 -0
data/views/index.haml +1 -0
data/views/layout.haml +60 -0
metadata +44 -2

data/lib/proxes/request/bulk.rb ADDED

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/bulk_policy'
+module ProxES
+  class Request
+    class Bulk < Request
+      attr_reader :index, :type
+      REGEX = /"(index|delete|create|update)".*"_index"\s*:\s*"(.*?)"/
+      def bulk_indices
+        @bulk_indices ||= begin
+          body.read.scan(REGEX).tap { |_r| body.rewind }
+        end.map { |e| e[1] }.uniq
+      end
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, type, endpoint].compact
+                                                      .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                      .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_bulk'
+      end
+      def parse
+        @index ||= check_part(path_parts[0]) unless path_parts[0] == endpoint
+        @type  ||= check_part(path_parts[1]) unless path_parts[1] == endpoint
+      end
+      def indices?
+        !@index.nil?
+      end
+    end
+  end
+end

data/lib/proxes/request/cat.rb ADDED

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/cat_policy'
+module ProxES
+  class Request
+    class Cat < Request
+      attr_reader :index, :type
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [endpoint, type, index].compact
+                                                      .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                      .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_cat'
+      end
+      def parse
+        @type  ||= check_part(path_parts[1])
+        @index ||= check_part(path_parts[2])
+      end
+      def indices?
+        %w[shards indices segments count recovery].include? type.first
+      end
+    end
+  end
+end

data/lib/proxes/request/create.rb ADDED

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/create_policy'
+module ProxES
+  class Request
+    class Create < Request
+      attr_reader :index, :type, :id
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, type, id, endpoint].compact
+                                                          .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                          .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_create'
+      end
+      def parse
+        @index ||= check_part(path_parts[0])
+        @type ||= check_part(path_parts[1])
+        @id ||= check_part(path_parts[2])
+      end
+      def indices?
+        true
+      end
+    end
+  end
+end

data/lib/proxes/request/index.rb ADDED

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/index_policy'
+module ProxES
+  class Request
+    class Index < Request
+      attr_reader :index, :type, :id
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, type, id].compact
+                                                .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        nil
+      end
+      def parse
+        @index ||= check_part(path_parts[0])
+        @type ||= check_part(path_parts[1])
+        @id ||= check_part(path_parts[2])
+      end
+      def indices?
+        true
+      end
+    end
+  end
+end

data/lib/proxes/request/root.rb ADDED

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/root_policy'
+module ProxES
+  class Request
+    class Root < Request
+    end
+  end
+end

data/lib/proxes/request/search.rb ADDED

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/search_policy'
+module ProxES
+  class Request
+    class Search < Request
+      attr_reader :index, :type
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, type, id, endpoint].compact
+                                                          .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                          .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_search'
+      end
+      def parse
+        @index ||= check_part(path_parts[0]) unless path_parts[0] == endpoint
+        @type  ||= check_part(path_parts[1]) unless path_parts[1] == endpoint
+        @id    ||= check_part(path_parts[2]) unless path_parts[2] == endpoint
+      end
+      def id
+        @id == [] ? nil : @id
+      end
+      def indices?
+        type != ['scroll']
+      end
+    end
+  end
+end

data/lib/proxes/request/snapshot.rb ADDED

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/snapshot_policy'
+module ProxES
+  class Request
+    class Snapshot < Request
+      attr_reader :repository
+      def parse
+        @repository ||= check_part(path_parts[1])
+        @repository = [] if repository.nil?
+      end
+    end
+  end
+end

data/lib/proxes/request/stats.rb ADDED

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+require 'proxes/request'
+require 'proxes/policies/request/stats_policy'
+module ProxES
+  class Request
+    class Stats < Request
+      attr_reader :index
+      def index=(idx)
+        @index = idx
+        self.path_info = '/' + [index, endpoint].compact
+                                                .map { |v| v.is_a?(Array) ? v.join(',') : v }
+                                                .select { |v| !v.nil? && v != '' }.join('/')
+      end
+      def endpoint
+        '_stats'
+      end
+      def parse
+        @index ||= check_part(path_parts[0])
+      end
+      def stats
+        @stats ||= check_part(path_parts[2])
+      end
+      def indices?
+        true
+      end
+    end
+  end
+end

data/lib/proxes/services/es.rb ADDED

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+require 'openssl'
+require 'elasticsearch'
+require 'ditty/services/logger'
+module ProxES
+  module Services
+    module ES
+      def client
+        @client ||= Elasticsearch::Client.new(
+          url: ENV['ELASTICSEARCH_URL'],
+          transport_options: {
+            ssl: {
+              verify: ENV['SSL_VERIFY_NONE'].to_i != 1,
+              cert_store: ssl_store
+            }
+          },
+          logger: Ditty::Services::Logger.instance
+        )
+      end
+      def ssl_store
+        store = OpenSSL::X509::Store.new
+        store.set_default_paths
+        store
+      end
+      def conn
+        client.transport.connections.get_connection.connection
+      end
+    end
+  end
+end

data/lib/proxes/services/listener.rb ADDED

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+require 'wisper'
+require 'ditty/models/audit_log'
+require 'ditty/services/logger'
+module ProxES
+  class Listener
+    def es_request_failed(request, response)
+      Ditty::AuditLog.create(
+        action: :es_request_failed,
+        user: request.user,
+        details: "#{request.detail} > #{response[0]}"
+      )
+    end
+    def es_request_denied(request, exception = nil)
+      detail = request.detail
+      detail = "#{detail} - #{exception.class}" if exception
+      Ditty::AuditLog.create(
+        action: :es_request_denied,
+        user: request.user,
+        details: detail
+      )
+    end
+  end
+end
+Wisper.subscribe(ProxES::Listener.new) unless ENV['RACK_ENV'] == 'test'

data/lib/proxes/services/search.rb ADDED

@@ -0,0 +1,45 @@
+require 'proxes/services/es'
+# TODO: This needs to be filtered.
+module ProxES
+  module Services
+    module Search
+      class << self
+        include ES
+        def indices
+          client.indices.get_mapping(index: '_all').keys
+        end
+        def fields(index: '_all', names_only: false)
+          fields = {}
+          client.indices.get_mapping(index: index).each do |_idx, index_map|
+            index_map['mappings'].each do |_type, type_map|
+              next if type_map['properties'].nil?
+              type_map['properties'].each do |name, details|
+                if details['type'] != 'keyword' && details['fields'] && (names_only == false)
+                  keyword = details['fields'].find do |v|
+                    v[1]['type'] == 'keyword'
+                  end
+                  fields["#{name}.#{keyword[0]}"] ||= keyword[1]['type'] if keyword
+                end
+                fields[name] ||= details['type'] unless details['type'].nil?
+              end
+            end.to_h
+          end
+          fields
+        end
+        def values(field, index = '_all', size = 25)
+          result = client.search index: index, body: { size: 0, aggs: { values: { terms: { field: field, size: size } } } }
+          result['aggregations']['values']['buckets'].map { |e| e['key'] }
+        end
+        def search(qs, options = {})
+          client.search options.merge(q: qs) # , explain: true
+        end
+      end
+    end
+  end
+end

data/lib/proxes/version.rb ADDED

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+module ProxES
+  VERSION = '0.9.9'.freeze
+end

data/migrate/20170209_permissions.rb ADDED

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+Sequel.migration do
+  change do
+    create_table :permissions do
+      primary_key :id
+      String :verb
+      String :pattern
+      DateTime :created_at
+      foreign_key :role_id, :roles
+    end
+  end
+end

data/migrate/20170416_user_specific_permissions.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+Sequel.migration do
+  change do
+    alter_table :permissions do
+      add_foreign_key :user_id, :users
+    end
+  end
+end

data/public/browserconfig.xml ADDED

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<browserconfig>
+    <msapplication>
+        <tile>
+            <square150x150logo src="/_proxes/images/mstile-150x150.png"/>
+            <TileColor>#da532c</TileColor>
+        </tile>
+    </msapplication>
+</browserconfig>

data/public/manifest.json ADDED

@@ -0,0 +1,25 @@
+{
+  "short_name": "ProxES",
+  "name": "ProxES",
+  "icons": [
+    {
+      "src": "_proxes/images/launcher-icon-1x.png",
+      "type": "image/png",
+      "sizes": "48x48"
+    },
+    {
+      "src": "_proxes/images/launcher-icon-2x.png",
+      "type": "image/png",
+      "sizes": "96x96"
+    },
+    {
+      "src": "_proxes/images/launcher-icon-4x.png",
+      "type": "image/png",
+      "sizes": "192x192"
+    }
+  ],
+  "start_url": "_proxes/auth/login",
+  "theme_color": "#bebebe",
+  "background_color": "#bebebe",
+  "display": "fullscreen"
+}

data/views/index.haml ADDED

	@@ -0,0 +1 @@
1	+ #react-dashboard{ 'data-elasticsearch-url' => '..'}

data/views/layout.haml ADDED

@@ -0,0 +1,60 @@
+!!! 5
+%html{ lang: 'en' }
+  %head
+    %meta{ charset: 'utf-8' }
+    %meta{ 'http-equiv' => 'X-UA-Compatible', 'content' => 'IE=edge,chrome=1' }
+    %meta{ name: 'viewport', content: 'width=device-width, initial-scale=1' }
+    %meta{ name: 'theme-color', content: '#ffffff' }
+    %link{ rel: 'manifest', href: '/_proxes/manifest.json' }
+    %link{ rel: 'icon', type: 'image/png', sizes: '32x32', href: '/_proxes/images/favicon-32x32.png' }
+    %link{ rel: 'icon', type: 'image/png', sizes: '16x16', href: '/_proxes/images/favicon-16x16.png' }
+    %link{ rel: 'apple-touch-icon', sizes: '76x76', href: '/_proxes/images/apple-icon.png' }
+    %link{ rel: 'mask-icon', href: '/_proxes/images/safari-pinned-tab.svg', color: '#5bbad5' }
+    %title
+      ProxES
+      - if defined? title
+        = "- #{title}"
+    %meta{ name: 'description', content: '' }
+    %meta{ name: 'author', content: '' }
+    / Le styles
+    %link{ rel: 'stylesheet', href: 'https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css', media: 'screen' }
+    %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/startbootstrap-sb-admin-2/3.3.7+1/css/sb-admin-2.min.css', media: 'screen' }
+    %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/metisMenu/2.5.2/metisMenu.min.css', media: 'screen' }
+    %link{ rel: 'stylesheet', href: 'https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css', media: 'screen' }
+    /[if lt IE 9] <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js"></script>
+    /[if lt IE 9] <script src="https://cdnjs.cloudflare.com/ajax/libs/respond.js/1.4.2/respond.min.js"></script>
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/startbootstrap-sb-admin-2/3.3.7+1/js/sb-admin-2.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/metisMenu/2.5.2/metisMenu.min.js' }
+  %body
+    #wrapper
+      = haml :'partials/navbar', locals: { title: (defined?(title) ? title : 'ProxES') }
+      #page-wrapper{ style: 'opacity: 0.8' }
+        .row
+          .col-md-12
+            -if defined? title
+              %h1.page-header= title
+            = haml :'partials/notifications'
+        = yield
+        %footer.footer.text-muted.text-center
+          %hr
+          .copyright
+            :plain
+              &copy; <script>document.write(new Date().getFullYear())</script>, DataTools.io
+    / Placed at the end of the document so the pages load faster
+    %script{ type: 'text/javascript', src: 'https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/15.4.1/react.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/15.4.1/react-dom.min.js' }
+    %script{ type: 'text/javascript', src: '/_proxes/js/bundle.js' }
+    :javascript
+        $(function() {
+            $('.sidebar-nav').metisMenu();
+        });