puppet-validator 0.0.9 → 0.1.0

checksums.yaml

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    ODkwMThiYjc2M2RiYTAwYjQzZjdiOGExNzA5M2VhNDcyZDE1MGUxZA==
-  data.tar.gz: !binary |-
-    YmUxZGMwYmM3ZGE3MjI0ZjNmZDUxMDdlMDYyYTZjOWExNDg3MzUzMA==
+SHA1:
+  metadata.gz: 42c7dd8c42d525d1d2b73688beeb01b3595477a1
+  data.tar.gz: d121433916a22680ae5692e59ece41a8f60c9eb4
 SHA512:
-  metadata.gz: !binary |-
-    ZDM1NTQ3MDc2NGFhNDBkNGUxOWVlZjE0YTA1NmEwMWQ0ZDU4Mzc1NmNkN2Iz
-    MmYyNzkwZGY3MjU5MmExYjExNDA0ZjZkODk2ZjdlMTJmYzYxMzBjNTY4ZDll
-    MWZiNTBlMWMxYTRjZjRjYzc4YWZlY2U4NGNiZTk5MmM0YWEzY2U=
-  data.tar.gz: !binary |-
-    M2E0NGIwZDQ3NzZmNzliOTE2N2QyMWFjNDYyZWFmY2VlNzU3NjBhYzRiMDIx
-    N2E4ZmRmYzJiYWY0OTc4ZjA2OGVlNzBkYWEzYjY2MWY1NGZlM2RmNGY0NDFh
-    YmVkMWEwYjNmYzdiYmY3ZjBkYTBmNTNkMTk1MmI1NjU4NGQ0YmY=
+  metadata.gz: d8a6b17cef56ab2112e0414d97cfc31e501dc64c6fa9a5f358417cedc0be2ea47b8bcc9ba951367b6aa67c083af72d9ab659c557b2b0ec2645ae5545f02d62cc
+  data.tar.gz: 077da604c15b3beb0cde4513b63f9e01cd4eef89c5b42f91e0135f1f2e582d13f30cbf1a8f1fbdd0fbf2078dfde51eaa97e78b099a26cef3f8471ed0a6cec471

data/README.md

@@ -1,12 +1,14 @@
 # Puppet Validator:
 ## Puppet Code Validation as a service
 
-Puppet Validator is a simple web service that accepts arbitrary code submissions and
-validates it the way `puppet parser validate` would. It can optionally also
-run `puppet-lint` checks on the code and display both results together.
+Puppet Validator is a simple web service that accepts arbitrary code submissions
+and validates it the way `puppet parser validate` and `puppet-lint` would. For
+simple and self-contained manifests, it can also show you a relationship graph.
 
 Puppet Validator is completely themeable, albeit rather primitively.
 
+See an example running on https://validate.puppet.com
+
 ### Usage:
 
 #### Running the service directly
@@ -22,25 +24,33 @@ and will serve content directly out of its installation directory. You can
 override and customize the web content by passing the `-t` or `--theme`
 command-line argument. See [Creating your own theme](#creating-your-own-theme) below.
 
+This can load code from several popular paste services and can gist validated
+code to https://gist.github.com. These gists include a `referer` link back so
+the gisted code can be re-validated at any time. If you'd like the `referer`
+check to work properly, make sure to run this with a valid SSL certificate.
+
 Options:
 
     -d, --debug                      Display or log debugging messages
-    -l, --logfile [LOGFILE]          Path to logfile. Defaults to no logging, or
-                                        /var/log/puppet-validator if no filename is passed.
+        --disable DISABLED_CHECKS    Lint checks to disable. Either comma-separated list or filename.
+    -l, --logfile [LOGFILE]          Path to logfile. Defaults to no logging, or /var/log/puppet-validator if no filename is passed.
     -p, --port PORT                  Port to listen on. Defaults to 9000.
     -t, --theme THEMEDIR             Path to the theme directory.
-    -x, --csrf                       Protect from cross site request forgery. Requires code to be
-                                        submitted for validation via the webpage.
-    -g, --graph                      Generate relationship graphs from validated code. Requires
-                                        `graphviz` to be installed.
-    
+    -x, --csrf                       Protect from cross site request forgery. Requires code to be submitted for validation via the webpage.
+    -g, --graph                      Generate relationship graphs from validated code. Requires `graphviz` to be installed.
+        --ssl                        Run with SSL support. Autogenerates a self-signed certificates by default.
+        --ssl-cert FILE              Specify the SSL certificate you'd like use use. Pair with --ssl-key.
+        --ssl-key FILE               Specify the SSL key file you'd like use use. Pair with --ssl-cert.
+
     -h, --help                       Displays this help
 
+
 #### Integrating with Middleware
 
 If you plan to run this as a public service, then you may want to run it under
-middleware, such as Phusion Passenger, for performance and scalability. The
-specific implementation will depend on your choice of webserver and middleware.
+middleware (such as Phusion Passenger, Puma, or Unicorn) for performance and
+scalability. The specific implementation will depend on your choice of webserver
+and middleware.
 
 To configure Puppet Validator on Apache and Passenger, you'll need to
 <a href="https://www.phusionpassenger.com/library/install/apache/install/oss/el7/">
@@ -81,7 +91,6 @@ require 'puppet-validator'
 logger       = Logger.new('/var/log/puppet-validator')
 logger.level = Logger::WARN
 
-PuppetValidator.set :puppet_versions, Dir.glob('*').select {|f| File.symlink? f and File.readlink(f) == '.' }
 PuppetValidator.set :root, File.dirname(__FILE__)
 PuppetValidator.set :logger, logger
 
@@ -93,7 +102,6 @@ PuppetValidator.set :disabled_lint_checks, ['80chars']
 # Protect from cross site request forgery. With this set, code may be
 #   submitted for validation by the website only.
 #
-# Note: This will currently break multiple version validation.
 PuppetValidator.set :csrf, false
 
 # Provide the option to generate relationship graphs from validated code.
@@ -114,17 +122,19 @@ command *will overwrite* existing files, but it will warn you before it does so.
     root@master:~ # cd /etc/puppet-validator/
     root@master:/etc/puppet-validator # puppet-validator init
     Initializing directory as new Puppet Validator theme...
-    root@master:/etc/puppet-validator # tree
+    root@master:/etc/puppet-validator # tree -L 2
     .
     ├── LICENSE
     ├── README.md
     ├── config.ru
     ├── public
-    │   ├── info.png
-    │   ├── prism-default.css
-    │   ├── prism.js
+    │   ├── font-awesome-4.7.0
+    │   ├── gist.png
+    │   ├── relationships.html
+    │   ├── scripts.js
     │   ├── styles.css
-    │   └── testing.html
+    │   ├── testing.html
+    │   └── validation.js
     └── views
         ├── index.erb
         └── result.erb
@@ -132,7 +142,7 @@ command *will overwrite* existing files, but it will warn you before it does so.
 Once you've created your theme, you can start the Puppet Validator service using the `-t`
 or `--theme` command line arguments to tell Puppet Validator where to find your content.
 
-    root@master:~ # puppet-validator -t /etc/puppet-validator/
+    root@master:~ # puppet-validator --theme /etc/puppet-validator/
 
 Alternatively, you can edit your webserver virtual host configuration to point
 to the *public* directory within your new theme, as in the example shown above.
@@ -171,93 +181,18 @@ PuppetValidator.set :disabled_lint_checks, '/etc/puppet-validator/disabled_check
 
 #### Validating code against multiple Puppet versions
 
-It is not very straightforward to load multiple versions of a library gem in Ruby.
-This makes it virtually impossible to validate multiple versions of the language
-directly in the tool. However, Passenger has allowed you to load different Ruby
-versions in different `Location` blocks since version 4.0 by loading separate
-threads for each.
-
-We can take advantage of that by configuring multiple Ruby environments using `rvm`
-or `rbenv` and installing different gemsets. A simple Puppet module to do this
-is included in the repository, with the caveat that it was designed to fully own
-a single-purpose VM and has so far only been tested on CentOS 7.
-
-If configuring manually, you'll need to create a gemset for each Puppet version
-you want to validate, with something like the following.
-
-    root@master:~ # rvm install ruby-1.9.3-p551
-    Searching for binary rubies, this might take some time.
-    [...]
-    root@master:~ # rvm use 1.9
-    Using /usr/local/rvm/gems/ruby-1.9.3-p551
-    root@master:~ # rvm gemset create puppet2.7.4
-    ruby-1.9.3-p551 - #gemset created /usr/local/rvm/gems/ruby-1.9.3-p551@puppet2.7.4
-    ruby-1.9.3-p551 - #generating puppet2.7.4 wrappers........
-    root@master:~ # rvm gemset use puppet2.7.4
-    Using ruby-1.9.3-p551 with gemset puppet2.7.4
-    root@master:~ # gem install puppet -v 2.7.4
-    [...]
-    root@master:~ # gem install puppet-validator
-    [...]
-    root@master:~ # passenger-config --ruby-command
-    passenger-config was invoked through the following Ruby interpreter:
-      Command: /usr/local/rvm/gems/ruby-1.9.3-p551@puppet2.7.4/wrappers/ruby
-      Version: ruby 1.9.3p551 (2014-11-13 revision 48407) [x86_64-linux]
-      To use in Apache: PassengerRuby /usr/local/rvm/gems/ruby-1.9.3-p551@puppet2.7.4/wrappers/ruby
-      To use in Nginx : passenger_ruby /usr/local/rvm/gems/ruby-1.9.3-p551@puppet2.7.4/wrappers/ruby
-      To use with Standalone: /usr/local/rvm/gems/ruby-1.9.3-p551@puppet2.7.4/wrappers/ruby /usr/bin/passenger start
-    
-    
-    ## Notes for RVM users
-    Do you want to know which command to use for a different Ruby interpreter? 'rvm use' that Ruby interpreter, then re-run 'passenger-config about ruby-command'.
-    
-Make a note of the `PassengerRuby` command for each gemset. You'll use it in the next step.
-
-You will need a `Location` block in your Apache `VirtualHost` for each versioned
-Puppet gemset you created above. The example file below shows blocks for three
-Puppet versions with the current version installed into the default directory.
-
-``` Apache
-<VirtualHost *:80>
-  ServerName vhost.example.com
-  DocumentRoot "/var/www/puppet-validator/public"
-
-  # The default root will validate against the current Puppet version
-  <Directory "/var/www/puppet-validator/public">
-    Options -MultiViews
-    AllowOverride All
-    Require all granted
-  </Directory>
-
-  Alias /2.7.4 /var/www/puppet-validator/2.7.4/public
-  <Location /2.7.4>
-    PassengerBaseURI /2.7.4
-    PassengerAppRoot /var/www/puppet-validator/2.7.4
-    PassengerRuby "/usr/local/rvm/gems/ruby-1.9.3-p551@puppet2.7.4/wrappers/ruby"
-  </Location>
-
-  Alias /3.6.2 /var/www/puppet-validator/3.6.2/public
-  <Location /3.6.2>
-    PassengerBaseURI /3.6.2
-    PassengerAppRoot /var/www/puppet-validator/3.6.2
-    PassengerRuby "/usr/local/rvm/gems/ruby-1.9.3-p551@puppet3.6.2/wrappers/ruby"
-  </Location>
-
-  ## Logging
-  ErrorLog "/var/log/httpd/vhost.example.com_error.log"
-  ServerSignature Off
-  CustomLog "/var/log/httpd/vhost.example.com_access.log" combined
-</VirtualHost>
-```
+Puppet Validator runs a new process to validate each submission. This means that
+it can lazy-load the requested Puppet version on demand. Simply `gem install` all
+the versions you want and they'll be visible in the drop-down selector.
 
-There is one final trick. Passenger requires a unique filesystem location for its
-`AppRoot`. However, it will respect symlinks, so let's create one for each version:
+    # Installing a specific version
+    root@master:~ # gem install puppet -v 5.3.3
 
-    root@master:~ # cd /var/www/puppet-validator
-    root@master:~ # ln -s . 2.7.4
-    root@master:~ # ln -s . 3.6.2
+    # Installing several versions at once
+    root@master:~ # gem install puppet:3.8.8 puppet:4.10.0 puppet:5.3.3
 
-Now restart Apache and you're all gravy.
+If you use the `puppet_validator` module, simply specify the versions you want
+as an array,
 
 #### Running standalone with `systemd`
 

data/bin/puppet-validator

@@ -12,9 +12,11 @@ options = {
   :root           => gemroot,
   :csrf           => false,
   :graph          => false,
+  :spec           => '/var/puppet-validator/spec'
 }
 logfile  = $stderr
 loglevel = Logger::WARN
+ssl_opts = {:verify_peer => false}
 
 optparse = OptionParser.new { |opts|
     opts.banner = "Usage : puppet-validator [-p <port>] [-l [logfile]] [-t <themedir>] [-d]
@@ -47,6 +49,10 @@ optparse = OptionParser.new { |opts|
         options[:root] = arg
     end
 
+    opts.on("-s SPECDIR", "--spec SPECDIR", "Path to the directory where spec tests are located.") do |arg|
+        options[:spec] = arg
+    end
+
     opts.on("-x", "--csrf", "Protect from cross site request forgery. Requires code to be submitted for validation via the webpage.") do
         options[:csrf] = true
     end
@@ -55,6 +61,18 @@ optparse = OptionParser.new { |opts|
         options[:graph] = true
     end
 
+    opts.on("--ssl", "Run with SSL support. Autogenerates a self-signed certificates by default.") do
+        options[:ssl] = true
+    end
+
+    opts.on("--ssl-cert FILE", "Specify the SSL certificate you'd like use use. Pair with --ssl-key.") do |arg|
+        ssl_opts[:cert_chain_file] = arg
+    end
+
+    opts.on("--ssl-key FILE", "Specify the SSL key file you'd like use use. Pair with --ssl-cert.") do |arg|
+        ssl_opts[:private_key_file] = arg
+    end
+
     opts.separator('')
 
     opts.on("-h", "--help", "Displays this help") do
@@ -84,5 +102,24 @@ else
   logger.level     = loglevel
   options[:logger] = logger
 
-  PuppetValidator.run! options
+  if ssl_opts[:cert_chain_file] and ssl_opts[:private_key_file]
+    options[:ssl] = true
+  end
+
+  # These options should either both be nil or both be Strings
+  unless ssl_opts[:cert_chain_file].class == ssl_opts[:private_key_file].class
+    raise 'You must specify both the certificate and key file!'
+  end
+
+  PuppetValidator.run!(options) do |server|
+    if options[:ssl]
+      if server.respond_to? 'ssl='
+        logger.info 'Enabling SSL support.'
+        server.ssl         = true
+        server.ssl_options = ssl_opts
+      else
+        logger.warn "Please 'gem install thin' or run via an app server for SSL support."
+      end
+    end
+  end
 end

data/config.ru

@@ -4,7 +4,6 @@ require 'puppet-validator'
 logger       = Logger.new('/var/log/puppet-validator')
 logger.level = Logger::WARN
 
-PuppetValidator.set :puppet_versions, Dir.glob('*').select {|f| File.symlink? f and File.readlink(f) == '.' }
 PuppetValidator.set :root, File.dirname(__FILE__)
 PuppetValidator.set :logger, logger
 
@@ -16,7 +15,6 @@ PuppetValidator.set :disabled_lint_checks, ['80chars']
 # Protect from cross site request forgery. With this set, code may be
 #   submitted for validation by the website only.
 #
-# Note: This will currently break multiple version validation.
 PuppetValidator.set :csrf, false
 
 # Provide the option to generate relationship graphs from validated code.

data/lib/puppet-validator.rb

@@ -1,19 +1,18 @@
 require 'json'
 require 'logger'
 require 'sinatra/base'
-require 'puppet'
-require 'puppet/parser'
-require 'puppet-lint'
-
-require 'graphviz'
 require 'nokogiri'
 require 'cgi'
+require 'uri'
+require 'open-uri'
 
-# something like 3,000 lines of code
-MAXSIZE = 100000
-CONTEXT = 3
+MAXSIZE = 100000  # something like 3,000 lines of code
+CONTEXT = 3       # how many lines of code around an error should we highlight?
 
 class PuppetValidator < Sinatra::Base
+  require 'puppet-validator/validators'
+  require 'puppet-validator/helpers'
+
   set :logging, true
   set :strict, true
 
@@ -25,6 +24,7 @@ class PuppetValidator < Sinatra::Base
     if settings.csrf
       session[:csrf] ||= SecureRandom.hex(32)
       response.set_cookie 'authenticity_token', {
+        :path    => '/',
         :value   => session[:csrf],
         :expires => Time.now + (60 * 60 * 24),
       }
@@ -34,16 +34,6 @@ class PuppetValidator < Sinatra::Base
   def initialize(app=nil)
     super(app)
 
-    Puppet.initialize_settings rescue nil
-    Puppet.settings[:app_management] = true if Gem::Version.new(Puppet.version) >= Gem::Version.new('4.3.2')
-
-    # set up the base environment
-    Puppet.push_context(Puppet.base_context(Puppet.settings), 'Setup for Puppet Validator') rescue nil
-
-    # disable as much disk access as possible
-    Puppet::Node::Facts.indirection.terminus_class = :memory
-    Puppet::Node.indirection.cache_class = nil
-
     # make sure that all the settings we expect are defined.
     [:disabled_lint_checks, :puppet_versions, :csrf].each do |name|
       next if settings.respond_to? name
@@ -68,175 +58,230 @@ class PuppetValidator < Sinatra::Base
       end
     end
 
-    # put our supported versions in reverse semver order
-    settings.puppet_versions = settings.puppet_versions.sort_by { |v| Gem::Version.new(v) }.reverse
+    # put all installed Puppet versions in reverse semver order
+    #settings.puppet_versions = settings.puppet_versions.sort_by { |v| Gem::Version.new(v) }.reverse
+    settings.puppet_versions = Gem::Specification.all.select {|g| g.name == 'puppet' }.collect {|g| g.version.to_s }
+
+    settings.logger.error "Please gem install one or more Puppet versions." if settings.puppet_versions.empty?
 
   end
 
   get '/' do
-    @versions = [Puppet.version] + settings.puppet_versions
+    @versions = settings.puppet_versions
+    @disabled = settings.disabled_lint_checks
+    # loads lint into global namespace, but I don't see an alternative
+    @checks   = PuppetValidator::Validators::Lint.all_checks
+
+    erb :index
+  end
+
+  get '/load/referer' do
+    redirect "/load/#{request.referer}"
+  end
+
+  get '/load/*' do
+    location = params[:splat].first.sub(/(https?:)\/\/?/, '\1//')
+    logger.info "Loading code from: #{location}"
+
+    uri = location.downcase.start_with?('http') ? URI.parse(location) : URI.parse("https://#{location}")
+
+    case uri.host
+    when 'gist.github.com'
+      path = uri.path.end_with?('/raw') ? uri : "#{uri}/raw"
+
+    when 'pastebin.com', 'hastebin.com'
+      path = uri.path.start_with?('/raw') ? uri : "#{uri.scheme}://#{uri.host}/raw#{uri.path}"
+
+    else
+      path = nil
+      logger.info "Unrecognized paste service: #{uri}"
+    end
+
+    @versions = settings.puppet_versions
     @disabled = settings.disabled_lint_checks
-    @checks   = puppet_lint_checks
+    # loads lint into global namespace, but I don't see an alternative
+    @checks   = PuppetValidator::Validators::Lint.all_checks
+    @location = location
+
+    if path
+      @code   = sanitize_code(open(path).read) rescue nil
+    end
 
     erb :index
   end
 
+  # The all-in-one blob that renders via an erb page
   post '/validate' do
     logger.info "Validating code from #{request.ip}."
     logger.debug "validating #{request.ip}: #{params['code']}"
 
-    halt 403, 'Request validation failed.' unless safe?
-
-    frag = Nokogiri::HTML.fragment(params['code'])
-    unless frag.elements.empty?
-      logger.warn 'HTML code found in validation string'
-      frag.elements.each { |elem| logger.debug "HTML: #{elem.to_s}" }
-      params['code'] = CGI.escapeHTML(params['code'])
+    if params.include? 'load'
+      redirect "/load/#{params['location']}"
     end
 
-    if request.body.size <= MAXSIZE
-      result = validate params['code']
-      lint   = lint(params['code'], params['checks']) if params['lint'] == 'on'
-      lint ||= {} # but make sure we have a data object to iterate
+    validate_request!
+    sanitize_code! # make code safe for re-rendering
 
-      @version       = Puppet.version
-      @code          = params['code']
-      @message       = result[:message]
-      @status        = result[:status] ? :success : :fail
-      @line          = result[:line]
-      @column        = result[:pos]
-      @lint_warnings = ! lint.empty?
+    PuppetValidator.run_in_process do
+      if params.include? 'relationships' and settings.graph
+        syntax = PuppetValidator::Validators::Syntax.new(settings)
+        results = syntax.validate(params['code'])
+        results[:status] ? syntax.render! : results[:message]
 
-      # initial highlighting for the potential syntax error
-      if @line
-        start   = [@line - CONTEXT, 1].max
-        initial = {"#{start}-#{@line}" => nil}
       else
-        initial = {}
+        @result           = validate_all
+        @result[:code]    = params['code']
+
+        erb :result
       end
+    end
+  end
 
-      # then add all the lint warnings and tooltip
-      @highlights = lint.inject(initial) do |acc, item|
-        acc.merge({item[:line] => "#{item[:kind].upcase}: #{item[:message]}"})
-      end.to_json
+  ################### API v0 endpoints ###################
 
-      @relationships = rendered_dot(@code) if params['relationships'] == 'on'
-    else
-      @message = "Submitted code size is #{request.body.size}, which is larger than the maximum size of #{MAXSIZE}."
-      @status  = :fail
-      logger.error @message
+  post '/api/v0/validate' do
+    validate_request!
+
+    PuppetValidator.run_in_process do
+      validate_all.to_json
+    end
+  end
+
+  post '/api/v0/validate/syntax' do
+    validate_request!
+
+    PuppetValidator.run_in_process do
+      syntax = PuppetValidator::Validators::Syntax.new(settings)
+      syntax.validate(params['code']).to_json
+    end
+  end
+
+  post '/api/v0/validate/relationships' do
+    validate_request!
+    halt 403, 'Graph generation disabled.' unless settings.graph
+
+    PuppetValidator.run_in_process do
+      syntax = PuppetValidator::Validators::Syntax.new(settings)
+
+      # need to prebuild the catalog first
+      results = syntax.validate(params['code'])
+      # return either an SVG or the error message
+      results[:status] ? syntax.render! : results[:message]
     end
 
-    erb :result
   end
 
+  post '/api/v0/validate/lint' do
+    validate_request!
+
+    PuppetValidator.run_in_process do
+      linter = PuppetValidator::Validators::Lint.new(settings)
+      linter.validate(params['code']).to_json
+    end
+  end
+
+  post '/api/v0/validate/rspec' do
+    validate_request!
+
+    PuppetValidator.run_in_process do
+      rspec = PuppetValidator::Validators::Rspec.new(settings)
+      rspec.validate(params['code'], params['spec']).to_json
+    end
+  end
+
+  #######################################################
+
   not_found do
     halt 404, "You shall not pass! (page not found)\n"
   end
 
   helpers do
 
-    def safe?
+    def validate_request!
+      csrf_safe!
+      check_size_limit!
+    end
+
+    def csrf_safe!
       return true unless settings.csrf
       if session[:csrf] == params['_csrf'] && session[:csrf] == request.cookies['authenticity_token']
         true
       else
-        logger.warn 'CSRF attempt detected.'
-        false
-      end
-    end
-
-    def validate(data)
-      begin
-        Puppet[:code] = data
-
-        if Puppet::Node::Environment.respond_to?(:create)
-          validation_environment = Puppet::Node::Environment.create(:production, [])
-          validation_environment.check_for_reparse
-        else
-          validation_environment = Puppet::Node::Environment.new(:production)
-        end
-
-        validation_environment.known_resource_types.clear
+        logger.warn 'CSRF attempt detected. Ensure that server time is correct.'
+        logger.debug "session: #{session[:csrf]}"
+        logger.debug "  param: #{params['_csrf']}"
+        logger.debug " cookie: #{request.cookies['authenticity_token']}"
 
-        {:status => true, :message => 'Syntax OK'}
-      rescue => detail
-        logger.warn detail.message
-        err = {:status => false, :message => detail.message}
-        err[:line] = detail.line if detail.methods.include? :line
-        err[:pos]  = detail.pos  if detail.methods.include? :pos
-        err
+        halt 403, 'Request validation failed.'
       end
     end
 
-    def lint(data, checks=nil)
-      begin
-        if checks
-          logger.info "Disabling checks: #{(puppet_lint_checks - checks).inspect}"
-
-          checks.each do |check|
-            PuppetLint.configuration.send("enable_#{check}")
-          end
-
-          (puppet_lint_checks - checks).each do |check|
-            PuppetLint.configuration.send("disable_#{check}")
-          end
-        else
-          logger.info "Disabling checks: #{settings.disabled_lint_checks.inspect}"
-
-          settings.disabled_lint_checks.each do |check|
-            PuppetLint.configuration.send("disable_#{check}")
-          end
-        end
+    def check_size_limit!
+      content = request.body.read
+      request.body.rewind
 
-        linter = PuppetLint.new
-        linter.code = data
-        linter.run
-        linter.print_problems
-      rescue => detail
-        logger.warn detail.message
-        nil
+      if content.size > MAXSIZE
+        halt 403, "Submitted code size is #{content.size}, which is larger than the maximum size of #{MAXSIZE}."
       end
     end
 
-    def puppet_lint_checks
-      # sanitize because reasonss
-      PuppetLint.configuration.checks.map {|check| check.to_s}
+    def sanitize_code!
+      params['code'] = sanitize_code(params['code'])
     end
 
-    def rendered_dot(code)
-      return unless settings.graph
-
-      begin
-        node    = Puppet::Node.indirection.find('validator')
-        catalog = Puppet::Resource::Catalog.indirection.find(node.name, :use_node => node)
-
-        # These calls are failing due to an internal method not being available in 2 & 3.x. Suspect
-        # that it's related to the compiler not being set up fully?
-        catalog.remove_resource(catalog.resource("Stage", :main)) rescue nil
-        catalog.remove_resource(catalog.resource("Class", :settings)) rescue nil
+    def sanitize_code(code)
+      frag = Nokogiri::HTML.fragment(code)
+      unless frag.elements.empty?
+        logger.warn 'HTML code found in validation string'
+        frag.elements.each { |elem| logger.debug "HTML: #{elem.to_s}" }
+        code = CGI.escapeHTML(code)
+      end
+      code
+    end
 
-        graph   = catalog.to_ral.relationship_graph.to_dot
+    def validate_all
+      syntax = PuppetValidator::Validators::Syntax.new(settings, params['version'])
+      result = syntax.validate(params['code'])
 
-        svg = GraphViz.parse_string(graph) do |graph|
-          graph[:label] = 'Resource Relationships'
+      # munge the data slightly to make it more consumable
+      result[:version]  = params['version']
+      result[:success]  = result[:status]
+      result[:status]   = result[:status] ? :success : :fail
+      result[:column]   = result[:pos]
+      result[:messages] = []
 
-          graph.each_node do |name, node|
-            next unless name.start_with? 'Whit'
-            newname = name.dup
-            newname.sub!('Admissible_class', 'Starting Class')
-            newname.sub!('Completed_class', 'Finishing Class')
-            node[:label] = newname[5..-2]
-          end
-        end.output(:svg => String)
+      # initial highlighting for the potential syntax error
+      if result[:line]
+        line       = result[:line]
+        start      = [line - CONTEXT, 0].max
+
+        result[:messages] << {
+            :from   => [start, 0],
+              :to   => [line - 1, result[:column]],
+          :message  => result[:message],
+          :severity => 'error',
+        }
+      end
 
-      rescue => detail
-        logger.warn detail.message
-        logger.debug detail.backtrace.join "\n"
-        return { :status => false, :message => detail.message }
+      # then add all the lint warnings and tooltip
+      if params['lint']
+        linter = PuppetValidator::Validators::Lint.new(settings)
+        lint   = linter.validate(params['code'], params['checks'])
+
+        result[:lint_warnings] = ! lint.empty?
+
+        lint.each do |item|
+          line = item[:line]-1;
+          result[:messages] << {
+                :from => [line, 0],
+                  :to => [line, 1000],
+             :message => "#{item[:kind].upcase}: #{item[:message]}",
+            :severity => 'warning'
+          }
+        end
       end
 
-      { :status => true, :data => svg }
+      result
     end
 
   end