reedb 0.10.rc1 → 0.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -12
- data/Gemfile.lock +17 -11
- data/bin/reedbd +65 -23
- data/lib/reedb/constants.rb +11 -23
- data/lib/reedb/daemon_wrapper.rb +138 -121
- data/lib/reedb/debouncer.rb +129 -0
- data/lib/reedb/errors/daemon_errors.rb +4 -4
- data/lib/reedb/errors/exit_errors.rb +12 -0
- data/lib/reedb/errors/reedb_errors.rb +21 -0
- data/lib/reedb/errors/vault_errors.rb +8 -6
- data/lib/reedb/reevault.rb +84 -72
- data/lib/reedb/security/encryption.rb +1 -5
- data/lib/reedb/security/tokens.rb +21 -0
- data/lib/reedb/utils/logger.rb +5 -5
- data/lib/reedb/utils/uuids.rb +40 -132
- data/lib/reedb.rb +518 -272
- data/reedb.gemspec +32 -24
- data/tests/embeddedc/MyTest/Makefile +238 -0
- data/tests/embeddedc/MyTest/MyTest.c +27 -0
- data/tests/embeddedc/MyTest/MyTest.o +0 -0
- data/tests/embeddedc/MyTest/extconf.rb +11 -0
- data/tests/embeddedc/MyTest/mytest.so +0 -0
- data/tests/embeddedc/mytest.rb +8 -0
- data/tests/http_tester.py +208 -0
- data/tests/play.rb +60 -4
- data/tests/tests.rb +7 -59
- data/tmp/gems/aes-0.5.0.spec +80 -0
- data/tmp/gems/digest-tiger-1.0.2.spec +85 -0
- data/tmp/gems/main.template +118 -0
- data/tmp/gems/twofish-1.0.5.spec +75 -0
- metadata +45 -16
- data/.ruby-gemset +0 -1
- data/.ruby-version +0 -1
data/lib/reedb.rb
CHANGED
@@ -1,44 +1,40 @@
|
|
1
1
|
# ====================================================
|
2
2
|
# Copyright 2015 Lonely Robot (see @author)
|
3
|
-
# @author: Katharina Sabel | www.
|
3
|
+
# @author: Katharina Sabel | www.lonelyrobot.io
|
4
4
|
#
|
5
5
|
# Distributed under the GNU Lesser GPL Version 3
|
6
6
|
# (See accompanying LICENSE file or get a copy at
|
7
7
|
# https://www.gnu.org/licenses/lgpl.html)
|
8
8
|
# ====================================================
|
9
9
|
|
10
|
+
'' '
|
11
|
+
This is the core file for the Reedb module. It consists of
|
12
|
+
multiple sub-modules that handle different operations of the
|
13
|
+
Reedb daemon/ toolkit (when developing with it as a Gem depenency.
|
14
|
+
' ''
|
15
|
+
|
10
16
|
# Internal requirements
|
11
17
|
require_relative 'reedb/errors/daemon_errors'
|
18
|
+
require_relative 'reedb/errors/reedb_errors'
|
19
|
+
require_relative 'reedb/errors/exit_errors'
|
12
20
|
|
21
|
+
# Meta information requirements
|
13
22
|
require_relative 'reedb/utils/meta_vault'
|
14
23
|
require_relative 'reedb/utils/utilities'
|
15
24
|
require_relative 'reedb/utils/logger'
|
16
|
-
require_relative 'reedb/utils/uuids'
|
25
|
+
# require_relative 'reedb/utils/uuids'
|
17
26
|
|
27
|
+
# Internals
|
18
28
|
require_relative 'reedb/constants'
|
29
|
+
require_relative 'reedb/debouncer'
|
19
30
|
require_relative 'reedb/reevault'
|
20
31
|
|
21
32
|
|
22
33
|
# System requirements
|
23
34
|
require 'securerandom'
|
35
|
+
require 'uuid'
|
24
36
|
|
25
37
|
module Reedb
|
26
|
-
class << self
|
27
|
-
# Returns the platform/ architecture of the daemon and vault handler
|
28
|
-
|
29
|
-
def archos() (return @@archos) end
|
30
|
-
|
31
|
-
# Returns whether or not this is a daemon
|
32
|
-
def daemon?() (return @@daemon) end
|
33
|
-
|
34
|
-
# Returns the minimum passphrase length is
|
35
|
-
def passlength() (return @@pw_length) end
|
36
|
-
|
37
|
-
# Returns whether verbose mode is enabled
|
38
|
-
def verbose?() (return @@verbose) end
|
39
|
-
end
|
40
|
-
|
41
|
-
|
42
38
|
def self.included(api)
|
43
39
|
class << api
|
44
40
|
|
@@ -46,15 +42,16 @@ module Reedb
|
|
46
42
|
@@started = false
|
47
43
|
|
48
44
|
# Some more runtime variables
|
49
|
-
@@path = Reedb::
|
50
|
-
@@config_path = Reedb::
|
45
|
+
@@path = Reedb::DEFAULT_PATH
|
46
|
+
@@config_path = Reedb::DEFAULT_PATH
|
51
47
|
@@no_token = false
|
52
48
|
@@verbose = false
|
53
49
|
@@pw_length = -1
|
54
50
|
@@cleanup = true
|
55
51
|
@@daemon = true
|
56
52
|
@@archos = nil
|
57
|
-
|
53
|
+
@@lock_file = nil
|
54
|
+
|
58
55
|
# Stores the active vaults
|
59
56
|
@@active_vaults = {}
|
60
57
|
|
@@ -67,6 +64,34 @@ module Reedb
|
|
67
64
|
# PRIVATE FUNCTIONS BELOW
|
68
65
|
private
|
69
66
|
|
67
|
+
@@debouncer = nil
|
68
|
+
# @return [Object] Debouncer class to handle updates on vaults
|
69
|
+
def debouncer;
|
70
|
+
@@debouncer
|
71
|
+
end
|
72
|
+
|
73
|
+
@@debounce_thread = nil
|
74
|
+
# @return [Object] Debouncer THREAD! to handle updates on vaults
|
75
|
+
def debounce_thread;
|
76
|
+
@@debounce_thread
|
77
|
+
end
|
78
|
+
|
79
|
+
# Method that gets called whenever a change to the currently active vault set occurs.
|
80
|
+
# It will give change information to the debounce handler that then updates it's secondary vault set
|
81
|
+
# for debouncing.
|
82
|
+
# This can UNDER NO CIRCUMSTANCES (!) ever be called from an outside source!
|
83
|
+
#
|
84
|
+
# @param [String] uuid of the vault
|
85
|
+
# @param [String] token for the vault
|
86
|
+
# @param [Enum] marker to describe what to do
|
87
|
+
#
|
88
|
+
# @return nil
|
89
|
+
#
|
90
|
+
def mirror_debounce(uuid, token, marker)
|
91
|
+
return @@debouncer.add_vault(uuid, token) if marker == Reedb::DEB_ADD
|
92
|
+
return @@debouncer.remove_vault(uuid) if marker == Reedb::DEB_REM
|
93
|
+
end
|
94
|
+
|
70
95
|
# Generates an authentication token for vault access.
|
71
96
|
# The function also adds the token, bound to the vault name, to the
|
72
97
|
# @@tokens set.
|
@@ -74,15 +99,19 @@ module Reedb
|
|
74
99
|
# Params: 'name' of the vault
|
75
100
|
# 'path' of the vault
|
76
101
|
#
|
77
|
-
#
|
102
|
+
# @return [String] Base64 encoded token
|
78
103
|
#
|
79
|
-
def generate_token(uuid, path)
|
104
|
+
def generate_token(uuid, path, permanent = false)
|
105
|
+
puts '[WARN] Not implemented!' if permanent
|
106
|
+
|
80
107
|
# Concatinates the token together and base64 encodes it
|
81
108
|
token = Base64.encode64("#{SecureRandom.base64(Reedb::TOKEN_BYTE_SIZE)}--#{uuid}--#{SecureRandom.base64(Reedb::TOKEN_BYTE_SIZE)}--#{path}--#{SecureRandom.base64(Reedb::TOKEN_BYTE_SIZE)}")
|
82
109
|
token.delete!("\n")
|
110
|
+
|
83
111
|
@@tokens[token] = [] unless @@tokens.include?(token)
|
84
112
|
@@tokens[token] << uuid
|
85
|
-
|
113
|
+
|
114
|
+
update_tracked_vault(uuid, nil, nil, nil, token)
|
86
115
|
return token
|
87
116
|
end
|
88
117
|
|
@@ -95,30 +124,31 @@ module Reedb
|
|
95
124
|
# tokens => Authentication token for applications
|
96
125
|
#
|
97
126
|
def track_vault(name, path, size, uuid)
|
98
|
-
@@config[:vaults][
|
127
|
+
@@config[:vaults][uuid] = {} unless @@config[:vaults].include?(uuid)
|
99
128
|
|
100
129
|
# Adds actual size as soon as the vault gets unlocked by an application
|
101
|
-
@@config[:vaults][
|
102
|
-
@@config[:vaults][
|
103
|
-
@@config[:vaults][
|
130
|
+
@@config[:vaults][uuid][:meta] = MetaVault.new("#{name}", "#{path}", size, uuid)
|
131
|
+
@@config[:vaults][uuid][:tokens] = [] unless @@config[:vaults][uuid][:tokens]
|
132
|
+
@@config[:vaults][uuid][:tokens] = [] # Do I need this?
|
104
133
|
|
105
134
|
write_config
|
106
135
|
end
|
107
136
|
|
108
|
-
def untrack_vault
|
109
|
-
@@config[:vaults]
|
137
|
+
def untrack_vault(uuid)
|
138
|
+
@@config[:vaults].delete(uuid) if @@config[:vaults].include?(uuid)
|
139
|
+
write_config
|
110
140
|
end
|
111
141
|
|
112
142
|
def update_tracked_vault(uuid, name, path, size, token)
|
113
143
|
token.delete!("\n")
|
114
|
-
return nil unless @@config[:vaults].include?(uuid)
|
144
|
+
(puts 'ERROR! UUID not in config!'; return nil) unless @@config[:vaults].include?(uuid)
|
115
145
|
|
116
|
-
@@config[:vaults][
|
117
|
-
@@config[:vaults][
|
118
|
-
@@config[:vaults][
|
146
|
+
@@config[:vaults][uuid][:meta].name = name if name
|
147
|
+
@@config[:vaults][uuid][:meta].path = path if path
|
148
|
+
@@config[:vaults][uuid][:meta].size = size if size
|
119
149
|
|
120
|
-
@@config[:vaults][
|
121
|
-
@@config[:vaults][
|
150
|
+
@@config[:vaults][uuid][:tokens] = [] unless @@config[:vaults][uuid][:tokens]
|
151
|
+
@@config[:vaults][uuid][:tokens] << token if token
|
122
152
|
|
123
153
|
write_config
|
124
154
|
end
|
@@ -128,9 +158,9 @@ module Reedb
|
|
128
158
|
def remove_token(uuid, token)
|
129
159
|
token.delete!("\n")
|
130
160
|
return nil unless @@config[:vaults].include?(uuid)
|
131
|
-
return nil unless @@config[:vaults][
|
132
|
-
|
133
|
-
@@config[:vaults][
|
161
|
+
return nil unless @@config[:vaults][uuid][:tokens].include?(token)
|
162
|
+
|
163
|
+
@@config[:vaults][uuid][:tokens].delete(token)
|
134
164
|
write_config
|
135
165
|
end
|
136
166
|
|
@@ -157,11 +187,11 @@ module Reedb
|
|
157
187
|
|
158
188
|
# At this point @@config has been loaded
|
159
189
|
vault_count = @@config[:vaults].size
|
160
|
-
DaemonLogger.write("Found #{vault_count} vault(s) on the system.",
|
190
|
+
DaemonLogger.write("Found #{vault_count} vault(s) on the system.", 'debug')
|
161
191
|
end
|
162
192
|
|
163
193
|
# Check vault integreties here!
|
164
|
-
# Will try every vault in the config and remove the ones that are no longer
|
194
|
+
# Will try every vault in the config and remove the ones that are no longer
|
165
195
|
# available to avoid errors and access corruptions
|
166
196
|
#
|
167
197
|
def check_vault_integreties
|
@@ -178,6 +208,8 @@ module Reedb
|
|
178
208
|
DaemonLogger.write("Removing corrupted vault #{uuid}", 'warn')
|
179
209
|
@@config[:vaults].delete(uuid)
|
180
210
|
end
|
211
|
+
|
212
|
+
# Now save the mess you've made.
|
181
213
|
write_config
|
182
214
|
end
|
183
215
|
|
@@ -188,9 +220,38 @@ module Reedb
|
|
188
220
|
end
|
189
221
|
|
190
222
|
def read_config
|
191
|
-
data = File.open(@@config_path,
|
223
|
+
data = File.open(@@config_path, 'rb').read
|
192
224
|
@@config = Marshal.load(data)
|
193
225
|
end
|
226
|
+
end # Implicit required file, not inspected
|
227
|
+
end
|
228
|
+
|
229
|
+
class << self
|
230
|
+
# Returns
|
231
|
+
|
232
|
+
@@archos = nil
|
233
|
+
# @return [String] the platform/ architecture of the daemon and vault handler
|
234
|
+
def archos;
|
235
|
+
@@archos
|
236
|
+
end
|
237
|
+
|
238
|
+
@@pw_length = -1
|
239
|
+
# @return [Integer] the minimum passphrase length is
|
240
|
+
def passlength;
|
241
|
+
@@pw_length
|
242
|
+
end
|
243
|
+
|
244
|
+
@@verbose = false
|
245
|
+
# @return [Bool] whether verbose mode is enabled
|
246
|
+
def verbose?;
|
247
|
+
@@archos
|
248
|
+
end
|
249
|
+
|
250
|
+
|
251
|
+
@@daemon = true
|
252
|
+
# @return [Bool] whether Reedb is running as a daemon
|
253
|
+
def daemon?
|
254
|
+
@@archos
|
194
255
|
end
|
195
256
|
end
|
196
257
|
|
@@ -200,93 +261,197 @@ module Reedb
|
|
200
261
|
|
201
262
|
class << self
|
202
263
|
|
203
|
-
|
204
|
-
|
264
|
+
# Initialise Reedb with a set of parameters passed into this method.
|
265
|
+
# Please check the wiki to find out what option parameters are
|
266
|
+
# available to use here.
|
267
|
+
#
|
268
|
+
# @param options [Hash] Parameters to run Reedb by sorted in a
|
269
|
+
# hash datastructure.
|
270
|
+
#
|
271
|
+
# @return nil
|
272
|
+
#
|
273
|
+
def init(options, &user_code)
|
274
|
+
unless options.include?(:os) && options.include?(:pw_length)
|
275
|
+
puts 'Missing :os (:linux|:osx) and/or :pw_length fields from options!'
|
276
|
+
exit Reedb::EXIT_OS_PARSE
|
277
|
+
end
|
278
|
+
|
279
|
+
# Checks if user code was provided and exits the entire application if not provided!
|
280
|
+
if user_code == nil && !options[:daemon]
|
281
|
+
puts 'No user function was provided to run! Reedb must run in daemon mode to do that!'
|
282
|
+
exit Reedb::EXIT_MISSING_USER_CODE
|
283
|
+
end
|
284
|
+
|
285
|
+
@@daemon = options.include?(:daemon) ? options[:daemon] : true
|
205
286
|
@@archos = options[:os]
|
206
287
|
@@pw_length = options[:pw_length]
|
207
|
-
@@verbose =
|
208
|
-
@@no_token =
|
288
|
+
@@verbose = options.include?(:verbose) ? options[:verbose] : false
|
289
|
+
@@no_token = options.include?(:no_token) ? options[:no_token] : false
|
290
|
+
override = options.include?(:force) ? options[:force] : false
|
209
291
|
|
210
292
|
if @@no_token
|
211
|
-
puts
|
293
|
+
puts 'NO_TOKEN mode has not been implemented yet! Defaulting to token mode.'
|
212
294
|
@@no_token = false
|
213
295
|
end
|
214
|
-
|
215
|
-
@@path
|
296
|
+
|
297
|
+
# Now @@path is either a path OR a placeholder.
|
298
|
+
@@path = options.include?(:path) ? options[:path] : Reedb::DEFAULT_PATH
|
216
299
|
|
217
300
|
# Enable cleanup mode
|
218
301
|
# This means that the config will be cleaned and unused tokens removed
|
219
302
|
# instead of leaving them in the file and configurations.
|
220
303
|
# It is recommended to use cleanup mode.
|
221
304
|
#
|
222
|
-
@@cleanup =
|
305
|
+
@@cleanup = options.include?(:cleanup) ? options[:cleanup] : true
|
223
306
|
|
224
307
|
# Set of vaults that map a VaultBuffer to the vault itself.
|
225
308
|
# Never exposed outside the API
|
226
309
|
#
|
227
310
|
@@active_vaults = {}
|
228
|
-
|
311
|
+
|
229
312
|
# List of tokens authorised for this daemon. Maps tokens to vault names.
|
230
313
|
# This is used for authentication and never exposed to the outside API
|
231
314
|
# NOTE! This is not used when the :no_token option is enabled
|
232
315
|
#
|
233
316
|
@@tokens = {} unless @@no_token
|
234
317
|
|
235
|
-
if @@archos == :linux
|
236
|
-
master_path = File.expand_path('~/.config/reedb/')
|
237
318
|
|
238
|
-
|
239
|
-
|
319
|
+
# This is called when the default path applies
|
320
|
+
if @@path == Reedb::DEFAULT_PATH
|
321
|
+
|
322
|
+
# For good operating systems.
|
323
|
+
if @@archos == :linux
|
324
|
+
master_path = File.expand_path('~/.config/reedb/')
|
325
|
+
master_path = '/etc/reedb' if Utilities::parse_user == 'root'
|
326
|
+
|
327
|
+
log_path = File.expand_path('~/.config/reedb/logs/')
|
328
|
+
|
329
|
+
# For OSX
|
330
|
+
elsif @@archos == :osx
|
331
|
+
master_path = File.expand_path('~/Library/Application\ Support/reedb/')
|
332
|
+
master_path = '/Library/Application\ Support/reedb' if Utilities::parse_user == 'root'
|
240
333
|
|
241
|
-
|
242
|
-
@@config_path = File.join("#{master_path}", "master.cfg")
|
334
|
+
log_path = File.expand_path('~/Library/Application\ Support/reedb/logs/')
|
243
335
|
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
@@
|
336
|
+
elsif @@archos == :win
|
337
|
+
puts 'This is currently not supported :( Sorry.'
|
338
|
+
# Windows crap
|
339
|
+
elsif @@archos == :other
|
340
|
+
raise UnknownOSError.new, 'Operating system was not specified, yet an override path was not specified either. Can not continue without more information!'
|
341
|
+
exit(Reedb::EXIT_OS_PARSE)
|
342
|
+
else
|
343
|
+
raise UnknownOSError.new, "Could not recognise specified OS. What are you running? Why don't you go here:
|
344
|
+
getfedora.org :)"
|
345
|
+
exit(Reedb::EXIT_OS_PARSE)
|
346
|
+
end
|
248
347
|
else
|
249
|
-
|
348
|
+
master_path = @@path
|
349
|
+
log_path = File.join("#{master_path}", 'logs')
|
250
350
|
end
|
251
351
|
|
252
|
-
#
|
253
|
-
|
352
|
+
# Sets up the config path
|
353
|
+
@@config_path = File.join("#{master_path}", 'master.cfg')
|
354
|
+
@@lock_file = File.join("#{master_path}", 'lock')
|
355
|
+
|
356
|
+
# Now go create directories if they need to be created.
|
357
|
+
FileUtils::mkdir_p("#{log_path}") unless File.directory?("#{log_path}")
|
254
358
|
FileUtils::chmod_R(0744, "#{log_path}")
|
255
359
|
FileUtils::chmod_R(0744, "#{master_path}")
|
256
|
-
|
360
|
+
|
361
|
+
# Now that pathing has been established, check if there is a lock file.
|
362
|
+
if File.exist?(@@lock_file) && !override
|
363
|
+
puts '[FATAL] Another instance of Reedb is already operating from this directory! Choose another directory or terminate the old instance first!'
|
364
|
+
exit(Reedb::EXIT_STILL_LOCKED)
|
365
|
+
elsif File.exist?(@@lock_file) && override
|
366
|
+
puts "There was another instance of Reedb running but you forced my hand. It's dead now..."
|
367
|
+
end
|
368
|
+
|
369
|
+
# Create a lock file
|
370
|
+
File.open(@@lock_file, 'w+') { |f| f.write('Hier koennte Ihre Werbung stehen.') }
|
371
|
+
|
372
|
+
# Start up the logging service.
|
257
373
|
Reedb::DaemonLogger.setup("#{log_path}")
|
374
|
+
|
375
|
+
# Now go and declare this daemon started and log it.
|
258
376
|
@@started = true
|
259
|
-
Reedb::DaemonLogger.write(
|
377
|
+
Reedb::DaemonLogger.write('Reedb was started successfully. Reading vault information now...', 'debug')
|
260
378
|
|
261
379
|
# Now cache the config
|
262
380
|
cache_config
|
263
381
|
|
264
|
-
|
265
|
-
|
266
|
-
|
382
|
+
'' '
|
383
|
+
The bottom part initiates the main run look that bounces between debouncer thread and user code.
|
384
|
+
This function only returns after all the user code was handled.
|
385
|
+
' ''
|
386
|
+
|
387
|
+
# Open debounce object
|
388
|
+
@@debouncer = Reedb::Debouncer.new(self)
|
389
|
+
|
267
390
|
|
391
|
+
# Now actually run the code on two threads and hope that the scheduler does it's job!
|
392
|
+
@@debouncerThread = Thread.new { @@debouncer.main }
|
393
|
+
user = Thread.new(&user_code)
|
268
394
|
|
269
|
-
|
270
|
-
|
395
|
+
# Wait for user code to terminate
|
396
|
+
user.join
|
397
|
+
|
398
|
+
# Then call terminate just in case they haven't yet
|
399
|
+
Reedb::Core::terminate('null', true)
|
400
|
+
end
|
401
|
+
|
402
|
+
# Terminate Reedb with a reason. After calling this function the
|
403
|
+
# core functionality (and depending interfaces on the stack)
|
404
|
+
# is no longer available.
|
405
|
+
#
|
406
|
+
# @param reason [String] Reason why Reedb is being terminated to
|
407
|
+
# be written into central logs.
|
408
|
+
#
|
409
|
+
# @return nil
|
410
|
+
#
|
411
|
+
def terminate(reason = nil, silent = false)
|
412
|
+
puts 'Must start process first' if !@@started && !silent
|
413
|
+
return unless @@started
|
271
414
|
|
272
|
-
new_reason =
|
273
|
-
new_reason =
|
274
|
-
new_reason =
|
415
|
+
new_reason = 'unknown reason'
|
416
|
+
new_reason = 'a user request' if reason == 'user'
|
417
|
+
new_reason = 'a system request' if reason == 'root'
|
275
418
|
|
276
419
|
# My first easter-egg. Yay! :)
|
277
|
-
new_reason =
|
420
|
+
new_reason = 'the illuminati' if reason == 'aliens'
|
278
421
|
|
279
|
-
DaemonLogger.write("[
|
422
|
+
DaemonLogger.write("[TERM]: Scheduling termination because of #{new_reason}.")
|
280
423
|
|
281
|
-
#
|
424
|
+
# Let the debouncer thread time out
|
425
|
+
@@debouncer.running = false
|
426
|
+
sleep(Reedb::THREAD_TIMEOUT_TIME)
|
427
|
+
|
428
|
+
# Then join it and be done with it
|
429
|
+
@@debouncerThread.join
|
282
430
|
|
283
|
-
@@started = false
|
284
431
|
# Closing open vaults here
|
285
|
-
counter = 0
|
286
|
-
|
432
|
+
counter = 0
|
433
|
+
|
434
|
+
# Iterate over active vaults
|
435
|
+
@@active_vaults.each do |uuid, vault|
|
436
|
+
vault.close
|
437
|
+
|
438
|
+
# Iterate over the token list and remove them until all are gone
|
439
|
+
# TODO: Search for a more Ruby-esk way to do this.
|
440
|
+
while !@@config[:vaults][uuid][:tokens].empty?
|
441
|
+
Reedb::Daemon::free_token(@@config[:vaults][uuid][:tokens][0])
|
442
|
+
end
|
443
|
+
counter += 1
|
444
|
+
end
|
445
|
+
write_config
|
446
|
+
|
447
|
+
# Then declare Reedb terminated and remove the lock file
|
448
|
+
@@started = false
|
449
|
+
File.delete(@@lock_file) if File.exist?(@@lock_file)
|
450
|
+
DaemonLogger.write("[TERM]: Closed #{counter} vaults. Done!")
|
451
|
+
return 0
|
287
452
|
end
|
288
453
|
end
|
289
|
-
end
|
454
|
+
end # module core end.
|
290
455
|
|
291
456
|
# Config submodule of the Interface stack
|
292
457
|
module Config
|
@@ -294,28 +459,39 @@ module Reedb
|
|
294
459
|
include Reedb
|
295
460
|
class << self
|
296
461
|
|
297
|
-
def dump_config
|
298
|
-
return @@config
|
299
|
-
end
|
300
|
-
|
301
462
|
# Set a global timeout time to all vaults. Determine when a vault will
|
302
463
|
# be unloaded or the daemon will lock itself.
|
303
464
|
# Time provided in seconds
|
304
465
|
#
|
305
|
-
def global_timeout
|
466
|
+
def global_timeout(dt)
|
467
|
+
Reedb::debouncer.set_custom_timeout(dt)
|
306
468
|
end
|
307
469
|
|
308
470
|
# Set the log state of the daemon. That determines what error calls will
|
309
471
|
# be logged and what will be ommited.
|
310
472
|
#
|
311
|
-
def logging_state
|
473
|
+
def logging_state(state)
|
474
|
+
state << ''
|
312
475
|
end
|
313
476
|
|
314
477
|
# Define a minimal passphrase length for vaults to have. This can
|
315
478
|
# break access to vaults if they were created on a different system
|
316
479
|
# so be careful with this!
|
317
|
-
#
|
318
|
-
def passphrase_length
|
480
|
+
#
|
481
|
+
def passphrase_length(length)
|
482
|
+
length << ''
|
483
|
+
end
|
484
|
+
|
485
|
+
# Because Reedb can be operated out of different paths at runtime
|
486
|
+
# (or initiation) this function in the Config::Master interface
|
487
|
+
# returns the path that this Reedb instance is keeping it's config.
|
488
|
+
#
|
489
|
+
# Because of this, external applications can write their configs into
|
490
|
+
# $(OPERAND_PATH)/apps if they do not bring their own configs directory.
|
491
|
+
#
|
492
|
+
# @return op_path
|
493
|
+
#
|
494
|
+
def get_operation_path
|
319
495
|
end
|
320
496
|
|
321
497
|
# Cleans the config file of broken vaults and config items. This is
|
@@ -324,26 +500,31 @@ module Reedb
|
|
324
500
|
def clean_config
|
325
501
|
|
326
502
|
end
|
327
|
-
end
|
328
|
-
end
|
503
|
+
end # self class end
|
504
|
+
end # module Config::Master end
|
329
505
|
|
330
506
|
module Vault
|
331
507
|
include Reedb
|
332
508
|
class << self
|
333
|
-
def set_vault_timeout
|
509
|
+
def set_vault_timeout(dt)
|
510
|
+
dt << ''
|
334
511
|
end
|
335
512
|
|
336
513
|
def add_header_field(field, type)
|
514
|
+
field << ''
|
515
|
+
type << field
|
337
516
|
end
|
338
517
|
|
339
518
|
def change_passphrase(old_phrase, new_phrase)
|
519
|
+
old_phrase << ''
|
520
|
+
new_phrase << '\n'
|
340
521
|
end
|
341
522
|
|
342
523
|
def read_config
|
343
524
|
end
|
344
|
-
end
|
345
|
-
end
|
346
|
-
end
|
525
|
+
end # self class end
|
526
|
+
end # module Config::Vault end
|
527
|
+
end # module config end
|
347
528
|
|
348
529
|
# Vault submodule of the Interface stack
|
349
530
|
module Vault
|
@@ -355,42 +536,42 @@ module Reedb
|
|
355
536
|
# Vaults are ordered in a dictionary under their UUID that's used by the
|
356
537
|
# Reedb daemon.
|
357
538
|
#
|
358
|
-
#
|
539
|
+
#
|
540
|
+
# @return available_vaults [Hash]
|
359
541
|
#
|
360
542
|
def available_vaults
|
361
543
|
available = {}
|
362
544
|
|
363
545
|
@@config[:vaults].each do |uuid, value|
|
364
|
-
# puts @@config[:vaults][
|
365
|
-
available[
|
366
|
-
available[
|
367
|
-
available[
|
368
|
-
available[
|
546
|
+
# puts @@config[:vaults][uuid]
|
547
|
+
available[uuid] = {}
|
548
|
+
available[uuid][:name] = value[:meta].name
|
549
|
+
available[uuid][:path] = value[:meta].path
|
550
|
+
available[uuid][:size] = value[:meta].size
|
369
551
|
end
|
370
552
|
return available
|
371
553
|
end
|
372
554
|
|
373
|
-
# Creates a new vault on the current system. Returns nil if vault
|
374
|
-
# location. Returns a token if the creation
|
375
|
-
# user side.
|
376
|
-
# Also adds that token to the @@tokens list
|
555
|
+
# Creates a new vault on the current system. Returns nil if vault
|
556
|
+
# already existed at location. Returns a token if the creation
|
557
|
+
# and authentication was successful on the user side.
|
377
558
|
#
|
378
|
-
#
|
559
|
+
# Also adds that token to the @@tokens list.
|
379
560
|
#
|
561
|
+
# ! THROWS A LOT OF EXCEPTIONS !
|
380
562
|
#
|
381
|
-
#
|
382
|
-
#
|
383
|
-
#
|
384
|
-
#
|
385
|
-
# 'encryption' method (:aes, :twofish, :auto)
|
563
|
+
# @param name [String] Name of the vault
|
564
|
+
# @param path [String] Path of the vault
|
565
|
+
# @param passphrase [String] User passphrase for decryption
|
566
|
+
# @param encryption [enum] Encryption method (:aes, :twofish, :auto)
|
386
567
|
#
|
387
|
-
#
|
568
|
+
# @return token [Base64 String]
|
388
569
|
#
|
389
570
|
def create_vault(name, path, passphrase, encryption = :auto)
|
390
571
|
# Creates new UUIDs until one is found that doesn't already exist in the scope
|
391
|
-
uuid =
|
572
|
+
uuid = UUID.new
|
392
573
|
loop do
|
393
|
-
uuid =
|
574
|
+
uuid = uuid.generate
|
394
575
|
(break) unless @@config[:vaults].include?(uuid)
|
395
576
|
end
|
396
577
|
|
@@ -399,48 +580,57 @@ module Reedb
|
|
399
580
|
tmp_vault = ReeVault.new("#{name}", "#{path}", encryption).create("#{passphrase}")
|
400
581
|
|
401
582
|
# Creates a metavault with name, path, size and uuid to be tracked on the system
|
402
|
-
# metavault = MetaVault.new("#{name}", "#{path}", 0,
|
583
|
+
# metavault = MetaVault.new("#{name}", "#{path}", 0, uuid)
|
403
584
|
|
404
585
|
# Adds vault to the active set of vaults
|
405
586
|
@@active_vaults[uuid] = tmp_vault
|
406
587
|
|
407
|
-
#
|
408
|
-
|
409
|
-
token = generate_token(uuid, path)
|
410
|
-
track_vault(name, path, 0, uuid)
|
411
|
-
return token.delete!("\n")
|
412
|
-
end
|
588
|
+
# Track the vault in the config
|
589
|
+
track_vault(name, path, 0, uuid)
|
413
590
|
|
414
|
-
#
|
415
|
-
|
416
|
-
return nil
|
417
|
-
end
|
591
|
+
# Generate a token
|
592
|
+
token = generate_token(uuid, path)
|
418
593
|
|
594
|
+
# Generate a token for the debouncer and remove it if the vault was already accessable
|
595
|
+
debouncer_token = generate_token(uuid, path)
|
596
|
+
check = mirror_debounce(uuid, debouncer_token, Reedb::DEB_ADD)
|
597
|
+
Reedb::remove_token(uuid, debouncer_token) unless check
|
419
598
|
|
420
|
-
|
421
|
-
|
599
|
+
# Then return the token for the user
|
600
|
+
token.delete!("\n")
|
601
|
+
return token
|
602
|
+
end
|
603
|
+
|
604
|
+
# !!! NOT IMPLEMENTED YET !!!
|
422
605
|
#
|
606
|
+
# ONLY PERMITTED WHEN IN NO_TOKEN MODE!
|
423
607
|
# Loads a vault with a UUID and passphrase into the current vault set.
|
424
608
|
# Ignores the token set (as not applicable when in token mode) and simply
|
425
609
|
# returns a confirmation that vault access was granted.
|
426
610
|
#
|
427
611
|
def access_vault(uuid, passphrase)
|
428
|
-
raise
|
612
|
+
raise MissingTokenError.new, 'Reedb is running in token mode. Please specify a token via the DAEMON module
|
613
|
+
access handler' unless @@no_token
|
614
|
+
|
615
|
+
raise FunctionNotImplementedError.new, 'This has not been implemented yet! Use token authentication via the DAEMON module.'
|
429
616
|
return false
|
430
|
-
end
|
431
617
|
|
618
|
+
# debouncer_token = generate_token(uuid, path)
|
619
|
+
# check = Reedb::mirror_debounce(uuid, debouncer_token, Reedb::DEB_ADD)
|
620
|
+
# Reedb::remove_token(uuid, debouncer_token) unless check
|
621
|
+
|
622
|
+
end
|
432
623
|
|
433
|
-
# Removes a vault from the file system. This requires special privileges
|
434
|
-
# to do via this interface to prevent deleting vaults without the users
|
435
|
-
# permission. Will also fire a user interrupt to alert them of this
|
624
|
+
# Removes a vault from the file system. This requires special privileges
|
625
|
+
# to do via this interface to prevent deleting vaults without the users
|
626
|
+
# permission. Will also fire a user interrupt to alert them of this
|
436
627
|
# behaviour depending on platform.
|
437
628
|
#
|
438
|
-
#
|
439
|
-
#
|
440
|
-
#
|
441
|
-
# 'token' of an application that needs to be authorised
|
629
|
+
# @param uuid [String] UUID of a vault (as an ID)
|
630
|
+
# @param passphrase [String] User passphrase for decryption
|
631
|
+
# @param token [String] Authentication token for validation
|
442
632
|
#
|
443
|
-
#
|
633
|
+
# @return success [Boolean]
|
444
634
|
#
|
445
635
|
def remove_vault(uuid, passphrase, token)
|
446
636
|
token.delete!("\n")
|
@@ -452,22 +642,24 @@ module Reedb
|
|
452
642
|
|
453
643
|
# Return false if vault is currently locked
|
454
644
|
return false if @@active_vaults[uuid].locked?
|
455
|
-
|
645
|
+
|
456
646
|
# Mark a vault for removal and only actually
|
457
647
|
raise FunctionNotImplementedError.new, "This has not been implemented yet! Don't do this."
|
458
648
|
return false
|
459
649
|
end
|
460
650
|
|
461
|
-
# Adds a new vault to the tracking scope of this Reedb daemon.
|
462
|
-
# or generate a new token for application interaction.
|
651
|
+
# Adds a new vault to the tracking scope of this Reedb daemon.
|
652
|
+
# Does not grant access or generate a new token for application interaction.
|
463
653
|
# On a new install usually called just before requesting a token
|
464
|
-
#
|
465
|
-
#
|
466
|
-
#
|
654
|
+
#
|
655
|
+
# @param name [String] Name of the vault
|
656
|
+
# @param path [String] Path of the vault
|
657
|
+
#
|
658
|
+
# @return success [Boolean]
|
467
659
|
#
|
468
660
|
def scope_vault(name, path)
|
469
661
|
# Checks if that specific vault was already scoped
|
470
|
-
@@config[:vaults].each do |
|
662
|
+
@@config[:vaults].each do |_, value|
|
471
663
|
if value[:meta].name == "#{name}" && value[:meta].path == "#{path}"
|
472
664
|
DaemonLogger.write("Vault already scoped at #{path}", 'info')
|
473
665
|
raise VaultAlreadyScopedError.new, "Vault #{name} already scoped!"
|
@@ -477,14 +669,14 @@ module Reedb
|
|
477
669
|
vault = ReeVault.new("#{name}", "#{path}", :auto)
|
478
670
|
# If it hasn't, proceed here
|
479
671
|
if vault.try?
|
480
|
-
uuid =
|
672
|
+
uuid = UUID.new
|
481
673
|
loop do
|
482
|
-
uuid =
|
674
|
+
uuid = uuid.generate
|
483
675
|
(break) unless @@config[:vaults].include?(uuid)
|
484
676
|
end
|
485
677
|
|
486
678
|
# At this point a vault has been confirmed and a UUID generated
|
487
|
-
track_vault(name, path, vault.count,
|
679
|
+
track_vault(name, path, vault.count, uuid)
|
488
680
|
DaemonLogger.write("Vault successfully scoped at #{path}", 'info')
|
489
681
|
cache_config
|
490
682
|
return true
|
@@ -495,131 +687,162 @@ module Reedb
|
|
495
687
|
end
|
496
688
|
end
|
497
689
|
|
690
|
+
|
498
691
|
# Removes a vault from the application scope with a uuid.
|
499
692
|
# Closes the vault from the active vault set.
|
500
693
|
#
|
501
|
-
#
|
694
|
+
# @param uuid [String] UUID of a vault (as an ID)
|
695
|
+
#
|
696
|
+
# @return success [Boolean]
|
502
697
|
#
|
503
698
|
def unscope_vault(uuid)
|
504
|
-
unless @@config[:vaults][
|
699
|
+
unless @@config[:vaults][uuid]
|
505
700
|
raise VaultNotScopedError.new, "Vault #{name} not scoped!"
|
506
|
-
return
|
701
|
+
return nil
|
507
702
|
end
|
508
703
|
|
509
|
-
path = @@config[:vaults][
|
704
|
+
path = @@config[:vaults][uuid][:path]
|
510
705
|
DaemonLogger.write("Unscoping vault #{uuid} at #{path}")
|
511
|
-
@@active_vaults[
|
512
|
-
@@config[:vaults].delete(
|
706
|
+
@@active_vaults[uuid].close if @@active_vaults[uuid]
|
707
|
+
@@config[:vaults].delete(uuid)
|
513
708
|
cache_config
|
514
709
|
end
|
515
710
|
|
516
|
-
#
|
517
|
-
#
|
518
|
-
#
|
711
|
+
# List headers from a vault with a search qeury (nil by default).
|
712
|
+
# Can only be used with a token on vaults that authentication has
|
713
|
+
# been successful before.
|
519
714
|
#
|
520
|
-
#
|
521
|
-
#
|
715
|
+
# @param uuid [String] UUID of a vault (as an ID)
|
716
|
+
# @param token [String] Authentication token for access
|
717
|
+
# @param search [String] Search qeury as described in the wiki
|
522
718
|
#
|
523
|
-
#
|
524
|
-
# according to the search queury
|
719
|
+
# @return headers [List]
|
525
720
|
#
|
526
721
|
def access_headers(uuid, token, search = nil)
|
527
722
|
token.delete!("\n")
|
528
|
-
raise VaultNotAvailableError.new, "The vault you have requested data from is not currently active on this system." unless @@active_vaults["#{uuid}"]
|
529
723
|
|
530
|
-
raise
|
724
|
+
raise VaultNotAvailableError.new, 'The vault you have requested data from is not currently active on this system.' unless @@active_vaults[uuid]
|
725
|
+
raise UnknownTokenError.new, 'The token you provided is unknown to this system. Access denied!' unless @@tokens[token]
|
726
|
+
raise UnautherisedTokenError.new, 'The token you provided currently has no access to the desired vault. Access denied!' unless @@tokens[token].include?(uuid)
|
531
727
|
|
532
|
-
|
728
|
+
debouncer.debounce_vault(uuid)
|
533
729
|
|
534
|
-
|
535
|
-
return @@active_vaults["#{uuid}"].list_headers(search)
|
730
|
+
return @@active_vaults[uuid].list_headers(search)
|
536
731
|
end
|
537
732
|
|
538
|
-
|
539
|
-
#
|
540
|
-
#
|
541
|
-
#
|
733
|
+
# Access file contents with a file ID in a vault that a token has already
|
734
|
+
# been authenticated on.
|
735
|
+
#
|
736
|
+
# Depending on the history flag (false by default) the history or only
|
737
|
+
# current dataset will be returned.
|
542
738
|
#
|
543
|
-
#
|
544
|
-
#
|
739
|
+
# @param uuid [String] UUID of a vault (as an ID)
|
740
|
+
# @param token [String] Authentication token for access
|
741
|
+
# @param file_name [String] File identifier
|
742
|
+
# @param history [Boolean] history idenfitier
|
545
743
|
#
|
546
|
-
#
|
547
|
-
# as it's current version or it's edit history.
|
744
|
+
# @return file [Hash]
|
548
745
|
#
|
549
746
|
def access_file(uuid, token, file_name, history = false)
|
550
747
|
token.delete!("\n")
|
551
|
-
raise VaultNotAvailableError.new, "The vault you have requested data from is not currently active on this system." unless @@active_vaults["#{uuid}"]
|
552
748
|
|
553
|
-
raise
|
749
|
+
raise VaultNotAvailableError.new, 'The vault you have requested data from is not currently active on this system.' unless @@active_vaults[uuid]
|
750
|
+
raise UnknownTokenError.new, 'The token you provided is unknown to this system. Access denied!' unless @@tokens[token]
|
751
|
+
raise UnautherisedTokenError.new, 'The token you provided currently has no access to the desired vault. Access denied!' unless @@tokens[token].include?(uuid)
|
554
752
|
|
555
|
-
|
556
|
-
|
753
|
+
debouncer.debounce_vault(uuid)
|
754
|
+
|
755
|
+
return @@active_vaults[uuid].read_file(file_name, history)
|
557
756
|
end
|
558
757
|
|
559
|
-
|
560
|
-
#
|
561
|
-
#
|
758
|
+
|
759
|
+
# Access file contents with a file ID in a vault that a token has already
|
760
|
+
# been authenticated on.
|
761
|
+
#
|
762
|
+
# Inserts data into a vault. Depending on parameters and runtime settings
|
763
|
+
# this function has different effects. It can be used to create a new file
|
764
|
+
# if it doesn't already exists.
|
765
|
+
#
|
766
|
+
# Please refer to the wiki for details on how to use this function as it
|
767
|
+
# (! MAY !) have unwanted side-effects if it is used wrong!
|
562
768
|
#
|
563
|
-
#
|
564
|
-
#
|
769
|
+
# @param uuid [String] UUID of a vault (as an ID)
|
770
|
+
# @param token [String] Authentication token for access
|
771
|
+
# @param file_name [String] File identifier
|
772
|
+
# @param data [Hash] Data that should be written to the vault.
|
565
773
|
#
|
566
|
-
#
|
567
|
-
# version or it's edit history
|
774
|
+
# @return file [Hash]
|
568
775
|
#
|
569
776
|
def insert(uuid, token, file_name, data)
|
570
777
|
token.delete!("\n")
|
571
|
-
raise VaultNotAvailableError.new, "The vault you wish to insert data to is not currently active on this system." unless @@active_vaults["#{uuid}"]
|
572
778
|
|
573
|
-
raise
|
779
|
+
raise VaultNotAvailableError.new, 'The vault you have requested data from is not currently active on this system.' unless @@active_vaults[uuid]
|
780
|
+
raise UnknownTokenError.new, 'The token you provided is unknown to this system. Access denied!' unless @@tokens[token]
|
781
|
+
raise UnautherisedTokenError.new, 'The token you provided currently has no access to the desired vault. Access denied!' unless @@tokens[token].include?(uuid)
|
574
782
|
|
575
|
-
raise UnautherisedTokenError.new, "The token you provided currently has no access to the desired vault. Access denied!" unless @@tokens[token].include?(uuid)
|
576
783
|
|
577
784
|
DaemonLogger.write("Writing data to #{uuid}", 'debug')
|
785
|
+
@@debouncer.debounce_vault(uuid)
|
786
|
+
@@active_vaults[uuid].update(file_name, data)
|
578
787
|
|
579
|
-
@@active_vaults[
|
788
|
+
update_tracked_vault(uuid, nil, nil, @@active_vaults[uuid].count, token)
|
789
|
+
return nil
|
580
790
|
end
|
581
791
|
|
582
|
-
#
|
583
|
-
#
|
584
|
-
#
|
792
|
+
# Removes a file from a vault that a token was authorised to
|
793
|
+
# access. File is identified via an ID handle. This operation
|
794
|
+
# is dangerous as it can NOT be reverted!
|
585
795
|
#
|
586
|
-
#
|
587
|
-
#
|
796
|
+
# @param uuid [String] UUID of a vault (as an ID)
|
797
|
+
# @param token [String] Authentication token for access
|
798
|
+
# @param file_name [String] File identifier
|
588
799
|
#
|
589
|
-
#
|
590
|
-
# version or it's edit history
|
800
|
+
# @return nil
|
591
801
|
#
|
592
802
|
def remove(uuid, token, file_name)
|
593
803
|
token.delete!("\n")
|
594
|
-
raise VaultNotAvailableError.new, "The vault you wish to insert data to is not currently active on this system." unless @@active_vaults["#{uuid}"]
|
595
|
-
|
596
|
-
raise UnknownTokenError.new, "The token you provided is unknown to this system. Access denied!" unless @@tokens[token]
|
597
804
|
|
598
|
-
raise
|
805
|
+
raise VaultNotAvailableError.new, 'The vault you have requested data from is not currently active on this system.' unless @@active_vaults[uuid]
|
806
|
+
raise UnknownTokenError.new, 'The token you provided is unknown to this system. Access denied!' unless @@tokens[token]
|
807
|
+
raise UnautherisedTokenError.new, 'The token you provided currently has no access to the desired vault. Access denied!' unless @@tokens[token].include?(uuid)
|
599
808
|
|
600
809
|
DaemonLogger.write("Writing data to #{uuid}", 'debug')
|
810
|
+
Reedb::debouncer.debounce_vault(uuid)
|
601
811
|
|
602
|
-
|
812
|
+
|
813
|
+
@@active_vaults[uuid].remove_file(file_name)
|
814
|
+
update_tracked_vault(uuid, nil, nil, @@active_vaults[uuid].count, token)
|
815
|
+
return nil
|
603
816
|
end
|
604
817
|
|
605
818
|
|
606
|
-
#
|
819
|
+
# Closes a vault to end the file transaction between you and the vault.
|
820
|
+
# The encryption key will be unloaded and scrubbed from memory which means
|
821
|
+
# you will have to unlock a vault again
|
822
|
+
# (which usually means more user interaction).
|
823
|
+
#
|
824
|
+
# @param uuid [String] UUID of a vault (as an ID)
|
825
|
+
# @param token [String] Authentication token for access
|
826
|
+
#
|
827
|
+
# @return nil
|
607
828
|
#
|
608
829
|
def close_vault(uuid, token)
|
609
830
|
token.delete!("\n")
|
610
|
-
raise VaultNotAvailableError.new, "The vault you have requested data from is not currently active on this system." unless @@active_vaults["#{uuid}"]
|
611
831
|
|
612
|
-
raise
|
832
|
+
raise VaultNotAvailableError.new, 'The vault you have requested data from is not currently active on this system.' unless @@active_vaults[uuid]
|
833
|
+
raise UnknownTokenError.new, 'The token you provided is unknown to this system. Access denied!' unless @@tokens[token]
|
834
|
+
raise UnautherisedTokenError.new, 'The token you provided currently has no access to the desired vault. Access denied!' unless @@tokens[token].include?(uuid)
|
613
835
|
|
614
|
-
|
836
|
+
DaemonLogger.write("Closing vault with #{uuid}.", 'debug')
|
615
837
|
|
616
|
-
|
838
|
+
# Remove the vault from the debouncer
|
839
|
+
@@debouncer.remove_vault(uuid)
|
617
840
|
|
618
841
|
# Close the vault
|
619
|
-
@@active_vaults[
|
842
|
+
@@active_vaults[uuid].close
|
620
843
|
|
621
844
|
# Delete the vault from the active_vault record with UUID
|
622
|
-
@@active_vaults.delete(
|
845
|
+
@@active_vaults.delete(uuid)
|
623
846
|
|
624
847
|
# TODO: Alert other applications
|
625
848
|
# TODO: Don't delete the token if it is being used to access
|
@@ -627,39 +850,49 @@ module Reedb
|
|
627
850
|
@@tokens.delete(token)
|
628
851
|
|
629
852
|
# Removes token from config
|
630
|
-
|
631
|
-
@@config[:vaults]["#{uuid}"][:tokens].delete(token)
|
853
|
+
@@config[:vaults][uuid][:tokens].delete(token)
|
632
854
|
write_config
|
633
855
|
end
|
634
|
-
end
|
635
|
-
end
|
856
|
+
end # self class end
|
857
|
+
end # module vault end
|
636
858
|
|
637
859
|
module Daemon
|
638
860
|
include Reedb
|
639
861
|
|
640
862
|
class << self
|
863
|
+
|
641
864
|
# Request token for a vault permanently.
|
642
865
|
# Only used if @@no_token == false. Unlocks a vault as well
|
643
866
|
# with the user passphrase
|
644
867
|
#
|
645
|
-
#
|
646
|
-
#
|
868
|
+
# @param uuid [String] Internal UUID of the vault
|
869
|
+
# @param passphrase [String] Passphrase of the vault.
|
870
|
+
# @param permanent [Boolean] Indicates whether or not the app intends to come back
|
647
871
|
#
|
648
|
-
#
|
872
|
+
# @return token [Base64 String]
|
649
873
|
#
|
650
|
-
def request_token(uuid, passphrase,
|
874
|
+
def request_token(uuid, passphrase, permanent = false)
|
651
875
|
# If the vault is not currently open
|
652
876
|
unless @@active_vaults.include?(uuid)
|
653
877
|
unless @@config[:vaults][uuid]
|
654
|
-
DaemonLogger.write(
|
878
|
+
DaemonLogger.write('The requested vault is unknown to this system. Aborting operation!', 'error')
|
655
879
|
raise VaultNotScopedError.new, "Requested vault #{uuid} is unknown to reedb. Has it been scoped before?"
|
656
880
|
end
|
657
|
-
|
881
|
+
|
882
|
+
# Continue by initialising the vault according to saved information
|
658
883
|
name = @@config[:vaults][uuid][:meta].name
|
659
884
|
path = @@config[:vaults][uuid][:meta].path
|
660
|
-
@@active_vaults[uuid] = ReeVault.new("#{name}", "#{path}", :auto).load(passphrase)
|
885
|
+
@@active_vaults[uuid] = ReeVault.new("#{name}", "#{path}", :auto).load("#{passphrase}")
|
661
886
|
end
|
662
|
-
|
887
|
+
|
888
|
+
token = generate_token(uuid, path, permanent)
|
889
|
+
|
890
|
+
# Adds a token to the debouncer if it needs one, removes it again if it already knows and tracks the vault.
|
891
|
+
debouncer_token = generate_token(uuid, path)
|
892
|
+
check = mirror_debounce(uuid, debouncer_token, Reedb::DEB_ADD)
|
893
|
+
remove_token(uuid, debouncer_token) unless check
|
894
|
+
|
895
|
+
# puts "Tokens: #{@@tokens}"
|
663
896
|
return token
|
664
897
|
end
|
665
898
|
|
@@ -667,73 +900,86 @@ module Reedb
|
|
667
900
|
# an authentication token for a vault.
|
668
901
|
#
|
669
902
|
def access_with_token(uuid, token, passphrase)
|
670
|
-
token.delete!(
|
903
|
+
token.delete!('\n')
|
904
|
+
raise UnknownTokenError.new, 'Unknown Token!' unless @@config['tokens'][uuid]
|
671
905
|
end
|
906
|
+
|
672
907
|
# Call this function to free a token and remove it from the access
|
673
908
|
# tree. This means that the vault it used to access are not removed or
|
674
909
|
# unloaded for other applications to use. But the token can no longer
|
675
910
|
# be used for file access.
|
676
911
|
#
|
677
|
-
|
912
|
+
# @param token [String] Token to be freed
|
913
|
+
#
|
914
|
+
def free_token(token, batch = false)
|
678
915
|
token.delete!("\n")
|
679
916
|
|
680
917
|
# Throw a warning if the token isn't valid in the first place.
|
681
|
-
raise UnknownTokenError.new,
|
918
|
+
raise UnknownTokenError.new, 'The token you provided is unknown to this system' unless @@tokens.include?(token)
|
682
919
|
|
683
920
|
@@tokens[token].each do |uuid|
|
684
|
-
@@config[:vaults][
|
921
|
+
@@config[:vaults][uuid][:tokens].delete(token)
|
685
922
|
end
|
686
923
|
|
687
|
-
write_config
|
924
|
+
write_config unless batch
|
688
925
|
end
|
689
|
-
end #self class end
|
926
|
+
end # self class end
|
690
927
|
end # module Daemon end
|
691
928
|
end # Module Reedb end
|
692
929
|
|
693
|
-
|
694
|
-
|
695
|
-
|
696
|
-
|
697
|
-
|
698
|
-
|
699
|
-
#
|
700
|
-
# path
|
701
|
-
#
|
702
|
-
|
703
|
-
#
|
704
|
-
#
|
705
|
-
#
|
706
|
-
#
|
707
|
-
|
708
|
-
#
|
709
|
-
|
710
|
-
#
|
711
|
-
#
|
712
|
-
|
713
|
-
#
|
714
|
-
#
|
715
|
-
|
716
|
-
#
|
717
|
-
#
|
718
|
-
#
|
719
|
-
|
720
|
-
#
|
721
|
-
|
722
|
-
#
|
723
|
-
#
|
724
|
-
#
|
725
|
-
|
726
|
-
#
|
727
|
-
#
|
728
|
-
|
729
|
-
#
|
730
|
-
# Reedb::Vault::
|
731
|
-
#
|
732
|
-
|
733
|
-
#
|
734
|
-
|
735
|
-
#
|
736
|
-
#
|
737
|
-
|
738
|
-
#
|
739
|
-
#
|
930
|
+
# These options should be set when using Reedb as a normal dependency
|
931
|
+
# options = {
|
932
|
+
# :daemon => false, # !!! IMPORTANT !!!
|
933
|
+
# :os => :linux, # Pick whichever one applies (:linux, :osx, :win, :other)
|
934
|
+
# :pw_length => 16, # Is mandatory anyways
|
935
|
+
# :force => true, # Overwrites old instances of Reedb that might still be running
|
936
|
+
# # :no_token => true, # Doesn't actually do anything yet right now.
|
937
|
+
# # :path => "/some/path/here" # !!! IMPORTANT !!!
|
938
|
+
# }
|
939
|
+
#
|
940
|
+
# def test_script
|
941
|
+
# userpw = 'peterpanistderheld'
|
942
|
+
#
|
943
|
+
# begin
|
944
|
+
# Reedb::Vault::create_vault('default', '/home/spacekookie/Desktop', userpw)
|
945
|
+
# rescue
|
946
|
+
# puts 'Vault already exists...'
|
947
|
+
# end
|
948
|
+
#
|
949
|
+
# all = Reedb::Vault::available_vaults
|
950
|
+
# tuuid = nil
|
951
|
+
# all.each { |uuid, data| tuuid = uuid if data[:name] == 'default' && data[:path] == '/home/spacekookie/Desktop' }
|
952
|
+
#
|
953
|
+
# token = Reedb::Daemon::request_token(tuuid, userpw)
|
954
|
+
#
|
955
|
+
# data = {
|
956
|
+
# 'body' => {
|
957
|
+
# 'password' => 'mega_secure_password',
|
958
|
+
# 'username' => 'spacekookie'
|
959
|
+
# },
|
960
|
+
# 'header' => {
|
961
|
+
# 'urls' => 'www.lonelyrobot.io',
|
962
|
+
# 'tags' => %w(website games awesome)
|
963
|
+
# }
|
964
|
+
# }
|
965
|
+
# Reedb::Vault::insert(tuuid, token, 'My Face', data)
|
966
|
+
#
|
967
|
+
# file = Reedb::Vault::access_file(tuuid, token, 'My Face')
|
968
|
+
# puts file
|
969
|
+
#
|
970
|
+
# Reedb::Daemon::free_token(token)
|
971
|
+
#
|
972
|
+
# new_token = Reedb::Daemon::request_token(tuuid, userpw)
|
973
|
+
#
|
974
|
+
# begin
|
975
|
+
# Reedb::Vault::insert(tuuid, token, 'MegaBlast', data)
|
976
|
+
# rescue
|
977
|
+
# puts 'This token is no longer valid!'
|
978
|
+
# end
|
979
|
+
#
|
980
|
+
# Reedb::Vault::insert(tuuid, new_token, 'MegaBlast', data)
|
981
|
+
# sleep(15)
|
982
|
+
# end
|
983
|
+
#
|
984
|
+
# # Running Reedb with custom user code
|
985
|
+
# Reedb::Core::init(options) { test_script }
|