rhoconnect 5.1.1 → 5.5.0

data/lib/rhoconnect/middleware/cors.rb

@@ -1,209 +1,209 @@
-require 'logger'
-require 'rhoconnect/middleware/helpers'
-
-module Rack
-  class Cors
-    def initialize(app, opts={})
-      @app = app
-      @logger = opts[:logger]
-      yield self if block_given?
-    end
-
-    def allow
-      all_resources << (resources = Resources.new)
-      yield resources
-    end
-
-    def call(env)
-      if env['HTTP_ORIGIN'] == 'null'
-        env['HTTP_ORIGIN'] = 'file://'
-      end
-      if env['HTTP_X_ORIGIN'] and not env['HTTP_ORIGIN']
-        log 'ORIGIN header is empty, X-ORIGIN workaround header applied.'
-        env['HTTP_ORIGIN'] = env['HTTP_X_ORIGIN']
-      end
-      cors_headers = nil
-      if env['HTTP_ORIGIN']
-        if env['REQUEST_METHOD'] == 'OPTIONS'
-          if headers = process_preflight(env)
-            return [200, headers, ['']]
-          end
-        else
-          cors_headers = process_cors(env)
-        end
-      end
-      status, headers, body = @app.call env
-      headers = headers.merge(cors_headers) if cors_headers
-      [status, headers, body]
-    end
-
-    protected
-      def all_resources
-        @all_resources ||= []
-      end
-
-      def process_preflight(env)
-        resource = find_resource(env['HTTP_ORIGIN'], env['PATH_INFO'])
-        resource && resource.process_preflight(env)
-      end
-
-      def process_cors(env)
-        resource = find_resource(env['HTTP_ORIGIN'], env['PATH_INFO'])
-        resource.to_headers(env) if resource
-      end
-
-      def find_resource(origin, path)
-        allowed = all_resources.detect {|r| r.allow_origin?(origin)}
-        allowed ? allowed.find_resource(path) : nil
-      end
-
-      class Resources
-
-        def initialize
-          @origins = []
-          @resources = []
-          @public_resources = false
-        end
-
-        def origins(*args)
-          @origins = args.flatten.collect do |n|
-            if n.class == Regexp
-              n
-            else
-              case n
-              when /^[a-z]+:\/\// then n
-              when '*'
-                @public_resources = true
-                n
-              else
-                "http://#{n}"
-              end
-            end
-          end
-        end
-
-        def resource(path, opts={})
-          @resources << Resource.new(public_resources?, path, opts)
-        end
-
-        def public_resources?
-          @public_resources
-        end
-
-        def allow_origin?(source)
-          result = public_resources? || @origins.include?(source) ||
-              (not (@origins.select {|n| n.class == Regexp && n.match(source)}).empty?)
-          #TODO: to fix  "n.match(source)". Unsure, but it may lead to security risks.
-          result
-        end
-
-        def find_resource(path)
-          @resources.detect{|r| r.match?(path)}
-        end
-      end
-
-      class Resource
-        attr_accessor :path, :methods, :headers, :expose, :max_age, :credentials, :pattern
-
-        def initialize(public_resource, path, opts={})
-          self.path        = path
-          self.methods     = ensure_enum(opts[:methods]) || [:get]
-          self.credentials = opts[:credentials] || true
-          self.max_age     = opts[:max_age] || 1728000
-          self.pattern     = compile(path)
-          @public_resource = public_resource
-
-          self.headers = case opts[:headers]
-          when :any then :any
-          when nil then nil
-          else
-            [opts[:headers]].flatten.collect{|h| h.downcase}
-          end
-
-          self.expose = case opts[:expose]
-          when nil then nil
-          else
-            [opts[:expose]].flatten
-          end
-        end
-
-        def match?(path)
-          pattern =~ path
-        end
-
-        def process_preflight(env)
-          return nil if invalid_method_request?(env) || invalid_headers_request?(env)
-          {'Content-Type' => 'text/plain'}.merge(to_preflight_headers(env))
-        end
-
-        def to_headers(env)
-          x_origin = env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']
-          h = { 'Access-Control-Allow-Origin' => public_resource? ? '*' : env['HTTP_ORIGIN'],
-            'Access-Control-Allow-Methods'    => methods.collect{|m| m.to_s.upcase}.join(', '),
-            'Access-Control-Expose-Headers'    => expose.nil? ? '' : expose.join(', '),
-            'Access-Control-Max-Age'          => max_age.to_s }
-          h['Access-Control-Allow-Credentials'] = 'true' if credentials
-          h
-        end
-
-        protected
-          def public_resource?
-            @public_resource
-          end
-
-          def to_preflight_headers(env)
-            h = to_headers(env)
-            if env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']
-              h.merge!('Access-Control-Allow-Headers' => env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])
-            end
-            h
-          end
-
-          def invalid_method_request?(env)
-            request_method = env['HTTP_ACCESS_CONTROL_REQUEST_METHOD']
-            request_method.nil? || !methods.include?(request_method.downcase.to_sym)
-          end
-
-          def invalid_headers_request?(env)
-            request_headers = env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']
-            request_headers && !allow_headers?(request_headers)
-          end
-
-          def allow_headers?(request_headers)
-            return false if headers.nil?
-            headers == :any || begin
-              request_headers = request_headers.split(/,\s*/) if request_headers.kind_of?(String)
-              request_headers.all?{|h| headers.include?(h.downcase)}
-            end
-          end
-
-          def ensure_enum(v)
-            return nil if v.nil?
-            [v].flatten
-          end
-
-          def compile(path)
-            if path.respond_to? :to_str
-              special_chars = %w{. + ( )}
-              pattern =
-                path.to_str.gsub(/((:\w+)|[\*#{special_chars.join}])/) do |match|
-                  case match
-                  when "*"
-                    "(.*?)"
-                  when *special_chars
-                    Regexp.escape(match)
-                  else
-                    "([^/?&#]+)"
-                  end
-                end
-              /^#{pattern}$/
-            elsif path.respond_to? :match
-              path
-            else
-              raise TypeError, path
-            end
-          end
-      end
-
-  end
-end
+require 'logger'
+require 'rhoconnect/middleware/helpers'
+
+module Rack
+  class Cors
+    def initialize(app, opts={})
+      @app = app
+      @logger = opts[:logger]
+      yield self if block_given?
+    end
+
+    def allow
+      all_resources << (resources = Resources.new)
+      yield resources
+    end
+
+    def call(env)
+      if env['HTTP_ORIGIN'] == 'null'
+        env['HTTP_ORIGIN'] = 'file://'
+      end
+      if env['HTTP_X_ORIGIN'] and not env['HTTP_ORIGIN']
+        log 'ORIGIN header is empty, X-ORIGIN workaround header applied.'
+        env['HTTP_ORIGIN'] = env['HTTP_X_ORIGIN']
+      end
+      cors_headers = nil
+      if env['HTTP_ORIGIN']
+        if env['REQUEST_METHOD'] == 'OPTIONS'
+          if headers = process_preflight(env)
+            return [200, headers, ['']]
+          end
+        else
+          cors_headers = process_cors(env)
+        end
+      end
+      status, headers, body = @app.call env
+      headers = headers.merge(cors_headers) if cors_headers
+      [status, headers, body]
+    end
+
+    protected
+      def all_resources
+        @all_resources ||= []
+      end
+
+      def process_preflight(env)
+        resource = find_resource(env['HTTP_ORIGIN'], env['PATH_INFO'])
+        resource && resource.process_preflight(env)
+      end
+
+      def process_cors(env)
+        resource = find_resource(env['HTTP_ORIGIN'], env['PATH_INFO'])
+        resource.to_headers(env) if resource
+      end
+
+      def find_resource(origin, path)
+        allowed = all_resources.detect {|r| r.allow_origin?(origin)}
+        allowed ? allowed.find_resource(path) : nil
+      end
+
+      class Resources
+
+        def initialize
+          @origins = []
+          @resources = []
+          @public_resources = false
+        end
+
+        def origins(*args)
+          @origins = args.flatten.collect do |n|
+            if n.class == Regexp
+              n
+            else
+              case n
+              when /^[a-z]+:\/\// then n
+              when '*'
+                @public_resources = true
+                n
+              else
+                "http://#{n}"
+              end
+            end
+          end
+        end
+
+        def resource(path, opts={})
+          @resources << Resource.new(public_resources?, path, opts)
+        end
+
+        def public_resources?
+          @public_resources
+        end
+
+        def allow_origin?(source)
+          result = public_resources? || @origins.include?(source) ||
+              (not (@origins.select {|n| n.class == Regexp && n.match(source)}).empty?)
+          #TODO: to fix  "n.match(source)". Unsure, but it may lead to security risks.
+          result
+        end
+
+        def find_resource(path)
+          @resources.detect{|r| r.match?(path)}
+        end
+      end
+
+      class Resource
+        attr_accessor :path, :methods, :headers, :expose, :max_age, :credentials, :pattern
+
+        def initialize(public_resource, path, opts={})
+          self.path        = path
+          self.methods     = ensure_enum(opts[:methods]) || [:get]
+          self.credentials = opts[:credentials] || true
+          self.max_age     = opts[:max_age] || 1728000
+          self.pattern     = compile(path)
+          @public_resource = public_resource
+
+          self.headers = case opts[:headers]
+          when :any then :any
+          when nil then nil
+          else
+            [opts[:headers]].flatten.collect{|h| h.downcase}
+          end
+
+          self.expose = case opts[:expose]
+          when nil then nil
+          else
+            [opts[:expose]].flatten
+          end
+        end
+
+        def match?(path)
+          pattern =~ path
+        end
+
+        def process_preflight(env)
+          return nil if invalid_method_request?(env) || invalid_headers_request?(env)
+          {'Content-Type' => 'text/plain'}.merge(to_preflight_headers(env))
+        end
+
+        def to_headers(env)
+          x_origin = env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']
+          h = { 'Access-Control-Allow-Origin' => public_resource? ? '*' : env['HTTP_ORIGIN'],
+            'Access-Control-Allow-Methods'    => methods.collect{|m| m.to_s.upcase}.join(', '),
+            'Access-Control-Expose-Headers'    => expose.nil? ? '' : expose.join(', '),
+            'Access-Control-Max-Age'          => max_age.to_s }
+          h['Access-Control-Allow-Credentials'] = 'true' if credentials
+          h
+        end
+
+        protected
+          def public_resource?
+            @public_resource
+          end
+
+          def to_preflight_headers(env)
+            h = to_headers(env)
+            if env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']
+              h.merge!('Access-Control-Allow-Headers' => env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])
+            end
+            h
+          end
+
+          def invalid_method_request?(env)
+            request_method = env['HTTP_ACCESS_CONTROL_REQUEST_METHOD']
+            request_method.nil? || !methods.include?(request_method.downcase.to_sym)
+          end
+
+          def invalid_headers_request?(env)
+            request_headers = env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']
+            request_headers && !allow_headers?(request_headers)
+          end
+
+          def allow_headers?(request_headers)
+            return false if headers.nil?
+            headers == :any || begin
+              request_headers = request_headers.split(/,\s*/) if request_headers.kind_of?(String)
+              request_headers.all?{|h| headers.include?(h.downcase)}
+            end
+          end
+
+          def ensure_enum(v)
+            return nil if v.nil?
+            [v].flatten
+          end
+
+          def compile(path)
+            if path.respond_to? :to_str
+              special_chars = %w{. + ( )}
+              pattern =
+                path.to_str.gsub(/((:\w+)|[\*#{special_chars.join}])/) do |match|
+                  case match
+                  when "*"
+                    "(.*?)"
+                  when *special_chars
+                    Regexp.escape(match)
+                  else
+                    "([^/?&#]+)"
+                  end
+                end
+              /^#{pattern}$/
+            elsif path.respond_to? :match
+              path
+            else
+              raise TypeError, path
+            end
+          end
+      end
+
+  end
+end

data/lib/rhoconnect/middleware/x_domain_session_wrapper.rb

@@ -1,58 +1,58 @@
-require "cgi"
-require 'rhoconnect/middleware/helpers'
-
-module Rhoconnect
-  module Middleware
-    class XDomainSessionWrapper
-      def initialize(app, opts={})
-        @app = app
-        @session_cookie = opts[:session_cookie] || 'rhoconnect_session'
-        @api_uri_regexp = opts[:api_uri_regexp] || /\A\/api\/application/
-        @login_uri_regexp = opts[:login_uri_regexp] || /\A\/api\/application\/clientlogin/
-        yield self if block_given?
-      end
-
-      def is_sync_protocol(env)
-        # if it is rhoconnect protocol URI
-        @api_uri_regexp.match(env['PATH_INFO'])
-      end
-
-      def call(env)
-        if is_sync_protocol(env)
-          env['HTTP_COOKIE'] = env['HTTP_COOKIE'] || CGI.unescape(get_session_from_url(env))
-        end
-        #puts "and here #{@app.inspect} #{env.inspect}"
-        status, headers, body = @app.call(env)
-
-        if is_sync_protocol(env)
-          cookies = headers['Set-Cookie'].to_s
-          #puts "<----- Cookies: #{cookies}"
-          # put cookies to body as JSON on login success
-          if @login_uri_regexp.match(env['PATH_INFO']) && status == 200
-            body = session_json_from(cookies)
-            headers['Content-Length'] = body.length.to_s
-          end
-        end
-
-        # The Body itself should not be an instance of String,as this will break in Ruby 1.9
-        body = ["#{body}"] if body.is_a?(String)
-        [status, headers, body]
-      end
-
-      def session_json_from(cookies)
-        rexp = Regexp.new(@session_cookie +'=[^\s]*')
-        sc = cookies.to_s.slice rexp
-        "{\"" +@session_cookie +"\": \"#{CGI.escape sc.to_s}\"}"
-      end
-
-      def get_session_from_url(env)
-        rexp = Regexp.new(@session_cookie +'=.*\Z')
-        qs = env['QUERY_STRING'].to_s.slice rexp
-        qs = qs.to_s.split(/&/)[0]
-        nv = qs.to_s.split(/=/)
-        return nv[1] if nv.length > 1
-        ''
-      end
-    end
-  end
+require "cgi"
+require 'rhoconnect/middleware/helpers'
+
+module Rhoconnect
+  module Middleware
+    class XDomainSessionWrapper
+      def initialize(app, opts={})
+        @app = app
+        @session_cookie = opts[:session_cookie] || 'rhoconnect_session'
+        @api_uri_regexp = opts[:api_uri_regexp] || /\A\/api\/application/
+        @login_uri_regexp = opts[:login_uri_regexp] || /\A\/api\/application\/clientlogin/
+        yield self if block_given?
+      end
+
+      def is_sync_protocol(env)
+        # if it is rhoconnect protocol URI
+        @api_uri_regexp.match(env['PATH_INFO'])
+      end
+
+      def call(env)
+        if is_sync_protocol(env)
+          env['HTTP_COOKIE'] = env['HTTP_COOKIE'] || CGI.unescape(get_session_from_url(env))
+        end
+        #puts "and here #{@app.inspect} #{env.inspect}"
+        status, headers, body = @app.call(env)
+
+        if is_sync_protocol(env)
+          cookies = headers['Set-Cookie'].to_s
+          #puts "<----- Cookies: #{cookies}"
+          # put cookies to body as JSON on login success
+          if @login_uri_regexp.match(env['PATH_INFO']) && status == 200
+            body = session_json_from(cookies)
+            headers['Content-Length'] = body.length.to_s
+          end
+        end
+
+        # The Body itself should not be an instance of String,as this will break in Ruby 1.9
+        body = ["#{body}"] if body.is_a?(String)
+        [status, headers, body]
+      end
+
+      def session_json_from(cookies)
+        rexp = Regexp.new(@session_cookie +'=[^\s]*')
+        sc = cookies.to_s.slice rexp
+        "{\"" +@session_cookie +"\": \"#{CGI.escape sc.to_s}\"}"
+      end
+
+      def get_session_from_url(env)
+        rexp = Regexp.new(@session_cookie +'=.*\Z')
+        qs = env['QUERY_STRING'].to_s.slice rexp
+        qs = qs.to_s.split(/&/)[0]
+        nv = qs.to_s.split(/=/)
+        return nv[1] if nv.length > 1
+        ''
+      end
+    end
+  end
 end

data/lib/rhoconnect/store.rb

@@ -307,6 +307,8 @@ module Rhoconnect
         get_value(dockey)
       elsif doctype == 'list'
         get_data(dockey, Array).to_json
+      elsif doctype == 'zset'
+        get_zdata(dockey).to_json
       else
         get_data(dockey).to_json
       end

data/lib/rhoconnect/version.rb

@@ -1,3 +1,3 @@
 module Rhoconnect
-  VERSION = '5.1.1'
+  VERSION = '5.5.0'
 end

data/lib/rhoconnect/web-console/models/doc.js

@@ -10,19 +10,6 @@ var Doc = Backbone.Model.extend({
 		var session = new Session();
 		this.set('api_token', session.getApiKey())
 	},
-	
-	methodUrl: {
-      'read': '/rc/v1/system/license'
-    },
-
-    sync: function(method, model, options) {
-      if (model.methodUrl && model.methodUrl[method.toLowerCase()]) {
-        options = options || {};
-        options.url = model.methodUrl[method.toLowerCase()];
-	    options.token = this.get('api_token')
-      }
-      Backbone.sync(method, model, options);
-    },
 
 	get_doc: function(dbkey,d_type){
 		self = this;

data/lib/rhoconnect/web-console/models/source.js

@@ -3,7 +3,6 @@ var Source = Backbone.Model.extend({
 	defaults: {
 		api_token: null,
 		rhoconnect_version: null,
-		licensee: null,
 		seats: null,
 		issued: null,
 		source_id: null,
@@ -48,36 +47,6 @@ var Source = Backbone.Model.extend({
 		$('tr.remove-tr-user').remove();
 		$('#source-table tr:last').after(adapters);
 	},
-	
-	get_license_info: function(){
-		var session = new Session();
-		$.ajax({
-			type: 'GET',
-			url: '/rc/v1/system/license',
-			beforeSend: function (HttpRequest) {
-			            HttpRequest.setRequestHeader("X-RhoConnect-API-TOKEN", session.getApiKey());
-			},
-			success: function(resp){
-				if(resp != 'testtoken'){
-					var r = JSON.parse(resp)
-					var license_text = "Licensed to  " + r["licensee"] + 
-						" on " + r["issued"] + ", available " + 
-						r["available"] + " out of " + 
-						r['seats'] + " devices"
-					var license_footer = "Licensed to Rhomobile "+r['available']+"/"+r['seats']+" devices available"
-					$('#license').html(license_text);
-					$('#license_info').html(license_footer);
-				}
-			},
-			error: function(resp){
-				if(resp.status == 422){
-					 new App.Views.Index()
-				}
-				$('#docalert')[0].innerHTML = resp.responseText;
-		        $('#docalert').css('display','block');
-			}
-		})	
-	},
 
 	list_source_docs: function(source_id,user_id){
 		var session = new Session();

data/lib/rhoconnect/web-console/templates/index.erb

@@ -84,10 +84,9 @@
 	<footer>
 		<div class="pull-left">
 			RhoConnect
-			<p>© <a href="http://www.rhomobile.com/">Rhomobile</a> All rights reserved.</p>
+			<p>© Rhomobile All rights reserved.</p>
 		</div>
 		<div class="pull-right">
-			<div id='license_info'></div>
 			RhoConnect v<%=@version%>
 		</div>	
 	</footer>