ruby_aem 3.6.0 → 3.10.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b87692d45379fc2a9e6c9860148b34a413352431
-  data.tar.gz: 73afdd6346a56fe3f3ae34604e4da80dc4957634
+  metadata.gz: 6bafd8e93a34eea1e44db851ebfc4f4067c0578c
+  data.tar.gz: f44a61f6090e948c85a5db8551c922e943bb025a
 SHA512:
-  metadata.gz: d50ae162ac4d8af6fe5fe24bd40f9f4a8eb7fc53d63715faa6254352f050b80087756072dcaae327ef51ecee0a6ec93268add0d386c45f5321e473c439e175a7
-  data.tar.gz: 235eee739d3208da3d0d96131813ad9bd7f99a73ba373fe6d733d4e6549a8280565cbb76b5995161edabbd71156837b747fe2ed743c6c79dc5e22253bc4f2cc0
+  metadata.gz: c3c22c215225b5ec46ebcdc3e10fcbc8c92aa1b2609f85d7eacb389b3797103e5ae510f21b9ce62c2be21c3b9d01f8023d7968329811767bd07d8cc5ff4b2add
+  data.tar.gz: 73cb51e959598af927c0af859f5590930d71e724f7049963578384ff0f3b180492b4bbbc0b8714f0471c85e8480b72a06ec04e0630967da31c2bb39e3df38310

data/conf/gem.yaml

@@ -1 +1 @@
-version: 3.6.0
+version: 3.10.1

data/conf/spec.yaml

@@ -339,27 +339,27 @@ flushagent:
           name: '%{name}'
         optional:
           jcrprimary_type: cq:Page
-          jcrcontentcqname: '%{name}'
-          jcrcontentjcrtitle: '%{title}'
-          jcrcontentjcrdescription: '%{description}'
-          jcrcontentslingresource_type: cq/replication/components/agent
-          jcrcontenttransport_uri: '%{dest_base_url}/dispatcher/invalidate.cache'
-          jcrcontentlog_level: '%{log_level}'
-          jcrcontentno_versioning: true
-          jcrcontentprotocol_http_headers:
+          jcrcontent_cqname: '%{name}'
+          jcrcontent_jcrtitle: '%{title}'
+          jcrcontent_jcrdescription: '%{description}'
+          jcrcontent_slingresource_type: cq/replication/components/agent
+          jcrcontent_transport_uri: '%{dest_base_url}/dispatcher/invalidate.cache'
+          jcrcontent_log_level: '%{log_level}'
+          jcrcontent_no_versioning: true
+          jcrcontent_protocol_http_headers:
             - 'CQ-Action:{action}'
             - 'CQ-Handle:{path}'
             - 'CQ-Path:{path}'
-          jcrcontentprotocol_http_headers_type_hint: String[]
-          jcrcontentprotocol_http_method: GET
-          jcrcontentretry_delay: '%{retry_delay}'
-          jcrcontentserialization_type: flush
-          jcrcontentjcrmixin_types: cq:ReplicationStatus
-          jcrcontenttrigger_receive: true
-          jcrcontenttrigger_specific: true
-          jcrcontentcqtemplate: /libs/cq/replication/templates/agent
-          jcrcontentenabled: true
-          jcrcontentssl: '%{ssl}'
+          jcrcontent_protocol_http_headers_type_hint: String[]
+          jcrcontent_protocol_http_method: GET
+          jcrcontent_retry_delay: '%{retry_delay}'
+          jcrcontent_serialization_type: flush
+          jcrcontent_jcrmixin_types: cq:ReplicationStatus
+          jcrcontent_trigger_receive: true
+          jcrcontent_trigger_specific: true
+          jcrcontent_cqtemplate: /libs/cq/replication/templates/agent
+          jcrcontent_enabled: true
+          jcrcontent_ssl: '%{ssl}'
       responses:
         200:
           handler: simple
@@ -417,8 +417,8 @@ group:
           authorizable_id: '%{name}'
           intermediate_path: '%{path}'
         optional:
-          create_group: ''
-          profilegiven_name: '%{name}'
+          create_group: 'true'
+          profile_given_name: '%{name}'
       responses:
         201:
           handler: html_authorizable_id
@@ -447,7 +447,7 @@ group:
           path: '%{path}'
           name: '%{authorizable_id}'
         optional:
-          delete_authorizable: ''
+          delete_authorizable: '%{name}'
       responses:
         200:
           handler: simple
@@ -960,18 +960,18 @@ replicationagent:
           name: '%{name}'
         optional:
           jcrprimary_type: cq:Page
-          jcrcontentcqname: '%{name}'
-          jcrcontentjcrtitle: '%{title}'
-          jcrcontentjcrdescription: '%{description}'
-          jcrcontentslingresource_type: cq/replication/components/agent
-          jcrcontentserialization_type: durbo
-          jcrcontenttransport_uri: '%{dest_base_url}/bin/receive?sling:authRequestLogin=1'
-          jcrcontenttransport_user: '%{transport_user}'
-          jcrcontenttransport_password: '%{transport_password}'
-          jcrcontentlog_level: '%{log_level}'
-          jcrcontentretry_delay: '%{retry_delay}'
-          jcrcontentcqtemplate: /libs/cq/replication/templates/agent
-          jcrcontentenabled: true
+          jcrcontent_cqname: '%{name}'
+          jcrcontent_jcrtitle: '%{title}'
+          jcrcontent_jcrdescription: '%{description}'
+          jcrcontent_slingresource_type: cq/replication/components/agent
+          jcrcontent_serialization_type: durbo
+          jcrcontent_transport_uri: '%{dest_base_url}/bin/receive?sling:authRequestLogin=1'
+          jcrcontent_transport_user: '%{transport_user}'
+          jcrcontent_transport_password: '%{transport_password}'
+          jcrcontent_log_level: '%{log_level}'
+          jcrcontent_retry_delay: '%{retry_delay}'
+          jcrcontent_cqtemplate: /libs/cq/replication/templates/agent
+          jcrcontent_enabled: true
       responses:
         200:
           handler: simple
@@ -1030,19 +1030,19 @@ outboxreplicationagent:
           name: '%{name}'
         optional:
           jcrprimary_type: cq:Page
-          jcrcontentcqname: '%{name}'
-          jcrcontentjcrtitle: '%{title}'
-          jcrcontentjcrdescription: '%{description}'
-          jcrcontentslingresource_type: cq/replication/components/agent
-          jcrcontenttransport_uri: repo://var/replication/outbox
-          jcrcontentno_versioning: true
-          jcrcontentlog_level: '%{log_level}'
-          jcrcontentcqtemplate: /libs/cq/replication/templates/agent
-          jcrcontentenabled: true
-          jcrcontenttrigger_distribute: true
-          jcrcontenttrigger_modified: false
-          jcrcontenttrigger_specific: true
-          jcrcontentuser_id: '%{user_id}'
+          jcrcontent_cqname: '%{name}'
+          jcrcontent_jcrtitle: '%{title}'
+          jcrcontent_jcrdescription: '%{description}'
+          jcrcontent_slingresource_type: cq/replication/components/agent
+          jcrcontent_transport_uri: repo://var/replication/outbox
+          jcrcontent_no_versioning: true
+          jcrcontent_log_level: '%{log_level}'
+          jcrcontent_cqtemplate: /libs/cq/replication/templates/agent
+          jcrcontent_enabled: true
+          jcrcontent_trigger_distribute: true
+          jcrcontent_trigger_modified: false
+          jcrcontent_trigger_specific: true
+          jcrcontent_user_id: '%{user_id}'
       responses:
         200:
           handler: simple
@@ -1101,19 +1101,19 @@ reversereplicationagent:
           name: '%{name}'
         optional:
           jcrprimary_type: cq:Page
-          jcrcontentcqname: '%{name}'
-          jcrcontentjcrtitle: '%{title}'
-          jcrcontentjcrdescription: '%{description}'
-          jcrcontentslingresource_type: cq/replication/components/agent
-          jcrcontentserialization_type: durbo
-          jcrcontenttransport_uri: '%{dest_base_url}/bin/receive?sling:authRequestLogin=1'
-          jcrcontenttransport_user: '%{transport_user}'
-          jcrcontenttransport_password: '%{transport_password}'
-          jcrcontentlog_level: '%{log_level}'
-          jcrcontentretry_delay: '%{retry_delay}'
-          jcrcontentcqtemplate: /libs/cq/replication/templates/agent
-          jcrcontentenabled: true
-          jcrcontentreverse_replication: true
+          jcrcontent_cqname: '%{name}'
+          jcrcontent_jcrtitle: '%{title}'
+          jcrcontent_jcrdescription: '%{description}'
+          jcrcontent_slingresource_type: cq/replication/components/agent
+          jcrcontent_serialization_type: durbo
+          jcrcontent_transport_uri: '%{dest_base_url}/bin/receive?sling:authRequestLogin=1'
+          jcrcontent_transport_user: '%{transport_user}'
+          jcrcontent_transport_password: '%{transport_password}'
+          jcrcontent_log_level: '%{log_level}'
+          jcrcontent_retry_delay: '%{retry_delay}'
+          jcrcontent_cqtemplate: /libs/cq/replication/templates/agent
+          jcrcontent_enabled: true
+          jcrcontent_reverse_replication: true
       responses:
         200:
           handler: simple
@@ -1292,7 +1292,7 @@ truststore:
       operation: postNode
       params:
         required:
-          path: /etc/truststore/
+          path: etc/truststore
           name: truststore.p12
         optional:
           operation: delete
@@ -1341,7 +1341,7 @@ user:
           authorizable_id: '%{name}'
           intermediate_path: '%{path}'
         optional:
-          create_user: ''
+          create_user: 'true'
           reppassword: '%{password}'
       responses:
         201:
@@ -1371,7 +1371,7 @@ user:
           path: '%{path}'
           name: '%{authorizable_id}'
         optional:
-          delete_authorizable: ''
+          delete_authorizable: '%{name}'
       responses:
         200:
           handler: simple
@@ -1422,3 +1422,44 @@ user:
         200:
           handler: html_change_password
           message: 'User %{user}''s password has been changed'
+ssl:
+  actions:
+    enable:
+      api: granite
+      operation: sslSetup
+      params:
+        required:
+          keystore_password: '%{keystore_password}'
+          keystore_passwordConfirm: '%{keystore_passwordConfirm}'
+          truststore_password: '%{truststore_password}'
+          truststore_passwordConfirm: '%{truststore_passwordConfirm}'
+          https_hostname: '%{https_hostname}'
+          https_port: '%{https_port}'
+        optional:
+          privatekey_file: __FILE_PRIVATE_KEY__
+          certificate_file: __FILE_CERTIFICATE__
+      responses:
+        200:
+          handler: simple
+          message: 'HTTPS has been configured on port %{https_port}'
+    get:
+      api: configmgr
+      operation: comAdobeGraniteJettySslInternalGraniteSslConnectorFactory
+      params:
+        optional:
+          post: true
+      responses:
+        200:
+          handler: simple
+          message: 'HTTPS Configuration found'
+    disable:
+      api: configmgr
+      operation: comAdobeGraniteJettySslInternalGraniteSslConnectorFactory
+      params:
+        optional:
+          apply: true
+          delete: true
+      responses:
+        200:
+          handler: simple
+          message: 'HTTPS has been disabled'

data/lib/ruby_aem.rb

@@ -29,6 +29,7 @@ require 'ruby_aem/resources/replication_agent'
 require 'ruby_aem/resources/outbox_replication_agent'
 require 'ruby_aem/resources/reverse_replication_agent'
 require 'ruby_aem/resources/saml'
+require 'ruby_aem/resources/ssl'
 require 'ruby_aem/resources/repository'
 require 'ruby_aem/resources/truststore'
 require 'ruby_aem/resources/user'
@@ -87,7 +88,8 @@ module RubyAem
         custom: SwaggerAemClient::CustomApi.new,
         cq: SwaggerAemClient::CqApi.new,
         crx: SwaggerAemClient::CrxApi.new,
-        sling: SwaggerAemClient::SlingApi.new
+        sling: SwaggerAemClient::SlingApi.new,
+        granite: SwaggerAemClient::GraniteApi.new
       }
 
       spec = YAML.load_file(File.expand_path('../../conf/spec.yaml', __FILE__))
@@ -254,6 +256,13 @@ module RubyAem
       RubyAem::Resources::Saml.new(@client)
     end
 
+    # Create a SSL instance.
+    #
+    # @return new RubyAem::Resources::Saml instance
+    def ssl
+      RubyAem::Resources::Ssl.new(@client)
+    end
+
     # Create a Truststore instance.
     #
     # @return new RubyAem::Resources::Truststore instance

data/lib/ruby_aem/resources/authorizable_keystore.rb

@@ -33,6 +33,8 @@ module RubyAem
           intermediate_path: intermediate_path,
           authorizable_id: authorizable_id
         }
+
+        @call_params[:intermediate_path] = RubyAem::Swagger.path(@call_params[:intermediate_path])
       end
 
       # Create AEM Authorizable Keystore.

data/lib/ruby_aem/resources/certificate_chain.rb

@@ -38,6 +38,8 @@ module RubyAem
           keystore_intermediate_path: keystore_intermediate_path,
           keystore_authorizable_id: keystore_authorizable_id
         }
+
+        @call_params[:keystore_intermediate_path] = RubyAem::Swagger.path(@call_params[:keystore_intermediate_path])
       end
 
       # Create is an alias to import.

data/lib/ruby_aem/resources/ssl.rb

@@ -0,0 +1,148 @@
+# Copyright 2016-2018 Shine Solutions
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'ruby_aem/error'
+
+module RubyAem
+  module Resources
+    # AEM class contains API calls related to managing SSL via Granite.
+    class Ssl
+      # Initialise Ssl resource.
+      #
+      # @param client RubyAem::Client
+      # @return new RubyAem::Resources::Ssl instance
+      def initialize(client)
+        @client = client
+        @call_params = {
+        }
+      end
+
+      # Disable SSL
+      #
+      # @return RubyAem::Result
+      def disable
+        @client.call(self.class, __callee__.to_s, @call_params)
+      end
+
+      # Enable SSL
+      #
+      # @param opts hash of the following values:
+      # - keystore_password: Authorizable Keystore password for system-user ssl-service. keystore will be created if it  doesn't exist.
+      # - truststore_password: AEM Global Truststore password. Truststore will be created if it  doesn't exist.
+      # - https_hostname: Hostname for enabling HTTPS listener matching the certificate's common name.
+      # - https_port: Port to listen on for HTTPS requests.
+      # - certificate_file_path:  Path to the HTTPS public certificate file.
+      # - privatekey_file_path: Path to the HTTPS Private Key file.
+      # @return RubyAem::Result
+      def enable(opts = {
+        keystore_password: nil,
+        truststore_password: nil,
+        https_hostname: nil,
+        https_port: nil,
+        certificate_file_path: nil,
+        privatekey_file_path: nil
+      })
+        @call_params[:keystore_password] = opts[:keystore_password]
+        @call_params[:keystore_passwordConfirm] = opts[:keystore_password]
+        @call_params[:truststore_password] = opts[:truststore_password]
+        @call_params[:truststore_passwordConfirm] = opts[:truststore_password]
+        @call_params[:https_hostname] = opts[:https_hostname]
+        @call_params[:https_port] = opts[:https_port]
+        @call_params[:file_path_certificate] = opts[:certificate_file_path]
+        @call_params[:file_path_private_key] = opts[:privatekey_file_path]
+
+        @client.call(self.class, __callee__.to_s, @call_params)
+      end
+
+      # Get SSL Granite configuration
+      #
+      # @return RubyAem::Result
+      def get
+        @client.call(self.class, __callee__.to_s, @call_params)
+      end
+
+      # Check if SSL is enabled via Granite
+      #
+      # @return RubyAem::Result
+      def is_enabled
+        get_ssl = get
+
+        response = get_ssl.response
+        ssl_properties = response.body.properties
+        ssl_enabled = ssl_properties.com_adobe_granite_jetty_ssl_port.is_set
+        ssl_port = ssl_properties.com_adobe_granite_jetty_ssl_port.value
+
+        message = if ssl_enabled.eql?(true)
+                    "HTTPS has been configured on port #{ssl_port}"
+                  else
+                    'HTTPS is not configured'
+                  end
+
+        result = RubyAem::Result.new(message, response)
+        result.data = ssl_enabled
+
+        result
+      end
+
+      # Enable SSL via granite and wait until SSL was enabled
+      #
+      # @param opts hash of the following values:
+      # - keystore_password: Authorizable Keystore password for system-user ssl-service. keystore will be created if it  doesn't exist.
+      # - truststore_password: AEM Global Truststore password. Truststore will be created if it  doesn't exist.
+      # - https_hostname: Hostname for enabling HTTPS listener matching the certificate's common name.
+      # - https_port: Port to listen on for HTTPS requests.
+      # - certificate_file_path:  Path to the HTTPS public certificate file.
+      # - privatekey_file_path: Path to the HTTPS Private Key file.
+      # - _retries: retries library's options (http://www.rubydoc.info/gems/retries/0.0.5#Usage), restricted to max_tries, base_sleep_seconds, max_sleep_seconds
+      # @return RubyAem::Result
+      def enable_wait_until_ready(
+        opts = {
+          force: true,
+          _retries: {
+            max_tries: 30,
+            base_sleep_seconds: 2,
+            max_sleep_seconds: 2
+          }
+        }
+      )
+        opts[:_retries] ||= {}
+        opts[:_retries][:max_tries] ||= 30
+        opts[:_retries][:base_sleep_seconds] ||= 2
+        opts[:_retries][:max_sleep_seconds] ||= 2
+
+        # ensure integer retries setting (Puppet 3 passes numeric string)
+        opts[:_retries][:max_tries] = opts[:_retries][:max_tries].to_i
+        opts[:_retries][:base_sleep_seconds] = opts[:_retries][:base_sleep_seconds].to_i
+        opts[:_retries][:max_sleep_seconds] = opts[:_retries][:max_sleep_seconds].to_i
+
+        # The AEM Granite API to enable SSl is unstable and in some cases it response with response code 0.
+        # This is because the HTTP service is getting restarted during the process of enabling SSL via Granite.
+        # To not end with an error we have to rescue this behaviour and verify afterwards if SSL was enabled.
+        begin
+          result = enable(**opts)
+        rescue RubyAem::Error => e
+          raise StandardError.new(result) unless e.result.response.status_code.zero?
+
+          with_retries(max_tries: opts[:_retries][:max_tries], base_sleep_seconds: opts[:_retries][:base_sleep_seconds], max_sleep_seconds: opts[:_retries][:max_sleep_seconds]) { |retries_count|
+            result = is_enabled
+            message = 'SSL could not be configured or connection timeout please try again.'
+            puts format('SSL Enable check #%<retries_count>d: %<check_result_data>s - %<check_result_message>s', retries_count: retries_count, check_result_data: result.data, check_result_message: result.message)
+            raise StandardError.new(message) if result.data == false
+          }
+        end
+        result
+      end
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby_aem
 version: !ruby/object:Gem::Version
-  version: 3.6.0
+  version: 3.10.1
 platform: ruby
 authors:
 - Shine Solutions
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-04-18 00:00:00.000000000 Z
+date: 2020-12-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: retries
@@ -31,14 +31,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 3.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 3.4.0
 - !ruby/object:Gem::Dependency
   name: swagger_aem_osgi
   requirement: !ruby/object:Gem::Requirement
@@ -117,6 +117,7 @@ files:
 - lib/ruby_aem/resources/repository.rb
 - lib/ruby_aem/resources/reverse_replication_agent.rb
 - lib/ruby_aem/resources/saml.rb
+- lib/ruby_aem/resources/ssl.rb
 - lib/ruby_aem/resources/truststore.rb
 - lib/ruby_aem/resources/user.rb
 - lib/ruby_aem/response.rb