sbsm 1.3.4 → 1.3.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8b27b0cd01f696045f8dcd2a676f8803b9f25ae7
-  data.tar.gz: aa44fd845938ef1024d628ee414e39825d55fcb2
+  metadata.gz: 098df1b1f3f9be3383dc1adbc44087a8662ac7e7
+  data.tar.gz: 3836d50af930294d0fa5bdacec1bcc04085880a4
 SHA512:
-  metadata.gz: 5a5ff8f1920bf41c325356a5e7277d0aa67f0b686296d170b2b1a0040a62462992e5668f2b815a9e2cb2b18b8840f73ea496737df63b063ce432ae77d1e49aec
-  data.tar.gz: 5c208b5d7943f1e342d2eee87b40a03642f5811e8a5b85721081beb8c28a2425fbbb9049259a02b87b4506a082aaa2d29cbcc3bb359c75c1120a5850fa310763
+  metadata.gz: cefada511b938ff19624f587ccc16feca6a33ac34b8875f24d9881c9504bd7e6a87df46bef3492d18b3ed9bb2d409d68c7230f83d5d9f38e060ce20888bdd3af
+  data.tar.gz: ccf6801e741324e0fc11df4f53a103e43085996a1793d6ad9a5207843440621c1f4fd778aeb3146ca1f2d81e92e2b55cdc9699db0132d2ab95a69e8206efae35

data/History.txt

@@ -1,3 +1,8 @@
+=== 1.3.5 /14.12.2016
+* Refactored sbsm to work without DRb
+* Added test/config.ru to be able to run tests via wrk
+* The interface to Session.new changed and must be adapted by client where the SBSM::Session class is overridden.
+
 === 1.3.4 /12.12.2016
 * As we quite often got errors about recycled objects, I added a GC.start in the call method of sbsm/app
   It introduces a delay of 12 to 30 ms. Therefore we should look for a better solution later

data/lib/sbsm/app.rb

@@ -26,50 +26,59 @@
 require 'cgi'
 require 'cgi/session'
 require 'sbsm/cgi'
-require 'cgi/drbsession'
-require 'sbsm/drbserver'
+require 'sbsm/session_store'
+require 'sbsm/trans_handler'
+require 'sbsm/validator'
 require 'mimemagic'
 
 module SBSM
   ###
   # App a base class for Webrick server
-  class App < SBSM::DRbServer
-    include DRbUndumped
-    attr_reader :sbsm, :my_self, :trans_handler, :validator, :drb_uri
+  class App
 
-    OPTIONS = [ :app, :config_file, :trans_handler, :validator, :persistence_layer, :server_uri, :session, :unknown_user, :proxy ]
+    OPTIONS = [ :app, :config_file, :trans_handler, :validator, :persistence_layer, :server_uri, :unknown_user]
     OPTIONS.each{ |opt| eval "attr_reader :#{opt}" }
 
     # Base class for a SBSM based WebRick HTTP server
-    # * offers a start_server() method to launch a DRB server for handling the DRB-requests
     # * offer a call(env) method form handling the WebRick requests
     # This is all what is needed to be compatible with WebRick
     #
-    # === arguments
+    # === optional arguments
     #
-    # * +app+ -               The app we should handle requests for
     # * +validator+ -         A Ruby class overriding the SBSM::Validator class
     # * +trans_handler+ -     A Ruby class overriding the SBSM::TransHandler class
+    # * +session_class+ -     A Ruby class overriding the SBSM::Session class
+    # * +unknown_user+ -      A Ruby class overriding the SBSM::UnknownUser class
     # * +persistence_layer+ - Persistence Layer to use
     # * +cookie_name+ -       The cookie to save persistent user data
-    # * +drb_uri+ -           URI for DRB-Server of app
     #
     # === Examples
     # Look at steinwies.ch
     # * https://github.com/zdavatz/steinwies.ch (simple, mostly static files, one form, no persistence layer)
     #
-    def initialize(app:, validator:, trans_handler:, drb_uri:, persistence_layer: nil, cookie_name: nil)
-      SBSM.info "initialize #{$0} app #{app.class} @app is now #{@app.class} validator #{validator} th #{trans_handler} drb_uri #{drb_uri}"
-      @app = app unless @app
-      @cookie_name = cookie_name ||  SBSM::Session::PERSISTENT_COOKIE_NAME
-      @drb_uri = drb_uri
-      @trans_handler = trans_handler
-      @validator = validator
-      super(persistence_layer)
+    def initialize(validator: nil,
+                   trans_handler:  nil,
+                   session_class: nil,
+                   persistence_layer: nil,
+                   unknown_user: nil,
+                   cookie_name: nil)
+      @@last_session = nil
+      SBSM.info "initialize validator #{validator} th #{trans_handler} cookie #{cookie_name} session #{session_class}"
+      @session_store = SessionStore.new(persistence_layer: persistence_layer,
+                                        trans_handler: trans_handler,
+                                        session_class: session_class,
+                                        cookie_name: cookie_name,
+                                        unknown_user: unknown_user,
+                                        app: self,
+                                        validator: validator)
     end
 
     SESSION_ID = '_session_id'
 
+    def last_session
+      @@last_session
+    end
+
     def call(env) ## mimick sbsm/lib/app.rb
       request = Rack::Request.new(env)
       response = Rack::Response.new
@@ -88,35 +97,31 @@ module SBSM
       end
 
       return [400, {}, []] if /favicon.ico/i.match(request.path)
-      @drb_uri ||= @app.drb_uri
+      # https://www.tutorialspoint.com/ruby/ruby_cgi_sessions.htm
       args = {
-        'database_manager'  =>  CGI::Session::DRbSession,
-        'drbsession_uri'    =>  @drb_uri,
+        'database_manager'  =>  @session_store,
         'session_path'      =>  '/',
         @cookie_name => session_id,
       }
-      SBSM.debug "starting session_id #{session_id} #{request.path}: cookies #{@cookie_name} are #{request.cookies} @session #{@session.class} @cgi #{@cgi.class}"
+      session = @session_store[session_id]
+      session.app ||= self
+      SBSM.debug "starting session_id #{session_id}  session #{session.class} #{request.path}: cookies #{@cookie_name} are #{request.cookies} @cgi #{@cgi.class}"
       @cgi = CGI.initialize_without_offline_prompt('html4') unless @cgi
-      @session = CGI::Session.new(@cgi, args) unless @session
-      saved = self[session_id]
-      @start_time = Time.now.to_f
-      GC.start
-      SBSM.debug "GC.start took #{((Time.now.to_f)- @start_time)*1000.0} milliseconds"
-      @proxy  = DRbObject.new(saved, server_uri) unless @proxy.is_a?(DRbObject)
-      @proxy.trans_handler = @trans_handler
-      @proxy.app = @app unless @proxy.app
-      res = @proxy.drb_process(self, request)
+      session = CGI::Session.new(@cgi, args) unless session
+      res = session.process_rack(rack_request: request)
       response.write res
       response.headers['Content-Type'] ||= 'text/html; charset=utf-8'
-      response.headers.merge!(@proxy.http_headers)
+      response.headers.merge!(session.http_headers)
       if (result = response.headers.find { |k,v| /status/i.match(k) })
         response.status = result.last.to_i
         response.headers.delete(result.first)
       end
-      response.set_cookie(@cookie_name, :value =>  @proxy.cookie_input)
+      response.set_cookie(session.cookie_name, :value =>  session.cookie_input)
       response.set_cookie(SESSION_ID, :value => session_id)
-      SBSM.debug "finish session_id #{session_id}: header with cookies #{response.headers} from #{@proxy.cookie_input}"
+      @@last_session = session
+      SBSM.debug "finish session_id #{session_id}: header with cookies #{response.headers} from #{session.cookie_input}"
       response.finish
     end
+
   end
 end

data/lib/sbsm/cgi.rb

@@ -25,7 +25,6 @@
 # CGI redefinitions
 
 require 'cgi'
-require 'drb/drb'
 
 class CGI
   # Lets satisfy cgi-offline prompt, even if request does not have

data/lib/sbsm/session.rb

@@ -28,30 +28,28 @@
 
 require 'cgi'
 require 'sbsm/cgi'
-require 'sbsm/drb'
 require 'sbsm/state'
+require 'sbsm/user'
 require 'sbsm/lookandfeelfactory'
 require 'delegate'
-require 'sbsm/trans_handler'
 
 module SBSM
-  class	Session < SimpleDelegator
-		attr_reader :user, :active_thread, :key, :cookie_input,
-			:unsafe_input, :valid_input, :request_path, :cgi
-    attr_writer :trans_handler, :app, :validator
-		include DRbUndumped
+  class	Session
+		attr_reader :user, :active_thread, :key, :cookie_input, :cookie_name,
+			:unsafe_input, :valid_input, :request_path, :cgi, :attended_states
+    attr_accessor :validator, :trans_handler, :app
 		PERSISTENT_COOKIE_NAME = "sbsm-persistent-cookie"
 		DEFAULT_FLAVOR = 'sbsm'
 		DEFAULT_LANGUAGE = 'en'
 		DEFAULT_STATE = State
 		DEFAULT_ZONE = nil
-		DRB_LOAD_LIMIT = 255 * 102400
     EXPIRES = 60 * 60
 		LF_FACTORY = nil
 		LOOKANDFEEL = Lookandfeel
 		CAP_MAX_THRESHOLD = 8
 		MAX_STATES = 4
 		SERVER_NAME = nil
+    UNKNOWN_USER = UnknownUser
     def Session.reset_stats
       @@stats = {}
     end
@@ -88,24 +86,54 @@ module SBSM
                    requests, grand_total)
       ''
     end
-    def initialize(key, app, validator=nil)
-      SBSM.info "initialize app #{app.class} @app is now #{@app.class} validator #{validator} th #{@trans_handler}" # drb_uri #{drb_uri}"
-      touch()
-      reset_input()
-      reset_cookie()
-      raise "Must pass key and app and validator to session" unless key && app # && validator
+
+    # Session: It will be initialized indirectly whenever SessionStore cannot
+    # find a session in it cache. The parameters are given via SBSM::App.new
+    # which calls SessionStore.new
+    #
+    # === optional arguments
+    #
+    # * +validator+ -         A Ruby class overriding the SBSM::Validator class
+    # * +trans_handler+ -     A Ruby class overriding the SBSM::TransHandler class
+    # * +unknown_user+ -      A Ruby class overriding the SBSM::UnknownUser class
+    # * +cookie_name+ -       The cookie to save persistent user data
+    #
+    # === Examples
+    # Look at steinwies.ch
+    # * https://github.com/zdavatz/steinwies.ch (simple, mostly static files, one form, no persistence layer)
+    #
+    def initialize(app:,
+                   trans_handler: nil,
+                   validator: nil,
+                   unknown_user: nil,
+                   cookie_name: nil)
+      SBSM.info "initialize th #{trans_handler} validator #{validator}"
       @app = app
-      @key = key
+      @unknown_user = unknown_user
+      @unknown_user ||=  self.class::UNKNOWN_USER
       @validator = validator
+      @validator  ||= Validator.new
+      fail "invalid validator #{@validator}" unless @validator.is_a?(SBSM::Validator)
+      @trans_handler = trans_handler
+      @trans_handler ||= TransHandler.instance
+      fail "invalid trans_handler #{@trans_handler}" unless @trans_handler.is_a?(SBSM::TransHandler)
+      @cookie_name =  cookie_name
+      @cookie_name ||= self.class::PERSISTENT_COOKIE_NAME
       @attended_states = {}
       @persistent_user_input = {}
-      logout()
-      @unknown_user_class = @user.class
+      touch()
+      reset_input()
+      reset_cookie()
+      @user = @unknown_user
+      @unknown_user_class
+      @unknown_user_class = @unknown_user.class
       @variables = {}
       @mutex = Mutex.new
       @cgi = CGI.initialize_without_offline_prompt('html4')
-      SBSM.debug "session initialized #{self} key #{key} app #{app.class}  #{@validator.class} th #{@trans_handler.class} with @cgi #{@cgi}"
-      super(app)
+      SBSM.debug "session initialized #{self} with @cgi #{@cgi}"
+    end
+    def unknown_user
+      @unknown_user_class.new
     end
     def age(now=Time.now)
       now - @mtime
@@ -155,9 +183,6 @@ module SBSM
 		def get_cookie_input(key)
 			@cookie_input[key]
 		end
-		def cookie_name
-			self::class::PERSISTENT_COOKIE_NAME
-		end
 		def default_language
 			self::class::DEFAULT_LANGUAGE
 		end
@@ -165,19 +190,47 @@ module SBSM
       # used when
 			@state.direct_event
 		end
-    def drb_process(app, rack_request)
+    def process_rack(rack_request:)
       start = Time.now
       @request_path ||= rack_request.path
       rack_request.params.each { |key, val| @cgi.params.store(key, val) }
       @trans_handler.translate_uri(rack_request)
       html = @mutex.synchronize do
-        process(rack_request)
+        begin
+          @request_method =rack_request.request_method
+          @request_path = rack_request.path
+          logout unless @active_state
+          validator.reset_errors() if validator && validator.respond_to?(:reset_errors)
+          import_user_input(rack_request)
+          import_cookies(rack_request)
+          @state = active_state.trigger(event())
+          SBSM.debug "active_state.trigger state #{@state.object_id} remember #{persistent_user_input(:remember).inspect}"
+          #FIXME: is there a better way to distinguish returning states?
+          #       ... we could simply refuse to init if event == :sort, but that
+          #       would not solve the problem cleanly, I think.
+          unless(@state.request_path)
+            @state.request_path = @request_path
+            @state.init
+          end
+          unless @state.volatile?
+            SBSM.debug "Changing from #{@active_state.object_id} to state #{@state.class} #{@state.object_id} remember #{persistent_user_input(:remember).inspect}"
+            @active_state = @state
+            @attended_states.store(@state.object_id, @state)
+          else
+            SBSM.debug "Stay in volatile state #{@state.object_id}"
+          end
+          @zone = @active_state.zone
+          @active_state.touch
+          cap_max_states
+        ensure
+          @user_input_imported = false
+        end
         to_html
       end
       (@@stats[@request_path] ||= []).push(Time.now - start)
       html
     rescue  => err
-        SBSM.info "Error in drb_process #{err.backtrace[0..5].join("\n")}"
+        SBSM.info "Error in process_rack #{err.backtrace[0..5].join("\n")}"
         raise err
     end
 		def error(key)
@@ -206,11 +259,11 @@ module SBSM
       age(now) > EXPIRES
 		end
 		def force_login(user)
+      binding.pry
 			@user = user
 		end
 		def import_cookies(request)
 			reset_cookie()
-      return if request.cookies.is_a?(DRb::DRbUnknown)
       if(cuki_str = request.cookies[self::class::PERSISTENT_COOKIE_NAME])
         SBSM.debug "cuki_str #{self::class::PERSISTENT_COOKIE_NAME} #{cuki_str}"
         eval(cuki_str).each { |key, val|
@@ -224,8 +277,6 @@ module SBSM
     @@hash_ptrn = /([^\[]+)((\[[^\]]+\])+)/
     @@index_ptrn = /[^\[\]]+/
     def import_user_input(rack_req)
-			# attempting to read the cgi-params more than once results in a
-			# DRbConnectionRefused Exception. Therefore, do it only once...
 			return if(@user_input_imported)
       hash = rack_req.env.merge rack_req.params
       hash.merge! rack_req.POST if rack_req.POST
@@ -298,7 +349,7 @@ module SBSM
 			!@user.is_a?(@unknown_user_class)
 		end
 		def login
-			if(user = @app.login(self))
+			if(user = (@app && @app.respond_to?(:login) && @app.login(self)))
           SBSM.debug "user is #{user}  #{request_path.inspect}"
 				@user = user
       else
@@ -307,8 +358,8 @@ module SBSM
 		end
 		def logout
 			__checkout
-			@user = @app.unknown_user()
-			@active_state = @state = self::class::DEFAULT_STATE.new(self, @user)
+			@user = unknown_user()
+      @active_state = @state = self::class::DEFAULT_STATE.new(self, @user)
       SBSM.debug "logout #{request_path.inspect} setting @state #{@state.object_id} #{@state.class} remember #{persistent_user_input(:remember).inspect}"
       @state.init
 			@attended_states.store(@state.object_id, @state)
@@ -339,8 +390,6 @@ module SBSM
 		end
 		def http_headers
 			@state.http_headers
-    rescue DRb::DRbConnError
-      raise
 		rescue NameError, StandardError => err
       SBSM.info "NameError, StandardError: #@request_path"
 			{'Content-Type' => 'text/plain'}
@@ -369,40 +418,6 @@ module SBSM
 				@persistent_user_input[key]
 			end
 		end
-    def process(rack_request)
-      begin
-        @request_method =rack_request.request_method
-        @request = rack_request
-        @request_method ||= @request.request_method
-        @request_path = @request.path
-        @validator.reset_errors() if @validator && @validator.respond_to?(:reset_errors)
-        import_user_input(rack_request)
-        import_cookies(rack_request)
-        @state = active_state.trigger(event())
-        SBSM.debug "active_state.trigger state #{@state.object_id} remember #{persistent_user_input(:remember).inspect}"
-        #FIXME: is there a better way to distinguish returning states?
-        #       ... we could simply refuse to init if event == :sort, but that
-        #       would not solve the problem cleanly, I think.
-        unless(@state.request_path)
-          @state.request_path = @request_path
-          @state.init
-        end
-        unless @state.volatile?
-          SBSM.debug "Changing from #{@active_state.object_id} to state #{@state.object_id} remember #{persistent_user_input(:remember).inspect}"
-          @active_state = @state
-          @attended_states.store(@state.object_id, @state)
-        else
-          SBSM.debug "Stay in volatile state #{@state.object_id}"
-        end
-        @zone = @active_state.zone
-        @active_state.touch
-        cap_max_states
-      rescue DRb::DRbConnError
-        raise
-			ensure
-				@user_input_imported = false
-			end
-		end
 		def reset
       if @redirected
         SBSM.debug "reached Session::reset"
@@ -441,8 +456,6 @@ module SBSM
 			else
 				self::class::SERVER_NAME
 			end
-		rescue DRb::DRbConnError
-			@server_name = self::class::SERVER_NAME
 		end
 		def state(event=nil)
 			@active_state
@@ -453,8 +466,6 @@ module SBSM
     end
 		def to_html
 			@state.to_html(cgi)
-    rescue DRb::DRbConnError
-      raise
 		end
     def user_agent
       @user_agent ||= (@request.user_agent if @request.respond_to?(:user_agent))
@@ -493,11 +504,10 @@ module SBSM
 			@state.warning? if @state.respond_to?(:warning?)
 		end
     # CGI::SessionHandler compatibility
+    # https://ruby-doc.org/stdlib-2.3.1/libdoc/cgi/rdoc/CGI.html
+    # should restore the values from a file, we return simply nothing
     def restore
-      hash = {
-        :proxy	=>	self,
-      }
-      hash
+      {}
     end
     def update
       # nothing

data/lib/sbsm/session_store.rb

@@ -0,0 +1,179 @@
+#!/usr/bin/env ruby
+# encoding: utf-8
+#--
+#
+# State Based Session Management
+# Copyright (C) 2004 Hannes Wyss
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#
+# ywesee - intellectual capital connected, Winterthurerstrasse 52, CH-8006 Zürich, Switzerland
+# hwyss@ywesee.com
+#
+# SessionStore -- sbsm -- niger@ywesee.com
+#  2016: ported this code from the old DrbServer
+#++
+
+require 'delegate'
+require 'sbsm/session'
+require 'sbsm/user'
+require 'thread'
+require 'digest/md5'
+require 'sbsm/logger'
+require 'sbsm/validator'
+
+module SBSM
+  #
+  # SessionStore manages session, which are kept in memory
+  # Sessions are limited and expire after some time
+  # The maximal amount of concurrent session is given via CAP_MAX_THRESHOLD
+  #
+  class SessionStore
+    CLEANING_INTERVAL = 30
+    CAP_MAX_THRESHOLD = 120
+    ENABLE_ADMIN = false
+    MAX_SESSIONS = 100
+    RUN_CLEANER = true
+    SESSION = Session
+    UNKNOWN_USER = UnknownUser
+    VALIDATOR = nil
+    attr_reader :cleaner, :updater, :persistence_layer
+    def initialize(app:,
+                   persistence_layer: nil,
+                   trans_handler: nil,
+                   session_class: nil,
+                   validator: nil,
+                   cookie_name: nil,
+                   unknown_user: nil)
+      fail "You must specify an app!" unless app
+      @sessions = {}
+      @mutex = Mutex.new
+      @cleaner = run_cleaner if(self.class.const_get(:RUN_CLEANER))
+      @admin_threads = ThreadGroup.new
+      @async = ThreadGroup.new
+      @system = persistence_layer
+      @persistence_layer = persistence_layer
+      @cookie_name = cookie_name
+      @trans_handler = trans_handler
+      @trans_handler ||= TransHandler.instance
+      @session_class = session_class
+      @session_class ||= SBSM::Session
+      @unknown_user = unknown_user
+      @unknown_user ||= UNKNOWN_USER
+      @validator = validator
+    end
+    def _admin(src, result, priority=0)
+      raise "admin interface disabled" unless(self::class::ENABLE_ADMIN)
+      t = Thread.new {
+        Thread.current.abort_on_exception = false
+        result << begin
+          response = begin
+            instance_eval(src)
+          rescue NameError => e
+            e
+          end
+          str = response.to_s
+          if(str.length > 200)
+            response.class
+          else
+            str
+          end
+        rescue StandardError => e
+          e.message
+        end.to_s
+      }
+      t[:source] = src
+      t.priority = priority
+      @admin_threads.add(t)
+      t
+    end
+    def async(&block)
+      @async.add(Thread.new(&block))
+    end
+    def cap_max_sessions(now = Time.now)
+      if(@sessions.size > self::class::CAP_MAX_THRESHOLD)
+        SBSM.info "too many sessions! Keeping only #{self::class::MAX_SESSIONS}"
+        sess = nil
+        sorted = @sessions.values.sort
+        sorted[0...(-self::class::MAX_SESSIONS)].each { |sess|
+          sess.__checkout
+          @sessions.delete(sess.key)
+        }
+        if(sess)
+          age = sess.age(now)
+          SBSM.info sprintf("deleted all sessions that had not been accessed for more than %im %is", age / 60, age % 60)
+        end
+      end
+    end
+    def clean
+      now = Time.now
+      @sessions.delete_if { |key, s|
+        begin
+          if s.respond_to?(:expired?)
+            if s.expired?(now)
+              s.__checkout
+              true
+            else
+              s.cap_max_states
+              false
+            end
+          else
+            true
+          end
+        rescue
+          true
+        end
+      }
+      #cap_max_sessions(now)
+    end
+    def clear
+      @sessions.each_value { |sess| sess.__checkout }
+      @sessions.clear
+    end
+    def delete_session(key)
+      if(sess = @sessions.delete(key))
+        sess.__checkout
+      end
+    end
+    def reset
+      @mutex.synchronize {
+        @sessions.clear
+      }
+    end
+    def run_cleaner
+      # puts "running cleaner thread"
+      Thread.new do
+        Thread.current.abort_on_exception = true
+        #Thread.current.priority = 1
+        loop do
+          sleep self::class::CLEANING_INTERVAL
+          @mutex.synchronize do
+            clean()
+          end
+        end
+      end
+    end
+    def [](key)
+      @mutex.synchronize do
+        unless((s = @sessions[key]) && !s.expired?)
+          s = @sessions[key] = @session_class.new(app: @app, cookie_name: @cookie_name, trans_handler: @trans_handler, validator: @validator, unknown_user: @unknown_user)
+        end
+        s.reset()
+        s.touch()
+        s
+      end
+    end
+  end
+end