secret_store 0.0.3 → 0.0.4

data/lib/secret_store.rb

@@ -1,11 +1,20 @@
-require "gibberish"
 require "yaml"
+require "timeout"
+require "gibberish"
 require "secret_store/version"
 
 class SecretStore
-  def initialize(password, file_path)
+  class ReadOnly < RuntimeError; end
+
+  def initialize(password, file_path, options = {})
     self.password = password
-    @data = YamlBackend.new(file_path)
+    backend_class = options.fetch(:backend_class, YamlBackend)
+    @data = backend_class.new(file_path)
+  end
+
+  def self.new_read_only(password, file_path)
+    store = new(password, file_path, :backend_class => ReadOnlyYamlBackend)
+    store
   end
 
   def store(key, secret)
@@ -31,6 +40,10 @@ class SecretStore
   end
 
   def change_password(new_password)
+    unless @data.permits_writes?
+      raise ReadOnly
+    end
+
     decrypted = decrypted_data
     self.password = new_password
     replace_with_decrypted(decrypted)
@@ -61,7 +74,7 @@ class SecretStore
   end
 
   class YamlBackend
-    SAVE_FLAGS = File::RDWR | File::CREAT | File::LOCK_EX
+    SAVE_FLAGS = File::RDWR | File::CREAT | File::LOCK_EX | File::LOCK_NB
     SAVE_PERMS = 0640
 
     def initialize(file_path)
@@ -69,10 +82,12 @@ class SecretStore
     end
 
     def [](key)
+      reload_if_updated
       data[key.to_s]
     end
 
     def keys
+      reload_if_updated
       data.keys
     end
 
@@ -102,12 +117,23 @@ class SecretStore
       data && true
     end
 
+    def permits_writes?
+      true
+    end
+
     private
 
     def delete!(key)
+      reset_mtime_tracker
       data.delete(key.to_s)
     end
 
+    def reload_if_updated
+      mtime = File.exists?(@file_path) && File.mtime(@file_path)
+      @mtime_tracker ||= mtime
+      @mtime_tracker != mtime && reload
+    end
+
     def data
       begin
         @data ||= YAML.load_file(@file_path) || {}
@@ -117,11 +143,36 @@ class SecretStore
     end
 
     def save
+      #TODO figure out the WRONLY flag so we don't
+      # have to truncate
       File.open(@file_path, SAVE_FLAGS, SAVE_PERMS) do |f|
         f.truncate(0)
-        f.puts YAML.dump(data)
+        f.write YAML.dump(data)
+        reset_mtime_tracker
+        true
       end
-      true
+    end
+
+    def reset_mtime_tracker
+      @mtime_tracker = nil
+    end
+  end
+
+  class ReadOnlyYamlBackend < YamlBackend
+    [:insert, :overwrite, :delete, :save].each do |meth|
+      define_method meth do |*|
+        raise ReadOnly
+      end
+    end
+
+    def permits_writes?
+      false
+    end
+
+    private
+
+    def reload_if_updated
+      #no-op
     end
   end
 end

data/lib/secret_store/version.rb

@@ -1,3 +1,3 @@
 class SecretStore
-  VERSION = "0.0.3"
+  VERSION = "0.0.4"
 end

data/spec/secret_store_spec.rb

@@ -6,6 +6,12 @@ describe SecretStore, "initializing" do
   it "takes a password and file path" do
     subject = SecretStore.new("pass", tmpfile.path)
   end
+
+  it "can be optionally injected with a backend class" do
+    klass = Class.new
+    klass.should_receive(:new)
+    subject = SecretStore.new("pass", tmpfile.path, :backend_class => klass)
+  end
 end
 
 describe SecretStore, "storing a secret" do
@@ -157,7 +163,46 @@ describe SecretStore::YamlBackend do
 
   it "can save the data" do
     subject.overwrite("foo", "123")
-    data = SecretStore::YamlBackend.new(tmpfile)
+    data = SecretStore::YamlBackend.new(tmpfile.path)
     data["foo"].should == "123"
   end
+
+  it "will auto reload the data if the file mtime changes" do
+    subject["foo"].should == "bar"
+    SecretStore::YamlBackend.new(tmpfile.path).overwrite("foo", "changed")
+    FileUtils.touch(tmpfile.path, :mtime => Time.now + 5)
+    subject["foo"].should == "changed"
+  end
+
+  it "can create a file that doesn't exist" do
+    path = tmpfile.path
+    tmpfile.unlink
+    store = SecretStore::YamlBackend.new(path)
+    store["foo"].should be_nil
+    store.insert("foo", "bar")
+    store["foo"].should == "bar"
+  end
+end
+
+describe SecretStore::ReadOnlyYamlBackend do
+  let(:tmpfile) { Tempfile.new("secret_store") }
+  subject { SecretStore::ReadOnlyYamlBackend.new(tmpfile) }
+
+  it "doesn't allow inserts" do
+    lambda {
+      subject.insert("foo", "bar")
+    }.should raise_error(SecretStore::ReadOnly)
+  end
+
+  it "doesn't allow overwrites" do
+    lambda {
+      subject.overwrite("foo", "bar")
+    }.should raise_error(SecretStore::ReadOnly)
+  end
+
+  it "doesn't allow deletes" do
+    lambda {
+      subject.delete("foo")
+    }.should raise_error(SecretStore::ReadOnly)
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: secret_store
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-08-11 00:00:00.000000000 Z
+date: 2012-08-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gibberish
-  requirement: &2153518960 !ruby/object:Gem::Requirement
+  requirement: &2161587900 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *2153518960
+  version_requirements: *2161587900
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &2153518540 !ruby/object:Gem::Requirement
+  requirement: &2161587480 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2153518540
+  version_requirements: *2161587480
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &2153518120 !ruby/object:Gem::Requirement
+  requirement: &2161587060 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,7 +43,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2153518120
+  version_requirements: *2161587060
 description: Store secrets for your app in a encrypted in a yaml file.
 email:
 - xternal1+github@gmail.com
@@ -74,7 +74,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2358538595218873167
+      hash: -2410818951335814899
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -83,7 +83,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2358538595218873167
+      hash: -2410818951335814899
 requirements: []
 rubyforge_project: secret_store
 rubygems_version: 1.8.15