sinatra-s3 0.98

data/lib/sinatra-s3/admin.rb

@@ -0,0 +1,626 @@
+require 'aws/s3'
+
+module S3
+
+  class Admin < Sinatra::Base
+
+    helpers do
+      include S3::Helpers
+      include S3::AdminHelpers
+    end
+
+    set :sessions, :on
+    enable :inline_templates
+
+    before do
+      ActiveRecord::Base.verify_active_connections!
+    end
+
+    get '/control/?' do
+      login_required
+      redirect '/control/buckets'
+    end
+
+    get %r{^/control/s/(.*)} do
+      open(File.join(PUBLIC_PATH, params[:captures].first))
+    end
+
+    get '/control/login' do
+      r :login, "Login"
+    end
+
+    post '/control/login' do
+      @user = User.find_by_login params[:login]
+      if @user
+	if @user.password == hmac_sha1( params[:password], @user.secret )
+	  session[:user_id] = @user.id
+	  redirect '/control/buckets'
+	else
+	  @user.errors.add(:password, 'is incorrect')
+	end
+      else
+	@user = User.new
+	@user.errors.add(:login, 'not found')
+      end
+      login_view
+    end
+
+    get '/control/logout' do
+      session[:user_id] = nil
+      redirect '/control'
+    end
+
+    get '/control/buckets/?' do
+      login_required
+      load_buckets
+      r :buckets, "Buckets"
+    end
+
+    post '/control/buckets/?' do
+      login_required
+      begin
+        Bucket.find_root(params['bucket']['name'])
+        load_buckets
+        @bucket.errors.add_to_base("A bucket named `#{@input['bucket']['name']}' already exists.")
+      rescue NoSuchBucket
+         bucket = Bucket.new(params['bucket'])
+	 redirect '/control/buckets' if bucket.save()
+	 load_buckets
+	 @bucket.errors.add_to_base("Invalid bucket name.")
+      end
+      r :buckets, "Buckets"
+    end
+
+    get '/control/buckets/:bucket/?' do
+      login_required
+      @bucket = Bucket.find_root(params[:bucket])
+      only_can_read @bucket
+      @files = Slot.find :all, :conditions => ['deleted = 0 AND parent_id = ?', @bucket.id], :order => 'name'
+      r :files, "/#{@bucket.name}"
+    end
+
+    post '/control/buckets/:bucket/?' do
+      login_required
+      @bucket = Bucket.find_root(params[:bucket])
+      only_can_write @bucket
+
+      if params['upfile'].nil? || params['upfile'].instance_of?(String)
+	@files = Slot.find :all, :conditions => ['deleted = 0 AND parent_id = ?', @bucket.id], :order => 'name'
+	redirect "/control/buckets/#{params[:bucket]}"
+      end
+
+      tmpf = params['upfile'][:tempfile]
+      readlen, md5 = 0, MD5.new
+      while part = tmpf.read(BUFSIZE)
+	readlen += part.size
+	md5 << part
+      end
+
+      fileinfo = FileInfo.new
+      fileinfo.mime_type = params['upfile'][:type] || "binary/octet-stream"
+      fileinfo.size = readlen
+      fileinfo.md5 = md5.hexdigest
+      fileinfo.etag = '"' + md5.hexdigest + '"'
+
+      mdata = {}
+      if defined?(EXIFR) && fileinfo.mime_type =~ /jpg|jpeg/
+	photo_data = EXIFR::JPEG.new(tmpf.path).to_hash
+	photo_data.each_pair do |key,value|
+	  tmp = key.to_s.gsub(/[^a-z0-9]+/i, '-').downcase.gsub(/-$/,'')
+	  mdata[tmp] = value.to_s
+	end
+      end
+
+      params['fname'] = params['upfile'][:filename] if params['fname'].blank?
+      begin
+	slot = @bucket.find_slot(params['fname'])
+	if slot.versioning_enabled?
+	  nslot = slot.clone()
+	  slot.update_attributes(:deleted => true)
+	  slot = nslot
+	end
+	fileinfo.path = slot.obj.path
+	file_path = File.join(STORAGE_PATH,fileinfo.path)
+	slot.update_attributes(:owner_id => @user.id, :meta => mdata, :obj => fileinfo, :size => fileinfo.size)
+	FileUtils.mv(tmpf.path, file_path,{ :force => true })
+      rescue NoSuchKey
+	fileinfo.path = File.join(params[:bucket], rand(10000).to_s(36) + '_' + File.basename(tmpf.path))
+	fileinfo.path.succ! while File.exists?(File.join(STORAGE_PATH, fileinfo.path))
+	file_path = File.join(STORAGE_PATH,fileinfo.path)
+	FileUtils.mkdir_p(File.dirname(file_path))
+	FileUtils.mv(tmpf.path, file_path)
+	slot = Slot.create(:name => params['fname'], :owner_id => @user.id, :meta => mdata, :obj => fileinfo, :size => fileinfo.size)
+	slot.grant(:access => params['facl'].to_i)
+	@bucket.add_child(slot)
+      end
+
+      if slot.versioning_enabled?
+	begin
+	  slot.git_repository.add(File.basename(fileinfo.path))
+	  slot.git_repository.commit("Added #{slot.name} to the Git repository.")
+	  slot.git_update
+	  slot.update_attributes(:version => slot.git_object.objectish)
+	rescue => err
+	  puts "[#{Time.now}] GIT: #{err}"
+	end
+      end
+
+      redirect "/control/buckets/#{params[:bucket]}"
+    end
+
+    post '/control/buckets/:bucket/versioning/?' do
+      login_required
+      @bucket = Bucket.find_root(params[:bucket])
+      only_can_write @bucket
+      @bucket.git_init if defined?(Git)
+      redirect "/control/buckets/#{@bucket.name}"
+    end
+
+    get %r{^/control/changes/(.+?)/(.+)$} do
+      login_required
+      @bucket = Bucket.find_root params[:captures].first
+      @file = @bucket.find_slot(params[:captures].last)
+      only_owner_of @bucket
+      @versions = @bucket.git_repository.log.path(File.basename(@file.obj.path))
+      r :changes, "Commit Log", :popup
+    end
+
+    post '/control/delete/:bucket/?' do
+      login_required
+      @bucket = Bucket.find_root(params[:bucket])
+      only_owner_of @bucket
+      if Slot.count(:conditions => ['deleted = 0 AND parent_id = ?', @bucket.id]) > 0
+	# FIXME: error message, bucket is not empty
+      else
+	@bucket.remove_from_filesystem()
+	@bucket.destroy()
+      end
+      redirect "/control/buckets"
+    end
+
+    post %r{^/control/delete/(.+?)/(.+)$} do
+      login_required
+      @bucket = Bucket.find_root(params[:captures].first)
+      only_can_write @bucket
+      @slot = @bucket.find_slot(params[:captures].last)
+
+      if @slot.versioning_enabled?
+	@slot.git_repository.remove(File.basename(@slot.obj.path))
+	@slot.git_repository.commit("Removed #{@slot.name} from the Git repository.")
+	@slot.git_update
+      end
+
+      @slot.remove_from_filesystem()
+      @slot.destroy()
+      redirect "/control/buckets/#{params[:captures].first}"
+    end
+
+    get "/control/profile/?" do
+      login_required
+      @usero = @user
+      r :profile, "Your Profile"
+    end
+
+    post "/control/profile/?" do
+      login_required
+      @user.update_attributes(params['user'])
+      @usero = @user
+      r :profile, "Your Profile"
+    end
+
+    get "/control/users/?" do
+      login_required
+      only_superusers
+      @usero = User.new
+      @users = User.find :all, :conditions => ['deleted != 1'], :order => 'login'
+      r :users, "User List"
+    end
+
+    post "/control/users/?" do
+      login_required
+      only_superusers
+      @usero = User.new params['user'].merge(:activated_at => Time.now)
+      if @usero.valid?
+	@usero.save()
+	redirect "/control/users"
+      else
+	@users = User.find :all, :conditions => ['deleted != 1'], :order => 'login'
+        r :users, "User List"
+      end
+    end
+
+    get "/control/users/:login/?" do
+      login_required
+      only_superusers
+      @usero = User.find_by_login params[:login]
+      r :profile, @usero.login
+    end
+
+    post "/control/users/:login/?" do
+      login_required
+      only_superusers
+      @usero = User.find_by_login params[:login]
+
+      # if were not changing passwords remove blank values
+      if params['user']['password'].blank? && params['user']['password_confirmation'].blank?
+	params['user'].delete('password')
+	params['user'].delete('password_confirmation')
+      end
+
+      if @usero.update_attributes(params['user'])
+        redirect "/control/users/#{@usero.login}"
+      else
+        r :profile, @usero.login
+      end
+    end
+
+    post "/control/users/delete/:login/?" do
+      login_required
+      only_superusers
+      @usero = User.find_by_login params[:login]
+      if @usero.id == @user.id
+	# FIXME: notify user they cannot delete themselves
+      else
+	@usero.destroy
+      end
+      redirect "/control/users"
+    end
+
+    get %r{^/control/acl/(.+?)/(.+)$} do
+      login_required
+      @bucket = Bucket.find_root(params[:captures].first)
+      only_can_write_acp @bucket
+      @slot = @bucket.find_slot(params[:captures].last)
+      only_can_write @slot
+      r :acl, "Modify File Access", :popup
+    end
+
+    post %r{^/control/acl/(.+?)/(.+)$} do
+      login_required
+      @bucket = Bucket.find_root(params[:captures].first)
+      @slot = @bucket.find_slot(params[:captures].last)
+      only_owner_of @slot
+      case params[:acl]['type']
+      when "email"
+	@user = User.find(:first, :conditions => [ 'key = ? OR email = ?', params[:acl]['user_id'], params[:acl]['user_id'] ])
+	update_user_access(@slot,@user,"#{Bit.acl_text.invert[params[:acl]['access']]}00".to_i(8)) if @user
+      when "http://acs.amazonaws.com/groups/global/AuthenticatedUsers"
+	@slot.access &= ~(@slot.access.to_s(8)[1,1].to_i*10)
+	@slot.access |= (Bit.acl_text.invert[params[:acl]['access']]*10).to_s.to_i(8)
+      when "http://acs.amazonaws.com/groups/global/AllUsers"
+	@slot.access &= ~@slot.access.to_s(8)[2,1].to_i
+	@slot.access |= Bit.acl_text.invert[params[:acl]['access']].to_s.to_i(8)
+      end
+      @slot.save()
+      redirect "/control/acl/#{@bucket.name}/#{@slot.name}"
+    end
+
+    get %r{^/control/meta/(.+?)/(.+)$} do
+      login_required
+      @bucket = Bucket.find_root(params[:captures].first)
+      @slot = @bucket.find_slot(params[:captures].last)
+      only_can_write @slot
+      r :meta, "Metadata", :popup
+    end
+
+    post %r{^/control/meta/(.+?)/(.+)$} do
+      login_required
+      @bucket = Bucket.find_root(params[:captures].first)
+      @slot = @bucket.find_slot(params[:captures].last)
+      only_can_write @slot
+
+      newm = {}
+      params[:m].each do |k,v|
+	newm[k] = v unless v.blank?
+      end
+      if !params[:meta]['key'].blank? && !params[:meta]['value'].blank?
+	if params[:meta]['key'] =~ /^[A-Za-z0-9\-]+$/
+	  newm[params[:meta]['key']] = params[:meta]['value']
+	else
+	  @slot.errors.add(:key, "can only contain letters, numbers and dashes")
+	end
+      end
+
+      @slot.update_attributes({ :meta => newm })
+      r :meta, "Metadata", :popup
+    end
+
+  end
+
+end
+
+__END__
+
+@@ layout
+%html
+  %head
+    %title Control Center &raquo; #{@title}
+    %script{ :language => "JavaScript", :type => "text/javascript", :src => "/control/s/js/prototype.js" }
+    %style{ :type => "text/css" }
+      @import '/control/s/css/control.css';
+  %body
+    %div#page
+      - if @user and not @login
+        %div.menu
+          %ul
+            %li
+              %a{ :href => "/control/buckets" } buckets
+              - if @user.superuser?
+                %a{ :href => "/control/users" } users
+              %a{ :href => "/control/profile" } profile
+              %a{ :href => "/control/logout" } logout
+      %div#header
+        %h1 Control Center
+        %h2 #{@title}
+      %div#content
+        = yield
+
+@@ popup
+%html
+  %head
+    %title #{@title}
+    %style{ :type => "text/css" } 
+      @import '/control/s/css/control.css';
+    %script{ :language => 'javascript', :src => '/control/s/js/prototype.js' }
+  %body
+    %div#content
+      = yield
+
+@@ login
+%form.create{ :method => "post" }
+  %div.required
+    %label{ :for => "login" } User
+    %input#login{ :type => "text", :name => "login" }
+  %div.required
+    %label{ :for => "password" } Password
+    %input#password{ :type => "password", :name => "password" }
+  %input#loggo{ :type => "submit", :value => "Login", :name => "loggo" }
+
+@@ buckets
+- if @buckets.any?
+  %table
+    %thead
+      %tr
+        %th Name
+        %th Contains
+        %th Updated on
+        %th Info
+        %th Actions
+    %tbody
+      - @buckets.each do |bucket|
+        %tr
+          %th
+            %a{ :href => "/control/buckets/#{bucket.name}" } #{bucket.name}
+          %td #{bucket.total_children rescue 0} files
+          %td #{bucket.updated_at}
+          %td #{bucket.access_readable + (bucket.versioning_enabled? ? ",versioned" : "")}
+          %td
+            %a{ :href => "/control/delete/#{bucket.name}", :onClick => S3::POST, :title => "Delete Bucket #{bucket.name}" } Delete
+- else
+  %p A sad day. You have no buckets yet.
+%h3 Create a Bucket
+%form.create{ :method => "post" }
+  = preserve errors_for(@bucket)
+  %input{ :name => "bucket[owner_id]", :type => "hidden", :value => @bucket.owner_id }
+  %div.required
+    %label{ :for => "bucket[name]" } Bucket Name
+    %input{ :name => "bucket[name]", :type => "text", :value => @bucket.name }
+  %div.required
+    %label{ :for => "bucket[access]" } Permissions
+    %select{ :name => "bucket[access]" }
+      - S3::CANNED_ACLS.sort.each do |acl,perm|
+        - opts = { :value => perm }
+        - opts[:selected] = true if perm == @bucket.access
+        %option{ opts } #{acl}
+  %input#newbucket{ :type => "submit", :value => "Create", :name => "newbucket" }
+
+@@ files
+%p Click on a file name to get file details.
+%table
+  %caption
+    - if defined?(Git)
+      %span{ :style => "float:right" }
+        - if !@bucket.versioning_enabled?
+          %a{ :href => "/control/buckets/#{@bucket.name}/versioning", :onClick => S3::POST } Enable Versioning For This Bucket
+        - else
+          Versioning Enabled
+    %a{ :href => "/control/buckets" } &larr; Buckets
+  %thead
+    %tr
+      %th File
+      %th Size
+      %th Permission
+  %tbody
+    - if @files.empty?
+      %tr
+        %td{ :colspan => "3", :style => "padding:15px;text-align:center" } No Files
+    - @files.each do |file|
+      %tr
+        %td
+          %a{ :href => "javascript:///", :onclick => "$('details-#{file.id}').toggle()" } #{file.name}
+          %div.details{ :id => "details-#{file.id}", :style => "display:none" }
+            - if @bucket.versioning_enabled? && !file.git_object.nil?
+              %p Revision: #{file.git_object.objectish}
+            - if file.torrent
+              %p #{file.torrent.seeders} seeders &bull; #{file.torrent.leechers} leechers &bull; #{file.torrent.total} downloads
+            %p Last modified on #{file.updated_at}
+            %p
+              %a{ :href => signed_url("/#{@bucket.name}/#{file.name}"), :target => "_blank" } Get
+              &bull;
+              %a{ :href => "/control/acl/#{@bucket.name}/#{file.name}", :onclick => S3::POPUP } Access
+              &bull;
+              %a{ :href => "/control/meta/#{@bucket.name}/#{file.name}", :onclick => S3::POPUP } Meta
+              &bull;
+              - if @bucket.versioning_enabled?
+                %a{ :href => "/control/changes/#{@bucket.name}/#{file.name}", :onclick => S3::POPUP } Changes
+                &bull;
+              - if defined?(RubyTorrent)
+                %a{ :href => signed_url("/#{@bucket.name}/#{file.name}") + "&torrent", :target => "_blank" } Torrent
+                &bull;
+              %a{ :href => "/control/delete/#{@bucket.name}/#{file.name}", :onclick => S3::POST, :title => "Delete file #{file.name}" } Delete
+        %td #{number_to_human_size(file.size)}
+        %td #{file.access_readable}
+%div#results
+%div#progress-bar{ :style => "display:none" }
+%iframe#upload{ :name => "upload", :style => "display:none" }
+- @upid = Time.now.to_f
+- form_options = { :action => "?upload_id=#{@upid}", :id => "upload-form", :method => 'post', :enctype => 'multipart/form-data' }
+- form_options.merge!({ :onsubmit => "UploadProgress.monitor('#{@upid}')", :target => "upload" }) if $UPLOAD_PROGRESS
+%form.create{ form_options }
+  %h3 Upload a File
+  %div.required
+    %input{ :name => "upfile", :type => "file" }
+  %div.optional
+    %label{ :for => "fname"} File Name
+    %input{ :name => "fname", :type => "text" }
+  %div.required
+    %label{ :for => "facl" } Permissions
+    %select{ :name => "facl" }
+      - S3::CANNED_ACLS.sort.each do |acl, perm|
+        - opts = { :value => perm }
+        - opts[:selected] = true if perm == @bucket.access
+        %option{ opts } #{acl}
+  %input#newfile{ :name => "newfile", :value => "Create", :type => "submit" }
+
+@@ users
+%table
+  %thead
+    %tr
+      %th Login
+      %th Activated On
+      %th Total Storage
+      %th Actions
+  %tbody
+    - @users.each do |user|
+      %tr
+        %th
+          %a{ :href => "/control/users/#{user.login}" } #{user.login}
+        %td #{user.activated_at}
+        %td #{number_to_human_size(Bit.sum(:size, :conditions => [ 'owner_id = ?', user.id ]))}
+        %td
+          %a{ :href => "/control/users/delete/#{user.login}", :onclick => S3::POST, :title => "Delete user #{user.login}" } Delete
+%h3 Create a User
+%form.create{ :action => "/control/users", :method => "post" }
+  = preserve errors_for(@usero)
+  %div.required
+    %label{ :for => "user[login]" } Login
+    %input.large{ :type => "text", :value => @usero.login, :name => "user[login]" }
+  %div.required.inline
+    %label{ :for => "user[superuser]" } Is a super-admin?
+    %input{ :type => "checkbox", :name => "user[superuser]", :value => @usero.superuser }
+  %div.required
+    %label{ :for => "user[password]" } Password
+    %input.fixed{ :type => "password", :name => "user[email]" }
+  %div.required
+    %label{ :for => "user[password_confirmation]" } Password again
+    %input.fixed{ :type => "password", :name => "user[password_confirmation]" }
+  %div.required
+    %label{ :for => "user[email]" } Email
+    %input{ :type => "text", :value => @usero.email, :name => "user[email]" }
+  %div.required
+    %label{ :for => "user[key]" } Key (must be unique)
+    %input.fixed.long{ :type => "text", :value => (@usero.key || generate_key), :name => "user[key]" }
+  %div.required
+    %label{ :for => "user[secret]" } Secret
+    %input.fixed.long{ :type => "text", :value => (@usero.secret || generate_secret), :name => "user[secret]" }
+  %input.newuser{ :type => "submit", :value => "Create", :name => "newuser" }
+
+@@ profile
+%form.create{ :method => "post" }
+  = preserve errors_for(@usero)
+  - if @user.superuser?
+    %div.required.inline
+      %label{ :for => "user[superuser]" } Is a super-admin?
+      %input{ :type => "checkbox", :name => "user[superuser]", :value => @usero.superuser }
+  %div.required
+    %label{ :for => "user[password]" } Password
+    %input.fixed{ :type => "password", :name => "user[email]" }
+  %div.required
+    %label{ :for => "user[password_confirmation]" } Password again
+    %input.fixed{ :type => "password", :name => "user[password_confirmation]" }
+  %div.required
+    %label{ :for => "user[email]" } Email
+    %input{ :type => "text", :value => @usero.email, :name => "user[email]" }
+  %div.required
+    %label{ :for => "key" } Key
+    %h4 #{@usero.key}
+  %div.required
+    %label{ :for => "secret" } Secret
+    %h4 #{@usero.secret}
+  %input#saveuser{ :type => "submit", :value => "Save", :name => "saveuser" }
+
+@@ meta
+%form.create{ :method => "post", :style => "text-align:left" }
+  = preserve errors_for(@slot)
+  %table
+    %thead
+      %tr
+        %th Key
+        %th Value
+    %tbody
+      - if @slot.meta.empty?
+        %tr
+          %td{ :colspan => "2", :style => "padding:8px;text-align:center" } No Metadata for #{@slot.name}
+      - else
+        - @slot.meta.each do |k,v|
+          %tr
+            %td #{k}
+            %td
+              %input{ :name => "m[#{k}]", :type => "text", :value => v, :style => "width:100%" }
+    %thead
+      %tr
+        %th{ :colspan => "2" } New Key
+    %tbody
+      %tr
+        %td
+          %input{ :name => "meta[key]", :type => "text", :style => "width:100%" }
+        %td
+          %input{ :name => "meta[value]", :type => "text", :style => "width:100%" }
+  %div{ :style => "text-align:center;margin-top:15px" }
+    %input{ :type => "submit", :value => "Update" }
+
+@@ changes
+%table
+  %thead
+    %tr
+      %th Commit Log For #{@file.name}
+  %tbody
+    - @versions.each do |version|
+      %tr
+        %td
+          %div
+            %a{ :target => "_blank", :href => signed_url("/#{@bucket.name}/#{@file.name}") + "&version-id=#{version.sha}" } #{version.sha}
+          %div On: #{version.date}
+          %div By: #{version.author.name} <#{version.author.email}>
+
+@@ acl
+%table
+  %thead
+    %tr
+      %th For
+      %th Access
+  %tbody
+    - @slot.acl_list.each_pair do |key,acl|
+      %tr
+        %td #{acl[:type] == "CanonicalUser" ? "#{acl[:id]} (#{acl[:name]})" : acl[:uri].split("/").last}
+        %td #{acl[:access]}
+%div{ :style => "text-align:left;margin-top:10px" }
+  %h3 Modify File Access
+  %form.create{ :method => "post" }
+    %div.required
+      %label{ :for => "acl_type" } For
+      %select#acl_type{ :name => "acl[type]", :onchange => "$('user_id_box').style.display = this.value == 'email' ? 'block' : 'none';" }
+        %option{ :value => "http://acs.amazonaws.com/groups/global/AllUsers" } AllUsers
+        %option{ :value => "http://acs.amazonaws.com/groups/global/AuthenticatedUsers" } AuthenticatedUsers
+        %option{ :value => "email" } By ID/Email
+    %div#user_id_box.required{ :style => "display:none" }
+      %label{ :for => "user_id" } User ID/Email
+      %input#user_id{ :type => "text", :name => "acl[user_id]" }
+    %div.required
+      %label{ :for => "user_access" } Access
+      %select#user_access{ :name => "acl[access]" }
+        %option{ :value => "READ" } READ
+        %option{ :value => "READ_ACP" } READ_ACP
+        %option{ :value => "WRITE" } WRITE
+        %option{ :value => "WRITE_ACP" } WRITE_ACP
+    %input{ :type => "submit", :value => "Update" }