supso 0.10.0

data/lib/supso/organization.rb

@@ -0,0 +1,95 @@
+require 'json'
+
+module Supso
+  class Organization
+    attr_accessor :name, :id
+
+    @@current_organization = nil
+
+    def initialize(name, id)
+      @name = name
+      @id = id
+    end
+
+    def save_to_file!
+      Util.ensure_path_exists!(Organization.current_organization_filename)
+      file = File.open(Organization.current_organization_filename, 'w')
+      file << self.saved_data.to_json
+      file.close
+      Project.save_project_directory_readme!
+    end
+
+    def saved_data
+      data = {}
+      data['name'] = self.name if self.name
+      data['id'] = self.id if self.id
+      data
+    end
+
+    def self.current_organization_filename
+      "#{ Supso.project_supso_config_root }/current_organization.json"
+    end
+
+    def self.current_organization_from_file
+      organization_data = {}
+      begin
+        organization_data = JSON.parse(File.read(Organization.current_organization_filename))
+        organization_data = {} if !organization_data.is_a?(Object)
+      rescue
+        organization_data = {}
+      end
+
+      if organization_data['id']
+        Organization.new(organization_data['name'], organization_data['id'])
+      else
+        nil
+      end
+    end
+
+    def self.current_organization
+      @@current_organization ||= Organization.current_organization_from_file
+    end
+
+    def self.current_organization_or_fetch
+      org = Organization.current_organization
+
+      if !org
+        Organization.fetch_current_organization!
+        org = Organization.current_organization
+        if !org
+          raise StandardError.new('Could not find current organization')
+        else
+          org
+        end
+      end
+    end
+
+    def self.set_current_organization!(name, id)
+      @@current_organization = Organization.new(name, id)
+      @@current_organization.save_to_file!
+    end
+
+    def self.delete_current_organization!
+      @@current_organization = nil
+      if File.exists?(Organization.current_organization_from_file)
+        File.delete(Organization.current_organization_from_file)
+      end
+    end
+
+    def self.fetch_current_organization!
+      user = User.current_user
+      data = {
+          auth_token: user.auth_token,
+          user_id: user.id,
+      }
+      response = Util.http_post("#{ Supso.supso_api_root }users/me/current_organization", data)
+
+      if response['success']
+        org = response['organization']
+        Organization.set_current_organization!(org['name'], org['id'])
+      else
+        puts response['reason']
+      end
+    end
+  end
+end

data/lib/supso/project.rb

@@ -0,0 +1,218 @@
+require 'json'
+require 'openssl'
+require 'base64'
+
+module Supso
+  class Project
+    attr_accessor :name, :api_token, :client_data, :client_token, :source, :aliases
+
+    # Validities
+    MISSING_DATA = :missing_token
+    MISSING_TOKEN = :missing_token
+    DIFFERENT_API_TOKEN = :different_api_token
+    INVALID_TOKEN = :missing_token
+    MISSING_ORGANIZATION = :missing_organization
+    DIFFERENT_ORGANIZATION = :different_organization
+    VALID = :valid
+
+    def initialize(name, api_token, options = {})
+      @name = name
+      @api_token = api_token
+      @options = options
+      @client_data = self.load_client_data
+      @client_token = self.load_client_token
+      @source = options[:source] || options['source']
+      @aliases = options[:aliases] || options['aliases'] || []
+    end
+
+    def filename(filetype)
+      "#{ Supso.project_supso_config_root }/projects/#{ self.name }.#{ filetype }"
+    end
+
+    def data_filename
+      self.filename('json')
+    end
+
+    def identification_data
+      {
+          name: self.name,
+          api_token: self.api_token,
+          aliases: self.aliases,
+          source: self.source,
+      }
+    end
+
+    def puts_info
+      puts "#{ self.name }"
+
+      if self.source
+        human_readable_source = self.source == 'add' ? 'add (ruby)' : self.source
+        puts "  Source: #{ human_readable_source }"
+      end
+
+      if self.valid?
+        puts "  Valid: Yes"
+      else
+        puts "  Valid: No"
+        puts "  Reason: #{ self.validity_explanation }"
+      end
+    end
+
+    def load_client_data
+      if File.exist?(self.data_filename)
+        JSON.parse(File.read(self.data_filename))
+      else
+        {}
+      end
+    end
+
+    def load_client_token
+      if self.token_file_exists?
+        File.read(self.token_filename)
+      else
+        nil
+      end
+    end
+
+    def token_filename
+      self.filename('token')
+    end
+
+    def token_file_exists?
+      File.exist?(self.token_filename)
+    end
+
+    def organization_id
+      self.client_data['organization_id']
+    end
+
+    def save_project_data!
+      if self.client_data.empty?
+        if File.exists?(self.data_filename)
+          File.delete(self.data_filename)
+        end
+        if File.exists?(self.token_filename)
+          File.delete(self.token_filename)
+        end
+      else
+        Project.save_project_directory_readme!
+
+        Util.ensure_path_exists!(self.data_filename)
+        file = File.open(self.data_filename, 'w')
+        file << self.client_data.to_json
+        file.close
+
+        Util.ensure_path_exists!(self.token_filename)
+        file = File.open(self.token_filename, 'w')
+        file << self.client_token
+        file.close
+      end
+    end
+
+    def valid?
+      self.validity == VALID
+    end
+
+    def validity
+      if !self.client_token
+        return MISSING_TOKEN
+      end
+
+      if !self.client_data
+        return MISSING_DATA
+      end
+
+      if self.client_data['project_api_token'] != self.api_token
+        return DIFFERENT_API_TOKEN
+      end
+
+      if !Organization.current_organization
+        return MISSING_ORGANIZATION
+      end
+
+      if self.organization_id != Organization.current_organization.id
+        return DIFFERENT_ORGANIZATION
+      end
+
+      public_key = OpenSSL::PKey::RSA.new File.read("#{ Supso.gem_root }/lib/other/supso2.pub")
+      digest = OpenSSL::Digest::SHA256.new
+
+      if !public_key.verify(digest, Base64.decode64(self.client_token), self.client_data.to_json)
+        return INVALID_TOKEN
+      end
+
+      return VALID
+    end
+
+    def validity_explanation
+      case self.validity
+      when MISSING_TOKEN
+        "Missing client token. Run `supso update` to update the token."
+      when MISSING_DATA
+        "Missing client data. Run `supso update` to update the data."
+      when DIFFERENT_API_TOKEN
+        "Different api token. The project's api token is different from the project api token listed in your client data. Make sure your projects are all up-to-date and you have the latest client token from `supso update`."
+      when MISSING_ORGANIZATION
+        "Missing organization. Run `supso update` to update your organization file."
+      when DIFFERENT_ORGANIZATION
+        "Different organization. The client token uses organization id #{ organization_id }, but " +
+            "your current organization id is #{ Organization.current_organization['id'] } (#{ Organization.current_organization['name'] })."
+      when INVALID_TOKEN
+        "Invalid client token. Run `supso update` to update the token."
+      when VALID
+        "Valid."
+      else
+        "Invalid."
+      end
+    end
+
+    def save_data!
+      self.save_project_data
+    end
+
+    class << self
+      attr_accessor :projects
+    end
+
+    def self.projects
+      @projects ||= []
+    end
+
+    def self.add(name, api_token, options = {})
+      # Correct for common mistakes:
+      options[:aliases] = options['aliases'] if options['aliases'] && !options[:aliases]
+      options[:source] = options['source'] if options['source'] && !options[:source]
+
+      options[:source] ||= 'add'
+      project = Project.new(name, api_token, options)
+      self.projects << project
+    end
+
+    def self.detect_all_projects!
+      Util.require_all_gems!
+      Javascript.detect_all_projects!
+    end
+
+    def self.save_project_directory_readme!
+      readme_path = "#{ Supso.project_supso_config_root }/README.txt"
+      if !File.exists?(readme_path)
+        readme_contents = File.open("#{ Supso.gem_root }/lib/templates/project_dir_readme.txt", 'r').read
+        Util.ensure_path_exists!(readme_path)
+        file = File.open(readme_path, 'w')
+        file << readme_contents
+        file.close
+      end
+    end
+
+    def self.aliases_match?(aliases1 = [], aliases2 = [])
+      aliases2.each do |first_alias|
+        if aliases1.any? { |second_alias| second_alias['name'] == first_alias['name'] &&
+            second_alias['platform'] == first_alias['platform'] }
+          return true
+        end
+      end
+
+      false
+    end
+  end
+end

data/lib/supso/updater.rb

@@ -0,0 +1,91 @@
+module Supso
+  module Updater
+    def Updater.update
+      user = User.current_user
+      if user && user.auth_token
+        Updater.update_returning_user(user)
+      else
+        Updater.update_first_time_user
+      end
+    end
+
+    def Updater.update_first_time_user
+      puts "Super Source lets you subscribe to projects, so that you can receive urgent security announcements, important new versions, and other information via email."
+
+      Project.detect_all_projects!
+      puts "You are using the following projects with Super Source:"
+      Project.projects.each do |project|
+        puts "  #{ project.name }"
+      end
+
+      puts "You can opt-out if you wish, however you must provide a valid email, in order to receive the confirmation token."
+
+      email = Commands.prompt_email
+      User.attach_to_email!(email)
+
+      succeeded = false
+      while !succeeded
+        token = Commands.prompt_confirmation_token(email)
+        succeeded, reason = User.log_in_with_confirmation_token!(email, token)
+        if !succeeded && reason
+          puts reason
+        end
+      end
+
+      Updater.update_projects!
+    end
+
+    def Updater.update_returning_user(user)
+      org = Organization.current_organization_or_fetch
+      Project.detect_all_projects!
+      Updater.update_projects!
+    end
+
+    def Updater.update_projects!(projects = nil)
+      if projects.nil?
+        projects = Project.projects
+      end
+
+      if projects.length == 0
+        puts "No projects in list to update."
+        return
+      end
+
+      puts "Updating #{ Util.pluralize(projects.length, 'project') }..."
+
+      user = User.current_user
+      organization = Organization.current_organization
+
+      data = {
+          auth_token: user.auth_token,
+          user_id: user.id,
+          projects: projects.map { |project| project.identification_data },
+      }
+
+      response = Util.http_post("#{ Supso.supso_api_root }organizations/#{ organization.id }/client_tokens", data)
+
+      if response['success']
+        response['projects'].each do |project_response|
+          client_data = project_response['client_data']
+          client_token = project_response['client_token']
+          api_token = client_data['project_api_token']
+          aliases = client_data['project_aliases'] || []
+          project = projects.find { |find_project| find_project.api_token == api_token }
+          if project.nil?
+            project = projects.find { |find_project| Project.aliases_match?(find_project.aliases, aliases) }
+
+            if project.nil?
+              next # Could log warning
+            end
+          end
+          project.client_data = client_data
+          project.client_token = client_token
+          project.aliases = aliases
+          project.save_project_data!
+        end
+      else
+        puts response['reason']
+      end
+    end
+  end
+end

data/lib/supso/user.rb

@@ -0,0 +1,161 @@
+require 'yaml'
+
+module Supso
+  class User
+    attr_accessor :email, :name, :id, :auth_token
+
+    @@current_user = nil
+
+    def initialize(email, name, id, auth_token = nil)
+      @email = email
+      @name = name
+      @id = id
+      @auth_token = auth_token
+    end
+
+    def save_to_file!
+      Util.ensure_path_exists!(User.current_user_filename)
+      file = File.open(User.current_user_filename, 'w')
+      file << self.saved_data.to_json
+      file.close
+      User.save_user_supso_readme!
+    end
+
+    def saved_data
+      data = {
+          'email' => self.email
+      }
+      data['name'] = self.name if self.name
+      data['id'] = self.id if self.id
+      data['auth_token'] = self.auth_token if self.auth_token
+      data
+    end
+
+    def self.current_user_filename
+      "#{ Supso.user_supso_config_root }/current_user.json"
+    end
+
+    def self.readme_filename
+      "#{ Supso.user_supso_config_root }/README.txt"
+    end
+
+    def self.current_user_from_file
+      if !File.exist?(User.current_user_filename)
+        return nil
+      end
+
+      user_data = {}
+      begin
+        user_data = JSON.parse(File.read(User.current_user_filename))
+        user_data = {} if !user_data.is_a?(Object)
+      rescue JSON::ParserError => err
+        user_data = {}
+      end
+
+      if user_data['email'] || user_data['auth_token']
+        User.new(user_data['email'], user_data['name'], user_data['id'], user_data['auth_token'])
+      else
+        nil
+      end
+    end
+
+    def self.current_user
+      @@current_user ||= User.current_user_from_file
+    end
+
+    def self.set_current_user!(email, name, id, auth_token = nil)
+      @@current_user = User.new(email, name, id, auth_token)
+      @@current_user.save_to_file!
+    end
+
+    def self.attach_to_email!(email)
+      data = {
+          email: email,
+      }
+
+      response = Util.http_post("#{ Supso.supso_api_root }users/attach", data)
+
+      if response['success']
+        User.set_current_user!(response['user']['email'], response['user']['name'],
+            response['user']['id'])
+      else
+        puts response['reason']
+        # Anything here needed?
+      end
+    end
+
+    def self.log_in_with_password!(email, password)
+      data = {
+          email: email,
+          password: password,
+      }
+
+      response = Util.http_post("#{ Supso.supso_api_root }sign_in", data)
+
+      if response['success']
+        User.set_current_user!(response['user']['email'], response['user']['name'],
+            response['user']['id'], response['auth_token'])
+        if Organization.current_organization.nil?
+          Organization.set_current_organization!(response['organization']['name'], response['organization']['id'])
+        end
+        [true, nil]
+      else
+        [false, response['reason']]
+      end
+    end
+
+    def self.log_in_with_confirmation_token!(email, confirmation_token)
+      data = {
+          email: email,
+          confirmation_token: confirmation_token,
+      }
+
+      response = Util.http_post("#{ Supso.supso_api_root }users/confirm", data)
+
+      if response['success']
+        User.set_current_user!(response['user']['email'], response['user']['name'],
+            response['user']['id'], response['auth_token'])
+        if Organization.current_organization.nil?
+          Organization.set_current_organization!(response['organization']['name'], response['organization']['id'])
+        end
+        [true, nil]
+      else
+        [false, response['reason']]
+      end
+    end
+
+    def self.log_out!
+      if File.exists?(User.current_user_filename)
+        user = User.current_user
+        if user && user.auth_token
+          data = {
+              version: Supso::VERSION,
+              auth_token: user.auth_token,
+              user_id: user.id,
+          }
+
+          response = Util.http_post("#{ Supso.supso_api_root }sign_out", data)
+
+          if response['success']
+            # No need to say anything like 'logout succeeded'
+          else
+            puts response['reason']
+          end
+        end
+
+        File.delete(User.current_user_filename)
+        @@current_user = nil
+      end
+    end
+
+    def self.save_user_supso_readme!
+      if !File.exists?(User.readme_filename)
+        readme_contents = File.open("#{ Supso.gem_root }/lib/templates/user_dir_readme.txt", 'r').read
+        Util.ensure_path_exists!(User.readme_filename)
+        file = File.open(User.readme_filename, 'w')
+        file << readme_contents
+        file.close
+      end
+    end
+  end
+end

data/lib/supso/util.rb

@@ -0,0 +1,129 @@
+require 'fileutils'
+require 'bundler'
+require 'json'
+
+module Supso
+  module Util
+    def Util.deep_merge(first, second)
+      merger = proc { |key, v1, v2| Hash === v1 && Hash === v2 ? v1.merge(v2, &merger) : v2 }
+      first.merge(second, &merger)
+    end
+
+    def Util.detect_project_root
+      project_root = Dir.getwd
+      while true
+        if project_root == ""
+          project_root = nil
+          break
+        end
+
+        if File.exist?(project_root + '/Gemfile') ||
+            File.exist?(project_root + '/package.json') ||
+            File.exist?(project_root + '.supso')
+          break
+        end
+
+        detect_project_root_splits = project_root.split("/")
+        detect_project_root_splits = detect_project_root_splits[0..detect_project_root_splits.length - 2]
+        project_root = detect_project_root_splits.join("/")
+      end
+
+      project_root
+    end
+
+    def Util.ensure_path_exists!(full_path)
+      split_paths = full_path.split('/')
+      just_file_path = split_paths.pop
+      directory_path = split_paths.join('/')
+      FileUtils.mkdir_p(directory_path)
+      FileUtils.touch("#{ directory_path }/#{ just_file_path }")
+    end
+
+    def Util.has_command?(command)
+      !!Util.which(command)
+    end
+
+    def Util.which(command)
+      command = Util.sanitize_command(command)
+      response = `which #{ command }`
+      response && response.length > 0 ? response : nil
+    end
+
+    def Util.sanitize_command(command)
+      command.gsub(/[^-_\w]/, '')
+    end
+
+    def Util.http_get(url)
+      json_headers = {
+          "Content-Type" => "application/json",
+          "Accept" => "application/json",
+      }
+      uri = URI.parse(url)
+      http = Net::HTTP.new(uri.host, uri.port)
+      if url.start_with?('https://')
+        http.use_ssl = true
+      end
+      response = http.get(uri.path, json_headers)
+
+      if response.code.to_i == 200
+        return JSON.parse(response.body)
+      else
+        raise StandardError.new("Error #{ response } for #{ url }")
+      end
+    end
+
+    def Util.http_post(url, data = {})
+      json_headers = {
+          "Content-Type" => "application/json",
+          "Accept" => "application/json",
+      }
+
+      data[:version] = Supso::VERSION
+
+      uri = URI.parse(url)
+      http = Net::HTTP.new(uri.host, uri.port)
+      if url.start_with?('https://')
+        http.use_ssl = true
+      end
+      response = http.post(uri.path, data.to_json, json_headers)
+
+      if response.code.to_i == 200
+        return JSON.parse(response.body)
+      else
+        raise StandardError.new("Error #{ response } for #{ url }")
+      end
+    end
+
+    def Util.is_email?(email)
+      !!/\A[^@]+@([^@\.]+\.)+[^@\.]+\z/.match(email)
+    end
+
+    def Util.pluralize(count, word)
+      if count == 1
+        word
+      else
+        "#{ word }s"
+      end
+    end
+
+    def Util.require_all_gems!
+      begin
+        Bundler.require(:default, :development, :test, :production)
+      rescue Gem::LoadError, Bundler::GemfileNotFound
+        # Keep going
+      end
+    end
+
+    def Util.underscore_to_camelcase(str)
+      str.split('_').map{ |chunk| chunk.capitalize }.join
+    end
+
+    def Util.camelcase_to_underscore(str)
+      str.gsub(/::/, '/')
+          .gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2')
+          .gsub(/([a-z\d])([A-Z])/,'\1_\2')
+          .tr("-", "_")
+          .downcase
+    end
+  end
+end

data/lib/supso/version.rb

@@ -0,0 +1,8 @@
+module Supso
+  if !defined?(Supso::VERSION)
+    VERSION_MAJOR = 0
+    VERSION_MINOR = 10
+    VERSION_PATCH = 0
+    VERSION = [VERSION_MAJOR, VERSION_MINOR, VERSION_PATCH].join('.')
+  end
+end