t2-server 0.6.1 → 0.9.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (52) hide show
  1. data/.rvmrc +1 -0
  2. data/CHANGES.rdoc +48 -0
  3. data/LICENCE.rdoc +2 -2
  4. data/README.rdoc +245 -10
  5. data/Rakefile +108 -0
  6. data/bin/t2-delete-runs +21 -34
  7. data/bin/t2-get-output +134 -0
  8. data/bin/t2-run-workflow +121 -109
  9. data/bin/t2-server-admin +128 -0
  10. data/bin/t2-server-info +25 -38
  11. data/lib/t2-server-cli.rb +116 -0
  12. data/lib/t2-server.rb +16 -27
  13. data/lib/t2-server/admin.rb +147 -0
  14. data/lib/t2-server/connection-parameters.rb +144 -0
  15. data/lib/t2-server/connection.rb +352 -0
  16. data/lib/t2-server/credentials.rb +84 -0
  17. data/lib/t2-server/exceptions.rb +42 -21
  18. data/lib/t2-server/port.rb +472 -0
  19. data/lib/t2-server/run.rb +822 -227
  20. data/lib/t2-server/server.rb +313 -317
  21. data/lib/t2-server/util.rb +71 -0
  22. data/lib/t2-server/xml/libxml.rb +87 -0
  23. data/lib/t2-server/xml/nokogiri.rb +85 -0
  24. data/lib/t2-server/xml/rexml.rb +85 -0
  25. data/lib/t2-server/xml/xml.rb +111 -0
  26. data/lib/t2server.rb +4 -1
  27. data/t2-server.gemspec +112 -0
  28. data/test/tc_admin.rb +63 -0
  29. data/test/{tc_paths.rb → tc_params.rb} +11 -25
  30. data/test/tc_perms.rb +132 -0
  31. data/test/tc_run.rb +200 -67
  32. data/test/tc_secure.rb +191 -0
  33. data/test/tc_server.rb +25 -23
  34. data/test/tc_util.rb +74 -0
  35. data/test/ts_t2server.rb +57 -12
  36. data/test/workflows/always_fail.t2flow +69 -0
  37. data/test/workflows/list_and_value.t2flow +12 -0
  38. data/test/workflows/list_with_errors.t2flow +107 -0
  39. data/test/workflows/secure/basic-http.t2flow +74 -0
  40. data/test/workflows/secure/basic-https.t2flow +74 -0
  41. data/test/workflows/secure/client-https.t2flow +162 -0
  42. data/test/workflows/secure/digest-http.t2flow +129 -0
  43. data/test/workflows/secure/digest-https.t2flow +107 -0
  44. data/test/workflows/secure/heater-pk.pem +20 -0
  45. data/test/workflows/secure/user-cert.p12 +0 -0
  46. data/test/workflows/secure/ws-http.t2flow +180 -0
  47. data/test/workflows/secure/ws-https.t2flow +180 -0
  48. data/test/workflows/strings.txt +10 -0
  49. data/test/workflows/xml_xpath.t2flow +136 -136
  50. data/version.yml +4 -0
  51. metadata +132 -34
  52. data/lib/t2-server/xml.rb +0 -86
data/.rvmrc ADDED
@@ -0,0 +1 @@
1
+ rvm use ruby-1.8.7@t2server --create
data/CHANGES.rdoc CHANGED
@@ -1,5 +1,53 @@
1
1
  = Changes log for the T2 Ruby Gem
2
2
 
3
+ == Version 0.9.0
4
+
5
+ * t2-run-workflow: Add a switch to set the expiry date/time.
6
+ * Support version 2 of the Server API.
7
+ * Update example scripts to work with the new server API.
8
+ * Retire the T2Server::API_VERSION constant.
9
+ * Add a method to get expected inputs from the server.
10
+ * Make the baclava input/output calls more "ruby-like"
11
+ * Fix the Run#wait method to cope with finished runs.
12
+ * Changes to Run and Server to yield created objects.
13
+ * Add zip output facilities to the Run class.
14
+ * Scripts: Add switches for passing user credentials.
15
+ * t2-run-workflow: Exit if workflow is empty.
16
+ * Top-level documentation updates.
17
+ * Add server administrative interface infrastructure.
18
+ * Fix exception raised within exception code!
19
+ * Fix exception raised within exception code!
20
+ * Allow Run#expiry= to accept Time objects as input.
21
+ * Add a deprecation message when require 't2server' is used.
22
+ * Add connection-parameters classes.
23
+ * Use supplied parameters to configure SSL connections.
24
+ * Connection parameters tests.
25
+ * Add use of connection parameters to the cli scripts.
26
+ * Fix Run#status to return state as symbols rather than text.
27
+ * Enable dynamic selection of XML implementation.
28
+ * Move URI monkeypatch code to new Util module.
29
+ * Move String monkeypatch code to Util module.
30
+ * Remove progress output from Run#wait.
31
+ * Change all references to UUIDs to 'identifier'.
32
+ * Get run ownership from the server for each run.
33
+ * Facilities for granting and revoking permissions on runs.
34
+ * Facilities for providing user/pass credentials for secure services.
35
+ * Add support for uploading trusts for peer verification.
36
+ * Facilities for providing keypair credentials for secure services.
37
+ * Secure workflow and Run permissions test cases.
38
+ * Update Readme with security info.
39
+ * Update the input port API.
40
+ * Update the output port API.
41
+ * t2-get-output: Change -E switch to -x.
42
+ * t2-get-output: Wire up the -r switch.
43
+ * t2-get-output: Add -T switch for returning output types.
44
+ * Remove support for Taverna Server versions < 2.3.
45
+ * Add Server#upload_data.
46
+ * Add Run#upload_data.
47
+ * Fake list inputs with baclava.
48
+ * More detailed documentation in the ReadMe file.
49
+ * Compatibily note added to the ReadMe file.
50
+
3
51
  == Version 0.6.1
4
52
 
5
53
  * Store server addresses internally as URI objects.
data/LICENCE.rdoc CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2010, 2011 The University of Manchester, UK.
1
+ Copyright (c) 2010-2012 The University of Manchester, UK.
2
2
 
3
3
  All rights reserved.
4
4
 
@@ -14,7 +14,7 @@ modification, are permitted provided that the following conditions are met:
14
14
 
15
15
  * Neither the names of The University of Manchester nor the names of its
16
16
  contributors may be used to endorse or promote products derived from this
17
- software without specific prior written permission.
17
+ software without specific prior written permission.
18
18
 
19
19
  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20
20
  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
data/README.rdoc CHANGED
@@ -1,12 +1,10 @@
1
1
  = Taverna[http://www.taverna.org.uk/] 2 Server Interaction Gem
2
2
 
3
3
  Authors:: Robert Haines
4
- Gem Version:: 0.6.1
5
- API Version:: 2.2a1
6
4
  Contact:: mailto:rhaines@manchester.ac.uk
7
- URL:: http://taverna.sourceforge.net/
5
+ URL:: http://www.taverna.org.uk/
8
6
  Licence:: BSD (See LICENCE or http://www.opensource.org/licenses/bsd-license.php)
9
- Copyright:: (c) 2010, 2011 The University of Manchester, UK
7
+ Copyright:: (c) 2010-2012 The University of Manchester, UK
10
8
 
11
9
 
12
10
  == Synopsis
@@ -22,23 +20,150 @@ Then simply install as you would any other gem:
22
20
  [sudo] gem install t2-server
23
21
 
24
22
  In case of problems with the above the gem is available for download here:
25
- http://rubygems.org/gems/t2-server
23
+ https://rubygems.org/gems/t2-server
26
24
 
27
25
  You can also download the source code from here:
28
- http://github.com/myGrid/t2-server-gem
26
+ https://github.com/myGrid/t2-server-gem
27
+
28
+ == Compatibility with Taverna Server versions
29
+
30
+ From version 0.9.0 this library is compatible with Taverna Server 2.3 onwards.
31
+ It is not compatible with any earlier version of Taverna Server due to breaking
32
+ changes in its REST interface. We strongly encourage all users to upgrade to
33
+ the current version of Taverna Server, but if that is not possible right now
34
+ then please continue to use version 0.6.1 of this library for the time being.
35
+
36
+ This version of the library should be compatible with any Ruby code that you
37
+ may have already written against earlier versions but you may see some warnings
38
+ about API deprecations. These are clearly marked [DEPRECATION] and will appear
39
+ on your console output. Anything marked as deprecated will be removed in
40
+ version 1.0.0 so you are advised to update your code at your earliest
41
+ convenience.
29
42
 
30
43
  == Usage
31
44
 
32
45
  There are two entry points for the T2Server API:
33
- * T2Server::Run - Use this for running single jobs on a server.
34
- * T2Server::Server - Use this if you are providing a web interface to one or
35
- more Taverna 2 Server instances.
46
+ * <tt>T2Server::Run</tt> - Use this for running single jobs on a server.
47
+ * <tt>T2Server::Server</tt> - Use this if you are providing a web interface to
48
+ one or more Taverna 2 Server instances.
36
49
 
37
50
  In both cases the gem should be initialized by requiring the top level ruby
38
51
  file:
39
52
  require 't2-server.rb'
40
53
 
41
- See the rdoc for more information.
54
+ === Configuring a Server connection
55
+
56
+ Setting up a connection to a secure server can be quite tricky and a secure
57
+ Taverna Server is no different. To make things slightly easier this library
58
+ provides some short cuts to providing various parameters for different types of
59
+ connection.
60
+
61
+ Connection configuration settings are passed in to various methods using the
62
+ +ConnectionParameters+ class. Parameters that can be set are:
63
+ * <tt>:ca_file</tt>
64
+ * <tt>:ca_path</tt>
65
+ * <tt>:verify_peer</tt>
66
+ * <tt>:client_certificate</tt>
67
+ * <tt>:client_password</tt>
68
+
69
+ And can be set like this for a standard https connection:
70
+
71
+ conn_params = ConnectionParameters.new
72
+ conn_params[:verify_peer] = true
73
+ conn_params[:ca_path] = "/etc/ssl/certs"
74
+
75
+ This will ensure that the identity of the Taverna Server you are connecting to
76
+ will be verified using the set of certificates in <tt>/etc/ssl/certs</tt>.
77
+
78
+ For convenience a number of standard sets of parameters have been defined. The
79
+ above example is available as +DefaultConnectionParameters+. Others available
80
+ are:
81
+ * +InsecureSSLConnectionParameters+ - to ignore SSL checks.
82
+ * +CustomCASSLConnectionParameters+ - for custom (self-signed) CAs.
83
+ * +ClientAuthSSLConnectionParameters+ - for client certificate authentication.
84
+
85
+ See the rdoc for more details on these classes.
86
+
87
+ === Authenticating to a Taverna Server
88
+
89
+ Some calls to a server require that a set of user credentials are provided.
90
+ These are simple to set up:
91
+
92
+ credentials = T2Server::HttpBasic.new("username", "password")
93
+
94
+ === Server API example
95
+
96
+ The Server constructor can yield the newly created object. Simple supply a URI
97
+ and a set of connection parameters to connect to a server:
98
+
99
+ T2Server::Server.new(uri, conn_params) do |server|
100
+ ...
101
+ end
102
+
103
+ Note that credentials are not required by default to simply connect to a
104
+ Taverna Server. Further operations (such as creating and starting runs) may
105
+ require authorization depending on how your server has been set up.
106
+
107
+ === Run API example
108
+
109
+ You can bypass the Server API if you know you are only going to be dealing with
110
+ a couple of runs directly:
111
+
112
+ T2Server::Run.create(uri, workflow, credentials, conn_params) do |run|
113
+ ...
114
+ end
115
+
116
+ Setting an input port to a run is very easy:
117
+
118
+ run.input_port("port_name").value = 1
119
+ run.input_port("port_name").value = "Hello!"
120
+ run.input_port("port_name").value = ["list", "of", "values"]
121
+
122
+ Or you can use a local file as input:
123
+
124
+ run.input_port("port_name").file = filename
125
+
126
+ Once all the inputs have been set the run can be started:
127
+
128
+ run.start
129
+
130
+ And monitored to see if it has finished:
131
+
132
+ run.finished?
133
+ run.running?
134
+
135
+ Or just wait until the run has finished:
136
+
137
+ run.wait
138
+
139
+ Then the outputs can be collected:
140
+
141
+ result = run.output_port("port_name").value
142
+
143
+ If you have a lot of output you can grab the whole lot as a zip file:
144
+
145
+ zip_data = run.zip_output
146
+
147
+ Using baclava documents for setting inputs and collecting outputs is also
148
+ supported:
149
+
150
+ run.baclava_input = filename
151
+
152
+ But make sure you request baclava output *before* starting the run:
153
+
154
+ run.request_baclava_output
155
+ run.start
156
+ run.wait
157
+ output = run.baclava_output
158
+
159
+ See the rdoc for more information. Many methods and classes have much more
160
+ functionality than the defaults described above. Please note that anything
161
+ which does not appear in the documentation is not intended to be part of the
162
+ public API. Use of undocumented classes and methods is entirely at your own
163
+ risk! Such things might not have consistent behaviour and might be removed at
164
+ any time.
165
+
166
+ === Example scripts
42
167
 
43
168
  As well as rdoc there are also a couple of example scripts which
44
169
  demonstrate good use of the T2Server API. These are available in the
@@ -47,10 +172,120 @@ gem is installed:
47
172
  * t2-run-workflow
48
173
  * t2-server-info
49
174
  * t2-delete-runs
175
+ * t2-get-output
176
+ * t2-server-admin
50
177
  Running any of these scripts with a <tt>-h</tt> or <tt>--help</tt>
51
178
  switch will show how to use them, e.g.:
52
179
  t2-run-workflow --help
53
180
 
181
+ == Interacting with secure Web Services
182
+
183
+ This library can be used to run workflows that contain secure
184
+ services. Such services may be secured in a number of ways depending
185
+ on how the credentials are passed and whether they are REST, SOAP or Rshell
186
+ services.
187
+
188
+ Running workflows that contain secure services requires that you pass
189
+ your credentials to Taverna Server so that it can authenticate itself
190
+ as you on your behalf.
191
+
192
+ <b>It is essential that you trust the Taverna Server that you are
193
+ using!</b>
194
+
195
+ <b>Ideally, you should only pass sensitive information, such as
196
+ passwords, via https so that you can be sure that it is not being read
197
+ in transit.</b>
198
+
199
+ === Username and password credentials
200
+ ==== REST
201
+
202
+ REST services are commonly secured via HTTP Basic or HTTP Digest
203
+ authentication and Taverna treats these two schemes in the same
204
+ way. Simply pass in your username and password with the *host* name of
205
+ the server on which the service is running:
206
+
207
+ run.add_password_credential("https://example.com:8443/", "username", "password")
208
+
209
+ The above example shows a https server running on port 8443. If the
210
+ service is on port 80 for http or port 443 for https then you don't
211
+ need to specify the port.
212
+
213
+ If there are services on the same host that require different credentials then
214
+ you will need to specify the realm for which each set of credentials applies.
215
+ This is done by adding the name of the realm to the end of the host name with
216
+ a # separating them:
217
+
218
+ run.add_password_credential("https://example.com:8443/#realm", "username", "password")
219
+
220
+ ==== SOAP
221
+
222
+ SOAP services are commonly secured via WS-Security. Simply pass in the
223
+ WSDL address of the service with your username and password:
224
+
225
+ run.add_password_credential("https://example.com:8443/services/MyService?wsdl", "username", "password")
226
+
227
+ ==== R Servers (via Rshells)
228
+
229
+ You can authenticate to R Servers in almost exactly the same as for
230
+ REST services - only the protocol scheme is different. So instead of
231
+ http or https it is rserve:
232
+
233
+ run.add_password_credential("rserve://example.com:6311", "username", "password")
234
+
235
+ === Keypair (certificate-based) credentials
236
+
237
+ Some https servers authenticate clients using certificates. If you
238
+ have services that require this type of authentication you can upload
239
+ a keypair:
240
+
241
+ run.add_keypair_credential("https://example.com:8443/", "certificate.p12", "password")
242
+
243
+ === Trusts (peer verification)
244
+
245
+ If the services in your workflows are on a https server then Taverna
246
+ requires that it can verify that the server is the one you expect it
247
+ to be. This is done by peer verification. In most cases this happens
248
+ automatically and transparently but if the remote server has a
249
+ non-standard or "self-signed" certificate then you will need to
250
+ provide Taverna with the corresponding public key for verification to
251
+ take place:
252
+
253
+ run.add_trust("public-key.pem")
254
+
255
+ == Interacting with other Taverna Server users
256
+
257
+ Taverna Server is a multi-user system and as such insulates users from one
258
+ another as much as possible. Each run that a user creates can only be accessed
259
+ by that user by default. If you want to give another user permission to
260
+ perform certain actions on a run then you can do so:
261
+
262
+ run.grant_permission("username", :permission)
263
+
264
+ Available permissions are:
265
+ * <tt>:none</tt> - No permissions.
266
+ * <tt>:read</tt> - Read the state of the run and get its outputs.
267
+ * <tt>:update</tt> - Set the state of the run (e.g. start it).
268
+ * <tt>:destroy</tt> - Delete the run.
269
+
270
+ Permissions are accumulative so giving a user the <tt>:destroy</tt> permission
271
+ also allows that user to read and set the run's state. Note that there is no
272
+ way for any user other than the owner of a run to perform any security related
273
+ actions on it. This means that only the owner may grant, query and revoke
274
+ permissions and only the owner may add, query and delete trusts and
275
+ credentials.
276
+
277
+ You can revoke a user's permission:
278
+
279
+ run.revoke_permission("username")
280
+
281
+ You can get a list of the permissions you have granted for a run:
282
+
283
+ run.permissions
284
+
285
+ And also see what permission you have granted a particular user:
286
+
287
+ run.permission("username")
288
+
54
289
  == Support
55
290
 
56
291
  Please email mailto:support@mygrid.org.uk for any questions relating to
data/Rakefile ADDED
@@ -0,0 +1,108 @@
1
+ # Copyright (c) 2010-2012 The University of Manchester, UK.
2
+ #
3
+ # All rights reserved.
4
+ #
5
+ # Redistribution and use in source and binary forms, with or without
6
+ # modification, are permitted provided that the following conditions are met:
7
+ #
8
+ # * Redistributions of source code must retain the above copyright notice,
9
+ # this list of conditions and the following disclaimer.
10
+ #
11
+ # * Redistributions in binary form must reproduce the above copyright notice,
12
+ # this list of conditions and the following disclaimer in the documentation
13
+ # and/or other materials provided with the distribution.
14
+ #
15
+ # * Neither the names of The University of Manchester nor the names of its
16
+ # contributors may be used to endorse or promote products derived from this
17
+ # software without specific prior written permission.
18
+ #
19
+ # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20
+ # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21
+ # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22
+ # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
23
+ # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24
+ # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25
+ # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26
+ # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27
+ # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28
+ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29
+ # POSSIBILITY OF SUCH DAMAGE.
30
+ #
31
+ # Author: Robert Haines
32
+
33
+ require 'rubygems'
34
+ require 'rake'
35
+ require 'rake/clean'
36
+ require 'rake/tasklib'
37
+ require 'rdoc/task'
38
+ require 'jeweler'
39
+
40
+ # we need to add lib to the path because we're not installed yet!
41
+ $LOAD_PATH.unshift File.join(File.dirname(__FILE__), "lib")
42
+ require 't2-server'
43
+
44
+ task :default => [:test]
45
+
46
+ Jeweler::Tasks.new do |s|
47
+ s.name = "t2-server"
48
+ s.version = T2Server::Version::STRING
49
+ s.authors = ["Robert Haines"]
50
+ s.email = ["rhaines@manchester.ac.uk"]
51
+ s.homepage = "http://www.taverna.org.uk/"
52
+ s.platform = Gem::Platform::RUBY
53
+ s.summary = "Support for interacting with Taverna 2 Server."
54
+ s.description = "This gem provides access to the Taverna 2 Server " +
55
+ "REST interface from Ruby."
56
+ s.require_path = "lib"
57
+ s.bindir = "bin"
58
+ s.executables = ["t2-delete-runs", "t2-run-workflow", "t2-server-info",
59
+ "t2-get-output", "t2-server-admin"]
60
+ s.test_file = "test/ts_t2server.rb"
61
+ s.has_rdoc = true
62
+ s.extra_rdoc_files = ["README.rdoc", "LICENCE.rdoc", "CHANGES.rdoc"]
63
+ s.rdoc_options = ["-N", "--tab-width=2", "--main=README.rdoc"]
64
+ s.add_development_dependency('rake', '~> 0.9.2')
65
+ s.add_development_dependency('libxml-ruby', '>= 1.1.4')
66
+ s.add_development_dependency('nokogiri', '>= 1.5.0')
67
+ s.add_development_dependency('rdoc', '>= 3.9.4')
68
+ s.add_development_dependency('jeweler', '~> 1.8.3')
69
+ s.add_runtime_dependency('taverna-baclava', '~> 1.0.0')
70
+ s.add_runtime_dependency('hirb', '>= 0.4.0')
71
+ end
72
+
73
+ # This test task does not use the standard Rake::TestTask class as we need to
74
+ # be able to supply an argument to the test. This is so that the test can be
75
+ # run with a server address from a CI server. The equivalent TestTask would be
76
+ # something like this:
77
+ #
78
+ # Rake::TestTask.new do |t|
79
+ # t.libs << "test"
80
+ # t.test_files = FileList['test/ts_t2server.rb']
81
+ # t.verbose = true
82
+ # end
83
+ task :test, :server, :user1, :user2 do |t, args|
84
+ args.with_defaults(:server => "", :user1 => "", :user2 => "")
85
+ RakeFileUtils.verbose(true) do
86
+ server_arg = ""
87
+ if args[:server] != ""
88
+ server_arg = " -- #{args[:server]} #{args[:user1]} #{args[:user2]}"
89
+ end
90
+ ruby "-I\"lib:test\" -S testrb test/ts_t2server.rb" + server_arg
91
+ end
92
+ end
93
+
94
+ RDoc::Task.new do |r|
95
+ r.main = "README.rdoc"
96
+ lib = Dir.glob("lib/**/*.rb").delete_if do |item|
97
+ item.include?("t2server.rb") or
98
+ item.include?("/xml/") or
99
+ item.include?("connection.rb") or
100
+ item.include?("credentials.rb") or
101
+ item.include?("t2-server-cli.rb")
102
+ end
103
+ r.rdoc_files.include("README.rdoc", "LICENCE.rdoc", "CHANGES.rdoc", lib)
104
+ r.options << "-t Taverna 2 Server Ruby Interface Library version " +
105
+ "#{T2Server::Version::STRING}"
106
+ r.options << "-N"
107
+ r.options << "--tab-width=2"
108
+ end