turbot 0.0.2

data/lib/turbot/auth.rb

@@ -0,0 +1,315 @@
+require "cgi"
+require "turbot"
+require "turbot/client"
+require "turbot/helpers"
+
+require "netrc"
+
+class Turbot::Auth
+  class << self
+    include Turbot::Helpers
+
+    attr_accessor :credentials
+
+    def api
+      @api ||= begin
+        Turbot::API.new(default_params.merge(:api_key => password))
+      end
+    end
+
+    def client
+      @client ||= begin
+        client = Turbot::Client.new(user, password, host)
+        client.on_warning { |msg| self.display("\n#{msg}\n\n") }
+        client
+      end
+    end
+
+    def login
+      delete_credentials
+      get_credentials
+    end
+
+    def logout
+      delete_credentials
+    end
+
+    # will raise if not authenticated
+    def check
+      api.get_user
+    end
+
+    def default_host
+      "http://turbot"
+    end
+
+    def git_host
+      ENV['TURBOT_GIT_HOST'] || host
+    end
+
+    def host
+      ENV['TURBOT_HOST'] || default_host
+    end
+
+    def reauthorize
+      @credentials = ask_for_and_save_credentials
+    end
+
+    def user    # :nodoc:
+      get_credentials[0]
+    end
+
+    def password    # :nodoc:
+      get_credentials[1]
+    end
+
+    def api_key
+      api.get_api_key
+    end
+
+    def api_key_for_credentials(user = get_credentials[0], password = get_credentials[1])
+      api = Turbot::API.new(default_params)
+      api.get_api_key_for_credentials(user, password)["api_key"]
+    end
+
+    def get_credentials    # :nodoc:
+      @credentials ||= (read_credentials || ask_for_and_save_credentials)
+    end
+
+    def delete_credentials
+      if netrc
+        netrc.delete("api.#{host}")
+        netrc.delete("code.#{host}")
+        netrc.save
+      end
+      @api, @client, @credentials = nil, nil
+    end
+
+    def netrc_path
+      default = Netrc.default_path
+      encrypted = default + ".gpg"
+      if File.exists?(encrypted)
+        encrypted
+      else
+        default
+      end
+    end
+
+    def netrc   # :nodoc:
+      @netrc ||= begin
+        File.exists?(netrc_path) && Netrc.read(netrc_path)
+      rescue => error
+        if error.message =~ /^Permission bits for/
+          perm = File.stat(netrc_path).mode & 0777
+          abort("Permissions #{perm} for '#{netrc_path}' are too open. You should run `chmod 0600 #{netrc_path}` so that your credentials are NOT accessible by others.")
+        else
+          raise error
+        end
+      end
+    end
+
+    def read_credentials
+      if ENV['TURBOT_API_KEY']
+        ['', ENV['TURBOT_API_KEY']]
+      else
+
+        # read netrc credentials if they exist
+        if netrc
+          # force migration of long api tokens (80 chars) to short ones (40)
+          # #write_credentials rewrites both api.* and code.*
+          credentials = netrc["api.#{host}"]
+          if credentials && credentials[1].length > 40
+            @credentials = [ credentials[0], credentials[1][0,40] ]
+            write_credentials
+          end
+
+          netrc["api.#{host}"]
+        end
+      end
+    end
+
+    def write_credentials
+      FileUtils.mkdir_p(File.dirname(netrc_path))
+      FileUtils.touch(netrc_path)
+      unless running_on_windows?
+        FileUtils.chmod(0600, netrc_path)
+      end
+      netrc["api.#{host}"] = self.credentials
+      netrc["code.#{host}"] = self.credentials
+      netrc.save
+    end
+
+    def echo_off
+      with_tty do
+        system "stty -echo"
+      end
+    end
+
+    def echo_on
+      with_tty do
+        system "stty echo"
+      end
+    end
+
+    def ask_for_credentials
+      puts "Enter your Turbot credentials."
+
+      print "Email: "
+      user = ask
+
+      print "Password (typing will be hidden): "
+      password = running_on_windows? ? ask_for_password_on_windows : ask_for_password
+
+      [user, api_key_for_credentials(user, password)]
+    end
+
+    def ask_for_password_on_windows
+      require "Win32API"
+      char = nil
+      password = ''
+
+      while char = Win32API.new("crtdll", "_getch", [ ], "L").Call do
+        break if char == 10 || char == 13 # received carriage return or newline
+        if char == 127 || char == 8 # backspace and delete
+          password.slice!(-1, 1)
+        else
+          # windows might throw a -1 at us so make sure to handle RangeError
+          (password << char.chr) rescue RangeError
+        end
+      end
+      puts
+      return password
+    end
+
+    def ask_for_password
+      echo_off
+      password = ask
+      puts
+      echo_on
+      return password
+    end
+
+    def ask_for_and_save_credentials
+      begin
+        # ask for username and password, look up API key against API given these
+        # In looking up the API key it also attempts to log the user in
+        @credentials = ask_for_credentials
+        # write these to a hidden file
+        write_credentials
+        check
+      rescue Turbot::API::Errors::NotFound, Turbot::API::Errors::Unauthorized => e
+        delete_credentials
+        display "Authentication failed."
+        retry if retry_login?
+        exit 1
+      rescue Exception => e
+        delete_credentials
+        raise e
+      end
+      check_for_associated_ssh_key unless Turbot::Command.current_command == "keys:add"
+      @credentials
+    end
+
+    def check_for_associated_ssh_key
+      if api.get_ssh_keys.empty?
+        associate_or_generate_ssh_key
+      end
+    end
+
+    def associate_or_generate_ssh_key
+      public_keys = Dir.glob("#{home_directory}/.ssh/*.pub").sort
+
+      case public_keys.length
+      when 0 then
+        display "Could not find an existing public key."
+        display "Would you like to generate one? [Yn] ", false
+        unless ask.strip.downcase == "n"
+          display "Generating new SSH public key."
+          generate_ssh_key("id_rsa")
+          associate_key("#{home_directory}/.ssh/id_rsa.pub")
+        end
+      when 1 then
+        display "Found existing public key: #{public_keys.first}"
+        associate_key(public_keys.first)
+      else
+        display "Found the following SSH public keys:"
+        public_keys.each_with_index do |key, index|
+          display "#{index+1}) #{File.basename(key)}"
+        end
+        display "Which would you like to use with your Turbot account? ", false
+        choice = ask.to_i - 1
+        chosen = public_keys[choice]
+        if choice == -1 || chosen.nil?
+          error("Invalid choice")
+        end
+        associate_key(chosen)
+      end
+    end
+
+    def generate_ssh_key(keyfile)
+      ssh_dir = File.join(home_directory, ".ssh")
+      unless File.exists?(ssh_dir)
+        FileUtils.mkdir_p ssh_dir
+        unless running_on_windows?
+          File.chmod(0700, ssh_dir)
+        end
+      end
+      output = `ssh-keygen -t rsa -N "" -f \"#{home_directory}/.ssh/#{keyfile}\" 2>&1`
+      if ! $?.success?
+        error("Could not generate key: #{output}")
+      end
+    end
+
+    def associate_key(key)
+      action("Uploading SSH public key #{key}") do
+        if File.exists?(key)
+          api.post_key(File.read(key))
+        else
+          error("Could not upload SSH public key: key file '" + key + "' does not exist")
+        end
+      end
+    end
+
+    def retry_login?
+      @login_attempts ||= 0
+      @login_attempts += 1
+      @login_attempts < 3
+    end
+
+    def verified_hosts
+      %w( turbot.com turbot-shadow.com )
+    end
+
+    def base_host(host)
+      parts = URI.parse(full_host(host)).host.split(".")
+      return parts.first if parts.size == 1
+      parts[-2..-1].join(".")
+    end
+
+    def full_host(host)
+      (host =~ /^http/) ? host : "https://api.#{host}"
+    end
+
+    def verify_host?(host)
+      hostname = base_host(host)
+      verified = verified_hosts.include?(hostname)
+      verified = false if ENV["TURBOT_SSL_VERIFY"] == "disable"
+      verified
+    end
+
+    protected
+
+    def default_params
+      uri = URI.parse(full_host(host))
+      {
+        :headers          => {
+          'User-Agent'    => Turbot.user_agent
+        },
+        :host             => uri.host,
+        :port             => uri.port,
+        :scheme           => uri.scheme,
+        :ssl_verify_peer  => verify_host?(host)
+      }
+    end
+  end
+end

data/lib/turbot/cli.rb

@@ -0,0 +1,38 @@
+load('turbot/helpers.rb') # reload helpers after possible inject_loadpath
+load('turbot/updater.rb') # reload updater after possible inject_loadpath
+
+require "turbot"
+require "turbot/command"
+require "turbot/helpers"
+
+# workaround for rescue/reraise to define errors in command.rb failing in 1.8.6
+if RUBY_VERSION =~ /^1.8.6/
+  require('turbot-api')
+  require('rest_client')
+end
+
+class Turbot::CLI
+
+  extend Turbot::Helpers
+
+  def self.start(*args)
+    begin
+      if $stdin.isatty
+        $stdin.sync = true
+      end
+      if $stdout.isatty
+        $stdout.sync = true
+      end
+      command = args.shift.strip rescue "help"
+      Turbot::Command.load
+      Turbot::Command.run(command, args)
+    rescue Interrupt
+      `stty icanon echo`
+      error("Command cancelled.")
+    rescue => error
+      styled_error(error)
+      exit(1)
+    end
+  end
+
+end

data/lib/turbot/client/cisaurus.rb

@@ -0,0 +1,25 @@
+require "turbot/client"
+
+class Turbot::Client::Cisaurus
+
+  include Turbot::Helpers
+
+  def initialize(uri)
+    require 'rest_client'
+    @uri = URI.parse(uri)
+  end
+
+  def authenticated_resource(path)
+    host = "#{@uri.scheme}://#{@uri.host}"
+    host += ":#{@uri.port}" if @uri.port
+    RestClient::Resource.new("#{host}#{path}", "", Turbot::Auth.api_key)
+  end
+
+  def copy_slug(from, to)
+    authenticated_resource("/v1/bots/#{from}/copy/#{to}").post(json_encode("description" => "Forked from #{from}"), :content_type => :json).headers[:location]
+  end
+
+  def job_done?(job_location)
+    202 != authenticated_resource(job_location).get.code
+  end
+end

data/lib/turbot/client/pgbackups.rb

@@ -0,0 +1,113 @@
+require "turbot/client"
+
+class Turbot::Client::Pgbackups
+
+  include Turbot::Helpers
+
+  def initialize(uri)
+    require 'rest_client'
+    @uri = URI.parse(uri)
+  end
+
+  def authenticated_resource(path)
+    host = "#{@uri.scheme}://#{@uri.host}"
+    host += ":#{@uri.port}" if @uri.port
+    RestClient::Resource.new("#{host}#{path}",
+      :user     => @uri.user,
+      :password => @uri.password,
+      :headers  => {:x_turbot_gem_version => Turbot::Client.version}
+    )
+  end
+
+  def create_transfer(from_url, from_name, to_url, to_name, opts={})
+    # opts[:expire] => true will delete the oldest backup if at the plan limit
+    resource = authenticated_resource("/client/transfers")
+    params = {:from_url => from_url, :from_name => from_name, :to_url => to_url, :to_name => to_name}.merge opts
+    json_decode post(resource, params).body
+  end
+
+  def get_transfers
+    resource = authenticated_resource("/client/transfers")
+    json_decode get(resource).body
+  end
+
+  def get_transfer(id)
+    resource = authenticated_resource("/client/transfers/#{id}")
+    json_decode get(resource).body
+  end
+
+  def get_backups(opts={})
+    resource = authenticated_resource("/client/backups")
+    json_decode get(resource).body
+  end
+
+  def get_backup(name, opts={})
+    name = URI.escape(name)
+    resource = authenticated_resource("/client/backups/#{name}")
+    json_decode get(resource).body
+  end
+
+  def get_latest_backup
+    resource = authenticated_resource("/client/latest_backup")
+    json_decode get(resource).body
+  end
+
+  def delete_backup(name)
+    name = URI.escape(name)
+    begin
+      resource = authenticated_resource("/client/backups/#{name}")
+      delete(resource).body
+      true
+    rescue RestClient::ResourceNotFound => e
+      false
+    end
+  end
+
+  private
+
+  def get(resource)
+    check_errors do
+      response = resource.get
+      display_turbot_warning response
+      response
+    end
+  end
+
+  def post(resource, params)
+    check_errors do
+      response = resource.post(params)
+      display_turbot_warning response
+      response
+    end
+  end
+
+  def delete(resource)
+    check_errors do
+      response = resource.delete
+      display_turbot_warning response
+      response
+    end
+  end
+
+  def check_errors
+    yield
+  rescue RestClient::Unauthorized
+    error "Invalid PGBACKUPS_URL"
+  end
+
+  def display_turbot_warning(response)
+    warning = response.headers[:x_turbot_warning]
+    display warning if warning
+    response
+  end
+
+end
+
+module Pgbackups
+  class Client < Turbot::Client::Pgbackups
+    def initialize(*args)
+      Turbot::Helpers.deprecate "Pgbackups::Client has been deprecated. Please use Turbot::Client::Pgbackups instead."
+      super
+    end
+  end
+end

data/lib/turbot/client/rendezvous.rb

@@ -0,0 +1,111 @@
+require "timeout"
+require "socket"
+require "uri"
+require "turbot/auth"
+require "turbot/client"
+require "turbot/helpers"
+
+class Turbot::Client::Rendezvous
+
+  include Turbot::Helpers
+
+  attr_reader :rendezvous_url, :connect_timeout, :activity_timeout, :input, :output, :on_connect
+
+  def initialize(opts)
+    @rendezvous_url = opts[:rendezvous_url]
+    @connect_timeout = opts[:connect_timeout]
+    @activity_timeout = opts[:activity_timeout]
+    @input = opts[:input]
+    @output = opts[:output]
+  end
+
+  def on_connect(&blk)
+    @on_connect = blk if block_given?
+    @on_connect
+  end
+
+  def start
+    uri = URI.parse(rendezvous_url)
+    host, port, secret = uri.host, uri.port, uri.path[1..-1]
+
+    ssl_socket = Timeout.timeout(connect_timeout) do
+      ssl_context = OpenSSL::SSL::SSLContext.new
+      ssl_context.ssl_version = :TLSv1
+      
+      if Turbot::Auth.verify_host?(host)
+        ssl_context.ca_file     = File.expand_path("../../../../data/cacert.pem", __FILE__)
+        ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      end
+
+      tcp_socket = TCPSocket.open(host, port)
+      ssl_socket = OpenSSL::SSL::SSLSocket.new(tcp_socket, ssl_context)
+      ssl_socket.connect
+      ssl_socket.puts(secret)
+      ssl_socket.readline
+      ssl_socket
+    end
+
+    on_connect.call if on_connect
+
+    readables = [input, ssl_socket].compact
+
+    begin
+      loop do
+        if o = IO.select(readables, nil, nil, activity_timeout)
+          if (input && (o.first.first == input))
+            begin
+              data = input.readpartial(10000)
+            rescue EOFError
+              ssl_socket.write(4.chr)
+              ssl_socket.flush
+              readables.delete(input)
+              next
+            end
+            if running_on_windows?
+              data.gsub!("\r\n", "\n") # prevent double CRs
+            end
+            ssl_socket.write(data)
+            ssl_socket.flush
+          elsif (o.first.first == ssl_socket)
+            begin
+              data = ssl_socket.readpartial(10000)
+            rescue EOFError
+              break
+            end
+            output.write(fixup(data))
+          end
+        else
+          raise(Timeout::Error.new)
+        end
+      end
+    rescue Interrupt
+      ssl_socket.write(3.chr)
+      ssl_socket.flush
+      retry
+    rescue SignalException => e
+      if Signal.list["QUIT"] == e.signo
+        ssl_socket.write(28.chr)
+        ssl_socket.flush
+        retry
+      end
+      raise
+    rescue Errno::EIO
+    end
+  end
+
+  private
+
+  def fixup(data)
+    return nil if ! data
+    if data.respond_to?(:force_encoding)
+      data.force_encoding('utf-8') if data.respond_to?(:force_encoding)
+    end
+    if running_on_windows?
+      begin
+        data.gsub!(/\e\[[\d;]+m/, '')
+      rescue # ignore failed gsub, for instance when non-utf8
+      end
+    end
+    output.isatty ? data : data.gsub(/\cM/,"")
+  end
+end

data/lib/turbot/client/ssl_endpoint.rb

@@ -0,0 +1,25 @@
+class Turbot::Client
+  def ssl_endpoint_add(bot, pem, key)
+    json_decode(post("bots/#{bot}/ssl-endpoints", :accept => :json, :pem => pem, :key => key).to_s)
+  end
+
+  def ssl_endpoint_info(bot, cname)
+    json_decode(get("bots/#{bot}/ssl-endpoints/#{escape(cname)}", :accept => :json).to_s)
+  end
+
+  def ssl_endpoint_list(bot)
+    json_decode(get("bots/#{bot}/ssl-endpoints", :accept => :json).to_s)
+  end
+
+  def ssl_endpoint_remove(bot, cname)
+    json_decode(delete("bots/#{bot}/ssl-endpoints/#{escape(cname)}", :accept => :json).to_s)
+  end
+
+  def ssl_endpoint_rollback(bot, cname)
+    json_decode(post("bots/#{bot}/ssl-endpoints/#{escape(cname)}/rollback", :accept => :json).to_s)
+  end
+
+  def ssl_endpoint_update(bot, cname, pem, key)
+    json_decode(put("bots/#{bot}/ssl-endpoints/#{escape(cname)}", :accept => :json, :pem => pem, :key => key).to_s)
+  end
+end