turnstyl 0.1.1

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    Y2ZhY2ZmOTE4NzU0ZTliZDFkMzU1ZDRjZjRmZGI0OTM2NDU4NDk2OA==
+  data.tar.gz: !binary |-
+    NjkxMDAwYjhmYmUyYmY3NjM0NDc2M2Y1ZWQ0ODZlOGVhMzc5NDc0YQ==
+!binary "U0hBNTEy":
+  metadata.gz: !binary |-
+    MWQ3YjQwMWE0NzkxNjhiMzAwM2E3M2FhNTA3NjJmMjkyNTFmNjVkYmM1MDM2
+    YTJlYjhlZTk1MTQ5YTNkOGFkYjdlNWQzZGIyYzJlZGY0OGQzODgwMDhlOGUw
+    MGNiZGJhZWQyZGExZWFjZmM3OGZkMzNmODJjMzExOTA1ZDNiMzA=
+  data.tar.gz: !binary |-
+    ZjI2MDY0NTkxZjNhYzAwNDNhZDgwY2EzZjZiYjJjMzE3NGUxNWFhZTIxZjZj
+    ZDVkYmJmZTg2MjQwYmJmZTExZTU0ODcxOTBhYTk1NGMzNmNiZjQ2ZWQxYmZh
+    NGVhY2U3MjdkZWJlY2RhMWE0MjBlNjI2MDRlN2FmYWNhNDk1NjA=

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+        - 1.9.3
+        - 2.0.0

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in turnstyl-client.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Ole Reifschneider, Chris Floess
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,26 @@
+# Turnstyl::Client
+
+[![Build Status](https://travis-ci.org/Tranquility/turnstyl.png)](https://travis-ci.org/Tranquility/turnstyl)
+
+Commandline utility for managing ssh access
+
+## Installation
+
+    $ gem install turnstyl-client
+
+## Usage
+
+Turnstyl-client expects a config file in your home folder named ".turnstyl-config"
+in which you list the github users that are allowed to access your system.
+
+
+    userlist = [ "githubuser1", "githubuser2", "...", "githubuser99" ]
+
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,5 @@
+require "bundler/gem_tasks"
+
+require 'rspec/core/rake_task'
+task :default => :spec
+RSpec::Core::RakeTask.new

data/bin/turnstyl

@@ -0,0 +1,17 @@
+#! /usr/bin/env ruby
+
+require_relative '../lib/turnstyl/client'
+require 'optparse'
+
+options = {}
+option_parser = OptionParser.new do |opts|
+  opts.on("-f","--force", "Overwrite existing authorized_keys file") do
+    options[:force] = true
+  end
+end
+option_parser.parse!
+
+# puts "force option is #{options[:force]}"
+
+Turnstyl::Client.new.run(options[:force])
+

data/lib/turnstyl/client/client.rb

@@ -0,0 +1,114 @@
+require 'toml'
+require 'io/console'
+
+module Turnstyl
+  class Client
+    def self.home_folder
+      Dir.home
+    end
+
+    def initialize
+      @config_path = File.expand_path(Client.home_folder+"/.turnstyl_config")
+      if config_file_missing?
+        puts <<-TEXT
+
+Unable to run without a config file.
+
+Try something like this in ~/.turnstyl_config
+
+    userlist = [ "githubuser1", "githubuser2", "...", "githubuser99" ]
+
+        TEXT
+        exit 1
+      end
+    end
+
+    def run(force)
+      if force
+        update_authorized_keys
+      else
+        update_authorized_keys_carefully
+      end
+    end
+
+    def update_authorized_keys_carefully
+      if authorized_key_missing?
+        update_authorized_keys
+      elsif config_changed?
+        print "Authorized keys file exists. Overwrite? [y/N/b/?]? "
+        input = STDIN.gets.chomp
+        case input
+        when "y"
+          update_authorized_keys
+        when "b"
+          create_backup
+          update_authorized_keys
+        when "?"
+          display_help
+          update_authorized_keys_carefully
+        else
+          puts "\nDoing nothing ..."
+        end
+      end
+    end
+
+    def update_authorized_keys
+      settings = load_settings
+      authorized_users = settings["userlist"]
+      keys = []
+      if authorized_users.empty?
+        keys << '# YOU HAVE NOT AUTHORIZED ANYONE TO LOGIN'
+      else
+        authorized_users.each do |person|
+          keys = keys + Communicator.new.get_keys_from(person)
+        end
+      end
+      File.open(Client.home_folder+'/.ssh/authorized_keys', 'w+') do |file|
+        file.write(keys.join("\n") << "\n")
+      end
+      puts "\nkeys updated..."
+    end
+
+    def authorized_key_missing?
+      !File.exist? Client.home_folder+"/.ssh/authorized_keys"
+    end
+
+    def config_file_missing?
+      !File.exist? Client.home_folder+"/.turnstyl_config"
+    end
+
+    def config_changed?
+      File.mtime(@config_path) > File.mtime(Client.home_folder+"/.ssh/authorized_keys")
+    end
+
+    def update_necessary?
+      authorized_key_missing? || config_changed?
+    end
+
+    def create_backup
+      puts "\nMaking a backup ..."
+      number = Dir.glob(Client.home_folder+'/.ssh/authorized_keys*').count
+      puts number
+      FileUtils.mv(Client.home_folder+"/.ssh/authorized_keys", Client.home_folder+"/.ssh/authorized_keys.bak"+number.to_s)
+    end
+
+    private
+
+    def load_settings
+      TOML.load_file(@config_path)
+    end
+
+    def display_help
+      puts <<-HERE
+
+You tried to let turnstyl manage your authorized_keys file, but there is an
+existing authorized_keys file and you have to decide what you want to do with
+it.
+
+If you're sure you want to overwrite it choose "y" if you want to backup your
+existing file choose "b"
+
+HERE
+    end
+  end
+end

data/lib/turnstyl/client/communicator.rb

@@ -0,0 +1,14 @@
+require 'rest_client'
+require 'json'
+
+class Communicator
+
+  def get_keys_from person
+    keys = []
+    response = RestClient.get "https://api.github.com/users/#{person}/keys"
+    JSON.parse(response).each do |hash|
+      keys << hash['key']
+    end
+    keys
+  end
+end

data/lib/turnstyl/client.rb

@@ -0,0 +1,2 @@
+require_relative 'client/client'
+require_relative 'client/communicator'

data/spec/spec_helper.rb

@@ -0,0 +1,21 @@
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = 'random'
+
+  def base_path
+    File.expand_path('../../', __FILE__)
+  end
+end

data/spec/turnstyl/client/client_spec.rb

@@ -0,0 +1,161 @@
+require 'spec_helper'
+require_relative '../../../lib/turnstyl/client'
+
+module Turnstyl
+  describe Client do
+    let(:dummy_home) { base_path+'/spec/dummy_home_folder' }
+    let(:key_file) { dummy_home+'/.ssh/authorized_keys' }
+    let(:config_file) { dummy_home+'/.turnstyl_config' }
+    let(:turnstyl_client) {Client.new}
+
+    before do
+      Client.any_instance.stub(:config_file_missing?).and_return(false)
+      FileUtils.mkdir_p base_path+"/spec/dummy_home_folder/.ssh"
+      Client.stub(:home_folder).and_return(dummy_home)
+      turnstyl_client.stub(:puts)
+      turnstyl_client.stub(:print)
+    end
+
+    after do
+      FileUtils.rm_rf dummy_home
+    end
+
+    describe '#initialize' do
+      it 'raises exception if config file is missing' do
+        Client.any_instance.stub(:config_file_missing?).and_return(true)
+        expect { Client.new.run nil }.to raise_error(SystemExit)
+      end
+    end
+
+    describe '#run' do
+      it 'does not overwrite the authorized_keys file' do
+        turnstyl_client.should_receive(:update_authorized_keys_carefully)
+
+        turnstyl_client.run(false)
+      end
+
+      it 'overwrites the authorized_keys file if forced' do
+        turnstyl_client.should_receive(:update_authorized_keys)
+
+        turnstyl_client.run(false)
+      end
+    end
+
+    describe '#update_authorized_keys' do
+      it 'creates authorized_keys file' do
+        turnstyl_client.should_receive(:load_settings).and_return("userlist" => [])
+
+        File.exist?(key_file).should be_false
+        turnstyl_client.update_authorized_keys
+        File.exist?(key_file).should be_true
+      end
+
+      it 'adds a comment when there are no authorized keys file' do
+        turnstyl_client.should_receive(:load_settings).and_return("userlist" => [])
+        turnstyl_client.update_authorized_keys
+
+        File.read(key_file).should eq "# YOU HAVE NOT AUTHORIZED ANYONE TO LOGIN\n"
+      end
+
+      it 'obtains key and writes them into the authorized_keys file' do
+        Communicator.any_instance.stub(:get_keys_from).and_return(['12345', '67890'])
+        turnstyl_client.should_receive(:load_settings).and_return("userlist" => ['flooose'])
+        turnstyl_client.update_authorized_keys
+        File.read(key_file).should eq "12345\n67890\n"
+      end
+    end
+
+    describe '#update_authorized_keys_carefully' do
+      let(:some_time) { Time.now }
+      before do
+        turnstyl_client.stub(:authorized_key_missing?).and_return(false)
+      end
+
+      it 'updates the keys if the authoized keys file is missing' do
+        turnstyl_client.stub(:authorized_key_missing?).and_return(true)
+        turnstyl_client.should_receive(:update_authorized_keys)
+
+        turnstyl_client.update_authorized_keys_carefully
+      end
+
+      it 'does not overwrite authorized_keys file if configuration not changed' do
+        STDIN.stub(:gets).and_return('y')
+        File.should_receive(:mtime).with(config_file).and_return(some_time)
+        File.should_receive(:mtime).with(key_file).and_return(some_time + 2)
+
+        turnstyl_client.should_not_receive(:update_authorized_keys)
+        turnstyl_client.run nil
+      end
+
+      it 'overwrites authorized_keys file if configuration changed' do
+        STDIN.stub(:gets).and_return('y')
+        File.should_receive(:mtime).with(config_file).and_return(some_time + 2)
+        File.should_receive(:mtime).with(key_file).and_return(some_time)
+
+        turnstyl_client.should_receive(:update_authorized_keys)
+        turnstyl_client.run nil
+      end
+
+      it 'asks the user for feedback when the authorized_keys file exists' do
+        turnstyl_client.stub(:authorized_key_missing?).and_return(true)
+        turnstyl_client.stub(:update_authorized_keys)
+
+        turnstyl_client.run nil
+      end
+
+      context 'user gives feedback' do
+        before do
+          turnstyl_client.stub(:config_file_missing?).and_return(false)
+          turnstyl_client.stub(:config_changed?).and_return(true)
+          turnstyl_client.stub(:authorized_key_missing?).and_return(false)
+        end
+
+        it 'updates authorized_keys file if user inputs "y"' do
+          STDIN.stub(:gets).and_return('y')
+          turnstyl_client.should_receive(:update_authorized_keys)
+
+          turnstyl_client.run nil
+        end
+
+        it 'updates authorized_keys file and creates backup first if user inputs "b"' do
+          STDIN.stub(:gets).and_return('b')
+
+          turnstyl_client.should_receive(:create_backup)
+          turnstyl_client.should_receive(:update_authorized_keys)
+
+          turnstyl_client.run nil
+        end
+
+        it 'displays help if user inputs "?"' do
+          STDIN.stub(:gets).and_return('?', 'n')
+
+          turnstyl_client.should_receive(:display_help)
+          turnstyl_client.should_not_receive(:update_authorized_keys)
+
+          turnstyl_client.run nil
+        end
+
+        it 'it does not update authorized_keys file if user inputs "n"' do
+          STDIN.stub(:gets).and_return('n')
+
+          turnstyl_client.should_not_receive(:update_authorized_keys)
+
+          turnstyl_client.run nil
+        end
+      end
+
+      describe '#create_backup' do
+        it 'renames the current authorized_keys file' do
+          FileUtils.touch key_file
+          FileUtils.touch key_file+".bak1"
+          File.exist?(key_file).should be_true
+
+          turnstyl_client.create_backup
+
+          File.exist?(key_file).should be_false
+          File.exist?(key_file+".bak2").should be_true
+        end
+      end
+    end
+  end
+end

data/turnstyl.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+
+Gem::Specification.new do |spec|
+  spec.name          = "turnstyl"
+  spec.version       = "0.1.1"
+  spec.authors       = ["Ole Reifschneider", "Chris Floess"]
+  spec.email         = ["mail@ole-reifschneider.de", "skeptikos@gmail.com"]
+  spec.description   = %q{Commandline utility for managing ssh access}
+  spec.summary       = %q{Commandline utility for managing ssh access}
+  spec.homepage      = "https://github.com/Tranquility/turnstyl"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "rest-client"
+  spec.add_dependency "json"
+  spec.add_dependency "toml-rb"
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec"
+end

metadata

@@ -0,0 +1,147 @@
+--- !ruby/object:Gem::Specification
+name: turnstyl
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Ole Reifschneider
+- Chris Floess
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-08-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: toml-rb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Commandline utility for managing ssh access
+email:
+- mail@ole-reifschneider.de
+- skeptikos@gmail.com
+executables:
+- turnstyl
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- .travis.yml
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/turnstyl
+- lib/turnstyl/client.rb
+- lib/turnstyl/client/client.rb
+- lib/turnstyl/client/communicator.rb
+- spec/spec_helper.rb
+- spec/turnstyl/client/client_spec.rb
+- turnstyl.gemspec
+homepage: https://github.com/Tranquility/turnstyl
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Commandline utility for managing ssh access
+test_files:
+- spec/spec_helper.rb
+- spec/turnstyl/client/client_spec.rb