unimatrix 1.4.3 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f1e68de8a76b4c46e57bb9a3adb384ad30e45b4f
-  data.tar.gz: deec411e07b156ed1ee89866df7b565e8a0959df
+  metadata.gz: 1b5966fc26cab9707714f870f990197a3bbcedb0
+  data.tar.gz: debaee4dc03546fd1f93d938912a8138433b9b01
 SHA512:
-  metadata.gz: a6f1306a188e70865219df2a12d3518ea28f655b1c697997add111c20322fb5d5349bedabe1f1fcf20c706e703f56d99c4bdeb7dce1ed657ab39b5b5e16e9c63
-  data.tar.gz: 8118a8d7dacd4b0563fde96f2ec335b50c07b56af7bda259c017a057d26f50fe40fc9e75d9d0e60f4cb2129aae6c49010686fc123b9f59635911a4f2431c3bfb
+  metadata.gz: 468464e3feed296d2bc65050e1fa817ddfc20418652b20d43b11c13d5c6ea5c863f5d4445fa0bc159fb9efd4340d81ea64447476219206292a7cbd0856936b73
+  data.tar.gz: 9012deb29c697c48fc1954281914ea19ae1e66d0999e73dcbd990ac5fb1a058c5e16f82c301275911ad51077d5fe6b60ec0b81757228e8456e1eec12a33e5d65

data/lib/unimatrix/activist/activities_schedule.rb

@@ -0,0 +1,19 @@
+module Unimatrix::Activist
+
+  class ActivitiesSchedule < Unimatrix::DynamicResource
+    field :id
+    field :interval
+    field :period
+    field :minute
+    field :hour
+    field :day
+    field :month
+    field :expires_at
+    field :created_at
+    field :updated_at
+
+    has_one  :realm
+    has_many :activities
+  end
+
+end

data/lib/unimatrix/activist/activity.rb

@@ -1,7 +1,6 @@
 module Unimatrix::Activist
 
   class Activity < Unimatrix::DynamicResource
-
     field    :id
     field    :type_name
     field    :artifact_uuid
@@ -21,7 +20,6 @@ module Unimatrix::Activist
 
     has_many :tasks
     has_one  :realm
-
   end
 
 end

data/lib/unimatrix/authorization/client_credentials_grant.rb

@@ -0,0 +1,39 @@
+require 'net/http'
+require 'json'
+
+module Unimatrix::Authorization 
+  class ClientCredentialsGrant
+    
+    def initialize( args )
+      @client_id = args[ :client_id ]
+      @client_secret = args[ :client_secret ]
+    end
+
+    def request_token
+      uri      = URI.parse( "#{ Unimatrix.configuration.url }/token" )
+      params   = { "grant_type" => "client_credentials" }
+      http     = Net::HTTP.new( uri.host, uri.port )
+      request  = Net::HTTP::Post.new( uri.request_uri )
+
+      http.use_ssl = true if uri.scheme == 'https'
+
+      request.basic_auth( @client_id, @client_secret )
+      request.set_form_data( params )
+
+      begin
+        response = http.request( request )
+
+        if response.code == '200'
+          body = JSON.parse( response.body )
+          body = body[ 'token' ] if body[ 'token' ].present?
+
+          body[ 'access_token' ] rescue nil
+        else
+          puts "ERROR: #{ response.body }"
+        end
+      rescue => e
+        puts "REQUEST FAILED: #{ e }"
+      end
+    end
+  end
+end

data/lib/unimatrix/authorization/filters/requires_policies.rb

@@ -0,0 +1,113 @@
+module Unimatrix::Authorization
+  
+  class RequiresPolicies
+    def initialize( resource, options = {} )
+      @resource_name = resource
+      @resource_server = options[ :resource_server ] || ENV[ 'APPLICATION_NAME' ]
+    end
+
+    def before( controller )
+      access_token = controller.params[ 'access_token' ]
+      
+      realm_uuid = begin 
+        if controller.respond_to?( :realm_uuid )
+          controller.realm_uuid
+        elsif controller.respond_to?( :realm )
+          controller.realm.uuid
+        else
+          controller.params[ :realm_uuid ]
+        end
+      end
+
+      if access_token.present?
+        policies = controller.retrieve_policies( 
+          @resource_name, 
+          access_token, 
+          realm_uuid, 
+          @resource_server 
+        )
+
+        if policies.present? && policies.is_a?( Array ) &&
+           policies.first.type_name == 'policy'
+          controller.policies = policies
+          forbidden = true
+          policies.each do | policy |
+            if policy.actions.include?( controller.action_name )
+              forbidden = false
+            end
+          end
+
+          if forbidden
+            controller.render_error(
+              ::ForbiddenError,
+              "A policy permitting this action was not found."
+            )
+          end
+        else
+          controller.render_error(
+            ::ForbiddenError,
+            "The requested policies could not be retrieved."
+          )
+        end
+      else
+        controller.render_error( 
+          ::MissingParameterError,
+          "The parameter 'access_token' is required."
+        ) 
+      end
+    end
+  end
+
+  module ClassMethods
+    def requires_policies( resource, options = {} )
+      before_action(
+        RequiresPolicies.new( resource, options ),
+        options
+      )
+    end
+  end
+
+  def self.included( controller )
+    controller.extend( ClassMethods )
+  end
+
+  def policies=( attributes )
+    @policies = attributes
+  end
+
+  def policies
+    @policies ||= begin
+      # Used by Archivist requires_permission filter. TODO: deprecate
+      retrieve_policies( 
+        @resource_name, 
+        params[ :access_token ], 
+        realm_uuid,
+        @resource_server 
+      )
+    end
+  end
+
+  # In Rails app, this is overwritten by #retrieve_policies in railtie.rb
+  def retrieve_policies( resource_name, access_token, realm_uuid, resource_server )
+    if resource_name && access_token
+      request_policies( 
+        resource_name, 
+        access_token, 
+        realm_uuid, 
+        resource_server 
+      )
+    end
+  end
+
+  def request_policies( resource_name, access_token, realm_uuid, resource_server )
+    if resource_name && access_token
+      realm_uuid = realm_uuid || '*'
+
+      Unimatrix::Operation.new( '/policies' ).where(
+        access_token: access_token,
+        resource: "realm/#{ realm_uuid }::#{ resource_server }::#{ resource_name }/*"
+      ).query
+    end
+  end
+
+end

data/lib/unimatrix/authorization/policy.rb

@@ -0,0 +1,17 @@
+module Unimatrix::Authorization
+
+  class Policy < Unimatrix::DynamicResource
+
+    field :id
+    field :created_at
+    field :updated_at
+    field :resource
+    field :realm_uuid
+    field :actions
+
+    has_one :resource
+    has_one :resource_server
+
+  end
+
+end

data/lib/unimatrix/authorization/railtie.rb

@@ -0,0 +1,26 @@
+module Unimatrix::Authorization
+
+  class Railtie < Rails::Railtie
+    initializer "unimatrix.authorization.configure_controller" do | app |
+      ActiveSupport.on_load :action_controller do
+        include Unimatrix::Authorization
+      end
+    end
+  end
+
+  def retrieve_policies( resource_name, access_token, realm_uuid, resource_server )
+    if resource_name && access_token
+      key = params.respond_to?( 'to_unsafe_h' ) ? 
+            params.to_unsafe_h.sort.to_s : 
+            params.sort.to_s
+            
+      Rails.cache.fetch(
+        Digest::SHA1.hexdigest( key ),
+        expires_in: 1.minute
+      ) do
+        request_policies( resource_name, access_token, realm_uuid, resource_server )
+      end
+    end
+  end
+  
+end

data/lib/unimatrix/authorization/resource.rb

@@ -0,0 +1,17 @@
+module Unimatrix::Authorization
+
+  class Resource < Unimatrix::DynamicResource
+
+    field :id
+    field :created_at
+    field :updated_at
+    field :resource_server_id
+    field :name
+    field :code_name
+    field :actions
+
+    has_one :resource_server
+
+  end
+
+end

data/lib/unimatrix/authorization/resource_owner.rb

@@ -0,0 +1,22 @@
+module Unimatrix::Authorization
+
+  class ResourceOwner < Unimatrix::DynamicResource
+
+    field :id
+    field :uuid
+    field :created_at
+    field :updated_at
+    field :destroyed_at
+    field :restricted_at
+    field :name
+    field :name_first
+    field :name_last
+    field :email_address
+    field :redirect_uri
+    field :properties
+
+    has_many :policies
+
+  end
+
+end

data/lib/unimatrix/authorization/resource_server.rb

@@ -0,0 +1,19 @@
+module Unimatrix::Authorization
+
+  class ResourceServer < Unimatrix::DynamicResource
+
+    field :id
+    field :uuid
+    field :created_at
+    field :updated_at
+    field :name
+    field :code_name
+    field :actions
+    field :resource_server_id
+
+    has_one  :resource_server
+    has_many :policies
+
+  end
+
+end

data/lib/unimatrix/configuration.rb

@@ -26,7 +26,11 @@ module Unimatrix
       )
     end
 
-    field :url,              default: ENV[ 'UNIMATRIX_API_URL' ]
+    field :url,                default: ENV[ 'UNIMATRIX_API_URL' ] || 
+                                        'http://us-west-2.api.unimatrix.io'
+    
+    field :authorization_url,  default: ENV[ 'UNIMATRIX_AUTHORIZATION_API_URL' ] || 
+                                        'http://us-west-2.keymaker.boxxspring.net'
   end
 
 end

data/lib/unimatrix/curator/activity_reference.rb

@@ -0,0 +1,21 @@
+module Unimatrix::Curator
+
+  class ActivityReference < Unimatrix::DynamicResource
+    field    :id
+    field    :type_name
+    field    :subject_uuid
+    field    :subject_type
+    field    :state
+    field    :message
+    field    :properties
+    field    :source_uuid
+    field    :completed_at
+    field    :destroyed_at
+    field    :created_at
+    field    :updated_at
+    field    :execute_at
+
+    has_one  :realm
+  end
+
+end

data/lib/unimatrix/curator/source.rb

@@ -0,0 +1,21 @@
+module Unimatrix::Curator
+
+  class Source < Unimatrix::DynamicResource
+    field   :id
+    field   :uuid
+    field   :realm_uuid
+    field   :name
+    field   :provider
+    field   :url
+    field   :time_to_live
+    field   :last_polled_at
+    field   :state
+    field   :created_at
+    field   :destroyed_at
+    field   :updated_at
+
+    has_many :activities
+    has_one  :realm
+  end
+
+end

data/lib/unimatrix/quartermaster/binaries_ingressor.rb

@@ -0,0 +1,18 @@
+module Unimatrix::Quartermaster
+
+  class BinariesIngressor < Unimatrix::DynamicResource
+
+    field      :id
+    field      :binary_uuid
+    field      :activity_id
+    field      :state
+    field      :properties
+    field      :created_at
+    field      :updated_at
+    field      :uuid
+    field      :binary_id
+    field      :url
+
+  end
+
+end

data/lib/unimatrix/quartermaster/binary.rb

@@ -0,0 +1,20 @@
+module Unimatrix::Quartermaster
+
+  class Binary < Unimatrix::DynamicResource
+
+    field :id
+    field :filename
+    field :content_length
+    field :content_type
+    field :realm_uuid
+    field :created_at
+    field :updated_at
+    field :properties
+    field :uuid
+    field :storage_key
+
+    has_many :binaries_ingressors
+
+  end
+
+end

data/lib/unimatrix/version.rb

@@ -1,3 +1,3 @@
 module Unimatrix
-  VERSION = "1.4.3"
-end
+  VERSION = "2.0.0"
+end

data/lib/unimatrix.rb

@@ -19,7 +19,7 @@ require 'unimatrix/error'
 require 'unimatrix/attribute_error'
 require 'unimatrix/bad_request_error'
 
-# errors 
+# errors
 require 'unimatrix/error'
 require 'unimatrix/attribute_error'
 require 'unimatrix/bad_request_error'
@@ -31,6 +31,7 @@ require 'unimatrix/not_found_error'
 # activist
 require 'unimatrix/activist/task'
 require 'unimatrix/activist/activity'
+require 'unimatrix/activist/activities_schedule'
 
 # alchemist
 require 'unimatrix/alchemist/activity_proxy'
@@ -58,6 +59,15 @@ require 'unimatrix/archivist/blueprint'
 require 'unimatrix/archivist/blueprint_attribute'
 require 'unimatrix/archivist/component'
 
+# authorization
+require 'unimatrix/authorization/filters/requires_policies' if defined?( Rails )
+require 'unimatrix/authorization/railtie' if defined?( Rails )
+require 'unimatrix/authorization/client_credentials_grant'
+require 'unimatrix/authorization/policy'
+require 'unimatrix/authorization/resource'
+require 'unimatrix/authorization/resource_owner'
+require 'unimatrix/authorization/resource_server'
+
 # distributor
 require 'unimatrix/distributor/destination'
 require 'unimatrix/distributor/distribution'
@@ -82,4 +92,11 @@ require 'unimatrix/zephyrus/transcoding_rendition'
 require 'unimatrix/zephyrus/transcribing_output'
 require 'unimatrix/zephyrus/transcribing_rendition'
 require 'unimatrix/zephyrus/transmutation_output'
-require 'unimatrix/zephyrus/transmutation_rendition'
+require 'unimatrix/zephyrus/transmutation_rendition'
+
+# curator
+require 'unimatrix/curator/source'
+
+# quartermaster
+require 'unimatrix/quartermaster/binary'
+require 'unimatrix/quartermaster/binaries_ingressor'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: unimatrix
 version: !ruby/object:Gem::Version
-  version: 1.4.3
+  version: 2.0.0
 platform: ruby
 authors:
 - Jackson Souza
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-02-06 00:00:00.000000000 Z
+date: 2018-02-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -88,6 +88,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - lib/unimatrix.rb
+- lib/unimatrix/activist/activities_schedule.rb
 - lib/unimatrix/activist/activity.rb
 - lib/unimatrix/activist/task.rb
 - lib/unimatrix/alchemist/activity_proxy.rb
@@ -113,8 +114,17 @@ files:
 - lib/unimatrix/archivist/blueprint_attribute.rb
 - lib/unimatrix/archivist/component.rb
 - lib/unimatrix/attribute_error.rb
+- lib/unimatrix/authorization/client_credentials_grant.rb
+- lib/unimatrix/authorization/filters/requires_policies.rb
+- lib/unimatrix/authorization/policy.rb
+- lib/unimatrix/authorization/railtie.rb
+- lib/unimatrix/authorization/resource.rb
+- lib/unimatrix/authorization/resource_owner.rb
+- lib/unimatrix/authorization/resource_server.rb
 - lib/unimatrix/bad_request_error.rb
 - lib/unimatrix/configuration.rb
+- lib/unimatrix/curator/activity_reference.rb
+- lib/unimatrix/curator/source.rb
 - lib/unimatrix/distributor/activity_reference.rb
 - lib/unimatrix/distributor/destination.rb
 - lib/unimatrix/distributor/distribution.rb
@@ -133,6 +143,8 @@ files:
 - lib/unimatrix/not_found_error.rb
 - lib/unimatrix/operation.rb
 - lib/unimatrix/parser.rb
+- lib/unimatrix/quartermaster/binaries_ingressor.rb
+- lib/unimatrix/quartermaster/binary.rb
 - lib/unimatrix/realm.rb
 - lib/unimatrix/request.rb
 - lib/unimatrix/resource.rb