unimatrix 1.4.3 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/unimatrix/activist/activities_schedule.rb +19 -0
- data/lib/unimatrix/activist/activity.rb +0 -2
- data/lib/unimatrix/authorization/client_credentials_grant.rb +39 -0
- data/lib/unimatrix/authorization/filters/requires_policies.rb +113 -0
- data/lib/unimatrix/authorization/policy.rb +17 -0
- data/lib/unimatrix/authorization/railtie.rb +26 -0
- data/lib/unimatrix/authorization/resource.rb +17 -0
- data/lib/unimatrix/authorization/resource_owner.rb +22 -0
- data/lib/unimatrix/authorization/resource_server.rb +19 -0
- data/lib/unimatrix/configuration.rb +5 -1
- data/lib/unimatrix/curator/activity_reference.rb +21 -0
- data/lib/unimatrix/curator/source.rb +21 -0
- data/lib/unimatrix/quartermaster/binaries_ingressor.rb +18 -0
- data/lib/unimatrix/quartermaster/binary.rb +20 -0
- data/lib/unimatrix/version.rb +2 -2
- data/lib/unimatrix.rb +19 -2
- metadata +14 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1b5966fc26cab9707714f870f990197a3bbcedb0
|
4
|
+
data.tar.gz: debaee4dc03546fd1f93d938912a8138433b9b01
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 468464e3feed296d2bc65050e1fa817ddfc20418652b20d43b11c13d5c6ea5c863f5d4445fa0bc159fb9efd4340d81ea64447476219206292a7cbd0856936b73
|
7
|
+
data.tar.gz: 9012deb29c697c48fc1954281914ea19ae1e66d0999e73dcbd990ac5fb1a058c5e16f82c301275911ad51077d5fe6b60ec0b81757228e8456e1eec12a33e5d65
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module Unimatrix::Activist
|
2
|
+
|
3
|
+
class ActivitiesSchedule < Unimatrix::DynamicResource
|
4
|
+
field :id
|
5
|
+
field :interval
|
6
|
+
field :period
|
7
|
+
field :minute
|
8
|
+
field :hour
|
9
|
+
field :day
|
10
|
+
field :month
|
11
|
+
field :expires_at
|
12
|
+
field :created_at
|
13
|
+
field :updated_at
|
14
|
+
|
15
|
+
has_one :realm
|
16
|
+
has_many :activities
|
17
|
+
end
|
18
|
+
|
19
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require 'net/http'
|
2
|
+
require 'json'
|
3
|
+
|
4
|
+
module Unimatrix::Authorization
|
5
|
+
class ClientCredentialsGrant
|
6
|
+
|
7
|
+
def initialize( args )
|
8
|
+
@client_id = args[ :client_id ]
|
9
|
+
@client_secret = args[ :client_secret ]
|
10
|
+
end
|
11
|
+
|
12
|
+
def request_token
|
13
|
+
uri = URI.parse( "#{ Unimatrix.configuration.url }/token" )
|
14
|
+
params = { "grant_type" => "client_credentials" }
|
15
|
+
http = Net::HTTP.new( uri.host, uri.port )
|
16
|
+
request = Net::HTTP::Post.new( uri.request_uri )
|
17
|
+
|
18
|
+
http.use_ssl = true if uri.scheme == 'https'
|
19
|
+
|
20
|
+
request.basic_auth( @client_id, @client_secret )
|
21
|
+
request.set_form_data( params )
|
22
|
+
|
23
|
+
begin
|
24
|
+
response = http.request( request )
|
25
|
+
|
26
|
+
if response.code == '200'
|
27
|
+
body = JSON.parse( response.body )
|
28
|
+
body = body[ 'token' ] if body[ 'token' ].present?
|
29
|
+
|
30
|
+
body[ 'access_token' ] rescue nil
|
31
|
+
else
|
32
|
+
puts "ERROR: #{ response.body }"
|
33
|
+
end
|
34
|
+
rescue => e
|
35
|
+
puts "REQUEST FAILED: #{ e }"
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,113 @@
|
|
1
|
+
module Unimatrix::Authorization
|
2
|
+
|
3
|
+
class RequiresPolicies
|
4
|
+
def initialize( resource, options = {} )
|
5
|
+
@resource_name = resource
|
6
|
+
@resource_server = options[ :resource_server ] || ENV[ 'APPLICATION_NAME' ]
|
7
|
+
end
|
8
|
+
|
9
|
+
def before( controller )
|
10
|
+
access_token = controller.params[ 'access_token' ]
|
11
|
+
|
12
|
+
realm_uuid = begin
|
13
|
+
if controller.respond_to?( :realm_uuid )
|
14
|
+
controller.realm_uuid
|
15
|
+
elsif controller.respond_to?( :realm )
|
16
|
+
controller.realm.uuid
|
17
|
+
else
|
18
|
+
controller.params[ :realm_uuid ]
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
if access_token.present?
|
23
|
+
policies = controller.retrieve_policies(
|
24
|
+
@resource_name,
|
25
|
+
access_token,
|
26
|
+
realm_uuid,
|
27
|
+
@resource_server
|
28
|
+
)
|
29
|
+
|
30
|
+
if policies.present? && policies.is_a?( Array ) &&
|
31
|
+
policies.first.type_name == 'policy'
|
32
|
+
controller.policies = policies
|
33
|
+
forbidden = true
|
34
|
+
policies.each do | policy |
|
35
|
+
if policy.actions.include?( controller.action_name )
|
36
|
+
forbidden = false
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
if forbidden
|
41
|
+
controller.render_error(
|
42
|
+
::ForbiddenError,
|
43
|
+
"A policy permitting this action was not found."
|
44
|
+
)
|
45
|
+
end
|
46
|
+
else
|
47
|
+
controller.render_error(
|
48
|
+
::ForbiddenError,
|
49
|
+
"The requested policies could not be retrieved."
|
50
|
+
)
|
51
|
+
end
|
52
|
+
else
|
53
|
+
controller.render_error(
|
54
|
+
::MissingParameterError,
|
55
|
+
"The parameter 'access_token' is required."
|
56
|
+
)
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
module ClassMethods
|
62
|
+
def requires_policies( resource, options = {} )
|
63
|
+
before_action(
|
64
|
+
RequiresPolicies.new( resource, options ),
|
65
|
+
options
|
66
|
+
)
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
def self.included( controller )
|
71
|
+
controller.extend( ClassMethods )
|
72
|
+
end
|
73
|
+
|
74
|
+
def policies=( attributes )
|
75
|
+
@policies = attributes
|
76
|
+
end
|
77
|
+
|
78
|
+
def policies
|
79
|
+
@policies ||= begin
|
80
|
+
# Used by Archivist requires_permission filter. TODO: deprecate
|
81
|
+
retrieve_policies(
|
82
|
+
@resource_name,
|
83
|
+
params[ :access_token ],
|
84
|
+
realm_uuid,
|
85
|
+
@resource_server
|
86
|
+
)
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
# In Rails app, this is overwritten by #retrieve_policies in railtie.rb
|
91
|
+
def retrieve_policies( resource_name, access_token, realm_uuid, resource_server )
|
92
|
+
if resource_name && access_token
|
93
|
+
request_policies(
|
94
|
+
resource_name,
|
95
|
+
access_token,
|
96
|
+
realm_uuid,
|
97
|
+
resource_server
|
98
|
+
)
|
99
|
+
end
|
100
|
+
end
|
101
|
+
|
102
|
+
def request_policies( resource_name, access_token, realm_uuid, resource_server )
|
103
|
+
if resource_name && access_token
|
104
|
+
realm_uuid = realm_uuid || '*'
|
105
|
+
|
106
|
+
Unimatrix::Operation.new( '/policies' ).where(
|
107
|
+
access_token: access_token,
|
108
|
+
resource: "realm/#{ realm_uuid }::#{ resource_server }::#{ resource_name }/*"
|
109
|
+
).query
|
110
|
+
end
|
111
|
+
end
|
112
|
+
|
113
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module Unimatrix::Authorization
|
2
|
+
|
3
|
+
class Policy < Unimatrix::DynamicResource
|
4
|
+
|
5
|
+
field :id
|
6
|
+
field :created_at
|
7
|
+
field :updated_at
|
8
|
+
field :resource
|
9
|
+
field :realm_uuid
|
10
|
+
field :actions
|
11
|
+
|
12
|
+
has_one :resource
|
13
|
+
has_one :resource_server
|
14
|
+
|
15
|
+
end
|
16
|
+
|
17
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
module Unimatrix::Authorization
|
2
|
+
|
3
|
+
class Railtie < Rails::Railtie
|
4
|
+
initializer "unimatrix.authorization.configure_controller" do | app |
|
5
|
+
ActiveSupport.on_load :action_controller do
|
6
|
+
include Unimatrix::Authorization
|
7
|
+
end
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
def retrieve_policies( resource_name, access_token, realm_uuid, resource_server )
|
12
|
+
if resource_name && access_token
|
13
|
+
key = params.respond_to?( 'to_unsafe_h' ) ?
|
14
|
+
params.to_unsafe_h.sort.to_s :
|
15
|
+
params.sort.to_s
|
16
|
+
|
17
|
+
Rails.cache.fetch(
|
18
|
+
Digest::SHA1.hexdigest( key ),
|
19
|
+
expires_in: 1.minute
|
20
|
+
) do
|
21
|
+
request_policies( resource_name, access_token, realm_uuid, resource_server )
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module Unimatrix::Authorization
|
2
|
+
|
3
|
+
class Resource < Unimatrix::DynamicResource
|
4
|
+
|
5
|
+
field :id
|
6
|
+
field :created_at
|
7
|
+
field :updated_at
|
8
|
+
field :resource_server_id
|
9
|
+
field :name
|
10
|
+
field :code_name
|
11
|
+
field :actions
|
12
|
+
|
13
|
+
has_one :resource_server
|
14
|
+
|
15
|
+
end
|
16
|
+
|
17
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Unimatrix::Authorization
|
2
|
+
|
3
|
+
class ResourceOwner < Unimatrix::DynamicResource
|
4
|
+
|
5
|
+
field :id
|
6
|
+
field :uuid
|
7
|
+
field :created_at
|
8
|
+
field :updated_at
|
9
|
+
field :destroyed_at
|
10
|
+
field :restricted_at
|
11
|
+
field :name
|
12
|
+
field :name_first
|
13
|
+
field :name_last
|
14
|
+
field :email_address
|
15
|
+
field :redirect_uri
|
16
|
+
field :properties
|
17
|
+
|
18
|
+
has_many :policies
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module Unimatrix::Authorization
|
2
|
+
|
3
|
+
class ResourceServer < Unimatrix::DynamicResource
|
4
|
+
|
5
|
+
field :id
|
6
|
+
field :uuid
|
7
|
+
field :created_at
|
8
|
+
field :updated_at
|
9
|
+
field :name
|
10
|
+
field :code_name
|
11
|
+
field :actions
|
12
|
+
field :resource_server_id
|
13
|
+
|
14
|
+
has_one :resource_server
|
15
|
+
has_many :policies
|
16
|
+
|
17
|
+
end
|
18
|
+
|
19
|
+
end
|
@@ -26,7 +26,11 @@ module Unimatrix
|
|
26
26
|
)
|
27
27
|
end
|
28
28
|
|
29
|
-
field :url,
|
29
|
+
field :url, default: ENV[ 'UNIMATRIX_API_URL' ] ||
|
30
|
+
'http://us-west-2.api.unimatrix.io'
|
31
|
+
|
32
|
+
field :authorization_url, default: ENV[ 'UNIMATRIX_AUTHORIZATION_API_URL' ] ||
|
33
|
+
'http://us-west-2.keymaker.boxxspring.net'
|
30
34
|
end
|
31
35
|
|
32
36
|
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
module Unimatrix::Curator
|
2
|
+
|
3
|
+
class ActivityReference < Unimatrix::DynamicResource
|
4
|
+
field :id
|
5
|
+
field :type_name
|
6
|
+
field :subject_uuid
|
7
|
+
field :subject_type
|
8
|
+
field :state
|
9
|
+
field :message
|
10
|
+
field :properties
|
11
|
+
field :source_uuid
|
12
|
+
field :completed_at
|
13
|
+
field :destroyed_at
|
14
|
+
field :created_at
|
15
|
+
field :updated_at
|
16
|
+
field :execute_at
|
17
|
+
|
18
|
+
has_one :realm
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
module Unimatrix::Curator
|
2
|
+
|
3
|
+
class Source < Unimatrix::DynamicResource
|
4
|
+
field :id
|
5
|
+
field :uuid
|
6
|
+
field :realm_uuid
|
7
|
+
field :name
|
8
|
+
field :provider
|
9
|
+
field :url
|
10
|
+
field :time_to_live
|
11
|
+
field :last_polled_at
|
12
|
+
field :state
|
13
|
+
field :created_at
|
14
|
+
field :destroyed_at
|
15
|
+
field :updated_at
|
16
|
+
|
17
|
+
has_many :activities
|
18
|
+
has_one :realm
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
module Unimatrix::Quartermaster
|
2
|
+
|
3
|
+
class BinariesIngressor < Unimatrix::DynamicResource
|
4
|
+
|
5
|
+
field :id
|
6
|
+
field :binary_uuid
|
7
|
+
field :activity_id
|
8
|
+
field :state
|
9
|
+
field :properties
|
10
|
+
field :created_at
|
11
|
+
field :updated_at
|
12
|
+
field :uuid
|
13
|
+
field :binary_id
|
14
|
+
field :url
|
15
|
+
|
16
|
+
end
|
17
|
+
|
18
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
module Unimatrix::Quartermaster
|
2
|
+
|
3
|
+
class Binary < Unimatrix::DynamicResource
|
4
|
+
|
5
|
+
field :id
|
6
|
+
field :filename
|
7
|
+
field :content_length
|
8
|
+
field :content_type
|
9
|
+
field :realm_uuid
|
10
|
+
field :created_at
|
11
|
+
field :updated_at
|
12
|
+
field :properties
|
13
|
+
field :uuid
|
14
|
+
field :storage_key
|
15
|
+
|
16
|
+
has_many :binaries_ingressors
|
17
|
+
|
18
|
+
end
|
19
|
+
|
20
|
+
end
|
data/lib/unimatrix/version.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
1
|
module Unimatrix
|
2
|
-
VERSION = "
|
3
|
-
end
|
2
|
+
VERSION = "2.0.0"
|
3
|
+
end
|
data/lib/unimatrix.rb
CHANGED
@@ -19,7 +19,7 @@ require 'unimatrix/error'
|
|
19
19
|
require 'unimatrix/attribute_error'
|
20
20
|
require 'unimatrix/bad_request_error'
|
21
21
|
|
22
|
-
# errors
|
22
|
+
# errors
|
23
23
|
require 'unimatrix/error'
|
24
24
|
require 'unimatrix/attribute_error'
|
25
25
|
require 'unimatrix/bad_request_error'
|
@@ -31,6 +31,7 @@ require 'unimatrix/not_found_error'
|
|
31
31
|
# activist
|
32
32
|
require 'unimatrix/activist/task'
|
33
33
|
require 'unimatrix/activist/activity'
|
34
|
+
require 'unimatrix/activist/activities_schedule'
|
34
35
|
|
35
36
|
# alchemist
|
36
37
|
require 'unimatrix/alchemist/activity_proxy'
|
@@ -58,6 +59,15 @@ require 'unimatrix/archivist/blueprint'
|
|
58
59
|
require 'unimatrix/archivist/blueprint_attribute'
|
59
60
|
require 'unimatrix/archivist/component'
|
60
61
|
|
62
|
+
# authorization
|
63
|
+
require 'unimatrix/authorization/filters/requires_policies' if defined?( Rails )
|
64
|
+
require 'unimatrix/authorization/railtie' if defined?( Rails )
|
65
|
+
require 'unimatrix/authorization/client_credentials_grant'
|
66
|
+
require 'unimatrix/authorization/policy'
|
67
|
+
require 'unimatrix/authorization/resource'
|
68
|
+
require 'unimatrix/authorization/resource_owner'
|
69
|
+
require 'unimatrix/authorization/resource_server'
|
70
|
+
|
61
71
|
# distributor
|
62
72
|
require 'unimatrix/distributor/destination'
|
63
73
|
require 'unimatrix/distributor/distribution'
|
@@ -82,4 +92,11 @@ require 'unimatrix/zephyrus/transcoding_rendition'
|
|
82
92
|
require 'unimatrix/zephyrus/transcribing_output'
|
83
93
|
require 'unimatrix/zephyrus/transcribing_rendition'
|
84
94
|
require 'unimatrix/zephyrus/transmutation_output'
|
85
|
-
require 'unimatrix/zephyrus/transmutation_rendition'
|
95
|
+
require 'unimatrix/zephyrus/transmutation_rendition'
|
96
|
+
|
97
|
+
# curator
|
98
|
+
require 'unimatrix/curator/source'
|
99
|
+
|
100
|
+
# quartermaster
|
101
|
+
require 'unimatrix/quartermaster/binary'
|
102
|
+
require 'unimatrix/quartermaster/binaries_ingressor'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: unimatrix
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 2.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jackson Souza
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-02-
|
11
|
+
date: 2018-02-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -88,6 +88,7 @@ extensions: []
|
|
88
88
|
extra_rdoc_files: []
|
89
89
|
files:
|
90
90
|
- lib/unimatrix.rb
|
91
|
+
- lib/unimatrix/activist/activities_schedule.rb
|
91
92
|
- lib/unimatrix/activist/activity.rb
|
92
93
|
- lib/unimatrix/activist/task.rb
|
93
94
|
- lib/unimatrix/alchemist/activity_proxy.rb
|
@@ -113,8 +114,17 @@ files:
|
|
113
114
|
- lib/unimatrix/archivist/blueprint_attribute.rb
|
114
115
|
- lib/unimatrix/archivist/component.rb
|
115
116
|
- lib/unimatrix/attribute_error.rb
|
117
|
+
- lib/unimatrix/authorization/client_credentials_grant.rb
|
118
|
+
- lib/unimatrix/authorization/filters/requires_policies.rb
|
119
|
+
- lib/unimatrix/authorization/policy.rb
|
120
|
+
- lib/unimatrix/authorization/railtie.rb
|
121
|
+
- lib/unimatrix/authorization/resource.rb
|
122
|
+
- lib/unimatrix/authorization/resource_owner.rb
|
123
|
+
- lib/unimatrix/authorization/resource_server.rb
|
116
124
|
- lib/unimatrix/bad_request_error.rb
|
117
125
|
- lib/unimatrix/configuration.rb
|
126
|
+
- lib/unimatrix/curator/activity_reference.rb
|
127
|
+
- lib/unimatrix/curator/source.rb
|
118
128
|
- lib/unimatrix/distributor/activity_reference.rb
|
119
129
|
- lib/unimatrix/distributor/destination.rb
|
120
130
|
- lib/unimatrix/distributor/distribution.rb
|
@@ -133,6 +143,8 @@ files:
|
|
133
143
|
- lib/unimatrix/not_found_error.rb
|
134
144
|
- lib/unimatrix/operation.rb
|
135
145
|
- lib/unimatrix/parser.rb
|
146
|
+
- lib/unimatrix/quartermaster/binaries_ingressor.rb
|
147
|
+
- lib/unimatrix/quartermaster/binary.rb
|
136
148
|
- lib/unimatrix/realm.rb
|
137
149
|
- lib/unimatrix/request.rb
|
138
150
|
- lib/unimatrix/resource.rb
|