vines-services 0.1.0

data/lib/vines/services/roster.rb

@@ -0,0 +1,70 @@
+# encoding: UTF-8
+module Vines
+  class Storage
+    class CouchDB < Storage
+
+      ALL_SERVICES = '/_design/Service/_view/by_name'.freeze
+
+      # The existing storage class needs another method for our custom roster queries
+      # The default escaping in URLs makes this method necessary
+      def get_services
+        http = EM::HttpRequest.new("#{@url}#{ALL_SERVICES}").get
+        http.errback { yield }
+        http.callback do
+          doc = if http.response_header.status == 200
+            JSON.parse(http.response) rescue nil
+          end
+          yield doc
+        end
+      end
+
+      #In order to supply the correct vines roster logic, we need to over ride the default
+      #User creation of in the vines server. This method is much more effecient than
+      #looking up roster memberships each time the roster is sent.
+      def find_user(jid)
+        jid = JID.new(jid || '').bare.to_s
+        if jid.empty? then yield; return end
+        get("user:#{jid}") do |doc|
+          user = if doc && doc['type'] == 'User'
+            User.new(:jid => jid).tap do |user|
+              user.name, user.password = doc.values_at('name', 'password')
+              if doc['roster'] != ""
+                (doc['roster'] || {}).each_pair do |jid, props|
+                  user.roster << Contact.new(
+                    :jid => jid,
+                    :name => props['name'],
+                    :subscription => props['subscription'],
+                    :ask => props['ask'],
+                    :groups => props['groups'] || [])
+                end
+              end
+              add_user_roster_services(user)
+            end
+          end
+          yield user
+        end
+      end
+      fiber :find_user
+
+      # We will go find each service that contains this user jid in the
+      # users of the service document.
+      def add_user_roster_services(user)
+        self.get_services do |cdoc|
+          if cdoc
+            rows = cdoc['rows'].map do |row|
+              if row['value']['users'].include?(user.jid.to_s)
+                jid = JID.new("#{row['value']['jid']}").bare.to_s
+                user.roster << Contact.new(
+                  :jid => jid,
+                  :name => row['value']['name'],
+                  :subscription => "both",
+                  :ask => "subscribe",
+                  :groups => ["Vines"])
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vines/services/storage/couchdb/fragment.rb

@@ -0,0 +1,23 @@
+# encoding: UTF-8
+
+module Vines
+  module Services
+    module CouchModels
+      class Fragment < CouchRest::Model::Base
+        extend Storage::CouchDB::ClassMethods
+
+        property :xml, String
+
+        design do
+          view :by_jid,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'Fragment') return;
+                emit(doc['_id'].split(':')[1], null);
+              }
+            }
+        end
+      end
+    end
+  end
+end

data/lib/vines/services/storage/couchdb/service.rb

@@ -0,0 +1,170 @@
+# encoding: UTF-8
+
+module Vines
+  module Services
+    module CouchModels
+      class Service < CouchRest::Model::Base
+        extend Storage::CouchDB::ClassMethods
+
+        KEYS      = %w[_id name code accounts users jid created_at modified_at].freeze
+        VIEW_ID   = "_design/System".freeze
+        VIEW_NAME = "System/memberships".freeze
+
+        attr_writer :size
+
+        after_save :update_views
+        after_destroy :update_views
+
+        property :name, String
+        property :code, String
+        property :accounts, [String], :default => []
+        property :users, [String], :default => []
+        property :jid, String
+
+        timestamps!
+
+        validates_uniqueness_of :name
+        validates_presence_of :name
+        validates_presence_of :code
+        validates_uniqueness_of :jid
+        validates_presence_of :jid
+        validate :compile_view
+
+        design do
+          view :by_name,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'Service' || !doc.name) return;
+                emit(doc.name, doc);
+              }
+            }
+
+          view :by_jid,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'Service' || !doc.jid) return;
+                emit(doc.jid, doc);
+              }
+            }
+
+          view :by_account,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'Service' || !doc.accounts) return;
+                doc.accounts.forEach(function(account) {
+                  emit(account, doc);
+                });
+              }
+            },
+            reduce: '_count'
+
+          view :by_user,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'Service' || !doc.users) return;
+                doc.users.forEach(function(jid) {
+                  emit(jid, doc);
+                });
+              }
+            },
+            reduce: '_count'
+        end
+
+        # Return true if this JID is allowed access to this service.
+        def user?(jid)
+          users.include?(jid.to_s.downcase)
+        end
+
+        # Allow the user, specified by their JID, to access the members of this
+        # service. Adds the JID to the list and ensures the list stays sorted
+        # and unique.
+        def add_user(jid)
+          users << jid.to_s.downcase
+          users.sort!
+          users.uniq!
+        end
+
+        # Remove this user's permission to access this service.
+        def remove_user(jid)
+          users.delete(jid.to_s.downcase)
+        end
+
+        # Return the number of members in this service's view. This is faster
+        # than calling Service#members#size because this reduces the view,
+        # so all members aren't loaded from the database. The size is cached so
+        # subsequent calls to this method do not query the view.
+        def size
+          unless @size
+            rows = database.view(VIEW_NAME, reduce: true, key: [0, id])['rows'] rescue []
+            @size = rows.first ? rows.first['value'] : 0
+          end
+          @size
+        end
+
+        # Query the members view and return an Array of Hashes like this:
+        # [{name: 'www.wonderland.lit', os: 'linux'}]. The members are cached
+        # so subsequent calls to this method do not query the view.
+        def members
+          unless @members
+            rows = database.view(VIEW_NAME, reduce: false, key: [0, id])['rows'] rescue []
+            @members = rows.map {|row| row['value'] }
+          end
+          @members
+        end
+
+        def to_result
+          to_hash.clone.keep_if {|k, v| KEYS.include?(k) }
+            .tap {|h| h['id'] = h.delete('_id') }
+        end
+
+        def self.find_by_name(name)
+          first_from_view('by_name', name)
+        end
+
+        def self.find_by_jid(jid)
+          first_from_view('by_jid', jid.to_s.downcase)
+        end
+
+        def self.find_by_user(jid)
+          by_user.key(jid.to_s.downcase).to_a
+        end
+
+        def self.find_all
+          sizes = find_sizes
+          by_name.map do |doc|
+            doc.size = sizes[doc.id] || 0
+            doc
+          end
+        end
+
+        # Return a Hash of service ID to member count.
+        def self.find_sizes
+          {}.tap do |hash|
+            rows = database.view(VIEW_NAME, reduce: true, group: true, startkey: [0], endkey: [1])['rows'] rescue []
+            rows.each do |row|
+              hash[row['key'][1]] = row['value']
+            end
+          end
+        end
+
+        private
+
+        def compile_view
+          VQL::Compiler.new.to_js(code)
+        rescue Exception => e
+          errors.add(:base, e.message)
+        end
+
+        def update_views
+          js = VQL::Compiler.new.to_full_js(self.class.by_name.to_a)
+          design = database.get(VIEW_ID) rescue nil
+          design ||= {'_id' => VIEW_ID, 'views' => {}}
+          design['views']['memberships'] = {map: js, reduce: '_count'}
+          database.save_doc(design)
+          # trigger view update, discard results
+          EM::HttpRequest.new("#{database.root}/#{VIEW_ID}/_view/memberships").get
+        end
+      end
+    end
+  end
+end

data/lib/vines/services/storage/couchdb/system.rb

@@ -0,0 +1,141 @@
+# encoding: UTF-8
+
+module Vines
+  module Services
+    module CouchModels
+      class System < CouchRest::Model::Base
+        extend Storage::CouchDB::ClassMethods
+
+        KEYS      = %w[_id ohai created_at modified_at].freeze
+        VIEW_NAME = "System/memberships".freeze
+
+        attr_writer :services
+
+        property :ohai, Hash
+
+        timestamps!
+
+        validates_presence_of :ohai
+
+        design do
+          # System docs are large so don't include them in the view. Use
+          # include_docs=true when querying the view, if the full document
+          # is needed.
+          view :by_name,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'System') return;
+                emit(doc['_id'].replace('system:', ''), null);
+              }
+            }
+
+          view :attributes,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'System' || !doc.ohai) return;
+                Object.keys(doc.ohai).forEach(function(key) {
+                  emit(key, null);
+                });
+              }
+            },
+            reduce: '_count'
+        end
+
+        def name
+          id.sub('system:', '')
+        end
+
+        # Query the members view and return the Service objects to which this
+        # System belongs. The services are cached so subsequent calls to this
+        # method do not query the view.
+        def services
+          unless @services
+            rows = database.view(VIEW_NAME, reduce: false, key: [1, name])['rows'] rescue []
+            ids = rows.map {|row| row['value'] }
+            @services = Service.all.keys(ids).to_a
+          end
+          @services
+        end
+
+        # Return a Hash of unix user ID to an Array of JID's allowed to access
+        # that account. For example:
+        # {'apache' => ['alice@wonderland.lit'],
+        #  'root'   => ['hatter@wonderland.lit]}
+        def permissions
+          {}.tap do |perms|
+            services.each do |service|
+              service.accounts.each do |unix_id|
+                jids = (perms[unix_id] ||= [])
+                jids << service.users
+                jids.flatten!
+                jids.sort!.uniq!
+              end
+            end
+          end
+        end
+
+        def to_result
+          to_hash.clone.keep_if {|k, v| KEYS.include?(k) }.tap do |h|
+            h['name'] = h.delete('_id').sub('system:', '')
+            h['services'] = services.map {|s| {id: s.id, jid: s.jid, name: s.name} }
+            h['permissions'] = permissions
+          end
+        end
+
+        # Send updated permissions to each system that belongs to the service
+        # (or belonged to it before the save).
+        def self.notify_members(stream, from, members)
+          return if members.empty?
+          names = members.map {|m| m['name'] }.uniq
+          systems = System.find_by_names(names)
+          nodes = systems.map do |system|
+            Blather::Stanza::Iq::Query.new(:set).tap do |result|
+              result.to = Blather::JID.new(system.name, from.domain)
+              result.query.content = system.to_result.to_json
+              result.query.namespace = 'http://getvines.com/protocol/systems'
+            end
+          end
+          Throttle.new(stream).async_send(nodes)
+        end
+
+        def self.find_attributes
+          view = attributes.reduce.group
+          view.rows.map {|row| row['key'] }
+        end
+
+        def self.find_all
+          by_name.rows.map do |row|
+            {name: row['key']}
+          end
+        end
+
+        def self.find_by_name(name)
+          find("system:#{name.downcase}")
+        end
+
+        # Return an Array of Systems with the given names. This method
+        # efficiently bulk loads systems and their services much more quickly
+        # than loading systems one by one. Note that the systems returned by
+        # this method do not have their ohai data loaded because it's expensive.
+        def self.find_by_names(names)
+          keys = names.map {|name| [1, name.downcase] }
+          rows = database.view(VIEW_NAME, reduce: false, keys: keys)['rows'] rescue []
+          ids = rows.map {|row| row['value'] }.uniq
+          services = Service.all.keys(ids).to_a
+          by_id = Hash[services.map {|s| [s.id, s] }]
+          by_name = Hash.new do |h, k|
+            h[k] = System.new(id: "system:#{k}").tap do |system|
+              system.services = []
+            end
+          end
+          rows.each do |row|
+            name = row['key'][1]
+            service = by_id[row['value']]
+            by_name[name].services << service
+          end
+          by_name.values
+        end
+      end
+    end
+  end
+end

data/lib/vines/services/storage/couchdb/upload.rb

@@ -0,0 +1,66 @@
+# encoding: UTF-8
+
+module Vines
+  module Services
+    module CouchModels
+      class Upload < CouchRest::Model::Base
+        extend Storage::CouchDB::ClassMethods
+
+        KEYS = %w[_id name size labels created_at modified_at].freeze
+
+        property :name, String
+        property :size, Integer
+        property :labels, [String], :default => []
+
+        timestamps!
+
+        validates_uniqueness_of :name
+        validates_presence_of :name
+        validates_numericality_of :size, only_integer: true, greater_than: -1
+
+        design do
+          view :by_name,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'Upload' || !doc.name) return;
+                emit(doc.name, doc);
+              }
+            }
+
+          view :by_label,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'Upload' || !doc.labels) return;
+                doc.labels.forEach(function(label) {
+                  emit(label, doc);
+                });
+              }
+            },
+            reduce: '_count'
+        end
+
+        def to_result
+          to_hash.clone.keep_if {|k, v| KEYS.include?(k) }
+            .tap {|h| h['id'] = h.delete('_id') }
+        end
+
+        def self.find_labels
+          view = by_label.reduce.group
+          view.rows.map {|row| {name: row['key'], size: row['value']} }
+        end
+
+        def self.find_by_label(label)
+          by_label.key(label).map {|doc| doc.to_result }
+        end
+
+        def self.find_by_name(name)
+          first_from_view('by_name', name)
+        end
+
+        def self.find_all
+          by_name.map {|doc| doc.to_result }
+        end
+      end
+    end
+  end
+end

data/lib/vines/services/storage/couchdb/user.rb

@@ -0,0 +1,137 @@
+# encoding: UTF-8
+
+module Vines
+  module Services
+    module CouchModels
+      class User < CouchRest::Model::Base
+        extend Storage::CouchDB::ClassMethods
+
+        KEYS = %w[_id name permissions system created_at modified_at].freeze
+
+        before_save :enforce_constraints
+        after_destroy :remove_references
+
+        property :name, String
+        property :password, String
+        property :roster, Hash, :default => {}
+        property :permissions, Hash, :default => {}
+        property :system, TrueClass, :default => false
+
+        timestamps!
+
+        validates_presence_of :password
+
+        design do
+          view :by_jid,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'User') return;
+                emit(doc['_id'].replace('user:', ''), doc);
+              }
+            }
+
+          view :subscribers,
+            map: %q{
+              function(doc) {
+                if (doc.type != 'User' || !doc.roster) return;
+                Object.keys(doc.roster).forEach(function(jid) {
+                  emit(doc['_id'].replace('user:', ''), jid);
+                });
+              }
+            },
+            reduce: '_count'
+        end
+
+        %w[systems services users files].each do |name|
+          define_method "manage_#{name}?" do
+            !!read_attribute('permissions')[name]
+          end
+          define_method "manage_#{name}=" do |value|
+            read_attribute('permissions')[name] = !!value
+          end
+        end
+
+        def permissions=(perms)
+          perms ||= {}
+          self.manage_systems = perms['systems']
+          self.manage_services = perms['services']
+          self.manage_files = perms['files']
+          self.manage_users = perms['users']
+        end
+
+        def password=(desired)
+          desired = (desired || '').strip
+          raise 'password too short' if desired.size < (system ? 128 : 8)
+          write_attribute('password', BCrypt::Password.create(desired))
+        end
+
+        def change_password(previous, desired)
+          hash = BCrypt::Password.new(password) rescue nil
+          raise 'password failure' unless hash && hash == previous
+          self.password = desired
+        end
+
+        def jid
+          id ? id.sub('user:', '') : nil
+        end
+
+        # Query the Service/by_user view and return the Service objects to which
+        # this User has access. The services are cached so subsequent calls to
+        # this method do not query the view.
+        def services
+          @services ||= Service.find_by_user(jid)
+        end
+
+        def to_result
+          to_hash.clone.keep_if {|k, v| KEYS.include?(k) }.tap do |h|
+            h['jid'] = h.delete('_id').sub('user:', '')
+            h['services'] = h['system'] ? []: services.map {|s| s.id }
+          end
+        end
+
+        def self.find_all
+          by_jid.map do |doc|
+            {jid: doc.jid, name: doc.name, system: doc.system}
+          end
+        end
+
+        def self.find_by_jid(jid)
+          first_from_view('by_jid', jid.to_s.downcase)
+        end
+
+        private
+
+        # System users are not allowed to manage any other objects.
+        def enforce_constraints
+          if system
+            write_attribute('name', nil)
+            write_attribute('permissions', {})
+          end
+        end
+
+        # After the User document is deleted, remove references to the user from
+        # related documents (rosters, services, vcards and XML fragments).
+        def remove_references
+          if card = Vcard.find("vcard:#{jid}")
+            card.destroy
+          end
+
+          Fragment.by_jid.key(jid).each do |doc|
+            doc.destroy
+          end
+
+          Service.find_by_user(jid).each do |service|
+            service.remove_user(jid)
+            service.save
+          end
+
+          jids = User.subscribers.key(jid).rows.map {|row| row['value'] }
+          User.by_jid.keys(jids).each do |subscriber|
+            subscriber.roster.delete(jid)
+            subscriber.save
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vines/services/storage/couchdb/vcard.rb

@@ -0,0 +1,13 @@
+# encoding: UTF-8
+
+module Vines
+  module Services
+    module CouchModels
+      class Vcard < CouchRest::Model::Base
+        extend Storage::CouchDB::ClassMethods
+
+        property :card, String
+      end
+    end
+  end
+end