vinesmod 0.4.5

data/lib/vines/command/init.rb

@@ -0,0 +1,68 @@
+# encoding: UTF-8
+
+module Vines
+  module Command
+    class Init
+      def run(opts)
+        raise 'vines init <domain>' unless opts[:args].size == 1
+        domain = opts[:args].first.downcase
+        dir = File.expand_path(domain)
+        raise "Directory already initialized: #{domain}" if File.exists?(dir)
+        Dir.mkdir(dir)
+
+        create_directories(dir)
+        create_users(domain, dir)
+        update_config(domain, dir)
+        Command::Cert.new.create_cert(domain, File.join(dir, 'conf/certs'))
+
+        puts "Initialized server directory: #{domain}"
+        puts "Run 'cd #{domain} && vines start' to begin"
+      end
+
+      private
+
+      # Limit file system database directory access so the server is the only
+      # process managing the data. The config.rb file contains component and
+      # database passwords, so restrict access to just the server user as well.
+      def create_directories(dir)
+        %w[conf web].each do |sub|
+          FileUtils.cp_r(File.expand_path("../../../../#{sub}", __FILE__), dir)
+        end
+        %w[data log pid].each do |sub|
+          Dir.mkdir(File.join(dir, sub), 0700)
+        end
+        File.chmod(0600, File.join(dir, 'conf/config.rb'))
+      end
+
+      def update_config(domain, dir)
+        config = File.expand_path('conf/config.rb', dir)
+        text = File.read(config, encoding: 'utf-8')
+        File.open(config, 'w:utf-8') do |f|
+          f.write(text.gsub('wonderland.lit', domain))
+        end
+      end
+
+      def create_users(domain, dir)
+        password = 'secr3t'
+        alice, arthur = %w[alice arthur].map do |jid|
+          User.new(jid: [jid, domain].join('@'),
+            password: BCrypt::Password.create(password).to_s)
+        end
+
+        [[alice, arthur], [arthur, alice]].each do |user, contact|
+          user.roster << Contact.new(
+            jid: contact.jid,
+            name: contact.jid.node.capitalize,
+            subscription: 'both',
+            groups: %w[Buddies])
+        end
+
+        storage = Storage::Local.new { dir(File.join(dir, 'data')) }
+        [alice, arthur].each do |user|
+          storage.save_user(user)
+          puts "Created example user #{user.jid} with password #{password}"
+        end
+      end
+    end
+  end
+end

data/lib/vines/command/register.rb

@@ -0,0 +1,27 @@
+# encoding: UTF-8
+
+module Vines
+  module Command
+    class Register
+      def run(opts)
+        raise 'vines register <login> <password> <domain>' unless opts[:args].size == 3
+        require opts[:config]
+
+        login, password, domain = opts[:args]
+
+        create_user(domain, login, password)
+      end
+
+      def create_user(domain, jid, password)
+        user = User.new(jid: [jid, domain].join('@'),
+          password: BCrypt::Password.create(password).to_s)
+
+        storage = Storage::Local.new { dir(Config.instance.storage(domain).dir) }
+        storage.save_user(user)
+        
+        puts "Created user #{user.jid} with password #{password}"
+      end
+
+    end
+  end
+end

data/lib/vines/command/restart.rb

@@ -0,0 +1,12 @@
+# encoding: UTF-8
+
+module Vines
+  module Command
+    class Restart
+      def run(opts)
+        Stop.new.run(opts)
+        Start.new.run(opts)
+      end
+    end
+  end
+end

data/lib/vines/command/schema.rb

@@ -0,0 +1,24 @@
+# encoding: UTF-8
+
+module Vines
+  module Command
+    class Schema
+      def run(opts)
+        raise 'vines schema <domain>' unless opts[:args].size == 1
+        require opts[:config]
+        domain = opts[:args].first
+        unless storage = Config.instance.vhost(domain).storage rescue nil
+          raise "#{domain} virtual host not found in conf/config.rb"
+        end
+        unless storage.respond_to?(:create_schema)
+          raise "SQL storage not configured for #{domain} virtual host"
+        end
+        begin
+          storage.create_schema
+        rescue => e
+          raise "Schema creation failed: #{e.message}"
+        end
+      end
+    end
+  end
+end

data/lib/vines/command/start.rb

@@ -0,0 +1,28 @@
+# encoding: UTF-8
+
+module Vines
+  module Command
+    class Start
+      def run(opts)
+        raise 'vines [--pid FILE] start' unless opts[:args].size == 0
+        require opts[:config]
+        server = XmppServer.new(Config.instance)
+        daemonize(opts) if opts[:daemonize]
+        server.start
+      end
+
+      private
+
+      def daemonize(opts)
+        daemon = Daemon.new(:pid => opts[:pid], :stdout => opts[:log],
+          :stderr => opts[:log])
+        if daemon.running?
+          raise "Vines is running as process #{daemon.pid}"
+        else
+          puts "Vines has started"
+          daemon.start
+        end
+      end
+    end
+  end
+end

data/lib/vines/command/stop.rb

@@ -0,0 +1,18 @@
+# encoding: UTF-8
+
+module Vines
+  module Command
+    class Stop
+      def run(opts)
+        raise 'vines [--pid FILE] stop' unless opts[:args].size == 0
+        daemon = Daemon.new(:pid => opts[:pid])
+        if daemon.running?
+          daemon.stop
+          puts 'Vines has been shutdown'
+        else
+          puts 'Vines is not running'
+        end
+      end
+    end
+  end
+end

data/lib/vines/command/unregister.rb

@@ -0,0 +1,27 @@
+# encoding: UTF-8
+
+module Vines
+  module Command
+    class Unregister
+      def run(opts)
+        raise 'vines unregister <login> <password> <domain>' unless opts[:args].size == 3
+        require opts[:config]
+
+        login, password, domain = opts[:args]
+
+        delete_user(domain, login, password)
+      end
+
+      def delete_user(domain, jid, password)
+        user = User.new(jid: [jid, domain].join('@'),
+          password: BCrypt::Password.create(password).to_s)
+
+        storage = Storage::Local.new { dir(Config.instance.storage(domain).dir) }
+        storage.save_user(user)
+        
+        puts "Created user #{user.jid} with password #{password}"
+      end
+
+    end
+  end
+end

data/lib/vines/config.rb

@@ -0,0 +1,213 @@
+# encoding: UTF-8
+
+module Vines
+
+  # A Config object is passed to the stream handlers to give them access
+  # to server configuration information like virtual host names, storage
+  # systems, etc. This class provides the DSL methods used in the
+  # conf/config.rb file.
+  class Config
+    LOG_LEVELS = %w[debug info warn error fatal].freeze
+
+    attr_reader :router
+
+    @@instance = nil
+    def self.configure(&block)
+      @@instance = self.new(&block)
+    end
+
+    def self.instance
+      @@instance
+    end
+
+    def initialize(&block)
+      @certs = File.expand_path('conf/certs')
+      @vhosts, @ports, @cluster = {}, {}, nil
+      @null = Storage::Null.new
+      @router = Router.new(self)
+      instance_eval(&block)
+      raise "must define at least one virtual host" if @vhosts.empty?
+
+      unless @certs && File.directory?(@certs) && File.readable?(@certs)
+        raise 'Must provide a readable certs directory'
+      end
+    end
+
+    def certs(dir=nil)
+      dir ? @certs = File.expand_path(dir) : @certs
+    end
+
+    def host(*names, &block)
+      names = names.flatten.map {|name| name.downcase }
+      dupes = names.uniq.size != names.size || (@vhosts.keys & names).any?
+      raise "one host definition per domain allowed" if dupes
+      names.each do |name|
+        @vhosts[name] = Host.new(self, name, &block)
+      end
+    end
+
+    %w[client server http component].each do |name|
+      define_method(name) do |*args, &block|
+        port = Vines::Config.const_get("#{name.capitalize}Port")
+        raise "one #{name} port definition allowed" if @ports[name.to_sym]
+        @ports[name.to_sym] = port.new(self, *args) do
+          instance_eval(&block) if block
+        end
+      end
+    end
+
+    def cluster(&block)
+      return @cluster unless block
+      raise "one cluster definition allowed" if @cluster
+      @cluster = Cluster.new(self, &block)
+    end
+
+    def log(level)
+      const = Logger.const_get(level.to_s.upcase) rescue nil
+      unless LOG_LEVELS.include?(level.to_s) && const
+        raise "log level must be one of: #{LOG_LEVELS.join(', ')}"
+      end
+      Class.new.extend(Vines::Log).log.level = const
+    end
+
+    def ports
+      @ports.values
+    end
+
+    # Return true if the domain is virtual hosted by this server.
+    def vhost?(domain)
+      !!vhost(domain)
+    end
+
+    # Return the Host config object for this domain if it's hosted by this
+    # server.
+    def vhost(domain)
+      @vhosts[domain.to_s]
+    end
+
+    # Returns the storage system for the domain or a Storage::Null instance if
+    # the domain is not hosted at this server.
+    def storage(domain)
+      host = vhost(domain)
+      host ? host.storage : @null
+    end
+
+    # Returns the PubSub system for the domain or nil if pubsub is not enabled
+    # for this domain.
+    def pubsub(domain)
+      host = @vhosts.values.find {|host| host.pubsub?(domain) }
+      host.pubsubs[domain.to_s] if host
+    end
+
+    # Return true if the domain is a pubsub service hosted at a virtual host
+    # at this server.
+    def pubsub?(domain)
+      @vhosts.values.any? {|host| host.pubsub?(domain) }
+    end
+
+    # Return true if all JIDs belong to components hosted by this server.
+    def component?(*jids)
+      !jids.flatten.index do |jid|
+        !component_password(JID.new(jid).domain)
+      end
+    end
+
+    # Return the password for the component or nil if it's not hosted here.
+    def component_password(domain)
+      host = @vhosts.values.find {|host| host.component?(domain) }
+      host.password(domain) if host
+    end
+
+    # Return true if all of the JIDs are hosted by this server.
+    def local_jid?(*jids)
+      !jids.flatten.index do |jid|
+        !vhost?(JID.new(jid).domain)
+      end
+    end
+
+    # Return true if private XML fragment storage is enabled for this domain.
+    def private_storage?(domain)
+      host = vhost(domain)
+      host.private_storage? if host
+    end
+
+    # Returns true if server-to-server connections are allowed with the
+    # given domain.
+    def s2s?(domain)
+      @ports[:server] && @ports[:server].hosts.include?(domain.to_s)
+    end
+
+    # Return true if the server is a member of a cluster, serving the same
+    # domains from different machines.
+    def cluster?
+      !!@cluster
+    end
+
+    # Retrieve the Port subclass with this name:
+    # [:client, :server, :http, :component]
+    def [](name)
+      @ports[name] or raise ArgumentError.new("no port named #{name}")
+    end
+
+    # Return true if the two JIDs are allowed to send messages to each other.
+    # Both domains must have enabled cross_domain_messages in their config files.
+    def allowed?(to, from)
+      to, from = JID.new(to), JID.new(from)
+      return false                      if to.empty? || from.empty?
+      return true                       if to.domain == from.domain # same domain always allowed
+      return cross_domain?(to, from)    if local_jid?(to, from)     # both virtual hosted here
+      return check_subdomains(to, from) if subdomain?(to, from)     # component/pubsub to component/pubsub
+      return check_subdomain(to, from)  if subdomain?(to)           # to component/pubsub
+      return check_subdomain(from, to)  if subdomain?(from)         # from component/pubsub
+      return cross_domain?(to)          if local_jid?(to)           # from is remote
+      return cross_domain?(from)        if local_jid?(from)         # to is remote
+      return false
+    end
+
+    private
+
+    # Return true if all of the JIDs are some kind of subdomain resource hosted
+    # here (either a component or a pubsub domain).
+    def subdomain?(*jids)
+      !jids.flatten.index do |jid|
+        !component?(jid) && !pubsub?(jid)
+      end
+    end
+
+    # Return true if the third-level subdomain JIDs (components and pubsubs)
+    # are allowed to communicate with each other. For example, a
+    # tea.wonderland.lit component should be allowed to send messages to
+    # pubsub.wonderland.lit because they share the second-level wonderland.lit
+    # domain.
+    def check_subdomains(to, from)
+      sub1, sub2 = strip_domain(to), strip_domain(from)
+      (sub1 == sub2) || cross_domain?(sub1, sub2)
+    end
+
+    # Return true if the third-level subdomain JID (component or pubsub) is
+    # allowed to communicate with the other JID. For example,
+    # pubsub.wonderland.lit should be allowed to send messages to
+    # alice@wonderland.lit because they share the second-level wonderland.lit
+    # domain.
+    def check_subdomain(subdomain, jid)
+      comp = strip_domain(subdomain)
+      return true if comp.domain == jid.domain
+      local_jid?(jid) ? cross_domain?(comp, jid) : cross_domain?(comp)
+    end
+
+    # Return the third-level JID's domain with the first subdomain stripped off
+    # to create a second-level domain. For example, alice@tea.wonderland.lit
+    # returns wonderland.lit.
+    def strip_domain(jid)
+      domain = jid.domain.split('.').drop(1).join('.')
+      JID.new(domain)
+    end
+
+    # Return true if all JIDs are allowed to exchange cross domain messages.
+    def cross_domain?(*jids)
+      !jids.flatten.index do |jid|
+        !vhost(jid.domain).cross_domain_messages?
+      end
+    end
+  end
+end

data/lib/vines/config/host.rb

@@ -0,0 +1,119 @@
+# encoding: UTF-8
+
+module Vines
+  class Config
+
+    # Provides the DSL methods for the virtual host definitions in the
+    # conf/config.rb file. Host instances can be accessed at runtime through
+    # the +Config#vhosts+ method.
+    class Host
+      attr_reader :pubsubs
+
+      def initialize(config, name, &block)
+        @config, @name = config, name.downcase
+        @storage = nil
+        @cross_domain_messages = false
+        @private_storage = false
+        @components, @pubsubs = {}, {}
+        validate_domain(@name)
+        instance_eval(&block)
+        raise "storage required for #{@name}" unless @storage
+      end
+
+      def storage(name=nil, &block)
+        if name
+          raise "one storage mechanism per host allowed" if @storage
+          @storage = Storage.from_name(name, &block)
+        else
+          @storage
+        end
+      end
+
+      def cross_domain_messages(enabled)
+        @cross_domain_messages = !!enabled
+      end
+
+      def cross_domain_messages?
+        @cross_domain_messages
+      end
+
+      def components(options=nil)
+        return @components unless options
+
+        names = options.keys.map {|domain| "#{domain}.#{@name}".downcase }
+        raise "duplicate component domains not allowed" if dupes?(names, @components.keys)
+        raise "pubsub domains overlap component domains" if dupes?(names, @pubsubs.keys)
+
+        options.each do |domain, password|
+          raise 'component domain required' if (domain || '').to_s.strip.empty?
+          raise 'component password required' if (password || '').strip.empty?
+          name = "#{domain}.#{@name}".downcase
+          raise "components must be one level below their host: #{name}" if domain.to_s.include?('.')
+          validate_domain(name)
+          @components[name] = password
+        end
+      end
+
+      def component?(domain)
+        !!@components[domain.to_s]
+      end
+
+      def password(domain)
+        @components[domain.to_s]
+      end
+
+      def pubsub(*domains)
+        domains.flatten!
+        raise 'define at least one pubsub domain' if domains.empty?
+        names = domains.map {|domain| "#{domain}.#{@name}".downcase }
+        raise "duplicate pubsub domains not allowed" if dupes?(names, @pubsubs.keys)
+        raise "pubsub domains overlap component domains" if dupes?(names, @components.keys)
+        domains.each do |domain|
+          raise 'pubsub domain required' if (domain || '').to_s.strip.empty?
+          name = "#{domain}.#{@name}".downcase
+          raise "pubsub domains must be one level below their host: #{name}" if domain.to_s.include?('.')
+          validate_domain(name)
+          @pubsubs[name] = PubSub.new(@config, name)
+        end
+      end
+
+      def pubsub?(domain)
+        @pubsubs.key?(domain.to_s)
+      end
+
+      # Unsubscribe this JID from all pubsub topics hosted at this virtual host.
+      # This should be called when the user's session ends via logout or
+      # disconnect.
+      def unsubscribe_pubsub(jid)
+        @pubsubs.values.each do |pubsub|
+          pubsub.unsubscribe_all(jid)
+        end
+      end
+
+      def disco_items
+        [@components.keys, @pubsubs.keys].flatten.sort
+      end
+
+      def private_storage(enabled)
+        @private_storage = !!enabled
+      end
+
+      def private_storage?
+        @private_storage
+      end
+
+      private
+
+      # Return true if the arrays contain any duplicate items.
+      def dupes?(a, b)
+        a.uniq.size != a.size || b.uniq.size != b.size || (a & b).any?
+      end
+
+      # Prevent domains in config files that won't form valid JIDs.
+      def validate_domain(name)
+        jid = JID.new(name)
+        raise "incorrect domain: #{name}" if jid.node || jid.resource
+      end
+    end
+  end
+end