virtuaservices 0.1.0

data/lib/virtuaservices/monitoring/route.rb

@@ -0,0 +1,36 @@
+module Virtuaservices
+  module Monitoring
+    # A route is an endpoint accessible in a service. Each route has to have an associated endpoint in the deployed instances.
+    # @param Vincent Courtois <courtois.vincent@outlook.com>
+    class Route
+      include Mongoid::Document
+      include Mongoid::Timestamps
+      include Virtuaservices::Concerns::Premiumable
+      include Virtuaservices::Concerns::Activable
+
+      # @!attribute [rw] path
+      #   @return [String] the path (URI) of the route in the service?
+      field :path, type: String, default: '/'
+      # @!attribute [rw] verb
+      #   @return [String] the verb (HTTP method) of this route in the service.
+      field :verb, type: String, default: 'get'
+      # @!attribute [rw] authenticated
+      #   @return [Boolean] if true, the session_id is needed for this route, if false it is not.
+      field :authenticated, type: Boolean, default: true
+
+      # @!attribute [rw] service
+      #   @return [Virtuaservices::Monitoring::Service] the service in which this route is declared.
+      belongs_to :service, class_name: 'Virtuaservices::Monitoring::Service', inverse_of: :routes
+
+      # @!attribute [rw] groups
+      #   @return [Array<Virtuaservices::Permissions::Group>] the groups having permission to access this route.
+      has_and_belongs_to_many :groups, class_name: 'Virtuaservices::Permissions::Group', inverse_of: :groups
+
+      validates :path,
+        format: {with: /\A(\/|((\/:?[a-zA-Z0-9_]+)+))\z/, message: 'pattern', if: :path?}
+
+      validates :verb,
+        inclusion: {message: 'unknown', in: ['get', 'post', 'put', 'delete', 'patch', 'option']}
+    end
+  end
+end

data/lib/virtuaservices/monitoring/service.rb

@@ -0,0 +1,37 @@
+module Virtuaservices
+  module Monitoring
+    # A service is the representation of one of the applications composing the API.
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    class Service
+      include Mongoid::Document
+      include Mongoid::Timestamps
+      include Virtuaservices::Concerns::Activable
+      include Virtuaservices::Concerns::Diagnosticable
+      include Virtuaservices::Concerns::Premiumable
+
+      # @!attribute [rw] key
+      #   @return [String] the name, or title of the service, optionally given to identify it more easily.
+      field :key, type: String
+      # @!attribute [rw] path
+      #   @return [String] the path the service will be mapped on in the API.
+      field :path, type: String, default: '/'
+      # @!attribute [rw] test_mode
+      #   @return [Boolean] TRUE if the service is currently in test mode and thus the gateway shall only qurty local instances.
+      field :test_mode, type: Boolean, default: false
+
+      # @!attribute [rw] creator
+      #   @return [Virtuaservices::Account] the creator of this service.
+      belongs_to :creator, class_name: 'Virtuaservices::Account', optional: true, inverse_of: :services
+      # @!attribute [rw] instances
+      #   @return [Array<Virtuaservices::Monitoring::Instance>] the instances of this service currently deployed.
+      embeds_many :instances, class_name: 'Virtuaservices::Monitoring::Instance', inverse_of: :service
+      # @!attribute [rw] routes
+      #   @return [Array<Virtuaservices::Monitoring::Route>] the routes associated to this service, accessible from the gateway.
+      has_many :routes, class_name: 'Virtuaservices::Monitoring::Route', inverse_of: :service
+
+      validates :key, uniqueness: {message: 'uniq'}
+
+      validates :path, format: {with: /\A(\/:?[a-z]+)+\z/, message: 'pattern'}
+    end
+  end
+end

data/lib/virtuaservices/monitoring/websocket.rb

@@ -0,0 +1,25 @@
+module Virtuaservices
+  module Monitoring
+    # The websocket is a particular kind of service, just like the gateway. It always has the same signature.
+    # A websocket document is a particular instance of websocket, located on a server and answering to a URL.
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    class Websocket
+      include Mongoid::Document
+      include Mongoid::Timestamps
+      include Virtuaservices::Concerns::Activable
+      include Virtuaservices::Concerns::Diagnosticable
+
+      # @!attribute [rw] url
+      #   @return [String] the URL of the websocket to be contacted on.
+      field :url, type: String
+
+      # @!attribute [rw] creator
+      #   @return [Virtuaservices::Account] the account that created this web socket instance in the database.
+      belongs_to :creator, class_name: 'Virtuaservices::Account', inverse_of: :web_sockets, optional: true
+      
+      validates :url,
+        presence: {message: 'required'},
+        format: {with: /\A(ws:\/\/)([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w \.-]*)*\/?\z/, message: 'pattern', if: :url?}
+    end
+  end
+end

data/lib/virtuaservices/oauth.rb

@@ -0,0 +1,7 @@
+module Virtuaservices
+  # This module holds the logic for the connection of an application to our API.
+  # @author Vincent Courtois <courtois.vincent@outlook.com>
+  module OAuth
+    autoload :Application, 'virtuaservices/oauth/application'
+  end
+end

data/lib/virtuaservices/oauth/application.rb

@@ -0,0 +1,33 @@
+module Virtuaservices
+  module OAuth
+    # An application is what is referred to in the OAuth2.0 RFC as a client, wanting to access private informations about the user.
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    class Application
+      include Mongoid::Document
+      include Mongoid::Timestamps
+
+      # @!attribute [rw] name
+      #   @return [String] the unique name of the application, mainly used to identify and display it.
+      field :name, type: String
+      # @!attribute [rw] key
+      #   @return [String] the unique key for the application, identifying it when requesting a token for the API.
+      field :key, type: String, default: ->{ SecureRandom.hex }
+      # @!attribute [rw] premium
+      #   @return [Boolean] a value indicating whether the application should automatically receive a token when an account is created, or not.
+      field :premium, type: Boolean, default: false
+
+      # @!attribute [rw] creator
+      #   @return [Virtuaservices::Account] the account that has created this application, considered its owner.
+      belongs_to :creator, class_name: 'Virtuaservices::Account', inverse_of: :applications
+
+      validates :name,
+        presence: {message: 'required'},
+        length: {minimum: 6, message: 'minlength'},
+        uniqueness: {message: 'uniq'}
+
+      validates :key,
+        presence: {message: 'required'},
+        uniqueness: {message: 'uniq'}
+    end
+  end
+end

data/lib/virtuaservices/permissions.rb

@@ -0,0 +1,10 @@
+module Virtuaservices
+  # This module holds the logic for all the classes concerning the permissions abd rights for the user.
+  # A permission is restricting the access to one or several features to the users having it.
+  # @author Vincent Courtois <courtois.vincent@outlook.com>
+  module Permissions
+    autoload :Right   , 'virtuaservices/permissions/right'
+    autoload :Group   , 'virtuaservices/permissions/group'
+    autoload :Category, 'virtuaservices/permissions/category'
+  end
+end

data/lib/virtuaservices/permissions/category.rb

@@ -0,0 +1,15 @@
+module Virtuaservices
+  module Permissions
+    # A category of rights regroups one or several rights for convenience purposes.
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    class Category
+      include Mongoid::Document
+      include Mongoid::Timestamps
+      include Virtuaservices::Concerns::Sluggable
+
+      has_many :rights, class_name: 'Virtuaservices::Permissions::Right', inverse_of: :category
+
+      make_sluggable 'category'
+    end
+  end
+end

data/lib/virtuaservices/permissions/group.rb

@@ -0,0 +1,30 @@
+module Virtuaservices
+  module Permissions
+    # A group gathers one or several users to give them the same rights for conviniency purposes.
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    class Group
+      include Mongoid::Document
+      include Mongoid::Timestamps
+      include Virtuaservices::Concerns::Sluggable
+
+      # @!attribute [rw] is_default
+      #   @return [Boolean] a boolean indicating whether this group is given when a new user registered or not.
+      field :is_default, type: Boolean, default: false
+      # @!attribute [rw] is_superuser
+      #   @return [Boolean] a boolean indicating whether this group should have access to all groups and rights or not.
+      field :is_superuser, type: Boolean, default: false
+
+      # @!attribute [rw] accounts
+      #   @return [Array<Virtuaservices::Account>] the accounts having the rights granted by this group.
+      has_and_belongs_to_many :accounts, class_name: 'Virtuaservices::Account', inverse_of: :groups
+      # @!attribute [rw] rights
+      #   @return [Array<Virtuaservices::Permissions::Right>] the rights granted by belonging to this group.
+      has_and_belongs_to_many :rights, class_name: 'Virtuaservices::Permissions::Right', inverse_of: :groups
+      # @!attribute [rw] routes
+      #   @return [Array<Virtuaservices::Monitoring::Route>] the routes this group can access in the API.
+      has_and_belongs_to_many :routes, class_name: 'Virtuaservices::Monitoring::Route', inverse_of: :groups
+
+      make_sluggable 'group'
+    end
+  end
+end

data/lib/virtuaservices/permissions/right.rb

@@ -0,0 +1,19 @@
+module Virtuaservices
+  module Permissions
+    # A right is the access to one or several features in the application. It's applied to a group, and transitively to an account.
+    # @author Vincent Courtois <courtois;vincent@outlook.com>
+    class Right
+      include Mongoid::Document
+      include Mongoid::Timestamps
+      include Virtuaservices::Concerns::Sluggable
+
+      # @!attribute [rw] groups
+      #   @return [Array<Virtuaservices::Permissions::Group>] the groups granted with the permission to access features opened by this right.
+      has_and_belongs_to_many :groups, class_name: 'Virtuaservices::Permissions::Group', inverse_of: :rights
+
+      belongs_to :category, class_name: 'Virtuaservices::Permissions::Category', inverse_of: :rights
+
+      make_sluggable 'right'
+    end
+  end
+end

data/lib/virtuaservices/specs.rb

@@ -0,0 +1,89 @@
+module Virtuaservices
+  # This module holds all the logic for the specs tools for all micro services (shared examples and other things).
+  # @author Vincent Courtois <courtois.vincent@outlook.com>
+  module Specs
+
+    # Includes all the shared examples you could need, describing the basic behaviour of a route.
+    def self.include_shared_examples
+      RSpec.shared_examples 'a route' do |_verb, _path|
+        let(:verb) { _verb }
+        let(:path) { _path }
+
+        def do_request(parameters)
+          public_send verb.to_sym, path, ['get', 'delete'].include?(verb) ? parameters : parameters.to_json
+        end
+
+        describe 'common errors' do
+          describe 'bad request errors' do
+            describe 'no token error' do
+              before do
+                do_request({app_key: 'test_key'})
+              end
+              it 'Raises a bad request (400) error when the parameters don\'t contain the token of the gateway' do
+                expect(last_response.status).to be 400
+              end
+              it 'returns the correct response if the parameters do not contain a gateway token' do
+                expect(JSON.parse(last_response.body)).to eq({
+                  'status' => 400,
+                  'field' => 'token',
+                  'error' => 'required',
+                  'docs' => 'https://github.com/jdr-tools/wiki/wiki/Common-errors#gateway-token-not-given'
+                })
+              end
+            end
+            describe 'no application key error' do
+              before do
+                do_request({token: 'test_token'})
+              end
+              it 'Raises a bad request (400) error when the parameters don\'t contain the application key' do
+                expect(last_response.status).to be 400
+              end
+              it 'returns the correct response if the parameters do not contain a application key' do
+                expect(JSON.parse(last_response.body)).to eq({
+                  'status' => 400,
+                  'field' => 'app_key',
+                  'error' => 'required',
+                  'docs' => 'https://github.com/jdr-tools/wiki/wiki/Common-errors#application-key-not-given'
+                })
+              end
+            end
+          end
+          describe 'not_found errors' do
+            describe 'application not found' do
+              before do
+                do_request({token: 'test_token', app_key: 'another_key'})
+              end
+              it 'Raises a not found (404) error when the key doesn\'t belong to any application' do
+                expect(last_response.status).to be 404
+              end
+              it 'returns the correct body when the application doesn\'t exist' do
+                expect(JSON.parse(last_response.body)).to eq({
+                  'status' => 404,
+                  'field' => 'app_key',
+                  'error' => 'unknown',
+                  'docs' => 'https://github.com/jdr-tools/wiki/wiki/Common-errors#application-key-not-found'
+                })
+                end
+            end
+            describe 'gateway not found' do
+              before do
+                do_request({token: 'other_token', app_key: 'test_key'})
+              end
+              it 'Raises a not found (404) error when the gateway does\'nt exist' do
+                expect(last_response.status).to be 404
+              end
+              it 'returns the correct body when the gateway doesn\'t exist' do
+                expect(JSON.parse(last_response.body)).to eq({
+                  'status' => 404,
+                  'field' => 'token',
+                  'error' => 'unknown',
+                  'docs' => 'https://github.com/jdr-tools/wiki/wiki/Common-errors#gateway-token-not-found'
+                })
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/virtuaservices/utils.rb

@@ -0,0 +1,10 @@
+module Virtuaservices
+  # Utility classes for the different micro-services of the suite.
+  # @author Vincent Courtois <courtois.vincent@outlook.com>
+  module Utils
+    autoload :Controllers , 'virtuaservices/utils/controllers'
+    autoload :Errors      , 'virtuaservices/utils/errors'
+    autoload :Loaders     , 'virtuaservices/utils/loaders'
+    autoload :MicroService, 'virtuaservices/utils/micro_service'
+  end
+end

data/lib/virtuaservices/utils/controllers.rb

@@ -0,0 +1,8 @@
+module Arkaan
+  module Utils
+    module Controllers
+      autoload :Base   , 'arkaan/utils/controllers/base'
+      autoload :Checked, 'arkaan/utils/controllers/checked'
+    end
+  end
+end

data/lib/virtuaservices/utils/controllers/base.rb

@@ -0,0 +1,193 @@
+module Arkaan
+  module Utils
+    module Controllers
+      # Base controller to handle the standard error when accessing the API.
+      # @author Vincent Courtois <courtois.vincenet@outlook.com>
+      class Base < Sinatra::Base
+        register Sinatra::ConfigFile
+        helpers Sinatra::CustomLogger
+
+        configure do
+          set :logger, Logger.new(STDOUT)
+          logger.level = Logger::ERROR if ENV['RACK_ENV'] == 'test'
+        end
+
+        # Creates a premium route whithin the Sinatra application, and registers it in the database if it does not already exists.
+        # @param verb [String] the HTTP method used to create this route.
+        # @param path [String] the path, beginning with a /, of the route to create.
+        def self.declare_route(verb, path, options: {}, &block)
+          self.declare_route_with(verb, path, false, options, &block)
+        end
+
+        # Creates a non premium route whithin the Sinatra application, and registers it in the database if it does not already exists.
+        # @param verb [String] the HTTP method used to create this route.
+        # @param path [String] the path, beginning with a /, of the route to create.
+        def self.declare_premium_route(verb, path, options: {}, &block)
+          self.declare_route_with(verb, path, true, options, &block)
+        end
+
+        # Creates a route whithin the Sinatra application, and registers it in the database if it does not already exists.
+        # @param verb [String] the HTTP method used to create this route.
+        # @param path [String] the path, beginning with a /, of the route to create.
+        # @param premium [Boolean] TRUE to make the route premium, FALSE otherwise.
+        def self.declare_route_with(verb, path, premium, options, &block)
+          service = Arkaan::Utils::MicroService.instance.service
+          complete_path = "#{Arkaan::Utils::MicroService.instance.path}#{path == '/' ? '' : path}"
+
+          unless service.nil? || !service.routes.where(path: path, verb: verb).first.nil?
+            route = Arkaan::Monitoring::Route.create(path: path, verb: verb, premium: premium, service: service)
+            if !options.nil? && !options[:authenticated].nil?
+              route.update_attribute(:authenticated, false)
+            end
+            Arkaan::Permissions::Group.where(is_superuser: true).each do |group|
+              group.routes << route
+              group.save!
+            end
+          end
+          if premium
+            self.public_send(verb, complete_path) do
+              @sinatra_route = parse_current_route
+              if !@application.premium?
+                custom_error(403, 'common.app_key.forbidden')
+              end
+              instance_eval(&block)
+            end
+          else
+            logger.info "#{verb} #{complete_path}"
+            self.public_send(verb, complete_path, &block)
+          end
+        end
+
+        # Loads the errors configuration file from the config folder.
+        # @param file [String] send __FILE__
+        def self.load_errors_from(file)
+          config_file File.join(File.dirname(file), '..', 'config', 'errors.yml')
+        end
+
+        def before_checks
+          add_body_to_params
+
+          check_presence('token', 'app_key', route: 'common')
+
+          gateway = Arkaan::Monitoring::Gateway.where(token: params['token']).first
+          @application = Arkaan::OAuth::Application.where(key: params['app_key']).first
+          
+          if gateway.nil?
+            custom_error(404, 'common.token.unknown')
+          elsif @application.nil?
+            custom_error(404, 'common.app_key.unknown')
+          end
+        end
+
+        # Checks the presence of several fields given as parameters and halts the execution if it's not present.
+        # @param fields [Array<String>] an array of fields names to search in the parameters
+        # @param route [String] the name of the route you're requiring to put in the error message.
+        def check_presence(*fields, route:)
+          fields.each do |field|
+            custom_error(400, "#{route}.#{field}.required") if params[field].nil? || params[field] == ''
+          end
+        end
+
+        # Checks the presence of either fields given in parameters. It halts with an error only if ALL parameters are not given.
+        # @param fields [Array<String>] an array of fields names to search in the parameters
+        # @param route [String] the name of the route you're requiring to put in the error message.
+        # @param key [String] the key to search in the errors configuration file.
+        def check_either_presence(*fields, route:, key:)
+          fields.each do |field|
+            return true if !params[field].nil? && params[field] != ''
+          end
+          custom_error 400, "#{route}.#{key}.required"
+        end
+
+        # Checks if the session ID is given in the parameters and if the session exists.
+        # @param action [String] the action used to get the errors from the errors file.
+        # @return [Arkaan::Authentication::Session] the session when it exists.
+        def check_session(action)
+          check_presence('session_id', route: action)
+          session = Arkaan::Authentication::Session.where(token: params['session_id']).first
+          if session.nil?
+            custom_error(404, "#{action}.session_id.unknown")
+          end
+          return session
+        end
+
+        def check_application(action)
+          check_presence('app_key', route: action)
+          application = Arkaan::OAuth::Application.where(key: params['app_key']).first
+          custom_error(404, "#{action}.app_key.unknown") if application.nil?
+          return application
+        end
+
+        # Adds the parsed body to the parameters, overwriting the parameters of the querystring with the values
+        # of the SON body if they have similar keys.
+        def add_body_to_params
+          if request.body.respond_to?(:rewind) && request.body.respond_to?(:read)
+            request.body.rewind 
+            parsed_body = JSON.parse(request.body.read.to_s) rescue {}
+            parsed_body.keys.each do |key|
+              params[key] = parsed_body[key]
+            end
+          end
+        end
+
+        # Gets the current route in the database from the sinatra route.
+        # @return [Arkaan::Monitoring::Route] the route declared in the services registry.
+        def parse_current_route
+          splitted = request.env['sinatra.route'].split(' ')
+          return Arkaan::Monitoring::Route.where(verb: splitted.first.downcase, path: splitted.last).first
+        end
+
+        # Halts the application and creates the returned body from the parameters and the errors config file.
+        # @param status [Integer] the HTTP status to halt the application with.
+        # @param path [String] the path in the configuration file to access the URL.
+        def custom_error(status, path)
+          route, field, error = path.split('.')
+          docs = settings.errors[route][field][error] rescue ''
+          halt status, {status: status, field: field, error: error, docs: docs}.to_json
+        end
+
+        # Halts the application with a Bad Request error affecting a field of a model.
+        # @param instance [Mongoid::Document] the document having a field in error.
+        # @param route [String] the type of action you're currently doing (e.g: 'creation')
+        def model_error(instance, route)
+          messages = instance.errors.messages
+          field = messages.keys.first
+          custom_error(400, "#{route}.#{field}.#{messages[field].first}")
+        end
+
+        # Select parameters in the params hash, by its keys.
+        # @param fields [Array<String>] the keys to select in the params hash.
+        # @return [Hash] the selected chunk of the params hash.
+        def select_params(*fields)
+          return params.select { |key, value| fields.include?(key) }
+        end
+
+        # Creates a custom error from an existing Arkaan exception class.
+        # @param exception {StandardError} the exception to transform in a usable error.
+        def handle_arkaan_exception(exception)
+          custom_error(exception.status, "#{exception.action}.#{exception.field}.#{exception.error}")
+        end
+
+        error Arkaan::Utils::Errors::BadRequest do |exception|
+          handle_arkaan_exception(exception)
+        end
+
+        error Arkaan::Utils::Errors::Forbidden do |exception|
+          handle_arkaan_exception(exception)
+        end
+
+        error Arkaan::Utils::Errors::NotFound do |exception|
+          handle_arkaan_exception(exception)
+        end
+
+        error Arkaan::Factories::Errors::GatewayNotFound do |exception|
+          handle_arkaan_exception(exception)
+        end
+
+        error StandardError do |exception|
+          custom_error(500, 'system_error.unknown_field.unknown_error')
+        end
+      end
+    end
+  end
+end