xolo-server 1.0.1 → 2.0.2

data/lib/xolo/core/security_cmd.rb

@@ -0,0 +1,128 @@
+# Copyright 2025 Pixar
+#
+#    Licensed under the terms set forth in the LICENSE.txt file available at
+#    at the root of this project.
+#
+#
+
+# frozen_string_literal: true
+
+# main module
+module Xolo
+
+  module Core
+
+    # Personal credentials for users of 'xadm', stored in the login keychain
+    #
+    module SecurityCmd
+
+      # Constants
+      ##############################
+      ##############################
+
+      # The security command
+      SEC_COMMAND = '/usr/bin/security'
+
+      # exit status when the login keychain can't be accessed because we aren't in a GUI session
+      SEC_STATUS_NO_GUI_ERROR = 36
+
+      # exit status when the keychain password provided is incorrect
+      SEC_STATUS_AUTH_ERROR = 51
+
+      # exit status when the desired item isn't found in the keychain
+      SEC_STATUS_NOT_FOUND_ERROR = 44
+
+      # Module methods
+      ##############################
+      ##############################
+
+      # when this module is included
+      def self.included(includer)
+        Xolo.verbose_include includer, self
+      end
+
+      # Instance Methods
+      ##########################
+      ##########################
+
+      # Run the security command in interactive mode on a given keychain,
+      # passing in a subcommand and its arguments. so that they don't appear in the
+      # `ps` output
+      #
+      # @param cmd [String] the subcommand being passed to 'security' with
+      #   all needed options. It will not be visible outide this process, so
+      #   its OK to put passwords into the options.
+      #
+      # @return [String] the stdout of the 'security' command.
+      #
+      ######
+      def run_security(cmd)
+        output = Xolo::BLANK
+        errs = Xolo::BLANK
+
+        Open3.popen3("#{SEC_COMMAND} -i") do |stdin, stdout, stderr, wait_thr|
+          # pid = wait_thr.pid # pid of the started process.
+          stdin.puts cmd
+          stdin.close
+
+          output = stdout.read
+          errs = stderr.read
+
+          @security_exit_status = wait_thr.value # Process::Status object returned.
+        end
+
+        # exit 44 is 'The specified item could not be found in the keychain'
+        return output.chomp if @security_exit_status.success?
+
+        case @security_exit_status.exitstatus
+        when SEC_STATUS_AUTH_ERROR
+          raise Xolo::KeychainError, 'Problem accessing login keychain. Is it locked?'
+
+        when SEC_STATUS_NOT_FOUND_ERROR
+          raise Xolo::NoSuchItemError, "No xolo admin password. Please run 'xadm config'"
+
+        else
+          errs.chomp!
+          errs =~ /: returned\s+(-?\d+)$/
+          errnum = Regexp.last_match(1)
+          desc = errnum ? security_error_desc(errnum) : errs
+          desc ||= errs
+          raise Xolo::KeychainError, "#{desc.gsub("\n", '; ')}; exit status #{@security_exit_status.exitstatus}"
+        end # case
+      end # run_security
+
+      # use `security error` to get a description of an error number
+      ##############
+      def security_error_desc(num)
+        desc = `#{SEC_COMMAND} error #{num}`
+        return if desc.include?('unknown error')
+
+        desc.chomp.split(num).last
+      rescue
+        nil
+      end
+
+      # given a string, wrap it in single quotes and escape internal single quotes
+      # and backslashes so it can be used in the interactive 'security' command
+      #
+      # @param str[String] the string to escape
+      #
+      # @return [String] the escaped string
+      ###################
+      def security_escape(str)
+        # first escape backslashes
+        str = str.to_s.gsub '\\', '\\\\\\'
+
+        # then single quotes
+        str.gsub! "'", "\\\\'"
+
+        # if other things need escaping, add them here
+
+        "'#{str}'"
+      end # security_escape
+
+    end # module Prefs
+
+  end # module Admin
+
+end # module Xolo

data/lib/xolo/core/version.rb

@@ -12,7 +12,7 @@ module Xolo
 
     module Version
 
-      VERSION = '1.0.1'.freeze
+      VERSION = '2.0.2'.freeze
 
     end
 

data/lib/xolo/core.rb

@@ -39,6 +39,7 @@ module Xolo
 end # module Xolo
 
 require 'xolo/core/json_wrappers'
+require 'xolo/core/security_cmd'
 require 'xolo/core/base_classes/configuration'
 require 'xolo/core/base_classes/server_object'
 require 'xolo/core/base_classes/title'

data/lib/xolo/server/app.rb

@@ -19,6 +19,7 @@ module Xolo
       ##############################
       ##############################
 
+      # register Sinatra extensions - this 'extends' the app class with the extension's methods
       register Xolo::Server::Routes
       register Xolo::Server::Routes::Auth
       register Xolo::Server::Routes::Maint
@@ -27,9 +28,13 @@ module Xolo
       register Xolo::Server::Routes::Titles
       register Xolo::Server::Routes::Versions
       register Xolo::Server::Routes::Uploads
+      register Xolo::Server::Routes::Subscriptions
 
+      # include helper modules - this 'includes' the app class with the helper module's methods
+      # making them available as instance methods in routes and views
       helpers Xolo::Core::Constants
       helpers Xolo::Core::JSONWrappers
+      helpers Xolo::Core::SecurityCmd
       helpers Xolo::Server::Helpers::Log
       helpers Xolo::Server::Helpers::Notification
       helpers Xolo::Server::Helpers::Auth
@@ -41,7 +46,9 @@ module Xolo
       helpers Xolo::Server::Helpers::PkgSigning
       helpers Xolo::Server::Helpers::ProgressStreaming
       helpers Xolo::Server::Helpers::ClientData
+      helpers Xolo::Server::Helpers::Subscriptions
       helpers Xolo::Server::Helpers::Maintenance
+      helpers Xolo::Server::Helpers::AutoPkg
 
       # Sinatra setup
       ##############################