Page Menu
Home
GRNET
Search
Configure Global Search
Log In
Files
F1090760
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Wed, Oct 15, 11:26 AM
Size
31 KB
Mime Type
text/x-diff
Expires
Fri, Oct 17, 11:26 AM (1 d, 14 h)
Engine
blob
Format
Raw Data
Handle
280146
Attached To
rARCHIVING archiving
View Options
diff --git a/app/controllers/hosts_controller.rb b/app/controllers/hosts_controller.rb
index ac74a94..eb05f8d 100644
--- a/app/controllers/hosts_controller.rb
+++ b/app/controllers/hosts_controller.rb
@@ -1,171 +1,176 @@
class HostsController < ApplicationController
before_action :require_logged_in
before_action :fetch_host, only: [:show, :edit, :update, :destroy, :submit_config,
:revoke, :disable]
before_action :fetch_hosts_of_user, only: [:new, :edit, :create]
# GET /hosts/new
def new
@host = Host.new
@host.port = 9102
end
# POST /hosts
def create
@host = Host.new(fetch_params)
set_host_type
@host.verified = !@host.institutional?
if user_can_add_this_host? && @host.save
flash[:success] = 'Host created successfully'
current_user.hosts << @host
UserMailer.notify_admin(current_user, @host.fqdn).deliver
redirect_to host_path @host
else
flash[:error] = 'Host was not created'
render :new
end
end
# GET /hosts/1
def show
@schedules = @host.job_templates.map(&:schedule)
@filesets = @host.job_templates.map(&:fileset)
end
# GET /hosts/1/edit
def edit; end
# PATCH /hosts/1
def update
updates = fetch_params.slice(:port, :password)
if updates.present? && @host.update_attributes(updates)
@host.recalculate if @host.bacula_ready?
flash[:success] = 'Host updated successfully. You must update your file deamon accordingly.'
redirect_to host_path @host
else
render :edit
end
end
# DELETE /hosts/1
def destroy
if @host.destroy
flash[:success] = 'Host destroyed successfully'
else
flash[:error] = 'Host not destroyed'
end
redirect_to root_path
end
# POST /hosts/1/disable
def disable
if @host.disable_jobs_and_update
flash[:success] = 'Client disabled'
else
flash[:error] = 'Something went wrong, try again later'
end
redirect_to host_path(@host)
end
# POST /hosts/1/submit_config
def submit_config
if @host.dispatch_to_bacula
flash[:success] = 'Host configuration sent to Bacula successfully'
else
flash[:error] = 'Something went wrong, try again later'
end
redirect_to host_path(@host)
end
# DELETE /hosts/1/revoke
def revoke
if @host.remove_from_bacula
flash[:success] = 'Host configuration removed from Bacula successfully'
else
flash[:error] = 'Something went wrong, try again later'
end
redirect_to root_path
end
# GET /hosts/fetch_vima_hosts
def fetch_vima_hosts
if params[:code].blank?
return redirect_to client.auth_code.authorize_url(:redirect_uri => redirect_uri,
scope: 'read')
end
access_token = client.auth_code.get_token(
params['code'],
{ :redirect_uri => redirect_uri },
{ :mode => :query, :param_name => "access_token", :header_format => "" }
)
vms = access_token.get(
'https://vima.grnet.gr/instances/list?tag=vima:service:archiving',
{ mode: :query, param_name: 'access_token' }
).parsed.deep_symbolize_keys[:response][:instances]
session[:vms] = vms.first(50)
+
+ current_user.temp_hosts = vms
+ current_user.hosts_updated_at = Time.now
+ current_user.save
+
Host.where(fqdn: vms).each do |host|
host.users << current_user unless host.users.include?(current_user)
end
redirect_to new_host_path
end
private
def client
OAuth2::Client.new(
Rails.application.secrets.oauth2_vima_client_id,
Rails.application.secrets.oauth2_vima_secret,
site: 'https://vima.grnet.gr',
token_url: "/o/token",
authorize_url: "/o/authorize",
:ssl => {:ca_path => "/etc/ssl/certs"}
)
end
def redirect_uri
uri = URI.parse(request.url)
uri.scheme = 'https' unless Rails.env.development?
uri.path = '/hosts/fetch_vima_hosts'
uri.query = nil
uri.to_s
end
def fetch_hosts_of_user
return if not current_user.needs_host_list?
@hosts_of_user = session[:vms] - current_user.hosts.pluck(:fqdn)
end
def fetch_host
@host = current_user.hosts.includes(job_templates: [:fileset, :schedule]).find(params[:id])
end
def fetch_params
params.require(:host).permit(:fqdn, :port, :password)
end
def user_can_add_this_host?
!current_user.needs_host_list? || @hosts_of_user.include?(@host.fqdn)
end
def set_host_type
@host.origin = if current_user.vima?
:vima
elsif current_user.okeanos?
:okeanos
else
:institutional
end
end
end
diff --git a/app/models/user.rb b/app/models/user.rb
index 4a658c1..8684a93 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,120 +1,122 @@
class User < ActiveRecord::Base
attr_accessor :password, :retype_password
+ serialize :temp_hosts, JSON
+
has_many :ownerships
has_many :hosts, through: :ownerships, inverse_of: :users
has_many :invitations
enum user_type: { institutional: 0, vima: 1, okeanos: 2, admin: 3 }
validates :user_type, presence: true
validates :username, presence: true, uniqueness: { scope: :user_type }
validates :email, presence: true, uniqueness: { scope: :user_type }
before_create :confirm_passwords, if: :admin?
# Returns an admin user with the given password
#
# @param username[String] username from user input
# @param a_password[String] password from user input
#
# @return [User] the admin user or nil
def self.fetch_admin_with_password(username, a_password)
hashed_pass = Digest::SHA256.hexdigest(a_password + Rails.application.secrets.salt)
admin = User.admin.find_by_username_and_password_hash(username, hashed_pass)
admin
end
# Composes the user's display name from the user's username and email
#
# @return [String]
def display_name
"#{username} <#{email}>"
end
# Determines if the user must select hosts from a list or enter their
# FQDN manually
#
# @return [Boolean]
def needs_host_list?
vima? || okeanos?
end
# Determines if the user is editable or not.
# Editable users are only admin users, all others come from 3rd party authorization
#
# @return [Boolean]
def editable?
admin?
end
# Marks a user as not enabled
def ban
self.enabled = false
save
end
# Marks a user as enabled
def unban
self.enabled = true
save
end
# Stores a hashed password as a password_hash
#
# @param a_password[String] the user submitted password
#
# @return [Boolean] the save exit status
def add_password(a_password)
self.password_hash = Digest::SHA256.hexdigest(a_password + Rails.application.secrets.salt)
self.save
end
# Fetches the user's unverified hosts
#
# @return [Array] of Strings containing the hosts' names
def unverified_hosts
hosts.unverified.pluck(:name)
end
# Fetches the user's hosts that are being backed up by bacula
#
# @return [Array] of Strings configuration the host's names
def baculized_hosts
hosts.in_bacula.pluck(:name)
end
# Fetches the user's hosts that are NOT being backed up by bacula
#
# @return [Array] of Strings configuration the host's names
def non_baculized_hosts
hosts.not_baculized.pluck(:name)
end
# Determines if a vima user needs to update his hosts' list
#
# @return [Boolean]
def refetch_hosts?
return false unless vima?
return true if hosts_updated_at.nil?
hosts_updated_at < Archiving.settings[:skip_host_fetch_time_period].ago
end
private
def confirm_passwords
if password.blank?
self.errors.add(:password, 'Must give a password')
return false
end
if password != retype_password
self.errors.add(:password, 'Passwords mismatch')
self.errors.add(:retype_password, 'Passwords mismatch')
return false
end
true
end
end
diff --git a/db/migrate/20160131105935_add_temp_hosts_to_user.rb b/db/migrate/20160131105935_add_temp_hosts_to_user.rb
new file mode 100644
index 0000000..f4015dc
--- /dev/null
+++ b/db/migrate/20160131105935_add_temp_hosts_to_user.rb
@@ -0,0 +1,9 @@
+class AddTempHostsToUser < ActiveRecord::Migration
+ def up
+ add_column :users, :temp_hosts, :string, default: [].to_json
+ end
+
+ def down
+ remove_column :users, :temp_hosts
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 7a28564..865db40 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1,439 +1,440 @@
# encoding: UTF-8
# This file is auto-generated from the current state of the database. Instead
# of editing this file, please use the migrations feature of Active Record to
# incrementally modify your database, and then regenerate this schema definition.
#
# Note that this schema.rb definition is the authoritative source for your
# database schema. If you need to create the application database on another
# system, you should be using db:schema:load, not running all the migrations
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
# you'll amass, the slower it'll run and the greater likelihood for issues).
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20160125170032) do
+ActiveRecord::Schema.define(version: 20160131105935) do
create_table "BaseFiles", primary_key: "BaseId", force: true do |t|
t.integer "BaseJobId", null: false
t.integer "JobId", null: false
t.integer "FileId", limit: 8, null: false
t.integer "FileIndex"
end
add_index "BaseFiles", ["JobId"], name: "basefiles_jobid_idx", using: :btree
create_table "CDImages", primary_key: "MediaId", force: true do |t|
t.datetime "LastBurn", null: false
end
create_table "Client", primary_key: "ClientId", force: true do |t|
t.binary "Name", limit: 255, null: false
t.binary "Uname", limit: 255, null: false
t.integer "AutoPrune", limit: 1, default: 0
t.integer "FileRetention", limit: 8, default: 0
t.integer "JobRetention", limit: 8, default: 0
end
add_index "Client", ["Name"], name: "Name", unique: true, length: {"Name"=>128}, using: :btree
create_table "Counters", id: false, force: true do |t|
t.binary "Counter", limit: 255, null: false
t.integer "MinValue", default: 0
t.integer "MaxValue", default: 0
t.integer "CurrentValue", default: 0
t.binary "WrapCounter", limit: 255, null: false
end
create_table "Device", primary_key: "DeviceId", force: true do |t|
t.binary "Name", limit: 255, null: false
t.integer "MediaTypeId", default: 0
t.integer "StorageId", default: 0
t.integer "DevMounts", default: 0
t.integer "DevReadBytes", limit: 8, default: 0
t.integer "DevWriteBytes", limit: 8, default: 0
t.integer "DevReadBytesSinceCleaning", limit: 8, default: 0
t.integer "DevWriteBytesSinceCleaning", limit: 8, default: 0
t.integer "DevReadTime", limit: 8, default: 0
t.integer "DevWriteTime", limit: 8, default: 0
t.integer "DevReadTimeSinceCleaning", limit: 8, default: 0
t.integer "DevWriteTimeSinceCleaning", limit: 8, default: 0
t.datetime "CleaningDate"
t.integer "CleaningPeriod", limit: 8, default: 0
end
create_table "File", primary_key: "FileId", force: true do |t|
t.integer "FileIndex", default: 0
t.integer "JobId", null: false
t.integer "PathId", null: false
t.integer "FilenameId", null: false
t.integer "DeltaSeq", limit: 2, default: 0
t.integer "MarkId", default: 0
t.binary "LStat", limit: 255, null: false
t.binary "MD5", limit: 255
end
add_index "File", ["JobId", "PathId", "FilenameId"], name: "JobId_2", using: :btree
add_index "File", ["JobId"], name: "JobId", using: :btree
create_table "FileSet", primary_key: "FileSetId", force: true do |t|
t.binary "FileSet", limit: 255, null: false
t.binary "MD5", limit: 255
t.datetime "CreateTime"
end
create_table "Filename", primary_key: "FilenameId", force: true do |t|
t.binary "Name", null: false
end
add_index "Filename", ["Name"], name: "Name", length: {"Name"=>255}, using: :btree
create_table "Job", primary_key: "JobId", force: true do |t|
t.binary "Job", limit: 255, null: false
t.binary "Name", limit: 255, null: false
t.binary "Type", limit: 1, null: false
t.binary "Level", limit: 1, null: false
t.integer "ClientId", default: 0
t.binary "JobStatus", limit: 1, null: false
t.datetime "SchedTime"
t.datetime "StartTime"
t.datetime "EndTime"
t.datetime "RealEndTime"
t.integer "JobTDate", limit: 8, default: 0
t.integer "VolSessionId", default: 0
t.integer "VolSessionTime", default: 0
t.integer "JobFiles", default: 0
t.integer "JobBytes", limit: 8, default: 0
t.integer "ReadBytes", limit: 8, default: 0
t.integer "JobErrors", default: 0
t.integer "JobMissingFiles", default: 0
t.integer "PoolId", default: 0
t.integer "FileSetId", default: 0
t.integer "PriorJobId", default: 0
t.integer "PurgedFiles", limit: 1, default: 0
t.integer "HasBase", limit: 1, default: 0
t.integer "HasCache", limit: 1, default: 0
t.integer "Reviewed", limit: 1, default: 0
t.binary "Comment"
end
add_index "Job", ["Name"], name: "Name", length: {"Name"=>128}, using: :btree
create_table "JobHisto", id: false, force: true do |t|
t.integer "JobId", null: false
t.binary "Job", limit: 255, null: false
t.binary "Name", limit: 255, null: false
t.binary "Type", limit: 1, null: false
t.binary "Level", limit: 1, null: false
t.integer "ClientId", default: 0
t.binary "JobStatus", limit: 1, null: false
t.datetime "SchedTime"
t.datetime "StartTime"
t.datetime "EndTime"
t.datetime "RealEndTime"
t.integer "JobTDate", limit: 8, default: 0
t.integer "VolSessionId", default: 0
t.integer "VolSessionTime", default: 0
t.integer "JobFiles", default: 0
t.integer "JobBytes", limit: 8, default: 0
t.integer "ReadBytes", limit: 8, default: 0
t.integer "JobErrors", default: 0
t.integer "JobMissingFiles", default: 0
t.integer "PoolId", default: 0
t.integer "FileSetId", default: 0
t.integer "PriorJobId", default: 0
t.integer "PurgedFiles", limit: 1, default: 0
t.integer "HasBase", limit: 1, default: 0
t.integer "HasCache", limit: 1, default: 0
t.integer "Reviewed", limit: 1, default: 0
t.binary "Comment"
end
add_index "JobHisto", ["JobId"], name: "JobId", using: :btree
add_index "JobHisto", ["StartTime"], name: "StartTime", using: :btree
create_table "JobMedia", primary_key: "JobMediaId", force: true do |t|
t.integer "JobId", null: false
t.integer "MediaId", null: false
t.integer "FirstIndex", default: 0
t.integer "LastIndex", default: 0
t.integer "StartFile", default: 0
t.integer "EndFile", default: 0
t.integer "StartBlock", default: 0
t.integer "EndBlock", default: 0
t.integer "VolIndex", default: 0
end
add_index "JobMedia", ["JobId", "MediaId"], name: "JobId", using: :btree
create_table "Location", primary_key: "LocationId", force: true do |t|
t.binary "Location", limit: 255, null: false
t.integer "Cost", default: 0
t.integer "Enabled", limit: 1
end
create_table "LocationLog", primary_key: "LocLogId", force: true do |t|
t.datetime "Date"
t.binary "Comment", null: false
t.integer "MediaId", default: 0
t.integer "LocationId", default: 0
t.string "NewVolStatus", limit: 9, null: false
t.integer "NewEnabled", limit: 1
end
create_table "Log", primary_key: "LogId", force: true do |t|
t.integer "JobId", default: 0
t.datetime "Time"
t.binary "LogText", null: false
end
add_index "Log", ["JobId"], name: "JobId", using: :btree
create_table "Media", primary_key: "MediaId", force: true do |t|
t.binary "VolumeName", limit: 255, null: false
t.integer "Slot", default: 0
t.integer "PoolId", default: 0
t.binary "MediaType", limit: 255, null: false
t.integer "MediaTypeId", default: 0
t.integer "LabelType", limit: 1, default: 0
t.datetime "FirstWritten"
t.datetime "LastWritten"
t.datetime "LabelDate"
t.integer "VolJobs", default: 0
t.integer "VolFiles", default: 0
t.integer "VolBlocks", default: 0
t.integer "VolMounts", default: 0
t.integer "VolBytes", limit: 8, default: 0
t.integer "VolParts", default: 0
t.integer "VolErrors", default: 0
t.integer "VolWrites", default: 0
t.integer "VolCapacityBytes", limit: 8, default: 0
t.string "VolStatus", limit: 9, null: false
t.integer "Enabled", limit: 1, default: 1
t.integer "Recycle", limit: 1, default: 0
t.integer "ActionOnPurge", limit: 1, default: 0
t.integer "VolRetention", limit: 8, default: 0
t.integer "VolUseDuration", limit: 8, default: 0
t.integer "MaxVolJobs", default: 0
t.integer "MaxVolFiles", default: 0
t.integer "MaxVolBytes", limit: 8, default: 0
t.integer "InChanger", limit: 1, default: 0
t.integer "StorageId", default: 0
t.integer "DeviceId", default: 0
t.integer "MediaAddressing", limit: 1, default: 0
t.integer "VolReadTime", limit: 8, default: 0
t.integer "VolWriteTime", limit: 8, default: 0
t.integer "EndFile", default: 0
t.integer "EndBlock", default: 0
t.integer "LocationId", default: 0
t.integer "RecycleCount", default: 0
t.datetime "InitialWrite"
t.integer "ScratchPoolId", default: 0
t.integer "RecyclePoolId", default: 0
t.binary "Comment"
end
add_index "Media", ["PoolId"], name: "PoolId", using: :btree
add_index "Media", ["VolumeName"], name: "VolumeName", unique: true, length: {"VolumeName"=>128}, using: :btree
create_table "MediaType", primary_key: "MediaTypeId", force: true do |t|
t.binary "MediaType", limit: 255, null: false
t.integer "ReadOnly", limit: 1, default: 0
end
create_table "Path", primary_key: "PathId", force: true do |t|
t.binary "Path", null: false
end
add_index "Path", ["Path"], name: "Path", length: {"Path"=>255}, using: :btree
create_table "PathHierarchy", primary_key: "PathId", force: true do |t|
t.integer "PPathId", null: false
end
add_index "PathHierarchy", ["PPathId"], name: "pathhierarchy_ppathid", using: :btree
create_table "PathVisibility", id: false, force: true do |t|
t.integer "PathId", null: false
t.integer "JobId", null: false
t.integer "Size", limit: 8, default: 0
t.integer "Files", default: 0
end
add_index "PathVisibility", ["JobId"], name: "pathvisibility_jobid", using: :btree
create_table "Pool", primary_key: "PoolId", force: true do |t|
t.binary "Name", limit: 255, null: false
t.integer "NumVols", default: 0
t.integer "MaxVols", default: 0
t.integer "UseOnce", limit: 1, default: 0
t.integer "UseCatalog", limit: 1, default: 0
t.integer "AcceptAnyVolume", limit: 1, default: 0
t.integer "VolRetention", limit: 8, default: 0
t.integer "VolUseDuration", limit: 8, default: 0
t.integer "MaxVolJobs", default: 0
t.integer "MaxVolFiles", default: 0
t.integer "MaxVolBytes", limit: 8, default: 0
t.integer "AutoPrune", limit: 1, default: 0
t.integer "Recycle", limit: 1, default: 0
t.integer "ActionOnPurge", limit: 1, default: 0
t.string "PoolType", limit: 9, null: false
t.integer "LabelType", limit: 1, default: 0
t.binary "LabelFormat", limit: 255
t.integer "Enabled", limit: 1, default: 1
t.integer "ScratchPoolId", default: 0
t.integer "RecyclePoolId", default: 0
t.integer "NextPoolId", default: 0
t.integer "MigrationHighBytes", limit: 8, default: 0
t.integer "MigrationLowBytes", limit: 8, default: 0
t.integer "MigrationTime", limit: 8, default: 0
end
add_index "Pool", ["Name"], name: "Name", unique: true, length: {"Name"=>128}, using: :btree
create_table "RestoreObject", primary_key: "RestoreObjectId", force: true do |t|
t.binary "ObjectName", null: false
t.binary "RestoreObject", limit: 2147483647, null: false
t.binary "PluginName", limit: 255, null: false
t.integer "ObjectLength", default: 0
t.integer "ObjectFullLength", default: 0
t.integer "ObjectIndex", default: 0
t.integer "ObjectType", default: 0
t.integer "FileIndex", default: 0
t.integer "JobId", null: false
t.integer "ObjectCompression", default: 0
end
add_index "RestoreObject", ["JobId"], name: "JobId", using: :btree
create_table "Status", primary_key: "JobStatus", force: true do |t|
t.binary "JobStatusLong"
t.integer "Severity"
end
create_table "Storage", primary_key: "StorageId", force: true do |t|
t.binary "Name", limit: 255, null: false
t.integer "AutoChanger", limit: 1, default: 0
end
create_table "UnsavedFiles", primary_key: "UnsavedId", force: true do |t|
t.integer "JobId", null: false
t.integer "PathId", null: false
t.integer "FilenameId", null: false
end
create_table "Version", id: false, force: true do |t|
t.integer "VersionId", null: false
end
create_table "configuration_settings", force: true do |t|
t.string "job", default: "{}"
t.string "client", default: "{}"
t.datetime "created_at"
t.datetime "updated_at"
t.string "pool", default: "{}"
end
create_table "filesets", force: true do |t|
t.string "name"
t.integer "host_id"
t.text "exclude_directions"
t.text "include_directions"
t.datetime "created_at"
t.datetime "updated_at"
end
add_index "filesets", ["host_id"], name: "index_filesets_on_host_id", using: :btree
create_table "hosts", force: true do |t|
t.binary "name", limit: 255, null: false
t.binary "fqdn", limit: 255, null: false
t.integer "port", null: false
t.integer "file_retention", null: false
t.integer "job_retention", null: false
t.datetime "created_at"
t.datetime "updated_at"
t.string "password"
t.boolean "baculized", default: false, null: false
t.datetime "baculized_at"
t.integer "status", limit: 1, default: 0
t.integer "client_id"
t.boolean "verified", default: false
t.datetime "verified_at"
t.integer "verifier_id"
t.string "job_retention_period_type"
t.string "file_retention_period_type"
t.integer "origin", limit: 1
end
add_index "hosts", ["name"], name: "index_hosts_on_name", unique: true, length: {"name"=>128}, using: :btree
create_table "invitations", force: true do |t|
t.integer "user_id"
t.integer "host_id"
t.string "verification_code"
t.datetime "created_at"
t.datetime "updated_at"
end
add_index "invitations", ["user_id", "verification_code"], name: "index_invitations_on_user_id_and_verification_code", using: :btree
create_table "job_templates", force: true do |t|
t.string "name", null: false
t.integer "job_type", limit: 1
t.integer "host_id"
t.integer "fileset_id"
t.integer "schedule_id"
t.datetime "created_at"
t.datetime "updated_at"
t.boolean "enabled", default: false
t.binary "restore_location"
t.boolean "baculized", default: false
t.datetime "baculized_at"
t.string "client_before_run_file"
t.string "client_after_run_file"
end
create_table "ownerships", force: true do |t|
t.integer "user_id"
t.integer "host_id"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "schedule_runs", force: true do |t|
t.integer "schedule_id"
t.integer "level", limit: 1
t.string "month"
t.string "day"
t.string "time"
t.datetime "created_at"
t.datetime "updated_at"
end
add_index "schedule_runs", ["schedule_id"], name: "index_schedule_runs_on_schedule_id", using: :btree
create_table "schedules", force: true do |t|
t.string "name"
t.string "runs"
t.integer "host_id"
end
add_index "schedules", ["host_id"], name: "index_schedules_on_host_id", using: :btree
create_table "users", force: true do |t|
t.string "username", null: false
t.string "email"
t.integer "user_type", limit: 1, null: false
t.boolean "enabled", default: false
t.datetime "created_at"
t.datetime "updated_at"
t.string "identifier"
t.string "password_hash"
t.datetime "login_at"
t.datetime "hosts_updated_at"
+ t.string "temp_hosts", default: "[]"
end
add_index "users", ["identifier"], name: "index_users_on_identifier", using: :btree
add_index "users", ["password_hash"], name: "index_users_on_password_hash", using: :btree
end
diff --git a/lib/peter/strategies/vima.rb b/lib/peter/strategies/vima.rb
index aee263e..b53d230 100644
--- a/lib/peter/strategies/vima.rb
+++ b/lib/peter/strategies/vima.rb
@@ -1,122 +1,123 @@
## -*- encoding : utf-8 -*-
require 'oauth2'
Warden::Strategies.add(:vima) do
Key = Rails.application.secrets.oauth2_vima_client_id
Secret = Rails.application.secrets.oauth2_vima_secret
def valid?
params['vima'] || params['error'] || params['code']
end
def client
OAuth2::Client.new(
Key,
Secret,
site: 'https://vima.grnet.gr',
token_url: "/o/token",
authorize_url: "/o/authorize",
:ssl => {:ca_path => "/etc/ssl/certs"}
)
end
def redirect_uri
uri = URI.parse(request.url)
uri.scheme = 'https' unless Rails.env.development?
uri.path = '/vima'
uri.query = nil
uri.to_s
end
def redirect_to_vima
redirect! client.auth_code.authorize_url(:redirect_uri => redirect_uri, scope: 'read')
end
def authenticate!
if !Archiving::settings[:vima_oauth_enabled]
return fail!("ViMa is temporarily disabled")
end
if params['error']
Rails.logger.warn("WARDEN: ERROR #{params['error']}")
return fail!("ViMa log in failed: #{params['error']}")
end
return redirect_to_vima if params['vima']
access_token = client.auth_code.get_token(
params['code'],
{ :redirect_uri => redirect_uri },
{ :mode => :query, :param_name => "access_token", :header_format => "" })
user_data = access_token.get(
'https://vima.grnet.gr/user/details',
{ mode: :query, param_name: 'access_token' }
).parsed.deep_symbolize_keys
if [user_data[:username], user_data[:email], user_data[:id]].any?(&:blank?)
return fail!("ViMa login failed: no user data")
end
###### TBR
# temporary, for user migration
user = User.find_or_initialize_by(username: user_data[:username],
email: user_data[:email])
user.identifier = "vima:#{user_data[:id]}"
######
# actual implementation
#user = User.find_or_initialize_by(identifier: user_data[:identifier])
if !user.enabled? && user.persisted?
return fail!('Service not available')
end
user.login_at = Time.now
if user.new_record?
user.enabled = true
# TBR
user.identifier = "vima:#{user_data[:id]}"
user.vima!
else
user.save!
end
if user.refetch_hosts?
vms = fetch_vms(access_token)[:response][:instances]
user.hosts_updated_at = Time.now
+ user.temp_hosts = vms
user.save
end
- vms ||= user.hosts.pluck(:fqdn)
+ vms ||= (user.temp_hosts + user.hosts.pluck(:fqdn)).uniq
assign_vms(user, vms)
success!(user)
end
def fetch_vms(access_token)
Rails.logger.warn("ViMa: fetching vms")
vms = access_token.get(
'https://vima.grnet.gr/instances/list?tag=vima:service:archiving',
{ mode: :query, param_name: 'access_token' }
).parsed.deep_symbolize_keys
if vms[:response][:errors] != false
Rails.logger.warn("ViMa: errors on instances/list response for user #{vms[:user][:username]}")
end
vms
end
def assign_vms(user, vms)
Rails.logger.warn("ViMa: user: #{user.username}")
Rails.logger.warn("ViMa: vms: #{vms}")
Rails.logger.warn("ViMa: session vms: #{session[:vms]}")
session[:vms] = vms.first(50)
Host.where(fqdn: vms).each do |host|
host.users << user unless host.users.include?(user)
end
end
end
Event Timeline
Log In to Comment