From 955ab1ceaa678782d63a6153d352dc6428f9f364 Mon Sep 17 00:00:00 2001 From: John Keiser Date: Wed, 2 Jul 2014 15:40:26 -0700 Subject: Add /organizations, /organizations/NAME, /organizations/NAME/_validator_key --- bin/chef-zero | 4 ++ chef-zero.gemspec | 1 + lib/chef_zero/data_normalizer.rb | 9 ++++ lib/chef_zero/data_store/memory_store_v2.rb | 8 ++-- lib/chef_zero/data_store/v1_to_v2_adapter.rb | 26 +++++----- lib/chef_zero/endpoints/organization_endpoint.rb | 37 +++++++++++++++ .../organization_validator_key_endpoint.rb | 20 ++++++++ lib/chef_zero/endpoints/organizations_endpoint.rb | 55 ++++++++++++++++++++++ lib/chef_zero/rest_base.rb | 13 ++++- lib/chef_zero/server.rb | 41 ++++++++++++++-- 10 files changed, 195 insertions(+), 19 deletions(-) create mode 100644 lib/chef_zero/endpoints/organization_endpoint.rb create mode 100644 lib/chef_zero/endpoints/organization_validator_key_endpoint.rb create mode 100644 lib/chef_zero/endpoints/organizations_endpoint.rb diff --git a/bin/chef-zero b/bin/chef-zero index c2b3120..303634e 100755 --- a/bin/chef-zero +++ b/bin/chef-zero @@ -49,6 +49,10 @@ OptionParser.new do |opts| options[:log_level] = value end + opts.on("--multi-org", "Whether to run in multi-org mode") do |value| + options[:single_org] = nil + end + opts.on_tail("-h", "--help", "Show this message") do puts opts exit diff --git a/chef-zero.gemspec b/chef-zero.gemspec index e52413c..4708385 100644 --- a/chef-zero.gemspec +++ b/chef-zero.gemspec @@ -14,6 +14,7 @@ Gem::Specification.new do |s| s.add_dependency 'mixlib-log', '~> 1.3' s.add_dependency 'hashie', '~> 2.0' + s.add_dependency 'uuidtools', '~> 2.1' s.add_dependency 'json' s.add_dependency 'rack' diff --git a/lib/chef_zero/data_normalizer.rb b/lib/chef_zero/data_normalizer.rb index 8e813fe..a452e8d 100644 --- a/lib/chef_zero/data_normalizer.rb +++ b/lib/chef_zero/data_normalizer.rb @@ -114,6 +114,15 @@ module ChefZero node end + def self.normalize_organization(org, name) + org['name'] ||= name + org['full_name'] ||= name + org['org_type'] ||= 'Business' + org['clientname'] ||= "#{name}-validator" + org['billing_plan'] ||= 'platform-free' + org + end + def self.normalize_role(role, name) role['name'] ||= name role['description'] ||= '' diff --git a/lib/chef_zero/data_store/memory_store_v2.rb b/lib/chef_zero/data_store/memory_store_v2.rb index fd93506..2314ae8 100644 --- a/lib/chef_zero/data_store/memory_store_v2.rb +++ b/lib/chef_zero/data_store/memory_store_v2.rb @@ -35,11 +35,11 @@ module ChefZero create_dir([], 'organizations') end - def create_org + def create_org(name) org = { 'clients' => { - 'chef-validator' => '{ "validator": true }', - 'chef-webui' => '{ "admin": true }' + "#{name}-validator" => '{ "validator": true }', + "#{name}-webui" => '{ "admin": true }' }, 'cookbooks' => {}, 'data' => {}, @@ -178,7 +178,7 @@ module ChefZero def _create_dir(parent_path, parent, name) if parent_path == [ 'organizations' ] - parent[name] = create_org + parent[name] = create_org(name) else parent[name] = {} end diff --git a/lib/chef_zero/data_store/v1_to_v2_adapter.rb b/lib/chef_zero/data_store/v1_to_v2_adapter.rb index 3b2fc8d..b01941b 100644 --- a/lib/chef_zero/data_store/v1_to_v2_adapter.rb +++ b/lib/chef_zero/data_store/v1_to_v2_adapter.rb @@ -10,18 +10,22 @@ module ChefZero clear end - ORG_DEFAULTS = { - 'clients' => { - 'chef-validator' => '{ "validator": true }', - 'chef-webui' => '{ "admin": true }' - }, - 'environments' => { - '_default' => '{ "description": "The default Chef environment" }' - }, - 'users' => { - 'admin' => '{ "admin": "true" }' + def self.org_defaults(name) + { + 'clients' => { + "#{name}-validator" => '{ "validator": true }', + "#{name}-webui" => '{ "admin": true }' + }, + 'environments' => { + '_default' => '{ "description": "The default Chef environment" }' + }, + 'users' => { + 'admin' => '{ "admin": "true" }' + } } - } + end + + ORG_DEFAULTS = org_defaults('chef') attr_reader :real_store attr_reader :single_org diff --git a/lib/chef_zero/endpoints/organization_endpoint.rb b/lib/chef_zero/endpoints/organization_endpoint.rb new file mode 100644 index 0000000..554982f --- /dev/null +++ b/lib/chef_zero/endpoints/organization_endpoint.rb @@ -0,0 +1,37 @@ +require 'json' +require 'chef_zero/rest_base' + +module ChefZero + module Endpoints + # /organizations/NAME + class OrganizationEndpoint < RestBase + def get(request) + org = get_data(request, request.rest_path + [ 'org' ]) + already_json_response(200, populate_defaults(request, org)) + end + + def put(request) + org = JSON.parse(get_data(request, request.rest_path + [ 'org' ]), :create_additions => false) + new_org = JSON.parse(request.body, :create_additions => false) + new_org.each do |key, value| + org[key] = value + end + org = JSON.pretty_generate(org) + set_data(request, request.rest_path + [ 'org' ], org) + already_json_response(200, populate_defaults(request, org)) + end + + def delete(request) + org = get_data(request, request.rest_path + [ 'org' ]) + delete_data_dir(request, request.rest_path) + already_json_response(200, populate_defaults(request, org)) + end + + def populate_defaults(request, response_json) + org = JSON.parse(response_json, :create_additions => false) + org = DataNormalizer.normalize_organization(org, request.rest_path[1]) + JSON.pretty_generate(org) + end + end + end +end diff --git a/lib/chef_zero/endpoints/organization_validator_key_endpoint.rb b/lib/chef_zero/endpoints/organization_validator_key_endpoint.rb new file mode 100644 index 0000000..81419a6 --- /dev/null +++ b/lib/chef_zero/endpoints/organization_validator_key_endpoint.rb @@ -0,0 +1,20 @@ +require 'json' +require 'chef_zero/rest_base' +require 'uuidtools' + +module ChefZero + module Endpoints + # /organizations/NAME/_validator_key + class OrganizationValidatorKeyEndpoint < RestBase + def post(request) + org_name = request.rest_path[-2] + validator_path = [ 'organizations', org_name, 'clients', "#{org_name}-validator"] + validator = JSON.parse(get_data(request, validator_path), :create_additions => false) + private_key, public_key = server.gen_key_pair + validator['public_key'] = public_key + set_data(request, validator_path, JSON.pretty_generate(validator)) + json_response(200, { 'private_key' => private_key }) + end + end + end +end diff --git a/lib/chef_zero/endpoints/organizations_endpoint.rb b/lib/chef_zero/endpoints/organizations_endpoint.rb new file mode 100644 index 0000000..76cbfad --- /dev/null +++ b/lib/chef_zero/endpoints/organizations_endpoint.rb @@ -0,0 +1,55 @@ +require 'json' +require 'chef_zero/rest_base' +require 'uuidtools' + +module ChefZero + module Endpoints + # /organizations + class OrganizationsEndpoint < RestBase + def get(request) + result = {} + data_store.list(request.rest_path).each do |name| + result[name] = build_uri(request.base_uri, request.rest_path + [name]) + end + json_response(200, result) + end + + def post(request) + contents = request.body + name = JSON.parse(contents, :create_additions => false)['name'] + if name.nil? + error(400, "Must specify 'name' in JSON") + elsif exists_data_dir?(request, request.rest_path + [ name ]) + error(409, "Organization already exists") + else + create_data_dir(request, request.rest_path, name) + + org = { + "guid" => UUIDTools::UUID.random_create, + "assigned_at" => Time.now.to_s + } + org_path = request.rest_path + [ name ] + create_data(request, org_path, 'org', JSON.pretty_generate(org)) + + if server.generate_real_keys? + # Create the validator client + validator_name = "#{name}-validator" + validator_path = org_path + [ 'clients', validator_name ] + private_key, public_key = server.gen_key_pair + validator = JSON.pretty_generate({ + 'validator' => true, + 'public_key' => public_key + }) + set_data(request, validator_path, validator) + end + + json_response(201, { + "uri" => "#{build_uri(request.base_uri, org_path)}", + "clientname" => validator_name, + "private_key" => private_key + }) + end + end + end + end +end diff --git a/lib/chef_zero/rest_base.rb b/lib/chef_zero/rest_base.rb index f01950f..9e0ed30 100644 --- a/lib/chef_zero/rest_base.rb +++ b/lib/chef_zero/rest_base.rb @@ -80,12 +80,23 @@ module ChefZero def set_data(request, rest_path, data, *options) rest_path ||= request.rest_path begin - data_store.set(rest_path, request.body, *options) + data_store.set(rest_path, data, *options) rescue DataStore::DataNotFoundError raise RestErrorResponse.new(404, "Object not found: #{build_uri(request.base_uri, request.rest_path)}") end end + def create_data_dir(request, rest_path, name, *options) + rest_path ||= request.rest_path + begin + data_store.create_dir(rest_path, name, *options) + rescue DataStore::DataNotFoundError + raise RestErrorResponse.new(404, "Parent not found: #{build_uri(request.base_uri, request.rest_path)}") + rescue DataStore::DataAlreadyExistsError + raise RestErrorResponse.new(409, "Object already exists: #{build_uri(request.base_uri, request.rest_path + [name])}") + end + end + def create_data(request, rest_path, name, data, *options) rest_path ||= request.rest_path begin diff --git a/lib/chef_zero/server.rb b/lib/chef_zero/server.rb index bbc0c31..368b8bc 100644 --- a/lib/chef_zero/server.rb +++ b/lib/chef_zero/server.rb @@ -50,6 +50,9 @@ require 'chef_zero/endpoints/environment_nodes_endpoint' require 'chef_zero/endpoints/environment_recipes_endpoint' require 'chef_zero/endpoints/environment_role_endpoint' require 'chef_zero/endpoints/node_endpoint' +require 'chef_zero/endpoints/organizations_endpoint' +require 'chef_zero/endpoints/organization_endpoint' +require 'chef_zero/endpoints/organization_validator_key_endpoint' require 'chef_zero/endpoints/principal_endpoint' require 'chef_zero/endpoints/role_endpoint' require 'chef_zero/endpoints/role_environments_endpoint' @@ -385,7 +388,40 @@ module ChefZero def open_source_endpoints [ - [ "/organizations/*/authenticate_user", AuthenticateUserEndpoint.new(self) ], + # if options[:server_type] == 'osc' + # # OSC-only + [ "/organizations/*/users", ActorsEndpoint.new(self) ], + [ "/organizations/*/users/*", ActorEndpoint.new(self) ], + # else + # # EC-only + # [ "/organizations/*/users", EcUsersEndpoint.new(self) ], + # [ "/organizations/*/users/*", EcUserEndpoint.new(self) ], + # [ "/users", ActorsEndpoint.new(self) ], + # [ "/users/*", ActorEndpoint.new(self) ], + # end + + # Both + [ "/organizations", OrganizationsEndpoint.new(self) ], + [ "/organizations/*", OrganizationEndpoint.new(self) ], + [ "/organizations/*/_validator_key", OrganizationValidatorKeyEndpoint.new(self) ], + # [ "/organizations/*/members", RestObjectEndpoint.new(self) ], + # [ "/organizations/*/association_requests", AssociationRequestsEndpoint.new(self) ], + # [ "/organizations/*/association_requests/count", AssociationRequestsCountEndpoint.new(self) ], + # [ "/organizations/*/association_requests/*", AssociationRequestEndpoint.new(self) ], + # [ "/organizations/*/authenticate_user", AuthenticateUserEndpoint.new(self) ], + # [ "/organizations/*/containers", RestListEndpoint.new(self) ], + # [ "/organizations/*/containers/*", RestObjectEndpoint.new(self) ], + # [ "/organizations/*/groups", RestListEndpoint.new(self) ], + # [ "/organizations/*/groups/*", RestObjectEndpoint.new(self) ], + # [ "/users/*/organizations", UserOrganizationsEndpoint.new(self) ], + # [ "/users/*/association_requests", UserAssocationRequestsEndpoint.new(self) ], + # [ "/users/*/association_requests/*", UserAssociationRequestEndpoint.new(self) ], + # [ "/**/_acls", AclsEndpoint.new(self) ], + # [ "/**/_acls/*", AclEndpoint.new(self) ], + # [ "/verify_password", VerifyPasswordEndpoint.new(self) ], + # [ "/authenticate_user", AuthenticateUserEndpoint.new(self) ], + # [ "/system_recovery", SystemRecoveryEndpoint.new(self) ], + [ "/organizations/*/clients", ActorsEndpoint.new(self) ], [ "/organizations/*/clients/*", ActorEndpoint.new(self) ], [ "/organizations/*/cookbooks", CookbooksEndpoint.new(self) ], @@ -413,9 +449,8 @@ module ChefZero [ "/organizations/*/sandboxes/*", SandboxEndpoint.new(self) ], [ "/organizations/*/search", SearchesEndpoint.new(self) ], [ "/organizations/*/search/*", SearchEndpoint.new(self) ], - [ "/organizations/*/users", ActorsEndpoint.new(self) ], - [ "/organizations/*/users/*", ActorEndpoint.new(self) ], + # Internal [ "/organizations/*/file_store/**", FileStoreFileEndpoint.new(self) ], ] end -- cgit v1.2.1