Moved gc auth code to auths model.

Further made some testcode for auths handling.
author: Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de> 2012-11-29 16:56:26 +0100
committer: Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de> 2012-11-29 17:27:05 +0100
commit: f59b78503c3e6ee39d13a0b1a959784cccca5da6 (patch)
tree: ea5d07cfda391d87299f09584b3c67a54319769a
parent: 1ddc5940e52d8db00ba204f99679bc5a271c425b (diff)
download: ecs2-f59b78503c3e6ee39d13a0b1a959784cccca5da6.tar.gz
ecs2-f59b78503c3e6ee39d13a0b1a959784cccca5da6.zip
8 files changed, 118 insertions, 68 deletions
diff --git a/app/models/auth.rb b/app/models/auth.rb
index d1ce104..6ffc164 100644
--- a/app/models/auth.rb
+++ b/app/models/auth.rb
@@ -5,4 +5,52 @@ class Auth < ActiveRecord::Base
   #  :joins => {:membership_messages => {:membership => :participant}},
   #  :order => "id ASC",
   #  :conditions => {:participants => {:id => participant.id}}}}
+
+
+  def test_validation_window
+    b = JSON.parse(message.body)
+    sov = Time.parse(b["sov"]) 
+    eov = Time.parse(b["eov"]) 
+    if sov > Time.now or eov < Time.now
+      false
+    else
+      true
+    end
+  end
+
+  # garbage collect outtimed authorization tokens
+  def self.gc_outtimed
+    gc_sys_auths_lock= "#{Rails.root}/tmp/gc_sys_auths.lock"
+    if File.exists?(gc_sys_auths_lock)
+      logtext= "GC: there seems to be already running a ecs:gc_sys_auths process (#{gc_sys_auths_lock}). Aborting."
+      logger.info logtext
+      puts logtext unless Rails.env.test?
+    else
+      begin
+        File.open(gc_sys_auths_lock,"w") do |f|
+          f.puts "#{Process.pid}"
+        end
+        logtext= "GC: Searching for outtimed auths ..."
+        logger.info logtext
+        puts logtext unless Rails.env.test?
+        Auth.all.each do |auth|
+          if ! auth.test_validation_window
+            auth.message.destroy_as_sender
+            logtext= "GC: garbage collect auths token: #{auth.one_touch_hash}"
+            logger.info logtext
+            puts logtext unless Rails.env.test?
+          end
+        end
+        logtext= "GC: Searching for outtimed auths done."
+        logger.info logtext
+        puts logtext unless Rails.env.test?
+      ensure
+        begin
+          File.delete(gc_sys_auths_lock)
+        rescue
+        end
+      end
+    end
+  end
+
 end
diff --git a/app/models/message.rb b/app/models/message.rb
index 8f225df..ca4c306 100644
--- a/app/models/message.rb
+++ b/app/models/message.rb
@@ -163,18 +163,6 @@ class Message < ActiveRecord::Base
     end
   end
 
-  def test_auths_validation_window
-    b = JSON.parse(body)
-    sov = Time.parse(b["sov"]) 
-    eov = Time.parse(b["eov"]) 
-    if sov > Time.now or eov < Time.now
-      false
-    else
-      true
-    end
-  end
-
-
   def self.filter(action_name, app_namespace, ressource_name, record, params)
     d="filter/#{app_namespace}/#{ressource_name}/#{action_name}/*"
     filters=Dir[d].collect{|f| File.directory?(f) ? f : nil}.compact
@@ -291,23 +279,22 @@ class Message < ActiveRecord::Base
     resource_name == 'auths' and
     !memberships.empty? and
     !participant.sender?(self) and
-    !test_auths_validation_window
+    !auth.test_validation_window
   end
 
-
   def valid_auths_resource_fetched_by_non_owner?(app_namespace, resource_name, memberships, participant)
     app_namespace  == 'sys' and
     resource_name == 'auths' and
     !memberships.empty? and
-    !participant.sender?(@record) and
-    test_auths_validation_window
+    !participant.sender?(self) and
+    auth.test_validation_window
   end
 
   def valid_no_auths_resource_fetched_by_non_owner?(app_namespace, resource_name, memberships, participant)
     app_namespace  != 'sys' and
     ressource_name != 'auths' and
     !memberships.empty? and
-    !participant.sender?(@record)
+    !participant.sender?(self)
   end
 
   # Helper function for create and update 
diff --git a/lib/tasks/ecs_garbage_collect_auths.rake b/lib/tasks/ecs_garbage_collect_auths.rake
index 74ba324..c5dd29f 100644
--- a/lib/tasks/ecs_garbage_collect_auths.rake
+++ b/lib/tasks/ecs_garbage_collect_auths.rake
@@ -1,49 +1,6 @@
 namespace :ecs do
-  desc "Deletes outtimed authorization tokens (needs ps system command)."
+  desc "Delete outtimed authorization tokens."
   task :gc_sys_auths => :environment  do
-    gc_sys_auths_pid= "#{Rails.root}/tmp/pids/gc_sys_auths.pid"
-    if File.exists?(gc_sys_auths_pid)
-      pid= ""
-      gc_sys_auths_is_running= false
-      File.open(gc_sys_auths_pid,"r") do |f|
-        pid= f.readline.strip
-      end
-      p= open("|ps ax")
-      p.each_line do |line|
-        if line.index(pid)
-          gc_sys_auths_is_running= true
-          break
-        end
-      end
-      p.close
-      if gc_sys_auths_is_running
-        RAILS_DEFAULT_LOGGER.info "GC: there seems to be already running a ecs:gc_sys_auths process (#{gc_sys_auths_pid}). Aborting."
-        puts "GC: there seems to be already running a ecs:gc_sys_auths process (#{gc_sys_auths_pid}). Aborting."
-        raise 'gc_sys_auths.pid file exists!'
-      end
-    end
-    File.open(gc_sys_auths_pid,"w") do |f|
-      f.puts "#{Process.pid}"
-    end
-    begin
-      RAILS_DEFAULT_LOGGER.info "GC: Searching for outtimed auths ..."
-      puts "GC: Searching for outtimed auths ..."
-      Message.all.each do |m|
-        if m.auth
-          if ! m.test_auths_validation_window
-            m.destroy_as_sender
-            RAILS_DEFAULT_LOGGER.info "GC: garbage collect auths token with id=#{m.id}."
-            puts "delete outtimed authorization token with id=#{m.id}"
-          end
-        end
-      end
-      RAILS_DEFAULT_LOGGER.info "GC: Searching for outtimed auths done."
-      puts "GC: Searching for outtimed auths done."
-    ensure
-      begin
-        #File.delete(gc_sys_auths_pid)
-      rescue
-      end
-    end
+    Auth.gc_outtimed
   end
 end
diff --git a/test/fixtures/auths.yml b/test/fixtures/auths.yml
index 6b25be8..7d9bda3 100644
--- a/test/fixtures/auths.yml
+++ b/test/fixtures/auths.yml
@@ -1,9 +1,9 @@
 # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
 
-one:
-  one_touch_hash: MyString
-  message_id: 1
+outtimed:
+  one_touch_hash: <%= Digest::SHA1.hexdigest 'one touch hash outtimed' %>
+  message_id: 7
 
-two:
-  one_touch_hash: MyString
-  message_id: 1
+valid:
+  one_touch_hash: <%= Digest::SHA1.hexdigest 'one touch hash valid' %>
+  message_id: 8
diff --git a/test/fixtures/membership_messages.yml b/test/fixtures/membership_messages.yml
index dbfd8e0..0fd8e13 100644
--- a/test/fixtures/membership_messages.yml
+++ b/test/fixtures/membership_messages.yml
@@ -52,3 +52,13 @@
   id: 7
   membership_id: 4 #ulm_suv
   message_id: 2 #numlab_exercise_2
+
+8:
+  id: 8
+  membership_id: 2 #ulm_wuv
+  message_id: 7 #auth_outtimed
+
+9:
+  id: 9
+  membership_id: 2 #ulm_wuv
+  message_id: 8 #auth_valid
diff --git a/test/fixtures/messages.yml b/test/fixtures/messages.yml
index 9fdebd6..3a1c46c 100644
--- a/test/fixtures/messages.yml
+++ b/test/fixtures/messages.yml
@@ -60,3 +60,27 @@ numlab_ulm_ex1:
   sender: 2
   body: "Ne superschwere Aufgabe aus Ulm.\r\n"
 
+auth_outtimed:
+  id: 7
+  ressource: sys_auths
+  content_type: application/json
+  sender: 1
+  body: "{
+      \"pid\": 2,
+      \"sov\": \"2012-11-28T03:59:05+01:00\",
+      \"eov\": \"2012-11-28T04:00:10+01:00\",
+      \"realm\": \"<%= Digest::SHA1.hexdigest 'https://freeit.de/doc1.html' %>\"
+    }"
+
+auth_valid:
+  id: 8
+  ressource: sys_auths
+  content_type: application/json
+  sender: 1
+  body: "{
+      \"pid\": 2,
+      \"sov\": \"2012-11-28T03:59:05+01:00\",
+      \"eov\": \"2030-11-28T04:00:10+01:00\",
+      \"realm\": \"<%= Digest::SHA1.hexdigest 'https://freeit.de/doc2.html' %>\"
+    }"
+    
diff --git a/test/functional/messages_controller_test.rb b/test/functional/messages_controller_test.rb
index 6d7a906..c661123 100644
--- a/test/functional/messages_controller_test.rb
+++ b/test/functional/messages_controller_test.rb
@@ -423,6 +423,21 @@ class MessagesControllerTest < ActionController::TestCase
     assert_equal "eov time is too young", assigns(:http_error).to_s
   end
 
+  test "delete_auths" do
+    @request.env["X-EcsAuthId"] = identities(:ulm_id1).name
+    @request.set_REQUEST_URI("/sys/auths/#{auths(:valid).one_touch_hash}")
+    auths_count= Auth.all.length
+    messages_count= Message.all.length
+    auth_valid_id= auths(:valid).id
+    message_auth_valid_id= messages(:auth_valid).id
+    post :destroy, { :id => auths(:valid).one_touch_hash }
+    assert_response 200
+    assert_equal messages_count-1, Message.all.length
+    assert_equal auths_count-1, Auth.all.length
+    assert_raise(ActiveRecord::RecordNotFound){Auth.find(auth_valid_id)}
+    assert_raise(ActiveRecord::RecordNotFound){Message.find(message_auth_valid_id)}
+  end
+
 # anonymous clients
 #
 
diff --git a/test/unit/message_test.rb b/test/unit/message_test.rb
index 928f3bc..9a94c77 100644
--- a/test/unit/message_test.rb
+++ b/test/unit/message_test.rb
@@ -101,4 +101,13 @@ class MessageTest < ActiveSupport::TestCase
       assert_equal participants(:ilias_stgt).id, json["pid"]
     end
   end
+
+  test "gc_outtimed_auths" do
+    auths_count= Auth.all.length
+    messages_count= Message.all.length
+    Auth.gc_outtimed
+    assert_equal messages_count-1, Message.all.length
+    assert_equal auths_count-1, Auth.all.length
+    assert_raise(ActiveRecord::RecordNotFound){auths(:outtimed)}
+  end
 end
author	Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de>	2012-11-29 16:56:26 +0100
committer	Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de>	2012-11-29 17:27:05 +0100
commit	f59b78503c3e6ee39d13a0b1a959784cccca5da6 (patch)
tree	ea5d07cfda391d87299f09584b3c67a54319769a
parent	1ddc5940e52d8db00ba204f99679bc5a271c425b (diff)
download	ecs2-f59b78503c3e6ee39d13a0b1a959784cccca5da6.tar.gz ecs2-f59b78503c3e6ee39d13a0b1a959784cccca5da6.zip