summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-11-03[refactor] resource logic encapsulationVictor Shyba
Creating a resource from a path to use get_json causes a lot of dirty code and unexplained things like response[2]. This commit extracts that logic into a helper to let it more clear about what is happening.
2015-11-03[refactor] token verification moved to couch module + testsVictor Shyba
Added tests for this token verification as it wasn't covered. Then moved it to the new couch module that implements a couch storage. The ServerState was chosen to hold the verify_token method. CouchServerState holds the current implementation, which is called on authentication middleware as the new test shows.
2015-11-03[refactor] move couch errors and expose methodsVictor Shyba
errors.py was holding a few specific CouchDB errors, now moved into couch.errors module. Also, some of CouchDatabase methods were declared as private, but external classes needs them.
2015-11-03[refactor] CouchDocument is now ServerDocumentVictor Shyba
As SoledadBackend is intended to be database agnostic, a new generic document is now used instead of the old one made for CouchDB. The only attribute that really relates to couch was couch_rev, removed on this commit as it can be set on CouchDatabase implementation when needed.
2015-11-03[refactor] split out backend from couch databaseVictor Shyba
First step of splitting classes across files on common. backend.py holds SoledadBackend (generic backend logic) couch/ is now a directory with old code inside __init__.py and CouchServerState on state.py Also removed mock IndexedSoledadBackend, since Soledad does not support indexing due to encryption on server side. Also fixed DesignDocUnknownError to show up what is the message of the original exception. It was being lost.
2015-11-03[refactor] separate SoledadBackend from CouchDatabaseVictor Shyba
CouchDatabase was renamed to SoledadBackend and a new class CouchDatabase was created to hold all couchdb code. This should make SoledadBackend less tied to database implementation. A few more separations are needed to split into modules.
2015-11-03[refactor] remove MultipartWriter monkey patchVictor Shyba
This monkey patch was added to separate headers from content and use them to PUT on couchdb. The original implementation makes it possible by using two parameters in the constructor.
2015-11-03[refactor] separate errors and model from couchVictor Shyba
CouchDocument is a subclass from SoledadDocument which holds conflicts, making the server side aware of them. There is a module called document on soledad.common that holds SoledadDocument. This commit moves CouchDocument to its proper place. Error raising logic and exceptions declarations are also moved into error module inside common.
2015-10-30[feat] bump twisted dependency to 12.3.0Ruben Pollan
Needed after the SSL monkeypatch removal at 3b869fb7f
2015-10-29[feat] remove SSL tsafe monkeypatchVictor Shyba
This was added for a Twisted 12 bug that should be gone by now.
2015-10-29[feat] adds --migrate-all to create-user-db scriptVictor Shyba
This parameter applies the ensure_database to all existing databases, making all of them use the latest design documents. This can be used to migrate security documents, update handlers or any other kind of design document.
2015-10-28[style] fix pep8 warnigsFolker Bernitt
2015-10-28[feat] read security doc from configurationVictor Shyba
LEAP Platform needs to granularly allow access on user database for other services, like mx. This is now possible by editing soledad-server.conf file. A new section 'database-security' was added and it is parsed during 'create-user-db' to be set on security design document, present on every per-user database.
2015-10-28Merge branch 'release/0.7.x' into developIvan Alejandro
2015-10-28[pkg] fold in changes0.7.4release/0.7.xIvan Alejandro
2015-10-23Merge branch 'pixelated/develop' into developRuben Pollan
- Release: 0.8.0
2015-10-19[bug] remove instance cachingVictor Shyba
couchdb library relies on garbage collector to close remaining connections. Somehow, caching the instance is avoiding gc to call __del__ on underlying couchdb sessions.
2015-10-14[bug] reduce overall sync session caching to 120sVictor Shyba
It was 3600s, but closing connections seems to yet depend on garbage collection and now causes server to leak file handlers. 120s should be enough to a sync session finish. Also, lowering this value will only make very long syncs use more of couch every 2 minutes, while raising this value will keep memory busy for useless time.
2015-10-13[bug] handle MissingDesignDocError after get_sync_infoVictor Shyba
MissingDesignDocError raised on get_sync_info due to a missing design document will be handled by the server during sync. Ensure is now False by default, and thus database creation can deliver an empty one that will be ensured during sync, following the ensure parameter.
2015-10-13[feat] handle DatabaseDoesNotExist during syncVictor Shyba
This error raises while getting info on target (or server) replica. On previous implementation there was nothing to do here, but now that we have db creation in place this error should be handled just like u1db original implementation. The reason is that db creation occurs during sync exchange, but before this we try to ask for info and the code that checks for info raises an error that will be used to signal the client that a database will be created and that it must save the replica uid returned by server, after sync exchange (where we send/fetch documents).
2015-10-06Merge branch 'leapcode/pr/287' into developRuben Pollan
- Release: 0.8.0
2015-10-05[bug] handle MissingDesignDocError after get_sync_infoVictor Shyba
MissingDesignDocError raised on get_sync_info due to a missing design document will be handled by the server during sync. Ensure is now False by default, and thus database creation can deliver an empty one that will be ensured during sync, following the ensure parameter.
2015-10-05Merge branch 'pixelated/develop' into developRuben Pollan
- Releas: 0.8.0
2015-10-05[bug] fix leap mx by default false on ensure_ddocsVictor Shyba
ensure_ddocs is a privileged operation. The code was defaulting to True, which caused unprivileged code to fail. This commit changes it to False, forcing you to check your privileges and declare a new argument when calling in order to ensure that this behavior is only supposed to happen on privileged parts.
2015-10-05Merge branch 'soledad_configdir' into developRuben Pollan
2015-10-05[feat] Move config dir to /etc/soledadvarac
- Resolves: #7509
2015-10-02[bug] Migrate back to python-couchdb 0.8Victor Shyba
Wheezy is still at 0.8 and it is yet supported. This commit changes all necessary calls from python-couchdb 1.0 back to python-couchdb 0.8. We can migrate this back to simpler implementation with python-couchdb 1.0 when support for wheezy is dropped.
2015-10-02[pkg] pin beaker and couchdb for wheezyVictor Shyba
Wheezy has python-couchdb 0.8 and python-beaker 1.6.3. Pinning them to avoid false positives on tests.
2015-10-02[bug] increase http request timeout time to 90sKali Kaneko
this is a workaroud to reduce the chances of failed sync due to timeouts. this should be properly tackled by: 1. implementing proper cancellable for the sync operation. 2. implementing a retry count at the level of a single request, handled internally by soledad. in this way we can remove the retries logic from the soledadbootstrapper in the bitmask client. - Related: #7382
2015-10-02[bug] do not signal sync completion if failedKali Kaneko
- Related: #7503
2015-10-02[bug] increase http request timeout time to 90sKali Kaneko
this is a workaroud to reduce the chances of failed sync due to timeouts. this should be properly tackled by: 1. implementing proper cancellable for the sync operation. 2. implementing a retry count at the level of a single request, handled internally by soledad. in this way we can remove the retries logic from the soledadbootstrapper in the bitmask client. - Related: #7382
2015-10-02[bug] do not signal sync completion if failedKali Kaneko
- Related: #7503
2015-10-01Merge branch 'pixelated/develop' into developRuben Pollan
- Release: 0.8.0
2015-10-01[feat] read netrc path from configuration fileVictor Shyba
netrc file was hardcoded inside create-user-db. Now it reads the path from /etc/leap/soledad-server.conf as done on server process. The new configuration property is called 'admin_netrc'.
2015-09-30[docs] fix rst link markupKali Kaneko
2015-09-29[docs] added couchdb link to READMEvarac
2015-09-28Merge branch 'feat/create_db_using_cmd' into developRuben Pollan
- Releases: 0.8.0
2015-09-28[style] pep8Victor Shyba
2015-09-28[test] Making test_command pass on Mac OS X.Gislene Pereira
2015-09-28[test] remove old mocksVictor Shyba
Those hardcoded mocks are leaking into other tests and are unnecessary.
2015-09-28[refactor] kaliy's review and pep8 fixesVictor Shyba
README with information about latest change, missing docs and licenses, variable naming and pep8.
2015-09-28[feat] handle DatabaseDoesNotExist during syncVictor Shyba
This error raises while getting info on target (or server) replica. On previous implementation there was nothing to do here, but now that we have db creation in place this error should be handled just like u1db original implementation. The reason is that db creation occurs during sync exchange, but before this we try to ask for info and the code that checks for info raises an error that will be used to signal the client that a database will be created and that it must save the replica uid returned by server, after sync exchange (where we send/fetch documents).
2015-09-28[tests] tests for ensure_securityVictor Shyba
As the other tests does. Make sure that a fresh database gets proper security doc after calling ensure_security method.
2015-09-28[feat] ensure security documentVictor Shyba
Beyond ensuring ddocs, it is also necessary to ensure _security doc presence while creating a database. This document will tell couchdb to grant access to 'soledad' user as a member role and no one as admin.
2015-09-28[feat] script for user db creationVictor Shyba
Added a simple script for user db creation and design docs creation. It uses a netrc from /etc/couchdb/couchdb-admin.netrc and same validator used on couch.py for database names.
2015-09-28[bug] ensure_database returns db and replica_uidVictor Shyba
ensure database needs to return a db and its replica_uid. Updated tests, doc and code to reflect that.
2015-09-28[feat] conf for enabling db creation via custom shVictor Shyba
We can now use a custom script to create databases by setting a parameter 'create_cmd' on soledad configuration. This will set CouchServerState to use it on ensure_database.
2015-09-28[tests] CouchServerState tests for ensure_databaseVictor Shyba
Tests that Unauthorized is raised in any failure scenario, leaving user blind for tips on what happened during execution. This should lower chances of information disclosure on execution failure.
2015-09-28[feat] ensure_database is now able to call a cmdVictor Shyba
If CouchServerState is created with a create_cmd parameter, it can now use this parameter to invoke a command to create databases. A validator for database name is also used to ensure that command injection is not possible if user manages to manipulate database name argument.
2015-09-28[tests] Tests for command validation and executionVictor Shyba
Checks if arguments validation occurs properly and command execution brings back status code and stdout or stderr on some scenarios.