Skip to content

Commit

Permalink
Move Utils methods into specific helper classes
Browse files Browse the repository at this point in the history
  • Loading branch information
@petems
petems committed Feb 24, 2016
1 parent 7220c9f commit 28d60ad
Show file tree
Hide file tree
Showing 6 changed files with 99 additions and 87 deletions.
37 changes: 37 additions & 0 deletions lib/hiera/backend/eyaml/edithelper.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,43 @@ def self.find_editor
editor
end

def self.secure_file_delete args
file = File.open(args[:file], 'r+')
num_bytes = args[:num_bytes]
[0xff, 0x55, 0xaa, 0x00].each do |byte|
file.seek(0, IO::SEEK_SET)
num_bytes.times { file.print(byte.chr) }
file.fsync
end
file.close
File.delete args[:file]
end

def self.write_tempfile data_to_write
file = Tempfile.open(['eyaml_edit', '.yaml'])
path = file.path
file.close!

file = File.open(path, "w")
file.chmod(0600)
if ENV['OS'] == 'Windows_NT'
# Windows doesn't support chmod
icacls = 'C:\Windows\system32\icacls.exe'
if File.executable? icacls
current_user = `C:\\Windows\\system32\\whoami.exe`.chomp
# Use ACLs to restrict access to the current user only
command = %Q{#{icacls} "#{file.path}" /grant:r "#{current_user}":f /inheritance:r}
system "#{command} >NUL 2>&1"
end
end
file.puts data_to_write
file.close

Utils::debug "Wrote temporary file: #{path}"

path
end

end
end
end
Expand Down
53 changes: 53 additions & 0 deletions lib/hiera/backend/eyaml/encrypthelper.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
require 'tempfile'
require 'fileutils'
require 'highline/import'

class Hiera
module Backend
module Eyaml
class EncryptHelper

def self.read_password
ask("Enter password: ") {|q| q.echo = "*" }
end

def self.confirm? message
result = ask("#{message} (y/N): ")
if result.downcase == "y" or result.downcase == "yes"
true
else
false
end
end

def self.write_important_file args
filename = args[ :filename ]
content = args[ :content ]
mode = args[ :mode ]
if File.file? "#{filename}"
raise StandardError, "User aborted" unless EncryptHelper::confirm? "Are you sure you want to overwrite \"#{filename}\"?"
end
open( "#{filename}", "w" ) do |io|
io.write(content)
end
File.chmod( mode, filename ) unless mode.nil?
end

def self.ensure_key_dir_exists key_file
key_dir = File.dirname key_file

unless File.directory? key_dir
begin
FileUtils.mkdir_p key_dir
Utils::info "Created key directory: #{key_dir}"
rescue
raise StandardError, "Cannot create key directory: #{key_dir}"
end
end

end

end
end
end
end
10 changes: 5 additions & 5 deletions lib/hiera/backend/eyaml/encryptors/pkcs7.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,8 @@ def self.create_keys
subject = self.option :subject

key = OpenSSL::PKey::RSA.new(2048)
Utils.ensure_key_dir_exists private_key
Utils.write_important_file :filename => private_key, :content => key.to_pem, :mode => 0600
EncryptHelper.ensure_key_dir_exists private_key
EncryptHelper.write_important_file :filename => private_key, :content => key.to_pem, :mode => 0600

cert = OpenSSL::X509::Certificate.new()
cert.subject = OpenSSL::X509::Name.parse(subject)
Expand All @@ -92,9 +92,9 @@ def self.create_keys

cert.sign key, OpenSSL::Digest::SHA1.new

Utils.ensure_key_dir_exists public_key
Utils.write_important_file :filename => public_key, :content => cert.to_pem
Utils.info "Keys created OK"
EncryptHelper.ensure_key_dir_exists public_key
EncryptHelper.write_important_file :filename => public_key, :content => cert.to_pem
LoggingHelper.info "Keys created OK"

end

Expand Down
6 changes: 3 additions & 3 deletions lib/hiera/backend/eyaml/subcommands/edit.rb
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
require 'hiera/backend/eyaml/utils'
require 'hiera/backend/eyaml/edithelper'
require 'hiera/backend/eyaml/options'
require 'hiera/backend/eyaml/parser/parser'
require 'hiera/backend/eyaml/subcommand'
Expand Down Expand Up @@ -76,7 +76,7 @@ def self.execute
decrypted_file_content = Eyaml::Options[:no_preamble] ? decrypted_input : (self.preamble + decrypted_input)

begin
decrypted_file = Utils.write_tempfile decrypted_file_content unless decrypted_file
decrypted_file = EditHelper.write_tempfile decrypted_file_content unless decrypted_file
system "#{editor} \"#{decrypted_file}\""
status = $?

Expand Down Expand Up @@ -130,7 +130,7 @@ def self.execute
raise e
end
ensure
Utils.secure_file_delete :file => decrypted_file, :num_bytes => [edited_file.length, decrypted_input.length].max
EditHelper.secure_file_delete :file => decrypted_file, :num_bytes => [edited_file.length, decrypted_input.length].max
end

nil
Expand Down
2 changes: 1 addition & 1 deletion lib/hiera/backend/eyaml/subcommands/encrypt.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ def self.validate options

options[:input_data] = case options[:source]
when :password
Utils.read_password
EncryptHelper.read_password
when :string
options[:string]
when :file
Expand Down
78 changes: 0 additions & 78 deletions lib/hiera/backend/eyaml/utils.rb
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
require 'highline/import'
require 'tempfile'
require 'fileutils'

Expand All @@ -7,19 +6,6 @@ module Backend
module Eyaml
class Utils

def self.read_password
ask("Enter password: ") {|q| q.echo = "*" }
end

def self.confirm? message
result = ask("#{message} (y/N): ")
if result.downcase == "y" or result.downcase == "yes"
true
else
false
end
end

def self.camelcase string
return string if string !~ /_/ && string =~ /[A-Z]+.*/
string.split('_').map{|e| e.capitalize}.join
Expand All @@ -30,70 +16,6 @@ def self.snakecase string
string.split(/(?=[A-Z])/).collect {|x| x.downcase}.join("_")
end

def self.secure_file_delete args
file = File.open(args[:file], 'r+')
num_bytes = args[:num_bytes]
[0xff, 0x55, 0xaa, 0x00].each do |byte|
file.seek(0, IO::SEEK_SET)
num_bytes.times { file.print(byte.chr) }
file.fsync
end
file.close
File.delete args[:file]
end

def self.write_tempfile data_to_write
file = Tempfile.open(['eyaml_edit', '.yaml'])
path = file.path
file.close!

file = File.open(path, "w")
file.chmod(0600)
if ENV['OS'] == 'Windows_NT'
# Windows doesn't support chmod
icacls = 'C:\Windows\system32\icacls.exe'
if File.executable? icacls
current_user = `C:\\Windows\\system32\\whoami.exe`.chomp
# Use ACLs to restrict access to the current user only
command = %Q{#{icacls} "#{file.path}" /grant:r "#{current_user}":f /inheritance:r}
system "#{command} >NUL 2>&1"
end
end
file.puts data_to_write
file.close

Utils::debug "Wrote temporary file: #{path}"

path
end

def self.write_important_file args
filename = args[ :filename ]
content = args[ :content ]
mode = args[ :mode ]
if File.file? "#{filename}"
raise StandardError, "User aborted" unless Utils::confirm? "Are you sure you want to overwrite \"#{filename}\"?"
end
open( "#{filename}", "w" ) do |io|
io.write(content)
end
File.chmod( mode, filename ) unless mode.nil?
end

def self.ensure_key_dir_exists key_file
key_dir = File.dirname key_file

unless File.directory? key_dir
begin
FileUtils.mkdir_p key_dir
Utils::info "Created key directory: #{key_dir}"
rescue
raise StandardError, "Cannot create key directory: #{key_dir}"
end
end

end

def self.find_closest_class args
parent_class = args[ :parent_class ]
class_name = args[ :class_name ]
Expand Down

0 comments on commit 28d60ad

Please sign in to comment.