feature: implement device access and new security spec

SERVERPLUGINS.md

@@ -124,17 +124,20 @@ If the plugin needs to make and save changes to its options
 
 If the plugin needs to read plugin options from disk
 
-### app.registerActionHandler (context, path, source, callback)
+### app.registerPutHandler (context, path, source, callback)
 
-If the plugin wants to respond to actions, which are PUT requests for a specific path, it should register an action handler.
+If the plugin wants to respond to PUT requests for a specific path, it should register an action handler.
 
 The action handler can handle the request synchronously or asynchronously.
-For synchronous actions the handler must return a value describing the result of the action: either `{ state: 'SUCCESS' }` or `{ state:'FAILURE', message:'Some Error Message' }`.
+
+The passed callback should be a funtion taking the following arguments: (context, path, value, callback)
+
+For synchronous actions the handler must return a value describing the response of the request: for example `{ state: 'COMPLETED', result:200 }` or `{ state:'COMPLETED', result:400, message:'Some Error Message' }`. The result value can be any valid http response code.
 
 For asynchronous actions that may take considerable time and the requester should not be kept waiting for the result
 the handler must return `{ state: 'PENDING' }`. When the action is finished the handler
- should call the `callback` function with the result with  `callback({ state: 'SUCCESS' })` or
-`callback({ state:'FAILURE', message:'Some Error Message' })`.
+ should call the `callback` function with the result with  `callback({ state: 'COMPLETED', statusCode:200 })` or
+`callback({ state:'COMPLETED', statusCode:400, message:'Some Error Message' })`.
 
 ### app.registerDeltaInputHandler ((delta, next) => ...)
 

lib/deltacache.js

@@ -152,11 +152,10 @@ DeltaCache.prototype.getCachedDeltas = function (user, contextFilter, key) {
 
   deltas = deltas.map(toDelta)
 
-  if (this.app.securityStrategy.shouldFilterDeltas()) {
-    deltas = deltas.filter(delta => {
-      return this.app.securityStrategy.filterReadDelta(user, delta)
-    })
-  }
+  deltas = deltas.filter(delta => {
+    return this.app.securityStrategy.filterReadDelta(user, delta)
+  })
+
   return deltas
 }
 

lib/dummysecurity.js

@@ -14,36 +14,36 @@
  * limitations under the License.
  */
 
-module.exports = function(app, config) {
+module.exports = function (app, config) {
   return {
     getConfiguration: () => {
-      return {};
+      return {}
     },
 
     allowRestart: req => {
-      return false;
+      return false
     },
 
     allowConfigure: req => {
-      return false;
+      return false
     },
 
     getLoginStatus: req => {
       return {
-        status: "notLoggedIn",
+        status: 'notLoggedIn',
         readOnlyAccess: false,
         authenticationRequired: false
-      };
+      }
     },
 
     getConfig: config => {
-      return config;
+      return config
     },
 
     setConfig: (config, newConfig) => {},
 
     getUsers: config => {
-      return [];
+      return []
     },
 
     updateUser: (config, username, updates, callback) => {},
@@ -54,38 +54,48 @@ module.exports = function(app, config) {
 
     deleteUser: (config, username, callback) => {},
 
-    shouldAllowWrite: function(req, delta) {
-      return true;
+    shouldAllowWrite: function (req, delta) {
+      return true
     },
 
-    shouldAllowPut: function(req, context, source, path) {
-      return true;
+    shouldAllowPut: function (req, context, source, path) {
+      return true
     },
 
     filterReadDelta: (user, delta) => {
-      return delta;
+      return delta
     },
 
     verifyWS: spark => {},
 
     authorizeWS: req => {},
 
     checkACL: (id, context, path, source, operation) => {
-      return true;
+      return true
     },
 
     isDummy: () => {
-      return true;
+      return true
     },
 
     canAuthorizeWS: () => {
-      return false;
+      return false
     },
 
     shouldFilterDeltas: () => {
-      return false;
+      return false
     },
 
-    addAdminMiddleware: () => {}
-  };
-};
+    addAdminMiddleware: () => {},
+
+    allowReadOnly: () => {
+      return true
+    },
+
+    supportsLogin: () => false,
+
+    getAuthRequiredString: () => {
+      return 'never'
+    }
+  }
+}

lib/index.js

@@ -36,7 +36,12 @@ const express = require('express'),
   getPrimaryPort = ports.getPrimaryPort,
   getSecondaryPort = ports.getSecondaryPort,
   getExternalPort = ports.getExternalPort,
-  { startSecurity, getCertificateOptions } = require('./security.js'),
+  {
+    startSecurity,
+    getCertificateOptions,
+    getSecurityConfig,
+    saveSecurityConfig
+  } = require('./security.js'),
   { startDeltaStatistics, incDeltaStatistics } = require('./deltastats'),
   DeltaChain = require('./deltachain')
 
@@ -415,34 +420,3 @@ Server.prototype.stop = function(cb) {
     }
   })
 }
-
-function pathForSecurityConfig(app) {
-  return path.join(app.config.configPath, 'security.json')
-}
-
-function saveSecurityConfig(app, data, callback) {
-  const config = JSON.parse(JSON.stringify(data))
-  const path = pathForSecurityConfig(app)
-  fs.writeFile(path, JSON.stringify(data, null, 2), err => {
-    if (!err) {
-      fs.chmodSync(path, '600')
-    }
-    if (callback) {
-      callback(err)
-    }
-  })
-}
-
-function getSecurityConfig(app) {
-  try {
-    const optionsAsString = fs.readFileSync(pathForSecurityConfig(app), 'utf8')
-    try {
-      return JSON.parse(optionsAsString)
-    } catch (e) {
-      console.error('Could not parse security config')
-      return {}
-    }
-  } catch (e) {
-    return {}
-  }
-}

lib/interfaces/plugins.js

@@ -23,6 +23,7 @@ const modulesWithKeyword = require('../modules').modulesWithKeyword
 const getLogger = require('../logging').getLogger
 const _putPath = require('../put').putPath
 const { getModulePublic } = require('../config/get')
+const { queryRequest } = require('../requestResponse')
 
 // #521 Returns path to load plugin-config assets.
 const getPluginConfigPublic = getModulePublic('@signalk/plugin-config')
@@ -177,12 +178,35 @@ module.exports = function (app) {
     return _.get(app.signalk.retrieve(), path)
   }
 
-  function putSelfPath (path, value) {
-    return _putPath(app, `vessels.self.${path}`, { value: value })
+  function putSelfPath (path, value, updateCb) {
+    return _putPath(
+      app,
+      'vessels.self',
+      path,
+      { value: value },
+      null,
+      null,
+      updateCb
+    )
   }
 
-  function putPath (path, value) {
-    return _putPath(app, path, { value: value })
+  function putPath (path, value, updateCb) {
+    var parts = path.length > 0 ? path.split('.') : []
+
+    if (parts.length > 2) {
+      var context = `${parts[0]}.${parts[1]}`
+      var skpath = parts.slice(2).join('.')
+    }
+
+    return _putPath(
+      app,
+      context,
+      skpath,
+      { value: value },
+      null,
+      null,
+      updateCb
+    )
   }
 
   function registerPlugin (app, pluginName, metadata, location) {
@@ -242,6 +266,7 @@ module.exports = function (app) {
       getPath,
       putSelfPath,
       putPath,
+      queryRequest,
       error: msg => {
         console.error(`${packageName}:${msg}`)
       },
@@ -287,11 +312,12 @@ module.exports = function (app) {
     appCopy.readPluginOptions = () => {
       return getPluginOptions(plugin.id)
     }
-    appCopy.registerActionHandler = (context, path, callback) => {
+    appCopy.registerPutHandler = (context, path, callback) => {
       onStopHandlers[plugin.id].push(
         app.registerActionHandler(context, path, plugin.id, callback)
       )
     }
+    appCopy.registerActionHandler = appCopy.registerPutHandler
 
     appCopy.registerHistoryProvider = provider => {
       app.registerHistoryProvider(provider)

lib/interfaces/rest.js

@@ -106,15 +106,15 @@ module.exports = function (app) {
                   return
                 }
                 var last = app.deltaCache.buildFullFromDeltas(
-                  req.skUser,
+                  req.skPrincipal,
                   deltas
                 )
                 sendResult(last, path)
               }
             )
           }
         } else {
-          var last = app.deltaCache.buildFull(req.skUser, path)
+          var last = app.deltaCache.buildFull(req.skPrincipal, path)
           sendResult(last, path)
         }
       })