Fixing CHEF-860, adding password masking, error handling, and fixed private key formatting

author: Nuo Yan <nuoyan@nuo-yans-macbook-pro.local> 2010-01-25 13:25:14 -0800
committer: Nuo Yan <nuoyan@nuo-yans-macbook-pro.local> 2010-01-25 13:25:14 -0800
commit: e08bd0567c6a2c4747ebe87b01ddca78577edaa6 (patch)
tree: 63a01978ddcbc1843666c696baa191d0b19a9704
parent: 73d3bcddea38209905110a7927449cf9a117857c (diff)
download: chef-e08bd0567c6a2c4747ebe87b01ddca78577edaa6.tar.gz
11 files changed, 198 insertions, 77 deletions
diff --git a/chef-server-webui/app/controllers/application.rb b/chef-server-webui/app/controllers/application.rb
index a95b72618f..77314878a2 100644
--- a/chef-server-webui/app/controllers/application.rb
+++ b/chef-server-webui/app/controllers/application.rb
@@ -273,5 +273,9 @@ class ChefServerWebui::Application < Merb::Controller
     end
     result
   end
+  
+  def convert_newline_to_br(string)
+    string.to_s.gsub(/\n/, '<br />') unless string.nil?
+  end
 
 end
diff --git a/chef-server-webui/app/controllers/clients.rb b/chef-server-webui/app/controllers/clients.rb
index e10a3cdf68..d173ca682a 100644
--- a/chef-server-webui/app/controllers/clients.rb
+++ b/chef-server-webui/app/controllers/clients.rb
@@ -25,20 +25,38 @@ class ChefServerWebui::Clients < ChefServerWebui::Application
   
   # GET /clients
   def index
-    @clients_list = Chef::ApiClient.list()
-    render
+    begin
+      @clients_list = Chef::ApiClient.list()
+      render
+    rescue
+      @clients_list = {}
+      @_message = {:error => $!}
+      render
+    end 
   end
 
   # GET /clients/:id
   def show
-    load_client
-    render
+    begin
+      load_client
+      render
+    rescue => e
+      @client = Chef::ApiClient.new
+      @_message = e.message =~ /not found/ ?  {:error => "Cannot find client '#{params[:id]}'"} : { :error => $!}
+      render
+    end 
   end
 
   # GET /clients/:id/edit
   def edit
-    load_client
-    render 
+    begin
+      load_client
+      render
+    rescue
+      @client = Chef::ApiClient.new
+      @_message = e.message =~ /not found/ ?  {:error => "Cannot find client '#{params[:id]}'"} : { :error => $!}
+      render
+    end  
   end
 
   # GET /clients/new
@@ -92,9 +110,15 @@ class ChefServerWebui::Clients < ChefServerWebui::Application
 
   # DELETE /clients/:id
   def destroy
-    load_client
-    @client.destroy
-    redirect(absolute_slice_url(:clients), {:message => { :notice => "Client #{params[:id]} deleted successfully" }, :permanent => true})
+    begin
+      load_client
+      @client.destroy
+      redirect(absolute_slice_url(:clients), {:message => { :notice => "Client #{params[:id]} deleted successfully" }, :permanent => true})
+    rescue
+      @_message = {:error => $!}
+      @clients_list = Chef::ApiClient.list()
+      render :index
+    end 
   end
   
   private
diff --git a/chef-server-webui/app/controllers/cookbooks.rb b/chef-server-webui/app/controllers/cookbooks.rb
index 3150395caa..5f6e0eddad 100644
--- a/chef-server-webui/app/controllers/cookbooks.rb
+++ b/chef-server-webui/app/controllers/cookbooks.rb
@@ -26,16 +26,28 @@ class ChefServerWebui::Cookbooks < ChefServerWebui::Application
   before :login_required 
   
   def index
-    r = Chef::REST.new(Chef::Config[:chef_server_url])
-    @cl = r.get_rest("cookbooks")
-    render
+    begin
+      r = Chef::REST.new(Chef::Config[:chef_server_url])
+      @cl = r.get_rest("cookbooks")
+      render
+    rescue
+      @_message = {:error => $!}
+      @cl = {}
+      render
+    end 
   end
 
   def show
-    r = Chef::REST.new(Chef::Config[:chef_server_url])
-    @cookbook = r.get_rest("cookbooks/#{params[:id]}")
-    raise NotFound unless @cookbook
-    display @cookbook
+    begin
+      r = Chef::REST.new(Chef::Config[:chef_server_url])
+      @cookbook = r.get_rest("cookbooks/#{params[:id]}")
+      raise NotFound unless @cookbook
+      display @cookbook
+    rescue
+      @_message = {:error => $!}
+      @cl = {}
+      render :index
+    end 
   end
   
   def recipe_files
diff --git a/chef-server-webui/app/controllers/nodes.rb b/chef-server-webui/app/controllers/nodes.rb
index ee84a0466e..be3f85e596 100644
--- a/chef-server-webui/app/controllers/nodes.rb
+++ b/chef-server-webui/app/controllers/nodes.rb
@@ -28,37 +28,63 @@ class ChefServerWebui::Nodes < ChefServerWebui::Application
   before :authorized_node, :only => [ :update, :destroy ]
   
   def index
-    @node_list = Chef::Node.list 
-    render
+    begin
+      @node_list = Chef::Node.list 
+      render
+    rescue
+      @node_list = {}
+      @_message = {:error => $!}
+      render
+    end 
   end
 
   def show
     begin
-      @node = Chef::Node.load(params[:id])
-    rescue Net::HTTPServerException => e
-      raise NotFound, "Cannot load node #{params[:id]}"
-    end
+      begin
+        @node = Chef::Node.load(params[:id])
+      rescue Net::HTTPServerException => e
+        raise NotFound, "Cannot load node #{params[:id]}"
+      end
+    rescue
+      @node = Chef::Node.new
+      @_message = {:error => $!}
+    end 
     render
   end
 
   def new
-    @node = Chef::Node.new
-    @available_recipes = get_available_recipes 
-    @available_roles = Chef::Role.list.keys.sort
-    @run_list = @node.run_list
-    render
+    begin
+      @node = Chef::Node.new
+      @available_recipes = get_available_recipes 
+      @available_roles = Chef::Role.list.keys.sort
+      @run_list = @node.run_list
+      render
+    rescue
+      @node_list = Chef::Node.list()
+      @_message = {:error => $!}
+      render :index
+    end 
   end
 
   def edit
     begin
-      @node = Chef::Node.load(params[:id])
-    rescue Net::HTTPServerException => e
-      raise NotFound, "Cannot load node #{params[:id]}"
-    end
-    @available_recipes = get_available_recipes 
-    @available_roles = Chef::Role.list.keys.sort
-    @run_list = @node.run_list
-    render
+      begin
+        @node = Chef::Node.load(params[:id])
+      rescue Net::HTTPServerException => e
+        raise NotFound, "Cannot load node #{params[:id]}"
+      end
+      @available_recipes = get_available_recipes 
+      @available_roles = Chef::Role.list.keys.sort
+      @run_list = @node.run_list
+      render
+    rescue
+      @node = Chef::Node.new
+      @available_recipes = []
+      @available_roles = []
+      @run_list = []
+      @_message = {:error => $!}
+      render
+    end 
   end
 
   def create
@@ -116,12 +142,18 @@ class ChefServerWebui::Nodes < ChefServerWebui::Application
 
   def destroy
     begin
-      @node = Chef::Node.load(params[:id])
-    rescue Net::HTTPServerException => e 
-      raise NotFound, "Cannot load node #{params[:id]}"
-    end
-    @node.destroy
-    redirect(absolute_slice_url(:nodes), {:message => { :notice => "Node #{params[:id]} deleted successfully" }, :permanent => true})
+      begin
+        @node = Chef::Node.load(params[:id])
+      rescue Net::HTTPServerException => e 
+        raise NotFound, "Cannot load node #{params[:id]}"
+      end
+      @node.destroy
+      redirect(absolute_slice_url(:nodes), {:message => { :notice => "Node #{params[:id]} deleted successfully" }, :permanent => true})
+    rescue
+      @node_list = Chef::Node.list()
+      @_message = {:error => $!}
+      render :index
+    end 
   end
   
 end
diff --git a/chef-server-webui/app/controllers/roles.rb b/chef-server-webui/app/controllers/roles.rb
index 1c1d7851fa..bc6ba21d99 100644
--- a/chef-server-webui/app/controllers/roles.rb
+++ b/chef-server-webui/app/controllers/roles.rb
@@ -26,40 +26,67 @@ class ChefServerWebui::Roles < ChefServerWebui::Application
   
   # GET /roles
   def index
-    @role_list = Chef::Role.list()
-    render
+    begin
+      @role_list = Chef::Role.list()
+      render
+    rescue
+      @role_list = {}
+      @_message = {:error => $!}
+      render
+    end 
   end
 
   # GET /roles/:id
   def show
     begin
-      @role = Chef::Role.load(params[:id])
-    rescue Net::HTTPServerException => e
-      raise NotFound, "Cannot load role #{params[:id]}"
-    end
-    render
+      begin
+        @role = Chef::Role.load(params[:id])
+      rescue Net::HTTPServerException => e
+        raise NotFound, "Cannot load role #{params[:id]}"
+      end
+      render
+    rescue
+      @role = Chef::Role.new
+      @_message = {:error => $!}
+      render
+    end 
   end
 
   # GET /roles/new
   def new
-    @available_recipes = get_available_recipes 
-    @role = Chef::Role.new
-    @available_roles = Chef::Role.list.keys.sort
-    @run_list = @role.run_list
-    render
+    begin
+      @available_recipes = get_available_recipes 
+      @role = Chef::Role.new
+      @available_roles = Chef::Role.list.keys.sort
+      @run_list = @role.run_list
+      render
+    rescue
+      @role_list = Chef::Role.list()
+      @_message = {:error => $!}
+      render :index
+    end 
   end
 
   # GET /roles/:id/edit
   def edit
     begin
-      @role = Chef::Role.load(params[:id])
-    rescue Net::HTTPServerException => e
-      raise NotFound, "Cannot load role #{params[:id]}"
-    end
-    @available_recipes = get_available_recipes 
-    @available_roles = Chef::Role.list.keys.sort
-    @run_list = @role.run_list
-    render 
+      begin
+        @role = Chef::Role.load(params[:id])
+      rescue Net::HTTPServerException => e
+        raise NotFound, "Cannot load role #{params[:id]}"
+      end
+      @available_recipes = get_available_recipes 
+      @available_roles = Chef::Role.list.keys.sort
+      @run_list = @role.run_list
+      render 
+    rescue
+      @role = Chef::Role.new
+      @available_recipes = []
+      @available_roles = []
+      @run_list = []
+      @_message = {:error => $!}
+      render
+    end 
   end
 
   # POST /roles
@@ -120,13 +147,18 @@ class ChefServerWebui::Roles < ChefServerWebui::Application
   # DELETE /roles/:id
   def destroy
     begin
-      @role = Chef::Role.load(params[:id])
-    rescue Net::HTTPServerException => e
-      raise NotFound, "Cannot load role #{params[:id]}"
-    end
-    @role.destroy
-    
-    redirect(absolute_slice_url(:roles), :message => { :notice => "Role #{@role.name} deleted successfully." }, :permanent => true)
+      begin
+        @role = Chef::Role.load(params[:id])
+      rescue Net::HTTPServerException => e
+        raise NotFound, "Cannot load role #{params[:id]}"
+      end
+      @role.destroy
+      redirect(absolute_slice_url(:roles), :message => { :notice => "Role #{@role.name} deleted successfully." }, :permanent => true)
+    rescue
+      @role_list = Chef::Role.list()
+      @_message = {:error => $!}
+      render :index
+    end 
   end
 
 end
diff --git a/chef-server-webui/app/controllers/search.rb b/chef-server-webui/app/controllers/search.rb
index f46ca7fec3..db45538b75 100644
--- a/chef-server-webui/app/controllers/search.rb
+++ b/chef-server-webui/app/controllers/search.rb
@@ -24,9 +24,15 @@ class ChefServerWebui::Search < ChefServerWebui::Application
   before :login_required 
     
   def index
-    @s = Chef::Search::Query.new
-    @search_indexes = @s.list_indexes
-    render
+    begin
+      @s = Chef::Search::Query.new
+      @search_indexes = @s.list_indexes
+      render
+    rescue
+      @search_indexes = {}
+      @_message = {:error => $!}
+      render
+    end 
   end
 
   def show
diff --git a/chef-server-webui/app/controllers/status.rb b/chef-server-webui/app/controllers/status.rb
index 1e6f372d4f..4fa3419706 100644
--- a/chef-server-webui/app/controllers/status.rb
+++ b/chef-server-webui/app/controllers/status.rb
@@ -25,8 +25,14 @@ class ChefServerWebui::Status < ChefServerWebui::Application
   before :login_required 
 
   def index
-    @status = Chef::Node.list(true)
-    render
+    begin
+      @status = Chef::Node.list(true)
+      render
+    rescue
+      @status = {}
+      @_message = {:error => $!}
+      render
+    end 
   end
 
 end
diff --git a/chef-server-webui/app/controllers/users.rb b/chef-server-webui/app/controllers/users.rb
index bb67bc8a39..5db9487dc6 100644
--- a/chef-server-webui/app/controllers/users.rb
+++ b/chef-server-webui/app/controllers/users.rb
@@ -18,11 +18,13 @@
 
 require 'chef'/'webui_user'
 require 'uri'
+require 'merb-param-protection'
 
 class ChefServerWebui::Users < ChefServerWebui::Application
 
   provides :html
   before :login_required, :exclude => [:login, :login_exec, :complete]
+  log_params_filtered :password, :password2, :new_password, :confirm_new_password
     
   # List users, only if the user is admin.
   def index
diff --git a/chef-server-webui/app/views/clients/show.html.haml b/chef-server-webui/app/views/clients/show.html.haml
index 7a403da23d..b5394528b3 100644
--- a/chef-server-webui/app/views/clients/show.html.haml
+++ b/chef-server-webui/app/views/clients/show.html.haml
@@ -10,11 +10,11 @@
             = @client.admin
           .left
             %h3 Public Key
-            %pre= @client.public_key
+            %pre= convert_newline_to_br(@client.public_key)
           -unless @private_key.nil?
             .left
               %h3 Private Key (Will not show again, Please copy!)
               %h4.bold Please copy and save as the client's validation key (e.g. client.pem)
-              %pre= @private_key.to_s
+              %pre= convert_newline_to_br(@private_key)
           
 
diff --git a/chef-server-webui/app/views/status/index.html.haml b/chef-server-webui/app/views/status/index.html.haml
index 54dde5f027..1d05f5623a 100644
--- a/chef-server-webui/app/views/status/index.html.haml
+++ b/chef-server-webui/app/views/status/index.html.haml
@@ -17,7 +17,7 @@
           - else
             - @status.sort.each_with_index do |node, index|
               %tr{:class => "#{index % 2 == 1 ? 'odd' : 'even'}"}
-                %td= link_to(node[1].name, slice_url(:node, escape_node_id(node[1].name)))
+                %td= link_to(node[1].name, slice_url(:node, node[1].name))
                 %td= "#{node[1]["platform"]} #{node[1]["platform_version"]}"
                 %td= node[1]["fqdn"]
                 %td= node[1]["ipaddress"]
diff --git a/chef-server-webui/lib/chef-server-webui.rb b/chef-server-webui/lib/chef-server-webui.rb
index 49ab8a53f4..95b30811f8 100644
--- a/chef-server-webui/lib/chef-server-webui.rb
+++ b/chef-server-webui/lib/chef-server-webui.rb
@@ -119,7 +119,7 @@ if defined?(Merb::Plugins)
       scope.match('/users/logout').to(:controller => 'users', :action => 'logout').name(:users_logout)
       scope.match('/users/new').to(:controller => 'users', :action => 'new').name(:users_new)
       scope.match('/users/:user_id/edit').to(:controller => 'users', :action => 'edit').name(:users_edit)
-      scope.match('/users/:user_id/show').to(:controller => 'users', :action => 'show').name(:users_show)
+      scope.match('/users/:user_id').to(:controller => 'users', :action => 'show').name(:users_show)
       scope.match('/users/:user_id/delete', :method => 'delete').to(:controller => 'users', :action => 'destroy').name(:users_delete)
       scope.match('/users/:user_id/update', :method => 'put').to(:controller => 'users', :action => 'update').name(:users_update)      
       
@@ -131,6 +131,9 @@ if defined?(Merb::Plugins)
     
     # Create the default admin user "admin" if no admin user exists  
     unless Chef::WebUIUser.admin_exist
+      # Needed to set these here because this is blog is executed before self.loaded 
+      Chef::Config[:node_name] = Chef::Config[:web_ui_client_name]
+      Chef::Config[:client_key] = Chef::Config[:web_ui_key]
       user = Chef::WebUIUser.new
       user.name = Chef::Config[:web_ui_admin_user_name]
       user.set_password(Chef::Config[:web_ui_admin_default_password])
author	Nuo Yan <nuoyan@nuo-yans-macbook-pro.local>	2010-01-25 13:25:14 -0800
committer	Nuo Yan <nuoyan@nuo-yans-macbook-pro.local>	2010-01-25 13:25:14 -0800
commit	e08bd0567c6a2c4747ebe87b01ddca78577edaa6 (patch)
tree	63a01978ddcbc1843666c696baa191d0b19a9704
parent	73d3bcddea38209905110a7927449cf9a117857c (diff)
download	chef-e08bd0567c6a2c4747ebe87b01ddca78577edaa6.tar.gz