Merge branch 'dev'

Author: rob42

TODO.txt

@@ -30,7 +30,7 @@ Sailgauge tries port 8080
 Make Waypoint 'here' option
 
 Enable users and passwords and protect server pages
-Add restart from web page
+
 config.html wont delete arrays
 NMEA ais outputs incorrect position format?
 ais requires Cog true? cogM not considered.
@@ -40,10 +40,10 @@ log4j and config may need re-working after upgrade.
 REST api needs attention - http://www:8088/signalk/v1/config returns all
 
 Finish adding XMPP support
-	start xmpp routes
 	add outgoing filters
 	use queue to collect buffer
 	* dont make xmmp.42.co.nz the default!
+	*firewall needs an MSG_SRC_IP or a filter on XMPP server.
 
 need avahi-utils?
 

pom.xml

@@ -6,6 +6,9 @@
 	<version>0.0.1-SNAPSHOT</version>
 	<name>signalk-server-java</name>
 	<properties>
+	    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<!-- <bundle.name>nsb-${project.version}</bundle.name> -->
 		<signalk.core.version>0.0.1-SNAPSHOT</signalk.core.version>
 		<jetty.version>8.1.16.v20140903</jetty.version>
@@ -174,6 +177,11 @@
 			<artifactId>camel-core</artifactId>
 			<version>${camel.core.version}</version>
 		</dependency>
+		<dependency> 
+		  <groupId>org.apache.camel</groupId> 
+		  <artifactId>camel-spring-security</artifactId> 
+			<version>${camel.version}</version>
+		</dependency>
 		<dependency>
 			<groupId>org.apache.camel</groupId>
 			<artifactId>camel-websocket</artifactId>

src/main/java/nz/co/fortytwo/signalk/processor/AisExpiryProcessor.java

@@ -0,0 +1,108 @@
+/*
+ *
+ * Copyright (C) 2012-2014 R T Huitema. All Rights Reserved.
+ * Web: www.42.co.nz
+ * Email: [email protected]
+ * Author: R T Huitema
+ *
+ * This file is part of the signalk-server-java project
+ *
+ * This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE
+ * WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package nz.co.fortytwo.signalk.processor;
+
+import static nz.co.fortytwo.signalk.util.SignalKConstants.LIST;
+import static nz.co.fortytwo.signalk.util.SignalKConstants.dot;
+import static nz.co.fortytwo.signalk.util.SignalKConstants.vessels;
+import static nz.co.fortytwo.signalk.util.SignalKConstants.vessels_dot_self;
+
+import java.util.Iterator;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Processor;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import com.google.common.collect.Multiset.Entry;
+import com.google.common.eventbus.Subscribe;
+
+import nz.co.fortytwo.signalk.model.event.PathEvent;
+import nz.co.fortytwo.signalk.util.Util;
+
+/**
+ * Periodically run through the AIS entries and remove expired.
+ * @author robert
+ *
+ */
+public class AisExpiryProcessor extends SignalkProcessor  implements Processor {
+
+	private static Logger logger = LogManager.getLogger(AisExpiryProcessor.class);
+	private ConcurrentMap<String, Long> map = new ConcurrentHashMap<>();
+	
+	
+	public AisExpiryProcessor(){
+		signalkModel.getEventBus().register(this);
+		for(String key: signalkModel.getKeys()){
+			processPath(key);
+		}
+	}
+	
+	@Override
+	public void process(Exchange exchange) throws Exception {
+		//event based, just triggers the checking
+		//30 min ago.
+		long millis = System.currentTimeMillis()-(30*60*1000);
+		 Iterator<java.util.Map.Entry<String, Long>> itr = map.entrySet().iterator();
+		while(itr.hasNext()){
+			java.util.Map.Entry<String, Long> e = itr.next();
+			if(millis > e.getValue()){
+				//drop the entry
+				signalkModel.put(e.getKey(), null, "self.ais.expiry");
+				itr.remove();
+			}
+		}
+	}
+	
+	  /**
+     * @param pathEvent the path that was changed
+     */
+    @Subscribe
+    public void recordEvent(PathEvent pathEvent) {
+        if (pathEvent == null)
+            return;
+
+        String path = pathEvent.getPath();
+        processPath(path);
+        
+    }
+
+	private void processPath(String path) {
+		if(StringUtils.isBlank(path)) return;
+		if (path.startsWith(vessels + dot)) {
+			int p1 = path.indexOf(vessels) + vessels.length() + 1;
+			int pos = path.indexOf(".", p1);
+			if (pos < 0)return;
+			path = path.substring(0, pos);
+			if(vessels_dot_self.equals(path))return;
+			map.put(path, System.currentTimeMillis());
+		}
+	}
+
+}

src/main/java/nz/co/fortytwo/signalk/processor/FullExportProcessor.java

@@ -227,9 +227,9 @@ public void recordEvent(PathEvent pathEvent) {
             return;
 
         if(path.endsWith(dot+source)
-    			&& path.endsWith(dot+timestamp)
-    			&& path.contains(dot+source+dot)
-    			&& path.endsWith(dot+sourceRef)){
+    			|| path.endsWith(dot+timestamp)
+    			|| path.contains(dot+source+dot)
+    			|| path.endsWith(dot+sourceRef)){
         	return;
         }
         // Send update if necessary.

…lk/processor/IncomingSecurityFilter.java …/processor/IncomingSecurityFirewall.javasrc/main/java/nz/co/fortytwo/signalk/processor/IncomingSecurityFilter.java renamed to src/main/java/nz/co/fortytwo/signalk/processor/IncomingSecurityFirewall.java src/main/java/nz/co/fortytwo/signalk/processor/IncomingSecurityFilter.java renamed to src/main/java/nz/co/fortytwo/signalk/processor/IncomingSecurityFirewall.java

@@ -23,46 +23,46 @@
  */
 package nz.co.fortytwo.signalk.processor;
 
-import static nz.co.fortytwo.signalk.util.SignalKConstants.CONFIG;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.CONFIG_ACTION;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.CONFIG_ACTION_SAVE;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.CONTEXT;
+import static nz.co.fortytwo.signalk.util.SignalKConstants.DEMO;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.INTERNAL_IP;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.MSG_SRC_IP;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.MSG_TYPE;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.PUT;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.SERIAL;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.UPDATES;
-import static nz.co.fortytwo.signalk.util.SignalKConstants.dot;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.self;
 
 import java.util.ArrayList;
 import java.util.List;
 
+import org.apache.camel.Exchange;
+import org.apache.camel.Processor;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
 import mjson.Json;
 import nz.co.fortytwo.signalk.util.ConfigConstants;
 import nz.co.fortytwo.signalk.util.Util;
 
-import org.apache.camel.Exchange;
-import org.apache.camel.Processor;
-import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger;
-
 /**
  * Parse the signalkModel json and remove anything that violates security
  * 
  * @author robert
  * 
  */
-public class IncomingSecurityFilter extends SignalkProcessor implements
+public class IncomingSecurityFirewall extends SignalkProcessor implements
 		Processor {
 
 	private static Logger logger = LogManager
-			.getLogger(IncomingSecurityFilter.class);
+			.getLogger(IncomingSecurityFirewall.class);
 	private List<String> whiteList = new ArrayList<String>();
 	private List<String> configAcceptList = new ArrayList<String>();
 	private List<String> denyList = new ArrayList<String>();
 
-	public IncomingSecurityFilter() {
+	public IncomingSecurityFirewall() {
 		// load lists now
 		Json deny = Util.getConfigJsonArray(ConfigConstants.SECURITY_DENY);
 		Json white = Util.getConfigJsonArray(ConfigConstants.SECURITY_WHITE);
@@ -90,16 +90,21 @@ public void process(Exchange exchange) throws Exception {
 			// we trust local serial
 			String type = exchange.getIn().getHeader(MSG_TYPE,
 					String.class);
-			if (SERIAL.equals(type))
+			if (SERIAL.equals(type)||DEMO.equals(type)){
+				if (logger.isDebugEnabled())
+					logger.debug("Accepting msg:" + type);
 				return;
-
+			}
+			//TODO: check for valid XMPP/STOMP/MQTT SRC_IP ??
+			
 			// we filter on ip
 			String srcIp = exchange.getIn().getHeader(MSG_SRC_IP,
 					String.class);
 			if (logger.isDebugEnabled())
 				logger.debug("Checking src ip:" + srcIp);
 			if (srcIp == null) {
-				logger.debug(exchange);
+				logger.debug("Src ip null:"+exchange.getIn().getHeaders());
+				//exchange.getIn().setBody(null);
 				return;
 			}
 			// denied - drop now
@@ -131,8 +136,7 @@ public void process(Exchange exchange) throws Exception {
 			// we trust INTERNAL_IP
 			if (INTERNAL_IP.equals(type)) {
 				if (logger.isDebugEnabled())
-					logger.debug("Message allowed for src ip (internal):"
-							+ srcIp);
+					logger.debug("Message allowed for src ip (internal):"+ srcIp+":"+exchange.getIn().getHeaders());
 				return;
 			}
 

src/main/java/nz/co/fortytwo/signalk/processor/LoggerProcessor.java

@@ -27,6 +27,7 @@
 
 import java.io.File;
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.util.NavigableMap;
 
 import javax.servlet.http.HttpServletRequest;
@@ -90,7 +91,7 @@ private void processPost(Exchange exchange) throws IOException {
 		String conf = exchange.getIn().getBody(String.class);
 		//Json confJson = Json.read(conf);
 		logger.debug("POST Log4j2 = " + conf);
-		FileUtils.writeStringToFile(new File(Util.getRootPath()+"./conf/log4j2.json"), conf);
+		FileUtils.writeStringToFile(new File(Util.getRootPath()+"./conf/log4j2.json"), conf, StandardCharsets.UTF_8);
 
 	}
 

src/main/java/nz/co/fortytwo/signalk/processor/PermissionsProcessor.java

@@ -0,0 +1,58 @@
+/*
+ *
+ * Copyright (C) 2012-2014 R T Huitema. All Rights Reserved.
+ * Web: www.42.co.nz
+ * Email: [email protected]
+ * Author: R T Huitema
+ *
+ * This file is part of the signalk-server-java project
+ *
+ * This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE
+ * WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package nz.co.fortytwo.signalk.processor;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Processor;
+
+import nz.co.fortytwo.signalk.model.SignalKModel;
+
+/**
+ * Apply a permissions filter to the map based on meta data for the entries, and provided user.
+ * 
+ * @author robert
+ *
+ */
+public class PermissionsProcessor extends SignalkProcessor implements Processor {
+
+	@Override
+	public void process(Exchange exchange) throws Exception {
+		if (exchange.getIn().getBody() instanceof SignalKModel) {
+			Subject subject = exchange.getIn().getHeader(Exchange.AUTHENTICATION, Subject.class);
+			if(subject==null)return;
+			for(Principal p:subject.getPrincipals()){
+				p.getName();
+				
+			}
+		}
+
+	}
+
+}

src/main/java/nz/co/fortytwo/signalk/processor/SourceToSourceRefProcessor.java

@@ -24,24 +24,22 @@
 
 package nz.co.fortytwo.signalk.processor;
 
+import static nz.co.fortytwo.signalk.util.SignalKConstants.MSG_TYPE;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.dot;
-import static nz.co.fortytwo.signalk.util.SignalKConstants.normal;
+import static nz.co.fortytwo.signalk.util.SignalKConstants.label;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.source;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.sourceRef;
 import static nz.co.fortytwo.signalk.util.SignalKConstants.sources;
-import static nz.co.fortytwo.signalk.util.SignalKConstants.type;
-import static nz.co.fortytwo.signalk.util.SignalKConstants.vessels_dot_self_dot;
 
 import java.util.Map.Entry;
 import java.util.NavigableMap;
 
-import mjson.Json;
-import nz.co.fortytwo.signalk.model.SignalKModel;
-import nz.co.fortytwo.signalk.util.JsonSerializer;
-
 import org.apache.camel.Exchange;
 import org.apache.camel.Processor;
-import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import nz.co.fortytwo.signalk.model.SignalKModel;
 
 /**
  * Replaces source with the actual $sourceRef object and stores source in sources.*
@@ -66,27 +64,28 @@ public void process(Exchange exchange) throws Exception {
 			for(String key : model.getKeys()){
 				//get the source.type key
 				//if(logger.isDebugEnabled())logger.debug("Key:"+key);
-				if(key.endsWith(dot+source+dot+type)){
+				if(key.endsWith(dot+source+dot+label)){
 					if(logger.isDebugEnabled())logger.debug("Convert key:"+key);
 					int pos = key.indexOf(dot+source+dot);
-					String typeVal = (String) model.get(key);
+					String typeVal = exchange.getIn().getHeader(MSG_TYPE,String.class);
 
 					int pos1 = pos+source.length()+2;
 					String refKey = key.substring(0,pos);
-					if(logger.isDebugEnabled())logger.debug("refKey:"+refKey+", type:"+typeVal);
+					if(logger.isDebugEnabled())logger.debug("refKey:"+refKey+", bus:"+typeVal);
 					//get the label
-					String label = (String) model.get(refKey+dot+source+dot+"label");
+					String lbl = (String) model.get(refKey+dot+source+dot+label);
+					if(logger.isDebugEnabled())logger.debug("refKey:"+refKey+", label:"+lbl);
 					//set sourceRef
-					model.getFullData().put(refKey+dot+sourceRef, typeVal+dot+label);
+					model.getFullData().put(refKey+dot+sourceRef, typeVal+dot+lbl);
 					//put in sources
 					NavigableMap<String, Object> node = signalkModel.getSubMap(refKey+dot+source);
 					if(logger.isDebugEnabled())logger.debug("Found keys:"+node.size());
 					//node is the source object 
 					if(node!=null){
 						for(Entry<String, Object> entry:node.entrySet()){
 							String nodeKey = entry.getKey().substring(pos1);
-							model.getFullData().put(sources+dot+typeVal+dot+label+dot+nodeKey, entry.getValue());
-							if(logger.isDebugEnabled())logger.debug("Added key:"+sources+dot+typeVal+dot+label+dot+nodeKey+"="+entry.getValue());
+							model.getFullData().put(sources+dot+typeVal+dot+lbl+dot+nodeKey, entry.getValue());
+							if(logger.isDebugEnabled())logger.debug("Added key:"+sources+dot+typeVal+dot+lbl+dot+nodeKey+"="+entry.getValue());
 						}
 
 						//drop the source key and all subkeys