Commit graph

15238 commits

Author SHA1 Message Date
William Carroll
16f50e33bc Prefer deleting sessions by their UUID
Instead of deleting them by usernames.
2020-07-29 20:21:29 +01:00
William Carroll
c4a090e558 Support reading / writing cookies in API
Update my API type and handler types to reflect which handlers read and write
cookies.

TODO:
- Actually read from and write to Set-Cookie header
- Returning `pure NoContent` breaks my types, so I'm returning `undefined` now
2020-07-29 14:14:47 +01:00
William Carroll
9f70cb2c61 Add boilerplate for Google sign-in
For more information, read:
https://developers.google.com/identity/sign-in/web/sign-in?authuser=1

TODO: Use Elm ports or something similar to properly interop with the onSignIn
and signOn functions defined in index.html.
2020-07-29 10:13:19 +01:00
William Carroll
289cae2528 Add Elm boilerplate to project
Create a top-level client directory to store my Elm boilerplate.
2020-07-29 09:51:18 +01:00
Kane York
addcba11b0 fix(3p/nix/hash): smart pointers in HashSink
Change-Id: Ib2aaf42c8b234ee343c4653eb03f328c113dea86
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1492
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-29 06:48:47 +00:00
Griffin Smith
e8f893ee10 refactor(web/panettone): Remove prevalence
Now that we've migrated over all the data to postgresql, we can get rid
of cl-prevalence as a dependency from Panettone along with all code that
mentions it.

Change-Id: I945f50a88fea5770aac5b4a058342b8269c0bea2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1495
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-29 01:57:49 +00:00
William Carroll
cf6c8799ab Restrict users from multiple failed login attempts
I'm not resetting the failed LoginAttempt count, which is a low priority for
now, but necessary eventually.
2020-07-28 21:33:58 +01:00
William Carroll
f051b0be0b Check passwords in /login
TL;DR:
- Since POST /login is more rigorous, our accounts.csv needs to contain validly
  hashed passwords; you can use tests/create-accounts.sh to create dummy
  accounts

I still need to test the login flow and support:
- Tracking failed attempts (three maximum)
- Verifying accounts by sending emails to the users
2020-07-28 18:48:38 +01:00
William Carroll
90a521c78f Create Utils module for (|>) operator
For the past 3-4 Haskell projects on which I've worked, I've tried to habituate
the usage of the (&) operator, but I find that -- as petty as it may sound -- I
don't like the way that it looks, and I end up avoiding using it as a result.

This time around, I'm aliasing it to (|>) (i.e. Elixir style), and I'm hoping to
use it more.
2020-07-28 18:47:40 +01:00
William Carroll
191205acac Create populate.sqlite3 to simplify README
To make my life easier, I created a small sqlite3 script to populate our
database.
2020-07-28 18:47:40 +01:00
William Carroll
36a2fea686 Create Sessions table
TL;DR:
- Create Sessions SQL schema
- Create Sessions module
- Introduce UUID dependency
2020-07-28 18:40:17 +01:00
William Carroll
012296f156 Move SQL out of API and into separate modules
Create modules for each Table in our SQL database. This cleans up the handler
bodies at the expense of introducing more files and indirection.
2020-07-28 18:38:30 +01:00
William Carroll
b355664858 Support /login
Support basic authentication.

Note the TODOs that this commit introduces to track some of the remaining work.
2020-07-28 14:15:41 +01:00
William Carroll
b170be9375 Hash passwords when creating accounts
TL;DR:
- introduce the Cryptonite library
- Remove the redundant language extensions, imports, deps from Persistent
- Prefer NoContent return type for POST /accounts
- Define custom {To,From}JSON instances for Role
2020-07-28 12:51:17 +01:00
William Carroll
bb36dd1f9e Define bespoke impls for {To,From}JSON instances
Instead of sending and receiving JSON like "accountUsername", which leaks
implementation details and is a bit unwieldy, define custom instances that
prefer the shorter, more user-friendly "username" version.
2020-07-28 11:20:15 +01:00
William Carroll
502126243d Prefer name ClearTextPassword to Password
I expect my application to have two types for passwords:
- ClearTextPassword
- CipherTextPassword
2020-07-28 11:19:47 +01:00
William Carroll
2398f1bd40 Distinguish b/w Account and User
Additionally: supporting more CRUDL methods for the Accounts and Trips tables.
2020-07-28 10:57:15 +01:00
William Carroll
6d9e76313d Partially support DELETE /trips
Allow a user to delete a trip entry from the Trips table using the Primary
Key. While this type-checks and compiles, it doesn't appear to be working as
intended. Perhaps I should use an auto-incrementing integer as the Primary
Key. I'm not sure how I want to handle this, so I'm punting for now.
2020-07-28 10:14:33 +01:00
William Carroll
0637da36cc Support GET /trips
In the spirit of support CRUDL, I added a GET /trips, which lists all of the
trips in the Trips table.
2020-07-28 10:13:38 +01:00
William Carroll
2f73d1db6c Prefer NoContent response to Bool
When I first wrote this handler I wasn't aware of the NoContent response
option.
2020-07-28 10:12:25 +01:00
William Carroll
52ac4d79bd Allow API users to create Trip entries
Next up:
- list trips
- update existing trip entries
- delete existing trip entries
2020-07-28 09:12:55 +01:00
Kane York
31f9ee58d0 fix(3p/nix/hash): provide a Status-returning constructor
Additionally, add IsValidBase16() to restore the behavior of rejecting invalid base16, which absl's HexStringToBytes does not do.

Change-Id: I777a36f5dc787aa54a2aa316d6728f68da129768
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1484
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-28 02:04:42 +00:00
Kane York
976a36c2e4 chore(3p/nix/hash): eliminate exposed global variable
Change-Id: I3b34e3e17a751e225831ae599c6c6bb782a25679
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1486
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-28 02:00:23 +00:00
Griffin Smith
d9262bd6c6 feat(ops/nixos): Use database password for Panettone
It appears this didn't even *work* without a password, so we've been
forced into being more secure.

Change-Id: I4ff9d04961a703a85299dafb79e8447b0a933fc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1491
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-28 01:35:25 +00:00
Griffin Smith
b2c34c4ba3 fix(web/panettone): Fix reference to undefined function
I have been. Very tired.

Change-Id: Iab9d21e53630be092080cc73196da90534b06553
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1490
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-28 01:35:25 +00:00
Griffin Smith
9ae4ac8f50 fix(ops/nixos): allow connections on hostnossl
This is how panettone is currently connecting, so this needs to be here
in order for it to work. Shortly I'll update all of this to use
passwords, but for now this gets things up and running again

Change-Id: If87f4dbce0800dcbc4f7bf10e88f3e591410b416
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1488
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-28 00:46:26 +00:00
Kane York
ec349328e0 chore(3p/nix/hash): add decoding tests
Change-Id: Ifbeaf1822fa920f929482510ee79a5b24d7976ae
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1485
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-28 00:38:29 +00:00
Griffin Smith
d4c9a8afda fix(panettone): Add missing util.lisp to build
Change-Id: Id2fdd84145712d75f23844ad1ececa835cec6a84
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1487
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-28 00:37:32 +00:00
Griffin Smith
14c4ed99e1 feat(panettone): Use postgres as the storage backend
Switch from cl-prevalence to postgres (via postmodern) as the storage
backend for panettone. The first time the application starts up after
this commit, it will (idempotently) initialize the db schema and migrate
over all data from the prevalence snapshot to the database - the plan is
then to get rid of the prevalence classes and dependency once that's
deployed.

Change-Id: I4f35707efead67d8854f1c224ef67f8471620453
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1467
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: eta <eta@theta.eu.org>
2020-07-28 00:32:48 +00:00
Vincent Ambo
82ba28f197 chore: Move //fun/tvldb -> //fun/paroxysm
Say ~my~ its name!

Change-Id: I7890318aef984af0f6bc011de32282f16e01cbb3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1483
Tested-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
2020-07-27 23:54:00 +00:00
Kane York
ef54f5da9f fix(3p/nix): apply all clang-tidy fixes
Change-Id: I265e763393422ee1881653527c91024458060825
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1432
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-27 21:16:39 +00:00
Griffin Smith
69f402563a feat(whitby): Create a Postgres database for Panettone
Create a running Postgres database server along with a user and database
for Panettone, and pass configuration for it to the panettone module

Change-Id: I333994288131be328e62069382d6d40f8034c400
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1466
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-27 21:04:50 +00:00
Kane York
80ff83e698 fix(3p/nix): convert local-store asserts into throws
This fixes a clang-tidy DeadStore warning by turning debug asserts into production checks.

Updates: #11
Change-Id: Ia6e5a4cb1b56594c9844c6bbd3d152f84b426d09
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1409
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-27 20:50:57 +00:00
William Carroll
475f62fb16 Prefer SQLite.Simple to Persistent
In the spirit of walking crawling before I walk, I'm preferring the less
powerful SQLite.Simple library to the more powerful (but mystifying) Persistent
library.
2020-07-27 15:22:22 +01:00
Griffin Smith
3089f6b6ce feat(nix/buildLisp): Add abstraction for test suites
Add support for explicitly specifying tests as part of a buildLisp
program or library.

Change-Id: I733213c1618f0fa60f645465560bce0522641efd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1481
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-27 14:18:32 +00:00
Griffin Smith
d98f2ea68f feat(3p/lisp): Add checkl
Change-Id: Ib73ed9637b7e22050727ac5ec117241e18d3cc45
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1472
Tested-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
2020-07-27 14:18:06 +00:00
William Carroll
c38814d7a1 Add CHECK constraints to schema
I believe data should be validated at each level of the stack:
- database
- server
- client

The database, in my opinion, is the most important layer at which to validate
because you can eliminate entire classes of bugs. However, the CHECK constraint
is limited, and the more complex the predicates are, the more expensive database
operations become.

At the server and client layers, the data validations can be more sophisticated
and return more useful error messages to help users better understand the shape
of the data that our application expects.
2020-07-27 14:23:34 +01:00
William Carroll
dfe23e3b63 Add instruction for operating the server
Add some basic commands for working with the server from within `ghci`, which is
helpful when developing.
2020-07-27 11:36:09 +01:00
William Carroll
974c63a679 Remove unnecessary language extensions
Attempting to abide by the Principle of Least Power. Also: the smaller the
headers in each module are, the happier I am.
2020-07-27 11:35:10 +01:00
William Carroll
df13b761ff Define table schema and CSVs to populate the database
TL;DR:
- Created src/init.sql, which defines the tables
- Created a data/ directory to house .csv data to populate our db
- Updated the README with usage instructions
2020-07-27 11:16:26 +01:00
Luke Granger-Brown
c7cd12eb25 chore(monorepo-gerrit): add Checks plugin to Gerrit module
This adds the Gerrit checks plugin. Hooray.

Change-Id: I784e9728256d1665b85b666d58bc0308bd6614ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1463
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-27 00:00:48 +00:00
Luke Granger-Brown
a8bc8357d8 feat(3p/gerrit_plugins): init Gerrit checks plugin
The Gerrit Checks plugin adds a new tab to the Gerrit UI, which is
intended for display of status of automated checks which are being run.
We can use this for e.g. reporting the run status of our CI builds/other
stuff.

Change-Id: Ib0d9a8ae68061a76191a56d467d915100b766e1b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1462
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-27 00:00:48 +00:00
Luke Granger-Brown
e780435d09 chore(3p/gerrit_plugins): add machinery for compiling Gerrit plugins from source
This looks particularly obnoxious for the owners plugin, because it's
actually two plugins with a common library in the same repo. Other
plugins are much cleaner to deal with (hence the default for
overlayPluginCmd).

Change-Id: Ibb9588c8a29b63e8509436fcbb70054e89349712
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1461
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-27 00:00:48 +00:00
William Carroll
8042c1e216 Watch "Hacksaw Ridge"
I don't plan on writing movie reviews in my Git commit message.
2020-07-26 23:00:33 +01:00
Griffin Smith
2b7fe6f957 fix(nix/buildLisp): Set LANG to C.UTF-8 on program builds
This was already happening for libraries, but not for programs - as a
result, programs built with libraries that contained unicode (eg
cl-unicode, uax-15, ...) would fail to build due to character encoding
issues when loading the FASLs.

Change-Id: I66149b585e85b213d0c026153140a1925536bd29
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1469
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-26 21:56:54 +00:00
Griffin Smith
696924b5ef feat(web/panettone): Add dev helpers for postgres db
Add a docker-compose file and lorri-based direnv for aiding in
running and connecting to a postgres database during development of
panettone.

Change-Id: I319eee52b52cd48e1f3d2e32c558989768dc19d8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1465
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: eta <eta@theta.eu.org>
2020-07-26 21:55:41 +00:00
Griffin Smith
da8bc7635e feat(3p/lisp): Add postmodern
Change-Id: If6ffd9a2344dc98e95312ddcce14ba5c2519d004
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1420
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-26 21:55:41 +00:00
Griffin Smith
273053dbf3 fix(web/panettone): Don't log backtraces
The default hunchentoot behavior is to log all local variables when
logging lisp backtraces - this is nice for debugging, but means that if
we hit an error when checking for auth with the ldap server we log the
password provided by the user. No good! Let's just turn off logging of
backtraces for now.

Change-Id: Ibc4242e3e0f974ac53fffc482d3724b0547425ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1471
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-26 21:44:49 +00:00
Griffin Smith
e231493ff4 feat(3p/lisp): Add ironclad
Add ironclad, a common lisp library for cryptography. This is a huge
library with a lot of moving parts - probably most notable here is that
I've had to turn off compiling with `:ironclad-assembly`, as it was
causing an infinite loop in the compiler due to
https://github.com/sharplispers/ironclad/blob/master/src/opt/sbcl/cpu-features.lisp#L9-L10,
a mutually self-recursive function that looks like:

    (defun aes-ni-support-p ()
      (aes-ni-support-p))

Without knowing much about how sbcl handles native-compiled assembly, it
seems like this definition should actually be skipped entirely, due to
it being defined as a `defknown` in `fndb.lisp`:

    (defknown ironclad::aes-ni-support-p
      ()
      (boolean)
      (any)
      :overwrite-fndb-silently t)

But something about how we're compiling things was causing that not to
happen, and the infinite recursion caused the compiler to hang. This
should be fixed at some point, but given I only need this library as a
transitive dependency down a level I'm not going to attempt to do so now.

Change-Id: Id768717991404f959b003c7e2f28f1f4d532b94b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1333
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
2020-07-26 21:21:57 +00:00
Vincent Ambo
b0e80d9465 chore(3p/lisp): Add eta & glittershark to OWNERS
Change-Id: I372d84b2fa979059bda14264b23f9c11adaf4222
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1470
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-26 21:21:30 +00:00