sanitize configuration loading using current Rails apis

Gemfile

@@ -35,6 +35,7 @@ end
 gem 'mysql2', '~> 0.4.9'
 
 gem 'xmlhash', '>= 1.2.2'
+gem 'hashie'
 
 #gem 'memcache-client'
 gem 'dalli'

config/application.rb

@@ -64,9 +64,7 @@ class Application < Rails::Application
     # Use the database for sessions instead of the file system
     # (create the session table with 'rake create_sessions_table')
     # config.action_controller.session_store = :active_record_store
-
-    config.cache_store = :mem_cache_store, 'localhost:11211', {namespace: 'software', compress: true}
-
+
     # Activate observers that should always be running
     # config.active_record.observers = :cacher, :garbage_collector
 
@@ -84,6 +82,5 @@ class Application < Rails::Application
     end unless Rails.env.test?
 
     config.active_support.deprecation = :log
-
   end
 end

config/environment.rb

@@ -1,19 +1,11 @@
-# Be sure to restart your web server when you modify this file.
-
 # Load the rails application
 require File.expand_path('../application', __FILE__)
+GettextI18nRails.translations_are_html_safe = true
 
-path = Rails.root.join("config", "options.yml")
-
-begin
-  CONFIG = YAML.load_file(path)
-rescue Exception => e
-  puts "Error while parsing config file #{path}"
-  CONFIG = Hash.new
+SoftwareOO::Application.configure do
+  # OBS API access
+  config.x = Hashie::Mash.new(config_for(:options))
 end
 
-GettextI18nRails.translations_are_html_safe = true
-
 # Initialize the rails application
 SoftwareOO::Application.initialize!
-

config/environments/development.rb

@@ -3,9 +3,3 @@
   # Do not eager load code on boot.
   config.eager_load = false
 end
-
-if defined? CONFIG
-  # Add your username + password for the api here
-  CONFIG['api_username'] = "wiki_hermes"
-  CONFIG['api_password'] = "w_h_p1"
-end

config/environments/production.rb

@@ -1,5 +1,3 @@
-CONFIG['use_static'] = "software.o.o"
-
 SoftwareOO::Application.configure do
   config.cache_store = :mem_cache_store, 'localhost:11211', {namespace: 'software', compress: true}
   config.log_level = :debug

config/environments/stage.rb

@@ -3,5 +3,3 @@
 SoftwareOO::Application.configure do
   config.cache_store = :compressed_mem_cache_store, 'localhost:11211', {:namespace => 'software-stage'}
 end
-
-CONFIG['use_static'] = "software.o.o-stage"

config/environments/test.rb

@@ -3,6 +3,3 @@
   # Do not eager load code on boot.
   config.eager_load = false
 end
-
-CONFIG['api_username'] = 'test'
-CONFIG['api_password'] = 'test'

config/initializers/activexml.rb

@@ -1,6 +1,7 @@
 require "activexml/activexml"
 
-api = URI(CONFIG['api_host'])
+config = Rails.configuration.x
+api = URI(config.api_host)
 map = ActiveXML::setup_transport(api.scheme, api.hostname, api.port)
 
 map.connect :published, 'rest:///published/:project/:repository/:arch/:name?:view'
@@ -11,8 +12,9 @@
     :binary => 'rest:///search/published/binary/id?match=:match'
 #map.connect :appdata, 'rest:///build/:prj/:repo/:arch/:pkgname/:appdata'
 map.connect :attribute, 'rest:///source/:prj/_attribute/:attribute'
-map.set_additional_header( "X-Username", CONFIG['api_username'])
-map.login CONFIG['api_username'], CONFIG['api_password']
+map.set_additional_header( "X-Username", config.api_username)
+map.login config.api_username, config.api_password
 map.set_additional_header( "User-Agent", "software.o.o" )
-map.set_additional_header("X-opensuse_data", CONFIG['opensuse_cookie']) if CONFIG['opensuse_cookie']
+map.set_additional_header("X-opensuse_data", config.opensuse_cookie) if config.opensuse_cookie
+
 

config/initializers/hoptoad.rb

@@ -1,14 +1,15 @@
-HoptoadNotifier.configure do |config|
+HoptoadNotifier.configure do |h|
+  config = Rails.configuration.x
   # Change this to some sensible data for your errbit instance
-  config.api_key = CONFIG['errbit_api_key'] || 'YOUR_ERRBIT_API_KEY'
-  config.host    = CONFIG['errbit_host'] || 'YOUR_ERRBIT_HOST'
-  if CONFIG['errbit_api_key'].blank? || CONFIG['errbit_host'].blank?
-    config.development_environments = "production development test"
+  h.api_key = config.errbit_api_key || 'YOUR_ERRBIT_API_KEY'
+  h.host    = config.errbit_host || 'YOUR_ERRBIT_HOST'
+  if config.errbit_api_key.blank? || config.errbit_host.blank?
+    h.development_environments = "production development test"
   else
-    config.development_environments = "development test"
+    h.development_environments = "development test"
   end
 
-  config.ignore_only = %w{ 
+  h.ignore_only = %w{ 
   ActiveRecord::RecordNotFound
   ActionController::InvalidAuthenticityToken
   CGI::Session::CookieStore::TamperedWithCookie
@@ -18,7 +19,7 @@
   Net::HTTPBadResponse
   }
 
-  config.ignore_by_filter do |exception_data|
+  h.ignore_by_filter do |exception_data|
     ret=false
     if exception_data[:error_class] == "ActionController::RoutingError" 
       message = exception_data[:error_message]

config/locales/en.yml

@@ -0,0 +1,23 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+#     I18n.t 'hello'
+#
+# In views, this is aliased to just `t`:
+#
+#     <%= t('hello') %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+#     I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# To learn more, please read the Rails Internationalization guide
+# available at http://guides.rubyonrails.org/i18n.html.
+
+en:
+  hello: "Hello world"

lib/api_connect.rb

@@ -3,7 +3,8 @@ class ApiConnect
   class Error < Exception; end
 
   def self.get(path, limit = 10)
-    uri_str = "#{CONFIG['api_host']}/#{path}".gsub(' ', '%20')
+    config = Rails.configuration.x.api
+    uri_str = "#{config.api_host}/#{path}".gsub(' ', '%20')
     uri_str = path if path.match(/^http/)
     uri = URI.parse(uri_str)
     logger.debug "Loading from api: #{uri_str}"
@@ -14,12 +15,10 @@ def self.get(path, limit = 10)
         http.verify_mode = OpenSSL::SSL::VERIFY_NONE
       end
       request = Net::HTTP::Get.new("#{uri.path}?#{uri.query}")
-      api_user = CONFIG['api_username']
-      api_pass = CONFIG['api_password']
-      request['x-username'] = api_user
+      request['x-username'] = config.api_username
       # if you know the cookie, you can bypass login - useful in production ;)
-      request['X-opensuse_data'] = CONFIG['opensuse_cookie'] if CONFIG['opensuse_cookie']
-      request.basic_auth  api_user, api_pass unless (api_user.blank? || api_pass.blank?)
+      request['X-opensuse_data'] = config.opensuse_cookie if config.opensuse_cookie
+      request.basic_auth  config.api_username, config.api_password unless (config.api_username.blank? || config.api_password.blank?)
       http.read_timeout = 15
       response = http.request(request)
       case response

lib/tasks/fill_search_cache.rake

@@ -2,6 +2,7 @@
 desc "Fill cache with app data from Factory"
 task(:fill_search_cache => :environment) do
   appdata = Appdata.get "factory"
+  puts appdata
   pkg_list =appdata[:apps].map{|p| p[:pkgname]}.uniq
   puts "Caching data for #{pkg_list.size} apps"
   pkg_list.each_with_index do |pkg, number|