libervia-web: src/server/server.py comparison

comparison src/server/server.py @ 914:0c0551967bdf

server, browser: partial Libervia fix Libervia was broken following the refactorings. This commit partially fixes it : Libervia is starting, avatar, blog and message are working again, but not everything is restablished yet. following things have been fixed/changed: - new dependency: shortuuid - D-Bus bridge is working again - fixed naming in several bridge methods - register method changed to register_signal - fixed Chat widget, which was not working anymore since the refactoring - avatar now use avatarGet. Cache dir is accessible using a session specific uuid, to avoid cache leak (i.e. accessing cache of other profiles) - server: new uuid attribute in session data Browser code is not fully working yet, notably OTR and contact list are not fully fixed.

author	Goffi <goffi@goffi.org>
date	Sun, 26 Feb 2017 18:32:47 +0100
parents	58f611481e6d
children	e9e9d9d893a8

comparison

equal deleted inserted replaced

-:58f611481e6d
+:0c0551967bdf
 from txjsonrpc.web import jsonrpc
 from txjsonrpc import jsonrpclib
 from sat.core.log import getLogger
 log = getLogger(__name__)
-from sat_frontends.bridge.DBus import DBusBridgeFrontend, BridgeExceptionNoService, const_TIMEOUT as BRIDGE_TIMEOUT
+from sat_frontends.bridge.dbus_bridge import Bridge, BridgeExceptionNoService, const_TIMEOUT as BRIDGE_TIMEOUT
 from sat.core.i18n import _, D_
 from sat.core import exceptions
 from sat.tools import utils
+from sat.tools.common import regex
 import re
 import glob
 import os.path
 import sys
 import tempfile
 import shutil
 import uuid
 import urlparse
 import urllib
+import shortuuid
 from zope.interface import Interface, Attribute, implements
 from httplib import HTTPS_PORT
 import libervia
 try:
 class ISATSession(Interface):
 profile = Attribute("Sat profile")
 jid = Attribute("JID associated with the profile")
+uuid = Attribute("uuid associated with the profile session")
 class SATSession(object):
 implements(ISATSession)
 def __init__(self, session):
 self.profile = None
 self.jid = None
+self.uuid = unicode(shortuuid.uuid())
 class LiberviaSession(server.Session):
 sessionTimeout = C.SESSION_TIMEOUT
 def jsonrpc_getPresenceStatuses(self):
 """Get Presence information for connected contacts"""
 profile = ISATSession(self.session).profile
 return self.sat_host.bridge.getPresenceStatuses(profile)
-def jsonrpc_getHistory(self, from_jid, to_jid, size, between, search=''):
+def jsonrpc_historyGet(self, from_jid, to_jid, size, between, search=''):
 """Return history for the from_jid/to_jid couple"""
 sat_session = ISATSession(self.session)
 profile = sat_session.profile
 sat_jid = sat_session.jid
 if not sat_jid:
 # we keep a session cache for jid to avoir jid spoofing
 sat_jid = sat_session.jid = jid.JID(self.sat_host.bridge.getParamA("JabberID", "Connection", profile_key=profile))
 if jid.JID(from_jid).userhost() != sat_jid.userhost() and jid.JID(to_jid).userhost() != sat_jid.userhost():
 log.error(u"Trying to get history from a different jid (given (browser): {}, real (backend): {}), maybe a hack attempt ?".format(from_jid, sat_jid))
 return {}
-d = self.asyncBridgeCall("getHistory", from_jid, to_jid, size, between, search, profile)
+d = self.asyncBridgeCall("historyGet", from_jid, to_jid, size, between, search, profile)
 def show(result_dbus):
 result = []
 for line in result_dbus:
 #XXX: we have to do this stupid thing because Python D-Bus use its own types instead of standard types
 #     and txJsonRPC doesn't accept D-Bus types, resulting in a empty query
-timestamp, from_jid, to_jid, message, mess_type, extra = line
+uuid, timestamp, from_jid, to_jid, message, subject, mess_type, extra = line
-result.append((float(timestamp), unicode(from_jid), unicode(to_jid), unicode(message), unicode(mess_type), dict(extra)))
+result.append((unicode(uuid), float(timestamp), unicode(from_jid), unicode(to_jid), dict(message), dict(subject), unicode(mess_type), dict(extra)))
 return result
 d.addCallback(show)
 return d
 def jsonrpc_mucJoin(self, room_jid, nick):
 """Get VCard for entiry
 @param jid_: jid of contact from who we want data
 @return: id to retrieve the profile"""
 profile = ISATSession(self.session).profile
 return self.sat_host.bridge.getCard(jid_, profile)
+@defer.inlineCallbacks
+def jsonrpc_avatarGet(self, entity, cache_only, hash_only):
+session_data = ISATSession(self.session)
+profile = session_data.profile
+# profile_uuid = session_data.uuid
+avatar = yield self.asyncBridgeCall("avatarGet", entity, cache_only, hash_only, profile)
+if hash_only:
+defer.returnValue(avatar)
+else:
+filename = os.path.basename(avatar)
+avatar_url = os.path.join(C.CACHE_DIR, session_data.uuid, filename)
+defer.returnValue(avatar_url)
 def jsonrpc_getAccountDialogUI(self):
 """Get the dialog for managing user account
 @return: XML string of the XMLUI"""
 profile = ISATSession(self.session).profile
 if request.postpath == ['login']:
 return self.loginOrRegister(request)
 _session = request.getSession()
 parsed = jsonrpclib.loads(request.content.read())
 method = parsed.get("method")  # pylint: disable=E1103
-if  method not in ['getSessionMetadata', 'registerParams', 'getMenus']:
+if  method not in ['getSessionMetadata', 'registerParams', 'menusGet']:
 #if we don't call these methods, we need to be identified
 profile = ISATSession(_session).profile
 if not profile:
 #user is not identified, we return a jsonrpc fault
 fault = jsonrpclib.Fault(C.ERRNUM_LIBERVIA, C.NOT_ALLOWED)  # FIXME: define some standard error codes for libervia
 request.write(C.PROFILE_AUTH_ERROR)
 request.finish()
 return
 register_with_ext_jid = False
-connect_method = "asyncConnect"
+connect_method = "connect"
 if self.waiting_profiles.getRequest(profile):
 request.write(C.ALREADY_WAITING)
 request.finish()
 return
 register_with_ext_jid = self.waiting_profiles.getRegisterWithExtJid(profile)
 self.waiting_profiles.purgeRequest(profile)
 _session = request.getSession()
 sat_session = ISATSession(_session)
 if sat_session.profile:
-log.error(('/!\\ Session has already a profile, this should NEVER happen!'))
+log.error(_(u'/!\\ Session has already a profile, this should NEVER happen!'))
 request.write(C.SESSION_ACTIVE)
 request.finish()
 return
 # we manage profile server side to avoid profile spoofing
 sat_session.profile = profile
 self.sat_host.prof_connected.add(profile)
+cache_dir = os.path.join(self.sat_host.cache_root_dir, regex.pathEscape(profile))
+# FIXME: would be better to have a global /cache URL which redirect to profile's cache directory, without uuid
+self.sat_host.cache_resource.putChild(sat_session.uuid, ProtectedFile(cache_dir))
+log.debug(_(u"profile cache resource added from {uuid} to {path}").format(uuid=sat_session.uuid, path=cache_dir))
 def onExpire():
 log.info(u"Session expired (profile=%s)" % (profile,))
+self.sat_host.cache_resource.delEntity(sat_session.uuid)
+log.debug(_(u"profile cache resource {uuid} deleted").format(uuid = sat_session.uuid))
 try:
 #We purge the queue
 del self.sat_host.signal_handler.queue[profile]
 except KeyError:
 pass
 def jsonrpc_isConnected(self):
 _session = self.request.getSession()
 profile = ISATSession(_session).profile
 return self.sat_host.bridge.isConnected(profile)
-def jsonrpc_asyncConnect(self):
+def jsonrpc_connect(self):
 _session = self.request.getSession()
 profile = ISATSession(_session).profile
 if self.waiting_profiles.getRequest(profile):
 raise jsonrpclib.Fault(1, C.ALREADY_WAITING)  # FIXME: define some standard error codes for libervia
 self.waiting_profiles.setRequest(self.request, profile)
-self.sat_host.bridge.asyncConnect(profile)
+self.sat_host.bridge.connect(profile)
 return server.NOT_DONE_YET
 def jsonrpc_getSessionMetadata(self):
 """Return metadata useful on session start
 def jsonrpc_registerParams(self):
 """Register the frontend specific parameters"""
 # params = """<params><individual>...</category></individual>"""
 # self.sat_host.bridge.paramsRegisterApp(params, C.SECURITY_LIMIT, C.APP_NAME)
-def jsonrpc_getMenus(self):
+def jsonrpc_menusGet(self):
 """Return the parameters XML for profile"""
 # XXX: we put this method in Register because we get menus before being logged
-return self.sat_host.bridge.getMenus('', C.SECURITY_LIMIT)
+return self.sat_host.bridge.menusGet('', C.SECURITY_LIMIT)
 def _getSecurityWarning(self):
 """@return: a security warning message, or None if the connection is secure"""
 if self.request.URLPath().scheme == 'https' or not self.sat_host.options['security_warning']:
 return None
 self.html_dir = os.path.join(self.options['data_dir'], C.HTML_DIR)
 self.themes_dir = os.path.join(self.options['data_dir'], C.THEMES_DIR)
 self._cleanup = []
-root = LiberviaRootResource(self.options, self.html_dir)
 self.signal_handler = SignalHandler(self)
+self.sessions = {}  # key = session value = user
+self.prof_connected = set()  # Profiles connected
+## bridge ##
+try:
+self.bridge = Bridge()
+except BridgeExceptionNoService:
+print(u"Can't connect to SàT backend, are you sure it's launched ?")
+sys.exit(1)
+self.bridge.bridgeConnect(callback=self._bridgeCb, errback=self._bridgeEb)
+def backendReady(self, dummy):
+self.root = root = LiberviaRootResource(self.options, self.html_dir)
 _register = Register(self)
 _upload_radiocol = UploadManagerRadioCol(self)
 _upload_avatar = UploadManagerAvatar(self)
 self.signal_handler.plugRegister(_register)
-self.sessions = {}  # key = session value = user
+self.bridge.register_signal("connected", self.signal_handler.connected)
-self.prof_connected = set()  # Profiles connected
+self.bridge.register_signal("disconnected", self.signal_handler.disconnected)
+#core
-## bridge ##
+for signal_name in ['presenceUpdate', 'messageNew', 'subscribe', 'contactDeleted',
-try:
+'newContact', 'entityDataUpdated', 'paramUpdate']:
-self.bridge = DBusBridgeFrontend()
+self.bridge.register_signal(signal_name, self.signal_handler.getGenericCb(signal_name))
-except BridgeExceptionNoService:
+# XXX: actionNew is handled separately because the handler must manage security_limit
-print(u"Can't connect to SàT backend, are you sure it's launched ?")
+self.bridge.register_signal('actionNew', self.signal_handler.actionNewHandler)
-sys.exit(1)
+#plugins
+for signal_name in ['psEvent', 'mucRoomJoined', 'tarotGameStarted', 'tarotGameNew', 'tarotGameChooseContrat',
-def backendReady(dummy):
+'tarotGameShowCards', 'tarotGameInvalidCards', 'tarotGameCardsPlayed', 'tarotGameYourTurn', 'tarotGameScore', 'tarotGamePlayers',
-self.bridge.register("connected", self.signal_handler.connected)
+'radiocolStarted', 'radiocolPreload', 'radiocolPlay', 'radiocolNoUpload', 'radiocolUploadOk', 'radiocolSongRejected', 'radiocolPlayers',
-self.bridge.register("disconnected", self.signal_handler.disconnected)
+'mucRoomLeft', 'mucRoomUserChangedNick', 'chatStateReceived']:
-#core
+self.bridge.register_signal(signal_name, self.signal_handler.getGenericCb(signal_name), "plugin")
-for signal_name in ['presenceUpdate', 'messageNew', 'subscribe', 'contactDeleted',
+self.media_dir = self.bridge.getConfig('', 'media_dir')
-'newContact', 'entityDataUpdated', 'paramUpdate']:
+self.local_dir = self.bridge.getConfig('', 'local_dir')
-self.bridge.register(signal_name, self.signal_handler.getGenericCb(signal_name))
+self.cache_root_dir = os.path.join(
-# XXX: actionNew is handled separately because the handler must manage security_limit
+self.local_dir,
-self.bridge.register('actionNew', self.signal_handler.actionNewHandler)
+C.CACHE_DIR)
-#plugins
-for signal_name in ['psEvent', 'mucRoomJoined', 'tarotGameStarted', 'tarotGameNew', 'tarotGameChooseContrat',
+# JSON APIs
-'tarotGameShowCards', 'tarotGameInvalidCards', 'tarotGameCardsPlayed', 'tarotGameYourTurn', 'tarotGameScore', 'tarotGamePlayers',
+self.putChild('json_signal_api', self.signal_handler)
-'radiocolStarted', 'radiocolPreload', 'radiocolPlay', 'radiocolNoUpload', 'radiocolUploadOk', 'radiocolSongRejected', 'radiocolPlayers',
+self.putChild('json_api', MethodHandler(self))
-'mucRoomLeft', 'mucRoomUserChangedNick', 'chatStateReceived']:
+self.putChild('register_api', _register)
-self.bridge.register(signal_name, self.signal_handler.getGenericCb(signal_name), "plugin")
-self.media_dir = self.bridge.getConfig('', 'media_dir')
+# files upload
-self.local_dir = self.bridge.getConfig('', 'local_dir')
+self.putChild('upload_radiocol', _upload_radiocol)
+self.putChild('upload_avatar', _upload_avatar)
-## URLs ##
-def putChild(path, resource):
+# static pages
-"""Add a child to the root resource"""
+self.putChild('blog', MicroBlog(self))
-# FIXME: check that no information is leaked (c.f. https://twistedmatrix.com/documents/current/web/howto/using-twistedweb.html#request-encoders)
+self.putChild(C.THEMES_URL, ProtectedFile(self.themes_dir))
-root.putChild(path, web_resource.EncodingResourceWrapper(resource, [server.GzipEncoderFactory()]))
+# media dirs
-# JSON APIs
+# FIXME: get rid of dirname and "/" in C.XXX_DIR
-putChild('json_signal_api', self.signal_handler)
+self.putChild(os.path.dirname(C.MEDIA_DIR), ProtectedFile(self.media_dir))
-putChild('json_api', MethodHandler(self))
+self.cache_resource = web_resource.NoResource()
-putChild('register_api', _register)
+self.putChild(C.CACHE_DIR, self.cache_resource)
-# files upload
+# special
-putChild('upload_radiocol', _upload_radiocol)
+self.putChild('radiocol', ProtectedFile(_upload_radiocol.getTmpDir(), defaultType="audio/ogg"))  # FIXME: We cheat for PoC because we know we are on the same host, so we use directly upload dir
-putChild('upload_avatar', _upload_avatar)
+# pyjamas tests, redirected only for dev versions
+if self.version[-1] == 'D':
-# static pages
+self.putChild('test', web_util.Redirect('/libervia_test.html'))
-putChild('blog', MicroBlog(self))
-putChild(C.THEMES_URL, ProtectedFile(self.themes_dir))
+wrapped = web_resource.EncodingResourceWrapper(root, [server.GzipEncoderFactory()])
-# media dirs
+self.site = server.Site(wrapped)
-putChild(os.path.dirname(C.MEDIA_DIR), ProtectedFile(self.media_dir))
+self.site.sessionFactory = LiberviaSession
-putChild(os.path.dirname(C.AVATARS_DIR), ProtectedFile(os.path.join(self.local_dir, C.AVATARS_DIR)))
-# special
+def _bridgeCb(self):
-putChild('radiocol', ProtectedFile(_upload_radiocol.getTmpDir(), defaultType="audio/ogg"))  # FIXME: We cheat for PoC because we know we are on the same host, so we use directly upload dir
-# pyjamas tests, redirected only for dev versions
-if self.version[-1] == 'D':
-putChild('test', web_util.Redirect('/libervia_test.html'))
-wrapped = web_resource.EncodingResourceWrapper(root, [server.GzipEncoderFactory()])
-self.site = server.Site(wrapped)
-self.site.sessionFactory = LiberviaSession
 self.bridge.getReady(lambda: self.initialised.callback(None),
 lambda failure: self.initialised.errback(Exception(failure)))
-self.initialised.addCallback(backendReady)
+self.initialised.addCallback(self.backendReady)
 self.initialised.addErrback(lambda failure: log.error(u"Init error: %s" % failure))
+def _bridgeEb(self, failure):
+log.error(u"Can't connect to bridge: {}".format(failure))
 @property
 def version(self):
 """Return the short version of Libervia"""
 return C.APP_VERSION
 log.error(u"Can't check service profile ({profile}), are you sure it exists ?\n{error}".format(
 profile=C.SERVICE_PROFILE, error=msg))
 self.stop()
 return
 if not connected:
-self.bridge.asyncConnect(C.SERVICE_PROFILE, self.options['passphrase'],
+self.bridge.connect(C.SERVICE_PROFILE, self.options['passphrase'],
-callback=self._startService, errback=eb)
+{}, callback=self._startService, errback=eb)
 else:
 self._startService()
 self.initialised.addCallback(initOk)
+## URLs ##
+def putChild(self, path, resource):
+"""Add a child to the root resource"""
+# FIXME: check that no information is leaked (c.f. https://twistedmatrix.com/documents/current/web/howto/using-twistedweb.html#request-encoders)
+self.root.putChild(path, web_resource.EncodingResourceWrapper(resource, [server.GzipEncoderFactory()]))
 ## TLS related methods ##
 def _TLSOptionsCheck(self):
 """Check options coherence if TLS is activated, and update missing values

Mercurial > libervia-web

comparison src/server/server.py @ 914:0c0551967bdf