libervia-backend: libervia/backend/plugins/plugin_comp_ap_gateway/http

comparison libervia/backend/plugins/plugin_comp_ap_gateway/http_server.py @ 4212:5f2d496c633f

core: get rid of `pickle`: Use of `pickle` to serialise data was a technical legacy that was causing trouble to store in database, to update (if a class was serialised, a change could break update), and to security (pickle can lead to code execution). This patch remove all use of Pickle in favour in JSON, notably: - for caching data, a Pydantic model is now used instead - for SQLAlchemy model, the LegacyPickle is replaced by JSON serialisation - in XEP-0373 a class `PublicKeyMetadata` was serialised. New method `from_dict` and `to_dict` method have been implemented to do serialisation. - new methods to (de)serialise data can now be specified with Identity data types. It is notably used to (de)serialise `path` of avatars. A migration script has been created to convert data (for upgrade or downgrade), with special care for XEP-0373 case. Depending of size of database, this migration script can be long to run. rel 443

author	Goffi <goffi@goffi.org>
date	Fri, 23 Feb 2024 13:31:04 +0100
parents	7067b0d73183
children	49019947cc76

comparison

equal deleted inserted replaced

-:be89ab1cbca4
+:5f2d496c633f
 )
 elif request_type == "avatar":
 if len(extra_args) != 1:
 raise exceptions.DataError("avatar argument expected in URL")
 avatar_filename = extra_args[0]
-avatar_path = self.apg.host.common_cache.getPath(avatar_filename)
+avatar_path = self.apg.host.common_cache.get_path(avatar_filename)
 return static.File(str(avatar_path)).render(request)
 elif request_type == "item":
 ret_data = await self.apg.ap_get_local_object(ap_url)
 if "@context" not in ret_data:
 ret_data["@context"] = [NS_AP]

Mercurial > libervia-backend

comparison libervia/backend/plugins/plugin_comp_ap_gateway/http_server.py @ 4212:5f2d496c633f