Mercurial > libervia-backend

comparison src/memory/memory.py @ 656:7d6e5807504a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
bridge, memory: added the parameter security_limit to asyncGetParamA so it can be used from libervia. refactorization in memory.py are related to that.
author souliane <souliane@mailoo.org>
date Wed, 02 Oct 2013 20:25:19 +0200
parents 17bd09cd1001
children 4f747d7fde8c
comparison
equal deleted inserted replaced
655:56f8a9c99194 656:7d6e5807504a
313 313
314 if attr == "value": 314 if attr == "value":
315 value = self.__getParam(profile, category, name) 315 value = self.__getParam(profile, category, name)
316 return self.__getAttr(node[1], attr, value) 316 return self.__getAttr(node[1], attr, value)
317 317
318 def asyncGetStringParamA(self, name, category, attr="value", profile_key="@NONE@"): 318 def asyncGetStringParamA(self, name, category, attr="value", security_limit=NO_SECURITY_LIMIT, profile_key="@NONE@"):
319 d = self.asyncGetParamA(name, category, attr, profile_key) 319 d = self.asyncGetParamA(name, category, attr, security_limit, profile_key)
320 d.addCallback(self.__type_to_string) 320 d.addCallback(self.__type_to_string)
321 return d 321 return d
322 322
323 def asyncGetParamA(self, name, category, attr="value", profile_key="@NONE@"): 323 def asyncGetParamA(self, name, category, attr="value", security_limit=NO_SECURITY_LIMIT, profile_key="@NONE@"):
324 """Helper method to get a specific attribute 324 """Helper method to get a specific attribute
325 @param name: name of the parameter 325 @param name: name of the parameter
326 @param category: category of the parameter 326 @param category: category of the parameter
327 @param attr: name of the attribute (default: "value") 327 @param attr: name of the attribute (default: "value")
328 @param profile: owner of the param (@ALL@ for everyone)""" 328 @param profile: owner of the param (@ALL@ for everyone)"""
329 node = self.__getParamNode(name, category) 329 node = self.__getParamNode(name, category)
330 if not node: 330 if not node:
331 error(_("Requested param [%(name)s] in category [%(category)s] doesn't exist !") % {'name': name, 'category': category}) 331 error(_("Requested param [%(name)s] in category [%(category)s] doesn't exist !") % {'name': name, 'category': category})
332 return None
333
334 if not self.checkSecurityLimit(node[1], security_limit):
335 warning(_("Trying to get parameter '%s' in category '%s' without authorization!!!"
336 % (name, category)))
332 return None 337 return None
333 338
334 if node[0] == 'general': 339 if node[0] == 'general':
335 value = self.__getParam(None, category, name, 'general') 340 value = self.__getParam(None, category, name, 'general')
336 return defer.succeed(self.__getAttr(node[1], attr, value)) 341 return defer.succeed(self.__getAttr(node[1], attr, value))
384 @param profile: profile name (not key !) 389 @param profile: profile name (not key !)
385 @return: a deferred that fire a minidom.Document of the profile xml (cf warning above) 390 @return: a deferred that fire a minidom.Document of the profile xml (cf warning above)
386 """ 391 """
387 392
388 def constructProfile(ignore, profile_cache): 393 def constructProfile(ignore, profile_cache):
389
390 def filterParam(node):
391 """Filter with security level.
392 @return: True is this param must be filtered"""
393 if security_limit < 0:
394 return False
395 if not node.hasAttribute('security'):
396 #debug("filtered param: %s (no security set)"
397 # % node.getAttribute("name"))
398 return True
399 if int(node.getAttribute('security')) > security_limit:
400 #debug("filtered param: %s (security level > %i)"
401 # % (node.getAttribute("name"), security_limit))
402 return True
403 return False
404
405 # init the result document 394 # init the result document
406 prof_xml = minidom.parseString('<params/>') 395 prof_xml = minidom.parseString('<params/>')
407 cache = {} 396 cache = {}
408 397
409 for type_node in self.dom.documentElement.childNodes: 398 for type_node in self.dom.documentElement.childNodes:
419 # we make a copy for the new xml 408 # we make a copy for the new xml
420 cache[category] = dest_cat = cat_node.cloneNode(True) 409 cache[category] = dest_cat = cat_node.cloneNode(True)
421 for node in dest_cat.childNodes: 410 for node in dest_cat.childNodes:
422 if node.nodeName != "param": 411 if node.nodeName != "param":
423 continue 412 continue
424 if filterParam(node): 413 if not self.checkSecurityLimit(node, security_limit):
425 dest_cat.removeChild(node) 414 dest_cat.removeChild(node)
426 continue 415 continue
427 dest_params[node.getAttribute('name')] = node 416 dest_params[node.getAttribute('name')] = node
428 new_node = True 417 new_node = True
429 else: 418 else:
434 423
435 for param_node in params: 424 for param_node in params:
436 # we have to merge new params (we are parsing individual parameters, we have to add them 425 # we have to merge new params (we are parsing individual parameters, we have to add them
437 # to the previously parsed general ones) 426 # to the previously parsed general ones)
438 name = param_node.getAttribute('name') 427 name = param_node.getAttribute('name')
439 if filterParam(param_node): 428 if not self.checkSecurityLimit(param_node, security_limit):
440 continue 429 continue
441 if name not in dest_params: 430 if name not in dest_params:
442 # this is reached when a previous category exists 431 # this is reached when a previous category exists
443 dest_params[name] = param_node.cloneNode(True) 432 dest_params[name] = param_node.cloneNode(True)
444 dest_cat.appendChild(dest_params[name]) 433 dest_cat.appendChild(dest_params[name])
559 if not node: 548 if not node:
560 error(_('Requesting an unknown parameter (%(category)s/%(name)s)') 549 error(_('Requesting an unknown parameter (%(category)s/%(name)s)')
561 % {'category': category, 'name': name}) 550 % {'category': category, 'name': name})
562 return 551 return
563 552
564 if security_limit >= 0: 553 if not self.checkSecurityLimit(node[1], security_limit):
565 abort = True 554 warning(_("Trying to set parameter '%s' in category '%s' without authorization!!!"
566 if node[1].hasAttribute("security"):
567 if int(node[1].getAttribute("security")) <= security_limit:
568 abort = False
569 if abort:
570 warning(_("Trying to set parameter '%s' in category '%s' without authorization!!!"
571 % (name, category))) 555 % (name, category)))
572 return 556 return
573 557
574 if node[0] == 'general': 558 if node[0] == 'general':
575 self.params_gen[(category, name)] = value 559 self.params_gen[(category, name)] = value
576 self.storage.setGenParam(category, name, value) 560 self.storage.setGenParam(category, name, value)
577 for profile in self.storage.getProfilesList(): 561 for profile in self.storage.getProfilesList():
590 if self.host.isConnected(profile): # key can not exists if profile is not connected 574 if self.host.isConnected(profile): # key can not exists if profile is not connected
591 self.params[profile][(category, name)] = value 575 self.params[profile][(category, name)] = value
592 self.host.bridge.paramUpdate(name, value, category, profile) 576 self.host.bridge.paramUpdate(name, value, category, profile)
593 self.host.trigger.point("paramUpdateTrigger", name, value, category, node[0], profile) 577 self.host.trigger.point("paramUpdateTrigger", name, value, category, node[0], profile)
594 self.storage.setIndParam(category, name, value, profile) 578 self.storage.setIndParam(category, name, value, profile)
579
580 def checkSecurityLimit(self, node, security_limit):
581 """Check the given node against the given security limit.
582 The value NO_SECURITY_LIMIT (-1) means that everything is allowed.
583 @return: True if this node can be accessed with the given security limit.
584 """
585 if security_limit < 0:
586 return True
587 if node.hasAttribute("security"):
588 if int(node.getAttribute("security")) <= security_limit:
589 return True
590 return False
595 591
596 592
597 class Memory(object): 593 class Memory(object):
598 """This class manage all persistent informations""" 594 """This class manage all persistent informations"""
599 595
826 @param value: value for this key (eg: "chatroom"), or '@NONE@' to delete 822 @param value: value for this key (eg: "chatroom"), or '@NONE@' to delete
827 @param profile_key: %(doc_profile_key)s 823 @param profile_key: %(doc_profile_key)s
828 """ 824 """
829 profile = self.getProfileName(profile_key) 825 profile = self.getProfileName(profile_key)
830 if not profile: 826 if not profile:
831 raise exceptions.UnknownProfileError(_('Trying to get entity data for a non-existant profile')) 827 raise exceptions.ProfileUnknownError(_('Trying to get entity data for a non-existant profile'))
832 if not profile in self.entitiesCache: 828 if not profile in self.entitiesCache:
833 raise exceptions.ProfileNotInCacheError 829 raise exceptions.ProfileNotInCacheError
834 if entity_jid == "@ALL@": 830 if entity_jid == "@ALL@":
835 entities_map = self.entitiesCache[profile] 831 entities_map = self.entitiesCache[profile]
836 else: 832 else:
857 @raise: exceptions.UnknownEntityError if entity is not in cache 853 @raise: exceptions.UnknownEntityError if entity is not in cache
858 exceptions.ProfileNotInCacheError if profile is not in cache 854 exceptions.ProfileNotInCacheError if profile is not in cache
859 """ 855 """
860 profile = self.getProfileName(profile_key) 856 profile = self.getProfileName(profile_key)
861 if not profile: 857 if not profile:
862 raise exceptions.UnknownProfileError(_('Trying to get entity data for a non-existant profile')) 858 raise exceptions.ProfileUnknownError(_('Trying to get entity data for a non-existant profile'))
863 if not profile in self.entitiesCache: 859 if not profile in self.entitiesCache:
864 raise exceptions.ProfileNotInCacheError 860 raise exceptions.ProfileNotInCacheError
865 if not entity_jid.userhost() in self.entitiesCache[profile]: 861 if not entity_jid.userhost() in self.entitiesCache[profile]:
866 raise exceptions.UnknownEntityError(entity_jid.userhost()) 862 raise exceptions.UnknownEntityError(entity_jid.userhost())
867 entity_data = self.entitiesCache[profile][entity_jid.userhost()] 863 entity_data = self.entitiesCache[profile][entity_jid.userhost()]
913 return self.params.getStringParamA(name, category, attr, profile_key) 909 return self.params.getStringParamA(name, category, attr, profile_key)
914 910
915 def getParamA(self, name, category, attr="value", profile_key='@NONE@'): 911 def getParamA(self, name, category, attr="value", profile_key='@NONE@'):
916 return self.params.getParamA(name, category, attr, profile_key) 912 return self.params.getParamA(name, category, attr, profile_key)
917 913
918 def asyncGetParamA(self, name, category, attr="value", profile_key='@NONE@'): 914 def asyncGetParamA(self, name, category, attr="value", security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'):
919 return self.params.asyncGetParamA(name, category, attr, profile_key) 915 return self.params.asyncGetParamA(name, category, attr, security_limit, profile_key)
920 916
921 def asyncGetStringParamA(self, name, category, attr="value", profile_key='@NONE@'): 917 def asyncGetStringParamA(self, name, category, attr="value", security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'):
922 return self.params.asyncGetStringParamA(name, category, attr, profile_key) 918 return self.params.asyncGetStringParamA(name, category, attr, security_limit, profile_key)
923 919
924 def getParamsUI(self, security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'): 920 def getParamsUI(self, security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'):
925 return self.params.getParamsUI(security_limit, profile_key) 921 return self.params.getParamsUI(security_limit, profile_key)
926 922
927 def getParams(self, security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'): 923 def getParams(self, security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'):