Mercurial > libervia-backend
diff libervia/backend/memory/params.py @ 4071:4b842c1fb686
refactoring: renamed `sat` package to `libervia.backend`
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Fri, 02 Jun 2023 11:49:51 +0200 |
| parents | sat/memory/params.py@524856bd7b19 |
| children | 0d7bb4df2343 |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/libervia/backend/memory/params.py Fri Jun 02 11:49:51 2023 +0200 @@ -0,0 +1,1173 @@ +#!/usr/bin/env python3 + +# Libervia: an XMPP client +# Copyright (C) 2009-2021 Jérôme Poisson (goffi@goffi.org) + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. + +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +from libervia.backend.core.i18n import _, D_ + +from libervia.backend.core import exceptions +from libervia.backend.core.constants import Const as C +from libervia.backend.memory.crypto import BlockCipher, PasswordHasher +from xml.dom import minidom, NotFoundErr +from libervia.backend.core.log import getLogger + +log = getLogger(__name__) +from twisted.internet import defer +from twisted.python.failure import Failure +from twisted.words.xish import domish +from twisted.words.protocols.jabber import jid +from libervia.backend.tools.xml_tools import params_xml_2_xmlui, get_text +from libervia.backend.tools.common import data_format +from xml.sax.saxutils import quoteattr + +# TODO: params should be rewritten using Twisted directly instead of minidom +# general params should be linked to sat.conf and kept synchronised +# this need an overall simplification to make maintenance easier + + +def create_jid_elts(jids): + """Generator which return <jid/> elements from jids + + @param jids(iterable[id.jID]): jids to use + @return (generator[domish.Element]): <jid/> elements + """ + for jid_ in jids: + jid_elt = domish.Element((None, "jid")) + jid_elt.addContent(jid_.full()) + yield jid_elt + + +class Params(object): + """This class manage parameters with xml""" + + ### TODO: add desciption in params + + # TODO: when priority is changed, a new presence stanza must be emitted + # TODO: int type (Priority should be int instead of string) + default_xml = """ + <params> + <general> + </general> + <individual> + <category name="General" label="%(category_general)s"> + <param name="Password" value="" type="password" /> + <param name="%(history_param)s" label="%(history_label)s" value="20" constraint="0;100" type="int" security="0" /> + <param name="%(show_offline_contacts)s" label="%(show_offline_contacts_label)s" value="false" type="bool" security="0" /> + <param name="%(show_empty_groups)s" label="%(show_empty_groups_label)s" value="true" type="bool" security="0" /> + </category> + <category name="Connection" label="%(category_connection)s"> + <param name="JabberID" value="name@example.org" type="string" security="10" /> + <param name="Password" value="" type="password" security="10" /> + <param name="Priority" value="50" type="int" constraint="-128;127" security="10" /> + <param name="%(force_server_param)s" value="" type="string" security="50" /> + <param name="%(force_port_param)s" value="" type="int" constraint="1;65535" security="50" /> + <param name="autoconnect_backend" label="%(autoconnect_backend_label)s" value="false" type="bool" security="50" /> + <param name="autoconnect" label="%(autoconnect_label)s" value="true" type="bool" security="50" /> + <param name="autodisconnect" label="%(autodisconnect_label)s" value="false" type="bool" security="50" /> + <param name="check_certificate" label="%(check_certificate_label)s" value="true" type="bool" security="4" /> + </category> + </individual> + </params> + """ % { + "category_general": D_("General"), + "category_connection": D_("Connection"), + "history_param": C.HISTORY_LIMIT, + "history_label": D_("Chat history limit"), + "show_offline_contacts": C.SHOW_OFFLINE_CONTACTS, + "show_offline_contacts_label": D_("Show offline contacts"), + "show_empty_groups": C.SHOW_EMPTY_GROUPS, + "show_empty_groups_label": D_("Show empty groups"), + "force_server_param": C.FORCE_SERVER_PARAM, + "force_port_param": C.FORCE_PORT_PARAM, + "autoconnect_backend_label": D_("Connect on backend startup"), + "autoconnect_label": D_("Connect on frontend startup"), + "autodisconnect_label": D_("Disconnect on frontend closure"), + "check_certificate_label": D_("Check certificate (don't uncheck if unsure)"), + } + + def load_default_params(self): + self.dom = minidom.parseString(Params.default_xml.encode("utf-8")) + + def _merge_params(self, source_node, dest_node): + """Look for every node in source_node and recursively copy them to dest if they don't exists""" + + def get_nodes_map(children): + ret = {} + for child in children: + if child.nodeType == child.ELEMENT_NODE: + ret[(child.tagName, child.getAttribute("name"))] = child + return ret + + source_map = get_nodes_map(source_node.childNodes) + dest_map = get_nodes_map(dest_node.childNodes) + source_set = set(source_map.keys()) + dest_set = set(dest_map.keys()) + to_add = source_set.difference(dest_set) + + for node_key in to_add: + dest_node.appendChild(source_map[node_key].cloneNode(True)) + + to_recurse = source_set - to_add + for node_key in to_recurse: + self._merge_params(source_map[node_key], dest_map[node_key]) + + def load_xml(self, xml_file): + """Load parameters template from xml file""" + self.dom = minidom.parse(xml_file) + default_dom = minidom.parseString(Params.default_xml.encode("utf-8")) + self._merge_params(default_dom.documentElement, self.dom.documentElement) + + def load_gen_params(self): + """Load general parameters data from storage + + @return: deferred triggered once params are loaded + """ + return self.storage.load_gen_params(self.params_gen) + + def load_ind_params(self, profile, cache=None): + """Load individual parameters + + set self.params cache or a temporary cache + @param profile: profile to load (*must exist*) + @param cache: if not None, will be used to store the value, as a short time cache + @return: deferred triggered once params are loaded + """ + if cache is None: + self.params[profile] = {} + return self.storage.load_ind_params( + self.params[profile] if cache is None else cache, profile + ) + + def purge_profile(self, profile): + """Remove cache data of a profile + + @param profile: %(doc_profile)s + """ + try: + del self.params[profile] + except KeyError: + log.error( + _("Trying to purge cache of a profile not in memory: [%s]") % profile + ) + + def save_xml(self, filename): + """Save parameters template to xml file""" + with open(filename, "wb") as xml_file: + xml_file.write(self.dom.toxml("utf-8")) + + def __init__(self, host, storage): + log.debug("Parameters init") + self.host = host + self.storage = storage + self.default_profile = None + self.params = {} + self.params_gen = {} + + def create_profile(self, profile, component): + """Create a new profile + + @param profile(unicode): name of the profile + @param component(unicode): entry point if profile is a component + @param callback: called when the profile actually exists in database and memory + @return: a Deferred instance + """ + if self.storage.has_profile(profile): + log.info(_("The profile name already exists")) + return defer.fail(exceptions.ConflictError()) + if not self.host.trigger.point("ProfileCreation", profile): + return defer.fail(exceptions.CancelError()) + return self.storage.create_profile(profile, component or None) + + def profile_delete_async(self, profile, force=False): + """Delete an existing profile + + @param profile: name of the profile + @param force: force the deletion even if the profile is connected. + To be used for direct calls only (not through the bridge). + @return: a Deferred instance + """ + if not self.storage.has_profile(profile): + log.info(_("Trying to delete an unknown profile")) + return defer.fail(Failure(exceptions.ProfileUnknownError(profile))) + if self.host.is_connected(profile): + if force: + self.host.disconnect(profile) + else: + log.info(_("Trying to delete a connected profile")) + return defer.fail(Failure(exceptions.ProfileConnected)) + return self.storage.delete_profile(profile) + + def get_profile_name(self, profile_key, return_profile_keys=False): + """return profile according to profile_key + + @param profile_key: profile name or key which can be + C.PROF_KEY_ALL for all profiles + C.PROF_KEY_DEFAULT for default profile + @param return_profile_keys: if True, return unmanaged profile keys (like + C.PROF_KEY_ALL). This keys must be managed by the caller + @return: requested profile name + @raise exceptions.ProfileUnknownError: profile doesn't exists + @raise exceptions.ProfileNotSetError: if C.PROF_KEY_NONE is used + """ + if profile_key == "@DEFAULT@": + default = self.host.memory.memory_data.get("Profile_default") + if not default: + log.info(_("No default profile, returning first one")) + try: + default = self.host.memory.memory_data[ + "Profile_default" + ] = self.storage.get_profiles_list()[0] + except IndexError: + log.info(_("No profile exist yet")) + raise exceptions.ProfileUnknownError(profile_key) + return ( + default + ) # FIXME: temporary, must use real default value, and fallback to first one if it doesn't exists + elif profile_key == C.PROF_KEY_NONE: + raise exceptions.ProfileNotSetError + elif return_profile_keys and profile_key in [C.PROF_KEY_ALL]: + return profile_key # this value must be managed by the caller + if not self.storage.has_profile(profile_key): + log.error(_("Trying to access an unknown profile (%s)") % profile_key) + raise exceptions.ProfileUnknownError(profile_key) + return profile_key + + def __get_unique_node(self, parent, tag, name): + """return node with given tag + + @param parent: parent of nodes to check (e.g. documentElement) + @param tag: tag to check (e.g. "category") + @param name: name to check (e.g. "JID") + @return: node if it exist or None + """ + for node in parent.childNodes: + if node.nodeName == tag and node.getAttribute("name") == name: + # the node already exists + return node + # the node is new + return None + + def update_params(self, xml, security_limit=C.NO_SECURITY_LIMIT, app=""): + """import xml in parameters, update if the param already exists + + If security_limit is specified and greater than -1, the parameters + that have a security level greater than security_limit are skipped. + @param xml: parameters in xml form + @param security_limit: -1 means no security, 0 is the maximum security then the higher the less secure + @param app: name of the frontend registering the parameters or empty value + """ + # TODO: should word with domish.Element + src_parent = minidom.parseString(xml.encode("utf-8")).documentElement + + def pre_process_app_node(src_parent, security_limit, app): + """Parameters that are registered from a frontend must be checked""" + to_remove = [] + for type_node in src_parent.childNodes: + if type_node.nodeName != C.INDIVIDUAL: + to_remove.append(type_node) # accept individual parameters only + continue + for cat_node in type_node.childNodes: + if cat_node.nodeName != "category": + to_remove.append(cat_node) + continue + to_remove_count = ( + 0 + ) # count the params to be removed from current category + for node in cat_node.childNodes: + if node.nodeName != "param" or not self.check_security_limit( + node, security_limit + ): + to_remove.append(node) + to_remove_count += 1 + continue + node.setAttribute("app", app) + if ( + len(cat_node.childNodes) == to_remove_count + ): # remove empty category + for __ in range(0, to_remove_count): + to_remove.pop() + to_remove.append(cat_node) + for node in to_remove: + node.parentNode.removeChild(node) + + def import_node(tgt_parent, src_parent): + for child in src_parent.childNodes: + if child.nodeName == "#text": + continue + node = self.__get_unique_node( + tgt_parent, child.nodeName, child.getAttribute("name") + ) + if not node: # The node is new + tgt_parent.appendChild(child.cloneNode(True)) + else: + if child.nodeName == "param": + # The child updates an existing parameter, we replace the node + tgt_parent.replaceChild(child, node) + else: + # the node already exists, we recurse 1 more level + import_node(node, child) + + if app: + pre_process_app_node(src_parent, security_limit, app) + import_node(self.dom.documentElement, src_parent) + + def params_register_app(self, xml, security_limit, app): + """Register frontend's specific parameters + + If security_limit is specified and greater than -1, the parameters + that have a security level greater than security_limit are skipped. + @param xml: XML definition of the parameters to be added + @param security_limit: -1 means no security, 0 is the maximum security then the higher the less secure + @param app: name of the frontend registering the parameters + """ + if not app: + log.warning( + _( + "Trying to register frontends parameters with no specified app: aborted" + ) + ) + return + if not hasattr(self, "frontends_cache"): + self.frontends_cache = [] + if app in self.frontends_cache: + log.debug( + _( + "Trying to register twice frontends parameters for %(app)s: aborted" + % {"app": app} + ) + ) + return + self.frontends_cache.append(app) + self.update_params(xml, security_limit, app) + log.debug("Frontends parameters registered for %(app)s" % {"app": app}) + + def __default_ok(self, value, name, category): + # FIXME: will not work with individual parameters + self.param_set(name, value, category) + + def __default_ko(self, failure, name, category): + log.error( + _("Can't determine default value for [%(category)s/%(name)s]: %(reason)s") + % {"category": category, "name": name, "reason": str(failure.value)} + ) + + def set_default(self, name, category, callback, errback=None): + """Set default value of parameter + + 'default_cb' attibute of parameter must be set to 'yes' + @param name: name of the parameter + @param category: category of the parameter + @param callback: must return a string with the value (use deferred if needed) + @param errback: must manage the error with args failure, name, category + """ + # TODO: send signal param update if value changed + # TODO: manage individual paramaters + log.debug( + "set_default called for %(category)s/%(name)s" + % {"category": category, "name": name} + ) + node = self._get_param_node(name, category, "@ALL@") + if not node: + log.error( + _( + "Requested param [%(name)s] in category [%(category)s] doesn't exist !" + ) + % {"name": name, "category": category} + ) + return + if node[1].getAttribute("default_cb") == "yes": + # del node[1].attributes['default_cb'] # default_cb is not used anymore as a flag to know if we have to set the default value, + # and we can still use it later e.g. to call a generic set_default method + value = self._get_param(category, name, C.GENERAL) + if value is None: # no value set by the user: we have the default value + log.debug("Default value to set, using callback") + d = defer.maybeDeferred(callback) + d.addCallback(self.__default_ok, name, category) + d.addErrback(errback or self.__default_ko, name, category) + + def _get_attr_internal(self, node, attr, value): + """Get attribute value. + + /!\ This method would return encrypted password values. + + @param node: XML param node + @param attr: name of the attribute to get (e.g.: 'value' or 'type') + @param value: user defined value + @return: value (can be str, bool, int, list, None) + """ + if attr == "value": + value_to_use = ( + value if value is not None else node.getAttribute(attr) + ) # we use value (user defined) if it exist, else we use node's default value + if node.getAttribute("type") == "bool": + return C.bool(value_to_use) + if node.getAttribute("type") == "int": + return int(value_to_use) if value_to_use else value_to_use + elif node.getAttribute("type") == "list": + if ( + not value_to_use + ): # no user defined value, take default value from the XML + options = [ + option + for option in node.childNodes + if option.nodeName == "option" + ] + selected = [ + option + for option in options + if option.getAttribute("selected") == "true" + ] + cat, param = ( + node.parentNode.getAttribute("name"), + node.getAttribute("name"), + ) + if len(selected) == 1: + value_to_use = selected[0].getAttribute("value") + log.info( + _( + "Unset parameter (%(cat)s, %(param)s) of type list will use the default option '%(value)s'" + ) + % {"cat": cat, "param": param, "value": value_to_use} + ) + return value_to_use + if len(selected) == 0: + log.error( + _( + "Parameter (%(cat)s, %(param)s) of type list has no default option!" + ) + % {"cat": cat, "param": param} + ) + else: + log.error( + _( + "Parameter (%(cat)s, %(param)s) of type list has more than one default option!" + ) + % {"cat": cat, "param": param} + ) + raise exceptions.DataError + elif node.getAttribute("type") == "jids_list": + if value_to_use: + jids = value_to_use.split( + "\t" + ) # FIXME: it's not good to use tabs as separator ! + else: # no user defined value, take default value from the XML + jids = [get_text(jid_) for jid_ in node.getElementsByTagName("jid")] + to_delete = [] + for idx, value in enumerate(jids): + try: + jids[idx] = jid.JID(value) + except (RuntimeError, jid.InvalidFormat, AttributeError): + log.warning( + "Incorrect jid value found in jids list: [{}]".format(value) + ) + to_delete.append(value) + for value in to_delete: + jids.remove(value) + return jids + return value_to_use + return node.getAttribute(attr) + + def _get_attr(self, node, attr, value): + """Get attribute value (synchronous). + + /!\ This method can not be used to retrieve password values. + @param node: XML param node + @param attr: name of the attribute to get (e.g.: 'value' or 'type') + @param value: user defined value + @return (unicode, bool, int, list): value to retrieve + """ + if attr == "value" and node.getAttribute("type") == "password": + raise exceptions.InternalError( + "To retrieve password values, use _async_get_attr instead of _get_attr" + ) + return self._get_attr_internal(node, attr, value) + + def _async_get_attr(self, node, attr, value, profile=None): + """Get attribute value. + + Profile passwords are returned hashed (if not empty), + other passwords are returned decrypted (if not empty). + @param node: XML param node + @param attr: name of the attribute to get (e.g.: 'value' or 'type') + @param value: user defined value + @param profile: %(doc_profile)s + @return (unicode, bool, int, list): Deferred value to retrieve + """ + value = self._get_attr_internal(node, attr, value) + if attr != "value" or node.getAttribute("type") != "password": + return defer.succeed(value) + param_cat = node.parentNode.getAttribute("name") + param_name = node.getAttribute("name") + if ((param_cat, param_name) == C.PROFILE_PASS_PATH) or not value: + return defer.succeed( + value + ) # profile password and empty passwords are returned "as is" + if not profile: + raise exceptions.ProfileNotSetError( + "The profile is needed to decrypt a password" + ) + password = self.host.memory.decrypt_value(value, profile) + + if password is None: + raise exceptions.InternalError("password should never be None") + return defer.succeed(password) + + def _type_to_str(self, result): + """Convert result to string, according to its type """ + if isinstance(result, bool): + return C.bool_const(result) + elif isinstance(result, (list, set, tuple)): + return ', '.join(self._type_to_str(r) for r in result) + else: + return str(result) + + def get_string_param_a(self, name, category, attr="value", profile_key=C.PROF_KEY_NONE): + """ Same as param_get_a but for bridge: convert non string value to string """ + return self._type_to_str( + self.param_get_a(name, category, attr, profile_key=profile_key) + ) + + def param_get_a( + self, name, category, attr="value", use_default=True, profile_key=C.PROF_KEY_NONE + ): + """Helper method to get a specific attribute. + + /!\ This method would return encrypted password values, + to get the plain values you have to use param_get_a_async. + @param name: name of the parameter + @param category: category of the parameter + @param attr: name of the attribute (default: "value") + @parm use_default(bool): if True and attr=='value', return default value if not set + else return None if not set + @param profile: owner of the param (@ALL@ for everyone) + @return: attribute + """ + # FIXME: looks really dirty and buggy, need to be reviewed/refactored + # FIXME: security_limit is not managed here ! + node = self._get_param_node(name, category) + if not node: + log.error( + _( + "Requested param [%(name)s] in category [%(category)s] doesn't exist !" + ) + % {"name": name, "category": category} + ) + raise exceptions.NotFound + + if attr == "value" and node[1].getAttribute("type") == "password": + raise exceptions.InternalError( + "To retrieve password values, use param_get_a_async instead of param_get_a" + ) + + if node[0] == C.GENERAL: + value = self._get_param(category, name, C.GENERAL) + if value is None and attr == "value" and not use_default: + return value + return self._get_attr(node[1], attr, value) + + assert node[0] == C.INDIVIDUAL + + profile = self.get_profile_name(profile_key) + if not profile: + log.error(_("Requesting a param for an non-existant profile")) + raise exceptions.ProfileUnknownError(profile_key) + + if profile not in self.params: + log.error(_("Requesting synchronous param for not connected profile")) + raise exceptions.ProfileNotConnected(profile) + + if attr == "value": + value = self._get_param(category, name, profile=profile) + if value is None and attr == "value" and not use_default: + return value + return self._get_attr(node[1], attr, value) + + async def async_get_string_param_a( + self, name, category, attr="value", security_limit=C.NO_SECURITY_LIMIT, + profile=C.PROF_KEY_NONE): + value = await self.param_get_a_async( + name, category, attr, security_limit, profile_key=profile) + return self._type_to_str(value) + + def param_get_a_async( + self, + name, + category, + attr="value", + security_limit=C.NO_SECURITY_LIMIT, + profile_key=C.PROF_KEY_NONE, + ): + """Helper method to get a specific attribute. + + @param name: name of the parameter + @param category: category of the parameter + @param attr: name of the attribute (default: "value") + @param profile: owner of the param (@ALL@ for everyone) + @return (defer.Deferred): parameter value, with corresponding type (bool, int, list, etc) + """ + node = self._get_param_node(name, category) + if not node: + log.error( + _( + "Requested param [%(name)s] in category [%(category)s] doesn't exist !" + ) + % {"name": name, "category": category} + ) + raise ValueError("Requested param doesn't exist") + + if not self.check_security_limit(node[1], security_limit): + log.warning( + _( + "Trying to get parameter '%(param)s' in category '%(cat)s' without authorization!!!" + % {"param": name, "cat": category} + ) + ) + raise exceptions.PermissionError + + if node[0] == C.GENERAL: + value = self._get_param(category, name, C.GENERAL) + return self._async_get_attr(node[1], attr, value) + + assert node[0] == C.INDIVIDUAL + + profile = self.get_profile_name(profile_key) + if not profile: + raise exceptions.InternalError( + _("Requesting a param for a non-existant profile") + ) + + if attr != "value": + return defer.succeed(node[1].getAttribute(attr)) + try: + value = self._get_param(category, name, profile=profile) + return self._async_get_attr(node[1], attr, value, profile) + except exceptions.ProfileNotInCacheError: + # We have to ask data to the storage manager + d = self.storage.get_ind_param(category, name, profile) + return d.addCallback( + lambda value: self._async_get_attr(node[1], attr, value, profile) + ) + + def _get_params_values_from_category( + self, category, security_limit, app, extra_s, profile_key): + client = self.host.get_client(profile_key) + extra = data_format.deserialise(extra_s) + return defer.ensureDeferred(self.get_params_values_from_category( + client, category, security_limit, app, extra)) + + async def get_params_values_from_category( + self, client, category, security_limit, app='', extra=None): + """Get all parameters "attribute" for a category + + @param category(unicode): the desired category + @param security_limit(int): NO_SECURITY_LIMIT (-1) to return all the params. + Otherwise sole the params which have a security level defined *and* + lower or equal to the specified value are returned. + @param app(str): see [get_params] + @param extra(dict): see [get_params] + @return (dict): key: param name, value: param value (converted to string if needed) + """ + # TODO: manage category of general type (without existant profile) + if extra is None: + extra = {} + prof_xml = await self._construct_profile_xml(client, security_limit, app, extra) + ret = {} + for category_node in prof_xml.getElementsByTagName("category"): + if category_node.getAttribute("name") == category: + for param_node in category_node.getElementsByTagName("param"): + name = param_node.getAttribute("name") + if not name: + log.warning( + "ignoring attribute without name: {}".format( + param_node.toxml() + ) + ) + continue + value = await self.async_get_string_param_a( + name, category, security_limit=security_limit, + profile=client.profile) + + ret[name] = value + break + + prof_xml.unlink() + return ret + + def _get_param( + self, category, name, type_=C.INDIVIDUAL, cache=None, profile=C.PROF_KEY_NONE + ): + """Return the param, or None if it doesn't exist + + @param category: param category + @param name: param name + @param type_: GENERAL or INDIVIDUAL + @param cache: temporary cache, to use when profile is not logged + @param profile: the profile name (not profile key, i.e. name and not something like @DEFAULT@) + @return: param value or None if it doesn't exist + """ + if type_ == C.GENERAL: + if (category, name) in self.params_gen: + return self.params_gen[(category, name)] + return None # This general param has the default value + assert type_ == C.INDIVIDUAL + if profile == C.PROF_KEY_NONE: + raise exceptions.ProfileNotSetError + if profile in self.params: + cache = self.params[profile] # if profile is in main cache, we use it, + # ignoring the temporary cache + elif ( + cache is None + ): # else we use the temporary cache if it exists, or raise an exception + raise exceptions.ProfileNotInCacheError + if (category, name) not in cache: + return None + return cache[(category, name)] + + async def _construct_profile_xml(self, client, security_limit, app, extra): + """Construct xml for asked profile, filling values when needed + + /!\ as noticed in doc, don't forget to unlink the minidom.Document + @param security_limit: NO_SECURITY_LIMIT (-1) to return all the params. + Otherwise sole the params which have a security level defined *and* + lower or equal to the specified value are returned. + @param app: name of the frontend requesting the parameters, or '' to get all parameters + @param profile: profile name (not key !) + @return: a deferred that fire a minidom.Document of the profile xml (cf warning above) + """ + profile = client.profile + + def check_node(node): + """Check the node against security_limit, app and extra""" + return (self.check_security_limit(node, security_limit) + and self.check_app(node, app) + and self.check_extra(node, extra)) + + if profile in self.params: + profile_cache = self.params[profile] + else: + # profile is not in cache, we load values in a short time cache + profile_cache = {} + await self.load_ind_params(profile, profile_cache) + + # init the result document + prof_xml = minidom.parseString("<params/>") + cache = {} + + for type_node in self.dom.documentElement.childNodes: + if type_node.nodeName != C.GENERAL and type_node.nodeName != C.INDIVIDUAL: + continue + # we use all params, general and individual + for cat_node in type_node.childNodes: + if cat_node.nodeName != "category": + continue + category = cat_node.getAttribute("name") + dest_params = {} # result (merged) params for category + if category not in cache: + # we make a copy for the new xml + cache[category] = dest_cat = cat_node.cloneNode(True) + to_remove = [] + for node in dest_cat.childNodes: + if node.nodeName != "param": + continue + if not check_node(node): + to_remove.append(node) + continue + dest_params[node.getAttribute("name")] = node + for node in to_remove: + dest_cat.removeChild(node) + new_node = True + else: + # It's not a new node, we use the previously cloned one + dest_cat = cache[category] + new_node = False + params = cat_node.getElementsByTagName("param") + + for param_node in params: + # we have to merge new params (we are parsing individual parameters, we have to add them + # to the previously parsed general ones) + name = param_node.getAttribute("name") + if not check_node(param_node): + continue + if name not in dest_params: + # this is reached when a previous category exists + dest_params[name] = param_node.cloneNode(True) + dest_cat.appendChild(dest_params[name]) + + profile_value = self._get_param( + category, + name, + type_node.nodeName, + cache=profile_cache, + profile=profile, + ) + if profile_value is not None: + # there is a value for this profile, we must change the default + if dest_params[name].getAttribute("type") == "list": + for option in dest_params[name].getElementsByTagName( + "option" + ): + if option.getAttribute("value") == profile_value: + option.setAttribute("selected", "true") + else: + try: + option.removeAttribute("selected") + except NotFoundErr: + pass + elif dest_params[name].getAttribute("type") == "jids_list": + jids = profile_value.split("\t") + for jid_elt in dest_params[name].getElementsByTagName( + "jid" + ): + dest_params[name].removeChild( + jid_elt + ) # remove all default + for jid_ in jids: # rebuilt the children with use values + try: + jid.JID(jid_) + except ( + RuntimeError, + jid.InvalidFormat, + AttributeError, + ): + log.warning( + "Incorrect jid value found in jids list: [{}]".format( + jid_ + ) + ) + else: + jid_elt = prof_xml.createElement("jid") + jid_elt.appendChild(prof_xml.createTextNode(jid_)) + dest_params[name].appendChild(jid_elt) + else: + dest_params[name].setAttribute("value", profile_value) + if new_node: + prof_xml.documentElement.appendChild(dest_cat) + + to_remove = [] + for cat_node in prof_xml.documentElement.childNodes: + # we remove empty categories + if cat_node.getElementsByTagName("param").length == 0: + to_remove.append(cat_node) + for node in to_remove: + prof_xml.documentElement.removeChild(node) + + return prof_xml + + + def _get_params_ui(self, security_limit, app, extra_s, profile_key): + client = self.host.get_client(profile_key) + extra = data_format.deserialise(extra_s) + return defer.ensureDeferred(self.param_ui_get(client, security_limit, app, extra)) + + async def param_ui_get(self, client, security_limit, app, extra=None): + """Get XMLUI to handle parameters + + @param security_limit: NO_SECURITY_LIMIT (-1) to return all the params. + Otherwise sole the params which have a security level defined *and* + lower or equal to the specified value are returned. + @param app: name of the frontend requesting the parameters, or '' to get all parameters + @param extra (dict, None): extra options. Key can be: + - ignore: list of (category/name) values to remove from parameters + @return(str): a SàT XMLUI for parameters + """ + param_xml = await self.get_params(client, security_limit, app, extra) + return params_xml_2_xmlui(param_xml) + + async def get_params(self, client, security_limit, app, extra=None): + """Construct xml for asked profile, take params xml as skeleton + + @param security_limit: NO_SECURITY_LIMIT (-1) to return all the params. + Otherwise sole the params which have a security level defined *and* + lower or equal to the specified value are returned. + @param app: name of the frontend requesting the parameters, or '' to get all parameters + @param extra (dict, None): extra options. Key can be: + - ignore: list of (category/name) values to remove from parameters + @param profile_key: Profile key which can be either a magic (eg: @DEFAULT@) or the name of an existing profile. + @return: XML of parameters + """ + if extra is None: + extra = {} + prof_xml = await self._construct_profile_xml(client, security_limit, app, extra) + return_xml = prof_xml.toxml() + prof_xml.unlink() + return "\n".join((line for line in return_xml.split("\n") if line)) + + def _get_param_node(self, name, category, type_="@ALL@"): # FIXME: is type_ useful ? + """Return a node from the param_xml + @param name: name of the node + @param category: category of the node + @param type_: keyword for search: + @ALL@ search everywhere + @GENERAL@ only search in general type + @INDIVIDUAL@ only search in individual type + @return: a tuple (node type, node) or None if not found""" + + for type_node in self.dom.documentElement.childNodes: + if ( + (type_ == "@ALL@" or type_ == "@GENERAL@") + and type_node.nodeName == C.GENERAL + ) or ( + (type_ == "@ALL@" or type_ == "@INDIVIDUAL@") + and type_node.nodeName == C.INDIVIDUAL + ): + for node in type_node.getElementsByTagName("category"): + if node.getAttribute("name") == category: + params = node.getElementsByTagName("param") + for param in params: + if param.getAttribute("name") == name: + return (type_node.nodeName, param) + return None + + def params_categories_get(self): + """return the categories availables""" + categories = [] + for cat in self.dom.getElementsByTagName("category"): + name = cat.getAttribute("name") + if name not in categories: + categories.append(cat.getAttribute("name")) + return categories + + def param_set(self, name, value, category, security_limit=C.NO_SECURITY_LIMIT, + profile_key=C.PROF_KEY_NONE): + """Set a parameter, return None if the parameter is not in param xml. + + Parameter of type 'password' that are not the SàT profile password are + stored encrypted (if not empty). The profile password is stored hashed + (if not empty). + + @param name (str): the parameter name + @param value (str): the new value + @param category (str): the parameter category + @param security_limit (int) + @param profile_key (str): %(doc_profile_key)s + @return: a deferred None value when everything is done + """ + # FIXME: param_set should accept the right type for value, not only str ! + if profile_key != C.PROF_KEY_NONE: + profile = self.get_profile_name(profile_key) + if not profile: + log.error(_("Trying to set parameter for an unknown profile")) + raise exceptions.ProfileUnknownError(profile_key) + + node = self._get_param_node(name, category, "@ALL@") + if not node: + log.error( + _("Requesting an unknown parameter (%(category)s/%(name)s)") + % {"category": category, "name": name} + ) + return defer.succeed(None) + + if not self.check_security_limit(node[1], security_limit): + msg = _( + "{profile!r} is trying to set parameter {name!r} in category " + "{category!r} without authorization!!!").format( + profile=repr(profile), + name=repr(name), + category=repr(category) + ) + log.warning(msg) + raise exceptions.PermissionError(msg) + + type_ = node[1].getAttribute("type") + if type_ == "int": + if not value: # replace with the default value (which might also be '') + value = node[1].getAttribute("value") + else: + try: + int(value) + except ValueError: + log.warning(_( + "Trying to set parameter {name} in category {category} with" + "an non-integer value" + ).format( + name=repr(name), + category=repr(category) + )) + return defer.succeed(None) + if node[1].hasAttribute("constraint"): + constraint = node[1].getAttribute("constraint") + try: + min_, max_ = [int(limit) for limit in constraint.split(";")] + except ValueError: + raise exceptions.InternalError( + "Invalid integer parameter constraint: %s" % constraint + ) + value = str(min(max(int(value), min_), max_)) + + log.info( + _("Setting parameter (%(category)s, %(name)s) = %(value)s") + % { + "category": category, + "name": name, + "value": value if type_ != "password" else "********", + } + ) + + if node[0] == C.GENERAL: + self.params_gen[(category, name)] = value + self.storage.set_gen_param(category, name, value) + for profile in self.storage.get_profiles_list(): + if self.host.memory.is_session_started(profile): + self.host.bridge.param_update(name, value, category, profile) + self.host.trigger.point( + "param_update_trigger", name, value, category, node[0], profile + ) + return defer.succeed(None) + + assert node[0] == C.INDIVIDUAL + assert profile_key != C.PROF_KEY_NONE + + if type_ == "button": + log.debug("Clicked param button %s" % node.toxml()) + return defer.succeed(None) + elif type_ == "password": + try: + personal_key = self.host.memory.auth_sessions.profile_get_unique(profile)[ + C.MEMORY_CRYPTO_KEY + ] + except TypeError: + raise exceptions.InternalError( + _("Trying to encrypt a password while the personal key is undefined!") + ) + if (category, name) == C.PROFILE_PASS_PATH: + # using 'value' as the encryption key to encrypt another encryption key... could be confusing! + d = self.host.memory.encrypt_personal_data( + data_key=C.MEMORY_CRYPTO_KEY, + data_value=personal_key, + crypto_key=value, + profile=profile, + ) + d.addCallback( + lambda __: PasswordHasher.hash(value) + ) # profile password is hashed (empty value stays empty) + elif value: # other non empty passwords are encrypted with the personal key + d = defer.succeed(BlockCipher.encrypt(personal_key, value)) + else: + d = defer.succeed(value) + else: + d = defer.succeed(value) + + def got_final_value(value): + if self.host.memory.is_session_started(profile): + self.params[profile][(category, name)] = value + self.host.bridge.param_update(name, value, category, profile) + self.host.trigger.point( + "param_update_trigger", name, value, category, node[0], profile + ) + return self.storage.set_ind_param(category, name, value, profile) + else: + raise exceptions.ProfileNotConnected + + d.addCallback(got_final_value) + return d + + def _get_nodes_of_types(self, attr_type, node_type="@ALL@"): + """Return all the nodes matching the given types. + + TODO: using during the dev but not anymore... remove if not needed + + @param attr_type (str): the attribute type (string, text, password, bool, int, button, list) + @param node_type (str): keyword for filtering: + @ALL@ search everywhere + @GENERAL@ only search in general type + @INDIVIDUAL@ only search in individual type + @return: dict{tuple: node}: a dict {key, value} where: + - key is a couple (attribute category, attribute name) + - value is a node + """ + ret = {} + for type_node in self.dom.documentElement.childNodes: + if ( + (node_type == "@ALL@" or node_type == "@GENERAL@") + and type_node.nodeName == C.GENERAL + ) or ( + (node_type == "@ALL@" or node_type == "@INDIVIDUAL@") + and type_node.nodeName == C.INDIVIDUAL + ): + for cat_node in type_node.getElementsByTagName("category"): + cat = cat_node.getAttribute("name") + params = cat_node.getElementsByTagName("param") + for param in params: + if param.getAttribute("type") == attr_type: + ret[(cat, param.getAttribute("name"))] = param + return ret + + def check_security_limit(self, node, security_limit): + """Check the given node against the given security limit. + The value NO_SECURITY_LIMIT (-1) means that everything is allowed. + @return: True if this node can be accessed with the given security limit. + """ + if security_limit < 0: + return True + if node.hasAttribute("security"): + if int(node.getAttribute("security")) <= security_limit: + return True + return False + + def check_app(self, node, app): + """Check the given node against the given app. + + @param node: parameter node + @param app: name of the frontend requesting the parameters, or '' to get all parameters + @return: True if this node concerns the given app. + """ + if not app or not node.hasAttribute("app"): + return True + return node.getAttribute("app") == app + + def check_extra(self, node, extra): + """Check the given node against the extra filters. + + @param node: parameter node + @param app: name of the frontend requesting the parameters, or '' to get all parameters + @return: True if node doesn't match category/name of extra['ignore'] list + """ + ignore_list = extra.get('ignore') + if not ignore_list: + return True + category = node.parentNode.getAttribute('name') + name = node.getAttribute('name') + ignore = [category, name] in ignore_list + if ignore: + log.debug(f"Ignoring parameter {category}/{name} as requested") + return False + return True + + +def make_options(options, selected=None): + """Create option XML form dictionary + + @param options(dict): option's name => option's label map + @param selected(None, str): value of selected option + None to use first value + @return (str): XML to use in parameters + """ + str_list = [] + if selected is None: + selected = next(iter(options.keys())) + selected_found = False + for value, label in options.items(): + if value == selected: + selected = 'selected="true"' + selected_found = True + else: + selected = '' + str_list.append( + f'<option value={quoteattr(value)} label={quoteattr(label)} {selected}/>' + ) + if not selected_found: + raise ValueError(f"selected value ({selected}) not found in options") + return '\n'.join(str_list)