diff src/memory/memory.py @ 656:7d6e5807504a

bridge, memory: added the parameter security_limit to asyncGetParamA so it can be used from libervia. refactorization in memory.py are related to that.
author souliane <souliane@mailoo.org>
date Wed, 02 Oct 2013 20:25:19 +0200
parents 17bd09cd1001
children 4f747d7fde8c
line wrap: on
line diff
--- a/src/memory/memory.py	Wed Oct 02 17:38:29 2013 +0200
+++ b/src/memory/memory.py	Wed Oct 02 20:25:19 2013 +0200
@@ -315,12 +315,12 @@
             value = self.__getParam(profile, category, name)
             return self.__getAttr(node[1], attr, value)
 
-    def asyncGetStringParamA(self, name, category, attr="value", profile_key="@NONE@"):
-        d = self.asyncGetParamA(name, category, attr, profile_key)
+    def asyncGetStringParamA(self, name, category, attr="value", security_limit=NO_SECURITY_LIMIT, profile_key="@NONE@"):
+        d = self.asyncGetParamA(name, category, attr, security_limit, profile_key)
         d.addCallback(self.__type_to_string)
         return d
 
-    def asyncGetParamA(self, name, category, attr="value", profile_key="@NONE@"):
+    def asyncGetParamA(self, name, category, attr="value", security_limit=NO_SECURITY_LIMIT, profile_key="@NONE@"):
         """Helper method to get a specific attribute
            @param name: name of the parameter
            @param category: category of the parameter
@@ -331,6 +331,11 @@
             error(_("Requested param [%(name)s] in category [%(category)s] doesn't exist !") % {'name': name, 'category': category})
             return None
 
+        if not self.checkSecurityLimit(node[1], security_limit):
+            warning(_("Trying to get parameter '%s' in category '%s' without authorization!!!"
+                      % (name, category)))
+            return None
+
         if node[0] == 'general':
             value = self.__getParam(None, category, name, 'general')
             return defer.succeed(self.__getAttr(node[1], attr, value))
@@ -386,22 +391,6 @@
         """
 
         def constructProfile(ignore, profile_cache):
-
-            def filterParam(node):
-                """Filter with security level.
-                @return: True is this param must be filtered"""
-                if security_limit < 0:
-                    return False
-                if not node.hasAttribute('security'):
-                    #debug("filtered param: %s (no security set)"
-                    #      % node.getAttribute("name"))
-                    return True
-                if int(node.getAttribute('security')) > security_limit:
-                    #debug("filtered param: %s (security level > %i)"
-                    #      % (node.getAttribute("name"), security_limit))
-                    return True
-                return False
-
             # init the result document
             prof_xml = minidom.parseString('<params/>')
             cache = {}
@@ -421,7 +410,7 @@
                         for node in dest_cat.childNodes:
                             if node.nodeName != "param":
                                 continue
-                            if filterParam(node):
+                            if not self.checkSecurityLimit(node, security_limit):
                                 dest_cat.removeChild(node)
                                 continue
                             dest_params[node.getAttribute('name')] = node
@@ -436,7 +425,7 @@
                         # we have to merge new params (we are parsing individual parameters, we have to add them
                         # to the previously parsed general ones)
                         name = param_node.getAttribute('name')
-                        if filterParam(param_node):
+                        if not self.checkSecurityLimit(param_node, security_limit):
                             continue
                         if name not in dest_params:
                             # this is reached when a previous category exists
@@ -561,15 +550,10 @@
                   % {'category': category, 'name': name})
             return
 
-        if security_limit >= 0:
-            abort = True
-            if node[1].hasAttribute("security"):
-                if int(node[1].getAttribute("security")) <= security_limit:
-                    abort = False
-            if abort:
-                warning(_("Trying to set parameter '%s' in category '%s' without authorization!!!"
+        if not self.checkSecurityLimit(node[1], security_limit):
+            warning(_("Trying to set parameter '%s' in category '%s' without authorization!!!"
                           % (name, category)))
-                return
+            return
 
         if node[0] == 'general':
             self.params_gen[(category, name)] = value
@@ -593,6 +577,18 @@
             self.host.trigger.point("paramUpdateTrigger", name, value, category, node[0], profile)
             self.storage.setIndParam(category, name, value, profile)
 
+    def checkSecurityLimit(self, node, security_limit):
+        """Check the given node against the given security limit.
+        The value NO_SECURITY_LIMIT (-1) means that everything is allowed.
+        @return: True if this node can be accessed with the given security limit.
+        """
+        if security_limit < 0:
+            return True
+        if node.hasAttribute("security"):
+            if int(node.getAttribute("security")) <= security_limit:
+                return True
+        return False
+
 
 class Memory(object):
     """This class manage all persistent informations"""
@@ -828,7 +824,7 @@
         """
         profile = self.getProfileName(profile_key)
         if not profile:
-            raise exceptions.UnknownProfileError(_('Trying to get entity data for a non-existant profile'))
+            raise exceptions.ProfileUnknownError(_('Trying to get entity data for a non-existant profile'))
         if not profile in self.entitiesCache:
             raise exceptions.ProfileNotInCacheError
         if entity_jid == "@ALL@":
@@ -859,7 +855,7 @@
         """
         profile = self.getProfileName(profile_key)
         if not profile:
-            raise exceptions.UnknownProfileError(_('Trying to get entity data for a non-existant profile'))
+            raise exceptions.ProfileUnknownError(_('Trying to get entity data for a non-existant profile'))
         if not profile in self.entitiesCache:
             raise exceptions.ProfileNotInCacheError
         if not entity_jid.userhost() in self.entitiesCache[profile]:
@@ -915,11 +911,11 @@
     def getParamA(self, name, category, attr="value", profile_key='@NONE@'):
         return self.params.getParamA(name, category, attr, profile_key)
 
-    def asyncGetParamA(self, name, category, attr="value", profile_key='@NONE@'):
-        return self.params.asyncGetParamA(name, category, attr, profile_key)
+    def asyncGetParamA(self, name, category, attr="value", security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'):
+        return self.params.asyncGetParamA(name, category, attr, security_limit, profile_key)
 
-    def asyncGetStringParamA(self, name, category, attr="value", profile_key='@NONE@'):
-        return self.params.asyncGetStringParamA(name, category, attr, profile_key)
+    def asyncGetStringParamA(self, name, category, attr="value", security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'):
+        return self.params.asyncGetStringParamA(name, category, attr, security_limit, profile_key)
 
     def getParamsUI(self, security_limit=NO_SECURITY_LIMIT, profile_key='@NONE@'):
         return self.params.getParamsUI(security_limit, profile_key)