Mercurial > libervia-backend

diff src/plugins/plugin_misc_extra_pep.py @ 1744:9a48e09044eb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugin extra_pep, params: fixed insecure building of jids_list
author Goffi <goffi@goffi.org>
date Tue, 15 Dec 2015 16:25:19 +0100
parents cc31dd72526d
children 0dfabe746ec4
line wrap: on
line diff
--- a/src/plugins/plugin_misc_extra_pep.py	Fri Dec 11 11:25:29 2015 +0100
+++ b/src/plugins/plugin_misc_extra_pep.py	Tue Dec 15 16:25:19 2015 +0100
@@ -20,6 +20,8 @@
 from sat.core.i18n import _, D_
 from sat.core.log import getLogger
 log = getLogger(__name__)
+from sat.memory import params
+from twisted.words.protocols.jabber import jid
 
 
 PLUGIN_INFO = {
@@ -34,9 +36,11 @@
     "description": _(u"""Display messages from extra PEP services""")
 }
 
+
 PARAM_KEY = u"Misc"
 PARAM_NAME = u"Blog authors following list"
-PARAM_DEFAULT = ["salut-a-toi@libervia.org"]
+PARAM_DEFAULT = (jid.JID("salut-a-toi@libervia.org"),)
+
 
 class ExtraPEP(object):
 
@@ -55,7 +59,7 @@
         'category_label': D_(PARAM_KEY),
         'param_name': PARAM_NAME,
         'param_label': D_(PARAM_NAME),
-        'jids': "".join(["<jid>%s</jid>" % jid for jid in PARAM_DEFAULT])
+        'jids': u"\n".join({elt.toXml() for elt in params.createJidElts(PARAM_DEFAULT)})
     }
 
     def __init__(self, host):