Mercurial > libervia-backend
view sat/plugins/plugin_xep_0329.py @ 3877:00212260f659
plugin XEP-0420: Implementation of Stanza Content Encryption:
Includes implementation of XEP-0082 (XMPP date and time profiles) and tests for both new plugins.
Everything is type checked, linted, format checked and unit tested.
Adds new dependency xmlschema.
fix 377
author | Syndace <me@syndace.dev> |
---|---|
date | Tue, 23 Aug 2022 12:04:11 +0200 |
parents | 813595f88612 |
children | 524856bd7b19 |
line wrap: on
line source
#!/usr/bin/env python3 # SAT plugin for File Information Sharing (XEP-0329) # Copyright (C) 2009-2021 Jérôme Poisson (goffi@goffi.org) # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. import mimetypes import json import os import traceback from pathlib import Path from typing import Optional, Dict from zope.interface import implementer from twisted.words.protocols.jabber import xmlstream from twisted.words.protocols.jabber import jid from twisted.words.protocols.jabber import error as jabber_error from twisted.internet import defer from wokkel import disco, iwokkel, data_form from sat.core.i18n import _ from sat.core.xmpp import SatXMPPEntity from sat.core import exceptions from sat.core.constants import Const as C from sat.core.log import getLogger from sat.tools import stream from sat.tools import utils from sat.tools.common import regex log = getLogger(__name__) PLUGIN_INFO = { C.PI_NAME: "File Information Sharing", C.PI_IMPORT_NAME: "XEP-0329", C.PI_TYPE: "XEP", C.PI_MODES: C.PLUG_MODE_BOTH, C.PI_PROTOCOLS: ["XEP-0329"], C.PI_DEPENDENCIES: ["XEP-0231", "XEP-0234", "XEP-0300", "XEP-0106"], C.PI_MAIN: "XEP_0329", C.PI_HANDLER: "yes", C.PI_DESCRIPTION: _("""Implementation of File Information Sharing"""), } NS_FIS = "urn:xmpp:fis:0" NS_FIS_AFFILIATION = "org.salut-a-toi.fis-affiliation" NS_FIS_CONFIGURATION = "org.salut-a-toi.fis-configuration" NS_FIS_CREATE = "org.salut-a-toi.fis-create" IQ_FIS_REQUEST = f'{C.IQ_GET}/query[@xmlns="{NS_FIS}"]' # not in the standard, but needed, and it's handy to keep it here IQ_FIS_AFFILIATION_GET = f'{C.IQ_GET}/affiliations[@xmlns="{NS_FIS_AFFILIATION}"]' IQ_FIS_AFFILIATION_SET = f'{C.IQ_SET}/affiliations[@xmlns="{NS_FIS_AFFILIATION}"]' IQ_FIS_CONFIGURATION_GET = f'{C.IQ_GET}/configuration[@xmlns="{NS_FIS_CONFIGURATION}"]' IQ_FIS_CONFIGURATION_SET = f'{C.IQ_SET}/configuration[@xmlns="{NS_FIS_CONFIGURATION}"]' IQ_FIS_CREATE_DIR = f'{C.IQ_SET}/dir[@xmlns="{NS_FIS_CREATE}"]' SINGLE_FILES_DIR = "files" TYPE_VIRTUAL = "virtual" TYPE_PATH = "path" SHARE_TYPES = (TYPE_PATH, TYPE_VIRTUAL) KEY_TYPE = "type" class RootPathException(Exception): """Root path is requested""" class ShareNode(object): """Node containing directory or files to share, virtual or real""" host = None def __init__(self, name, parent, type_, access, path=None): assert type_ in SHARE_TYPES if name is not None: if name == ".." or "/" in name or "\\" in name: log.warning( _("path change chars found in name [{name}], hack attempt?").format( name=name ) ) if name == "..": name = "--" else: name = regex.pathEscape(name) self.name = name self.children = {} self.type = type_ self.access = {} if access is None else access assert isinstance(self.access, dict) self.parent = None if parent is not None: assert name parent.addChild(self) else: assert name is None if path is not None: if type_ != TYPE_PATH: raise exceptions.InternalError(_("path can only be set on path nodes")) self._path = path @property def path(self): return self._path def __getitem__(self, key): return self.children[key] def __contains__(self, item): return self.children.__contains__(item) def __iter__(self): return self.children.__iter__() def items(self): return self.children.items() def values(self): return self.children.values() def getOrCreate(self, name, type_=TYPE_VIRTUAL, access=None): """Get a node or create a virtual node and return it""" if access is None: access = {C.ACCESS_PERM_READ: {KEY_TYPE: C.ACCESS_TYPE_PUBLIC}} try: return self.children[name] except KeyError: node = ShareNode(name, self, type_=type_, access=access) return node def addChild(self, node): if node.parent is not None: raise exceptions.ConflictError(_("a node can't have several parents")) node.parent = self self.children[node.name] = node def removeFromParent(self): try: del self.parent.children[self.name] except TypeError: raise exceptions.InternalError( "trying to remove a node from inexisting parent" ) except KeyError: raise exceptions.InternalError("node not found in parent's children") self.parent = None def _checkNodePermission(self, client, node, perms, peer_jid): """Check access to this node for peer_jid @param node(SharedNode): node to check access @param perms(unicode): permissions to check, iterable of C.ACCESS_PERM_* @param peer_jid(jid.JID): entity which try to access the node @return (bool): True if entity can access """ file_data = {"access": self.access, "owner": client.jid.userhostJID()} try: self.host.memory.checkFilePermission(file_data, peer_jid, perms) except exceptions.PermissionError: return False else: return True def checkPermissions( self, client, peer_jid, perms=(C.ACCESS_PERM_READ,), check_parents=True ): """Check that peer_jid can access this node and all its parents @param peer_jid(jid.JID): entrity trying to access the node @param perms(unicode): permissions to check, iterable of C.ACCESS_PERM_* @param check_parents(bool): if True, access of all parents of this node will be checked too @return (bool): True if entity can access this node """ peer_jid = peer_jid.userhostJID() if peer_jid == client.jid.userhostJID(): return True parent = self while parent != None: if not self._checkNodePermission(client, parent, perms, peer_jid): return False parent = parent.parent return True @staticmethod def find(client, path, peer_jid, perms=(C.ACCESS_PERM_READ,)): """find node corresponding to a path @param path(unicode): path to the requested file or directory @param peer_jid(jid.JID): entity trying to find the node used to check permission @return (dict, unicode): shared data, remaining path @raise exceptions.PermissionError: user can't access this file @raise exceptions.DataError: path is invalid @raise NotFound: path lead to a non existing file/directory """ path_elts = [_f for _f in path.split("/") if _f] if ".." in path_elts: log.warning(_( 'parent dir ("..") found in path, hack attempt? path is {path} ' '[{profile}]').format(path=path, profile=client.profile)) raise exceptions.PermissionError("illegal path elements") node = client._XEP_0329_root_node while path_elts: if node.type == TYPE_VIRTUAL: try: node = node[path_elts.pop(0)] except KeyError: raise exceptions.NotFound elif node.type == TYPE_PATH: break if not node.checkPermissions(client, peer_jid, perms=perms): raise exceptions.PermissionError("permission denied") return node, "/".join(path_elts) def findByLocalPath(self, path): """retrieve nodes linking to local path @return (list[ShareNode]): found nodes associated to path @raise exceptions.NotFound: no node has been found with this path """ shared_paths = self.getSharedPaths() try: return shared_paths[path] except KeyError: raise exceptions.NotFound def _getSharedPaths(self, node, paths): if node.type == TYPE_VIRTUAL: for node in node.values(): self._getSharedPaths(node, paths) elif node.type == TYPE_PATH: paths.setdefault(node.path, []).append(node) else: raise exceptions.InternalError( "unknown node type: {type}".format(type=node.type) ) def getSharedPaths(self): """retrieve nodes by shared path this method will retrieve recursively shared path in children of this node @return (dict): map from shared path to list of nodes """ if self.type == TYPE_PATH: raise exceptions.InternalError( "getSharedPaths must be used on a virtual node" ) paths = {} self._getSharedPaths(self, paths) return paths class XEP_0329(object): def __init__(self, host): log.info(_("File Information Sharing initialization")) self.host = host ShareNode.host = host self._b = host.plugins["XEP-0231"] self._h = host.plugins["XEP-0300"] self._jf = host.plugins["XEP-0234"] host.bridge.addMethod( "FISList", ".plugin", in_sign="ssa{ss}s", out_sign="aa{ss}", method=self._listFiles, async_=True, ) host.bridge.addMethod( "FISLocalSharesGet", ".plugin", in_sign="s", out_sign="as", method=self._localSharesGet, ) host.bridge.addMethod( "FISSharePath", ".plugin", in_sign="ssss", out_sign="s", method=self._sharePath, ) host.bridge.addMethod( "FISUnsharePath", ".plugin", in_sign="ss", out_sign="", method=self._unsharePath, ) host.bridge.addMethod( "FISAffiliationsGet", ".plugin", in_sign="ssss", out_sign="a{ss}", method=self._affiliationsGet, async_=True, ) host.bridge.addMethod( "FISAffiliationsSet", ".plugin", in_sign="sssa{ss}s", out_sign="", method=self._affiliationsSet, async_=True, ) host.bridge.addMethod( "FISConfigurationGet", ".plugin", in_sign="ssss", out_sign="a{ss}", method=self._configurationGet, async_=True, ) host.bridge.addMethod( "FISConfigurationSet", ".plugin", in_sign="sssa{ss}s", out_sign="", method=self._configurationSet, async_=True, ) host.bridge.addMethod( "FISCreateDir", ".plugin", in_sign="sssa{ss}s", out_sign="", method=self._createDir, async_=True, ) host.bridge.addSignal("FISSharedPathNew", ".plugin", signature="sss") host.bridge.addSignal("FISSharedPathRemoved", ".plugin", signature="ss") host.trigger.add("XEP-0234_fileSendingRequest", self._fileSendingRequestTrigger) host.registerNamespace("fis", NS_FIS) def getHandler(self, client): return XEP_0329_handler(self) def profileConnected(self, client): if client.is_component: client._file_sharing_allowed_hosts = self.host.memory.getConfig( 'component file_sharing', 'http_upload_allowed_hosts_list') or [client.host] else: client._XEP_0329_root_node = ShareNode( None, None, TYPE_VIRTUAL, {C.ACCESS_PERM_READ: {KEY_TYPE: C.ACCESS_TYPE_PUBLIC}}, ) client._XEP_0329_names_data = {} # name to share map def _fileSendingRequestTrigger( self, client, session, content_data, content_name, file_data, file_elt ): """This trigger check that a requested file is available, and fill suitable data Path and name are used to retrieve the file. If path is missing, we try our luck with known names """ if client.is_component: return True, None try: name = file_data["name"] except KeyError: return True, None assert "/" not in name path = file_data.get("path") if path is not None: # we have a path, we can follow it to find node try: node, rem_path = ShareNode.find(client, path, session["peer_jid"]) except (exceptions.PermissionError, exceptions.NotFound): # no file, or file not allowed, we continue normal workflow return True, None except exceptions.DataError: log.warning(_("invalid path: {path}").format(path=path)) return True, None if node.type == TYPE_VIRTUAL: # we have a virtual node, so name must link to a path node try: path = node[name].path except KeyError: return True, None elif node.type == TYPE_PATH: # we have a path node, so we can retrieve the full path now path = os.path.join(node.path, rem_path, name) else: raise exceptions.InternalError( "unknown type: {type}".format(type=node.type) ) if not os.path.exists(path): return True, None size = os.path.getsize(path) else: # we don't have the path, we try to find the file by its name try: name_data = client._XEP_0329_names_data[name] except KeyError: return True, None for path, shared_file in name_data.items(): if True: # FIXME: filters are here break else: return True, None parent_node = shared_file["parent"] if not parent_node.checkPermissions(client, session["peer_jid"]): log.warning( _( "{peer_jid} requested a file (s)he can't access [{profile}]" ).format(peer_jid=session["peer_jid"], profile=client.profile) ) return True, None size = shared_file["size"] file_data["size"] = size file_elt.addElement("size", content=str(size)) hash_algo = file_data["hash_algo"] = self._h.getDefaultAlgo() hasher = file_data["hash_hasher"] = self._h.getHasher(hash_algo) file_elt.addChild(self._h.buildHashUsedElt(hash_algo)) content_data["stream_object"] = stream.FileStreamObject( self.host, client, path, uid=self._jf.getProgressId(session, content_name), size=size, data_cb=lambda data: hasher.update(data), ) return False, defer.succeed(True) # common methods def _requestHandler(self, client, iq_elt, root_nodes_cb, files_from_node_cb): iq_elt.handled = True node = iq_elt.query.getAttribute("node") if not node: d = utils.asDeferred(root_nodes_cb, client, iq_elt) else: d = utils.asDeferred(files_from_node_cb, client, iq_elt, node) d.addErrback( lambda failure_: log.error( _("error while retrieving files: {msg}").format(msg=failure_) ) ) def _iqError(self, client, iq_elt, condition="item-not-found"): error_elt = jabber_error.StanzaError(condition).toResponse(iq_elt) client.send(error_elt) # client def _addPathData(self, client, query_elt, path, parent_node): """Fill query_elt with files/directories found in path""" name = os.path.basename(path) if os.path.isfile(path): size = os.path.getsize(path) mime_type = mimetypes.guess_type(path, strict=False)[0] file_elt = self._jf.buildFileElement( client=client, name=name, size=size, mime_type=mime_type, modified=os.path.getmtime(path) ) query_elt.addChild(file_elt) # we don't specify hash as it would be too resource intensive to calculate # it for all files. # we add file to name_data, so users can request it later name_data = client._XEP_0329_names_data.setdefault(name, {}) if path not in name_data: name_data[path] = { "size": size, "mime_type": mime_type, "parent": parent_node, } else: # we have a directory directory_elt = query_elt.addElement("directory") directory_elt["name"] = name def _pathNodeHandler(self, client, iq_elt, query_elt, node, path): """Fill query_elt for path nodes, i.e. physical directories""" path = os.path.join(node.path, path) if not os.path.exists(path): # path may have been moved since it has been shared return self._iqError(client, iq_elt) elif os.path.isfile(path): self._addPathData(client, query_elt, path, node) else: for name in sorted(os.listdir(path.encode("utf-8")), key=lambda n: n.lower()): try: name = name.decode("utf-8", "strict") except UnicodeDecodeError as e: log.warning( _("ignoring invalid unicode name ({name}): {msg}").format( name=name.decode("utf-8", "replace"), msg=e ) ) continue full_path = os.path.join(path, name) self._addPathData(client, query_elt, full_path, node) def _virtualNodeHandler(self, client, peer_jid, iq_elt, query_elt, node): """Fill query_elt for virtual nodes""" for name, child_node in node.items(): if not child_node.checkPermissions(client, peer_jid, check_parents=False): continue node_type = child_node.type if node_type == TYPE_VIRTUAL: directory_elt = query_elt.addElement("directory") directory_elt["name"] = name elif node_type == TYPE_PATH: self._addPathData(client, query_elt, child_node.path, child_node) else: raise exceptions.InternalError( _("unexpected type: {type}").format(type=node_type) ) def _getRootNodesCb(self, client, iq_elt): peer_jid = jid.JID(iq_elt["from"]) iq_result_elt = xmlstream.toResponse(iq_elt, "result") query_elt = iq_result_elt.addElement((NS_FIS, "query")) for name, node in client._XEP_0329_root_node.items(): if not node.checkPermissions(client, peer_jid, check_parents=False): continue directory_elt = query_elt.addElement("directory") directory_elt["name"] = name client.send(iq_result_elt) def _getFilesFromNodeCb(self, client, iq_elt, node_path): """Main method to retrieve files/directories from a node_path""" peer_jid = jid.JID(iq_elt["from"]) try: node, path = ShareNode.find(client, node_path, peer_jid) except (exceptions.PermissionError, exceptions.NotFound): return self._iqError(client, iq_elt) except exceptions.DataError: return self._iqError(client, iq_elt, condition="not-acceptable") node_type = node.type peer_jid = jid.JID(iq_elt["from"]) iq_result_elt = xmlstream.toResponse(iq_elt, "result") query_elt = iq_result_elt.addElement((NS_FIS, "query")) query_elt["node"] = node_path # we now fill query_elt according to node_type if node_type == TYPE_PATH: # it's a physical path self._pathNodeHandler(client, iq_elt, query_elt, node, path) elif node_type == TYPE_VIRTUAL: assert not path self._virtualNodeHandler(client, peer_jid, iq_elt, query_elt, node) else: raise exceptions.InternalError( _("unknown node type: {type}").format(type=node_type) ) client.send(iq_result_elt) def onRequest(self, iq_elt, client): return self._requestHandler( client, iq_elt, self._getRootNodesCb, self._getFilesFromNodeCb ) # Component def _compParseJids(self, client, iq_elt): """Retrieve peer_jid and owner to use from IQ stanza @param iq_elt(domish.Element): IQ stanza of the FIS request @return (tuple[jid.JID, jid.JID]): peer_jid and owner """ async def _compGetRootNodesCb(self, client, iq_elt): peer_jid, owner = client.getOwnerAndPeer(iq_elt) files_data = await self.host.memory.getFiles( client, peer_jid=peer_jid, parent="", type_=C.FILE_TYPE_DIRECTORY, owner=owner, ) iq_result_elt = xmlstream.toResponse(iq_elt, "result") query_elt = iq_result_elt.addElement((NS_FIS, "query")) for file_data in files_data: name = file_data["name"] directory_elt = query_elt.addElement("directory") directory_elt["name"] = name client.send(iq_result_elt) async def _compGetFilesFromNodeCb(self, client, iq_elt, node_path): """Retrieve files from local files repository according to permissions result stanza is then built and sent to requestor @trigger XEP-0329_compGetFilesFromNode(client, iq_elt, owner, node_path, files_data): can be used to add data/elements """ peer_jid, owner = client.getOwnerAndPeer(iq_elt) try: files_data = await self.host.memory.getFiles( client, peer_jid=peer_jid, path=node_path, owner=owner ) except exceptions.NotFound: self._iqError(client, iq_elt) return except exceptions.PermissionError: self._iqError(client, iq_elt, condition='not-allowed') return except Exception as e: tb = traceback.format_tb(e.__traceback__) log.error(f"internal server error: {e}\n{''.join(tb)}") self._iqError(client, iq_elt, condition='internal-server-error') return iq_result_elt = xmlstream.toResponse(iq_elt, "result") query_elt = iq_result_elt.addElement((NS_FIS, "query")) query_elt["node"] = node_path if not self.host.trigger.point( "XEP-0329_compGetFilesFromNode", client, iq_elt, iq_result_elt, owner, node_path, files_data ): return for file_data in files_data: if file_data['type'] == C.FILE_TYPE_DIRECTORY: directory_elt = query_elt.addElement("directory") directory_elt['name'] = file_data['name'] self.host.trigger.point( "XEP-0329_compGetFilesFromNode_build_directory", client, file_data, directory_elt, owner, node_path, ) else: file_elt = self._jf.buildFileElementFromDict( client, file_data, modified=file_data.get("modified", file_data["created"]) ) query_elt.addChild(file_elt) client.send(iq_result_elt) def onComponentRequest(self, iq_elt, client): return self._requestHandler( client, iq_elt, self._compGetRootNodesCb, self._compGetFilesFromNodeCb ) async def _parseResult(self, client, peer_jid, iq_elt): query_elt = next(iq_elt.elements(NS_FIS, "query")) files = [] for elt in query_elt.elements(): if elt.name == "file": # we have a file try: file_data = await self._jf.parseFileElement(client, elt) except exceptions.DataError: continue file_data["type"] = C.FILE_TYPE_FILE try: thumbs = file_data['extra'][C.KEY_THUMBNAILS] except KeyError: log.debug(f"No thumbnail found for {file_data}") else: for thumb in thumbs: if 'url' not in thumb and "id" in thumb: try: file_path = await self._b.getFile(client, peer_jid, thumb['id']) except Exception as e: log.warning(f"Can't get thumbnail {thumb['id']!r} for {file_data}: {e}") else: thumb['filename'] = file_path.name elif elt.name == "directory" and elt.uri == NS_FIS: # we have a directory file_data = {"name": elt["name"], "type": C.FILE_TYPE_DIRECTORY} self.host.trigger.point( "XEP-0329_parseResult_directory", client, elt, file_data, ) else: log.warning( _("unexpected element, ignoring: {elt}") .format(elt=elt.toXml()) ) continue files.append(file_data) return files # affiliations # async def _parseElement(self, client, iq_elt, element, namespace): peer_jid, owner = client.getOwnerAndPeer(iq_elt) elt = next(iq_elt.elements(namespace, element)) path = Path("/", elt['path']) if len(path.parts) < 2: raise RootPathException namespace = elt.getAttribute('namespace') files_data = await self.host.memory.getFiles( client, peer_jid=peer_jid, path=str(path.parent), name=path.name, namespace=namespace, owner=owner, ) if len(files_data) != 1: client.sendError(iq_elt, 'item-not-found') raise exceptions.CancelError file_data = files_data[0] return peer_jid, elt, path, namespace, file_data def _affiliationsGet(self, service_jid_s, namespace, path, profile): client = self.host.getClient(profile) service = jid.JID(service_jid_s) d = defer.ensureDeferred(self.affiliationsGet( client, service, namespace or None, path)) d.addCallback( lambda affiliations: { str(entity): affiliation for entity, affiliation in affiliations.items() } ) return d async def affiliationsGet( self, client: SatXMPPEntity, service: jid.JID, namespace: Optional[str], path: str ) -> Dict[jid.JID, str]: if not path: raise ValueError(f"invalid path: {path!r}") iq_elt = client.IQ("get") iq_elt['to'] = service.full() affiliations_elt = iq_elt.addElement((NS_FIS_AFFILIATION, "affiliations")) if namespace: affiliations_elt["namespace"] = namespace affiliations_elt["path"] = path iq_result_elt = await iq_elt.send() try: affiliations_elt = next(iq_result_elt.elements(NS_FIS_AFFILIATION, "affiliations")) except StopIteration: raise exceptions.DataError(f"Invalid result to affiliations request: {iq_result_elt.toXml()}") affiliations = {} for affiliation_elt in affiliations_elt.elements(NS_FIS_AFFILIATION, 'affiliation'): try: affiliations[jid.JID(affiliation_elt['jid'])] = affiliation_elt['affiliation'] except (KeyError, RuntimeError): raise exceptions.DataError( f"invalid affiliation element: {affiliation_elt.toXml()}") return affiliations def _affiliationsSet(self, service_jid_s, namespace, path, affiliations, profile): client = self.host.getClient(profile) service = jid.JID(service_jid_s) affiliations = {jid.JID(e): a for e, a in affiliations.items()} return defer.ensureDeferred(self.affiliationsSet( client, service, namespace or None, path, affiliations)) async def affiliationsSet( self, client: SatXMPPEntity, service: jid.JID, namespace: Optional[str], path: str, affiliations: Dict[jid.JID, str], ): if not path: raise ValueError(f"invalid path: {path!r}") iq_elt = client.IQ("set") iq_elt['to'] = service.full() affiliations_elt = iq_elt.addElement((NS_FIS_AFFILIATION, "affiliations")) if namespace: affiliations_elt["namespace"] = namespace affiliations_elt["path"] = path for entity_jid, affiliation in affiliations.items(): affiliation_elt = affiliations_elt.addElement('affiliation') affiliation_elt['jid'] = entity_jid.full() affiliation_elt['affiliation'] = affiliation await iq_elt.send() def _onComponentAffiliationsGet(self, iq_elt, client): iq_elt.handled = True defer.ensureDeferred(self.onComponentAffiliationsGet(client, iq_elt)) async def onComponentAffiliationsGet(self, client, iq_elt): try: ( from_jid, affiliations_elt, path, namespace, file_data ) = await self._parseElement(client, iq_elt, "affiliations", NS_FIS_AFFILIATION) except exceptions.CancelError: return except RootPathException: # if root path is requested, we only get owner affiliation peer_jid, owner = client.getOwnerAndPeer(iq_elt) is_owner = peer_jid.userhostJID() == owner affiliations = {owner: 'owner'} except exceptions.NotFound: client.sendError(iq_elt, "item-not-found") return except Exception as e: client.sendError(iq_elt, "internal-server-error", str(e)) return else: from_jid_bare = from_jid.userhostJID() is_owner = from_jid_bare == file_data.get('owner') affiliations = self.host.memory.getFileAffiliations(file_data) iq_result_elt = xmlstream.toResponse(iq_elt, "result") affiliations_elt = iq_result_elt.addElement((NS_FIS_AFFILIATION, 'affiliations')) for entity_jid, affiliation in affiliations.items(): if not is_owner and entity_jid.userhostJID() != from_jid_bare: # only onwer can get all affiliations continue affiliation_elt = affiliations_elt.addElement('affiliation') affiliation_elt['jid'] = entity_jid.userhost() affiliation_elt['affiliation'] = affiliation client.send(iq_result_elt) def _onComponentAffiliationsSet(self, iq_elt, client): iq_elt.handled = True defer.ensureDeferred(self.onComponentAffiliationsSet(client, iq_elt)) async def onComponentAffiliationsSet(self, client, iq_elt): try: ( from_jid, affiliations_elt, path, namespace, file_data ) = await self._parseElement(client, iq_elt, "affiliations", NS_FIS_AFFILIATION) except exceptions.CancelError: return except RootPathException: client.sendError(iq_elt, 'bad-request', "Root path can't be used") return if from_jid.userhostJID() != file_data['owner']: log.warning( f"{from_jid} tried to modify {path} affiliations while the owner is " f"{file_data['owner']}" ) client.sendError(iq_elt, 'forbidden') return try: affiliations = { jid.JID(e['jid']): e['affiliation'] for e in affiliations_elt.elements(NS_FIS_AFFILIATION, 'affiliation') } except (KeyError, RuntimeError): log.warning( f"invalid affiliation element: {affiliations_elt.toXml()}" ) client.sendError(iq_elt, 'bad-request', "invalid affiliation element") return except Exception as e: log.error( f"unexepected exception while setting affiliation element: {e}\n" f"{affiliations_elt.toXml()}" ) client.sendError(iq_elt, 'internal-server-error', f"{e}") return await self.host.memory.setFileAffiliations(client, file_data, affiliations) iq_result_elt = xmlstream.toResponse(iq_elt, "result") client.send(iq_result_elt) # configuration def _configurationGet(self, service_jid_s, namespace, path, profile): client = self.host.getClient(profile) service = jid.JID(service_jid_s) d = defer.ensureDeferred(self.configurationGet( client, service, namespace or None, path)) d.addCallback( lambda configuration: { str(entity): affiliation for entity, affiliation in configuration.items() } ) return d async def configurationGet( self, client: SatXMPPEntity, service: jid.JID, namespace: Optional[str], path: str ) -> Dict[str, str]: if not path: raise ValueError(f"invalid path: {path!r}") iq_elt = client.IQ("get") iq_elt['to'] = service.full() configuration_elt = iq_elt.addElement((NS_FIS_CONFIGURATION, "configuration")) if namespace: configuration_elt["namespace"] = namespace configuration_elt["path"] = path iq_result_elt = await iq_elt.send() try: configuration_elt = next(iq_result_elt.elements(NS_FIS_CONFIGURATION, "configuration")) except StopIteration: raise exceptions.DataError(f"Invalid result to configuration request: {iq_result_elt.toXml()}") form = data_form.findForm(configuration_elt, NS_FIS_CONFIGURATION) configuration = {f.var: f.value for f in form.fields.values()} return configuration def _configurationSet(self, service_jid_s, namespace, path, configuration, profile): client = self.host.getClient(profile) service = jid.JID(service_jid_s) return defer.ensureDeferred(self.configurationSet( client, service, namespace or None, path, configuration)) async def configurationSet( self, client: SatXMPPEntity, service: jid.JID, namespace: Optional[str], path: str, configuration: Dict[str, str], ): if not path: raise ValueError(f"invalid path: {path!r}") iq_elt = client.IQ("set") iq_elt['to'] = service.full() configuration_elt = iq_elt.addElement((NS_FIS_CONFIGURATION, "configuration")) if namespace: configuration_elt["namespace"] = namespace configuration_elt["path"] = path form = data_form.Form(formType="submit", formNamespace=NS_FIS_CONFIGURATION) form.makeFields(configuration) configuration_elt.addChild(form.toElement()) await iq_elt.send() def _onComponentConfigurationGet(self, iq_elt, client): iq_elt.handled = True defer.ensureDeferred(self.onComponentConfigurationGet(client, iq_elt)) async def onComponentConfigurationGet(self, client, iq_elt): try: ( from_jid, configuration_elt, path, namespace, file_data ) = await self._parseElement(client, iq_elt, "configuration", NS_FIS_CONFIGURATION) except exceptions.CancelError: return except RootPathException: client.sendError(iq_elt, 'bad-request', "Root path can't be used") return try: access_type = file_data['access'][C.ACCESS_PERM_READ]['type'] except KeyError: access_model = 'whitelist' else: access_model = 'open' if access_type == C.ACCESS_TYPE_PUBLIC else 'whitelist' iq_result_elt = xmlstream.toResponse(iq_elt, "result") configuration_elt = iq_result_elt.addElement((NS_FIS_CONFIGURATION, 'configuration')) form = data_form.Form(formType="form", formNamespace=NS_FIS_CONFIGURATION) form.makeFields({'access_model': access_model}) configuration_elt.addChild(form.toElement()) client.send(iq_result_elt) async def _setConfiguration(self, client, configuration_elt, file_data): form = data_form.findForm(configuration_elt, NS_FIS_CONFIGURATION) for name, value in form.items(): if name == 'access_model': await self.host.memory.setFileAccessModel(client, file_data, value) else: # TODO: send a IQ error? log.warning( f"Trying to set a not implemented configuration option: {name}") def _onComponentConfigurationSet(self, iq_elt, client): iq_elt.handled = True defer.ensureDeferred(self.onComponentConfigurationSet(client, iq_elt)) async def onComponentConfigurationSet(self, client, iq_elt): try: ( from_jid, configuration_elt, path, namespace, file_data ) = await self._parseElement(client, iq_elt, "configuration", NS_FIS_CONFIGURATION) except exceptions.CancelError: return except RootPathException: client.sendError(iq_elt, 'bad-request', "Root path can't be used") return from_jid_bare = from_jid.userhostJID() is_owner = from_jid_bare == file_data.get('owner') if not is_owner: log.warning( f"{from_jid} tried to modify {path} configuration while the owner is " f"{file_data['owner']}" ) client.sendError(iq_elt, 'forbidden') return await self._setConfiguration(client, configuration_elt, file_data) iq_result_elt = xmlstream.toResponse(iq_elt, "result") client.send(iq_result_elt) # directory creation def _createDir(self, service_jid_s, namespace, path, configuration, profile): client = self.host.getClient(profile) service = jid.JID(service_jid_s) return defer.ensureDeferred(self.createDir( client, service, namespace or None, path, configuration or None)) async def createDir( self, client: SatXMPPEntity, service: jid.JID, namespace: Optional[str], path: str, configuration: Optional[Dict[str, str]], ): if not path: raise ValueError(f"invalid path: {path!r}") iq_elt = client.IQ("set") iq_elt['to'] = service.full() create_dir_elt = iq_elt.addElement((NS_FIS_CREATE, "dir")) if namespace: create_dir_elt["namespace"] = namespace create_dir_elt["path"] = path if configuration: configuration_elt = create_dir_elt.addElement((NS_FIS_CONFIGURATION, "configuration")) form = data_form.Form(formType="submit", formNamespace=NS_FIS_CONFIGURATION) form.makeFields(configuration) configuration_elt.addChild(form.toElement()) await iq_elt.send() def _onComponentCreateDir(self, iq_elt, client): iq_elt.handled = True defer.ensureDeferred(self.onComponentCreateDir(client, iq_elt)) async def onComponentCreateDir(self, client, iq_elt): peer_jid, owner = client.getOwnerAndPeer(iq_elt) if peer_jid.host not in client._file_sharing_allowed_hosts: client.sendError(iq_elt, 'forbidden') return create_dir_elt = next(iq_elt.elements(NS_FIS_CREATE, "dir")) namespace = create_dir_elt.getAttribute('namespace') path = Path("/", create_dir_elt['path']) if len(path.parts) < 2: client.sendError(iq_elt, 'bad-request', "Root path can't be used") return # for root directories, we check permission here if len(path.parts) == 2 and owner != peer_jid.userhostJID(): log.warning( f"{peer_jid} is trying to create a dir at {owner}'s repository:\n" f"path: {path}\nnamespace: {namespace!r}" ) client.sendError(iq_elt, 'forbidden', "You can't create a directory there") return # when going further into the path, the permissions will be checked by getFiles files_data = await self.host.memory.getFiles( client, peer_jid=peer_jid, path=path.parent, namespace=namespace, owner=owner, ) if path.name in [d['name'] for d in files_data]: log.warning( f"Conflict when trying to create a directory (from: {peer_jid} " f"namespace: {namespace!r} path: {path!r})" ) client.sendError( iq_elt, 'conflict', "there is already a file or dir at this path") return try: configuration_elt = next( create_dir_elt.elements(NS_FIS_CONFIGURATION, 'configuration')) except StopIteration: configuration_elt = None await self.host.memory.setFile( client, path.name, path=path.parent, type_=C.FILE_TYPE_DIRECTORY, namespace=namespace, owner=owner, peer_jid=peer_jid ) if configuration_elt is not None: file_data = (await self.host.memory.getFiles( client, peer_jid=peer_jid, path=path.parent, name=path.name, namespace=namespace, owner=owner, ))[0] await self._setConfiguration(client, configuration_elt, file_data) iq_result_elt = xmlstream.toResponse(iq_elt, "result") client.send(iq_result_elt) # file methods # def _serializeData(self, files_data): for file_data in files_data: for key, value in file_data.items(): file_data[key] = ( json.dumps(value) if key in ("extra",) else str(value) ) return files_data def _listFiles(self, target_jid, path, extra, profile): client = self.host.getClient(profile) target_jid = client.jid if not target_jid else jid.JID(target_jid) d = defer.ensureDeferred(self.listFiles(client, target_jid, path or None)) d.addCallback(self._serializeData) return d async def listFiles(self, client, peer_jid, path=None, extra=None): """List file shared by an entity @param peer_jid(jid.JID): jid of the sharing entity @param path(unicode, None): path to the directory containing shared files None to get root directories @param extra(dict, None): extra data @return list(dict): shared files """ iq_elt = client.IQ("get") iq_elt["to"] = peer_jid.full() query_elt = iq_elt.addElement((NS_FIS, "query")) if path: query_elt["node"] = path iq_result_elt = await iq_elt.send() return await self._parseResult(client, peer_jid, iq_result_elt) def _localSharesGet(self, profile): client = self.host.getClient(profile) return self.localSharesGet(client) def localSharesGet(self, client): return list(client._XEP_0329_root_node.getSharedPaths().keys()) def _sharePath(self, name, path, access, profile): client = self.host.getClient(profile) access = json.loads(access) return self.sharePath(client, name or None, path, access) def sharePath(self, client, name, path, access): if client.is_component: raise exceptions.ClientTypeError if not os.path.exists(path): raise ValueError(_("This path doesn't exist!")) if not path or not path.strip(" /"): raise ValueError(_("A path need to be specified")) if not isinstance(access, dict): raise ValueError(_("access must be a dict")) node = client._XEP_0329_root_node node_type = TYPE_PATH if os.path.isfile(path): # we have a single file, the workflow is diferrent as we store all single # files in the same dir node = node.getOrCreate(SINGLE_FILES_DIR) if not name: name = os.path.basename(path.rstrip(" /")) if not name: raise exceptions.InternalError(_("Can't find a proper name")) if name in node or name == SINGLE_FILES_DIR: idx = 1 new_name = name + "_" + str(idx) while new_name in node: idx += 1 new_name = name + "_" + str(idx) name = new_name log.info(_( "A directory with this name is already shared, renamed to {new_name} " "[{profile}]".format( new_name=new_name, profile=client.profile))) ShareNode(name=name, parent=node, type_=node_type, access=access, path=path) self.host.bridge.FISSharedPathNew(path, name, client.profile) return name def _unsharePath(self, path, profile): client = self.host.getClient(profile) return self.unsharePath(client, path) def unsharePath(self, client, path): nodes = client._XEP_0329_root_node.findByLocalPath(path) for node in nodes: node.removeFromParent() self.host.bridge.FISSharedPathRemoved(path, client.profile) @implementer(iwokkel.IDisco) class XEP_0329_handler(xmlstream.XMPPHandler): def __init__(self, plugin_parent): self.plugin_parent = plugin_parent self.host = plugin_parent.host def connectionInitialized(self): if self.parent.is_component: self.xmlstream.addObserver( IQ_FIS_REQUEST, self.plugin_parent.onComponentRequest, client=self.parent ) self.xmlstream.addObserver( IQ_FIS_AFFILIATION_GET, self.plugin_parent._onComponentAffiliationsGet, client=self.parent ) self.xmlstream.addObserver( IQ_FIS_AFFILIATION_SET, self.plugin_parent._onComponentAffiliationsSet, client=self.parent ) self.xmlstream.addObserver( IQ_FIS_CONFIGURATION_GET, self.plugin_parent._onComponentConfigurationGet, client=self.parent ) self.xmlstream.addObserver( IQ_FIS_CONFIGURATION_SET, self.plugin_parent._onComponentConfigurationSet, client=self.parent ) self.xmlstream.addObserver( IQ_FIS_CREATE_DIR, self.plugin_parent._onComponentCreateDir, client=self.parent ) else: self.xmlstream.addObserver( IQ_FIS_REQUEST, self.plugin_parent.onRequest, client=self.parent ) def getDiscoInfo(self, requestor, target, nodeIdentifier=""): return [disco.DiscoFeature(NS_FIS)] def getDiscoItems(self, requestor, target, nodeIdentifier=""): return []