Mercurial > libervia-backend
changeset 641:49587e170f53
core: added the security_limit to setParam
- params with a security greater than security_limit can not be modified
- special value: security_limit < 0 disable the check (all params can be modified)
author | souliane <souliane@mailoo.org> |
---|---|
date | Sat, 07 Sep 2013 02:03:17 +0200 |
parents | 8211b462af6b |
children | e07a03d52321 |
files | frontends/src/bridge/DBus.py frontends/src/primitivus/primitivus frontends/src/primitivus/profile_manager.py frontends/src/primitivus/xmlui.py frontends/src/wix/main_window.py frontends/src/wix/param.py frontends/src/wix/profile_manager.py src/bridge/DBus.py src/bridge/bridge_constructor/bridge_template.ini src/core/sat_main.py src/memory/memory.py src/plugins/plugin_misc_account.py src/plugins/plugin_xep_0065.py |
diffstat | 13 files changed, 56 insertions(+), 37 deletions(-) [+] |
line wrap: on
line diff
--- a/frontends/src/bridge/DBus.py Sun Sep 08 19:18:46 2013 +0200 +++ b/frontends/src/bridge/DBus.py Sat Sep 07 02:03:17 2013 +0200 @@ -199,8 +199,8 @@ def sendMessage(self, to_jid, message, subject='', mess_type="auto", options={}, profile_key="@NONE@"): return self.db_core_iface.sendMessage(to_jid, message, subject, mess_type, options, profile_key) - def setParam(self, name, value, category, profile_key="@DEFAULT@"): - return self.db_core_iface.setParam(name, value, category, profile_key) + def setParam(self, name, value, category, security_limit=-1, profile_key="@DEFAULT@"): + return self.db_core_iface.setParam(name, value, category, security_limit, profile_key) def setPresence(self, to_jid='', show='', priority=0, statuses={}, profile_key="@DEFAULT@"): return self.db_core_iface.setPresence(to_jid, show, priority, statuses, profile_key)
--- a/frontends/src/primitivus/primitivus Sun Sep 08 19:18:46 2013 +0200 +++ b/frontends/src/primitivus/primitivus Sat Sep 07 02:03:17 2013 +0200 @@ -525,8 +525,7 @@ self.addWindow(XMLUI(self,xml_data=params)) def failure(error): self.showPopUp(sat_widgets.Alert(_("Error"), _("Can't get parameters"), ok_cb=self.removePopUp)) - security_limit = -1 - self.bridge.getParamsUI(security_limit, self.profile, callback=success, errback=failure) + self.bridge.getParamsUI(profile_key=self.profile, callback=success, errback=failure) def onExitRequest(self, menu):
--- a/frontends/src/primitivus/profile_manager.py Sun Sep 08 19:18:46 2013 +0200 +++ b/frontends/src/primitivus/profile_manager.py Sat Sep 07 02:03:17 2013 +0200 @@ -141,10 +141,10 @@ new_pass = self.pass_wid.get_edit_text() if old_jid != new_jid: - self.host.bridge.setParam("JabberID", new_jid, "Connection", profile) - self.host.bridge.setParam("Server", JID(new_jid).domain, "Connection", profile) + self.host.bridge.setParam("JabberID", new_jid, "Connection", profile_key=profile) + self.host.bridge.setParam("Server", JID(new_jid).domain, "Connection", profile_key=profile) if old_pass != new_pass: - self.host.bridge.setParam("Password", new_pass, "Connection", profile) + self.host.bridge.setParam("Password", new_pass, "Connection", profile_key=profile) self.host.plug_profile(profile) def getParamError(self, ignore):
--- a/frontends/src/primitivus/xmlui.py Sun Sep 08 19:18:46 2013 +0200 +++ b/frontends/src/primitivus/xmlui.py Sat Sep 07 02:03:17 2013 +0200 @@ -34,6 +34,7 @@ data.append(child.wholeText) return u"".join(data) + class Pairs(urwid.WidgetWrap): def __init__(self, weight_0='1', weight_1='1'): @@ -274,5 +275,6 @@ value = "true" if ctrl.get_state() else "false" else: value = ctrl.get_edit_text() - self.host.bridge.setParam(ctrl._param_name, value, ctrl._param_category, profile_key = self.host.profile) + self.host.bridge.setParam(ctrl._param_name, value, ctrl._param_category, + profile_key=self.host.profile) self.host.removeWindow()
--- a/frontends/src/wix/main_window.py Sun Sep 08 19:18:46 2013 +0200 +++ b/frontends/src/wix/main_window.py Sat Sep 07 02:03:17 2013 +0200 @@ -363,8 +363,7 @@ def onParam(self, e): debug(_("Param request")) - #security_limit = -1 - #xmlui = self.bridge.getParamsUI(security_limit, profile_key=self.profile) + #xmlui = self.bridge.getParamsUI(profile_key=self.profile) #XMLUI(self, xml_data = xmlui) param=Param(self)
--- a/frontends/src/wix/param.py Sun Sep 08 19:18:46 2013 +0200 +++ b/frontends/src/wix/param.py Sat Sep 07 02:03:17 2013 +0200 @@ -103,7 +103,6 @@ cat_dom.unlink() self.host.bridge.getParamsForCategory(category, - security_limit=-1, profile_key=self.host.profile, callback=gotParams, errback=errorGettingParams) @@ -137,7 +136,8 @@ def __save_parameters(self): for param in self.modified: - self.host.bridge.setParam(param[0], self.modified[param], param[1], profile_key = self.host.profile) + self.host.bridge.setParam(param[0], self.modified[param], param[1], + profile_key=self.host.profile) self.modified.clear() def onClose(self, event):
--- a/frontends/src/wix/profile_manager.py Sun Sep 08 19:18:46 2013 +0200 +++ b/frontends/src/wix/profile_manager.py Sat Sep 07 02:03:17 2013 +0200 @@ -145,11 +145,11 @@ new_pass = self.login_pass.GetValue() if old_jid != new_jid: debug(_('Saving new JID and server')) - self.host.bridge.setParam("JabberID", new_jid, "Connection", profile) - self.host.bridge.setParam("Server", JID(new_jid).domain, "Connection", profile) + self.host.bridge.setParam("JabberID", new_jid, "Connection", profile_key=profile) + self.host.bridge.setParam("Server", JID(new_jid).domain, "Connection", profile_key=profile) if old_pass != new_pass: debug(_('Saving new password')) - self.host.bridge.setParam("Password", new_pass, "Connection", profile) + self.host.bridge.setParam("Password", new_pass, "Connection", profile_key=profile) self.host.plug_profile(profile)
--- a/src/bridge/DBus.py Sun Sep 08 19:18:46 2013 +0200 +++ b/src/bridge/DBus.py Sat Sep 07 02:03:17 2013 +0200 @@ -391,10 +391,10 @@ return self._callback("sendMessage", unicode(to_jid), unicode(message), unicode(subject), unicode(mess_type), options, unicode(profile_key)) @dbus.service.method(const_INT_PREFIX+const_CORE_SUFFIX, - in_signature='ssss', out_signature='', + in_signature='sssis', out_signature='', async_callbacks=None) - def setParam(self, name, value, category, profile_key="@DEFAULT@"): - return self._callback("setParam", unicode(name), unicode(value), unicode(category), unicode(profile_key)) + def setParam(self, name, value, category, security_limit=-1, profile_key="@DEFAULT@"): + return self._callback("setParam", unicode(name), unicode(value), unicode(category), security_limit, unicode(profile_key)) @dbus.service.method(const_INT_PREFIX+const_CORE_SUFFIX, in_signature='ssia{ss}s', out_signature='',
--- a/src/bridge/bridge_constructor/bridge_template.ini Sun Sep 08 19:18:46 2013 +0200 +++ b/src/bridge/bridge_constructor/bridge_template.ini Sat Sep 07 02:03:17 2013 +0200 @@ -398,14 +398,16 @@ [setParam] type=method category=core -sig_in=ssss +sig_in=sssis sig_out= -param_3_default="@DEFAULT@" +param_3_default=-1 +param_4_default="@DEFAULT@" doc=Change a parameter doc_param_0=name: Name of the parameter to change doc_param_1=value: New Value of the parameter doc_param_2=category: Category of the parameter to change -doc_param_3=%(doc_profile_key)s +doc_param_3=security_limit: -1 means no security then the higher the most secure +doc_param_4=%(doc_profile_key)s [getParamA] type=method
--- a/src/core/sat_main.py Sun Sep 08 19:18:46 2013 +0200 +++ b/src/core/sat_main.py Sat Sep 07 02:03:17 2013 +0200 @@ -414,10 +414,10 @@ ## Client management ## - def setParam(self, name, value, category, profile_key): + def setParam(self, name, value, category, security_limit, profile_key): """set wanted paramater and notice observers""" info(_("setting param: %(name)s=%(value)s in category %(category)s") % {'name': name, 'value': value, 'category': category}) - self.memory.setParam(name, value, category, profile_key) + self.memory.setParam(name, value, category, security_limit, profile_key) def isConnected(self, profile_key): """Return connection status of profile
--- a/src/memory/memory.py Sun Sep 08 19:18:46 2013 +0200 +++ b/src/memory/memory.py Sat Sep 07 02:03:17 2013 +0200 @@ -392,12 +392,12 @@ if security_limit < 0: return False if not node.hasAttribute('security'): - debug("filtered param: %s (no security set)" - % node.getAttribute("name")) + #debug("filtered param: %s (no security set)" + # % node.getAttribute("name")) return True if int(node.getAttribute('security')) > security_limit: - debug("filtered param: %s (security level > %i)" - % (node.getAttribute("name"), security_limit)) + #debug("filtered param: %s (security level > %i)" + # % (node.getAttribute("name"), security_limit)) return True return False @@ -545,7 +545,7 @@ categories.append(cat.getAttribute("name")) return categories - def setParam(self, name, value, category, profile_key='@NONE@'): + def setParam(self, name, value, category, security_limit=-1, profile_key='@NONE@'): """Set a parameter, return None if the parameter is not in param xml""" #TODO: use different behaviour depending of the data type (e.g. password encrypted) if profile_key != "@NONE@": @@ -556,9 +556,20 @@ node = self.__getParamNode(name, category, '@ALL@') if not node: - error(_('Requesting an unknown parameter (%(category)s/%(name)s)') % {'category': category, 'name': name}) + error(_('Requesting an unknown parameter (%(category)s/%(name)s)') + % {'category': category, 'name': name}) return + if security_limit >= 0: + abort = True + if node[1].hasAttribute("security"): + if int(node[1].getAttribute("security")) <= security_limit: + abort = False + if abort: + warning(_("Trying to set parameter '%s' in category '%s' without authorization!!!" + % (name, category))) + return + if node[0] == 'general': self.params_gen[(category, name)] = value self.storage.setGenParam(category, name, value) @@ -921,8 +932,8 @@ def getParamsCategories(self): return self.params.getParamsCategories() - def setParam(self, name, value, category, profile_key): - return self.params.setParam(name, value, category, profile_key) + def setParam(self, name, value, category, security_limit, profile_key): + return self.params.setParam(name, value, category, security_limit, profile_key) def importParams(self, xml): return self.params.importParams(xml)
--- a/src/plugins/plugin_misc_account.py Sun Sep 08 19:18:46 2013 +0200 +++ b/src/plugins/plugin_misc_account.py Sat Sep 07 02:03:17 2013 +0200 @@ -117,9 +117,12 @@ def _profileRegistered(self, result, email, password, profile): #FIXME: values must be in a config file instead of hardcoded - self.host.memory.setParam("JabberID", "%s@%s/%s" % (profile, _NEW_ACCOUNT_DOMAIN, _NEW_ACCOUNT_RESOURCE), "Connection", profile) - self.host.memory.setParam("Server", _NEW_ACCOUNT_SERVER, "Connection", profile) - self.host.memory.setParam("Password", password, "Connection", profile) + self.host.memory.setParam("JabberID", "%s@%s/%s" % (profile, _NEW_ACCOUNT_DOMAIN, _NEW_ACCOUNT_RESOURCE), + "Connection", profile_key=profile) + self.host.memory.setParam("Server", _NEW_ACCOUNT_SERVER, + "Connection", profile_key=profile) + self.host.memory.setParam("Password", password, + "Connection", profile_key=profile) #and the account #XXX: we use "prosodyctl adduser" because "register" doesn't check conflict
--- a/src/plugins/plugin_xep_0065.py Sun Sep 08 19:18:46 2013 +0200 +++ b/src/plugins/plugin_xep_0065.py Sat Sep 07 02:03:17 2013 +0200 @@ -798,9 +798,12 @@ if len(streamhost_elts) != 1: warning(_("Multiple streamhost elements in proxy not managed, keeping only the first one")) streamhost_elt = streamhost_elts[0] - proxy = self.host.memory.setParam("Proxy", streamhost_elt.getAttribute("jid", ""), "File Transfer", self.parent.profile) - proxy = self.host.memory.setParam("Proxy host", streamhost_elt.getAttribute("host", ""), "File Transfer", self.parent.profile) - proxy = self.host.memory.setParam("Proxy port", streamhost_elt.getAttribute("port", ""), "File Transfer", self.parent.profile) + proxy = self.host.memory.setParam("Proxy", streamhost_elt.getAttribute("jid", ""), + "File Transfer", profile_key=self.parent.profile) + proxy = self.host.memory.setParam("Proxy host", streamhost_elt.getAttribute("host", ""), + "File Transfer", profile_key=self.parent.profile) + proxy = self.host.memory.setParam("Proxy port", streamhost_elt.getAttribute("port", ""), + "File Transfer", profile_key=self.parent.profile) def connectionInitialized(self): def after_init(ignore):