Mercurial > libervia-pubsub
annotate sat_pubsub.tac @ 330:82d1259b3e36
backend, pgsql storage: better items/notification handling, various fixes:
- replaced const.VAL_AMODEL_ROSTER by const.VAL_AMODEL_PUBLISHER_ROSTER to follow change in pgsql schema
- implemented whitelist access model
- fixed bad access check during items retrieval (access was checked on recipient instead of requestor/sender)
- getItemsData and notification filtering now use inline callbacks: this make these complexe workflows far mor easy to read, and clarity is imperative in these security critical sections.
- publisher-roster access model now need to have only one owner, else it will fail. The idea is to use this model only when owner=publisher, else there is ambiguity on the roster to use to check access
- replaced getNodeOwner by node.getOwners, as a node can have several owners
- notifications filtering has been fixed in a similar way
- psql: simplified withPEP method, pep_table argument is actually not needed
- removed error.NotInRoster: error.Forbidden is used instead
- notifications now notify all the owners, not only the first one
author | Goffi <goffi@goffi.org> |
---|---|
date | Sun, 26 Mar 2017 20:52:32 +0200 |
parents | 51af2ed8bd50 |
children |
rev | line source |
---|---|
230 | 1 #!/usr/bin/python |
2 #-*- coding: utf-8 -*- | |
3 # Copyright (c) 2003-2008 Ralph Meijer | |
4 # See LICENSE for details. | |
5 | |
6 """ | |
7 Example TAC for SàT Pubsub. | |
8 """ | |
9 | |
10 from twisted.application import service | |
11 from twisted.words.protocols.jabber.jid import JID | |
12 | |
234
51af2ed8bd50
replaced idavoll imports by sat_pubsub imports
Goffi <goffi@goffi.org>
parents:
230
diff
changeset
|
13 from sat_pubsub import tap |
230 | 14 |
15 application = service.Application("sat_pubsub") | |
16 | |
17 config = { | |
18 'jid': JID('sat-pubsub.necton3.int'), | |
19 'secret': 'pass', | |
20 'rhost': '127.0.0.1', | |
21 'rport': 5347, | |
22 'backend': 'pgsql', | |
23 'dbuser': 'goffi', | |
24 'dbpass': 'toto', | |
25 'dbname': "pubsub", | |
26 'dbhost': "localhost", | |
27 'dbport': None, | |
28 'verbose': True, | |
29 'hide-nodes': False, | |
30 } | |
31 | |
32 idavollService = tap.makeService(config) | |
33 idavollService.setServiceParent(application) | |
34 | |
35 # Set the maximum delay until trying to reconnect. | |
36 componentService = idavollService.getServiceNamed('component') | |
37 componentService.factory.maxdelay = 300 |