annotate sat_pubsub/privilege.py @ 330:82d1259b3e36

backend, pgsql storage: better items/notification handling, various fixes: - replaced const.VAL_AMODEL_ROSTER by const.VAL_AMODEL_PUBLISHER_ROSTER to follow change in pgsql schema - implemented whitelist access model - fixed bad access check during items retrieval (access was checked on recipient instead of requestor/sender) - getItemsData and notification filtering now use inline callbacks: this make these complexe workflows far mor easy to read, and clarity is imperative in these security critical sections. - publisher-roster access model now need to have only one owner, else it will fail. The idea is to use this model only when owner=publisher, else there is ambiguity on the roster to use to check access - replaced getNodeOwner by node.getOwners, as a node can have several owners - notifications filtering has been fixed in a similar way - psql: simplified withPEP method, pep_table argument is actually not needed - removed error.NotInRoster: error.Forbidden is used instead - notifications now notify all the owners, not only the first one
author Goffi <goffi@goffi.org>
date Sun, 26 Mar 2017 20:52:32 +0200
parents c7fe09894952
children 6d059f07c2d3
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
1 #!/usr/bin/python
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
2 #-*- coding: utf-8 -*-
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
3 #
312
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
4 # Copyright (c) 2015 Jérôme Poisson
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
5
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
6
312
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
7 # This program is free software: you can redistribute it and/or modify
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
8 # it under the terms of the GNU Affero General Public License as published by
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
9 # the Free Software Foundation, either version 3 of the License, or
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
10 # (at your option) any later version.
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
11
312
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
12 # This program is distributed in the hope that it will be useful,
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
15 # GNU Affero General Public License for more details.
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
16
312
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
17 # You should have received a copy of the GNU Affero General Public License
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
19
312
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
20 # ---
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
21
312
5d7c3787672e fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents: 293
diff changeset
22 # This module implements XEP-0356 (Privileged Entity) to manage rosters, messages and presences
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
23
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
24 from wokkel import xmppim
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
25 from wokkel.compat import IQ
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
26 from wokkel import pubsub
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
27 from wokkel.iwokkel import IPubSubService
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
28 from wokkel.subprotocols import XMPPHandler
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
29 from twisted.python import log
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
30 from twisted.python import failure
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
31 from twisted.words.xish import domish
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
32 from twisted.words.protocols.jabber import jid
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
33
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
34 FORWARDED_NS = 'urn:xmpp:forward:0'
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
35 PRIV_ENT_NS = 'urn:xmpp:privilege:1'
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
36 PRIV_ENT_ADV_XPATH = '/message/privilege[@xmlns="{}"]'.format(PRIV_ENT_NS)
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
37 ROSTER_NS = 'jabber:iq:roster'
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
38 PERM_ROSTER = 'roster'
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
39 PERM_MESSAGE = 'message'
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
40 PERM_PRESENCE = 'presence'
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
41 ALLOWED_ROSTER = ('none', 'get', 'set', 'both')
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
42 ALLOWED_MESSAGE = ('none', 'outgoing')
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
43 ALLOWED_PRESENCE = ('none', 'managed_entity', 'roster')
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
44 TO_CHECK = {PERM_ROSTER:ALLOWED_ROSTER, PERM_MESSAGE:ALLOWED_MESSAGE, PERM_PRESENCE:ALLOWED_PRESENCE}
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
45
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
46
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
47 class InvalidStanza(Exception):
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
48 pass
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
49
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
50 class NotAllowedError(Exception):
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
51 pass
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
52
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
53 class PrivilegesHandler(XMPPHandler):
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
54 #FIXME: need to manage updates, and database sync
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
55 #TODO: cache
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
56
321
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
57 def __init__(self, service_jid):
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
58 super(PrivilegesHandler, self).__init__()
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
59 self._permissions = {PERM_ROSTER: 'none',
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
60 PERM_MESSAGE: 'none',
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
61 PERM_PRESENCE: 'none'}
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
62 self._pubsub_service = None
321
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
63 # FIXME: we use a hack supposing that our privilege come from hostname
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
64 # and we are a component named [name].hostname
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
65 # but we need to manage properly server
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
66 # TODO: do proper server handling
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
67 self.server_jid = jid.JID(service_jid.host.split('.', 1)[1])
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
68
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
69 @property
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
70 def permissions(self):
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
71 return self._permissions
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
72
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
73 def connectionInitialized(self):
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
74 for handler in self.parent.handlers:
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
75 if IPubSubService.providedBy(handler):
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
76 self._pubsub_service = handler
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
77 break
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
78 self.xmlstream.addObserver(PRIV_ENT_ADV_XPATH, self.onAdvertise)
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
79
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
80 def onAdvertise(self, message):
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
81 """Managage the <message/> advertising privileges
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
82
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
83 self._permissions will be updated according to advertised privileged
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
84 """
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
85 privilege_elt = message.elements(PRIV_ENT_NS, 'privilege').next()
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
86 for perm_elt in privilege_elt.elements(PRIV_ENT_NS):
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
87 try:
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
88 if perm_elt.name != 'perm':
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
89 raise InvalidStanza(u'unexpected element {}'.format(perm_elt.name))
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
90 perm_access = perm_elt['access']
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
91 perm_type = perm_elt['type']
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
92 try:
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
93 if perm_type not in TO_CHECK[perm_access]:
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
94 raise InvalidStanza(u'bad type [{}] for permission {}'.format(perm_type, perm_access))
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
95 except KeyError:
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
96 raise InvalidStanza(u'bad permission [{}]'.format(perm_access))
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
97 except InvalidStanza as e:
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
98 log.msg("Invalid stanza received ({}), setting permission to none".format(e))
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
99 for perm in self._permissions:
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
100 self._permissions[perm] = 'none'
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
101 break
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
102
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
103 self._permissions[perm_access] = perm_type or 'none'
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
104
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
105 log.msg('Privileges updated: roster={roster}, message={message}, presence={presence}'.format(**self._permissions))
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
106
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
107 ## roster ##
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
108
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
109 def getRoster(self, to_jid):
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
110 """
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
111 Retrieve contact list.
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
112
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
113 @return: Roster as a mapping from L{JID} to L{RosterItem}.
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
114 @rtype: L{twisted.internet.defer.Deferred}
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
115 """
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
116 if self._permissions[PERM_ROSTER] not in ('get', 'both'):
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
117 log.msg("WARNING: permission not allowed to get roster")
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
118 raise failure.Failure(NotAllowedError('roster get is not allowed'))
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
119
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
120 def processRoster(result):
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
121 roster = {}
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
122 for element in result.elements(ROSTER_NS, 'item'):
253
06494c9b25f2 update to fix broken RemoteRoster after Wokkel 0.7.1 changes
Goffi <goffi@goffi.org>
parents: 242
diff changeset
123 item = xmppim.RosterItem.fromElement(element)
06494c9b25f2 update to fix broken RemoteRoster after Wokkel 0.7.1 changes
Goffi <goffi@goffi.org>
parents: 242
diff changeset
124 roster[item.entity] = item
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
125
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
126 return roster
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
127
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
128 iq = IQ(self.xmlstream, 'get')
285
a87c155d0fd5 replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents: 283
diff changeset
129 iq.addElement((ROSTER_NS, 'query'))
242
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
130 iq["to"] = to_jid.userhost()
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
131 d = iq.send()
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
132 d.addCallback(processRoster)
a6170637690d remote roster partial support
Goffi <goffi@goffi.org>
parents:
diff changeset
133 return d
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
134
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
135 ## message ##
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
136
321
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
137 def sendMessage(self, priv_message, to_jid=None):
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
138 """ Send privileged message (in the name of the server)
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
139
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
140 @param priv_message(domish.Element): privileged message
321
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
141 @param to_jid(jid.JID, None): main message destinee
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
142 None to use our own server
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
143 """
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
144 if self._permissions[PERM_MESSAGE] not in ('outgoing',):
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
145 log.msg("WARNING: permission not allowed to send privileged messages")
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
146 raise failure.Failure(NotAllowedError('privileged messages are not allowed'))
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
147
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
148 main_message = domish.Element((None, "message"))
321
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
149 if to_jid is None:
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
150 to_jid = self.server_jid
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
151 main_message['to'] = to_jid.full()
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
152 privilege_elt = main_message.addElement((PRIV_ENT_NS, 'privilege'))
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
153 forwarded_elt = privilege_elt.addElement((FORWARDED_NS, 'forwarded'))
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
154 priv_message['xmlns'] = 'jabber:client'
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
155 forwarded_elt.addChild(priv_message)
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
156 self.send(main_message)
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
157
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
158 def notifyPublish(self, pep_jid, nodeIdentifier, notifications):
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
159 """Do notifications using privileges"""
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
160 for subscriber, subscriptions, items in notifications:
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
161 message = self._pubsub_service._createNotification('items', pep_jid,
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
162 nodeIdentifier, subscriber,
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
163 subscriptions)
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
164 for item in items:
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
165 item.uri = pubsub.NS_PUBSUB_EVENT
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
166 message.event.items.addChild(item)
321
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
167 self.sendMessage(message)
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
168
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
169
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
170 def notifyRetract(self, pep_jid, nodeIdentifier, notifications):
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
171 for subscriber, subscriptions, items in notifications:
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
172 message = self._pubsub_service._createNotification('items', pep_jid,
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
173 nodeIdentifier, subscriber,
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
174 subscriptions)
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
175 for item in items:
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
176 retract = domish.Element((None, "retract"))
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
177 retract['id'] = item['id']
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
178 message.event.items.addChild(retract)
321
c7fe09894952 privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents: 312
diff changeset
179 self.sendMessage(message)
293
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
180
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
181
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
182 # def notifyDelete(self, service, nodeIdentifier, subscribers,
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
183 # redirectURI=None):
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
184 # # TODO
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
185 # for subscriber in subscribers:
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
186 # message = self._createNotification('delete', service,
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
187 # nodeIdentifier,
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
188 # subscriber)
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
189 # if redirectURI:
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
190 # redirect = message.event.delete.addElement('redirect')
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
191 # redirect['uri'] = redirectURI
b96a4ac25f8b privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents: 286
diff changeset
192 # self.send(message)