Mercurial > libervia-pubsub
annotate sat_pubsub/privilege.py @ 330:82d1259b3e36
backend, pgsql storage: better items/notification handling, various fixes:
- replaced const.VAL_AMODEL_ROSTER by const.VAL_AMODEL_PUBLISHER_ROSTER to follow change in pgsql schema
- implemented whitelist access model
- fixed bad access check during items retrieval (access was checked on recipient instead of requestor/sender)
- getItemsData and notification filtering now use inline callbacks: this make these complexe workflows far mor easy to read, and clarity is imperative in these security critical sections.
- publisher-roster access model now need to have only one owner, else it will fail. The idea is to use this model only when owner=publisher, else there is ambiguity on the roster to use to check access
- replaced getNodeOwner by node.getOwners, as a node can have several owners
- notifications filtering has been fixed in a similar way
- psql: simplified withPEP method, pep_table argument is actually not needed
- removed error.NotInRoster: error.Forbidden is used instead
- notifications now notify all the owners, not only the first one
author | Goffi <goffi@goffi.org> |
---|---|
date | Sun, 26 Mar 2017 20:52:32 +0200 |
parents | c7fe09894952 |
children | 6d059f07c2d3 |
rev | line source |
---|---|
242 | 1 #!/usr/bin/python |
2 #-*- coding: utf-8 -*- | |
3 # | |
312
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
4 # Copyright (c) 2015 Jérôme Poisson |
242 | 5 |
6 | |
312
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
7 # This program is free software: you can redistribute it and/or modify |
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
8 # it under the terms of the GNU Affero General Public License as published by |
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
9 # the Free Software Foundation, either version 3 of the License, or |
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
10 # (at your option) any later version. |
242 | 11 |
312
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
12 # This program is distributed in the hope that it will be useful, |
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
15 # GNU Affero General Public License for more details. |
242 | 16 |
312
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
17 # You should have received a copy of the GNU Affero General Public License |
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
242 | 19 |
312
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
20 # --- |
242 | 21 |
312
5d7c3787672e
fixed copyright put in docstring instead of comments
Goffi <goffi@goffi.org>
parents:
293
diff
changeset
|
22 # This module implements XEP-0356 (Privileged Entity) to manage rosters, messages and presences |
242 | 23 |
24 from wokkel import xmppim | |
25 from wokkel.compat import IQ | |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
26 from wokkel import pubsub |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
27 from wokkel.iwokkel import IPubSubService |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
28 from wokkel.subprotocols import XMPPHandler |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
29 from twisted.python import log |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
30 from twisted.python import failure |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
31 from twisted.words.xish import domish |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
32 from twisted.words.protocols.jabber import jid |
242 | 33 |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
34 FORWARDED_NS = 'urn:xmpp:forward:0' |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
35 PRIV_ENT_NS = 'urn:xmpp:privilege:1' |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
36 PRIV_ENT_ADV_XPATH = '/message/privilege[@xmlns="{}"]'.format(PRIV_ENT_NS) |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
37 ROSTER_NS = 'jabber:iq:roster' |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
38 PERM_ROSTER = 'roster' |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
39 PERM_MESSAGE = 'message' |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
40 PERM_PRESENCE = 'presence' |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
41 ALLOWED_ROSTER = ('none', 'get', 'set', 'both') |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
42 ALLOWED_MESSAGE = ('none', 'outgoing') |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
43 ALLOWED_PRESENCE = ('none', 'managed_entity', 'roster') |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
44 TO_CHECK = {PERM_ROSTER:ALLOWED_ROSTER, PERM_MESSAGE:ALLOWED_MESSAGE, PERM_PRESENCE:ALLOWED_PRESENCE} |
242 | 45 |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
46 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
47 class InvalidStanza(Exception): |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
48 pass |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
49 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
50 class NotAllowedError(Exception): |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
51 pass |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
52 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
53 class PrivilegesHandler(XMPPHandler): |
242 | 54 #FIXME: need to manage updates, and database sync |
55 #TODO: cache | |
56 | |
321
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
57 def __init__(self, service_jid): |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
58 super(PrivilegesHandler, self).__init__() |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
59 self._permissions = {PERM_ROSTER: 'none', |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
60 PERM_MESSAGE: 'none', |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
61 PERM_PRESENCE: 'none'} |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
62 self._pubsub_service = None |
321
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
63 # FIXME: we use a hack supposing that our privilege come from hostname |
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
64 # and we are a component named [name].hostname |
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
65 # but we need to manage properly server |
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
66 # TODO: do proper server handling |
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
67 self.server_jid = jid.JID(service_jid.host.split('.', 1)[1]) |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
68 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
69 @property |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
70 def permissions(self): |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
71 return self._permissions |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
72 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
73 def connectionInitialized(self): |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
74 for handler in self.parent.handlers: |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
75 if IPubSubService.providedBy(handler): |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
76 self._pubsub_service = handler |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
77 break |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
78 self.xmlstream.addObserver(PRIV_ENT_ADV_XPATH, self.onAdvertise) |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
79 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
80 def onAdvertise(self, message): |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
81 """Managage the <message/> advertising privileges |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
82 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
83 self._permissions will be updated according to advertised privileged |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
84 """ |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
85 privilege_elt = message.elements(PRIV_ENT_NS, 'privilege').next() |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
86 for perm_elt in privilege_elt.elements(PRIV_ENT_NS): |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
87 try: |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
88 if perm_elt.name != 'perm': |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
89 raise InvalidStanza(u'unexpected element {}'.format(perm_elt.name)) |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
90 perm_access = perm_elt['access'] |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
91 perm_type = perm_elt['type'] |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
92 try: |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
93 if perm_type not in TO_CHECK[perm_access]: |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
94 raise InvalidStanza(u'bad type [{}] for permission {}'.format(perm_type, perm_access)) |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
95 except KeyError: |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
96 raise InvalidStanza(u'bad permission [{}]'.format(perm_access)) |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
97 except InvalidStanza as e: |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
98 log.msg("Invalid stanza received ({}), setting permission to none".format(e)) |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
99 for perm in self._permissions: |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
100 self._permissions[perm] = 'none' |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
101 break |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
102 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
103 self._permissions[perm_access] = perm_type or 'none' |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
104 |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
105 log.msg('Privileges updated: roster={roster}, message={message}, presence={presence}'.format(**self._permissions)) |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
106 |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
107 ## roster ## |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
108 |
242 | 109 def getRoster(self, to_jid): |
110 """ | |
111 Retrieve contact list. | |
112 | |
113 @return: Roster as a mapping from L{JID} to L{RosterItem}. | |
114 @rtype: L{twisted.internet.defer.Deferred} | |
115 """ | |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
116 if self._permissions[PERM_ROSTER] not in ('get', 'both'): |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
117 log.msg("WARNING: permission not allowed to get roster") |
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
118 raise failure.Failure(NotAllowedError('roster get is not allowed')) |
242 | 119 |
120 def processRoster(result): | |
121 roster = {} | |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
122 for element in result.elements(ROSTER_NS, 'item'): |
253
06494c9b25f2
update to fix broken RemoteRoster after Wokkel 0.7.1 changes
Goffi <goffi@goffi.org>
parents:
242
diff
changeset
|
123 item = xmppim.RosterItem.fromElement(element) |
06494c9b25f2
update to fix broken RemoteRoster after Wokkel 0.7.1 changes
Goffi <goffi@goffi.org>
parents:
242
diff
changeset
|
124 roster[item.entity] = item |
242 | 125 |
126 return roster | |
127 | |
128 iq = IQ(self.xmlstream, 'get') | |
285
a87c155d0fd5
replaced former roster dirty hack by a XEP-0356 first draft implementation, only roster get is implemented so far
Goffi <goffi@goffi.org>
parents:
283
diff
changeset
|
129 iq.addElement((ROSTER_NS, 'query')) |
242 | 130 iq["to"] = to_jid.userhost() |
131 d = iq.send() | |
132 d.addCallback(processRoster) | |
133 return d | |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
134 |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
135 ## message ## |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
136 |
321
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
137 def sendMessage(self, priv_message, to_jid=None): |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
138 """ Send privileged message (in the name of the server) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
139 |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
140 @param priv_message(domish.Element): privileged message |
321
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
141 @param to_jid(jid.JID, None): main message destinee |
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
142 None to use our own server |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
143 """ |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
144 if self._permissions[PERM_MESSAGE] not in ('outgoing',): |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
145 log.msg("WARNING: permission not allowed to send privileged messages") |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
146 raise failure.Failure(NotAllowedError('privileged messages are not allowed')) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
147 |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
148 main_message = domish.Element((None, "message")) |
321
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
149 if to_jid is None: |
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
150 to_jid = self.server_jid |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
151 main_message['to'] = to_jid.full() |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
152 privilege_elt = main_message.addElement((PRIV_ENT_NS, 'privilege')) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
153 forwarded_elt = privilege_elt.addElement((FORWARDED_NS, 'forwarded')) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
154 priv_message['xmlns'] = 'jabber:client' |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
155 forwarded_elt.addChild(priv_message) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
156 self.send(main_message) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
157 |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
158 def notifyPublish(self, pep_jid, nodeIdentifier, notifications): |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
159 """Do notifications using privileges""" |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
160 for subscriber, subscriptions, items in notifications: |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
161 message = self._pubsub_service._createNotification('items', pep_jid, |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
162 nodeIdentifier, subscriber, |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
163 subscriptions) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
164 for item in items: |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
165 item.uri = pubsub.NS_PUBSUB_EVENT |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
166 message.event.items.addChild(item) |
321
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
167 self.sendMessage(message) |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
168 |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
169 |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
170 def notifyRetract(self, pep_jid, nodeIdentifier, notifications): |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
171 for subscriber, subscriptions, items in notifications: |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
172 message = self._pubsub_service._createNotification('items', pep_jid, |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
173 nodeIdentifier, subscriber, |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
174 subscriptions) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
175 for item in items: |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
176 retract = domish.Element((None, "retract")) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
177 retract['id'] = item['id'] |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
178 message.event.items.addChild(retract) |
321
c7fe09894952
privilege: better handling of main message 'to' attribute (i.e. privileged entity's server)
Goffi <goffi@goffi.org>
parents:
312
diff
changeset
|
179 self.sendMessage(message) |
293
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
180 |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
181 |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
182 # def notifyDelete(self, service, nodeIdentifier, subscribers, |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
183 # redirectURI=None): |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
184 # # TODO |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
185 # for subscriber in subscribers: |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
186 # message = self._createNotification('delete', service, |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
187 # nodeIdentifier, |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
188 # subscriber) |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
189 # if redirectURI: |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
190 # redirect = message.event.delete.addElement('redirect') |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
191 # redirect['uri'] = redirectURI |
b96a4ac25f8b
privilege: added methods to send privileged messages and notifications
Goffi <goffi@goffi.org>
parents:
286
diff
changeset
|
192 # self.send(message) |