Mercurial > libervia-pubsub

comparison sat_pubsub/backend.py @ 248:50f6ee966da8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
item are gotten according to item's access model in getItems
author Goffi <goffi@goffi.org>
date Sun, 03 Jun 2012 15:57:28 +0200
parents 42048e37699e
children eb14b8d30cba
comparison
equal deleted inserted replaced
247:70fae534b83a 248:50f6ee966da8
430 _entity = entity.userhost() 430 _entity = entity.userhost()
431 431
432 if not _entity in roster: 432 if not _entity in roster:
433 raise error.NotInRoster 433 raise error.NotInRoster
434 if roster[_entity].groups.intersection(authorized_groups): 434 if roster[_entity].groups.intersection(authorized_groups):
435 return True 435 return (True, roster)
436 raise error.NotInRoster 436 raise error.NotInRoster
437 437
438 def _getNodeGroups(self, roster, nodeIdentifier): 438 def _getNodeGroups(self, roster, nodeIdentifier):
439 d = self.storage.getNodeGroups(nodeIdentifier) 439 d = self.storage.getNodeGroups(nodeIdentifier)
440 d.addCallback(lambda groups: (roster, groups)) 440 d.addCallback(lambda groups: (roster, groups))
441 return d 441 return d
442 442
443 def _doGetItems(self, result, requestor, maxItems, itemIdentifiers): 443 def _doGetItems(self, result, requestor, maxItems, itemIdentifiers):
444 node, affiliation = result 444 node, affiliation = result
445 445
446 def access_checked(authorized): 446 def access_checked(access_data):
447 authorized, roster = access_data
447 if not authorized: 448 if not authorized:
448 raise error.NotAuthorized() 449 raise error.NotAuthorized()
449 450
451 roster_item = roster.get(requestor.userhost())
452 authorized_groups = tuple(roster_item.groups) if roster_item else tuple()
453
450 if itemIdentifiers: 454 if itemIdentifiers:
451 return node.getItemsById(itemIdentifiers) 455 return node.getItemsById(authorized_groups, affiliation == 'owner', itemIdentifiers)
452 else: 456 else:
453 return node.getItems(maxItems) 457 return node.getItems(authorized_groups, affiliation == 'owner', maxItems)
454 458
455 459
456 if not ILeafNode.providedBy(node): 460 if not ILeafNode.providedBy(node):
457 return [] 461 return []
458 462
459 if affiliation == 'outcast': 463 if affiliation == 'outcast':
460 raise error.Forbidden() 464 raise error.Forbidden()
461 465
462 access_model = node.getConfiguration()["pubsub#access_model"] 466 access_model = node.getConfiguration()["pubsub#access_model"]
467 d = node.getNodeOwner()
468 d.addCallback(self.roster.getRoster)
463 469
464 if access_model == 'open' or affiliation == 'owner': 470 if access_model == 'open' or affiliation == 'owner':
465 d = defer.succeed(True) 471 d.addCallback(lambda roster: (True,roster))
466 d.addCallback(access_checked) 472 d.addCallback(access_checked)
467 elif access_model == 'roster': 473 elif access_model == 'roster':
468 d = node.getNodeOwner()
469 d.addCallback(self.roster.getRoster)
470 d.addCallback(self._getNodeGroups,node.nodeIdentifier) 474 d.addCallback(self._getNodeGroups,node.nodeIdentifier)
471 d.addCallback(self.checkGroup, requestor) 475 d.addCallback(self.checkGroup, requestor)
472 d.addCallback(access_checked) 476 d.addCallback(access_checked)
473 477
474 return d 478 return d