Mercurial > libervia-pubsub
diff sat_pubsub/backend.py @ 248:50f6ee966da8
item are gotten according to item's access model in getItems
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sun, 03 Jun 2012 15:57:28 +0200 |
| parents | 42048e37699e |
| children | eb14b8d30cba |
line wrap: on
line diff
--- a/sat_pubsub/backend.py Thu May 31 00:24:20 2012 +0200 +++ b/sat_pubsub/backend.py Sun Jun 03 15:57:28 2012 +0200 @@ -432,7 +432,7 @@ if not _entity in roster: raise error.NotInRoster if roster[_entity].groups.intersection(authorized_groups): - return True + return (True, roster) raise error.NotInRoster def _getNodeGroups(self, roster, nodeIdentifier): @@ -443,14 +443,18 @@ def _doGetItems(self, result, requestor, maxItems, itemIdentifiers): node, affiliation = result - def access_checked(authorized): + def access_checked(access_data): + authorized, roster = access_data if not authorized: raise error.NotAuthorized() + roster_item = roster.get(requestor.userhost()) + authorized_groups = tuple(roster_item.groups) if roster_item else tuple() + if itemIdentifiers: - return node.getItemsById(itemIdentifiers) + return node.getItemsById(authorized_groups, affiliation == 'owner', itemIdentifiers) else: - return node.getItems(maxItems) + return node.getItems(authorized_groups, affiliation == 'owner', maxItems) if not ILeafNode.providedBy(node): @@ -460,13 +464,13 @@ raise error.Forbidden() access_model = node.getConfiguration()["pubsub#access_model"] + d = node.getNodeOwner() + d.addCallback(self.roster.getRoster) if access_model == 'open' or affiliation == 'owner': - d = defer.succeed(True) + d.addCallback(lambda roster: (True,roster)) d.addCallback(access_checked) elif access_model == 'roster': - d = node.getNodeOwner() - d.addCallback(self.roster.getRoster) d.addCallback(self._getNodeGroups,node.nodeIdentifier) d.addCallback(self.checkGroup, requestor) d.addCallback(access_checked)