Mercurial > libervia-pubsub

diff sat_pubsub/backend.py @ 259:6fe7da6b4b32

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
node "roster" access model management
author Goffi <goffi@goffi.org>
date Mon, 06 May 2013 00:11:44 +0200
parents e5b83fbb0219
children f0cd02c032b3
line wrap: on
line diff
--- a/sat_pubsub/backend.py	Sun Apr 28 19:29:58 2013 +0200
+++ b/sat_pubsub/backend.py	Mon May 06 00:11:44 2013 +0200
@@ -116,6 +116,19 @@
                      "never": "Never",
                      "on_sub": "When a new subscription is processed"}
                 },
+            const.OPT_ACCESS_MODEL:
+                {"type": "list-single",
+                 "label": "Who can subscribe to this node",
+                 "options": {
+                     const.VAL_AMODEL_OPEN: "Public node",
+                     const.VAL_AMODEL_ROSTER: "Node restricted to some roster groups",
+                     const.VAL_AMODEL_JID: "Node restricted to some jids",
+                     }
+                },
+            const.OPT_ROSTER_GROUPS_ALLOWED:
+                {"type": "list-multi",
+                 "label": "Groups of the roster allowed to access the node",
+                },
             }
 
     subscriptionOptions = {
@@ -199,7 +212,7 @@
         @param item:
         """
         item_config = None
-        access_model = const.VAL_DEFAULT
+        access_model = const.VAL_AMODEL_DEFAULT
         for i in range(len(item.children)):
             elt = item.children[i]
             if not (elt.uri,elt.name)==(data_form.NS_X_DATA,'x'):
@@ -211,7 +224,7 @@
                 break
 
         if item_config:
-            access_model = item_config.get(const.OPT_ACCESS_MODEL, const.VAL_DEFAULT)
+            access_model = item_config.get(const.OPT_ACCESS_MODEL, const.VAL_AMODEL_DEFAULT)
 
         return (access_model, item_config)
 
@@ -381,10 +394,13 @@
         return True
 
 
-    def createNode(self, nodeIdentifier, requestor):
+    def createNode(self, nodeIdentifier, requestor, options = None):
         if not nodeIdentifier:
             nodeIdentifier = 'generic/%s' % uuid.uuid4()
 
+        if not options:
+            options = {}
+
         if self.supportsCreatorCheck():
             groupblog = nodeIdentifier.startswith(const.NS_GROUPBLOG_PREFIX)
             try:
@@ -402,6 +418,7 @@
         nodeType = 'leaf'
         config = self.storage.getDefaultConfiguration(nodeType)
         config['pubsub#node_type'] = nodeType
+        config.update(options)
 
         d = self.storage.createNode(nodeIdentifier, requestor, config)
         d.addCallback(lambda _: nodeIdentifier)
@@ -454,20 +471,20 @@
         return d
 
     def checkGroup(self, roster_groups, entity):
-        """Check that requester is in roster
+        """Check that entity is authorized and in roster
         @param roster_group: tuple which 2 items:
                         - roster: mapping of jid to RosterItem as given by self.roster.getRoster
                         - groups: list of authorized groups
         @param entity: entity which must be in group 
-        @return: True if requestor is in roster"""
+        @return: (True, roster) if entity is in roster and authorized
+                 (False, roster) if entity is in roster but not authorized
+        @raise: error.NotInRoster if entity is not in roster"""
         roster, authorized_groups = roster_groups
         _entity = entity.userhostJID()
         
         if not _entity in roster:
             raise error.NotInRoster
-        if roster[_entity].groups.intersection(authorized_groups):
-            return (True, roster)
-        raise error.NotInRoster
+        return (roster[_entity].groups.intersection(authorized_groups), roster)
 
     def _getNodeGroups(self, roster, nodeIdentifier):
         d = self.storage.getNodeGroups(nodeIdentifier)
@@ -481,16 +498,16 @@
             ret = []
             for data in items_data:
                 item, access_model, access_list = data
-                if access_model == const.VAL_OPEN:
+                if access_model == const.VAL_AMODEL_OPEN:
                     pass
-                elif access_model == const.VAL_ROSTER: 
+                elif access_model == const.VAL_AMODEL_ROSTER:
                     form = data_form.Form('submit', formNamespace=const.NS_ITEM_CONFIG)
-                    access = data_form.Field(None, const.OPT_ACCESS_MODEL, value=const.VAL_ROSTER)
+                    access = data_form.Field(None, const.OPT_ACCESS_MODEL, value=const.VAL_AMODEL_ROSTER)
                     allowed = data_form.Field(None, const.OPT_ROSTER_GROUPS_ALLOWED, values=access_list)
                     form.addField(access)
                     form.addField(allowed)
                     item.addChild(form.toElement())
-                elif access_model == const.VAL_JID:
+                elif access_model == const.VAL_AMODEL_JID:
                     #FIXME: manage jid
                     raise NotImplementedError
                 else:
@@ -528,7 +545,7 @@
         d.addCallback(self.roster.getRoster)
         
         if access_model == 'open' or affiliation == 'owner':
-            d.addCallback(lambda roster: (True,roster))
+            d.addCallback(lambda roster: (True, roster))
             d.addCallback(access_checked)
         elif access_model == 'roster':
             d.addCallback(self._getNodeGroups,node.nodeIdentifier)
@@ -919,7 +936,7 @@
 
     def create(self, request):
         d = self.backend.createNode(request.nodeIdentifier,
-                                    request.sender)
+                                    request.sender, request.options)
         return d.addErrback(self._mapErrors)