Mercurial > libervia-pubsub
view sat_pubsub.tac @ 330:82d1259b3e36
backend, pgsql storage: better items/notification handling, various fixes:
- replaced const.VAL_AMODEL_ROSTER by const.VAL_AMODEL_PUBLISHER_ROSTER to follow change in pgsql schema
- implemented whitelist access model
- fixed bad access check during items retrieval (access was checked on recipient instead of requestor/sender)
- getItemsData and notification filtering now use inline callbacks: this make these complexe workflows far mor easy to read, and clarity is imperative in these security critical sections.
- publisher-roster access model now need to have only one owner, else it will fail. The idea is to use this model only when owner=publisher, else there is ambiguity on the roster to use to check access
- replaced getNodeOwner by node.getOwners, as a node can have several owners
- notifications filtering has been fixed in a similar way
- psql: simplified withPEP method, pep_table argument is actually not needed
- removed error.NotInRoster: error.Forbidden is used instead
- notifications now notify all the owners, not only the first one
author | Goffi <goffi@goffi.org> |
---|---|
date | Sun, 26 Mar 2017 20:52:32 +0200 |
parents | 51af2ed8bd50 |
children |
line wrap: on
line source
#!/usr/bin/python #-*- coding: utf-8 -*- # Copyright (c) 2003-2008 Ralph Meijer # See LICENSE for details. """ Example TAC for SàT Pubsub. """ from twisted.application import service from twisted.words.protocols.jabber.jid import JID from sat_pubsub import tap application = service.Application("sat_pubsub") config = { 'jid': JID('sat-pubsub.necton3.int'), 'secret': 'pass', 'rhost': '127.0.0.1', 'rport': 5347, 'backend': 'pgsql', 'dbuser': 'goffi', 'dbpass': 'toto', 'dbname': "pubsub", 'dbhost': "localhost", 'dbport': None, 'verbose': True, 'hide-nodes': False, } idavollService = tap.makeService(config) idavollService.setServiceParent(application) # Set the maximum delay until trying to reconnect. componentService = idavollService.getServiceNamed('component') componentService.factory.maxdelay = 300