backend, pgsql storage: better items/notification handling, various fixes: - replaced const.VAL_AMODEL_ROSTER by const.VAL_AMODEL_PUBLISHER_ROSTER to follow change in pgsql schema - implemented whitelist access model - fixed bad access check during items retrieval (access was checked on recipient instead of requestor/sender) - getItemsData and notification filtering now use inline callbacks: this make these complexe workflows far mor easy to read, and clarity is imperative in these security critical sections. - publisher-roster access model now need to have only one owner, else it will fail. The idea is to use this model only when owner=publisher, else there is ambiguity on the roster to use to check access - replaced getNodeOwner by node.getOwners, as a node can have several owners - notifications filtering has been fixed in a similar way - psql: simplified withPEP method, pep_table argument is actually not needed - removed error.NotInRoster: error.Forbidden is used instead - notifications now notify all the owners, not only the first one

#!/usr/bin/python
#-*- coding: utf-8 -*-
# Copyright (c) 2003-2008 Ralph Meijer
# See LICENSE for details.

"""
Example TAC for SàT Pubsub.
"""

from twisted.application import service
from twisted.words.protocols.jabber.jid import JID

from sat_pubsub import tap

application = service.Application("sat_pubsub")

config = {
    'jid': JID('sat-pubsub.necton3.int'),
    'secret': 'pass',
    'rhost': '127.0.0.1',
    'rport': 5347,
    'backend': 'pgsql',
    'dbuser': 'goffi',
    'dbpass': 'toto',
    'dbname': "pubsub",
    'dbhost': "localhost",
    'dbport': None,
    'verbose': True,
    'hide-nodes': False,
}

idavollService = tap.makeService(config)
idavollService.setServiceParent(application)

# Set the maximum delay until trying to reconnect.
componentService = idavollService.getServiceNamed('component')
componentService.factory.maxdelay = 300