Mercurial > libervia-pubsub
view sat_pubsub/privilege.py @ 289:f08f8536cab8
mod delegation: extensions management (XEP-0128)
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sat, 18 Apr 2015 00:15:01 +0200 |
| parents | 2f87fa282dfd |
| children | b96a4ac25f8b |
line wrap: on
line source
#!/usr/bin/python #-*- coding: utf-8 -*- # """ Copyright (c) 2015 Jérôme Poisson This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. --- This module implements XEP-0356 (Privileged Entity) to manage rosters, messages and presences """ from wokkel import xmppim from wokkel.compat import IQ from wokkel.subprotocols import XMPPHandler from twisted.python import log from twisted.python import failure PRIV_ENT_NS = 'urn:xmpp:privilege:1' PRIV_ENT_ADV_XPATH = '/message/privilege[@xmlns="{}"]'.format(PRIV_ENT_NS) ROSTER_NS = 'jabber:iq:roster' PERM_ROSTER = 'roster' PERM_MESSAGE = 'message' PERM_PRESENCE = 'presence' ALLOWED_ROSTER = ('none', 'get', 'set', 'both') ALLOWED_MESSAGE = ('none', 'outgoing') ALLOWED_PRESENCE = ('none', 'managed_entity', 'roster') TO_CHECK = {PERM_ROSTER:ALLOWED_ROSTER, PERM_MESSAGE:ALLOWED_MESSAGE, PERM_PRESENCE:ALLOWED_PRESENCE} class InvalidStanza(Exception): pass class NotAllowedError(Exception): pass class PrivilegesHandler(XMPPHandler): #FIXME: need to manage updates, and database sync #TODO: cache def __init__(self): super(PrivilegesHandler, self).__init__() self._permissions = {PERM_ROSTER: 'none', PERM_MESSAGE: 'none', PERM_PRESENCE: 'none'} @property def permissions(self): return self._permissions def connectionInitialized(self): self.xmlstream.addObserver(PRIV_ENT_ADV_XPATH, self.onAdvertise) def onAdvertise(self, message): """Managage the <message/> advertising privileges self._permissions will be updated according to advertised privileged """ privilege_elt = message.elements(PRIV_ENT_NS, 'privilege').next() for perm_elt in privilege_elt.elements(PRIV_ENT_NS): try: if perm_elt.name != 'perm': raise InvalidStanza(u'unexpected element {}'.format(perm_elt.name)) perm_access = perm_elt['access'] perm_type = perm_elt['type'] try: if perm_type not in TO_CHECK[perm_access]: raise InvalidStanza(u'bad type [{}] for permission {}'.format(perm_type, perm_access)) except KeyError: raise InvalidStanza(u'bad permission [{}]'.format(perm_access)) except InvalidStanza as e: log.msg("Invalid stanza received ({}), setting permission to none".format(e)) for perm in self._permissions: self._permissions[perm] = 'none' break self._permissions[perm_access] = perm_type or 'none' log.msg('Privileges updated: roster={roster}, message={message}, presence={presence}'.format(**self._permissions)) def getRoster(self, to_jid): """ Retrieve contact list. @return: Roster as a mapping from L{JID} to L{RosterItem}. @rtype: L{twisted.internet.defer.Deferred} """ if self._permissions[PERM_ROSTER] not in ('get', 'both'): log.msg("WARNING: permission not allowed to get roster") raise failure.Failure(NotAllowedError('roster get is not allowed')) def processRoster(result): roster = {} for element in result.elements(ROSTER_NS, 'item'): item = xmppim.RosterItem.fromElement(element) roster[item.entity] = item return roster iq = IQ(self.xmlstream, 'get') iq.addElement((ROSTER_NS, 'query')) iq["to"] = to_jid.userhost() d = iq.send() d.addCallback(processRoster) return d