changeset 237:6596730685e8

added creator check support
author Goffi <goffi@goffi.org>
date Thu, 17 May 2012 13:15:11 +0200
parents 65bc75603539
children a4511cb06352
files sat_pubsub/backend.py
diffstat 1 files changed, 21 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/sat_pubsub/backend.py	Thu May 17 13:07:41 2012 +0200
+++ b/sat_pubsub/backend.py	Thu May 17 13:15:11 2012 +0200
@@ -1,6 +1,6 @@
 #!/usr/bin/python
 #-*- coding: utf-8 -*-
-
+#
 """
 Copyright (c) 2003-2011 Ralph Meijer
 Copyright (c) 2012 Jérôme Poisson
@@ -70,6 +70,7 @@
 from twisted.python import components, log
 from twisted.internet import defer, reactor
 from twisted.words.protocols.jabber.error import StanzaError
+from twisted.words.protocols.jabber.jid import JID
 from twisted.words.xish import utility
 
 from wokkel import disco
@@ -340,6 +341,9 @@
     def supportsAutoCreate(self):
         return True
 
+    def supportsCreatorCheck(self):
+        return True
+
     def supportsInstantNodes(self):
         return True
 
@@ -348,6 +352,19 @@
         if not nodeIdentifier:
             nodeIdentifier = 'generic/%s' % uuid.uuid4()
 
+        if self.supportsCreatorCheck():
+            try:
+                nodeIdentifierJID = JID(nodeIdentifier)
+            except InvalidFormat:
+                is_user_jid = False
+            else:
+                is_user_jid = bool(nodeIdentifierJID.user)
+            
+            if is_user_jid and nodeIdentifierJID.userhost() != requestor.userhost():
+                #we have an user jid node, but not created by the owner of this jid
+                print "Wrong creator"
+                raise error.Forbidden()
+
         nodeType = 'leaf'
         config = self.storage.getDefaultConfiguration(nodeType)
         config['pubsub#node_type'] = nodeType
@@ -586,6 +603,9 @@
 
         self.backend.registerNotifier(self._notify)
         self.backend.registerPreDelete(self._preDelete)
+        if self.backend.supportsCreatorCheck():
+            self.features.append("creator-jid-check")  #SàT custom feature: Check that a node (which correspond to
+                                                       #                    a jid in this server) is created by the right jid
 
         if self.backend.supportsAutoCreate():
             self.features.append("auto-create")