Mercurial > libervia-web
changeset 1287:1f26d8c2afc1
server: restricted_bridge first draft:
bridge with a limited set of methods, where arguments are checked or removed, and
security_limit is used. This bridge is used for calls from browser.
author | Goffi <goffi@goffi.org> |
---|---|
date | Fri, 19 Jun 2020 16:47:51 +0200 |
parents | 63328c793a9e |
children | 7cec74557aa3 |
files | libervia/server/restricted_bridge.py libervia/server/server.py |
diffstat | 2 files changed, 39 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/libervia/server/restricted_bridge.py Fri Jun 19 16:47:51 2020 +0200 @@ -0,0 +1,37 @@ +#!/usr/bin/env python3 + +# Libervia: a SàT frontend +# Copyright (C) 2009-2020 Jérôme Poisson (goffi@goffi.org) + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. + +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +from libervia.server.constants import Const as C + + +class RestrictedBridge: + """Bridge with limited access, which can be used in browser + + Only a few method are implemented, with potentially dangerous argument controlled. + Security limit is used + """ + + def __init__(self, host): + self.host = host + self.security_limit = C.SECURITY_LIMIT + + async def fileHTTPUploadGetSlot( + self, filename, size, content_type, upload_jid, profile): + return await self.host.bridgeCall( + "fileHTTPUploadGetSlot", filename, size, content_type, + upload_jid, profile)
--- a/libervia/server/server.py Fri Jun 19 16:47:51 2020 +0200 +++ b/libervia/server/server.py Fri Jun 19 16:47:51 2020 +0200 @@ -62,6 +62,7 @@ from libervia.server.constants import Const as C from libervia.server import session_iface +from .restricted_bridge import RestrictedBridge log = getLogger(__name__) @@ -815,6 +816,7 @@ self.cache_root_dir = os.path.join(self.local_dir, C.CACHE_DIR) self.renderer = template.Renderer(self, self._front_url_filter) sites_names = list(self.renderer.sites_paths.keys()) + self.restricted_bridge = RestrictedBridge(self) self._moveFirstLevelToDict(self.options, "url_redirections_dict", sites_names) self._moveFirstLevelToDict(self.options, "menu_json", sites_names)