indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Posting via web interface

master
Bob Mottram 2019-07-28 14:30:19 +01:00
parent d640cd2934
commit fcf8399b5a
3 changed files with 62 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
daemon.py
View File

@ -320,7 +320,7 @@ class PubServer(BaseHTTPRequestHandler):
messageJson,self.server.debug)
return True
def _updateInboxQueue(self,nickname: str,messageJson: {}) -> int:
def _updateInboxQueue(self,nickname: str,messageJson: {},postFromWebInterface: bool) -> int:
"""Update the inbox queue
"""
# Check if the queue is full
@ -341,6 +341,7 @@ class PubServer(BaseHTTPRequestHandler):
self.headers['host'],
self.headers['signature'],
'/'+self.path.split('/')[-1],
postFromWebInterface,
self.server.debug)
if queueFilename:
# add json to the queue
@ -396,7 +397,18 @@ class PubServer(BaseHTTPRequestHandler):
if '/media/' not in self.path and \
'/sharefiles/' not in self.path and \
'/icons/' not in self.path:
if not authorized:
divertToLoginScreen=True
if self.path.startswith('/users/'):
if '/' not in self.path.split('/users/')[1]:
divertToLoginScreen=False
else:
if self.path.endswith('/following') or \
self.path.endswith('/followers') or \
self.path.endswith('/skills') or \
self.path.endswith('/roles') or \
self.path.endswith('/shares'):
divertToLoginScreen=False
if divertToLoginScreen and not authorized:
self.send_response(303)
self.send_header('Location', '/login')
self.end_headers()
@ -1075,6 +1087,8 @@ class PubServer(BaseHTTPRequestHandler):
fields={}
filename=None
for f in messageFields:
if f=='--':
continue
if ' name="' in f:
postStr=f.split(' name="',1)[1]
if '"' in postStr:
@ -1096,19 +1110,19 @@ class PubServer(BaseHTTPRequestHandler):
searchStr=b'Content-Type: image/png'
imageLocation=postBytes.find(searchStr)
filenameBase=self.server.baseDir+'/accounts/'+nickname+'@'+self.server.domain+'/upload'
if imageLocation:
if imageLocation>-1:
filename=filenameBase+'.png'
else:
searchStr=b'Content-Type: image/jpeg'
imageLocation=postBytes.find(searchStr)
if imageLocation:
if imageLocation>-1:
filename=filenameBase+'.jpg'
else:
searchStr=b'Content-Type: image/gif'
imageLocation=postBytes.find(searchStr)
if imageLocation:
if imageLocation>-1:
filename=filenameBase+'.gif'
if filename and imageLocation:
if filename and imageLocation>-1:
# locate the beginning of the image, after any
# carriage returns
startPos=imageLocation+len(searchStr)
@ -1144,9 +1158,8 @@ class PubServer(BaseHTTPRequestHandler):
filename,fields['imageDescription'],True, \
fields['replyTo'], fields['replyTo'],fields['subject'])
if messageJson:
queueStatus=self._updateInboxQueue(nickname,messageJson)
if queueStatus==0:
return True
self.postToNickname=nickname
return self._postToOutbox(messageJson)
if postType=='newunlisted':
messageJson= \
@ -1158,9 +1171,8 @@ class PubServer(BaseHTTPRequestHandler):
filename,fields['imageDescription'],True, \
fields['replyTo'], fields['replyTo'],fields['subject'])
if messageJson:
queueStatus=self._updateInboxQueue(nickname,messageJson)
if queueStatus==0:
return True
self.postToNickname=nickname
return self._postToOutbox(messageJson)
if postType=='newfollowers':
messageJson= \
@ -1172,9 +1184,8 @@ class PubServer(BaseHTTPRequestHandler):
filename,fields['imageDescription'],True, \
fields['replyTo'], fields['replyTo'],fields['subject'])
if messageJson:
queueStatus=self._updateInboxQueue(nickname,messageJson)
if queueStatus==0:
return True
self.postToNickname=nickname
return self._postToOutbox(messageJson)
if postType=='newdm':
messageJson= \
@ -1184,11 +1195,10 @@ class PubServer(BaseHTTPRequestHandler):
self.server.httpPrefix, \
fields['message'],True,False,False, \
filename,fields['imageDescription'],True, \
fields['replyTo'], fields['replyTo'],fields['subject'])
fields['replyTo'],fields['replyTo'],fields['subject'])
if messageJson:
queueStatus=self._updateInboxQueue(nickname,messageJson)
if queueStatus==0:
return True
self.postToNickname=nickname
return self._postToOutbox(messageJson)
if postType=='newshare':
if not fields.get('itemType'):
@ -1211,11 +1221,10 @@ class PubServer(BaseHTTPRequestHandler):
fields['location'], \
fields['duration'],
self.server.debug)
# TODO distribute shares to followers
if os.path.isfile(filename):
os.remove(filename)
return True
self.postToNickname=nickname
return self._postToOutbox(messageJson)
return False
def do_POST(self):
@ -1493,7 +1502,7 @@ class PubServer(BaseHTTPRequestHandler):
else:
self.postToNickname=pathUsersSection.split('/')[0]
if self.postToNickname:
queueStatus=self._updateInboxQueue(self.postToNickname,messageJson)
queueStatus=self._updateInboxQueue(self.postToNickname,messageJson,False)
if queueStatus==0:
self.send_response(200)
self.end_headers()
@ -1511,7 +1520,7 @@ class PubServer(BaseHTTPRequestHandler):
else:
if self.path == '/sharedInbox' or self.path == '/inbox':
print('DEBUG: POST to shared inbox')
queueStatus=_updateInboxQueue('inbox',messageJson)
queueStatus=_updateInboxQueue('inbox',messageJson,False)
if queueStatus==0:
self.send_response(200)
self.end_headers()

52
inbox.py
View File

@ -157,7 +157,7 @@ def validPublishedDate(published) -> bool:
return False
return True
def savePostToInboxQueue(baseDir: str,httpPrefix: str,nickname: str, domain: str,postJsonObject: {},host: str,headers: str,postPath: str,debug: bool) -> str:
def savePostToInboxQueue(baseDir: str,httpPrefix: str,nickname: str, domain: str,postJsonObject: {},host: str,headers: str,postPath: str,postFromWebInterface: bool,debug: bool) -> str:
"""Saves the give json to the inbox queue for the person
keyId specifies the actor sending the post
"""
@ -221,7 +221,8 @@ def savePostToInboxQueue(baseDir: str,httpPrefix: str,nickname: str, domain: str
'path': postPath,
'post': postJsonObject,
'filename': filename,
'destination': destination
'destination': destination,
'postFromWebInterface': postFromWebInterface
}
if debug:
@ -1048,6 +1049,8 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [], \
pubKey=None
keyId=None
for tries in range(8):
if queueJson['postFromWebInterface']:
break
keyId=None
signatureParams=queueJson['headers'].split(',')
for signatureItem in signatureParams:
@ -1071,30 +1074,31 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [], \
print('DEBUG: Retry '+str(tries+1)+' obtaining public key for '+keyId)
time.sleep(5)
if not pubKey:
if debug:
print('DEBUG: public key could not be obtained from '+keyId)
os.remove(queueFilename)
queue.pop(0)
continue
if not queueJson['postFromWebInterface']:
if not pubKey:
if debug:
print('DEBUG: public key could not be obtained from '+keyId)
os.remove(queueFilename)
queue.pop(0)
continue
# check the signature
verifyHeaders={
'host': queueJson['host'],
'signature': queueJson['headers']
}
if not verifyPostHeaders(httpPrefix, \
pubKey, verifyHeaders, \
queueJson['path'], False, \
json.dumps(queueJson['post'])):
if debug:
print('DEBUG: Header signature check failed')
os.remove(queueFilename)
queue.pop(0)
continue
# check the signature
verifyHeaders={
'host': queueJson['host'],
'signature': queueJson['headers']
}
if not verifyPostHeaders(httpPrefix, \
pubKey, verifyHeaders, \
queueJson['path'], False, \
json.dumps(queueJson['post'])):
if debug:
print('DEBUG: Header signature check failed')
os.remove(queueFilename)
queue.pop(0)
continue
if debug:
print('DEBUG: Signature check success')
if debug:
print('DEBUG: Signature check success')
if receiveUndo(session, \
baseDir,httpPrefix,port, \

2
utils.py
View File

@ -24,7 +24,7 @@ def getStatusNumber() -> (str,str):
def createPersonDir(nickname: str,domain: str,baseDir: str,dirname: str) -> str:
"""Create a directory for a person
"""
handle=nickname.lower()+'@'+domain.lower()
handle=nickname+'@'+domain
if not os.path.isdir(baseDir+'/accounts/'+handle):
os.mkdir(baseDir+'/accounts/'+handle)
boxDir=baseDir+'/accounts/'+handle+'/'+dirname