epicyon/capabilities.py

49 lines
1.6 KiB
Python
Raw Normal View History

__filename__ = "capabilities.py"
__author__ = "Bob Mottram"
__license__ = "AGPL3+"
__version__ = "0.0.1"
__maintainer__ = "Bob Mottram"
__email__ = "bob@freedombone.net"
__status__ = "Production"
2019-07-06 09:07:24 +00:00
import os
from auth import createPassword
2019-07-06 10:38:48 +00:00
def sendCapabilitiesRequest(baseDir: str,httpPrefix: str,domain: str, \
requestedActor: str, \
requestedCaps=["inbox:write","objects:read"]) -> None:
2019-07-06 09:07:24 +00:00
# This is sent to the capabilities endpoint /caps/new
# which could be instance wide or for a particular person
capId=createPassword(32)
capRequest = {
2019-07-06 09:07:24 +00:00
"id": httpPrefix+"://"+requestedDomain+"/caps/request/"+capId,
"type": "Request",
2019-07-06 10:38:48 +00:00
"capability": requestedCaps,
2019-07-06 09:15:40 +00:00
"actor": requestedActor
2019-07-06 09:07:24 +00:00
}
#TODO
2019-07-06 10:38:48 +00:00
def sendCapabilitiesAccept(baseDir: str,httpPrefix: str,nickname: str,domain: str, \
acceptedActor: str, \
acceptedCaps=["inbox:write","objects:read"]) -> None:
2019-07-06 09:07:24 +00:00
# This gets returned to capabilities requester
capId=createPassword(32)
capAccept = {
"id": httpPrefix+"://"+domain+"/caps/"+capId,
"type": "Capability",
2019-07-06 10:38:48 +00:00
"capability": acceptedCaps,
2019-07-06 09:15:40 +00:00
"scope": acceptedActor,
"actor": httpPrefix+"://"+domain
}
2019-07-06 09:07:24 +00:00
if nickname:
2019-07-06 09:15:40 +00:00
capAccept['actor']=httpPrefix+"://"+domain+'/users/'+nickname
2019-07-06 09:07:24 +00:00
#TODO
2019-07-06 10:33:57 +00:00
def isCapable(actor: str,capsJson: [],capability: str) -> bool:
2019-07-06 09:07:24 +00:00
# is the given actor capable of using the current resource?
for cap in capsJson:
if cap['scope'] in actor:
2019-07-06 10:33:57 +00:00
if capability in cap['capability']:
return True
2019-07-06 09:07:24 +00:00
return False