epicyon/capabilities.py

45 lines
1.5 KiB
Python
Raw Normal View History

__filename__ = "capabilities.py"
__author__ = "Bob Mottram"
__license__ = "AGPL3+"
__version__ = "0.0.1"
__maintainer__ = "Bob Mottram"
__email__ = "bob@freedombone.net"
__status__ = "Production"
2019-07-06 09:07:24 +00:00
import os
from auth import createPassword
2019-07-06 09:18:59 +00:00
def sendCapabilitiesRequest(baseDir: str,httpPrefix: str,domain: str,requestedActor: str,inbox="write",objects="read") -> None:
2019-07-06 09:07:24 +00:00
# This is sent to the capabilities endpoint /caps/new
# which could be instance wide or for a particular person
capId=createPassword(32)
capRequest = {
2019-07-06 09:07:24 +00:00
"id": httpPrefix+"://"+requestedDomain+"/caps/request/"+capId,
"type": "Request",
2019-07-06 10:33:57 +00:00
"capability": ["inbox:write","objects:read"],
2019-07-06 09:15:40 +00:00
"actor": requestedActor
2019-07-06 09:07:24 +00:00
}
#TODO
2019-07-06 09:18:59 +00:00
def sendCapabilitiesAccept(baseDir: str,httpPrefix: str,nickname: str,domain: str,acceptedActor: str,inbox="write",objects="read") -> None:
2019-07-06 09:07:24 +00:00
# This gets returned to capabilities requester
capId=createPassword(32)
capAccept = {
"id": httpPrefix+"://"+domain+"/caps/"+capId,
"type": "Capability",
2019-07-06 10:33:57 +00:00
"capability": ["inbox:write","objects:read"],
2019-07-06 09:15:40 +00:00
"scope": acceptedActor,
"actor": httpPrefix+"://"+domain
}
2019-07-06 09:07:24 +00:00
if nickname:
2019-07-06 09:15:40 +00:00
capAccept['actor']=httpPrefix+"://"+domain+'/users/'+nickname
2019-07-06 09:07:24 +00:00
#TODO
2019-07-06 10:33:57 +00:00
def isCapable(actor: str,capsJson: [],capability: str) -> bool:
2019-07-06 09:07:24 +00:00
# is the given actor capable of using the current resource?
for cap in capsJson:
if cap['scope'] in actor:
2019-07-06 10:33:57 +00:00
if capability in cap['capability']:
return True
2019-07-06 09:07:24 +00:00
return False