diff --git a/daemon.py b/daemon.py index edaab088..bfb039a9 100644 --- a/daemon.py +++ b/daemon.py @@ -428,7 +428,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.port, \ self.path, \ self.server.httpPrefix, \ - maxPostsInFeed, 'inbox') + maxPostsInFeed, 'inbox', \ + True,self.server.ocapAlways) if inboxFeed: self._set_headers('application/json') self.wfile.write(json.dumps(inboxFeed).encode('utf-8')) @@ -450,7 +451,8 @@ class PubServer(BaseHTTPRequestHandler): self.server.port,self.path, \ self.server.httpPrefix, \ maxPostsInFeed, 'outbox', \ - self._isAuthorized()) + self._isAuthorized(), \ + self.server.ocapAlways) if outboxFeed: self._set_headers('application/json') self.wfile.write(json.dumps(outboxFeed).encode('utf-8')) diff --git a/inbox.py b/inbox.py index 958cb635..1baa9948 100644 --- a/inbox.py +++ b/inbox.py @@ -960,12 +960,13 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [], \ queue.pop(0) continue - # copy any posts addressed to followers into the shared inbox + # Copy any posts addressed to followers into the shared inbox # this avoid copying file multiple times to potentially many # individual inboxes - # TODO This obviously bypasses object capabilities and so - # any checking will need to be handled at the time when inbox - # GET happens on individual accounts + # This obviously bypasses object capabilities and so + # any checking will needs to be handled at the time when inbox + # GET happens on individual accounts. + # See posts.py/createBoxBase if len(recipientsDictFollowers)>0: copyfile(queueFilename, \ queueJson['destination'].replace(inboxHandle,inboxHandle)) diff --git a/person.py b/person.py index e752c158..53df7576 100644 --- a/person.py +++ b/person.py @@ -249,7 +249,7 @@ def personLookup(domain: str,path: str,baseDir: str) -> {}: def personBoxJson(baseDir: str,domain: str,port: int,path: str, \ httpPrefix: str,noOfItems: int,boxname: str, \ - authorized: bool) -> []: + authorized: bool,ocapAlways: bool) -> []: """Obtain the inbox/outbox feed for the given person """ if boxname!='inbox' and boxname!='outbox': @@ -288,12 +288,12 @@ def personBoxJson(baseDir: str,domain: str,port: int,path: str, \ return None if boxname=='inbox': return createInbox(baseDir,nickname,domain,port,httpPrefix, \ - noOfItems,headerOnly,pageNumber) + noOfItems,headerOnly,ocapAlways,pageNumber) return createOutbox(baseDir,nickname,domain,port,httpPrefix, \ noOfItems,headerOnly,authorized,pageNumber) def personInboxJson(baseDir: str,domain: str,port: int,path: str, \ - httpPrefix: str,noOfItems: int) -> []: + httpPrefix: str,noOfItems: int,ocapAlways: bool) -> []: """Obtain the inbox feed for the given person Authentication is expected to have already happened """ @@ -329,7 +329,7 @@ def personInboxJson(baseDir: str,domain: str,port: int,path: str, \ if not validNickname(nickname): return None return createInbox(baseDir,nickname,domain,port,httpPrefix, \ - noOfItems,headerOnly,pageNumber) + noOfItems,headerOnly,ocapAlways,pageNumber) def setPreferredNickname(baseDir: str,nickname: str, domain: str, \ preferredName: str) -> bool: diff --git a/posts.py b/posts.py index 1095efce..be01a0a3 100644 --- a/posts.py +++ b/posts.py @@ -771,13 +771,13 @@ def sendToFollowers(session,baseDir: str, personCache,debug) def createInbox(baseDir: str,nickname: str,domain: str,port: int,httpPrefix: str, \ - itemsPerPage: int,headerOnly: bool,pageNumber=None) -> {}: + itemsPerPage: int,headerOnly: bool,ocapAlways: bool,pageNumber=None) -> {}: return createBoxBase(baseDir,'inbox',nickname,domain,port,httpPrefix, \ - itemsPerPage,headerOnly,True,pageNumber) + itemsPerPage,headerOnly,True,ocapAlways,pageNumber) def createOutbox(baseDir: str,nickname: str,domain: str,port: int,httpPrefix: str, \ itemsPerPage: int,headerOnly: bool,authorized: bool,pageNumber=None) -> {}: return createBoxBase(baseDir,'outbox',nickname,domain,port,httpPrefix, \ - itemsPerPage,headerOnly,authorized,pageNumber) + itemsPerPage,headerOnly,authorized,False,pageNumber) def getStatusNumberFromPostFilename(filename) -> int: """Gets the status number from a post filename @@ -790,7 +790,8 @@ def getStatusNumberFromPostFilename(filename) -> int: def createBoxBase(baseDir: str,boxname: str, \ nickname: str,domain: str,port: int,httpPrefix: str, \ - itemsPerPage: int,headerOnly: bool,authorized :bool,pageNumber=None) -> {}: + itemsPerPage: int,headerOnly: bool,authorized :bool, \ + ocapAlways: bool,pageNumber=None) -> {}: """Constructs the box feed for a person with the given nickname """ if boxname!='inbox' and boxname!='outbox': @@ -853,8 +854,25 @@ def createBoxBase(baseDir: str,boxname: str, \ if actorNickname and actorDomain: # is the actor followed by this account? if actorNickname+'@'+actorDomain in open(followingFilename).read(): - postsInBoxDict[statusNumber]=sharedInboxFilename - postsCtr+=1 + if ocapAlways: + capsList=None + # Note: should this be in the Create or the object of a post? + if postJson.get('capability'): + if isinstance(postJson['capability'], list): + capsList=postJson['capability'] + # Have capabilities been granted for the sender? + ocapFilename=baseDir+'/accounts/'+handle+'/ocap/granted/'+postJson['actor'].replace('/','#')+'.json' + if os.path.isfile(ocapFilename): + # read the capabilities id + with open(ocapFilename, 'r') as fp: + ocapJson=commentjson.load(fp) + if ocapJson.get('id'): + if ocapJson['id'] in capsList: + postsInBoxDict[statusNumber]=sharedInboxFilename + postsCtr+=1 + else: + postsInBoxDict[statusNumber]=sharedInboxFilename + postsCtr+=1 # sort the list in descending order of date postsInBox=OrderedDict(sorted(postsInBoxDict.items(),reverse=True))