Initial capabilities stuff

2019-07-06 10:07:24 +01:00 · 2019-07-06 10:07:24 +01:00 · b86cfdf42d
parent 4dca5caef7
commit b86cfdf42d
2 changed files with 45 additions and 5 deletions
--- a/README.md
+++ b/README.md
@ -18,6 +18,8 @@ This project is currently *pre alpha* and not recommended for any real world use
 * Implemented in a common language (Python 3)
 * Opt-in federation. Federate with a well-defined list of instances.
 * Keyword filtering.
+ * Being able to define roles and skills, similar to the Pursuance project.
+ * Sharings collection, similar to the gnusocial sharings plugin
 * Resistant to flooding, hellthreads, etc.
 * Support content warnings, reporting and blocking.
 * http signatures and basic auth.
--- a/capabilities.py
+++ b/capabilities.py
@ -6,15 +6,53 @@ __maintainer__ = "Bob Mottram"
 __email__ = "bob@freedombone.net"
 __status__ = "Production"

+import os
 from auth import createPassword

-def sendCapabilitiesRequest(baseDir: str,httpPrefix: str,domain: str) -> None:
-
+def sendCapabilitiesRequest(baseDir: str,httpPrefix: str,requestedDomain: str,nickname=None) -> None:
+    # This is sent to the capabilities endpoint /caps/new
+    # which could be instance wide or for a particular person
    capId=createPassword(32)
    capRequest = {
-        "id": httpPrefix+"://"+domain+"/caps/request/"+capId,
+        "id": httpPrefix+"://"+requestedDomain+"/caps/request/"+capId,
        "type": "Request",
-        "capability": ["inbox:write", "objects:read"],
+        "capability": {
+            "inbox": "write",
+            "objects": "read"
+        },
+        "actor": httpPrefix+"://"+requestedDomain
+    }
+    # requesting for a particular person
+    if nickname:
+        # does the account exist for this person?
+        if os.path.isdir(baseDir+'/accounts/'+nickname+'@'+requestedDomain):
+            capRequest['scope']=httpPrefix+"://"+requestedDomain+'/users/'+nickname
+    #TODO
+
+def sendCapabilitiesAccept(baseDir: str,httpPrefix: str,domain: str,acceptedDomain: str,nickname=None) -> None:
+    # This gets returned to capabilities requester
+    capId=createPassword(32)
+    capAccept = {
+        "id": httpPrefix+"://"+domain+"/caps/"+capId,
+        "type": "Capability",
+        "capability": {
+            "inbox": "write",
+            "objects": "read"
+        },
+        "scope": httpPrefix+"://"+acceptedDomain,
        "actor": httpPrefix+"://"+domain
    }
-        
+
+    # accepting for a particular person
+    if nickname:
+        # does the account exist for this person?
+        if os.path.isdir(baseDir+'/accounts/'+nickname+'@'+acceptedDomain):
+            capAccept['scope']=httpPrefix+"://"+acceptedDomain+'/users/'+nickname
+    #TODO
+
+def isCapable(actor: str,capsJson: []) -> bool:
+    # is the given actor capable of using the current resource?
+    for cap in capsJson:
+        if cap['scope'] in actor:
+            return True
+    return False