forked from indymedia/epicyon
Initial capabilities stuff
parent
4dca5caef7
commit
b86cfdf42d
|
|
@ -18,6 +18,8 @@ This project is currently *pre alpha* and not recommended for any real world use
|
||||||
* Implemented in a common language (Python 3)
|
* Implemented in a common language (Python 3)
|
||||||
* Opt-in federation. Federate with a well-defined list of instances.
|
* Opt-in federation. Federate with a well-defined list of instances.
|
||||||
* Keyword filtering.
|
* Keyword filtering.
|
||||||
|
* Being able to define roles and skills, similar to the Pursuance project.
|
||||||
|
* Sharings collection, similar to the gnusocial sharings plugin
|
||||||
* Resistant to flooding, hellthreads, etc.
|
* Resistant to flooding, hellthreads, etc.
|
||||||
* Support content warnings, reporting and blocking.
|
* Support content warnings, reporting and blocking.
|
||||||
* http signatures and basic auth.
|
* http signatures and basic auth.
|
||||||
|
|
|
||||||
|
|
@ -6,15 +6,53 @@ __maintainer__ = "Bob Mottram"
|
||||||
__email__ = "bob@freedombone.net"
|
__email__ = "bob@freedombone.net"
|
||||||
__status__ = "Production"
|
__status__ = "Production"
|
||||||
|
|
||||||
|
import os
|
||||||
from auth import createPassword
|
from auth import createPassword
|
||||||
|
|
||||||
def sendCapabilitiesRequest(baseDir: str,httpPrefix: str,domain: str) -> None:
|
def sendCapabilitiesRequest(baseDir: str,httpPrefix: str,requestedDomain: str,nickname=None) -> None:
|
||||||
|
# This is sent to the capabilities endpoint /caps/new
|
||||||
|
# which could be instance wide or for a particular person
|
||||||
capId=createPassword(32)
|
capId=createPassword(32)
|
||||||
capRequest = {
|
capRequest = {
|
||||||
"id": httpPrefix+"://"+domain+"/caps/request/"+capId,
|
"id": httpPrefix+"://"+requestedDomain+"/caps/request/"+capId,
|
||||||
"type": "Request",
|
"type": "Request",
|
||||||
"capability": ["inbox:write", "objects:read"],
|
"capability": {
|
||||||
|
"inbox": "write",
|
||||||
|
"objects": "read"
|
||||||
|
},
|
||||||
|
"actor": httpPrefix+"://"+requestedDomain
|
||||||
|
}
|
||||||
|
# requesting for a particular person
|
||||||
|
if nickname:
|
||||||
|
# does the account exist for this person?
|
||||||
|
if os.path.isdir(baseDir+'/accounts/'+nickname+'@'+requestedDomain):
|
||||||
|
capRequest['scope']=httpPrefix+"://"+requestedDomain+'/users/'+nickname
|
||||||
|
#TODO
|
||||||
|
|
||||||
|
def sendCapabilitiesAccept(baseDir: str,httpPrefix: str,domain: str,acceptedDomain: str,nickname=None) -> None:
|
||||||
|
# This gets returned to capabilities requester
|
||||||
|
capId=createPassword(32)
|
||||||
|
capAccept = {
|
||||||
|
"id": httpPrefix+"://"+domain+"/caps/"+capId,
|
||||||
|
"type": "Capability",
|
||||||
|
"capability": {
|
||||||
|
"inbox": "write",
|
||||||
|
"objects": "read"
|
||||||
|
},
|
||||||
|
"scope": httpPrefix+"://"+acceptedDomain,
|
||||||
"actor": httpPrefix+"://"+domain
|
"actor": httpPrefix+"://"+domain
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# accepting for a particular person
|
||||||
|
if nickname:
|
||||||
|
# does the account exist for this person?
|
||||||
|
if os.path.isdir(baseDir+'/accounts/'+nickname+'@'+acceptedDomain):
|
||||||
|
capAccept['scope']=httpPrefix+"://"+acceptedDomain+'/users/'+nickname
|
||||||
|
#TODO
|
||||||
|
|
||||||
|
def isCapable(actor: str,capsJson: []) -> bool:
|
||||||
|
# is the given actor capable of using the current resource?
|
||||||
|
for cap in capsJson:
|
||||||
|
if cap['scope'] in actor:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue