mj-saunders
/
epicyon
forked from indymedia/epicyon
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check capabilities at a later stage in inbox queue processing

master
Bob Mottram 2019-07-08 23:22:11 +01:00
parent 533d9de8be
commit d3c64fa797
1 changed files with 55 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
inbox.py
View File

@ -330,61 +330,6 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [],cache
with open(queueFilename, 'r') as fp:
queueJson=commentjson.load(fp)
# get recipients list
recipientsDict=inboxPostRecipients(baseDir,queueJson['post'],httpPrefix,domain,port)
print('*************************************')
print('Resolved recipients list:')
pprint(recipientsDict)
print('*************************************')
# is this sent to the shared inbox? (actor is the 'inbox' account)
sentToSharedInbox=False
if queueJson['post'].get('actor'):
if queueJson['post']['actor'].endswith('/inbox'):
sentToSharedInbox=True
if sentToSharedInbox:
# if this is arriving at the shared inbox then
# don't do the capabilities checks
capabilitiesPassed=True
# TODO how to handle capabilities in the shared inbox scenario?
# should 'capability' be a list instead of a single value?
else:
# check that capabilities are accepted
capabilitiesPassed=False
if queueJson['post'].get('capability'):
if not isinstance(queueJson['post']['capability'], list):
if debug:
print('DEBUG: capability on post should be a list')
os.remove(queueFilename)
queue.pop(0)
continue
capabilityIdList=queueJson['post']['capability']
if capabilityIdList:
capabilitiesPassed= \
inboxCheckCapabilities(baseDir,queueJson['nickname'], \
queueJson['domain'], \
queueJson['post']['actor'], \
queue,queueJson, \
capabilityIdList[0],debug)
if ocapAlways and not capabilitiesPassed:
# Allow follow types through
# i.e. anyone can make a follow request
if queueJson['post'].get('type'):
if queueJson['post']['type']=='Follow' or \
queueJson['post']['type']=='Accept':
capabilitiesPassed=True
if not capabilitiesPassed:
if debug:
print('DEBUG: object capabilities check failed')
pprint(queueJson['post'])
os.remove(queueFilename)
queue.pop(0)
continue
# Try a few times to obtain the public key
pubKey=None
keyId=None
@ -465,6 +410,61 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [],cache
queue.pop(0)
continue
# get recipients list
recipientsDict=inboxPostRecipients(baseDir,queueJson['post'],httpPrefix,domain,port)
print('*************************************')
print('Resolved recipients list:')
pprint(recipientsDict)
print('*************************************')
# is this sent to the shared inbox? (actor is the 'inbox' account)
sentToSharedInbox=False
if queueJson['post'].get('actor'):
if queueJson['post']['actor'].endswith('/inbox'):
sentToSharedInbox=True
if sentToSharedInbox:
# if this is arriving at the shared inbox then
# don't do the capabilities checks
capabilitiesPassed=True
# TODO how to handle capabilities in the shared inbox scenario?
# should 'capability' be a list instead of a single value?
else:
# check that capabilities are accepted
capabilitiesPassed=False
if queueJson['post'].get('capability'):
if not isinstance(queueJson['post']['capability'], list):
if debug:
print('DEBUG: capability on post should be a list')
os.remove(queueFilename)
queue.pop(0)
continue
capabilityIdList=queueJson['post']['capability']
if capabilityIdList:
capabilitiesPassed= \
inboxCheckCapabilities(baseDir,queueJson['nickname'], \
queueJson['domain'], \
queueJson['post']['actor'], \
queue,queueJson, \
capabilityIdList[0],debug)
if ocapAlways and not capabilitiesPassed:
# Allow follow types through
# i.e. anyone can make a follow request
if queueJson['post'].get('type'):
if queueJson['post']['type']=='Follow' or \
queueJson['post']['type']=='Accept':
capabilitiesPassed=True
if not capabilitiesPassed:
if debug:
print('DEBUG: object capabilities check failed')
pprint(queueJson['post'])
os.remove(queueFilename)
queue.pop(0)
continue
if debug:
print('DEBUG: Queue post accepted')