forked from indymedia/epicyon
flake8 format
parent
3334cc0466
commit
d55fe8bb59
113
roles.py
113
roles.py
|
|
@ -6,9 +6,7 @@ __maintainer__="Bob Mottram"
|
||||||
__email__ = "bob@freedombone.net"
|
__email__ = "bob@freedombone.net"
|
||||||
__status__ = "Production"
|
__status__ = "Production"
|
||||||
|
|
||||||
import json
|
|
||||||
import os
|
import os
|
||||||
import time
|
|
||||||
from webfinger import webfingerHandle
|
from webfinger import webfingerHandle
|
||||||
from auth import createBasicAuthHeader
|
from auth import createBasicAuthHeader
|
||||||
from posts import getPersonBox
|
from posts import getPersonBox
|
||||||
|
|
@ -18,6 +16,7 @@ from utils import getDomainFromActor
|
||||||
from utils import loadJson
|
from utils import loadJson
|
||||||
from utils import saveJson
|
from utils import saveJson
|
||||||
|
|
||||||
|
|
||||||
def clearModeratorStatus(baseDir: str) -> None:
|
def clearModeratorStatus(baseDir: str) -> None:
|
||||||
"""Removes moderator status from all accounts
|
"""Removes moderator status from all accounts
|
||||||
This could be slow if there are many users, but only happens
|
This could be slow if there are many users, but only happens
|
||||||
|
|
@ -37,6 +36,7 @@ def clearModeratorStatus(baseDir: str) -> None:
|
||||||
actorJson['roles']['instance'].remove('moderator')
|
actorJson['roles']['instance'].remove('moderator')
|
||||||
saveJson(actorJson, filename)
|
saveJson(actorJson, filename)
|
||||||
|
|
||||||
|
|
||||||
def addModerator(baseDir: str, nickname: str, domain: str) -> None:
|
def addModerator(baseDir: str, nickname: str, domain: str) -> None:
|
||||||
"""Adds a moderator nickname to the file
|
"""Adds a moderator nickname to the file
|
||||||
"""
|
"""
|
||||||
|
|
@ -49,20 +49,23 @@ def addModerator(baseDir: str,nickname: str,domain: str) -> None:
|
||||||
lines = f.readlines()
|
lines = f.readlines()
|
||||||
for moderator in lines:
|
for moderator in lines:
|
||||||
moderator = moderator.strip('\n')
|
moderator = moderator.strip('\n')
|
||||||
if line==nickname:
|
if moderator == nickname:
|
||||||
return
|
return
|
||||||
lines.append(nickname)
|
lines.append(nickname)
|
||||||
with open(moderatorsFile, "w") as f:
|
with open(moderatorsFile, "w") as f:
|
||||||
for moderator in lines:
|
for moderator in lines:
|
||||||
moderator = moderator.strip('\n')
|
moderator = moderator.strip('\n')
|
||||||
if len(moderator) > 1:
|
if len(moderator) > 1:
|
||||||
if os.path.isdir(baseDir+'/accounts/'+moderator+'@'+domain):
|
if os.path.isdir(baseDir + '/accounts/' +
|
||||||
|
moderator + '@' + domain):
|
||||||
f.write(moderator + '\n')
|
f.write(moderator + '\n')
|
||||||
else:
|
else:
|
||||||
with open(moderatorsFile, "w+") as f:
|
with open(moderatorsFile, "w+") as f:
|
||||||
if os.path.isdir(baseDir+'/accounts/'+nickname+'@'+domain):
|
if os.path.isdir(baseDir + '/accounts/' +
|
||||||
|
nickname + '@' + domain):
|
||||||
f.write(nickname + '\n')
|
f.write(nickname + '\n')
|
||||||
|
|
||||||
|
|
||||||
def removeModerator(baseDir: str, nickname: str):
|
def removeModerator(baseDir: str, nickname: str):
|
||||||
"""Removes a moderator nickname from the file
|
"""Removes a moderator nickname from the file
|
||||||
"""
|
"""
|
||||||
|
|
@ -77,7 +80,8 @@ def removeModerator(baseDir: str,nickname: str):
|
||||||
if len(moderator) > 1 and moderator != nickname:
|
if len(moderator) > 1 and moderator != nickname:
|
||||||
f.write(moderator + '\n')
|
f.write(moderator + '\n')
|
||||||
|
|
||||||
def setRole(baseDir: str,nickname: str,domain: str, \
|
|
||||||
|
def setRole(baseDir: str, nickname: str, domain: str,
|
||||||
project: str, role: str) -> bool:
|
project: str, role: str) -> bool:
|
||||||
"""Set a person's role within a project
|
"""Set a person's role within a project
|
||||||
Setting the role to an empty string or None will remove it
|
Setting the role to an empty string or None will remove it
|
||||||
|
|
@ -85,7 +89,8 @@ def setRole(baseDir: str,nickname: str,domain: str, \
|
||||||
# avoid giant strings
|
# avoid giant strings
|
||||||
if len(role) > 128 or len(project) > 128:
|
if len(role) > 128 or len(project) > 128:
|
||||||
return False
|
return False
|
||||||
actorFilename=baseDir+'/accounts/'+nickname+'@'+domain+'.json'
|
actorFilename = baseDir + '/accounts/' + \
|
||||||
|
nickname + '@' + domain + '.json'
|
||||||
if not os.path.isfile(actorFilename):
|
if not os.path.isfile(actorFilename):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
@ -112,11 +117,13 @@ def setRole(baseDir: str,nickname: str,domain: str, \
|
||||||
saveJson(actorJson, actorFilename)
|
saveJson(actorJson, actorFilename)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def getRoles(baseDir: str,nickname: str,domain: str, \
|
|
||||||
|
def getRoles(baseDir: str, nickname: str, domain: str,
|
||||||
project: str) -> []:
|
project: str) -> []:
|
||||||
"""Returns the roles for a given person on a given project
|
"""Returns the roles for a given person on a given project
|
||||||
"""
|
"""
|
||||||
actorFilename=baseDir+'/accounts/'+nickname+'@'+domain+'.json'
|
actorFilename = baseDir + '/accounts/' + \
|
||||||
|
nickname + '@' + domain + '.json'
|
||||||
if not os.path.isfile(actorFilename):
|
if not os.path.isfile(actorFilename):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
@ -129,7 +136,9 @@ def getRoles(baseDir: str,nickname: str,domain: str, \
|
||||||
return actorJson['roles'][project]
|
return actorJson['roles'][project]
|
||||||
return None
|
return None
|
||||||
|
|
||||||
def outboxDelegate(baseDir: str,authenticatedNickname: str,messageJson: {},debug: bool) -> bool:
|
|
||||||
|
def outboxDelegate(baseDir: str, authenticatedNickname: str,
|
||||||
|
messageJson: {}, debug: bool) -> bool:
|
||||||
"""Handles receiving a delegation request
|
"""Handles receiving a delegation request
|
||||||
"""
|
"""
|
||||||
if not messageJson.get('type'):
|
if not messageJson.get('type'):
|
||||||
|
|
@ -163,16 +172,16 @@ def outboxDelegate(baseDir: str,authenticatedNickname: str,messageJson: {},debug
|
||||||
# instance delegators can delagate to other projects
|
# instance delegators can delagate to other projects
|
||||||
# than their own
|
# than their own
|
||||||
canDelegate = False
|
canDelegate = False
|
||||||
delegatorRoles=getRoles(baseDir,delegatorNickname, \
|
delegatorRoles = getRoles(baseDir, delegatorNickname,
|
||||||
domain, 'instance')
|
domain, 'instance')
|
||||||
if delegatorRoles:
|
if delegatorRoles:
|
||||||
if 'delegator' in delegatorRoles:
|
if 'delegator' in delegatorRoles:
|
||||||
canDelegate = True
|
canDelegate = True
|
||||||
|
|
||||||
if canDelegate==False:
|
if not canDelegate:
|
||||||
canDelegate = True
|
canDelegate = True
|
||||||
# non-instance delegators can only delegate within their project
|
# non-instance delegators can only delegate within their project
|
||||||
delegatorRoles=getRoles(baseDir,delegatorNickname, \
|
delegatorRoles = getRoles(baseDir, delegatorNickname,
|
||||||
domain, project)
|
domain, project)
|
||||||
if delegatorRoles:
|
if delegatorRoles:
|
||||||
if 'delegator' not in delegatorRoles:
|
if 'delegator' not in delegatorRoles:
|
||||||
|
|
@ -180,18 +189,15 @@ def outboxDelegate(baseDir: str,authenticatedNickname: str,messageJson: {},debug
|
||||||
else:
|
else:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
if canDelegate==False:
|
if not canDelegate:
|
||||||
return False
|
return False
|
||||||
nickname = getNicknameFromActor(messageJson['object']['actor'])
|
nickname = getNicknameFromActor(messageJson['object']['actor'])
|
||||||
if not nickname:
|
if not nickname:
|
||||||
print('WARN: unable to find nickname in '+messageJson['object']['actor'])
|
print('WARN: unable to find nickname in ' +
|
||||||
|
messageJson['object']['actor'])
|
||||||
return False
|
return False
|
||||||
domainFull=domain
|
role = \
|
||||||
if port:
|
messageJson['object']['object'].split(';')[1].strip().lower()
|
||||||
if port!=80 and port!=443:
|
|
||||||
if ':' not in domain:
|
|
||||||
domainFull=domain+':'+str(port)
|
|
||||||
role=messageJson['object']['object'].split(';')[1].strip().lower()
|
|
||||||
|
|
||||||
if not role:
|
if not role:
|
||||||
setRole(baseDir, nickname, domain, project, None)
|
setRole(baseDir, nickname, domain, project, None)
|
||||||
|
|
@ -202,19 +208,24 @@ def outboxDelegate(baseDir: str,authenticatedNickname: str,messageJson: {},debug
|
||||||
if existingRoles:
|
if existingRoles:
|
||||||
if role in existingRoles:
|
if role in existingRoles:
|
||||||
if debug:
|
if debug:
|
||||||
print(nickname+'@'+domain+' is already assigned to the role '+role+' within the project '+project)
|
print(nickname + '@' + domain +
|
||||||
|
' is already assigned to the role ' +
|
||||||
|
role + ' within the project ' + project)
|
||||||
return False
|
return False
|
||||||
setRole(baseDir, nickname, domain, project, role)
|
setRole(baseDir, nickname, domain, project, role)
|
||||||
if debug:
|
if debug:
|
||||||
print(nickname+'@'+domain+' assigned to the role '+role+' within the project '+project)
|
print(nickname + '@' + domain +
|
||||||
|
' assigned to the role ' + role +
|
||||||
|
' within the project ' + project)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def sendRoleViaServer(baseDir: str,session, \
|
|
||||||
delegatorNickname: str,password: str, \
|
def sendRoleViaServer(baseDir: str, session,
|
||||||
delegatorDomain: str,delegatorPort: int, \
|
delegatorNickname: str, password: str,
|
||||||
httpPrefix: str,nickname: str, \
|
delegatorDomain: str, delegatorPort: int,
|
||||||
project: str,role: str, \
|
httpPrefix: str, nickname: str,
|
||||||
cachedWebfingers: {},personCache: {}, \
|
project: str, role: str,
|
||||||
|
cachedWebfingers: {}, personCache: {},
|
||||||
debug: bool, projectVersion: str) -> {}:
|
debug: bool, projectVersion: str) -> {}:
|
||||||
"""A delegator creates a role for a person via c2s
|
"""A delegator creates a role for a person via c2s
|
||||||
Setting role to an empty string or None removes the role
|
Setting role to an empty string or None removes the role
|
||||||
|
|
@ -224,10 +235,11 @@ def sendRoleViaServer(baseDir: str,session, \
|
||||||
return 6
|
return 6
|
||||||
|
|
||||||
delegatorDomainFull = delegatorDomain
|
delegatorDomainFull = delegatorDomain
|
||||||
if fromPort:
|
if delegatorPort:
|
||||||
if fromPort!=80 and fromPort!=443:
|
if delegatorPort != 80 and delegatorPort != 443:
|
||||||
if ':' not in delegatorDomain:
|
if ':' not in delegatorDomain:
|
||||||
delegatorDomainFull=delegatorDomain+':'+str(fromPort)
|
delegatorDomainFull = \
|
||||||
|
delegatorDomain + ':' + str(delegatorPort)
|
||||||
|
|
||||||
toUrl = \
|
toUrl = \
|
||||||
httpPrefix + '://' + delegatorDomainFull + '/users/' + nickname
|
httpPrefix + '://' + delegatorDomainFull + '/users/' + nickname
|
||||||
|
|
@ -239,12 +251,17 @@ def sendRoleViaServer(baseDir: str,session, \
|
||||||
roleStr = project.lower() + ';' + role.lower()
|
roleStr = project.lower() + ';' + role.lower()
|
||||||
else:
|
else:
|
||||||
roleStr = project.lower() + ';'
|
roleStr = project.lower() + ';'
|
||||||
|
actor = \
|
||||||
|
httpPrefix + '://' + delegatorDomainFull + \
|
||||||
|
'/users/' + delegatorNickname
|
||||||
|
delegateActor = \
|
||||||
|
httpPrefix + '://' + delegatorDomainFull + '/users/' + nickname
|
||||||
newRoleJson = {
|
newRoleJson = {
|
||||||
'type': 'Delegate',
|
'type': 'Delegate',
|
||||||
'actor': httpPrefix+'://'+delegatorDomainFull+'/users/'+delegatorNickname,
|
'actor': actor,
|
||||||
'object': {
|
'object': {
|
||||||
'type': 'Role',
|
'type': 'Role',
|
||||||
'actor': httpPrefix+'://'+delegatorDomainFull+'/users/'+nickname,
|
'actor': delegateActor,
|
||||||
'object': roleStr,
|
'object': roleStr,
|
||||||
'to': [toUrl],
|
'to': [toUrl],
|
||||||
'cc': [ccUrl]
|
'cc': [ccUrl]
|
||||||
|
|
@ -253,10 +270,12 @@ def sendRoleViaServer(baseDir: str,session, \
|
||||||
'cc': [ccUrl]
|
'cc': [ccUrl]
|
||||||
}
|
}
|
||||||
|
|
||||||
handle=httpPrefix+'://'+delegatorDomainFull+'/@'+delegatorNickname
|
handle = \
|
||||||
|
httpPrefix + '://' + delegatorDomainFull + '/@' + delegatorNickname
|
||||||
|
|
||||||
# lookup the inbox for the To handle
|
# lookup the inbox for the To handle
|
||||||
wfRequest=webfingerHandle(session,handle,httpPrefix,cachedWebfingers, \
|
wfRequest = webfingerHandle(session, handle, httpPrefix,
|
||||||
|
cachedWebfingers,
|
||||||
delegatorDomain, projectVersion)
|
delegatorDomain, projectVersion)
|
||||||
if not wfRequest:
|
if not wfRequest:
|
||||||
if debug:
|
if debug:
|
||||||
|
|
@ -266,10 +285,14 @@ def sendRoleViaServer(baseDir: str,session, \
|
||||||
postToBox = 'outbox'
|
postToBox = 'outbox'
|
||||||
|
|
||||||
# get the actor inbox for the To handle
|
# get the actor inbox for the To handle
|
||||||
inboxUrl,pubKeyId,pubKey,fromPersonId,sharedInbox,capabilityAcquisition,avatarUrl,displayName= \
|
(inboxUrl, pubKeyId, pubKey,
|
||||||
getPersonBox(baseDir,session,wfRequest,personCache, \
|
fromPersonId, sharedInbox,
|
||||||
projectVersion,httpPrefix, \
|
capabilityAcquisition,
|
||||||
delegatorNickname,delegatorDomain,postToBox)
|
avatarUrl, displayName) = getPersonBox(baseDir, session,
|
||||||
|
wfRequest, personCache,
|
||||||
|
projectVersion, httpPrefix,
|
||||||
|
delegatorNickname,
|
||||||
|
delegatorDomain, postToBox)
|
||||||
|
|
||||||
if not inboxUrl:
|
if not inboxUrl:
|
||||||
if debug:
|
if debug:
|
||||||
|
|
@ -283,15 +306,15 @@ def sendRoleViaServer(baseDir: str,session, \
|
||||||
authHeader = createBasicAuthHeader(delegatorNickname, password)
|
authHeader = createBasicAuthHeader(delegatorNickname, password)
|
||||||
|
|
||||||
headers = {
|
headers = {
|
||||||
'host': delegatorDomain, \
|
'host': delegatorDomain,
|
||||||
'Content-type': 'application/json', \
|
'Content-type': 'application/json',
|
||||||
'Authorization': authHeader
|
'Authorization': authHeader
|
||||||
}
|
}
|
||||||
postResult = \
|
postResult = \
|
||||||
postJson(session, newRoleJson, [], inboxUrl, headers, "inbox:write")
|
postJson(session, newRoleJson, [], inboxUrl, headers, "inbox:write")
|
||||||
#if not postResult:
|
if not postResult:
|
||||||
# if debug:
|
if debug:
|
||||||
# print('DEBUG: POST announce failed for c2s to '+inboxUrl)
|
print('DEBUG: POST announce failed for c2s to '+inboxUrl)
|
||||||
# return 5
|
# return 5
|
||||||
|
|
||||||
if debug:
|
if debug:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue