forked from indymedia/epicyon
flake8 format
parent
3334cc0466
commit
d55fe8bb59
113
roles.py
113
roles.py
|
|
@ -6,9 +6,7 @@ __maintainer__="Bob Mottram"
|
|||
__email__ = "bob@freedombone.net"
|
||||
__status__ = "Production"
|
||||
|
||||
import json
|
||||
import os
|
||||
import time
|
||||
from webfinger import webfingerHandle
|
||||
from auth import createBasicAuthHeader
|
||||
from posts import getPersonBox
|
||||
|
|
@ -18,6 +16,7 @@ from utils import getDomainFromActor
|
|||
from utils import loadJson
|
||||
from utils import saveJson
|
||||
|
||||
|
||||
def clearModeratorStatus(baseDir: str) -> None:
|
||||
"""Removes moderator status from all accounts
|
||||
This could be slow if there are many users, but only happens
|
||||
|
|
@ -37,6 +36,7 @@ def clearModeratorStatus(baseDir: str) -> None:
|
|||
actorJson['roles']['instance'].remove('moderator')
|
||||
saveJson(actorJson, filename)
|
||||
|
||||
|
||||
def addModerator(baseDir: str, nickname: str, domain: str) -> None:
|
||||
"""Adds a moderator nickname to the file
|
||||
"""
|
||||
|
|
@ -49,20 +49,23 @@ def addModerator(baseDir: str,nickname: str,domain: str) -> None:
|
|||
lines = f.readlines()
|
||||
for moderator in lines:
|
||||
moderator = moderator.strip('\n')
|
||||
if line==nickname:
|
||||
if moderator == nickname:
|
||||
return
|
||||
lines.append(nickname)
|
||||
with open(moderatorsFile, "w") as f:
|
||||
for moderator in lines:
|
||||
moderator = moderator.strip('\n')
|
||||
if len(moderator) > 1:
|
||||
if os.path.isdir(baseDir+'/accounts/'+moderator+'@'+domain):
|
||||
if os.path.isdir(baseDir + '/accounts/' +
|
||||
moderator + '@' + domain):
|
||||
f.write(moderator + '\n')
|
||||
else:
|
||||
with open(moderatorsFile, "w+") as f:
|
||||
if os.path.isdir(baseDir+'/accounts/'+nickname+'@'+domain):
|
||||
if os.path.isdir(baseDir + '/accounts/' +
|
||||
nickname + '@' + domain):
|
||||
f.write(nickname + '\n')
|
||||
|
||||
|
||||
def removeModerator(baseDir: str, nickname: str):
|
||||
"""Removes a moderator nickname from the file
|
||||
"""
|
||||
|
|
@ -77,7 +80,8 @@ def removeModerator(baseDir: str,nickname: str):
|
|||
if len(moderator) > 1 and moderator != nickname:
|
||||
f.write(moderator + '\n')
|
||||
|
||||
def setRole(baseDir: str,nickname: str,domain: str, \
|
||||
|
||||
def setRole(baseDir: str, nickname: str, domain: str,
|
||||
project: str, role: str) -> bool:
|
||||
"""Set a person's role within a project
|
||||
Setting the role to an empty string or None will remove it
|
||||
|
|
@ -85,7 +89,8 @@ def setRole(baseDir: str,nickname: str,domain: str, \
|
|||
# avoid giant strings
|
||||
if len(role) > 128 or len(project) > 128:
|
||||
return False
|
||||
actorFilename=baseDir+'/accounts/'+nickname+'@'+domain+'.json'
|
||||
actorFilename = baseDir + '/accounts/' + \
|
||||
nickname + '@' + domain + '.json'
|
||||
if not os.path.isfile(actorFilename):
|
||||
return False
|
||||
|
||||
|
|
@ -112,11 +117,13 @@ def setRole(baseDir: str,nickname: str,domain: str, \
|
|||
saveJson(actorJson, actorFilename)
|
||||
return True
|
||||
|
||||
def getRoles(baseDir: str,nickname: str,domain: str, \
|
||||
|
||||
def getRoles(baseDir: str, nickname: str, domain: str,
|
||||
project: str) -> []:
|
||||
"""Returns the roles for a given person on a given project
|
||||
"""
|
||||
actorFilename=baseDir+'/accounts/'+nickname+'@'+domain+'.json'
|
||||
actorFilename = baseDir + '/accounts/' + \
|
||||
nickname + '@' + domain + '.json'
|
||||
if not os.path.isfile(actorFilename):
|
||||
return False
|
||||
|
||||
|
|
@ -129,7 +136,9 @@ def getRoles(baseDir: str,nickname: str,domain: str, \
|
|||
return actorJson['roles'][project]
|
||||
return None
|
||||
|
||||
def outboxDelegate(baseDir: str,authenticatedNickname: str,messageJson: {},debug: bool) -> bool:
|
||||
|
||||
def outboxDelegate(baseDir: str, authenticatedNickname: str,
|
||||
messageJson: {}, debug: bool) -> bool:
|
||||
"""Handles receiving a delegation request
|
||||
"""
|
||||
if not messageJson.get('type'):
|
||||
|
|
@ -163,16 +172,16 @@ def outboxDelegate(baseDir: str,authenticatedNickname: str,messageJson: {},debug
|
|||
# instance delegators can delagate to other projects
|
||||
# than their own
|
||||
canDelegate = False
|
||||
delegatorRoles=getRoles(baseDir,delegatorNickname, \
|
||||
delegatorRoles = getRoles(baseDir, delegatorNickname,
|
||||
domain, 'instance')
|
||||
if delegatorRoles:
|
||||
if 'delegator' in delegatorRoles:
|
||||
canDelegate = True
|
||||
|
||||
if canDelegate==False:
|
||||
if not canDelegate:
|
||||
canDelegate = True
|
||||
# non-instance delegators can only delegate within their project
|
||||
delegatorRoles=getRoles(baseDir,delegatorNickname, \
|
||||
delegatorRoles = getRoles(baseDir, delegatorNickname,
|
||||
domain, project)
|
||||
if delegatorRoles:
|
||||
if 'delegator' not in delegatorRoles:
|
||||
|
|
@ -180,18 +189,15 @@ def outboxDelegate(baseDir: str,authenticatedNickname: str,messageJson: {},debug
|
|||
else:
|
||||
return False
|
||||
|
||||
if canDelegate==False:
|
||||
if not canDelegate:
|
||||
return False
|
||||
nickname = getNicknameFromActor(messageJson['object']['actor'])
|
||||
if not nickname:
|
||||
print('WARN: unable to find nickname in '+messageJson['object']['actor'])
|
||||
print('WARN: unable to find nickname in ' +
|
||||
messageJson['object']['actor'])
|
||||
return False
|
||||
domainFull=domain
|
||||
if port:
|
||||
if port!=80 and port!=443:
|
||||
if ':' not in domain:
|
||||
domainFull=domain+':'+str(port)
|
||||
role=messageJson['object']['object'].split(';')[1].strip().lower()
|
||||
role = \
|
||||
messageJson['object']['object'].split(';')[1].strip().lower()
|
||||
|
||||
if not role:
|
||||
setRole(baseDir, nickname, domain, project, None)
|
||||
|
|
@ -202,19 +208,24 @@ def outboxDelegate(baseDir: str,authenticatedNickname: str,messageJson: {},debug
|
|||
if existingRoles:
|
||||
if role in existingRoles:
|
||||
if debug:
|
||||
print(nickname+'@'+domain+' is already assigned to the role '+role+' within the project '+project)
|
||||
print(nickname + '@' + domain +
|
||||
' is already assigned to the role ' +
|
||||
role + ' within the project ' + project)
|
||||
return False
|
||||
setRole(baseDir, nickname, domain, project, role)
|
||||
if debug:
|
||||
print(nickname+'@'+domain+' assigned to the role '+role+' within the project '+project)
|
||||
print(nickname + '@' + domain +
|
||||
' assigned to the role ' + role +
|
||||
' within the project ' + project)
|
||||
return True
|
||||
|
||||
def sendRoleViaServer(baseDir: str,session, \
|
||||
delegatorNickname: str,password: str, \
|
||||
delegatorDomain: str,delegatorPort: int, \
|
||||
httpPrefix: str,nickname: str, \
|
||||
project: str,role: str, \
|
||||
cachedWebfingers: {},personCache: {}, \
|
||||
|
||||
def sendRoleViaServer(baseDir: str, session,
|
||||
delegatorNickname: str, password: str,
|
||||
delegatorDomain: str, delegatorPort: int,
|
||||
httpPrefix: str, nickname: str,
|
||||
project: str, role: str,
|
||||
cachedWebfingers: {}, personCache: {},
|
||||
debug: bool, projectVersion: str) -> {}:
|
||||
"""A delegator creates a role for a person via c2s
|
||||
Setting role to an empty string or None removes the role
|
||||
|
|
@ -224,10 +235,11 @@ def sendRoleViaServer(baseDir: str,session, \
|
|||
return 6
|
||||
|
||||
delegatorDomainFull = delegatorDomain
|
||||
if fromPort:
|
||||
if fromPort!=80 and fromPort!=443:
|
||||
if delegatorPort:
|
||||
if delegatorPort != 80 and delegatorPort != 443:
|
||||
if ':' not in delegatorDomain:
|
||||
delegatorDomainFull=delegatorDomain+':'+str(fromPort)
|
||||
delegatorDomainFull = \
|
||||
delegatorDomain + ':' + str(delegatorPort)
|
||||
|
||||
toUrl = \
|
||||
httpPrefix + '://' + delegatorDomainFull + '/users/' + nickname
|
||||
|
|
@ -239,12 +251,17 @@ def sendRoleViaServer(baseDir: str,session, \
|
|||
roleStr = project.lower() + ';' + role.lower()
|
||||
else:
|
||||
roleStr = project.lower() + ';'
|
||||
actor = \
|
||||
httpPrefix + '://' + delegatorDomainFull + \
|
||||
'/users/' + delegatorNickname
|
||||
delegateActor = \
|
||||
httpPrefix + '://' + delegatorDomainFull + '/users/' + nickname
|
||||
newRoleJson = {
|
||||
'type': 'Delegate',
|
||||
'actor': httpPrefix+'://'+delegatorDomainFull+'/users/'+delegatorNickname,
|
||||
'actor': actor,
|
||||
'object': {
|
||||
'type': 'Role',
|
||||
'actor': httpPrefix+'://'+delegatorDomainFull+'/users/'+nickname,
|
||||
'actor': delegateActor,
|
||||
'object': roleStr,
|
||||
'to': [toUrl],
|
||||
'cc': [ccUrl]
|
||||
|
|
@ -253,10 +270,12 @@ def sendRoleViaServer(baseDir: str,session, \
|
|||
'cc': [ccUrl]
|
||||
}
|
||||
|
||||
handle=httpPrefix+'://'+delegatorDomainFull+'/@'+delegatorNickname
|
||||
handle = \
|
||||
httpPrefix + '://' + delegatorDomainFull + '/@' + delegatorNickname
|
||||
|
||||
# lookup the inbox for the To handle
|
||||
wfRequest=webfingerHandle(session,handle,httpPrefix,cachedWebfingers, \
|
||||
wfRequest = webfingerHandle(session, handle, httpPrefix,
|
||||
cachedWebfingers,
|
||||
delegatorDomain, projectVersion)
|
||||
if not wfRequest:
|
||||
if debug:
|
||||
|
|
@ -266,10 +285,14 @@ def sendRoleViaServer(baseDir: str,session, \
|
|||
postToBox = 'outbox'
|
||||
|
||||
# get the actor inbox for the To handle
|
||||
inboxUrl,pubKeyId,pubKey,fromPersonId,sharedInbox,capabilityAcquisition,avatarUrl,displayName= \
|
||||
getPersonBox(baseDir,session,wfRequest,personCache, \
|
||||
projectVersion,httpPrefix, \
|
||||
delegatorNickname,delegatorDomain,postToBox)
|
||||
(inboxUrl, pubKeyId, pubKey,
|
||||
fromPersonId, sharedInbox,
|
||||
capabilityAcquisition,
|
||||
avatarUrl, displayName) = getPersonBox(baseDir, session,
|
||||
wfRequest, personCache,
|
||||
projectVersion, httpPrefix,
|
||||
delegatorNickname,
|
||||
delegatorDomain, postToBox)
|
||||
|
||||
if not inboxUrl:
|
||||
if debug:
|
||||
|
|
@ -283,15 +306,15 @@ def sendRoleViaServer(baseDir: str,session, \
|
|||
authHeader = createBasicAuthHeader(delegatorNickname, password)
|
||||
|
||||
headers = {
|
||||
'host': delegatorDomain, \
|
||||
'Content-type': 'application/json', \
|
||||
'host': delegatorDomain,
|
||||
'Content-type': 'application/json',
|
||||
'Authorization': authHeader
|
||||
}
|
||||
postResult = \
|
||||
postJson(session, newRoleJson, [], inboxUrl, headers, "inbox:write")
|
||||
#if not postResult:
|
||||
# if debug:
|
||||
# print('DEBUG: POST announce failed for c2s to '+inboxUrl)
|
||||
if not postResult:
|
||||
if debug:
|
||||
print('DEBUG: POST announce failed for c2s to '+inboxUrl)
|
||||
# return 5
|
||||
|
||||
if debug:
|
||||
|
|
|
|||
Loading…
Reference in New Issue