# HG changeset patch # User Thierry Florac # Date 1561027885 -7200 # Node ID 5f2f72c00120502c326799b6620231c51c944b8e # Parent 03c3572a16ad599e022202d7a233bb203e92ba8f Check authentication while subscribing to notifications diff -r 03c3572a16ad -r 5f2f72c00120 src/pyams_notify_ws/locales/fr/LC_MESSAGES/pyams_notify_ws.mo Binary file src/pyams_notify_ws/locales/fr/LC_MESSAGES/pyams_notify_ws.mo has changed diff -r 03c3572a16ad -r 5f2f72c00120 src/pyams_notify_ws/locales/fr/LC_MESSAGES/pyams_notify_ws.po --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/pyams_notify_ws/locales/fr/LC_MESSAGES/pyams_notify_ws.po Thu Jun 20 12:51:25 2019 +0200 @@ -0,0 +1,32 @@ +# +# SOME DESCRIPTIVE TITLE +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , 2019. +msgid "" +msgstr "" +"Project-Id-Version: pyams_notify_ws 1.0\n" +"POT-Creation-Date: 2019-06-20 12:32+0200\n" +"PO-Revision-Date: 2019-06-20 12:32+0200\n" +"Last-Translator: Thierry Florac \n" +"Language-Team: French \n" +"Language: French\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Generated-By: Lingua 3.10.dev0\n" + +#: src/pyams_notify_ws/subscribe.py:73 +msgid "API Error" +msgstr "API Error" + +#: src/pyams_notify_ws/subscribe.py:74 +msgid "Missing principal argument!" +msgstr "Paramètre manquant !" + +#: src/pyams_notify_ws/subscribe.py:78 +msgid "Authentication Error" +msgstr "Authentication Error" + +#: src/pyams_notify_ws/subscribe.py:79 +msgid "Can't subscribe to notifications!" +msgstr "Impossible de souscrire aux notifications sans authentification !" diff -r 03c3572a16ad -r 5f2f72c00120 src/pyams_notify_ws/locales/pyams_notify_ws.pot --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/pyams_notify_ws/locales/pyams_notify_ws.pot Thu Jun 20 12:51:25 2019 +0200 @@ -0,0 +1,33 @@ +# +# SOME DESCRIPTIVE TITLE +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , 2019. +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE 1.0\n" +"POT-Creation-Date: 2019-06-20 12:32+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Generated-By: Lingua 3.10.dev0\n" + +#: ./src/pyams_notify_ws/subscribe.py:73 +msgid "API Error" +msgstr "" + +#: ./src/pyams_notify_ws/subscribe.py:74 +msgid "Missing principal argument!" +msgstr "" + +#: ./src/pyams_notify_ws/subscribe.py:78 +msgid "Authentication Error" +msgstr "" + +#: ./src/pyams_notify_ws/subscribe.py:79 +msgid "Can't subscribe to notifications!" +msgstr "" diff -r 03c3572a16ad -r 5f2f72c00120 src/pyams_notify_ws/subscribe.py --- a/src/pyams_notify_ws/subscribe.py Thu Jun 20 12:50:23 2019 +0200 +++ b/src/pyams_notify_ws/subscribe.py Thu Jun 20 12:51:25 2019 +0200 @@ -12,18 +12,15 @@ __docformat__ = 'restructuredtext' - -# import standard library import asyncio import json -# import interfaces - -# import packages from aiopyramid.websocket.config.gunicorn import WebsocketMapper from aiopyramid.websocket.view import WebsocketConnectionView from pyramid.view import view_config +from pyams_notify_ws import _ + users_lock = asyncio.Lock() users = {} @@ -69,14 +66,22 @@ else: action = message.get('action') if action == 'subscribe': - if not message.get('principal'): + principal = message.get('principal') + translate = self.request.localizer.translate + if not principal: await self.ws.send(json.dumps({'status': 'error', - 'message': "Missing 'principal' argument"})) + 'error': translate(_("API Error")), + 'message': translate(_("Missing principal argument!"))})) + return + if self.request.unauthenticated_userid != principal.get('id'): + await self.ws.send(json.dumps({'status': 'error', + 'error': translate(_("Authentication Error")), + 'message': translate(_("Can't subscribe to notifications!"))})) return async with users_lock: subscription = users.get(self.ws) if subscription is None: - subscription = WebsocketSubscription(message.get('principal')) + subscription = WebsocketSubscription(principal) subscription.update_contexts(message.get('context')) users[self.ws] = subscription