From 350d4d7260c32e8daa59ffe4902f37d7d02dbe52 Mon Sep 17 00:00:00 2001 From: Andrew Resch Date: Sat, 4 Sep 2010 12:31:27 -0700 Subject: [PATCH] Add rpc to check if authorized to call a rpc: daemon.authorized_call() --- deluge/core/daemon.py | 15 +++++++++++++++ deluge/core/rpcserver.py | 18 ++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/deluge/core/daemon.py b/deluge/core/daemon.py index a943ac71d..44b7912e5 100644 --- a/deluge/core/daemon.py +++ b/deluge/core/daemon.py @@ -204,3 +204,18 @@ class Daemon(object): Returns a list of the exported methods. """ return self.rpcserver.get_method_list() + + @export(1) + def authorized_call(self, rpc): + """ + Returns True if authorized to call rpc. + + :param rpc: a rpc, eg, "core.get_torrents_status" + :type rpc: string + + """ + if not rpc in self.get_method_list(): + return False + + auth_level = self.rpcserver.get_session_auth_level() + return auth_level >= self.rpcserver.get_rpc_auth_level() diff --git a/deluge/core/rpcserver.py b/deluge/core/rpcserver.py index 3ef39e80a..ef088fe5b 100644 --- a/deluge/core/rpcserver.py +++ b/deluge/core/rpcserver.py @@ -443,6 +443,24 @@ class RPCServer(component.Component): # No connections made yet return "" + def get_session_auth_level(self): + """ + Returns the auth level of the user calling the current RPC. + + :returns: the auth level + :rtype: int + """ + return self.factory.authorized_sessions[self.get_session_id()][0] + + def get_rpc_auth_level(self, rpc): + """ + Returns the auth level requirement for an exported rpc. + + :returns: the auth level + :rtype: int + """ + self.factory.methods[rpc]._rpcserver_auth_level + def is_session_valid(self, session_id): """ Checks if the session is still valid, eg, if the client is still connected.