we can now synchronize using encrypted messages with gpg

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@599 20353a03-c40f-0410-a6d1-a30d3c3de9de

product/ERP5SyncML/Publication.py

@@ -97,7 +97,7 @@ class Publication(Subscription):
   list_subscribers = PersistentMapping()
 
   # Constructor
-  def __init__(self, id, publication_url, destination_path, query, xml_mapping):
+  def __init__(self, id, publication_url, destination_path, query, xml_mapping, gpg_key):
     """
       constructor
     """
@@ -108,6 +108,7 @@ class Publication(Subscription):
     self.xml_mapping = xml_mapping
     self.list_subscribers = PersistentMapping()
     self.domain_type = self.PUB
+    self.gpg_key = gpg_key
     self.setGidGenerator(None)
     self.setIdGenerator(None)
 

product/ERP5SyncML/Subscription.py

@@ -407,20 +407,6 @@ class Signature(SyncCode):
     if conflict_list is None or conflict_list==[]:
       self.resetConflictList()
     else:
-      #new_conflict_list = []
-      # If two conflicts are on the same objects, then
-      # we join them, so we have a conflict with many xupdate
-#       for conflict in conflict_list:
-#         found = None
-#         for n_conflict in new_conflict_list:
-#           if n_conflict.getObjectPath() == conflict.getObjectPath():
-#             found = n_conflict
-#         LOG('setConflictList, found',0,found)
-#         if found == None:
-#           new_conflict_list += [conflict]
-#         else:
-#           n_conflict.setXupdate(conflict.getXupdateList())
-      #self.conflict_list = new_conflict_list
       self.conflict_list = conflict_list
 
   def delConflict(self, conflict):
@@ -456,6 +442,8 @@ class Subscription(SyncCode, Implicit):
 
     xml_mapping -- a PageTemplate to map documents to XML
 
+    gpg_key -- the name of a gpg key to use
+
     Subscription also holds private data to manage
     the synchronisation. We choose to keep an MD5 value for
     all documents which belong to the synchronisation process::
@@ -475,7 +463,7 @@ class Subscription(SyncCode, Implicit):
   signatures = PersistentMapping()
 
   # Constructor
-  def __init__(self, id, publication_url, subscription_url, destination_path, query, xml_mapping):
+  def __init__(self, id, publication_url, subscription_url, destination_path, query, xml_mapping, gpg_key):
     """
       We need to create a dictionnary of
       signatures of documents which belong to the synchronisation
@@ -493,6 +481,7 @@ class Subscription(SyncCode, Implicit):
     self.last_anchor = '00000000T000000Z'
     self.next_anchor = '00000000T000000Z'
     self.domain_type = self.SUB
+    self.gpg_key = gpg_key
     self.setGidGenerator(None)
     self.setIdGenerator(None)
 
@@ -557,6 +546,12 @@ class Subscription(SyncCode, Implicit):
     """
     return self.query
 
+  def getGPGKey(self):
+    """
+      return the gnupg key name
+    """
+    return getattr(self,'gpg_key','')
+
   def setQuery(self, query):
     """
       set the query

product/ERP5SyncML/SubscriptionSynchronization.py

@@ -112,12 +112,11 @@ class SubscriptionSynchronization(XMLSyncUtils):
     return self.SyncModif(subscription, xml_client)
 
 
-  def SubLastSync(self, subscription, xml_client=None, RESPONSE=None):
-    """
-      Now we can read the last response of the server
-    """
-    self.SyncModif(subscription,xml_client)
-
-    if RESPONSE is not None:
-      RESPONSE.redirect('manageSubscriptions')
+  #def SubLastSync(self, subscription, xml_client=None, RESPONSE=None):
+  #  """
+  #    Now we can read the last response of the server
+  #  """
+  #  self.SyncModif(subscription,xml_client)
+  #  if RESPONSE is not None:
+  #    RESPONSE.redirect('manageSubscriptions')
 

product/ERP5SyncML/SynchronizationTool.py

@@ -48,6 +48,8 @@ from AccessControl.User import UnrestrictedUser
 #import StringIO
 import urllib
 import string
+import commands
+import random
 from zLOG import *
 
 
@@ -147,12 +149,12 @@ class SynchronizationTool( UniqueObject, SimpleItem,
 
   security.declareProtected(Permissions.ModifyPortalContent, 'manage_addPublication')
   def manage_addPublication(self, id, publication_url, destination_path,
-            query, xml_mapping, RESPONSE=None):
+            query, xml_mapping, gpg_key, RESPONSE=None):
     """
       create a new publication
     """
     pub = Publication(id, publication_url, destination_path,
-                      query, xml_mapping)
+                      query, xml_mapping, gpg_key)
     if len(self.list_publications) == 0:
       self.list_publications = PersistentMapping()
     self.list_publications[id] = pub
@@ -161,13 +163,13 @@ class SynchronizationTool( UniqueObject, SimpleItem,
 
   security.declareProtected(Permissions.ModifyPortalContent, 'manage_addSubscription')
   def manage_addSubscription(self, id, publication_url, subscription_url,
-                       destination_path, query, xml_mapping, RESPONSE=None):
+                       destination_path, query, xml_mapping, gpg_key, RESPONSE=None):
     """
       XXX should be renamed as addSubscription
       create a new subscription
     """
     sub = Subscription(id, publication_url, subscription_url,
-                       destination_path, query, xml_mapping)
+                       destination_path, query, xml_mapping, gpg_key)
     if len(self.list_subscriptions) == 0:
       self.list_subscriptions = PersistentMapping()
     self.list_subscriptions[id] = sub
@@ -176,24 +178,24 @@ class SynchronizationTool( UniqueObject, SimpleItem,
 
   security.declareProtected(Permissions.ModifyPortalContent, 'manage_editPublication')
   def manage_editPublication(self, id, publication_url, destination_path,
-                       query, xml_mapping, RESPONSE=None):
+                       query, xml_mapping, gpg_key, RESPONSE=None):
     """
       modify a publication
     """
     pub = Publication(id, publication_url, destination_path,
-                      query, xml_mapping)
+                      query, xml_mapping, gpg_key)
     self.list_publications[id] = pub
     if RESPONSE is not None:
       RESPONSE.redirect('managePublications')
 
   security.declareProtected(Permissions.ModifyPortalContent, 'manage_editSubscription')
   def manage_editSubscription(self, id, publication_url, subscription_url,
-             destination_path, query, xml_mapping, RESPONSE=None):
+             destination_path, query, xml_mapping, gpg_key, RESPONSE=None):
     """
       modify a subscription
     """
     sub = Subscription(id, publication_url, subscription_url,
-                       destination_path, query, xml_mapping)
+                       destination_path, query, xml_mapping, gpg_key)
     self.list_subscriptions[id] = sub
     if RESPONSE is not None:
       RESPONSE.redirect('manageSubscriptions')
@@ -524,6 +526,20 @@ class SynchronizationTool( UniqueObject, SimpleItem,
     LOG('sendResponse, from_url: ',0,from_url)
     LOG('sendResponse, sync_id: ',0,sync_id)
     LOG('sendResponse, xml: ',0,xml)
+    if domain is not None:
+      gpg_key = domain.getGPGKey()
+      if gpg_key not in ('',None):
+        filename = str(random.randrange(1,2147483600)) + '.txt'
+        decrypted = file('/tmp/%s' % filename,'w')
+        decrypted.write(xml)
+        decrypted.close()
+        (status,output)=commands.getstatusoutput('gpg --yes --homedir /var/lib/zope/Products/ERP5SyncML/gnupg_keys -r "%s" -se /tmp/%s' % (gpg_key,filename))
+        LOG('readResponse, gpg output:',0,output)
+        encrypted = file('/tmp/%s.gpg' % filename,'r')
+        xml = encrypted.read()
+        encrypted.close()
+        commands.getstatusoutput('rm -f /tmp/%s' % filename)
+        commands.getstatusoutput('rm -f /tmp/%s.gpg' % filename)
     if type(to_url) is type('a'):
       if to_url.find('http://')==0:
         # we will send an http response
@@ -578,6 +594,30 @@ class SynchronizationTool( UniqueObject, SimpleItem,
     newSecurityManager(None, user)
 
     if text is not None:
+      # XXX We will look everywhere for a publication/subsription with
+      # the id sync_id, this is not so good, but there is no way yet
+      # to know if we will call a publication or subscription XXX
+      gpg_key = ''
+      for publication in self.getPublicationList():
+        if publication.getId()==sync_id:
+          gpg_key = publication.getGPGKey()
+      if gpg_key == '':
+        for subscription in self.getSubscriptionList():
+          if subscription.getId()==sync_id:
+            gpg_key = subscription.getGPGKey()
+      # decrypt the message if needed
+      if gpg_key not in (None,''):
+        filename = str(random.randrange(1,2147483600)) + '.txt'
+        encrypted = file('/tmp/%s.gpg' % filename,'w')
+        encrypted.write(text)
+        encrypted.close()
+        (status,output)=commands.getstatusoutput('gpg --homedir /var/lib/zope/Products/ERP5SyncML/gnupg_keys -r "%s"  --decrypt /tmp/%s.gpg > /tmp/%s' % (gpg_key,filename,filename))
+        LOG('readResponse, gpg output:',0,output)
+        decrypted = file('/tmp/%s' % filename,'r')
+        text = decrypted.read()
+        decrypted.close()
+        commands.getstatusoutput('rm -f /tmp/%s' % filename)
+        commands.getstatusoutput('rm -f /tmp/%s.gpg' % filename)
       # Get the target and then find the corresponding publication or
       # Subscription
       xml = FromXml(text)

product/ERP5SyncML/dtml/managePublications.dtml

@@ -87,6 +87,16 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
         <input type="text" name="xml_mapping" value="<dtml-var getXMLMapping>" size="40" />
         </td>
       </tr>
+      <tr>
+        <td align="left" valign="top">
+        <div class="form-label">
+        GPG key name
+        </label></div>
+        </td>
+        <td align="left" valign="top">
+        <input type="text" name="gpg_key" value="<dtml-var getGPGKey>" size="40" />
+        </td>
+      </tr>
     </table>
     <table>
       <tr>
@@ -94,12 +104,6 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
         <input type="submit" name="submit" value=" Change " />
         </form>
         </td>
-        <form action="PubSync" method="POST">
-        <td align="left" valign="top">
-        <input type="submit" value=" SyncTemp ">
-        <input type="hidden" name="id" value="<dtml-var getId>" >
-        <!--input type="hidden" name="subscription" value="<dtml-var getSubscriptionList>" -->
-        </form>
         <form action="manage_resetPublication" method="POST">
         <td align="left" valign="top">
         <input type="submit" value=" Reset ">

product/ERP5SyncML/dtml/manageSubscriptions.dtml

@@ -97,6 +97,16 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
         <input type="text" name="xml_mapping" value="<dtml-var getXMLMapping>" size="40" />
         </td>
       </tr>
+      <tr>
+        <td align="left" valign="top">
+        <div class="form-label">
+        GPG key name
+        </label></div>
+        </td>
+        <td align="left" valign="top">
+        <input type="text" name="gpg_key" value="<dtml-var getGPGKey>" size="40" />
+        </td>
+      </tr>
     </table>
     <table>
       <tr>
@@ -109,11 +119,6 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
         <input type="submit" value=" Sync ">
         <input type="hidden" name="id" value="<dtml-var getId>" >
         </form>
-        <form action="SubLastSync" method="POST">
-        <td align="left" valign="top">
-        <input type="submit" value=" LastSync ">
-        <input type="hidden" name="id" value="<dtml-var getId>" >
-        </form>
         <form action="manage_resetSubscription" method="POST">
         <td align="left" valign="top">
         <input type="submit" value=" Reset ">

product/ERP5SyncML/dtml/manage_addPublication.dtml

@@ -83,6 +83,16 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
     <input type="text" name="xml_mapping" size="40" />
     </td>
   </tr>
+  <tr>
+    <td align="left" valign="top">
+    <div class="form-label">
+    GPG key name
+    </label></div>
+    </td>
+    <td align="left" valign="top">
+    <input type="text" name="gpg_key" size="40" />
+    </td>
+  </tr>
   <tr>
     <td align="left" valign="top">
     </td>