def allowed_status_keys(self): """Return the subset of IStatusUpdate keys that are related to UUIDs of accessible contexts. I.e. blacklist all IStatusUpdate that has a context which we don't have permission to access. This is the key security protection used by all getters. Because it's called a lot we're caching results per user request. """ uuid_blacklist = self._blacklist_microblogcontext_uuids() if not uuid_blacklist: return self._status_mapping.keys() else: # for each uid, expand uid into set of statusids blacklisted_treesets = (self._uuid_mapping.get(uuid) for uuid in uuid_blacklist if uuid in self._uuid_mapping.keys()) # merge sets of blacklisted statusids into single blacklist blacklisted_statusids = reduce(LLBTree.union, blacklisted_treesets, LLBTree.TreeSet()) # subtract blacklisted statusids from all statusids all_statusids = LLBTree.LLSet(self._status_mapping.keys()) return LLBTree.difference(all_statusids, blacklisted_statusids) return self._allowed_status_keys()
def _allowed_status_keys(self, uuid_blacklist=[]): if not uuid_blacklist: return self._status_mapping.keys() else: # for each uid, expand uid into set of statusids blacklisted_treesets = (self._uuid_mapping.get(uuid) for uuid in uuid_blacklist if uuid in self._uuid_mapping.keys()) # merge sets of blacklisted statusids into single blacklist blacklisted_statusids = reduce(LLBTree.union, blacklisted_treesets, LLBTree.TreeSet()) # subtract blacklisted statusids from all statusids all_statusids = LLBTree.LLSet(self._status_mapping.keys()) return LLBTree.difference(all_statusids, blacklisted_statusids)