Switch to slack_sdk and add support to ignore users and send files (#428

) * Switch to slack_sdk, various extensions * Use Slack Events API * Added file upload support * Ignore users via config setting * Bump version for upcoming release * pep8 compliance * Drop support for python 2.7 * Whole lot of housekeeping Co-authored-by: Brian Gallew <[email protected]>
skoczen · Mar 19, 2021 · a30b7c0 · a30b7c0
1 parent 8948176
commit a30b7c0
Show file tree

Hide file tree

Showing 12 changed files with 585 additions and 397 deletions.
diff --git a/docs/config.md b/docs/config.md
@@ -51,6 +51,7 @@ Config.py is where all of your non-sensitive settings should go.   This includes
 - `ENABLE_INTERNAL_ENCRYPTION`: the option to turn off internal encryption (not recommended, but you can do it.)
 - `PROXY_URL`: Proxy server to use, consider exporting it as `WILL_PROXY_URL` environment variable, if it contains sensitive information
 - `ACL`: Define arbitrary groups of users which can be used to restrict access to certain Will commands. See [access control](plugins/builtins/#access-control) for details.
+- `IGNORED_USERS`: A list of Slack userids which should be ignored.  Particularly useful to prevent bots from talking to each other.  Slack only.
 - and all of your non-sensitive plugin settings.
 
 

diff --git a/will/__init__.py b/will/__init__.py
@@ -1 +1 @@
-VERSION = "2.1.3"
+VERSION = "2.2.0"
diff --git a/will/backends/encryption/aes.py b/will/backends/encryption/aes.py
@@ -1,65 +1,67 @@
+'Encrypt stored data'
+
 import binascii
-import base64
-import codecs
-import dill as pickle
 import hashlib
 import logging
-from Crypto.Cipher import AES
-import random
 import os
-import traceback
+
+import dill as pickle
+from Crypto.Cipher import AES
 
 from will import settings
 from will.backends.encryption.base import WillBaseEncryptionBackend
 
+# pylint: disable=no-member
 
 BS = 16
 key = hashlib.sha256(settings.SECRET_KEY.encode("utf-8")).digest()
 
 
-def pad(s):
-    s = "%s%s" % (s.decode("utf-8"), ((BS - len(s) % BS) * "~"))
-    return s
+def pad(s: bytes) -> str:
+    '''Ensure the data to be encrypted has sufficient padding.
+    Arbitrarily adding ~ to the end, so your message better not end with ~.'''
+    return "%s%s" % (s.decode("utf-8"), ((BS - len(s) % BS) * "~"))
 
 
-def unpad(s):
-    while s.endswith(str.encode("~")):
-        s = s[:-1]
-    return s
+def unpad(s: bytes) -> bytes:
+    'Removes all ~ on the end of the message.'
+    return s.rstrip(b'~')
 
 
 class AESEncryption(WillBaseEncryptionBackend):
-
-    @classmethod
-    def encrypt_to_b64(cls, raw):
+    'AES encryption backend'
+    @staticmethod
+    def encrypt_to_b64(raw):
+        'encrypt and b64-encode data'
         try:
             enc = binascii.b2a_base64(pickle.dumps(raw, -1))
             if settings.ENABLE_INTERNAL_ENCRYPTION:
                 iv = binascii.b2a_hex(os.urandom(8))
                 cipher = AES.new(key, AES.MODE_CBC, iv)
                 enc = binascii.b2a_base64(cipher.encrypt(pad(enc)))
                 return "%s/%s" % (iv.decode("utf-8"), enc.decode("utf-8"))
-            else:
-                return enc
-        except:
-            logging.critical("Error preparing message for the wire: \n%s" % traceback.format_exc())
+            return enc
+        except Exception:
+            logging.exception("Error preparing message for the wire: \n%s", raw)
             return None
 
-    @classmethod
-    def decrypt_from_b64(cls, raw_enc):
+    @staticmethod
+    def decrypt_from_b64(enc):
+        'decrypt b64-encoded data'
         try:
-            if settings.ENABLE_INTERNAL_ENCRYPTION:
-                iv = raw_enc[:BS]
-                enc = raw_enc[BS+1:]
+            if b'/' in enc and enc.index(b'/') == BS:
+                iv = enc[:BS]
+                encrypted_data = enc[BS+1:]
                 cipher = AES.new(key, AES.MODE_CBC, iv)
-                enc = unpad(cipher.decrypt(binascii.a2b_base64(enc)))
-            return pickle.loads(binascii.a2b_base64(enc))
+                decrypted_data = unpad(cipher.decrypt(binascii.a2b_base64(encrypted_data)))
+            return pickle.loads(binascii.a2b_base64(decrypted_data))
         except (KeyboardInterrupt, SystemExit):
             pass
-        except:
-            logging.warn("Error decrypting.  Attempting unencrypted load to ease migration.")
-            return pickle.loads(binascii.a2b_base64(raw_enc))
+        except Exception:
+            logging.debug("Error decrypting.  Attempting unencrypted load to ease migration.")
+            return pickle.loads(binascii.a2b_base64(enc))
 
 
-def bootstrap(settings):
-    return AESEncryption(settings)
+def bootstrap(encryption_settings):
+    'Returns the encryption module'
+    return AESEncryption(encryption_settings)
diff --git a/will/backends/io_adapters/base.py b/will/backends/io_adapters/base.py
@@ -40,6 +40,11 @@ def normalize_incoming_event(self, event):
 
     def handle_incoming_event(self, event):
         try:
+            user_id = event.get('user')
+            if user_id in getattr(settings, 'IGNORED_USERS', list()):
+                logging.debug('Ignored %s, %s', user_id, event)
+                return
+
             m = self.normalize_incoming_event(event)
             if m:
                 self.pubsub.publish("message.incoming", m, reference_message=m)