tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make predefined rights plugins more restrictive and remove NoneAuth

Browse Source 
Collections with tag are only allowed as direct children of a principal collections.
This commit is contained in:
Unrud 2018-08-21 18:43:48 +02:00
parent 2cb7060539
commit 1bdc47bf44
3 changed files with 46 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
radicale/rights.py
View File

@ -52,11 +52,7 @@ INTERNAL_TYPES = ("none", "authenticated", "owner_write", "owner_only",
def load(configuration): def load(configuration):
"""Load the rights manager chosen in configuration.""" """Load the rights manager chosen in configuration."""
rights_type = configuration.get("rights", "type") rights_type = configuration.get("rights", "type")
if configuration.get("auth", "type") == "none": if rights_type == "authenticated":
rights_type = "none"
if rights_type == "none":
rights_class = NoneRights
elif rights_type == "authenticated":
rights_class = AuthenticatedRights rights_class = AuthenticatedRights
elif rights_type == "owner_write": elif rights_type == "owner_write":
rights_class = OwnerWriteRights rights_class = OwnerWriteRights
@ -97,38 +93,54 @@ class BaseRights:
raise NotImplementedError raise NotImplementedError
class NoneRights(BaseRights):
def authorized(self, user, path, permissions):
return intersect_permissions(permissions)
class AuthenticatedRights(BaseRights): class AuthenticatedRights(BaseRights):
def authorized(self, user, path, permissions): def __init__(self, *args, **kwargs):
if not user: super().__init__(*args, **kwargs)
return "" self._verify_user = self.configuration.get("auth", "type") != "none"
return intersect_permissions(permissions)
class OwnerWriteRights(BaseRights):
def authorized(self, user, path, permissions): def authorized(self, user, path, permissions):
if not user: if self._verify_user and not user:
return "" return ""
sane_path = storage.sanitize_path(path).strip("/") sane_path = storage.sanitize_path(path).strip("/")
if user != sane_path.split("/", maxsplit=1)[0]: if "/" not in sane_path:
return intersect_permissions(permissions, "Rr") return intersect_permissions(permissions, "RW")
return intersect_permissions(permissions) if sane_path.count("/") == 1:
return intersect_permissions(permissions, "rw")
return ""
class OwnerOnlyRights(BaseRights): class OwnerWriteRights(AuthenticatedRights):
def authorized(self, user, path, permissions): def authorized(self, user, path, permissions):
if not user: if self._verify_user and not user:
return "" return ""
sane_path = storage.sanitize_path(path).strip("/") sane_path = storage.sanitize_path(path).strip("/")
if not sane_path: if not sane_path:
return intersect_permissions(permissions, "R") return intersect_permissions(permissions, "R")
if user != sane_path.split("/", maxsplit=1)[0]: if self._verify_user:
owned = user == sane_path.split("/", maxsplit=1)[0]
else:
owned = True
if "/" not in sane_path:
return intersect_permissions(permissions, "RW" if owned else "R")
if sane_path.count("/") == 1:
return intersect_permissions(permissions, "rw" if owned else "r")
return ""
class OwnerOnlyRights(AuthenticatedRights):
def authorized(self, user, path, permissions):
if self._verify_user and not user:
return "" return ""
return intersect_permissions(permissions) sane_path = storage.sanitize_path(path).strip("/")
if not sane_path:
return intersect_permissions(permissions, "R")
if self._verify_user and user != sane_path.split("/", maxsplit=1)[0]:
return ""
if "/" not in sane_path:
return intersect_permissions(permissions, "RW")
if sane_path.count("/") == 1:
return intersect_permissions(permissions, "rw")
return ""
class Rights(BaseRights): class Rights(BaseRights):

10
radicale/tests/test_base.py
View File

@ -1428,6 +1428,16 @@ class BaseFileSystemTest(BaseTest):
self.configuration["storage"]["filesystem_folder"] = self.colpath self.configuration["storage"]["filesystem_folder"] = self.colpath
# Disable syncing to disk for better performance # Disable syncing to disk for better performance
self.configuration["internal"]["filesystem_fsync"] = "False" self.configuration["internal"]["filesystem_fsync"] = "False"
# Allow access to anything for tests
rights_file_path = os.path.join(self.colpath, "rights")
with open(rights_file_path, "w") as f:
f.write("""\
[allow all]
user: .*
collection: .*
permissions: RrWw""")
self.configuration["rights"]["file"] = rights_file_path
self.configuration["rights"]["type"] = "from_file"
self.application = Application(self.configuration) self.application = Application(self.configuration)
def teardown(self): def teardown(self):

12
radicale/tests/test_rights.py
View File

@ -99,18 +99,6 @@ class TestBaseAuthRequests(BaseTest):
self._test_rights("authenticated", "tmp", "/other", "r", 207) self._test_rights("authenticated", "tmp", "/other", "r", 207)
self._test_rights("authenticated", "tmp", "/other", "w", 207) self._test_rights("authenticated", "tmp", "/other", "w", 207)
def test_none(self):
self._test_rights("none", "", "/", "r", 207)
self._test_rights("none", "", "/", "w", 207)
self._test_rights("none", "", "/tmp", "r", 207)
self._test_rights("none", "", "/tmp", "w", 207)
self._test_rights("none", "tmp", "/", "r", 207)
self._test_rights("none", "tmp", "/", "w", 207)
self._test_rights("none", "tmp", "/tmp", "r", 207)
self._test_rights("none", "tmp", "/tmp", "w", 207)
self._test_rights("none", "tmp", "/other", "r", 207)
self._test_rights("none", "tmp", "/other", "w", 207)
def test_from_file(self): def test_from_file(self):
rights_file_path = os.path.join(self.colpath, "rights") rights_file_path = os.path.join(self.colpath, "rights")
with open(rights_file_path, "w") as f: with open(rights_file_path, "w") as f: