tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into lightning

Browse Source
This commit is contained in:
Guillaume Ayoub
2011-06-13 23:01:42 +02:00
parent b8bcf65785 da42112740
commit 264bc66051
10 changed files with 82 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
radicale/__init__.py
View File

@ -183,16 +183,24 @@ class Application(object):
if last_allowed:
calendars.append(calendar)
continue
log.LOGGER.info(
"Checking rights for calendar owned by %s" % calendar.owner)
if self.acl.has_right(calendar.owner, user, password):
log.LOGGER.info("%s allowed" % (user or "anonymous user"))
if calendar.owner in acl.PUBLIC_USERS:
log.LOGGER.info("Public calendar")
calendars.append(calendar)
last_allowed = True
else:
log.LOGGER.info("%s refused" % (user or "anonymous user"))
last_allowed = False
log.LOGGER.info(
"Checking rights for calendar owned by %s" % (
calendar.owner or "nobody"))
if self.acl.has_right(calendar.owner, user, password):
log.LOGGER.info(
"%s allowed" % (user or "Anonymous user"))
calendars.append(calendar)
last_allowed = True
else:
log.LOGGER.info(
"%s refused" % (user or "Anonymous user"))
last_allowed = False
if calendars:
status, headers, answer = function(environ, calendars, content)

6
radicale/acl/LDAP.py
View File

@ -26,7 +26,7 @@ Authentication based on the ``python-ldap`` module
"""
import ldap
from radicale import config, log
from radicale import acl, config, log
BASE = config.get("acl", "ldap_base")
@ -38,8 +38,8 @@ PASSWORD = config.get("acl", "ldap_password")
def has_right(owner, user, password):
"""Check if ``user``/``password`` couple is valid."""
if not user or (owner and user != owner):
# No user given, or owner is set and is not user, forbidden
if not user or (owner not in acl.PRIVATE_USERS and user != owner):
# No user given, or owner is not private and is not user, forbidden
return False
if BINDDN and PASSWORD:

18
radicale/acl/__init__.py
View File

@ -29,11 +29,29 @@ configuration.
from radicale import config
PUBLIC_USERS = []
PRIVATE_USERS = []
def _config_users(name):
"""Get an iterable of strings from the configuraton string [acl] ``name``.
The values must be separated by a comma. The whitespace characters are
stripped at the beginning and at the end of the values.
"""
for user in config.get("acl", name).split(","):
user = user.strip()
yield None if user == "None" else user
def load():
"""Load list of available ACL managers."""
acl_type = config.get("acl", "type")
if acl_type == "None":
return None
else:
PUBLIC_USERS.extend(_config_users("public_users"))
PRIVATE_USERS.extend(_config_users("private_users"))
module = __import__("radicale.acl", fromlist=[acl_type])
return getattr(module, acl_type)

4
radicale/acl/htpasswd.py
View File

@ -30,7 +30,7 @@ supported, but md5 is not (see ``htpasswd`` man page to understand why).
import base64
import hashlib
from radicale import config
from radicale import acl, config
FILENAME = config.get("acl", "htpasswd_filename")
@ -63,6 +63,6 @@ def has_right(owner, user, password):
for line in open(FILENAME).readlines():
if line.strip():
login, hash_value = line.strip().split(":")
if login == user and (not owner or owner == user):
if login == user and (owner in acl.PRIVATE_USERS or owner == user):
return globals()["_%s" % ENCRYPTION](hash_value, password)
return False

4
radicale/config.py
View File

@ -50,6 +50,8 @@ INITIAL_CONFIG = {
"stock": "utf-8"},
"acl": {
"type": "None",
"public_users": "public",
"private_users": "private",
"httpasswd_filename": "/etc/radicale/users",
"httpasswd_encryption": "crypt",
"ldap_url": "ldap://localhost:389/",
@ -74,6 +76,8 @@ for section, values in INITIAL_CONFIG.items():
_CONFIG_PARSER.read("/etc/radicale/config")
_CONFIG_PARSER.read(os.path.expanduser("~/.config/radicale/config"))
if 'RADICALE_CONFIG' in os.environ:
_CONFIG_PARSER.read(os.environ['RADICALE_CONFIG'])
# Wrap config module into ConfigParser instance
sys.modules[__name__] = _CONFIG_PARSER