From 43785e48a959c9e7b3300ba7fc663f41ee59ecde Mon Sep 17 00:00:00 2001 From: Guillaume Ayoub Date: Thu, 12 Sep 2013 13:48:49 +0200 Subject: [PATCH] Get configuration keys at runtime, not when module is imported (fixes #64) --- radicale/__init__.py | 13 +++++-------- radicale/rights.py | 23 ++++++++++++----------- 2 files changed, 17 insertions(+), 19 deletions(-) diff --git a/radicale/__init__.py b/radicale/__init__.py index 80af1a4..c98ff03 100644 --- a/radicale/__init__.py +++ b/radicale/__init__.py @@ -55,13 +55,6 @@ VERSION = "git" # tries to access information they don't have rights to NOT_ALLOWED = (client.FORBIDDEN, {}, None) -# Standard "authenticate" response that is returned when a user tries to access -# non-public information w/o submitting proper authentication credentials -WRONG_CREDENTIALS = ( - client.UNAUTHORIZED, - {"WWW-Authenticate": "Basic realm=\"%s\"" % config.get("server", "realm")}, - None) - class HTTPServer(wsgiref.simple_server.WSGIServer, object): """HTTP server.""" @@ -303,7 +296,11 @@ class Application(object): else: # Unknown or unauthorized user log.LOGGER.info("%s refused" % (user or "Anonymous user")) - status, headers, answer = WRONG_CREDENTIALS + status = client.UNAUTHORIZED + headers = { + "WWW-Authenticate": + "Basic realm=\"%s\"" % config.get("server", "realm")} + answer = None # Set content length if answer: diff --git a/radicale/rights.py b/radicale/rights.py index 232fec2..88515bf 100644 --- a/radicale/rights.py +++ b/radicale/rights.py @@ -50,8 +50,6 @@ except ImportError: # pylint: enable=F0401 -FILENAME = os.path.expanduser(config.get("rights", "file")) -TYPE = config.get("rights", "type").lower() DEFINED_RIGHTS = { "owner_write": "[r]\nuser:.*\ncollection:.*\npermission:r\n" "[w]\nuser:.*\ncollection:^%(login)s/.+$\npermission:w", @@ -60,17 +58,19 @@ DEFINED_RIGHTS = { def _read_from_sections(user, collection, permission): """Get regex sections.""" + filename = os.path.expanduser(config.get("rights", "file")) + rights_type = config.get("rights", "type").lower() regex = ConfigParser({"login": user, "path": collection}) - if TYPE in DEFINED_RIGHTS: - log.LOGGER.debug("Rights type '%s'" % TYPE) - regex.readfp(io.BytesIO(DEFINED_RIGHTS[TYPE])) - elif TYPE == "from_file": - log.LOGGER.debug("Reading rights from file %s" % FILENAME) - if not regex.read(FILENAME): - log.LOGGER.error("File '%s' not found for rights" % FILENAME) + if rights_type in DEFINED_RIGHTS: + log.LOGGER.debug("Rights type '%s'" % rights_type) + regex.readfp(io.BytesIO(DEFINED_RIGHTS[rights_type])) + elif rights_type == "from_file": + log.LOGGER.debug("Reading rights from file %s" % filename) + if not regex.read(filename): + log.LOGGER.error("File '%s' not found for rights" % filename) return False else: - log.LOGGER.error("Unknown rights type '%s'" % TYPE) + log.LOGGER.error("Unknown rights type '%s'" % rights_type) return False for section in regex.sections(): @@ -92,5 +92,6 @@ def _read_from_sections(user, collection, permission): def authorized(user, collection, right): """Check if the user is allowed to read or write the collection.""" - return TYPE == "none" or (user and _read_from_sections( + rights_type = config.get("rights", "type").lower() + return rights_type == "none" or (user and _read_from_sections( user, collection.url.rstrip("/") or "/", right))