tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Get configuration keys at runtime, not when module is imported (fixes #64)

Browse Source
This commit is contained in:
Guillaume Ayoub 2013-09-12 13:48:49 +02:00
parent f5f31ca978
commit 43785e48a9
2 changed files with 17 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
radicale/__init__.py
View File

@ -55,13 +55,6 @@ VERSION = "git"
# tries to access information they don't have rights to # tries to access information they don't have rights to
NOT_ALLOWED = (client.FORBIDDEN, {}, None) NOT_ALLOWED = (client.FORBIDDEN, {}, None)
# Standard "authenticate" response that is returned when a user tries to access
# non-public information w/o submitting proper authentication credentials
WRONG_CREDENTIALS = (
client.UNAUTHORIZED,
{"WWW-Authenticate": "Basic realm=\"%s\"" % config.get("server", "realm")},
None)
class HTTPServer(wsgiref.simple_server.WSGIServer, object): class HTTPServer(wsgiref.simple_server.WSGIServer, object):
"""HTTP server.""" """HTTP server."""
@ -303,7 +296,11 @@ class Application(object):
else: else:
# Unknown or unauthorized user # Unknown or unauthorized user
log.LOGGER.info("%s refused" % (user or "Anonymous user")) log.LOGGER.info("%s refused" % (user or "Anonymous user"))
status, headers, answer = WRONG_CREDENTIALS status = client.UNAUTHORIZED
headers = {
"WWW-Authenticate":
"Basic realm=\"%s\"" % config.get("server", "realm")}
answer = None
# Set content length # Set content length
if answer: if answer:

23
radicale/rights.py
View File

@ -50,8 +50,6 @@ except ImportError:
# pylint: enable=F0401 # pylint: enable=F0401
FILENAME = os.path.expanduser(config.get("rights", "file"))
TYPE = config.get("rights", "type").lower()
DEFINED_RIGHTS = { DEFINED_RIGHTS = {
"owner_write": "[r]\nuser:.*\ncollection:.*\npermission:r\n" "owner_write": "[r]\nuser:.*\ncollection:.*\npermission:r\n"
"[w]\nuser:.*\ncollection:^%(login)s/.+$\npermission:w", "[w]\nuser:.*\ncollection:^%(login)s/.+$\npermission:w",
@ -60,17 +58,19 @@ DEFINED_RIGHTS = {
def _read_from_sections(user, collection, permission): def _read_from_sections(user, collection, permission):
"""Get regex sections.""" """Get regex sections."""
filename = os.path.expanduser(config.get("rights", "file"))
rights_type = config.get("rights", "type").lower()
regex = ConfigParser({"login": user, "path": collection}) regex = ConfigParser({"login": user, "path": collection})
if TYPE in DEFINED_RIGHTS: if rights_type in DEFINED_RIGHTS:
log.LOGGER.debug("Rights type '%s'" % TYPE) log.LOGGER.debug("Rights type '%s'" % rights_type)
regex.readfp(io.BytesIO(DEFINED_RIGHTS[TYPE])) regex.readfp(io.BytesIO(DEFINED_RIGHTS[rights_type]))
elif TYPE == "from_file": elif rights_type == "from_file":
log.LOGGER.debug("Reading rights from file %s" % FILENAME) log.LOGGER.debug("Reading rights from file %s" % filename)
if not regex.read(FILENAME): if not regex.read(filename):
log.LOGGER.error("File '%s' not found for rights" % FILENAME) log.LOGGER.error("File '%s' not found for rights" % filename)
return False return False
else: else:
log.LOGGER.error("Unknown rights type '%s'" % TYPE) log.LOGGER.error("Unknown rights type '%s'" % rights_type)
return False return False
for section in regex.sections(): for section in regex.sections():
@ -92,5 +92,6 @@ def _read_from_sections(user, collection, permission):
def authorized(user, collection, right): def authorized(user, collection, right):
"""Check if the user is allowed to read or write the collection.""" """Check if the user is allowed to read or write the collection."""
return TYPE == "none" or (user and _read_from_sections( rights_type = config.get("rights", "type").lower()
return rights_type == "none" or (user and _read_from_sections(
user, collection.url.rstrip("/") or "/", right)) user, collection.url.rstrip("/") or "/", right))