tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix the auth checking algorithm

Browse Source
This commit is contained in:
Guillaume Ayoub
2012-08-09 14:15:20 +02:00
parent e33ee8ea7c
commit 4fa53d15b3
1 changed files with 11 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
radicale/__init__.py
View File

@@ -198,8 +198,6 @@ class Application(object):
# Get function corresponding to method # Get function corresponding to method
function = getattr(self, environ["REQUEST_METHOD"].lower()) function = getattr(self, environ["REQUEST_METHOD"].lower())
# Check rights
if items and function != self.options:
# Ask authentication backend to check rights # Ask authentication backend to check rights
authorization = environ.get("HTTP_AUTHORIZATION", None) authorization = environ.get("HTTP_AUTHORIZATION", None)
@@ -210,7 +208,8 @@ class Application(object):
else: else:
user = password = None user = password = None
if access.is_authenticated(user, password): if not items or function == self.options or \
access.is_authenticated(user, password):
last_collection_allowed = None last_collection_allowed = None
allowed_items = [] allowed_items = []
for item in items: for item in items:
@@ -226,7 +225,7 @@ class Application(object):
user, item.name or "/")) user, item.name or "/"))
last_collection_allowed = False last_collection_allowed = False
else: else:
# item is not a colleciton, it's the child of the last # item is not a collection, it's the child of the last
# collection we've met in the loop. Only add this item # collection we've met in the loop. Only add this item
# if this last collection was allowed. # if this last collection was allowed.
if last_collection_allowed: if last_collection_allowed: