Clean many, many things
This commit is contained in:
parent
263f31c84b
commit
8ac3ce1a89
@ -50,9 +50,8 @@ from . import auth, rights, storage, xmlutils
|
|||||||
|
|
||||||
VERSION = "2.0.0rc0"
|
VERSION = "2.0.0rc0"
|
||||||
|
|
||||||
# Standard "not allowed" response that is returned when an authenticated user
|
|
||||||
# tries to access information they don't have rights to
|
|
||||||
NOT_ALLOWED = (client.FORBIDDEN, {}, None)
|
NOT_ALLOWED = (client.FORBIDDEN, {}, None)
|
||||||
|
DAV_HEADERS = "1, 2, 3, calendar-access, addressbook, extended-mkcol"
|
||||||
|
|
||||||
|
|
||||||
class HTTPServer(wsgiref.simple_server.WSGIServer):
|
class HTTPServer(wsgiref.simple_server.WSGIServer):
|
||||||
@ -136,6 +135,7 @@ class RequestHandler(wsgiref.simple_server.WSGIRequestHandler):
|
|||||||
|
|
||||||
class Application:
|
class Application:
|
||||||
"""WSGI application managing collections."""
|
"""WSGI application managing collections."""
|
||||||
|
|
||||||
def __init__(self, configuration, logger):
|
def __init__(self, configuration, logger):
|
||||||
"""Initialize application."""
|
"""Initialize application."""
|
||||||
super().__init__()
|
super().__init__()
|
||||||
@ -149,15 +149,20 @@ class Application:
|
|||||||
def headers_log(self, environ):
|
def headers_log(self, environ):
|
||||||
"""Sanitize headers for logging."""
|
"""Sanitize headers for logging."""
|
||||||
request_environ = dict(environ)
|
request_environ = dict(environ)
|
||||||
|
|
||||||
# Remove environment variables
|
# Remove environment variables
|
||||||
if not self.configuration.getboolean("logging", "full_environment"):
|
if not self.configuration.getboolean("logging", "full_environment"):
|
||||||
for shell_variable in os.environ:
|
for shell_variable in os.environ:
|
||||||
request_environ.pop(shell_variable, None)
|
request_environ.pop(shell_variable, None)
|
||||||
# Mask credentials
|
|
||||||
if (self.configuration.getboolean("logging", "mask_passwords") and
|
# Mask passwords
|
||||||
request_environ.get("HTTP_AUTHORIZATION",
|
mask_passwords = self.configuration.getboolean(
|
||||||
"").startswith("Basic")):
|
"logging", "mask_passwords")
|
||||||
|
authorization = request_environ.get(
|
||||||
|
"HTTP_AUTHORIZATION", "").startswith("Basic")
|
||||||
|
if mask_passwords and authorization:
|
||||||
request_environ["HTTP_AUTHORIZATION"] = "Basic **masked**"
|
request_environ["HTTP_AUTHORIZATION"] = "Basic **masked**"
|
||||||
|
|
||||||
return request_environ
|
return request_environ
|
||||||
|
|
||||||
def decode(self, text, environ):
|
def decode(self, text, environ):
|
||||||
@ -215,6 +220,7 @@ class Application:
|
|||||||
|
|
||||||
def __call__(self, environ, start_response):
|
def __call__(self, environ, start_response):
|
||||||
"""Manage a request."""
|
"""Manage a request."""
|
||||||
|
|
||||||
def response(status, headers={}, answer=None):
|
def response(status, headers={}, answer=None):
|
||||||
# Start response
|
# Start response
|
||||||
status = "%i %s" % (
|
status = "%i %s" % (
|
||||||
@ -224,6 +230,7 @@ class Application:
|
|||||||
# Return response content
|
# Return response content
|
||||||
return [answer] if answer else []
|
return [answer] if answer else []
|
||||||
|
|
||||||
|
self.logger.debug("\n") # Add empty lines between requests in debug
|
||||||
self.logger.info("%s request at %s received" % (
|
self.logger.info("%s request at %s received" % (
|
||||||
environ["REQUEST_METHOD"], environ["PATH_INFO"]))
|
environ["REQUEST_METHOD"], environ["PATH_INFO"]))
|
||||||
headers = pprint.pformat(self.headers_log(environ))
|
headers = pprint.pformat(self.headers_log(environ))
|
||||||
@ -246,7 +253,6 @@ class Application:
|
|||||||
environ["PATH_INFO"] = storage.sanitize_path(
|
environ["PATH_INFO"] = storage.sanitize_path(
|
||||||
unquote(environ["PATH_INFO"]))
|
unquote(environ["PATH_INFO"]))
|
||||||
self.logger.debug("Sanitized path: %s", environ["PATH_INFO"])
|
self.logger.debug("Sanitized path: %s", environ["PATH_INFO"])
|
||||||
|
|
||||||
path = environ["PATH_INFO"]
|
path = environ["PATH_INFO"]
|
||||||
|
|
||||||
# Get function corresponding to method
|
# Get function corresponding to method
|
||||||
@ -254,7 +260,6 @@ class Application:
|
|||||||
|
|
||||||
# Ask authentication backend to check rights
|
# Ask authentication backend to check rights
|
||||||
authorization = environ.get("HTTP_AUTHORIZATION", None)
|
authorization = environ.get("HTTP_AUTHORIZATION", None)
|
||||||
|
|
||||||
if authorization and authorization.startswith("Basic"):
|
if authorization and authorization.startswith("Basic"):
|
||||||
authorization = authorization[len("Basic"):].strip()
|
authorization = authorization[len("Basic"):].strip()
|
||||||
user, password = self.decode(base64.b64decode(
|
user, password = self.decode(base64.b64decode(
|
||||||
@ -263,7 +268,7 @@ class Application:
|
|||||||
user = environ.get("REMOTE_USER")
|
user = environ.get("REMOTE_USER")
|
||||||
password = None
|
password = None
|
||||||
|
|
||||||
# If /.well-known is not available, clients query /
|
# If "/.well-known" is not available, clients query "/"
|
||||||
if path == "/.well-known" or path.startswith("/.well-known/"):
|
if path == "/.well-known" or path.startswith("/.well-known/"):
|
||||||
return response(client.NOT_FOUND, {})
|
return response(client.NOT_FOUND, {})
|
||||||
|
|
||||||
@ -281,7 +286,8 @@ class Application:
|
|||||||
if self.authorized(user, principal_path, "w"):
|
if self.authorized(user, principal_path, "w"):
|
||||||
with self.Collection.acquire_lock("r"):
|
with self.Collection.acquire_lock("r"):
|
||||||
principal = next(
|
principal = next(
|
||||||
self.Collection.discover(principal_path), None)
|
self.Collection.discover(principal_path, depth="1"),
|
||||||
|
None)
|
||||||
if not principal:
|
if not principal:
|
||||||
with self.Collection.acquire_lock("w"):
|
with self.Collection.acquire_lock("w"):
|
||||||
self.Collection.create_collection(principal_path)
|
self.Collection.create_collection(principal_path)
|
||||||
@ -336,6 +342,7 @@ class Application:
|
|||||||
|
|
||||||
headers["Content-Length"] = str(len(answer))
|
headers["Content-Length"] = str(len(answer))
|
||||||
|
|
||||||
|
# Add extra headers set in configuration
|
||||||
if self.configuration.has_section("headers"):
|
if self.configuration.has_section("headers"):
|
||||||
for key in self.configuration.options("headers"):
|
for key in self.configuration.options("headers"):
|
||||||
headers[key] = self.configuration.get("headers", key)
|
headers[key] = self.configuration.get("headers", key)
|
||||||
@ -343,8 +350,7 @@ class Application:
|
|||||||
return response(status, headers, answer)
|
return response(status, headers, answer)
|
||||||
|
|
||||||
def _access(self, user, path, permission, item=None):
|
def _access(self, user, path, permission, item=None):
|
||||||
"""Checks if ``user`` can access ``path`` or the parent collection
|
"""Check if ``user`` can access ``path`` or the parent collection.
|
||||||
with ``permission``.
|
|
||||||
|
|
||||||
``permission`` must either be "r" or "w".
|
``permission`` must either be "r" or "w".
|
||||||
|
|
||||||
@ -380,7 +386,7 @@ class Application:
|
|||||||
if not self._access(user, path, "w"):
|
if not self._access(user, path, "w"):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
with self._lock_collection("w", user):
|
with self._lock_collection("w", user):
|
||||||
item = next(self.Collection.discover(path, depth="0"), None)
|
item = next(self.Collection.discover(path), None)
|
||||||
if not self._access(user, path, "w", item):
|
if not self._access(user, path, "w", item):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
if not item:
|
if not item:
|
||||||
@ -405,7 +411,7 @@ class Application:
|
|||||||
if not self._access(user, path, "r"):
|
if not self._access(user, path, "r"):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
with self._lock_collection("r", user):
|
with self._lock_collection("r", user):
|
||||||
item = next(self.Collection.discover(path, depth="0"), None)
|
item = next(self.Collection.discover(path), None)
|
||||||
if not self._access(user, path, "r", item):
|
if not self._access(user, path, "r", item):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
if not item:
|
if not item:
|
||||||
@ -414,8 +420,8 @@ class Application:
|
|||||||
collection = item
|
collection = item
|
||||||
else:
|
else:
|
||||||
collection = item.collection
|
collection = item.collection
|
||||||
content_type = storage.MIMETYPES.get(collection.get_meta("tag"),
|
content_type = xmlutils.MIMETYPES.get(
|
||||||
"text/plain")
|
collection.get_meta("tag"), "text/plain")
|
||||||
headers = {
|
headers = {
|
||||||
"Content-Type": content_type,
|
"Content-Type": content_type,
|
||||||
"Last-Modified": collection.last_modified,
|
"Last-Modified": collection.last_modified,
|
||||||
@ -434,7 +440,7 @@ class Application:
|
|||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
|
|
||||||
with self._lock_collection("w", user):
|
with self._lock_collection("w", user):
|
||||||
item = next(self.Collection.discover(path, depth="0"), None)
|
item = next(self.Collection.discover(path), None)
|
||||||
if item:
|
if item:
|
||||||
return client.CONFLICT, {}, None
|
return client.CONFLICT, {}, None
|
||||||
props = xmlutils.props_from_request(content)
|
props = xmlutils.props_from_request(content)
|
||||||
@ -449,7 +455,7 @@ class Application:
|
|||||||
if not self.authorized(user, path, "w"):
|
if not self.authorized(user, path, "w"):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
with self._lock_collection("w", user):
|
with self._lock_collection("w", user):
|
||||||
item = next(self.Collection.discover(path, depth="0"), None)
|
item = next(self.Collection.discover(path), None)
|
||||||
if item:
|
if item:
|
||||||
return client.CONFLICT, {}, None
|
return client.CONFLICT, {}, None
|
||||||
props = xmlutils.props_from_request(content)
|
props = xmlutils.props_from_request(content)
|
||||||
@ -464,27 +470,33 @@ class Application:
|
|||||||
if to_url.netloc != environ["HTTP_HOST"]:
|
if to_url.netloc != environ["HTTP_HOST"]:
|
||||||
# Remote destination server, not supported
|
# Remote destination server, not supported
|
||||||
return client.BAD_GATEWAY, {}, None
|
return client.BAD_GATEWAY, {}, None
|
||||||
to_path = storage.sanitize_path(to_url.path)
|
if not self._access(user, path, "w"):
|
||||||
if (not self._access(user, path, "w") or
|
|
||||||
not self._access(user, to_path, "w")):
|
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
|
to_path = storage.sanitize_path(to_url.path)
|
||||||
|
if not self._access(user, to_path, "w"):
|
||||||
|
return NOT_ALLOWED
|
||||||
|
if to_path.strip("/").startswith(path.strip("/")):
|
||||||
|
return client.CONFLICT, {}, None
|
||||||
|
|
||||||
with self._lock_collection("w", user):
|
with self._lock_collection("w", user):
|
||||||
item = next(self.Collection.discover(path, depth="0"), None)
|
item = next(self.Collection.discover(path), None)
|
||||||
if (not self._access(user, path, "w", item) or
|
if not self._access(user, path, "w", item):
|
||||||
not self._access(user, to_path, "w", item)):
|
return NOT_ALLOWED
|
||||||
|
if not self._access(user, to_path, "w", item):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
if not item:
|
if not item:
|
||||||
return client.GONE, {}, None
|
return client.GONE, {}, None
|
||||||
to_item = next(self.Collection.discover(to_path, depth="0"), None)
|
if isinstance(item, self.Collection):
|
||||||
|
return client.CONFLICT, {}, None
|
||||||
|
|
||||||
|
to_item = next(self.Collection.discover(to_path), None)
|
||||||
to_parent_path = storage.sanitize_path(
|
to_parent_path = storage.sanitize_path(
|
||||||
"/%s/" % posixpath.dirname(to_path.strip("/")))
|
"/%s/" % posixpath.dirname(to_path.strip("/")))
|
||||||
to_href = posixpath.basename(to_path.strip("/"))
|
to_collection = next(
|
||||||
to_collection = next(self.Collection.discover(
|
self.Collection.discover(to_parent_path), None)
|
||||||
to_parent_path, depth="0"), None)
|
if not to_collection or to_item:
|
||||||
print(path, isinstance(item, self.Collection))
|
|
||||||
if (isinstance(item, self.Collection) or not to_collection or
|
|
||||||
to_item or to_path.strip("/").startswith(path.strip("/"))):
|
|
||||||
return client.CONFLICT, {}, None
|
return client.CONFLICT, {}, None
|
||||||
|
to_href = posixpath.basename(to_path.strip("/"))
|
||||||
to_collection.upload(to_href, item.item)
|
to_collection.upload(to_href, item.item)
|
||||||
item.collection.delete(item.href)
|
item.collection.delete(item.href)
|
||||||
return client.CREATED, {}, None
|
return client.CREATED, {}, None
|
||||||
@ -492,22 +504,20 @@ class Application:
|
|||||||
def do_OPTIONS(self, environ, path, content, user):
|
def do_OPTIONS(self, environ, path, content, user):
|
||||||
"""Manage OPTIONS request."""
|
"""Manage OPTIONS request."""
|
||||||
headers = {
|
headers = {
|
||||||
"Allow": ("DELETE, HEAD, GET, MKCALENDAR, MKCOL, MOVE, "
|
"Allow": ", ".join(
|
||||||
"OPTIONS, PROPFIND, PROPPATCH, PUT, REPORT"),
|
name[3:] for name in dir(self) if name.startswith("do_")),
|
||||||
"DAV": "1, 2, 3, calendar-access, addressbook, extended-mkcol"}
|
"DAV": DAV_HEADERS}
|
||||||
return client.OK, headers, None
|
return client.OK, headers, None
|
||||||
|
|
||||||
def do_PROPFIND(self, environ, path, content, user):
|
def do_PROPFIND(self, environ, path, content, user):
|
||||||
"""Manage PROPFIND request."""
|
"""Manage PROPFIND request."""
|
||||||
with self._lock_collection("r", user):
|
with self._lock_collection("r", user):
|
||||||
items = self.Collection.discover(path,
|
items = self.Collection.discover(
|
||||||
environ.get("HTTP_DEPTH", "0"))
|
path, environ.get("HTTP_DEPTH", "0"))
|
||||||
read_items, write_items = self.collect_allowed_items(items, user)
|
read_items, write_items = self.collect_allowed_items(items, user)
|
||||||
if not read_items and not write_items:
|
if not read_items and not write_items:
|
||||||
return (client.NOT_FOUND, {}, None) if user else NOT_ALLOWED
|
return (client.NOT_FOUND, {}, None) if user else NOT_ALLOWED
|
||||||
headers = {
|
headers = {"DAV": DAV_HEADERS, "Content-Type": "text/xml"}
|
||||||
"DAV": "1, 2, 3, calendar-access, addressbook, extended-mkcol",
|
|
||||||
"Content-Type": "text/xml"}
|
|
||||||
answer = xmlutils.propfind(
|
answer = xmlutils.propfind(
|
||||||
path, content, read_items, write_items, user)
|
path, content, read_items, write_items, user)
|
||||||
return client.MULTI_STATUS, headers, answer
|
return client.MULTI_STATUS, headers, answer
|
||||||
@ -517,13 +527,11 @@ class Application:
|
|||||||
if not self.authorized(user, path, "w"):
|
if not self.authorized(user, path, "w"):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
with self._lock_collection("w", user):
|
with self._lock_collection("w", user):
|
||||||
item = next(self.Collection.discover(path, depth="0"), None)
|
item = next(self.Collection.discover(path), None)
|
||||||
if not isinstance(item, self.Collection):
|
if not isinstance(item, self.Collection):
|
||||||
return client.CONFLICT, {}, None
|
return client.CONFLICT, {}, None
|
||||||
|
headers = {"DAV": DAV_HEADERS, "Content-Type": "text/xml"}
|
||||||
answer = xmlutils.proppatch(path, content, item)
|
answer = xmlutils.proppatch(path, content, item)
|
||||||
headers = {
|
|
||||||
"DAV": "1, 2, 3, calendar-access, addressbook, extended-mkcol",
|
|
||||||
"Content-Type": "text/xml"}
|
|
||||||
return client.MULTI_STATUS, headers, answer
|
return client.MULTI_STATUS, headers, answer
|
||||||
|
|
||||||
def do_PUT(self, environ, path, content, user):
|
def do_PUT(self, environ, path, content, user):
|
||||||
@ -534,33 +542,39 @@ class Application:
|
|||||||
with self._lock_collection("w", user):
|
with self._lock_collection("w", user):
|
||||||
parent_path = storage.sanitize_path(
|
parent_path = storage.sanitize_path(
|
||||||
"/%s/" % posixpath.dirname(path.strip("/")))
|
"/%s/" % posixpath.dirname(path.strip("/")))
|
||||||
item = next(self.Collection.discover(path, depth="0"), None)
|
item = next(self.Collection.discover(path), None)
|
||||||
parent_item = next(self.Collection.discover(
|
parent_item = next(self.Collection.discover(parent_path), None)
|
||||||
parent_path, depth="0"), None)
|
|
||||||
write_whole_collection = (
|
write_whole_collection = (
|
||||||
isinstance(item, self.Collection) or
|
isinstance(item, self.Collection) or
|
||||||
not parent_item or
|
not parent_item or (
|
||||||
not next(parent_item.list(), None) and
|
not next(parent_item.list(), None) and
|
||||||
parent_item.get_meta("tag") not in (
|
parent_item.get_meta("tag") not in (
|
||||||
"VADDRESSBOOK", "VCALENDAR"))
|
"VADDRESSBOOK", "VCALENDAR")))
|
||||||
if (write_whole_collection and
|
if write_whole_collection:
|
||||||
not self.authorized(user, path, "w") or
|
if not self.authorized(user, path, "w"):
|
||||||
not write_whole_collection and
|
return NOT_ALLOWED
|
||||||
not self.authorized(user, parent_path, "w")):
|
elif not self.authorized(user, parent_path, "w"):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
etag = environ.get("HTTP_IF_MATCH", "")
|
|
||||||
match = environ.get("HTTP_IF_NONE_MATCH", "") == "*"
|
|
||||||
|
|
||||||
if ((not item and etag) or (item and etag and item.etag != etag) or
|
etag = environ.get("HTTP_IF_MATCH", "")
|
||||||
(item and match)):
|
if not item and etag:
|
||||||
|
# Etag asked but no item found: item has been removed
|
||||||
|
return client.PRECONDITION_FAILED, {}, None
|
||||||
|
if item and etag and item.etag != etag:
|
||||||
|
# Etag asked but item not matching: item has changed
|
||||||
|
return client.PRECONDITION_FAILED, {}, None
|
||||||
|
|
||||||
|
match = environ.get("HTTP_IF_NONE_MATCH", "") == "*"
|
||||||
|
if item and match:
|
||||||
|
# Creation asked but item found: item can't be replaced
|
||||||
return client.PRECONDITION_FAILED, {}, None
|
return client.PRECONDITION_FAILED, {}, None
|
||||||
|
|
||||||
items = list(vobject.readComponents(content or ""))
|
items = list(vobject.readComponents(content or ""))
|
||||||
content_type = environ.get("CONTENT_TYPE")
|
content_type = environ.get("CONTENT_TYPE", "").split(";")[0]
|
||||||
tag = None
|
tags = {value: key for key, value in xmlutils.MIMETYPES.items()}
|
||||||
if content_type:
|
tag = tags.get(content_type)
|
||||||
tags = {value: key for key, value in storage.MIMETYPES.items()}
|
|
||||||
tag = tags.get(content_type.split(";")[0])
|
|
||||||
if write_whole_collection:
|
if write_whole_collection:
|
||||||
if item:
|
if item:
|
||||||
# Delete old collection
|
# Delete old collection
|
||||||
@ -582,7 +596,7 @@ class Application:
|
|||||||
if not self._access(user, path, "w"):
|
if not self._access(user, path, "w"):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
with self._lock_collection("r", user):
|
with self._lock_collection("r", user):
|
||||||
item = next(self.Collection.discover(path, depth="0"), None)
|
item = next(self.Collection.discover(path), None)
|
||||||
if not self._access(user, path, "w", item):
|
if not self._access(user, path, "w", item):
|
||||||
return NOT_ALLOWED
|
return NOT_ALLOWED
|
||||||
if not item:
|
if not item:
|
||||||
|
@ -167,14 +167,13 @@ def serve(configuration, logger):
|
|||||||
try:
|
try:
|
||||||
open(filename, "r").close()
|
open(filename, "r").close()
|
||||||
except IOError as exception:
|
except IOError as exception:
|
||||||
logger.warning(
|
logger.warning("Error while reading SSL %s %r: %s" % (
|
||||||
"Error while reading SSL %s %r: %s" % (
|
|
||||||
name, filename, exception))
|
name, filename, exception))
|
||||||
else:
|
else:
|
||||||
server_class = ThreadedHTTPServer
|
server_class = ThreadedHTTPServer
|
||||||
server_class.client_timeout = configuration.getint("server", "timeout")
|
server_class.client_timeout = configuration.getint("server", "timeout")
|
||||||
server_class.max_connections = configuration.getint("server",
|
server_class.max_connections = configuration.getint(
|
||||||
"max_connections")
|
"server", "max_connections")
|
||||||
|
|
||||||
if not configuration.getboolean("server", "dns_lookup"):
|
if not configuration.getboolean("server", "dns_lookup"):
|
||||||
RequestHandler.address_string = lambda self: self.client_address[0]
|
RequestHandler.address_string = lambda self: self.client_address[0]
|
||||||
|
@ -111,7 +111,7 @@ class Rights(BaseRights):
|
|||||||
user = user or ""
|
user = user or ""
|
||||||
if user and not storage.is_safe_path_component(user):
|
if user and not storage.is_safe_path_component(user):
|
||||||
# Prevent usernames like "user/calendar.ics"
|
# Prevent usernames like "user/calendar.ics"
|
||||||
raise ValueError("Unsafe username")
|
raise ValueError("Refused unsafe username: %s", user)
|
||||||
sane_path = storage.sanitize_path(path).strip("/")
|
sane_path = storage.sanitize_path(path).strip("/")
|
||||||
# Prevent "regex injection"
|
# Prevent "regex injection"
|
||||||
user_escaped = re.escape(user)
|
user_escaped = re.escape(user)
|
||||||
|
@ -43,6 +43,7 @@ from tempfile import TemporaryDirectory
|
|||||||
from atomicwrites import AtomicWriter
|
from atomicwrites import AtomicWriter
|
||||||
import vobject
|
import vobject
|
||||||
|
|
||||||
|
|
||||||
if os.name == "nt":
|
if os.name == "nt":
|
||||||
import ctypes
|
import ctypes
|
||||||
import ctypes.wintypes
|
import ctypes.wintypes
|
||||||
@ -55,14 +56,16 @@ if os.name == "nt":
|
|||||||
ULONG_PTR = ctypes.c_uint64
|
ULONG_PTR = ctypes.c_uint64
|
||||||
|
|
||||||
class Overlapped(ctypes.Structure):
|
class Overlapped(ctypes.Structure):
|
||||||
_fields_ = [("internal", ULONG_PTR),
|
_fields_ = [
|
||||||
|
("internal", ULONG_PTR),
|
||||||
("internal_high", ULONG_PTR),
|
("internal_high", ULONG_PTR),
|
||||||
("offset", ctypes.wintypes.DWORD),
|
("offset", ctypes.wintypes.DWORD),
|
||||||
("offset_high", ctypes.wintypes.DWORD),
|
("offset_high", ctypes.wintypes.DWORD),
|
||||||
("h_event", ctypes.wintypes.HANDLE)]
|
("h_event", ctypes.wintypes.HANDLE)]
|
||||||
|
|
||||||
lock_file_ex = ctypes.windll.kernel32.LockFileEx
|
lock_file_ex = ctypes.windll.kernel32.LockFileEx
|
||||||
lock_file_ex.argtypes = [ctypes.wintypes.HANDLE,
|
lock_file_ex.argtypes = [
|
||||||
|
ctypes.wintypes.HANDLE,
|
||||||
ctypes.wintypes.DWORD,
|
ctypes.wintypes.DWORD,
|
||||||
ctypes.wintypes.DWORD,
|
ctypes.wintypes.DWORD,
|
||||||
ctypes.wintypes.DWORD,
|
ctypes.wintypes.DWORD,
|
||||||
@ -70,7 +73,8 @@ if os.name == "nt":
|
|||||||
ctypes.POINTER(Overlapped)]
|
ctypes.POINTER(Overlapped)]
|
||||||
lock_file_ex.restype = ctypes.wintypes.BOOL
|
lock_file_ex.restype = ctypes.wintypes.BOOL
|
||||||
unlock_file_ex = ctypes.windll.kernel32.UnlockFileEx
|
unlock_file_ex = ctypes.windll.kernel32.UnlockFileEx
|
||||||
unlock_file_ex.argtypes = [ctypes.wintypes.HANDLE,
|
unlock_file_ex.argtypes = [
|
||||||
|
ctypes.wintypes.HANDLE,
|
||||||
ctypes.wintypes.DWORD,
|
ctypes.wintypes.DWORD,
|
||||||
ctypes.wintypes.DWORD,
|
ctypes.wintypes.DWORD,
|
||||||
ctypes.wintypes.DWORD,
|
ctypes.wintypes.DWORD,
|
||||||
@ -95,9 +99,6 @@ def load(configuration, logger):
|
|||||||
return CollectionCopy
|
return CollectionCopy
|
||||||
|
|
||||||
|
|
||||||
MIMETYPES = {"VADDRESSBOOK": "text/vcard", "VCALENDAR": "text/calendar"}
|
|
||||||
|
|
||||||
|
|
||||||
def get_etag(text):
|
def get_etag(text):
|
||||||
"""Etag from collection or item."""
|
"""Etag from collection or item."""
|
||||||
etag = md5()
|
etag = md5()
|
||||||
@ -105,13 +106,9 @@ def get_etag(text):
|
|||||||
return '"%s"' % etag.hexdigest()
|
return '"%s"' % etag.hexdigest()
|
||||||
|
|
||||||
|
|
||||||
def is_safe_path_component(path):
|
def get_uid(item):
|
||||||
"""Check if path is a single component of a path.
|
"""UID value of an item if defined."""
|
||||||
|
return hasattr(item, "uid") and item.uid.value
|
||||||
Check that the path is safe to join too.
|
|
||||||
|
|
||||||
"""
|
|
||||||
return path and "/" not in path and path not in (".", "..")
|
|
||||||
|
|
||||||
|
|
||||||
def sanitize_path(path):
|
def sanitize_path(path):
|
||||||
@ -131,6 +128,15 @@ def sanitize_path(path):
|
|||||||
return new_path + trailing_slash
|
return new_path + trailing_slash
|
||||||
|
|
||||||
|
|
||||||
|
def is_safe_path_component(path):
|
||||||
|
"""Check if path is a single component of a path.
|
||||||
|
|
||||||
|
Check that the path is safe to join too.
|
||||||
|
|
||||||
|
"""
|
||||||
|
return path and "/" not in path and path not in (".", "..")
|
||||||
|
|
||||||
|
|
||||||
def is_safe_filesystem_path_component(path):
|
def is_safe_filesystem_path_component(path):
|
||||||
"""Check if path is a single component of a filesystem path.
|
"""Check if path is a single component of a filesystem path.
|
||||||
|
|
||||||
@ -158,14 +164,13 @@ def path_to_filesystem(root, *paths):
|
|||||||
continue
|
continue
|
||||||
for part in path.split("/"):
|
for part in path.split("/"):
|
||||||
if not is_safe_filesystem_path_component(part):
|
if not is_safe_filesystem_path_component(part):
|
||||||
raise ValueError(
|
raise UnsafePathError(part)
|
||||||
"Can't tranlate name safely to filesystem: %s" % part)
|
|
||||||
safe_path = os.path.join(safe_path, part)
|
safe_path = os.path.join(safe_path, part)
|
||||||
return safe_path
|
return safe_path
|
||||||
|
|
||||||
|
|
||||||
def sync_directory(path):
|
def sync_directory(path):
|
||||||
"""Sync directory to disk
|
"""Sync directory to disk.
|
||||||
|
|
||||||
This only works on POSIX and does nothing on other systems.
|
This only works on POSIX and does nothing on other systems.
|
||||||
|
|
||||||
@ -181,14 +186,38 @@ def sync_directory(path):
|
|||||||
os.close(fd)
|
os.close(fd)
|
||||||
|
|
||||||
|
|
||||||
|
class UnsafePathError(ValueError):
|
||||||
|
def __init__(self, path):
|
||||||
|
message = "Can't translate name safely to filesystem: %s" % path
|
||||||
|
super().__init__(message)
|
||||||
|
|
||||||
|
|
||||||
|
class ComponentExistsError(ValueError):
|
||||||
|
def __init__(self, path):
|
||||||
|
message = "Component already exists: %s" % path
|
||||||
|
super().__init__(message)
|
||||||
|
|
||||||
|
|
||||||
|
class ComponentNotFoundError(ValueError):
|
||||||
|
def __init__(self, path):
|
||||||
|
message = "Component doesn't exist: %s" % path
|
||||||
|
super().__init__(message)
|
||||||
|
|
||||||
|
|
||||||
|
class EtagMismatchError(ValueError):
|
||||||
|
def __init__(self, etag1, etag2):
|
||||||
|
message = "ETags don't match: %s != %s" % (etag1, etag2)
|
||||||
|
super().__init__(message)
|
||||||
|
|
||||||
|
|
||||||
class _EncodedAtomicWriter(AtomicWriter):
|
class _EncodedAtomicWriter(AtomicWriter):
|
||||||
def __init__(self, path, encoding, mode="w", overwrite=True):
|
def __init__(self, path, encoding, mode="w", overwrite=True):
|
||||||
self._encoding = encoding
|
self._encoding = encoding
|
||||||
return super().__init__(path, mode, overwrite=True)
|
return super().__init__(path, mode, overwrite=True)
|
||||||
|
|
||||||
def get_fileobject(self, **kwargs):
|
def get_fileobject(self, **kwargs):
|
||||||
return super().get_fileobject(encoding=self._encoding,
|
return super().get_fileobject(
|
||||||
prefix=".Radicale.tmp-", **kwargs)
|
encoding=self._encoding, prefix=".Radicale.tmp-", **kwargs)
|
||||||
|
|
||||||
|
|
||||||
class Item:
|
class Item:
|
||||||
@ -222,7 +251,7 @@ class BaseCollection:
|
|||||||
raise NotImplementedError
|
raise NotImplementedError
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def discover(cls, path, depth="1"):
|
def discover(cls, path, depth="0"):
|
||||||
"""Discover a list of collections under the given ``path``.
|
"""Discover a list of collections under the given ``path``.
|
||||||
|
|
||||||
If ``depth`` is "0", only the actual object under ``path`` is
|
If ``depth`` is "0", only the actual object under ``path`` is
|
||||||
@ -248,8 +277,9 @@ class BaseCollection:
|
|||||||
|
|
||||||
``props`` are metadata values for the collection.
|
``props`` are metadata values for the collection.
|
||||||
|
|
||||||
``props["tag"]`` is the type of collection (VCALENDAR or VADDRESSBOOK). If
|
``props["tag"]`` is the type of collection (VCALENDAR or
|
||||||
the key ``tag`` is missing, it is guessed from the collection.
|
VADDRESSBOOK). If the key ``tag`` is missing, it is guessed from the
|
||||||
|
collection.
|
||||||
|
|
||||||
"""
|
"""
|
||||||
raise NotImplementedError
|
raise NotImplementedError
|
||||||
@ -347,31 +377,25 @@ class Collection(BaseCollection):
|
|||||||
def __init__(self, path, principal=False, folder=None):
|
def __init__(self, path, principal=False, folder=None):
|
||||||
if not folder:
|
if not folder:
|
||||||
folder = self._get_collection_root_folder()
|
folder = self._get_collection_root_folder()
|
||||||
# path should already be sanitized
|
# Path should already be sanitized
|
||||||
self.path = sanitize_path(path).strip("/")
|
self.path = sanitize_path(path).strip("/")
|
||||||
self.storage_encoding = self.configuration.get("encoding", "stock")
|
self.encoding = self.configuration.get("encoding", "stock")
|
||||||
self._filesystem_path = path_to_filesystem(folder, self.path)
|
self._filesystem_path = path_to_filesystem(folder, self.path)
|
||||||
self._props_path = os.path.join(
|
self._props_path = os.path.join(
|
||||||
self._filesystem_path, ".Radicale.props")
|
self._filesystem_path, ".Radicale.props")
|
||||||
split_path = self.path.split("/")
|
split_path = self.path.split("/")
|
||||||
if len(split_path) > 1:
|
self.owner = split_path[0] if len(split_path) > 1 else None
|
||||||
# URL with at least one folder
|
|
||||||
self.owner = split_path[0]
|
|
||||||
else:
|
|
||||||
self.owner = None
|
|
||||||
self.is_principal = principal
|
self.is_principal = principal
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def _get_collection_root_folder(cls):
|
def _get_collection_root_folder(cls):
|
||||||
filesystem_folder = os.path.expanduser(
|
filesystem_folder = os.path.expanduser(
|
||||||
cls.configuration.get("storage", "filesystem_folder"))
|
cls.configuration.get("storage", "filesystem_folder"))
|
||||||
folder = os.path.join(filesystem_folder, "collection-root")
|
return os.path.join(filesystem_folder, "collection-root")
|
||||||
return folder
|
|
||||||
|
|
||||||
@contextmanager
|
@contextmanager
|
||||||
def _atomic_write(self, path, mode="w"):
|
def _atomic_write(self, path, mode="w"):
|
||||||
with _EncodedAtomicWriter(
|
with _EncodedAtomicWriter(path, self.encoding, mode).open() as fd:
|
||||||
path, self.storage_encoding, mode).open() as fd:
|
|
||||||
yield fd
|
yield fd
|
||||||
|
|
||||||
def _find_available_file_name(self):
|
def _find_available_file_name(self):
|
||||||
@ -383,12 +407,12 @@ class Collection(BaseCollection):
|
|||||||
raise FileExistsError(errno.EEXIST, "No usable file name found")
|
raise FileExistsError(errno.EEXIST, "No usable file name found")
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def discover(cls, path, depth="1"):
|
def discover(cls, path, depth="0"):
|
||||||
# path == None means wrong URL
|
|
||||||
if path is None:
|
if path is None:
|
||||||
|
# Wrong URL
|
||||||
return
|
return
|
||||||
|
|
||||||
# path should already be sanitized
|
# Path should already be sanitized
|
||||||
sane_path = sanitize_path(path).strip("/")
|
sane_path = sanitize_path(path).strip("/")
|
||||||
attributes = sane_path.split("/")
|
attributes = sane_path.split("/")
|
||||||
if not attributes[0]:
|
if not attributes[0]:
|
||||||
@ -401,24 +425,31 @@ class Collection(BaseCollection):
|
|||||||
except ValueError:
|
except ValueError:
|
||||||
# Path is unsafe
|
# Path is unsafe
|
||||||
return
|
return
|
||||||
href = None
|
|
||||||
if not os.path.isdir(filesystem_path):
|
if not os.path.isdir(filesystem_path):
|
||||||
if attributes and os.path.isfile(filesystem_path):
|
if attributes and os.path.isfile(filesystem_path):
|
||||||
href = attributes.pop()
|
href = attributes.pop()
|
||||||
else:
|
else:
|
||||||
return
|
return
|
||||||
|
else:
|
||||||
|
href = None
|
||||||
|
|
||||||
path = "/".join(attributes)
|
path = "/".join(attributes)
|
||||||
principal = len(attributes) == 1
|
principal = len(attributes) == 1
|
||||||
collection = cls(path, principal)
|
collection = cls(path, principal)
|
||||||
|
|
||||||
if href:
|
if href:
|
||||||
yield collection.get(href)
|
yield collection.get(href)
|
||||||
return
|
return
|
||||||
|
|
||||||
yield collection
|
yield collection
|
||||||
|
|
||||||
if depth == "0":
|
if depth == "0":
|
||||||
return
|
return
|
||||||
|
|
||||||
for item in collection.list():
|
for item in collection.list():
|
||||||
yield collection.get(item[0])
|
yield collection.get(item[0])
|
||||||
|
|
||||||
for href in os.listdir(filesystem_path):
|
for href in os.listdir(filesystem_path):
|
||||||
if not is_safe_filesystem_path_component(href):
|
if not is_safe_filesystem_path_component(href):
|
||||||
cls.logger.debug("Skipping collection: %s", href)
|
cls.logger.debug("Skipping collection: %s", href)
|
||||||
@ -432,7 +463,7 @@ class Collection(BaseCollection):
|
|||||||
def create_collection(cls, href, collection=None, props=None):
|
def create_collection(cls, href, collection=None, props=None):
|
||||||
folder = cls._get_collection_root_folder()
|
folder = cls._get_collection_root_folder()
|
||||||
|
|
||||||
# path should already be sanitized
|
# Path should already be sanitized
|
||||||
sane_path = sanitize_path(href).strip("/")
|
sane_path = sanitize_path(href).strip("/")
|
||||||
attributes = sane_path.split("/")
|
attributes = sane_path.split("/")
|
||||||
if not attributes[0]:
|
if not attributes[0]:
|
||||||
@ -450,28 +481,24 @@ class Collection(BaseCollection):
|
|||||||
|
|
||||||
parent_dir = os.path.dirname(filesystem_path)
|
parent_dir = os.path.dirname(filesystem_path)
|
||||||
os.makedirs(parent_dir, exist_ok=True)
|
os.makedirs(parent_dir, exist_ok=True)
|
||||||
with TemporaryDirectory(prefix=".Radicale.tmp-",
|
|
||||||
dir=parent_dir) as tmp_dir:
|
# Create a temporary directory with an unsafe name
|
||||||
|
with TemporaryDirectory(
|
||||||
|
prefix=".Radicale.tmp-", dir=parent_dir) as tmp_dir:
|
||||||
# The temporary directory itself can't be renamed
|
# The temporary directory itself can't be renamed
|
||||||
tmp_filesystem_path = os.path.join(tmp_dir, "collection")
|
tmp_filesystem_path = os.path.join(tmp_dir, "collection")
|
||||||
os.makedirs(tmp_filesystem_path)
|
os.makedirs(tmp_filesystem_path)
|
||||||
# path is unsafe
|
|
||||||
self = cls("/", principal=principal, folder=tmp_filesystem_path)
|
self = cls("/", principal=principal, folder=tmp_filesystem_path)
|
||||||
self.set_meta(props)
|
self.set_meta(props)
|
||||||
if props.get("tag") == "VCALENDAR":
|
|
||||||
if collection:
|
if collection:
|
||||||
|
if props.get("tag") == "VCALENDAR":
|
||||||
collection, = collection
|
collection, = collection
|
||||||
items = []
|
items = []
|
||||||
for content in ("vevent", "vtodo", "vjournal"):
|
for content in ("vevent", "vtodo", "vjournal"):
|
||||||
items.extend(getattr(collection, "%s_list" % content,
|
items.extend(
|
||||||
[]))
|
getattr(collection, "%s_list" % content, []))
|
||||||
|
items_by_uid = groupby(sorted(items, key=get_uid), get_uid)
|
||||||
def get_uid(item):
|
|
||||||
return hasattr(item, "uid") and item.uid.value
|
|
||||||
|
|
||||||
items_by_uid = groupby(
|
|
||||||
sorted(items, key=get_uid), get_uid)
|
|
||||||
|
|
||||||
for uid, items in items_by_uid:
|
for uid, items in items_by_uid:
|
||||||
new_collection = vobject.iCalendar()
|
new_collection = vobject.iCalendar()
|
||||||
for item in items:
|
for item in items:
|
||||||
@ -479,11 +506,12 @@ class Collection(BaseCollection):
|
|||||||
self.upload(
|
self.upload(
|
||||||
self._find_available_file_name(), new_collection)
|
self._find_available_file_name(), new_collection)
|
||||||
elif props.get("tag") == "VCARD":
|
elif props.get("tag") == "VCARD":
|
||||||
if collection:
|
|
||||||
for card in collection:
|
for card in collection:
|
||||||
self.upload(self._find_available_file_name(), card)
|
self.upload(self._find_available_file_name(), card)
|
||||||
|
|
||||||
os.rename(tmp_filesystem_path, filesystem_path)
|
os.rename(tmp_filesystem_path, filesystem_path)
|
||||||
sync_directory(parent_dir)
|
sync_directory(parent_dir)
|
||||||
|
|
||||||
return cls(sane_path, principal=principal)
|
return cls(sane_path, principal=principal)
|
||||||
|
|
||||||
def list(self):
|
def list(self):
|
||||||
@ -498,7 +526,7 @@ class Collection(BaseCollection):
|
|||||||
continue
|
continue
|
||||||
path = os.path.join(self._filesystem_path, href)
|
path = os.path.join(self._filesystem_path, href)
|
||||||
if os.path.isfile(path):
|
if os.path.isfile(path):
|
||||||
with open(path, encoding=self.storage_encoding) as fd:
|
with open(path, encoding=self.encoding) as fd:
|
||||||
yield href, get_etag(fd.read())
|
yield href, get_etag(fd.read())
|
||||||
|
|
||||||
def get(self, href):
|
def get(self, href):
|
||||||
@ -507,12 +535,12 @@ class Collection(BaseCollection):
|
|||||||
href = href.strip("{}").replace("/", "_")
|
href = href.strip("{}").replace("/", "_")
|
||||||
if not is_safe_filesystem_path_component(href):
|
if not is_safe_filesystem_path_component(href):
|
||||||
self.logger.debug(
|
self.logger.debug(
|
||||||
"Can't tranlate name safely to filesystem: %s", href)
|
"Can't translate name safely to filesystem: %s", href)
|
||||||
return None
|
return None
|
||||||
path = path_to_filesystem(self._filesystem_path, href)
|
path = path_to_filesystem(self._filesystem_path, href)
|
||||||
if not os.path.isfile(path):
|
if not os.path.isfile(path):
|
||||||
return None
|
return None
|
||||||
with open(path, encoding=self.storage_encoding) as fd:
|
with open(path, encoding=self.encoding) as fd:
|
||||||
text = fd.read()
|
text = fd.read()
|
||||||
last_modified = time.strftime(
|
last_modified = time.strftime(
|
||||||
"%a, %d %b %Y %H:%M:%S GMT",
|
"%a, %d %b %Y %H:%M:%S GMT",
|
||||||
@ -525,11 +553,10 @@ class Collection(BaseCollection):
|
|||||||
def upload(self, href, vobject_item):
|
def upload(self, href, vobject_item):
|
||||||
# TODO: use returned object in code
|
# TODO: use returned object in code
|
||||||
if not is_safe_filesystem_path_component(href):
|
if not is_safe_filesystem_path_component(href):
|
||||||
raise ValueError(
|
raise UnsafePathError(href)
|
||||||
"Can't tranlate name safely to filesystem: %s" % href)
|
|
||||||
path = path_to_filesystem(self._filesystem_path, href)
|
path = path_to_filesystem(self._filesystem_path, href)
|
||||||
if os.path.exists(path):
|
if os.path.exists(path):
|
||||||
raise ValueError("Component already exists: %s" % href)
|
raise ComponentExistsError(href)
|
||||||
item = Item(self, vobject_item, href)
|
item = Item(self, vobject_item, href)
|
||||||
with self._atomic_write(path) as fd:
|
with self._atomic_write(path) as fd:
|
||||||
fd.write(item.serialize())
|
fd.write(item.serialize())
|
||||||
@ -539,16 +566,14 @@ class Collection(BaseCollection):
|
|||||||
# TODO: use etag in code and test it here
|
# TODO: use etag in code and test it here
|
||||||
# TODO: use returned object in code
|
# TODO: use returned object in code
|
||||||
if not is_safe_filesystem_path_component(href):
|
if not is_safe_filesystem_path_component(href):
|
||||||
raise ValueError(
|
raise UnsafePathError(href)
|
||||||
"Can't tranlate name safely to filesystem: %s" % href)
|
|
||||||
path = path_to_filesystem(self._filesystem_path, href)
|
path = path_to_filesystem(self._filesystem_path, href)
|
||||||
if not os.path.isfile(path):
|
if not os.path.isfile(path):
|
||||||
raise ValueError("Component doesn't exist: %s" % href)
|
raise ComponentNotFoundError(href)
|
||||||
with open(path, encoding=self.storage_encoding) as fd:
|
with open(path, encoding=self.encoding) as fd:
|
||||||
text = fd.read()
|
text = fd.read()
|
||||||
if etag and etag != get_etag(text):
|
if etag and etag != get_etag(text):
|
||||||
raise ValueError(
|
raise EtagMismatchError(etag, get_etag(text))
|
||||||
"ETag doesn't match: %s != %s" % (etag, get_etag(text)))
|
|
||||||
item = Item(self, vobject_item, href)
|
item = Item(self, vobject_item, href)
|
||||||
with self._atomic_write(path) as fd:
|
with self._atomic_write(path) as fd:
|
||||||
fd.write(item.serialize())
|
fd.write(item.serialize())
|
||||||
@ -564,31 +589,28 @@ class Collection(BaseCollection):
|
|||||||
else:
|
else:
|
||||||
# Delete an item
|
# Delete an item
|
||||||
if not is_safe_filesystem_path_component(href):
|
if not is_safe_filesystem_path_component(href):
|
||||||
raise ValueError(
|
raise UnsafePathError(href)
|
||||||
"Can't tranlate name safely to filesystem: %s" % href)
|
|
||||||
path = path_to_filesystem(self._filesystem_path, href)
|
path = path_to_filesystem(self._filesystem_path, href)
|
||||||
if not os.path.isfile(path):
|
if not os.path.isfile(path):
|
||||||
raise ValueError("Component doesn't exist: %s" % href)
|
raise ComponentNotFoundError(href)
|
||||||
with open(path, encoding=self.storage_encoding) as fd:
|
with open(path, encoding=self.encoding) as fd:
|
||||||
text = fd.read()
|
text = fd.read()
|
||||||
if etag and etag != get_etag(text):
|
if etag and etag != get_etag(text):
|
||||||
raise ValueError(
|
raise EtagMismatchError(etag, get_etag(text))
|
||||||
"ETag doesn't match: %s != %s" % (etag, get_etag(text)))
|
|
||||||
os.remove(path)
|
os.remove(path)
|
||||||
|
|
||||||
def get_meta(self, key):
|
def get_meta(self, key):
|
||||||
if os.path.exists(self._props_path):
|
if os.path.exists(self._props_path):
|
||||||
with open(self._props_path, encoding=self.storage_encoding) as prop:
|
with open(self._props_path, encoding=self.encoding) as prop:
|
||||||
return json.load(prop).get(key)
|
return json.load(prop).get(key)
|
||||||
|
|
||||||
def set_meta(self, props):
|
def set_meta(self, props):
|
||||||
if os.path.exists(self._props_path):
|
if os.path.exists(self._props_path):
|
||||||
with open(self._props_path, encoding=self.storage_encoding) as prop:
|
with open(self._props_path, encoding=self.encoding) as prop:
|
||||||
old_props = json.load(prop)
|
old_props = json.load(prop)
|
||||||
old_props.update(props)
|
old_props.update(props)
|
||||||
props = old_props
|
props = old_props
|
||||||
# filter empty entries
|
props = {key: value for key, value in props.items() if value}
|
||||||
props = {k:v for k,v in props.items() if v}
|
|
||||||
with self._atomic_write(self._props_path, "w+") as prop:
|
with self._atomic_write(self._props_path, "w+") as prop:
|
||||||
json.dump(props, prop)
|
json.dump(props, prop)
|
||||||
|
|
||||||
@ -609,7 +631,7 @@ class Collection(BaseCollection):
|
|||||||
continue
|
continue
|
||||||
path = os.path.join(self._filesystem_path, href)
|
path = os.path.join(self._filesystem_path, href)
|
||||||
if os.path.isfile(path):
|
if os.path.isfile(path):
|
||||||
with open(path, encoding=self.storage_encoding) as fd:
|
with open(path, encoding=self.encoding) as fd:
|
||||||
items.append(vobject.readOne(fd.read()))
|
items.append(vobject.readOne(fd.read()))
|
||||||
if self.get_meta("tag") == "VCALENDAR":
|
if self.get_meta("tag") == "VCALENDAR":
|
||||||
collection = vobject.iCalendar()
|
collection = vobject.iCalendar()
|
||||||
@ -640,13 +662,11 @@ class Collection(BaseCollection):
|
|||||||
else:
|
else:
|
||||||
return not cls._writer and cls._readers == 0
|
return not cls._writer and cls._readers == 0
|
||||||
|
|
||||||
if mode not in ("r", "w"):
|
|
||||||
raise ValueError("Invalid lock mode: %s" % mode)
|
|
||||||
# Use a primitive lock which only works within one process as a
|
# Use a primitive lock which only works within one process as a
|
||||||
# precondition for inter-process file-based locking
|
# precondition for inter-process file-based locking
|
||||||
with cls._lock:
|
with cls._lock:
|
||||||
if cls._waiters or not condition():
|
if cls._waiters or not condition():
|
||||||
# use FIFO for access requests
|
# Use FIFO for access requests
|
||||||
waiter = threading.Condition(lock=cls._lock)
|
waiter = threading.Condition(lock=cls._lock)
|
||||||
cls._waiters.append(waiter)
|
cls._waiters.append(waiter)
|
||||||
while True:
|
while True:
|
||||||
@ -656,7 +676,7 @@ class Collection(BaseCollection):
|
|||||||
cls._waiters.pop(0)
|
cls._waiters.pop(0)
|
||||||
if mode == "r":
|
if mode == "r":
|
||||||
cls._readers += 1
|
cls._readers += 1
|
||||||
# notify additional potential readers
|
# Notify additional potential readers
|
||||||
if cls._waiters:
|
if cls._waiters:
|
||||||
cls._waiters[0].notify()
|
cls._waiters[0].notify()
|
||||||
else:
|
else:
|
||||||
@ -668,7 +688,7 @@ class Collection(BaseCollection):
|
|||||||
os.makedirs(folder, exist_ok=True)
|
os.makedirs(folder, exist_ok=True)
|
||||||
lock_path = os.path.join(folder, ".Radicale.lock")
|
lock_path = os.path.join(folder, ".Radicale.lock")
|
||||||
cls._lock_file = open(lock_path, "w+")
|
cls._lock_file = open(lock_path, "w+")
|
||||||
# set access rights to a necessary minimum to prevent locking
|
# Set access rights to a necessary minimum to prevent locking
|
||||||
# by arbitrary users
|
# by arbitrary users
|
||||||
try:
|
try:
|
||||||
os.chmod(lock_path, stat.S_IWUSR | stat.S_IRUSR)
|
os.chmod(lock_path, stat.S_IWUSR | stat.S_IRUSR)
|
||||||
|
@ -30,11 +30,13 @@ import re
|
|||||||
import xml.etree.ElementTree as ET
|
import xml.etree.ElementTree as ET
|
||||||
from collections import OrderedDict
|
from collections import OrderedDict
|
||||||
from datetime import datetime, timedelta, timezone
|
from datetime import datetime, timedelta, timezone
|
||||||
|
from http import client
|
||||||
from urllib.parse import unquote, urlparse
|
from urllib.parse import unquote, urlparse
|
||||||
|
|
||||||
import vobject
|
|
||||||
|
|
||||||
from . import client, storage
|
MIMETYPES = {
|
||||||
|
"VADDRESSBOOK": "text/vcard",
|
||||||
|
"VCALENDAR": "text/calendar"}
|
||||||
|
|
||||||
NAMESPACES = {
|
NAMESPACES = {
|
||||||
"C": "urn:ietf:params:xml:ns:caldav",
|
"C": "urn:ietf:params:xml:ns:caldav",
|
||||||
@ -44,21 +46,12 @@ NAMESPACES = {
|
|||||||
"ICAL": "http://apple.com/ns/ical/",
|
"ICAL": "http://apple.com/ns/ical/",
|
||||||
"ME": "http://me.com/_namespace/"}
|
"ME": "http://me.com/_namespace/"}
|
||||||
|
|
||||||
|
|
||||||
NAMESPACES_REV = {}
|
NAMESPACES_REV = {}
|
||||||
|
|
||||||
|
|
||||||
for short, url in NAMESPACES.items():
|
for short, url in NAMESPACES.items():
|
||||||
NAMESPACES_REV[url] = short
|
NAMESPACES_REV[url] = short
|
||||||
ET.register_namespace("" if short == "D" else short, url)
|
ET.register_namespace("" if short == "D" else short, url)
|
||||||
|
|
||||||
|
CLARK_TAG_REGEX = re.compile(r" {(?P<namespace>[^}]*)}(?P<tag>.*)", re.VERBOSE)
|
||||||
CLARK_TAG_REGEX = re.compile(r"""
|
|
||||||
{ # {
|
|
||||||
(?P<namespace>[^}]*) # namespace URL
|
|
||||||
} # }
|
|
||||||
(?P<tag>.*) # short tag name
|
|
||||||
""", re.VERBOSE)
|
|
||||||
|
|
||||||
|
|
||||||
def _pretty_xml(element, level=0):
|
def _pretty_xml(element, level=0):
|
||||||
@ -430,7 +423,7 @@ def name_from_path(path, collection):
|
|||||||
collection_parts = collection_path.split("/") if collection_path else []
|
collection_parts = collection_path.split("/") if collection_path else []
|
||||||
path = path.strip("/")
|
path = path.strip("/")
|
||||||
path_parts = path.split("/") if path else []
|
path_parts = path.split("/") if path else []
|
||||||
if (len(path_parts) - len(collection_parts)):
|
if len(path_parts) - len(collection_parts):
|
||||||
return path_parts[-1]
|
return path_parts[-1]
|
||||||
|
|
||||||
|
|
||||||
@ -479,7 +472,7 @@ def delete(path, collection, href=None):
|
|||||||
|
|
||||||
"""
|
"""
|
||||||
collection.delete(href)
|
collection.delete(href)
|
||||||
# Writing answer
|
|
||||||
multistatus = ET.Element(_tag("D", "multistatus"))
|
multistatus = ET.Element(_tag("D", "multistatus"))
|
||||||
response = ET.Element(_tag("D", "response"))
|
response = ET.Element(_tag("D", "response"))
|
||||||
multistatus.append(response)
|
multistatus.append(response)
|
||||||
@ -504,12 +497,12 @@ def propfind(path, xml_request, read_collections, write_collections, user):
|
|||||||
in the output.
|
in the output.
|
||||||
|
|
||||||
"""
|
"""
|
||||||
# Reading request
|
|
||||||
if xml_request:
|
if xml_request:
|
||||||
root = ET.fromstring(xml_request.encode("utf8"))
|
root = ET.fromstring(xml_request.encode("utf8"))
|
||||||
props = [prop.tag for prop in root.find(_tag("D", "prop"))]
|
props = [prop.tag for prop in root.find(_tag("D", "prop"))]
|
||||||
else:
|
else:
|
||||||
props = [_tag("D", "getcontenttype"),
|
props = [
|
||||||
|
_tag("D", "getcontenttype"),
|
||||||
_tag("D", "resourcetype"),
|
_tag("D", "resourcetype"),
|
||||||
_tag("D", "displayname"),
|
_tag("D", "displayname"),
|
||||||
_tag("D", "owner"),
|
_tag("D", "owner"),
|
||||||
@ -517,9 +510,7 @@ def propfind(path, xml_request, read_collections, write_collections, user):
|
|||||||
_tag("ICAL", "calendar-color"),
|
_tag("ICAL", "calendar-color"),
|
||||||
_tag("CS", "getctag")]
|
_tag("CS", "getctag")]
|
||||||
|
|
||||||
# Writing answer
|
|
||||||
multistatus = ET.Element(_tag("D", "multistatus"))
|
multistatus = ET.Element(_tag("D", "multistatus"))
|
||||||
|
|
||||||
collections = []
|
collections = []
|
||||||
for collection in write_collections:
|
for collection in write_collections:
|
||||||
collections.append(collection)
|
collections.append(collection)
|
||||||
@ -603,7 +594,8 @@ def _propfind_response(path, item, props, user, write=False):
|
|||||||
element.append(comp)
|
element.append(comp)
|
||||||
else:
|
else:
|
||||||
is404 = True
|
is404 = True
|
||||||
elif tag in (_tag("D", "current-user-principal"),
|
elif tag in (
|
||||||
|
_tag("D", "current-user-principal"),
|
||||||
_tag("C", "calendar-user-address-set"),
|
_tag("C", "calendar-user-address-set"),
|
||||||
_tag("CR", "addressbook-home-set"),
|
_tag("CR", "addressbook-home-set"),
|
||||||
_tag("C", "calendar-home-set")):
|
_tag("C", "calendar-home-set")):
|
||||||
@ -632,7 +624,7 @@ def _propfind_response(path, item, props, user, write=False):
|
|||||||
if tag == _tag("D", "getcontenttype"):
|
if tag == _tag("D", "getcontenttype"):
|
||||||
item_tag = item.get_meta("tag")
|
item_tag = item.get_meta("tag")
|
||||||
if item_tag:
|
if item_tag:
|
||||||
element.text = storage.MIMETYPES[item_tag]
|
element.text = MIMETYPES[item_tag]
|
||||||
else:
|
else:
|
||||||
is404 = True
|
is404 = True
|
||||||
elif tag == _tag("D", "resourcetype"):
|
elif tag == _tag("D", "resourcetype"):
|
||||||
@ -717,10 +709,7 @@ def _add_propstat_to(element, tag, status_number):
|
|||||||
prop = ET.Element(_tag("D", "prop"))
|
prop = ET.Element(_tag("D", "prop"))
|
||||||
propstat.append(prop)
|
propstat.append(prop)
|
||||||
|
|
||||||
if "{" in tag:
|
clark_tag = tag if "{" in tag else _tag(*tag.split(":", 1))
|
||||||
clark_tag = tag
|
|
||||||
else:
|
|
||||||
clark_tag = _tag(*tag.split(":", 1))
|
|
||||||
prop_tag = ET.Element(clark_tag)
|
prop_tag = ET.Element(clark_tag)
|
||||||
prop.append(prop_tag)
|
prop.append(prop_tag)
|
||||||
|
|
||||||
@ -735,14 +724,11 @@ def proppatch(path, xml_request, collection):
|
|||||||
Read rfc4918-9.2 for info.
|
Read rfc4918-9.2 for info.
|
||||||
|
|
||||||
"""
|
"""
|
||||||
# Reading request
|
|
||||||
root = ET.fromstring(xml_request.encode("utf8"))
|
root = ET.fromstring(xml_request.encode("utf8"))
|
||||||
props_to_set = props_from_request(root, actions=("set",))
|
props_to_set = props_from_request(root, actions=("set",))
|
||||||
props_to_remove = props_from_request(root, actions=("remove",))
|
props_to_remove = props_from_request(root, actions=("remove",))
|
||||||
|
|
||||||
# Writing answer
|
|
||||||
multistatus = ET.Element(_tag("D", "multistatus"))
|
multistatus = ET.Element(_tag("D", "multistatus"))
|
||||||
|
|
||||||
response = ET.Element(_tag("D", "response"))
|
response = ET.Element(_tag("D", "response"))
|
||||||
multistatus.append(response)
|
multistatus.append(response)
|
||||||
|
|
||||||
@ -750,11 +736,8 @@ def proppatch(path, xml_request, collection):
|
|||||||
href.text = _href(collection, path)
|
href.text = _href(collection, path)
|
||||||
response.append(href)
|
response.append(href)
|
||||||
|
|
||||||
# Merge props_to_set and props_to_remove
|
|
||||||
for short_name in props_to_remove:
|
for short_name in props_to_remove:
|
||||||
props_to_set[short_name] = ""
|
props_to_set[short_name] = ""
|
||||||
|
|
||||||
# Set/Delete props in one atomic operation
|
|
||||||
collection.set_meta(props_to_set)
|
collection.set_meta(props_to_set)
|
||||||
|
|
||||||
for short_name in props_to_set:
|
for short_name in props_to_set:
|
||||||
@ -769,16 +752,15 @@ def report(path, xml_request, collection):
|
|||||||
Read rfc3253-3.6 for info.
|
Read rfc3253-3.6 for info.
|
||||||
|
|
||||||
"""
|
"""
|
||||||
# Reading request
|
|
||||||
root = ET.fromstring(xml_request.encode("utf8"))
|
root = ET.fromstring(xml_request.encode("utf8"))
|
||||||
|
|
||||||
prop_element = root.find(_tag("D", "prop"))
|
prop_element = root.find(_tag("D", "prop"))
|
||||||
props = (
|
props = (
|
||||||
[prop.tag for prop in prop_element]
|
[prop.tag for prop in prop_element]
|
||||||
if prop_element is not None else [])
|
if prop_element is not None else [])
|
||||||
|
|
||||||
if collection:
|
if collection:
|
||||||
if root.tag in (_tag("C", "calendar-multiget"),
|
if root.tag in (
|
||||||
|
_tag("C", "calendar-multiget"),
|
||||||
_tag("CR", "addressbook-multiget")):
|
_tag("CR", "addressbook-multiget")):
|
||||||
# Read rfc4791-7.9 for info
|
# Read rfc4791-7.9 for info
|
||||||
base_prefix = collection.configuration.get("server", "base_prefix")
|
base_prefix = collection.configuration.get("server", "base_prefix")
|
||||||
@ -795,24 +777,19 @@ def report(path, xml_request, collection):
|
|||||||
else:
|
else:
|
||||||
hreferences = filters = ()
|
hreferences = filters = ()
|
||||||
|
|
||||||
# Writing answer
|
|
||||||
multistatus = ET.Element(_tag("D", "multistatus"))
|
multistatus = ET.Element(_tag("D", "multistatus"))
|
||||||
|
|
||||||
for hreference in hreferences:
|
for hreference in hreferences:
|
||||||
# Check if the reference is an item or a collection
|
|
||||||
name = name_from_path(hreference, collection)
|
name = name_from_path(hreference, collection)
|
||||||
|
|
||||||
if name:
|
if name:
|
||||||
# Reference is an item
|
# Reference is an item
|
||||||
path = "/".join(hreference.split("/")[:-1]) + "/"
|
path = "/".join(hreference.split("/")[:-1]) + "/"
|
||||||
item = collection.get(name)
|
item = collection.get(name)
|
||||||
if item is None:
|
if item is None:
|
||||||
multistatus.append(
|
response = _item_response(hreference, found_item=False)
|
||||||
_item_response(hreference, found_item=False))
|
multistatus.append(response)
|
||||||
continue
|
continue
|
||||||
|
|
||||||
items = [item]
|
items = [item]
|
||||||
|
|
||||||
else:
|
else:
|
||||||
# Reference is a collection
|
# Reference is a collection
|
||||||
path = hreference
|
path = hreference
|
||||||
@ -840,7 +817,8 @@ def report(path, xml_request, collection):
|
|||||||
"text/vcard" if name == "vcard" else "text/calendar")
|
"text/vcard" if name == "vcard" else "text/calendar")
|
||||||
element.text = "%s; component=%s" % (mimetype, name)
|
element.text = "%s; component=%s" % (mimetype, name)
|
||||||
found_props.append(element)
|
found_props.append(element)
|
||||||
elif tag in (_tag("C", "calendar-data"),
|
elif tag in (
|
||||||
|
_tag("C", "calendar-data"),
|
||||||
_tag("CR", "address-data")):
|
_tag("CR", "address-data")):
|
||||||
element.text = item.serialize()
|
element.text = item.serialize()
|
||||||
found_props.append(element)
|
found_props.append(element)
|
||||||
@ -869,25 +847,15 @@ def _item_response(href, found_props=(), not_found_props=(), found_item=True):
|
|||||||
response.append(href_tag)
|
response.append(href_tag)
|
||||||
|
|
||||||
if found_item:
|
if found_item:
|
||||||
if found_props:
|
for code, props in ((200, found_props), (404, not_found_props)):
|
||||||
|
if props:
|
||||||
propstat = ET.Element(_tag("D", "propstat"))
|
propstat = ET.Element(_tag("D", "propstat"))
|
||||||
status = ET.Element(_tag("D", "status"))
|
status = ET.Element(_tag("D", "status"))
|
||||||
status.text = _response(200)
|
status.text = _response(code)
|
||||||
prop = ET.Element(_tag("D", "prop"))
|
prop_tag = ET.Element(_tag("D", "prop"))
|
||||||
for p in found_props:
|
for prop in props:
|
||||||
prop.append(p)
|
prop_tag.append(prop)
|
||||||
propstat.append(prop)
|
propstat.append(prop_tag)
|
||||||
propstat.append(status)
|
|
||||||
response.append(propstat)
|
|
||||||
|
|
||||||
if not_found_props:
|
|
||||||
propstat = ET.Element(_tag("D", "propstat"))
|
|
||||||
status = ET.Element(_tag("D", "status"))
|
|
||||||
status.text = _response(404)
|
|
||||||
prop = ET.Element(_tag("D", "prop"))
|
|
||||||
for p in not_found_props:
|
|
||||||
prop.append(p)
|
|
||||||
propstat.append(prop)
|
|
||||||
propstat.append(status)
|
propstat.append(status)
|
||||||
response.append(propstat)
|
response.append(propstat)
|
||||||
else:
|
else:
|
||||||
|
Loading…
x
Reference in New Issue
Block a user