Merge pull request #93 from hovel/master
Custom handlers for auth and storage, simplified tests structure, added rights management backends
This commit is contained in:
commit
a4a2c7e206
17
config
17
config
@ -47,9 +47,12 @@ stock = utf-8
|
||||
|
||||
[auth]
|
||||
# Authentication method
|
||||
# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http
|
||||
# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http | custom
|
||||
type = None
|
||||
|
||||
# custom auth handler
|
||||
custom_handler =
|
||||
|
||||
# Htpasswd filename
|
||||
htpasswd_filename = /etc/radicale/users
|
||||
# Htpasswd encryption method
|
||||
@ -100,19 +103,29 @@ committer = Firstname Lastname <Radicale@Radicale.org>
|
||||
|
||||
|
||||
[rights]
|
||||
# Rights backend
|
||||
# Value: regex | custom
|
||||
backend = regex
|
||||
|
||||
# Rights management method
|
||||
# Value: None | owner_only | owner_write | from_file
|
||||
type = None
|
||||
|
||||
# Rights custom handler
|
||||
custom_handler =
|
||||
|
||||
# File for rights management from_file
|
||||
file = ~/.config/radicale/rights
|
||||
|
||||
|
||||
[storage]
|
||||
# Storage backend
|
||||
# Value: filesystem | multifilesystem | database
|
||||
# Value: filesystem | multifilesystem | database | custom
|
||||
type = filesystem
|
||||
|
||||
# Custom storage handler
|
||||
custom_handler =
|
||||
|
||||
# Folder for storing local collections, created if not present
|
||||
filesystem_folder = ~/.config/radicale/collections
|
||||
|
||||
|
@ -127,6 +127,7 @@ class Application(object):
|
||||
super(Application, self).__init__()
|
||||
auth.load()
|
||||
storage.load()
|
||||
rights.load()
|
||||
self.encoding = config.get("encoding", "request")
|
||||
if config.getboolean("logging", "full_environment"):
|
||||
self.headers_log = lambda environ: environ
|
||||
|
@ -34,6 +34,10 @@ def load():
|
||||
log.LOGGER.debug("Authentication type is %s" % auth_type)
|
||||
if auth_type == "None":
|
||||
return None
|
||||
elif auth_type == 'custom':
|
||||
auth_module = config.get("auth", "custom_handler")
|
||||
__import__(auth_module)
|
||||
module = sys.modules[auth_module]
|
||||
else:
|
||||
root_module = __import__(
|
||||
"auth.%s" % auth_type, globals=globals(), level=2)
|
||||
|
@ -55,6 +55,7 @@ INITIAL_CONFIG = {
|
||||
"stock": "utf-8"},
|
||||
"auth": {
|
||||
"type": "None",
|
||||
"custom_handler": "",
|
||||
"htpasswd_filename": "/etc/radicale/users",
|
||||
"htpasswd_encryption": "crypt",
|
||||
"imap_hostname": "localhost",
|
||||
@ -75,10 +76,13 @@ INITIAL_CONFIG = {
|
||||
"git": {
|
||||
"committer": "Radicale <radicale@example.com>"},
|
||||
"rights": {
|
||||
"backend": "regex",
|
||||
"type": "None",
|
||||
"custom_handler": "",
|
||||
"file": "~/.config/radicale/rights"},
|
||||
"storage": {
|
||||
"type": "filesystem",
|
||||
"custom_handler": "",
|
||||
"filesystem_folder": os.path.expanduser(
|
||||
"~/.config/radicale/collections"),
|
||||
"database_url": ""},
|
||||
|
50
radicale/rights/__init__.py
Normal file
50
radicale/rights/__init__.py
Normal file
@ -0,0 +1,50 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# This file is part of Radicale Server - Calendar Server
|
||||
# Copyright © 2012-2013 Guillaume Ayoub
|
||||
#
|
||||
# This library is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This library is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Radicale. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
"""
|
||||
Rights backends.
|
||||
|
||||
This module loads the rights backend, according to the rights
|
||||
configuration.
|
||||
|
||||
"""
|
||||
import sys
|
||||
|
||||
from .. import config
|
||||
|
||||
|
||||
def load():
|
||||
"""Load list of available storage managers."""
|
||||
storage_type = config.get("rights", "backend")
|
||||
if storage_type == 'custom':
|
||||
rights_module = config.get("rights", "custom_handler")
|
||||
__import__(rights_module)
|
||||
module = sys.modules[rights_module]
|
||||
else:
|
||||
root_module = __import__(
|
||||
"rights.%s" % storage_type, globals=globals(), level=2)
|
||||
module = getattr(root_module, storage_type)
|
||||
sys.modules[__name__].authorized = module.authorized
|
||||
return module
|
||||
|
||||
|
||||
def authorized(user, collection, right):
|
||||
""" Check when user has rights on collection
|
||||
This method is overriden when appropriate rights backend loaded.
|
||||
"""
|
||||
raise NotImplementedError()
|
@ -38,7 +38,7 @@ Leading or ending slashes are trimmed from collection's path.
|
||||
import re
|
||||
import os.path
|
||||
|
||||
from . import config, log
|
||||
from .. import config, log
|
||||
|
||||
# Manage Python2/3 different modules
|
||||
# pylint: disable=F0401
|
@ -23,13 +23,18 @@ This module loads the storage backend, according to the storage
|
||||
configuration.
|
||||
|
||||
"""
|
||||
|
||||
import sys
|
||||
from .. import config, ical
|
||||
|
||||
|
||||
def load():
|
||||
"""Load list of available storage managers."""
|
||||
storage_type = config.get("storage", "type")
|
||||
if storage_type == "custom":
|
||||
storage_module = config.get("storage", "custom_handler")
|
||||
__import__(storage_module)
|
||||
module = sys.modules[storage_module]
|
||||
else:
|
||||
root_module = __import__(
|
||||
"storage.%s" % storage_type, globals=globals(), level=2)
|
||||
module = getattr(root_module, storage_type)
|
||||
|
2
setup.py
2
setup.py
@ -54,7 +54,7 @@ setup(
|
||||
"Radicale-%s.tar.gz" % radicale.VERSION),
|
||||
license="GNU GPL v3",
|
||||
platforms="Any",
|
||||
packages=["radicale", "radicale.auth", "radicale.storage"],
|
||||
packages=["radicale", "radicale.auth", "radicale.storage", "radicale.rights"],
|
||||
provides=["radicale"],
|
||||
scripts=["bin/radicale"],
|
||||
keywords=["calendar", "addressbook", "CalDAV", "CardDAV"],
|
||||
|
@ -21,27 +21,16 @@ Tests for Radicale.
|
||||
|
||||
"""
|
||||
|
||||
import base64
|
||||
import hashlib
|
||||
import os
|
||||
import shutil
|
||||
import sys
|
||||
import tempfile
|
||||
from dulwich.repo import Repo
|
||||
from io import BytesIO
|
||||
|
||||
sys.path.insert(0, os.path.dirname(os.path.dirname(__file__)))
|
||||
|
||||
import radicale
|
||||
|
||||
os.environ["RADICALE_CONFIG"] = os.path.join(os.path.dirname(
|
||||
os.path.dirname(__file__)), "config")
|
||||
|
||||
from radicale import config
|
||||
from radicale.auth import htpasswd
|
||||
from .helpers import get_file_content
|
||||
from sqlalchemy.orm import sessionmaker
|
||||
from sqlalchemy import create_engine
|
||||
|
||||
|
||||
class BaseTest(object):
|
||||
@ -73,73 +62,3 @@ class BaseTest(object):
|
||||
"""Put the response values into the current application."""
|
||||
self.application._status = status
|
||||
self.application._headers = headers
|
||||
|
||||
|
||||
class FileSystem(BaseTest):
|
||||
"""Base class for filesystem tests."""
|
||||
storage_type = "filesystem"
|
||||
|
||||
def setup(self):
|
||||
"""Setup function for each test."""
|
||||
self.colpath = tempfile.mkdtemp()
|
||||
config.set("storage", "type", self.storage_type)
|
||||
from radicale.storage import filesystem
|
||||
filesystem.FOLDER = self.colpath
|
||||
filesystem.GIT_REPOSITORY = None
|
||||
self.application = radicale.Application()
|
||||
|
||||
def teardown(self):
|
||||
"""Teardown function for each test."""
|
||||
shutil.rmtree(self.colpath)
|
||||
|
||||
|
||||
class MultiFileSystem(FileSystem):
|
||||
"""Base class for multifilesystem tests."""
|
||||
storage_type = "multifilesystem"
|
||||
|
||||
|
||||
class DataBaseSystem(BaseTest):
|
||||
"""Base class for database tests"""
|
||||
def setup(self):
|
||||
config.set("storage", "type", "database")
|
||||
config.set("storage", "database_url", "sqlite://")
|
||||
from radicale.storage import database
|
||||
database.Session = sessionmaker()
|
||||
database.Session.configure(bind=create_engine("sqlite://"))
|
||||
session = database.Session()
|
||||
for st in get_file_content("schema.sql").split(";"):
|
||||
session.execute(st)
|
||||
session.commit()
|
||||
self.application = radicale.Application()
|
||||
|
||||
|
||||
class GitFileSystem(FileSystem):
|
||||
"""Base class for filesystem tests using Git"""
|
||||
def setup(self):
|
||||
super(GitFileSystem, self).setup()
|
||||
Repo.init(self.colpath)
|
||||
from radicale.storage import filesystem
|
||||
filesystem.GIT_REPOSITORY = Repo(self.colpath)
|
||||
|
||||
|
||||
class GitMultiFileSystem(GitFileSystem, MultiFileSystem):
|
||||
"""Base class for multifilesystem tests using Git"""
|
||||
|
||||
|
||||
class HtpasswdAuthSystem(BaseTest):
|
||||
"""Base class to test Radicale with Htpasswd authentication"""
|
||||
def setup(self):
|
||||
self.colpath = tempfile.mkdtemp()
|
||||
htpasswd_file_path = os.path.join(self.colpath, ".htpasswd")
|
||||
with open(htpasswd_file_path, "wb") as fd:
|
||||
fd.write(b"tmp:{SHA}" + base64.b64encode(
|
||||
hashlib.sha1(b"bepo").digest()))
|
||||
config.set("auth", "type", "htpasswd")
|
||||
self.userpass = "dG1wOmJlcG8="
|
||||
self.application = radicale.Application()
|
||||
htpasswd.FILENAME = htpasswd_file_path
|
||||
htpasswd.ENCRYPTION = "sha1"
|
||||
|
||||
def teardown(self):
|
||||
config.set("auth", "type", "None")
|
||||
radicale.auth.is_authenticated = lambda *_: True
|
||||
|
1
tests/custom/__init__.py
Normal file
1
tests/custom/__init__.py
Normal file
@ -0,0 +1 @@
|
||||
# coding=utf-8
|
30
tests/custom/auth.py
Normal file
30
tests/custom/auth.py
Normal file
@ -0,0 +1,30 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# This file is part of Radicale Server - Calendar Server
|
||||
# Copyright © 2008 Nicolas Kandel
|
||||
# Copyright © 2008 Pascal Halter
|
||||
# Copyright © 2008-2013 Guillaume Ayoub
|
||||
#
|
||||
# This library is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This library is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Radicale. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
"""
|
||||
Custom authentication.
|
||||
|
||||
Just check username for testing
|
||||
|
||||
"""
|
||||
|
||||
|
||||
def is_authenticated(user, password):
|
||||
return user == 'tmp'
|
30
tests/custom/storage.py
Normal file
30
tests/custom/storage.py
Normal file
@ -0,0 +1,30 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# This file is part of Radicale Server - Calendar Server
|
||||
# Copyright © 2012-2013 Guillaume Ayoub
|
||||
#
|
||||
# This library is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This library is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Radicale. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
"""
|
||||
Custom storage backend.
|
||||
|
||||
Copy of filesystem storage backend for testing
|
||||
|
||||
"""
|
||||
|
||||
from radicale.storage import filesystem
|
||||
|
||||
|
||||
class Collection(filesystem.Collection):
|
||||
"""Collection stored in a flat ical file."""
|
@ -22,22 +22,52 @@ Radicale tests with simple requests and authentication.
|
||||
|
||||
"""
|
||||
|
||||
from nose import with_setup
|
||||
from . import HtpasswdAuthSystem
|
||||
import base64
|
||||
import hashlib
|
||||
import os
|
||||
import radicale
|
||||
import tempfile
|
||||
from radicale import config
|
||||
from radicale.auth import htpasswd
|
||||
from tests import BaseTest
|
||||
|
||||
|
||||
class TestBaseAuthRequests(HtpasswdAuthSystem):
|
||||
class TestBaseAuthRequests(BaseTest):
|
||||
"""
|
||||
Tests basic requests with auth.
|
||||
|
||||
..note Only htpasswd works at the moment since
|
||||
it requires to spawn processes running servers for
|
||||
others auth methods (ldap).
|
||||
We should setup auth for each type before create Application object
|
||||
"""
|
||||
|
||||
@with_setup(HtpasswdAuthSystem.setup, HtpasswdAuthSystem.teardown)
|
||||
def setup(self):
|
||||
self.userpass = "dG1wOmJlcG8="
|
||||
|
||||
def teardown(self):
|
||||
config.set("auth", "type", "None")
|
||||
radicale.auth.is_authenticated = lambda *_: True
|
||||
|
||||
def test_root(self):
|
||||
"""Tests a GET request at "/"."""
|
||||
self.colpath = tempfile.mkdtemp()
|
||||
htpasswd_file_path = os.path.join(self.colpath, ".htpasswd")
|
||||
with open(htpasswd_file_path, "wb") as fd:
|
||||
fd.write(b"tmp:{SHA}" + base64.b64encode(
|
||||
hashlib.sha1(b"bepo").digest()))
|
||||
config.set("auth", "type", "htpasswd")
|
||||
|
||||
htpasswd.FILENAME = htpasswd_file_path
|
||||
htpasswd.ENCRYPTION = "sha1"
|
||||
|
||||
self.application = radicale.Application()
|
||||
|
||||
status, headers, answer = self.request(
|
||||
"GET", "/", HTTP_AUTHORIZATION=self.userpass)
|
||||
assert status == 200
|
||||
assert "Radicale works!" in answer
|
||||
|
||||
def test_custom(self):
|
||||
config.set("auth", "type", "custom")
|
||||
config.set("auth", "custom_handler", "tests.custom.auth")
|
||||
self.application = radicale.Application()
|
||||
status, headers, answer = self.request(
|
||||
"GET", "/", HTTP_AUTHORIZATION=self.userpass)
|
||||
assert status == 200
|
||||
|
@ -21,10 +21,15 @@ Radicale tests with simple requests.
|
||||
|
||||
"""
|
||||
|
||||
from . import (FileSystem, MultiFileSystem, DataBaseSystem,
|
||||
GitFileSystem, GitMultiFileSystem)
|
||||
from .helpers import get_file_content
|
||||
import sys
|
||||
import radicale
|
||||
import shutil
|
||||
import tempfile
|
||||
from dulwich.repo import Repo
|
||||
from radicale import config
|
||||
from sqlalchemy.orm import sessionmaker
|
||||
from sqlalchemy import create_engine
|
||||
from tests import BaseTest
|
||||
|
||||
|
||||
class BaseRequests(object):
|
||||
@ -81,10 +86,72 @@ class BaseRequests(object):
|
||||
status, headers, answer = self.request("GET", "/calendar.ics/")
|
||||
assert "VEVENT" not in answer
|
||||
|
||||
# Generate classes with different configs
|
||||
cl_list = [FileSystem, MultiFileSystem, DataBaseSystem,
|
||||
GitFileSystem, GitMultiFileSystem]
|
||||
for cl in cl_list:
|
||||
classname = "Test%s" % cl.__name__
|
||||
setattr(sys.modules[__name__],
|
||||
classname, type(classname, (BaseRequests, cl), {}))
|
||||
|
||||
class TestFileSystem(BaseRequests, BaseTest):
|
||||
"""Base class for filesystem tests."""
|
||||
storage_type = "filesystem"
|
||||
|
||||
def setup(self):
|
||||
"""Setup function for each test."""
|
||||
self.colpath = tempfile.mkdtemp()
|
||||
config.set("storage", "type", self.storage_type)
|
||||
from radicale.storage import filesystem
|
||||
filesystem.FOLDER = self.colpath
|
||||
filesystem.GIT_REPOSITORY = None
|
||||
self.application = radicale.Application()
|
||||
|
||||
def teardown(self):
|
||||
"""Teardown function for each test."""
|
||||
shutil.rmtree(self.colpath)
|
||||
|
||||
|
||||
class TestMultiFileSystem(TestFileSystem):
|
||||
"""Base class for multifilesystem tests."""
|
||||
storage_type = "multifilesystem"
|
||||
|
||||
|
||||
class TestDataBaseSystem(BaseRequests, BaseTest):
|
||||
"""Base class for database tests"""
|
||||
def setup(self):
|
||||
config.set("storage", "type", "database")
|
||||
config.set("storage", "database_url", "sqlite://")
|
||||
from radicale.storage import database
|
||||
database.Session = sessionmaker()
|
||||
database.Session.configure(bind=create_engine("sqlite://"))
|
||||
session = database.Session()
|
||||
for st in get_file_content("schema.sql").split(";"):
|
||||
session.execute(st)
|
||||
session.commit()
|
||||
self.application = radicale.Application()
|
||||
|
||||
|
||||
class TestGitFileSystem(TestFileSystem):
|
||||
"""Base class for filesystem tests using Git"""
|
||||
def setup(self):
|
||||
super(TestGitFileSystem, self).setup()
|
||||
Repo.init(self.colpath)
|
||||
from radicale.storage import filesystem
|
||||
filesystem.GIT_REPOSITORY = Repo(self.colpath)
|
||||
|
||||
|
||||
class TestGitMultiFileSystem(TestGitFileSystem, TestMultiFileSystem):
|
||||
"""Base class for multifilesystem tests using Git"""
|
||||
|
||||
|
||||
class TestCustomStorageSystem(BaseRequests, BaseTest):
|
||||
"""Base class for custom backend tests."""
|
||||
storage_type = "custom"
|
||||
|
||||
def setup(self):
|
||||
"""Setup function for each test."""
|
||||
self.colpath = tempfile.mkdtemp()
|
||||
config.set("storage", "type", self.storage_type)
|
||||
config.set("storage", "custom_handler", "tests.custom.storage")
|
||||
from tests.custom import storage
|
||||
storage.FOLDER = self.colpath
|
||||
storage.GIT_REPOSITORY = None
|
||||
self.application = radicale.Application()
|
||||
|
||||
def teardown(self):
|
||||
"""Teardown function for each test."""
|
||||
shutil.rmtree(self.colpath)
|
Loading…
x
Reference in New Issue
Block a user