tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add support for personal calendars, available only for owner.

Browse Source
This commit is contained in:
Guillaume Ayoub 2010-07-03 16:27:48 +02:00
parent 666e7034a0
commit bd5b345017
3 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
radicale/__init__.py
View File

@ -53,18 +53,17 @@ VERSION = "git"
def _check(request, function): def _check(request, function):
"""Check if user has sufficient rights for performing ``request``.""" """Check if user has sufficient rights for performing ``request``."""
# ``_check`` decorator can access ``request`` protected functions
# pylint: disable=W0212
authorization = request.headers.get("Authorization", None) authorization = request.headers.get("Authorization", None)
if authorization: if authorization:
challenge = authorization.lstrip("Basic").strip().encode("ascii") challenge = authorization.lstrip("Basic").strip().encode("ascii")
# ``_check`` decorator can access ``request`` protected functions
# pylint: disable=W0212
plain = request._decode(base64.b64decode(challenge)) plain = request._decode(base64.b64decode(challenge))
# pylint: enable=W0212
user, password = plain.split(":") user, password = plain.split(":")
else: else:
user = password = None user = password = None
if request.server.acl.has_right(user, password): if request.server.acl.has_right(request._calendar.owner, user, password):
function(request) function(request)
else: else:
request.send_response(client.UNAUTHORIZED) request.send_response(client.UNAUTHORIZED)
@ -72,6 +71,7 @@ def _check(request, function):
"WWW-Authenticate", "WWW-Authenticate",
"Basic realm=\"Radicale Server - Password Required\"") "Basic realm=\"Radicale Server - Password Required\"")
request.end_headers() request.end_headers()
# pylint: enable=W0212
class HTTPServer(server.HTTPServer): class HTTPServer(server.HTTPServer):

5
radicale/acl/htpasswd.py
View File

@ -54,15 +54,16 @@ def _sha1(hash_value, password):
return sha1.digest() == base64.b64decode(hash_value) return sha1.digest() == base64.b64decode(hash_value)
def has_right(user, password): def has_right(owner, user, password):
"""Check if ``user``/``password`` couple is valid.""" """Check if ``user``/``password`` couple is valid."""
for line in open(FILENAME).readlines(): for line in open(FILENAME).readlines():
if line.strip(): if line.strip():
login, hash_value = line.strip().split(":") login, hash_value = line.strip().split(":")
if login == user: if login == user and (not PERSONAL or user == owner):
return CHECK_PASSWORD(hash_value, password) return CHECK_PASSWORD(hash_value, password)
return False return False
FILENAME = config.get("acl", "filename") FILENAME = config.get("acl", "filename")
PERSONAL = config.getboolean("acl", "personal")
CHECK_PASSWORD = locals()["_%s" % config.get("acl", "encryption")] CHECK_PASSWORD = locals()["_%s" % config.get("acl", "encryption")]

1
radicale/config.py
View File

@ -52,6 +52,7 @@ INITIAL_CONFIG = {
"stock": "utf-8"}, "stock": "utf-8"},
"acl": { "acl": {
"type": "fake", "type": "fake",
"personal": "False",
"filename": "/etc/radicale/users", "filename": "/etc/radicale/users",
"encryption": "crypt"}, "encryption": "crypt"},
"storage": { "storage": {