Add support for personal calendars, available only for owner.

This commit is contained in:
Guillaume Ayoub 2010-07-03 16:27:48 +02:00
parent 666e7034a0
commit bd5b345017
3 changed files with 8 additions and 6 deletions

View File

@ -53,18 +53,17 @@ VERSION = "git"
def _check(request, function):
"""Check if user has sufficient rights for performing ``request``."""
# ``_check`` decorator can access ``request`` protected functions
# pylint: disable=W0212
authorization = request.headers.get("Authorization", None)
if authorization:
challenge = authorization.lstrip("Basic").strip().encode("ascii")
# ``_check`` decorator can access ``request`` protected functions
# pylint: disable=W0212
plain = request._decode(base64.b64decode(challenge))
# pylint: enable=W0212
user, password = plain.split(":")
else:
user = password = None
if request.server.acl.has_right(user, password):
if request.server.acl.has_right(request._calendar.owner, user, password):
function(request)
else:
request.send_response(client.UNAUTHORIZED)
@ -72,6 +71,7 @@ def _check(request, function):
"WWW-Authenticate",
"Basic realm=\"Radicale Server - Password Required\"")
request.end_headers()
# pylint: enable=W0212
class HTTPServer(server.HTTPServer):

View File

@ -54,15 +54,16 @@ def _sha1(hash_value, password):
return sha1.digest() == base64.b64decode(hash_value)
def has_right(user, password):
def has_right(owner, user, password):
"""Check if ``user``/``password`` couple is valid."""
for line in open(FILENAME).readlines():
if line.strip():
login, hash_value = line.strip().split(":")
if login == user:
if login == user and (not PERSONAL or user == owner):
return CHECK_PASSWORD(hash_value, password)
return False
FILENAME = config.get("acl", "filename")
PERSONAL = config.getboolean("acl", "personal")
CHECK_PASSWORD = locals()["_%s" % config.get("acl", "encryption")]

View File

@ -52,6 +52,7 @@ INITIAL_CONFIG = {
"stock": "utf-8"},
"acl": {
"type": "fake",
"personal": "False",
"filename": "/etc/radicale/users",
"encryption": "crypt"},
"storage": {