Merge with radicale/master
This commit is contained in:
parent
96bded2bbc
commit
c890d6e55a
radicale
@ -46,11 +46,7 @@ except ImportError:
|
|||||||
import BaseHTTPServer as server
|
import BaseHTTPServer as server
|
||||||
# pylint: enable=F0401
|
# pylint: enable=F0401
|
||||||
|
|
||||||
<<<<<<< HEAD
|
|
||||||
from radicale import acl, config, ical, xmlutils, log
|
|
||||||
=======
|
|
||||||
from radicale import acl, config, ical, log, xmlutils
|
from radicale import acl, config, ical, log, xmlutils
|
||||||
>>>>>>> d9ea784e31687b03f1451bc5b543122f05c5deb1
|
|
||||||
|
|
||||||
|
|
||||||
VERSION = "git"
|
VERSION = "git"
|
||||||
@ -60,17 +56,7 @@ VERSION = "git"
|
|||||||
|
|
||||||
def _check(request, function):
|
def _check(request, function):
|
||||||
"""Check if user has sufficient rights for performing ``request``."""
|
"""Check if user has sufficient rights for performing ``request``."""
|
||||||
<<<<<<< HEAD
|
|
||||||
log.log(10, "Check if user has sufficient rights for performing ``request`` %s." % (request.command))
|
|
||||||
# ``_check`` decorator can access ``request`` protected functions
|
|
||||||
# pylint: disable=W0212
|
|
||||||
|
|
||||||
# If we have no calendar, don't check rights
|
|
||||||
if not request._calendar:
|
|
||||||
=======
|
|
||||||
# If we have no calendar or no acl, don't check rights
|
|
||||||
if not request._calendar or not request.server.acl:
|
if not request._calendar or not request.server.acl:
|
||||||
>>>>>>> d9ea784e31687b03f1451bc5b543122f05c5deb1
|
|
||||||
return function(request)
|
return function(request)
|
||||||
|
|
||||||
log.LOGGER.info("Checking rights for %s" % request._calendar.owner)
|
log.LOGGER.info("Checking rights for %s" % request._calendar.owner)
|
||||||
@ -84,11 +70,9 @@ def _check(request, function):
|
|||||||
user = password = None
|
user = password = None
|
||||||
|
|
||||||
if request.server.acl.has_right(request._calendar.owner, user, password):
|
if request.server.acl.has_right(request._calendar.owner, user, password):
|
||||||
log.log(20, "Sufficient rights for performing ``request`` %s." % (request.command))
|
|
||||||
function(request)
|
function(request)
|
||||||
log.LOGGER.info("%s allowed" % request._calendar.owner)
|
log.LOGGER.info("%s allowed" % request._calendar.owner)
|
||||||
else:
|
else:
|
||||||
log.log(40, "No sufficient rights for performing ``request``.")
|
|
||||||
request.send_response(client.UNAUTHORIZED)
|
request.send_response(client.UNAUTHORIZED)
|
||||||
request.send_header(
|
request.send_header(
|
||||||
"WWW-Authenticate",
|
"WWW-Authenticate",
|
||||||
@ -122,8 +106,6 @@ class HTTPServer(server.HTTPServer):
|
|||||||
# pylint: disable=W0231
|
# pylint: disable=W0231
|
||||||
def __init__(self, address, handler, bind_and_activate=True):
|
def __init__(self, address, handler, bind_and_activate=True):
|
||||||
"""Create server."""
|
"""Create server."""
|
||||||
log.log(10, "Create HTTP server.")
|
|
||||||
server.HTTPServer.__init__(self, address, handler)
|
|
||||||
ipv6 = ":" in address[0]
|
ipv6 = ":" in address[0]
|
||||||
|
|
||||||
if ipv6:
|
if ipv6:
|
||||||
@ -150,7 +132,6 @@ class HTTPSServer(HTTPServer):
|
|||||||
|
|
||||||
def __init__(self, address, handler, bind_and_activate=True):
|
def __init__(self, address, handler, bind_and_activate=True):
|
||||||
"""Create server by wrapping HTTP socket in an SSL socket."""
|
"""Create server by wrapping HTTP socket in an SSL socket."""
|
||||||
log.log(10, "Create server by wrapping HTTP socket in an SSL socket.")
|
|
||||||
# Fails with Python 2.5, import if needed
|
# Fails with Python 2.5, import if needed
|
||||||
# pylint: disable=F0401
|
# pylint: disable=F0401
|
||||||
import ssl
|
import ssl
|
||||||
@ -171,7 +152,6 @@ class HTTPSServer(HTTPServer):
|
|||||||
|
|
||||||
class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
||||||
"""HTTP requests handler for calendars."""
|
"""HTTP requests handler for calendars."""
|
||||||
log.log(10, "HTTP requests handler for calendars.")
|
|
||||||
_encoding = config.get("encoding", "request")
|
_encoding = config.get("encoding", "request")
|
||||||
|
|
||||||
# Request handlers decorators
|
# Request handlers decorators
|
||||||
@ -191,17 +171,15 @@ class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
|||||||
@property
|
@property
|
||||||
def _calendar(self):
|
def _calendar(self):
|
||||||
"""The ``ical.Calendar`` object corresponding to the given path."""
|
"""The ``ical.Calendar`` object corresponding to the given path."""
|
||||||
log.log(10, "The ``ical.Calendar`` object corresponding to the given path. (%s)" % (self.path))
|
|
||||||
# ``self.path`` must be something like a posix path
|
# ``self.path`` must be something like a posix path
|
||||||
# ``normpath`` should clean malformed and malicious request paths
|
# ``normpath`` should clean malformed and malicious request paths
|
||||||
attributes = posixpath.normpath(self.path.strip("/")).split("/")
|
attributes = posixpath.normpath(self.path.strip("/")).split("/")
|
||||||
if len(attributes) >= 2:
|
if attributes:
|
||||||
path = "%s/%s" % (attributes[0], attributes[1])
|
path = "/".join(attributes[:min(len(attributes), 2)])
|
||||||
return ical.Calendar(path)
|
return ical.Calendar(path)
|
||||||
|
|
||||||
def _decode(self, text):
|
def _decode(self, text):
|
||||||
"""Try to decode text according to various parameters."""
|
"""Try to decode text according to various parameters."""
|
||||||
log.log(10, "Try to decode text according to various parameters.")
|
|
||||||
# List of charsets to try
|
# List of charsets to try
|
||||||
charsets = []
|
charsets = []
|
||||||
|
|
||||||
@ -232,7 +210,6 @@ class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
|||||||
@log_request_content
|
@log_request_content
|
||||||
def do_GET(self):
|
def do_GET(self):
|
||||||
"""Manage GET request."""
|
"""Manage GET request."""
|
||||||
log.log(10, "Manage GET request.")
|
|
||||||
self.do_HEAD()
|
self.do_HEAD()
|
||||||
if self._answer:
|
if self._answer:
|
||||||
self.wfile.write(self._answer)
|
self.wfile.write(self._answer)
|
||||||
@ -241,7 +218,6 @@ class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
|||||||
@check_rights
|
@check_rights
|
||||||
def do_HEAD(self):
|
def do_HEAD(self):
|
||||||
"""Manage HEAD request."""
|
"""Manage HEAD request."""
|
||||||
log.log(10, "Manage HEAD request.")
|
|
||||||
item_name = xmlutils.name_from_path(self.path)
|
item_name = xmlutils.name_from_path(self.path)
|
||||||
if item_name:
|
if item_name:
|
||||||
# Get calendar item
|
# Get calendar item
|
||||||
@ -273,7 +249,6 @@ class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
|||||||
@check_rights
|
@check_rights
|
||||||
def do_DELETE(self):
|
def do_DELETE(self):
|
||||||
"""Manage DELETE request."""
|
"""Manage DELETE request."""
|
||||||
log.log(10, "Manage DELETE request.")
|
|
||||||
item = self._calendar.get_item(xmlutils.name_from_path(self.path))
|
item = self._calendar.get_item(xmlutils.name_from_path(self.path))
|
||||||
if item and self.headers.get("If-Match", item.etag) == item.etag:
|
if item and self.headers.get("If-Match", item.etag) == item.etag:
|
||||||
# No ETag precondition or precondition verified, delete item
|
# No ETag precondition or precondition verified, delete item
|
||||||
@ -297,7 +272,6 @@ class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
|||||||
@log_request_content
|
@log_request_content
|
||||||
def do_OPTIONS(self):
|
def do_OPTIONS(self):
|
||||||
"""Manage OPTIONS request."""
|
"""Manage OPTIONS request."""
|
||||||
log.log(10, "Manage OPTIONS request.")
|
|
||||||
self.send_response(client.OK)
|
self.send_response(client.OK)
|
||||||
self.send_header(
|
self.send_header(
|
||||||
"Allow", "DELETE, HEAD, GET, MKCALENDAR, "
|
"Allow", "DELETE, HEAD, GET, MKCALENDAR, "
|
||||||
@ -308,11 +282,6 @@ class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
|||||||
@log_request_content
|
@log_request_content
|
||||||
def do_PROPFIND(self):
|
def do_PROPFIND(self):
|
||||||
"""Manage PROPFIND request."""
|
"""Manage PROPFIND request."""
|
||||||
<<<<<<< HEAD
|
|
||||||
log.log(10, "Manage PROPFIND request.")
|
|
||||||
xml_request = self.rfile.read(int(self.headers["Content-Length"]))
|
|
||||||
=======
|
|
||||||
>>>>>>> d9ea784e31687b03f1451bc5b543122f05c5deb1
|
|
||||||
self._answer = xmlutils.propfind(
|
self._answer = xmlutils.propfind(
|
||||||
self.path, self._content, self._calendar,
|
self.path, self._content, self._calendar,
|
||||||
self.headers.get("depth", "infinity"))
|
self.headers.get("depth", "infinity"))
|
||||||
@ -328,7 +297,6 @@ class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
|||||||
@check_rights
|
@check_rights
|
||||||
def do_PUT(self):
|
def do_PUT(self):
|
||||||
"""Manage PUT request."""
|
"""Manage PUT request."""
|
||||||
log.log(10, "Manage PUT request.")
|
|
||||||
item_name = xmlutils.name_from_path(self.path)
|
item_name = xmlutils.name_from_path(self.path)
|
||||||
item = self._calendar.get_item(item_name)
|
item = self._calendar.get_item(item_name)
|
||||||
if (not item and not self.headers.get("If-Match")) or \
|
if (not item and not self.headers.get("If-Match")) or \
|
||||||
@ -352,20 +320,11 @@ class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
|||||||
@check_rights
|
@check_rights
|
||||||
def do_REPORT(self):
|
def do_REPORT(self):
|
||||||
"""Manage REPORT request."""
|
"""Manage REPORT request."""
|
||||||
<<<<<<< HEAD
|
|
||||||
log.log(10, "Manage REPORT request.")
|
|
||||||
xml_request = self.rfile.read(int(self.headers["Content-Length"]))
|
|
||||||
self._answer = xmlutils.report(self.path, xml_request, self._calendar)
|
|
||||||
=======
|
|
||||||
self._answer = xmlutils.report(self.path, self._content, self._calendar)
|
self._answer = xmlutils.report(self.path, self._content, self._calendar)
|
||||||
>>>>>>> d9ea784e31687b03f1451bc5b543122f05c5deb1
|
|
||||||
|
|
||||||
self.send_response(client.MULTI_STATUS)
|
self.send_response(client.MULTI_STATUS)
|
||||||
self.send_header("Content-Length", len(self._answer))
|
self.send_header("Content-Length", len(self._answer))
|
||||||
self.end_headers()
|
self.end_headers()
|
||||||
self.wfile.write(self._answer)
|
self.wfile.write(self._answer)
|
||||||
|
|
||||||
def log_message(self, format, *args):
|
|
||||||
log.log(10, format % (args))
|
|
||||||
|
|
||||||
# pylint: enable=C0103
|
# pylint: enable=C0103
|
||||||
|
@ -1,28 +1,28 @@
|
|||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
import sys, ldap, syslog
|
import sys
|
||||||
|
import ldap
|
||||||
from radicale import config, log
|
import radicale
|
||||||
|
|
||||||
def has_right(owner, user, password):
|
|
||||||
if user == None:
|
|
||||||
user=""
|
|
||||||
if password == None:
|
|
||||||
password=""
|
|
||||||
if owner != user:
|
|
||||||
return False
|
|
||||||
try:
|
|
||||||
log.log(10, "Open LDAP server connexion")
|
|
||||||
l=ldap.open(LDAPSERVER, 389)
|
|
||||||
cn="%s%s,%s" % (LDAPPREPEND, user, LDAPAPPEND)
|
|
||||||
log.log(10, "LDAP bind with dn: %s" %(cn))
|
|
||||||
l.simple_bind_s(cn, password);
|
|
||||||
log.log(20, "LDAP bind Ok")
|
|
||||||
return True
|
|
||||||
except:
|
|
||||||
log.log(40, "LDAP bind error")
|
|
||||||
return False
|
|
||||||
|
|
||||||
LDAPSERVER = config.get("authLdap", "LDAPServer")
|
LDAPSERVER = config.get("authLdap", "LDAPServer")
|
||||||
LDAPPREPEND = config.get("authLdap", "LDAPPrepend")
|
LDAPPREPEND = config.get("authLdap", "LDAPPrepend")
|
||||||
LDAPAPPEND = config.get("authLdap", "LDAPAppend")
|
LDAPAPPEND = config.get("authLdap", "LDAPAppend")
|
||||||
|
|
||||||
|
def has_right(owner, user, password):
|
||||||
|
if user == None:
|
||||||
|
user=""
|
||||||
|
if password == None:
|
||||||
|
password=""
|
||||||
|
if owner != user:
|
||||||
|
return False
|
||||||
|
try:
|
||||||
|
radicale.log.LOGGER.info("Open LDAP server connexion")
|
||||||
|
l=ldap.open(LDAPSERVER, 389)
|
||||||
|
cn="%s%s,%s" % (LDAPPREPEND, user, LDAPAPPEND)
|
||||||
|
radicale.log.LOGGER.info("LDAP bind with dn: %s" % (cn))
|
||||||
|
l.simple_bind_s(cn, password);
|
||||||
|
radicale.log.LOGGER.info("LDAP bind ok")
|
||||||
|
return True
|
||||||
|
except:
|
||||||
|
radicale.log.LOGGER.info("Nu such credential")
|
||||||
|
return False
|
||||||
|
@ -55,18 +55,12 @@ INITIAL_CONFIG = {
|
|||||||
"storage": {
|
"storage": {
|
||||||
"folder": os.path.expanduser("~/.config/radicale/calendars")},
|
"folder": os.path.expanduser("~/.config/radicale/calendars")},
|
||||||
"logging": {
|
"logging": {
|
||||||
<<<<<<< HEAD
|
"config": "/etc/radicale/logging",
|
||||||
"type": "stdout",
|
"debug": "False"},
|
||||||
"logfile": os.path.expanduser("~/.config/radicale/radicale.log"),
|
|
||||||
"facility": 10},
|
|
||||||
"authLdap": {
|
"authLdap": {
|
||||||
"LDAPServer": "127.0.0.1",
|
"LDAPServer": "127.0.0.1",
|
||||||
"LDAPPrepend": "uid=",
|
"LDAPPrepend": "uid=",
|
||||||
"LDAPAppend": "ou=users,dc=example,dc=com"}}
|
"LDAPAppend": "ou=users,dc=example,dc=com"}}
|
||||||
=======
|
|
||||||
"config": "/etc/radicale/logging",
|
|
||||||
"debug": "False"}}
|
|
||||||
>>>>>>> d9ea784e31687b03f1451bc5b543122f05c5deb1
|
|
||||||
|
|
||||||
# Create a ConfigParser and configure it
|
# Create a ConfigParser and configure it
|
||||||
_CONFIG_PARSER = ConfigParser()
|
_CONFIG_PARSER = ConfigParser()
|
||||||
@ -77,7 +71,7 @@ for section, values in INITIAL_CONFIG.items():
|
|||||||
_CONFIG_PARSER.set(section, key, value)
|
_CONFIG_PARSER.set(section, key, value)
|
||||||
|
|
||||||
_CONFIG_PARSER.read("/etc/radicale/config")
|
_CONFIG_PARSER.read("/etc/radicale/config")
|
||||||
_CONFIG_PARSER.read(os.path.expdanuser("~/.config/radicale/config"))
|
_CONFIG_PARSER.read(os.path.expanduser("~/.config/radicale/config"))
|
||||||
|
|
||||||
# Wrap config module into ConfigParser instance
|
# Wrap config module into ConfigParser instance
|
||||||
sys.modules[__name__] = _CONFIG_PARSER
|
sys.modules[__name__] = _CONFIG_PARSER
|
||||||
|
Loading…
x
Reference in New Issue
Block a user