Use the first matching section for getting rights

This commit is contained in:
Guillaume Ayoub 2015-12-03 15:22:12 +01:00
parent 9875db9a6c
commit e807c3d35b

View File

@ -55,8 +55,8 @@ else:
DEFINED_RIGHTS = {
"authenticated": "[rw]\nuser:.+\ncollection:.*\npermission:rw",
"owner_write": "[r]\nuser:.+\ncollection:.*\npermission:r\n"
"[w]\nuser:.+\ncollection:^%(login)s(/.*)?$\npermission:w",
"owner_write": "[w]\nuser:.+\ncollection:^%(login)s(/.*)?$\npermission:rw"
"[r]\nuser:.+\ncollection:.*\npermission:r\n",
"owner_only": "[rw]\nuser:.+\ncollection:^%(login)s(/.*)?$\npermission:rw",
}
@ -89,8 +89,7 @@ def _read_from_sections(user, collection_url, permission):
re_collection = re_collection.format(*user_match.groups())
if re.match(re_collection, collection_url):
log.LOGGER.debug("Section '%s' matches" % section)
if permission in regex.get(section, "permission"):
return True
return permission in regex.get(section, "permission")
else:
log.LOGGER.debug("Section '%s' does not match" % section)
return False
@ -99,7 +98,8 @@ def _read_from_sections(user, collection_url, permission):
def authorized(user, collection, permission):
"""Check if the user is allowed to read or write the collection.
If the user is empty it checks for anonymous rights
If the user is empty, check for anonymous rights.
"""
collection_url = collection.url.rstrip("/") or "/"
if collection_url in (".well-known/carddav", ".well-known/caldav"):