Clean support of public calendars, add support of private calendars

2011-06-13 22:15:52 +02:00
parent a28bd4a5fa
commit f9836ab093
7 changed files with 42 additions and 13 deletions
--- a/radicale/acl/LDAP.py
+++ b/radicale/acl/LDAP.py
@@ -26,7 +26,7 @@ Authentication based on the ``python-ldap`` module
 """

 import ldap
-from radicale import config, log
+from radicale import acl, config, log


 BASE = config.get("acl", "ldap_base")
@@ -38,8 +38,8 @@ PASSWORD = config.get("acl", "ldap_password")

 def has_right(owner, user, password):
    """Check if ``user``/``password`` couple is valid."""
-    if not user or (owner and user != owner):
-        # No user given, or owner is set and is not user, forbidden
+    if not user or (owner not in acl.PRIVATE_USERS and user != owner):
+        # No user given, or owner is not private and is not user, forbidden
        return False

    if BINDDN and PASSWORD:
--- a/radicale/acl/init.py
+++ b/radicale/acl/init.py
@@ -29,11 +29,27 @@ configuration.
 from radicale import config


+PUBLIC_USERS = []
+PRIVATE_USERS = [None]
+
+
+def _config_users(name):
+    """Get an iterable of strings from the configuraton string [acl] ``name``.
+
+    The values must be separated by a comma. The whitespace characters are
+    stripped at the beginning and at the end of the values.
+
+    """
+    return (user.strip() for user in config.get("acl", name).split(","))
+
+
 def load():
    """Load list of available ACL managers."""
    acl_type = config.get("acl", "type")
    if acl_type == "None":
        return None
    else:
+        PUBLIC_USERS.extend(_config_users("public_users"))
+        PRIVATE_USERS.extend(_config_users("private_users"))
        module = __import__("radicale.acl", fromlist=[acl_type])
        return getattr(module, acl_type)
--- a/radicale/acl/htpasswd.py
+++ b/radicale/acl/htpasswd.py
@@ -30,7 +30,7 @@ supported, but md5 is not (see ``htpasswd`` man page to understand why).
 import base64
 import hashlib

-from radicale import config
+from radicale import acl, config


 FILENAME = config.get("acl", "htpasswd_filename")
@@ -63,6 +63,6 @@ def has_right(owner, user, password):
    for line in open(FILENAME).readlines():
        if line.strip():
            login, hash_value = line.strip().split(":")
-            if login == user and (not owner or owner == user):
+            if login == user and (owner in acl.PRIVATE_USERS or owner == user):
                return globals()["_%s" % ENCRYPTION](hash_value, password)
    return False