tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,323 Commits 2 Branches 0 Tags 3 MiB
0601b81aa7
Commit Graph

980 Commits

Author SHA1 Message Date
Guillaume Ayoub
5c2075cb6c Fix _atomic_write 2016-08-08 14:55:01 +02:00
Guillaume Ayoub
5e5b8b844f Cosmetics 2016-08-08 13:39:01 +02:00
Guillaume Ayoub
1e5c9f63a0 Merge pull request #468 from Unrud/disablefsync 
Add option to disable syncing to disk
 2016-08-08 13:00:12 +02:00
Guillaume Ayoub
c4cf918bf2 Merge pull request #470 from Unrud/readcontent 
Read content after access checks
 2016-08-08 12:57:59 +02:00
Unrud
a9b89be5c7 Read content after access checks 
Unauthorized users can't fill up RAM with crap anymore.
 2016-08-08 07:00:24 +02:00
Unrud
f294b1cf17 Add access check to PROPFIND 2016-08-08 06:59:15 +02:00
Unrud
eb15de0c5b Test PUT with whole collection 2016-08-08 06:09:24 +02:00
Unrud
68286faa63 Atomic replacement of whole collection by PUT 2016-08-08 06:08:52 +02:00
Unrud
0675328a02 Replace collection in Collection.create_collection 2016-08-08 06:08:01 +02:00
Unrud
6d85a731e5 Disable syncing to disk for tests 
This reduces test time by almost 70%.
 2016-08-08 05:30:16 +02:00
Unrud
f5f52582a1 Add option to disable syncing to disk 
Disabling syncing increases the risk of data loss when the system crashes or power fails. On the positive it can increase the performance to a great extent.
 2016-08-08 05:20:25 +02:00
Unrud
c336e0581e Remove atomicwrites 
Unfortunately the library doesn't support disabling of disk syncing, fortunately we only need a small subset of it's functionality which is easy to implement.
 2016-08-08 05:02:36 +02:00
Unrud
3c736cade8 Refactor: Move sync_directory into Collection class 
This is not used anywhere else.
 2016-08-08 04:07:01 +02:00
Guillaume Ayoub
9f2cbb81a3 Merge pull request #466 from Unrud/fixpath 
Set correct path for child collections
 2016-08-07 18:43:41 +02:00
Unrud
ce0a2fd01d Test PROPFIND 
Regression test for cfa8c7d8b4
 2016-08-07 18:08:10 +02:00
Unrud
cfa8c7d8b4 Set correct path for child collections 2016-08-07 17:50:31 +02:00
Unrud
4f37e90e20 Some clients expect collections to end with / 
Compatibility with InfCloud/CalDavZAP/CardDavMATE
 2016-08-07 17:50:04 +02:00
Unrud
ee5b8facda Always use wrapper to lock collection 
Also run the hook after creation of the principal collection.
 2016-08-07 17:14:47 +02:00
Guillaume Ayoub
4236077b04 Document _makedirs_synced and remove exist_ok 2016-08-06 14:08:21 +02:00
Guillaume Ayoub
4549d1b2db Merge pull request #462 from Unrud/durabledirs 
Durable creation of directories and make sure that the root colleciton exists.
 2016-08-06 14:02:41 +02:00
Guillaume Ayoub
a7923008ce Remove unused import 2016-08-06 13:29:07 +02:00
Guillaume Ayoub
0cda9f611d Merge pull request #463 from Unrud/atomicmove 
Atomic MOVE
 2016-08-06 13:27:38 +02:00
Guillaume Ayoub
071a829af8 Merge pull request #453 from Unrud/delete 
Delete atomic and durable
 2016-08-06 12:52:38 +02:00
Unrud
5f66d009d6 Atomic MOVE in multifilesystem 2016-08-06 05:09:06 +02:00
Unrud
23582c8208 Expose low level MOVE operation in storage.BaseCollection 2016-08-06 05:09:00 +02:00
Unrud
17ff22cae4 Support replacing in MOVE method 2016-08-06 04:45:44 +02:00
Unrud
89ac2fb397 Remove faulty check 
This should have been (to_path.strip("/")+"/").startswith(path.strip("/")+"/").
But it's not required as we don't support moving collections.
 2016-08-06 04:44:18 +02:00
Unrud
07dc71fd73 Update comment 2016-08-06 04:07:55 +02:00
Unrud
6c3e59fd11 Make sure that the root collection exists. 
Since the collections are not directly in **filesystem_path** anymore,
the folder is not created by ``Collection.acquire_lock``.
 2016-08-06 04:07:55 +02:00
Unrud
05a4285f54 Durable creation of intermediate directories 2016-08-06 04:07:50 +02:00
Guillaume Ayoub
9aefc500ec Merge pull request #461 from Unrud/patch-27 
Remove old code
 2016-08-05 17:48:03 +02:00
Unrud
bfb7aec7be Test deletion of root collection 2016-08-05 17:40:47 +02:00
Unrud
f4eb143ba8 use tempfile to delete collection 2016-08-05 17:40:47 +02:00
Unrud
5a9d956b49 delete atomic and durable 
See #440
 2016-08-05 17:40:47 +02:00
Unrud
9dd241a54b Add test for deletion of collection 2016-08-05 17:40:47 +02:00
Unrud
6d77e24028 Remove old code 
This was missed while merging #457 and #459.
 2016-08-05 17:05:32 +02:00
Unrud
65af0592d3 Run hook while storage is still locked 2016-08-05 16:58:03 +02:00
Guillaume Ayoub
50438bc2c0 Remove fixed TODOs 2016-08-05 02:57:17 +02:00
Guillaume Ayoub
8682504c6e Strip empty lines from content 2016-08-05 02:25:15 +02:00
Guillaume Ayoub
26e1c9ba89 Fix collection creation with PUT request 2016-08-05 02:24:52 +02:00
Guillaume Ayoub
8ac3ce1a89 Clean many, many things 2016-08-05 02:14:49 +02:00
Guillaume Ayoub
92a0027ae1 Merge branch 'rights' of https://github.com/Unrud/Radicale into Unrud-rights 2016-08-04 23:35:01 +02:00
Guillaume Ayoub
2eaedf448f Merge pull request #457 from Unrud/atomiccreate 
Atomic creation of collections and atomic PROPPATCH
 2016-08-04 22:55:15 +02:00
Unrud
8ce6d1af30 Use flock locks for storage locking 
These locks are compatible with the command line utility flock,
which comes preinstalled with most Linux distributions.
 2016-08-04 06:15:05 +02:00
Unrud
066b5994d1 Improve rights checking and request handlers 
* Access rights are checked before the storage is locked and
    collections are loaded.
  * DELETE sends 410 instead of doing nothing or crashing if the target
    doesn't exist.
  * GET always returns 404 if the target doesn't exist.
  * GET doesn't crash if a collection without tag property is requested.
  * MKCOL and MKCALENDAR send 409 if the target already exists.
  * MOVE checks if the target collection of an item actually exists and
    sends 409 otherwise.
  * PUT doesn't crash if a whole collection that doesn't exist yet is
    uploaded and ``content-type`` is ``text/vcard`` or
    ``text/calendar``.
  * PUT distinguishes between simple items and whole collections by the
    following criteria: Target is a collection; Parent exists; Parent
    has the tag property set; Parent contains other items. Before only
    the first two criteria where used, which was very unrelieable. #384
  * PROPPATCH is only allowed on collections and 409 is send otherwise.
  * ``Rights.authorized`` takes a path instead of a collection.
  * ``Collection.discover`` only returns items in ``path``, that
    actually exist. #442
 2016-08-04 06:08:08 +02:00
Unrud
ae89082c24 Atomic creation of collections 2016-08-03 15:50:55 +02:00
Unrud
e34d1c46cd Move collections into collection-root folder 
This is required for atomic creation and deletion of the "/" collection.
 2016-08-03 15:50:38 +02:00
Unrud
bd7641699e Atomic PROPPATCH 2016-08-03 14:45:52 +02:00
Unrud
de510148a0 *args and **kwargs for test collection 2016-08-03 14:35:50 +02:00
Unrud
0fc7f787a8 Remove test_folder configuration 
It's not used.
 2016-08-03 14:34:36 +02:00
Guillaume Ayoub
b71664b322 Return UNAUTHORIZED for NOT_FOUND PROPFINDs 2016-08-02 17:24:04 +02:00
Guillaume Ayoub
76b859c28e Rename .collection.props into .Radicale.props 2016-08-02 16:58:44 +02:00
Guillaume Ayoub
2f202d14e0 Fix .collection.props 2016-08-02 16:57:20 +02:00
Guillaume Ayoub
5b04ba18a8 Hide collection.props 2016-08-02 16:51:50 +02:00
Guillaume Ayoub
da22778ce3 Merge pull request #456 from Unrud/props 
Properties inside of collection
 2016-08-02 16:50:23 +02:00
Unrud
13c693ba35 Properties inside of collection 
* Creation and deletion of collections can be atomic.
  * The properties file of the root collection is not outside of the
    filesystem_folder.
  * It's easier to delete and move collections by hand.
  * This breaks backward compatibility.
 2016-08-02 16:35:38 +02:00
Guillaume Ayoub
1ffc171f35 Always return collections home sets 2016-08-02 16:27:18 +02:00
Guillaume Ayoub
5ed60ce09d Always return current-user-principal 2016-08-02 15:43:31 +02:00
Guillaume Ayoub
3e52f34309 Remove pylint 2016-08-02 14:39:20 +02:00
Guillaume Ayoub
301bb552d7 Cosmetics 2016-08-02 14:37:39 +02:00
Guillaume Ayoub
d322d3f394 Clean the user's collection creation code 2016-08-02 14:00:42 +02:00
Guillaume Ayoub
04010ff8d3 Merge pull request #455 from Unrud/home 
Creating addressbooks and calendars in DAVdroid
 2016-08-02 13:51:29 +02:00
Guillaume Ayoub
71be1a56b8 Change find_available_file_name into private method 2016-08-02 12:11:38 +02:00
Guillaume Ayoub
a7f078eb54 Change find_available_file_name into a method 2016-08-02 11:16:24 +02:00
Guillaume Ayoub
880744ada7 Merge pull request #454 from Unrud/uniq 
Check if file name already exists
 2016-08-02 11:12:30 +02:00
Unrud
81b04890f1 Create principal collection automatically 2016-08-02 08:04:12 +02:00
Unrud
39d38f36a5 Check if file name already exists 
The chances are pretty low but maybe the RNG is bad or something
 2016-08-02 07:33:47 +02:00
Unrud
d5008672c5 Principal associated properties only on principal collections 
This misguides DAVdroid into creating new calendars and addressbooks in /
 2016-08-01 20:48:57 +02:00
Unrud
03cbcee5cd / is not a principal 2016-08-01 20:46:57 +02:00
Unrud
7aa481aaa1 Return / for principal-collection-set 
From RFC3744: This protected property of a resource contains a set of URLs that identify the root collections that contain the principals that are available on the server that implements this resource.
 2016-08-01 20:44:04 +02:00
Unrud
8f91190949 Remove duplicate code 2016-08-01 20:42:03 +02:00
Guillaume Ayoub
6b30870be5 Minor cleanups 
Everything works fine with Apple clients now.
 2016-08-01 19:00:57 +02:00
Guillaume Ayoub
b517818749 Don't reject everybody from "/" with owner_only 
Fix 407.
 2016-08-01 18:59:47 +02:00
Guillaume Ayoub
6bfdcbafec Cosmetics 2016-08-01 12:50:51 +02:00
Guillaume Ayoub
711ecf5df2 Merge pull request #451 from Unrud/removewellknown 
Remove /.well-known
 2016-08-01 12:20:55 +02:00
Guillaume Ayoub
9d3086427d Merge pull request #450 from Unrud/safeusernames 
Prevent unsafe usernames
 2016-08-01 12:14:40 +02:00
Unrud
9dd8c65d65 Always match full username/collection with regex 
It's easy to forget $ at the end of a regex and it's counter-intuitive that ^ is implicit but $ is not.
 2016-08-01 10:07:21 +02:00
Unrud
fd977891e8 Remove /.well-known 
I can't think of a sane use-case for this.
 2016-08-01 09:31:25 +02:00
Unrud
da1a693620 Prevent unsafe usernames 
If an attacker is able to create an account with a username like "user/calendar.ics", he can access collections of other users.
 2016-08-01 09:10:23 +02:00
Guillaume Ayoub
b3d8833779 Normalize the version number 2016-07-30 16:43:29 +02:00
Guillaume Ayoub
dc406c17fd Merge pull request #425 from Unrud/patch-19 
Don't silently drop files
 2016-07-30 15:28:35 +02:00
Guillaume Ayoub
62588477f6 Merge pull request #429 from Unrud/hook 
Add hook for storage changes
 2016-07-30 15:26:17 +02:00
Guillaume Ayoub
0a2d12a4a3 Merge pull request #445 from Unrud/patch-24 
Point well-known to /
 2016-07-30 15:25:01 +02:00
Unrud
0306ee6dcc Point well-known to / 
Fixes #431
 2016-07-14 10:13:20 +02:00
Unrud
21d7d5a453 Hide temporary files 
Fixes #443
 2016-07-14 09:09:10 +02:00
Unrud
0a32e46295 Improve error message 2016-07-14 08:08:08 +02:00
Unrud
e3d7d08eab Don't silently drop files 2016-07-14 08:08:08 +02:00
Unrud
0263251ecf Add hook for storage changes 2016-07-14 07:57:46 +02:00
Guillaume Ayoub
ef63865e31 Merge pull request #428 from Unrud/patch-22 
Add timeout to connections, limit size of request body and limit number of parallel connections
 2016-07-14 02:06:24 +02:00
Guillaume Ayoub
5bd80d8d13 Don't crash when getting unknown collections 
Fix #422.
 2016-07-14 01:39:57 +02:00
Guillaume Ayoub
4c91ee8906 Atomic writes (fix #440) 2016-07-14 01:14:42 +02:00
Guillaume Ayoub
5e5427f987 Cosmetics 2016-07-13 17:59:52 +02:00
Florian Mounier
eb1f964ee2 Fix docstring 2016-07-12 18:12:42 +02:00
Florian Mounier
9225fd5fbd Add a test for update 2016-07-12 18:08:01 +02:00
Florian Mounier
6f9e9f21dd Merge branch 'optimize_storage_collection' 2016-07-08 15:35:43 +02:00
Florian Mounier
2ff47620f8 Merge branch 'date_indexed_collection' 2016-07-08 11:39:15 +02:00
Florian Mounier
36333765d6 Merge branch 'test_in_radicale' 2016-07-08 11:38:09 +02:00
Florian Mounier
39823f8909 Add a pre_filtered_list method in collection. This allow filters optimizations 2016-07-08 11:37:30 +02:00
Florian Mounier
a2d6977cd6 Fix logic in loops 2016-07-07 17:53:35 +02:00
Florian Mounier
10e7a776fc Merge branch 'master' into optimize_storage_collection 2016-07-07 17:52:16 +02:00
Guillaume Ayoub
8c225f019c Fix support of recurring events 2016-07-07 17:49:56 +02:00
Florian Mounier
364ed3689d Optimise collection creation by avoiding nested_loop 2016-07-07 16:13:32 +02:00
Florian Mounier
9056561211 Move test inside radicale 2016-07-07 14:30:10 +02:00
Guillaume Ayoub
21461ddb4e Fix name_from_path 2016-07-06 17:11:12 +02:00
Guillaume Ayoub
6a4fe6beb5 Add a very, very important full stop. 2016-07-05 18:07:36 +02:00
Florian Mounier
a7549bc652 Split the main run function to allow the use of radicale serving programatically. Add an extra_config parameter to the config load to override config. 2016-07-05 17:50:40 +02:00
Florian Mounier
383409213e deflate seems to be problematic with different implementations (http://stackoverflow.com/questions/388595/why-use-deflate-instead-of-gzip-for-text-files-served-by-apache/388633#388633). Using gzip instead. 2016-07-04 17:00:43 +02:00
Guillaume Ayoub
9300d25d61 Update __main__.py 2016-07-04 14:35:38 +02:00
Florian Mounier
221379ef85 Sort imports 2016-07-04 14:32:33 +02:00
Guillaume Ayoub
fd3b0718fd Fix coding style 2016-07-01 16:44:12 +02:00
Guillaume Ayoub
c294477aee Support recurring items in time filters 
Fix #33.
 2016-07-01 16:40:43 +02:00
Guillaume Ayoub
5b5edaac2f Fix FCGI and WSGI scripts 2016-07-01 10:28:51 +02:00
Guillaume Ayoub
4e8f518cbb Remove spaces from empty lines 2016-06-26 21:23:29 +02:00
Nicolas Bonfante
dfc215b63f solving bug when trying to filter an Event on a DATETIME which have no timezone 2016-06-24 14:02:35 +02:00
Nicolas Bonfante
4872ea5d58 correcting bug in test vjournal 2016-06-15 18:09:09 +02:00
Cedric Boscher
e4e1d81f9f debug on tests 2016-06-15 18:01:19 +02:00
Nicolas Bonfante
1613c4955f adding test for Vjournal filtering 2016-06-15 16:17:51 +02:00
Nicolas Bonfante
38845da762 solve bug in vjournal time filter 2016-06-15 15:48:35 +02:00
Cedric Boscher
a5d5cc8b2c debug VTODO and first tests running 2016-06-15 15:45:27 +02:00
Cedric Boscher
2957b40473 clean code 2016-06-15 10:16:44 +02:00
Cedric Boscher
21ea648a44 Merge branch 'master' of github.com:Kozea/Radicale 2016-06-15 09:56:16 +02:00
Cedric Boscher
7de63f8335 VTODO first implementation 2016-06-15 09:56:05 +02:00
Nicolas Bonfante
e1f3045f1f adding VJournal method 2016-06-15 09:55:30 +02:00
Guillaume Ayoub
40406359e5 Merge pull request #423 from Unrud/patch-17 
Resolve naming conflict
 2016-06-13 15:08:33 +02:00
Guillaume Ayoub
9592ec3a66 Merge pull request #424 from Unrud/patch-18 
Fix time range matching
 2016-06-13 15:08:01 +02:00
Guillaume Ayoub
caa4c16dfd Merge pull request #426 from Unrud/patch-20 
Ignore hidden files
 2016-06-13 15:07:24 +02:00
Unrud
83ea9da2b4 Limit number of parallel connections 2016-06-11 13:19:26 +02:00
Unrud
e438d9fd4b Limit size of request body 2016-06-11 13:16:45 +02:00
Unrud
b55d2181ed Add timeout to integrated sever 2016-06-11 13:14:58 +02:00
Unrud
d4e6205745 Don't include passwords in logs 2016-06-11 12:58:28 +02:00
Unrud
54b47c4a3e Refactor: Move response code into function 2016-06-10 14:55:32 +02:00
Unrud
39379413d1 Use hidden file for locking 2016-06-10 01:18:02 +02:00
Unrud
3479e76690 Ignore hidden files 2016-06-10 01:17:57 +02:00
Unrud
3e1e680bbc Use correct attribute name 2016-06-10 00:02:07 +02:00
Unrud
74d84e0c91 Resolve naming conflict 2016-06-09 23:52:05 +02:00
Guillaume Ayoub
063e827588 Revert "Try to use UID as filename" 
This reverts commit 0b25c82d9d.

See #419.
 2016-05-30 19:05:58 +02:00
Guillaume Ayoub
f1f716b0c7 Merge pull request #419 from Unrud/patch-16 
Save all items with the same UID in the same file
 2016-05-30 19:03:25 +02:00
Guillaume Ayoub
5b6f0784d0 Merge branch 'master' of github.com:Kozea/radicale 2016-05-30 14:53:41 +02:00
Guillaume Ayoub
248fc7e9e3 Implement time-range filters for events 2016-05-30 14:53:20 +02:00
Guillaume Ayoub
13a7f2f9af Merge pull request #417 from Unrud/patch-14 
Allow creation of empty collection via PUT
 2016-05-30 11:23:27 +02:00
Guillaume Ayoub
b0ed18af05 Merge pull request #416 from Unrud/patch-13 
Always release lock
 2016-05-30 11:08:48 +02:00
Unrud
0b25c82d9d Try to use UID as filename 2016-05-29 03:38:35 +02:00
Unrud
5c90f5b2af Save all items with the same UID in the same file 
If recurrences are not in the same file, they are not correctly shown by clients.
 2016-05-29 03:32:06 +02:00
Unrud
4861b79878 Allow creation of empty collection via PUT 2016-05-29 01:18:29 +02:00
Unrud
af1dce1504 Fix crash on unknown content type 2016-05-28 23:49:15 +02:00
Unrud
28e643dec1 Don't pass None to vobject.readComponents 
If an empty collections is created with PUT, content is None.
 2016-05-28 22:46:20 +02:00
Unrud
9ade92c026 Always release lock 2016-05-28 22:36:40 +02:00
Guillaume Ayoub
656680d998 Merge branch 'master' of github.com:Kozea/radicale 2016-05-27 14:45:43 +02:00
Guillaume Ayoub
fef9f0abc6 Support param-filter 2016-05-27 14:44:59 +02:00
Unrud
ecbffe69dc Veify Authorization Scheme 2016-05-26 12:21:09 +02:00
Guillaume Ayoub
da1363f026 Revert "Limit duration of file locks" 
This reverts commit 6b1acd14d7.
 2016-05-25 14:05:34 +02:00
Guillaume Ayoub
69ec2891fa Remove at_once 2016-05-25 14:05:05 +02:00
Guillaume Ayoub
a3c32ee77f Merge pull request #402 from Unrud/locking 
Implement locking of whole storage
 2016-05-25 14:03:48 +02:00
Guillaume Ayoub
4fc5e3135a Update documentation of path_to_filesystem 2016-05-24 14:39:41 +02:00
Guillaume Ayoub
f8c8bd9d9b Merge pull request #403 from Unrud/patch-9 
Don't sanitize local paths using posixpath
 2016-05-24 14:36:34 +02:00
Unrud
6b1acd14d7 Limit duration of file locks 
This prevents starvation of writers in other processes
 2016-05-22 23:44:21 +02:00
Unrud
14daa88772 Use FIFO for storage locking 
This prevents starvation of writers in the current process
 2016-05-22 23:29:00 +02:00
Unrud
1ea9a33101 Reuse lock file 2016-05-22 10:29:56 +02:00
Unrud
49bc0728e3 Only one lock file per process (lockf() works now) 
lockf() is more portable than flock()
 2016-05-22 10:29:56 +02:00
Unrud
eb9218354c Always use readers-writer lock in storage locking 2016-05-22 10:29:56 +02:00
Unrud
bca6cec6b3 Use context manager for locking 2016-05-22 10:29:50 +02:00
Unrud
a24613da9c Compress answer 
The protocol uses verbose XML and compression reduces the size significantly.
 2016-05-21 02:26:03 +02:00
Unrud
de2f411820 Use nonlocal instead of container 
Python 3
 2016-05-21 01:49:22 +02:00
Unrud
b810d61ce3 Don't sanitize local paths using posixpath 
This doesn't work as expected on Windows.
 2016-05-21 01:41:00 +02:00
Unrud
ff3b31fed6 Use threading in integrated webserver 2016-05-21 01:26:52 +02:00
Unrud
2c45b1998c Implement locking of whole storage 2016-05-21 01:26:45 +02:00
Guillaume Ayoub
68b72f55eb Merge pull request #398 from untitaker/unbound 
Fix UnboundLocalError
 2016-05-18 22:47:37 +02:00
Markus Unterwaditzer
eea6ccb573 Fix UnboundLocalError 2016-05-18 22:43:56 +02:00
Guillaume Ayoub
a8fda1aedf Cut long lines 2016-05-18 22:41:05 +02:00
Guillaume Ayoub
6769629314 Remove useless empty function 2016-05-18 20:22:36 +02:00
Guillaume Ayoub
45576d7474 Handle text-match filters 
Related to #33.
 2016-05-18 20:21:03 +02:00
Guillaume Ayoub
20ff5444fb Don't explicitely inherit from object 2016-05-12 18:57:59 +02:00
Guillaume Ayoub
ca056dea9f Don't return 404 for GET requests on collections 2016-05-12 18:55:03 +02:00
Guillaume Ayoub
2ce9fceaff Merge branch 'master' of github.com:Kozea/radicale 2016-05-06 17:57:58 +02:00
Guillaume Ayoub
a28df4dd4b Reorganize filters 
Related to #33 and #372.
 2016-05-06 17:53:02 +02:00
Markus Unterwaditzer
2dee66133d Flake8 fixes 2016-05-04 19:25:58 +02:00
Markus Unterwaditzer
0de3ad36be Fixes to Rights 
- BaseRights expects the config and logger params
- user may be None, which leads to errors when trying to use it with
  regexes.
 2016-04-22 20:30:40 +02:00
Guillaume Ayoub
2f97d7d1e1 Remove global state about configuration and logs 
Many things have been changed to make this possible, probably leading to
many hidden bugs waiting to be found.

Related to #122.
 2016-04-22 11:37:02 +09:00
Jasper Bryant-Greene
0670aa9fb4 Corrected calendar-timezone code in xmlutils.py 2016-04-21 10:40:36 +05:30
Guillaume Ayoub
6db946080e Cosmetics 2016-04-21 09:12:00 +09:00
Markus Unterwaditzer
7f2d1c00c4 Unbreak tag filters 2016-04-20 20:17:05 +02:00
Guillaume Ayoub
303a53eede Return Items in upload and update methods 
Related to #380
 2016-04-20 08:09:00 +09:00
Guillaume Ayoub
ecf53c5e1e Merge branch 'master' of github.com:Kozea/radicale 2016-04-20 07:50:58 +09:00
Guillaume Ayoub
3a9bcc7555 Add etag property to items 
Related to #380.
 2016-04-20 07:49:03 +09:00
Markus Unterwaditzer
1b1ba421ff Fix double slash in REPORT responses 
When doing REPORTs with absolute paths as hrefs, the response hrefs
contain a double slash at the beginning. This breaks URL parsers and
makes them assume they have a URL without protocol of the format
`//example.com/foo/bar/`.
 2016-04-19 23:19:22 +02:00
Guillaume Ayoub
bf8bd90bcb Fix removal of base_prefix in multiget requests 2016-04-19 10:44:02 +09:00
Guillaume Ayoub
6adc7f5fed Enhance collection discovering 
When the request path leads to a non-existing item, try to create the
Collection object according to an existing collection at request path's
parent.

This change means that the requests whose path leads to a collection
that doesn't exist (at least MKCOL, MKCALENDAR and PUT) need to rely on
the request path more than on the Collection path. It was already done
for PUT, it's been fixed for MKCOL and MKCALENDAR.

Fix #378.
 2016-04-19 10:39:52 +09:00
Guillaume Ayoub
65659fc909 Improve WebDAV compatibility 
Add getlastmodified and getcontentlength properties, and fix nested
collections support. Fix #321.
 2016-04-18 09:11:00 +09:00
Guillaume Ayoub
99544fcf80 Allow the creation of empty collections 
Fix #201
 2016-04-17 13:58:56 +09:00
Markus Unterwaditzer
e8c1defe6a Update PROPPATCH to new storage API 2016-04-13 23:02:00 +02:00
Markus Unterwaditzer
472d016d1e Fix crash when fetching nonexistent href 2016-04-13 22:56:57 +02:00
Markus Unterwaditzer
f169f2f19b Don't crash if collection doesn't exist yet 2016-04-13 22:09:00 +02:00
Markus Unterwaditzer
a1cdcf2fba Don't crash if propsfile doesn't exist 2016-04-12 22:43:10 +02:00
Guillaume Ayoub
e586569b31 Fix a lot of details 2016-04-12 18:21:18 +02:00
Guillaume Ayoub
406027f3c9 Change the Collection API 
The new API used comes from vdirsyncer, as proposed by @untitaker in
issue #130.

The code has been tested and works with the (too simple) unit tests, and
with Lightning and DAVdroid. Many things are broken and a good part of
the code has not be ported to the new API yet. TODOs have been added
where the application is known to be broken.
 2016-04-11 20:11:35 +02:00
Guillaume Ayoub
2408097ab9 Clean the storage module 2016-04-10 02:37:43 +02:00
Guillaume Ayoub
41e319a8b8 Merge ical and storage modules 2016-04-10 02:08:07 +02:00
Guillaume Ayoub
73d39ea572 Use vobject 2016-04-10 01:36:45 +02:00
Guillaume Ayoub
b495bfa59f Remove pathutils 2016-04-09 22:45:14 +02:00
Guillaume Ayoub
12ddd64884 Fix the management of paths 2016-04-09 22:44:34 +02:00
Guillaume Ayoub
7a0e267f19 Better collection discovery 2016-04-09 15:11:47 +02:00
Guillaume Ayoub
44ba2c36a7 Merge branch 'master' of https://github.com/hadleyrich/Radicale 2016-04-08 15:05:56 +02:00
Guillaume Ayoub
7e493f73cd Remove backslash 2016-04-08 14:46:38 +02:00
Guillaume Ayoub
e2b6bc3008 Remove old workaround 2016-04-08 14:46:17 +02:00
Guillaume Ayoub
54dee0c7c4 Clean tests 2016-04-07 19:25:10 +02:00
Guillaume Ayoub
595e2329ea Don't create collections on GET requests 2016-04-07 19:03:27 +02:00
Guillaume Ayoub
1001bcb676 Remove extra auth, rights and storage modules 2016-04-07 19:02:52 +02:00
Guillaume Ayoub
434cb533e9 Remove Python 2 support 2016-03-31 19:57:40 +02:00
Guillaume Ayoub
fa4eaef08e Merge pull request #353 from Unrud/patch-7 
Integrated server without busy waiting
 2016-03-31 19:24:43 +02:00
Guillaume Ayoub
f27ed8e6ff Merge pull request #363 from igogold/readonly-collections 
Fix privilege set for read only collection
 2016-03-31 19:23:47 +02:00
Guillaume Ayoub
2ea35a2fc3 Merge pull request #209 from vuntz/no-autocreate-multifilesystem 
Do not autocreate .props files for multifilesystem backend
 2016-03-10 18:48:29 +01:00
igogold
aa04aa04b7 Fix privilege set for read only collection 2016-03-04 11:05:13 +05:00
Unrud
bbe71c1ad1 Integrated server without threads and busy waiting 2016-01-27 07:17:38 +01:00
Guillaume Ayoub
3a4184d1ab Merge pull request #351 from Unrud/patch-6 
Quick fix for multifilesystem
 2016-01-15 10:54:47 +01:00
Guillaume Ayoub
060d265129 Merge branch 'master' of github.com:Kozea/radicale 2016-01-15 10:51:24 +01:00
Guillaume Ayoub
9a2668e425 Fix the Collection._parse docstring 2016-01-15 10:50:36 +01:00
Unrud
a55cff8eb6 Also remove items from the collections itself 2016-01-15 01:13:18 +01:00
Unrud
5081fcbcd1 Use component names to filter duplicates 2016-01-15 01:09:43 +01:00
Unrud
6be7dab03f Correct function name 2016-01-14 23:07:53 +01:00
Guillaume Ayoub
f8b068e9fe Version 1.1.1 2016-01-07 23:31:19 +01:00
Guillaume Ayoub
83304c1378 Stupid me, that was PEP 20 (fix 347 for Python 2 too) 2016-01-06 21:44:20 +01:00
Guillaume Ayoub
620d9f8316 Readability counts - PEP8™ (fix #347) 2016-01-06 20:19:12 +01:00
Guillaume Ayoub
e47b50421e Version 1.1 2015-12-31 12:51:23 +01:00
Guillaume Ayoub
e7ce00d54f Style 2015-12-31 12:49:41 +01:00
Guillaume Ayoub
b484d42547 Merge pull request #335 from Kozea/permissions 
Use the first matching section for getting rights
 2015-12-31 11:30:29 +01:00
Guillaume Ayoub
20960bee84 Merge pull request #339 from Unrud/patch-2 
Improve daemonization
 2015-12-24 16:00:39 +01:00
Unrud
eed37792ae Convert filesystem paths safely to paths 
This only becomes a problem if the OS/filesystem
allows / in filenames or . respectively
.. as filenames.
 2015-12-24 14:39:29 +01:00
Unrud
bcaf452e51 Convert component names safely to filenames 
Component names are controlled by the user and
without this checks access to arbitrary files is
possible if the multifilesystem backend is used.
 2015-12-24 14:39:29 +01:00
Unrud
b4b3d51f33 Convert paths safely to file system paths 
With the old implementation on Windows a path like
"/c:/file/ignore" got converted to "c:\file" and
allowed access to files outside of FOLDER
 2015-12-24 14:39:29 +01:00
Unrud
6b7e79a368 Use sanitize_path instead of normpath 
See a7b47f075499a1e1b40539bc1fa872a3ab77a204
The check for "." is now needless because the sane
path is always absolute.
```path.replace(os.sep, "/")``` is only relevant
for the (multi)filesystem backend and should be
there.
 2015-12-24 14:39:24 +01:00
Unrud
1ad994cadf Move sanitize_path into pathutils.py 2015-12-24 14:39:15 +01:00
Unrud
ed44830447 Error message if path not starting with prefix 
Before the program crashed implicitly
 2015-12-24 14:32:21 +01:00
Unrud
780cecc0f2 Always sanitize request URI 
Do no rely on the HTTP server
 2015-12-24 14:32:21 +01:00
Unrud
ee095a463d Improve URI sanitation 
The old implementation failed to sanitize URIs
like ".", "..", "../.." or "//"
 2015-12-24 14:32:21 +01:00
Unrud
592537e37c Introduce naming scheme for request handlers 
The do_ prefix and upper case name allows easy
distinction between methods that handle requests
and other methods.
Without this distinction an attacker could
call arbitrary methods.
Currently there is no method that matches the
argument count, but that's easy to miss when new
methods are added.
 2015-12-24 07:22:55 +01:00
Unrud
4bfe7c9f79 Prevent "regex injection" 
If an attacker is able to authenticate with a user name like .* he can bypass limitations imposed by "owner_write" and "owner_only".
 2015-12-23 07:05:20 +01:00
Unrud
7cb31fe22b Improve regex for Well-Known URIs 
Example to show the problem:
/Xwell-known/carddavXX
 2015-12-22 12:44:19 +01:00
Unrud
367ca6fcbf Replace standard file descriptors of daemon 
Overwriting ```sys.stdout``` and ```sys.stderr``` is not sufficient.
(e.g. the logger still uses the old file descriptors)
 2015-12-22 08:50:16 +01:00
Unrud
ecb8ad747e Decouple the daemon from its parent environment 2015-12-22 08:50:16 +01:00
Unrud
3a9238f670 Check and create PID file in a race-free manner 2015-12-22 08:50:16 +01:00
Unrud
0a09804821 Close PID file 2015-12-22 08:49:58 +01:00
Unrud
80ecae40cb Assign new items to correct key 2015-12-10 09:46:38 +01:00
Guillaume Ayoub
e807c3d35b Use the first matching section for getting rights 2015-12-03 15:22:12 +01:00
Guillaume Ayoub
7b82121c12 Encode message and committer for git commits (fix #313) 2015-09-22 11:01:33 +02:00
Guillaume Ayoub
6babebd315 Version 1.0.1 2015-09-21 12:14:51 +02:00
Guillaume Ayoub
377762e23c Version 1.0 2015-09-14 11:49:34 +02:00
Guillaume Ayoub
f112a9b390 Merge pull request #305 from untitaker/database-props 
Don't discard PROPPATCH on empty collections.
 2015-08-28 11:26:10 +02:00
Markus Unterwaditzer
57b1ccdea5 Fix crash on empty values 2015-08-21 20:11:44 +02:00
Markus Unterwaditzer
213cb40480 Don't discard PROPPATCH on empty collections. 2015-08-21 20:08:56 +02:00
Markus Unterwaditzer
d300949fe8 Improve errorhandling in multifilesystem 
If the collection doesn't exist yet, OSError(2, 'No such file or
directory') is raised.

https://travis-ci.org/untitaker/vdirsyncer/jobs/42540595
 2015-08-21 16:17:00 +02:00