Commit Graph

633 Commits

Author SHA1 Message Date
deronnax
b863e8390e add ".well-known" addresses feature (closes #126) 2014-10-20 18:51:43 +02:00
Guillaume Ayoub
124cf3f51a Merge pull request #224 from deronnax/decode_content_later
decode http resquest content later
2014-10-20 17:34:29 +02:00
deronnax
c180b4ace3 decode http resquest content later 2014-10-20 17:32:10 +02:00
Guillaume Ayoub
788b775c32 Merge pull request #198 from untitaker/discovery
Return user basepath for current-user-principal
2014-10-17 16:53:45 +02:00
Vincent Untz
71c243035e Remove props file when deleting a collection with multifilesystem 2014-09-18 14:21:10 +02:00
Vincent Untz
873872d541 Do not autocreate .props files for multifilesystem backend
This is required as we do not want .props files to be created for nodes,
otherwise they'll stop being considered as nodes, which will break
discovery of calendars.

This fixes https://github.com/Kozea/Radicale/issues/208
2014-09-15 17:42:33 +02:00
Guillaume Ayoub
a6884492a2 Version 0.9 2014-08-13 13:12:19 +02:00
Markus Unterwaditzer
4859436ba8 Return user basepath for current-user-principal
Fix #196

The way to do collection discovery described in
http://stackoverflow.com/a/11673483 doesn't work well with Radicale:

1. current-user-principal returns /user/calendar.ics/

2. PROPFINDs asking for calendar-home-set will return the URL that was
   used in the request, which is still /user/calendar.ics/

3. The final PROPFIND with Depth: 1 is supposed to list all collections,
   but because the request is done with a collection URL, Radicale returns
   the items for the "calendar.ics" collection which might or might not
   exist.
2014-08-09 23:01:13 +02:00
Giel van Schijndel
a040c666ca IMAP: don't spam the logs about non-SSL connections to localhost
When using IMAP as auth module every single request causes a warning to
be logged just because we're not encrypting traffic sent to another
process on the *same* machine.

This change recognizes that while some people might consider this
undesirable, others might have made this a conscious choice and *don't*
wish to be spammed for it. As such now only a single warning is logged
(the first time in the server's lifetime that a user logs in).

Signed-off-by: Giel van Schijndel <me@mortis.eu>
2014-08-09 22:39:16 +02:00
Guillaume Ayoub
2b4485f6ae Allow requests on root folder for authenticated users 2014-08-07 15:06:48 +02:00
Guillaume Ayoub
77ad16f2a9 Fix the PID number stored on filesystem 2014-08-07 12:31:51 +02:00
Guillaume Ayoub
9ad9c466e2 Add an option allowing requests without base_prefix
Related to #147, patch proposed by jheidemann
2014-08-06 11:51:11 +02:00
Guillaume Ayoub
0822f99650 Allow full URLs in href tags for REPORT requests
Fixes #192
2014-08-05 15:42:39 +02:00
Élie Bouttier
ab04e38dc8 Reload logger config on SIGHUP
Particularly useful for logrotate.
2014-07-28 12:15:08 -07:00
Guillaume Ayoub
a5c5f2494f New version 2014-07-28 13:03:06 +02:00
Guillaume Ayoub
a65f96fe41 Fix syntax error 2014-07-28 11:28:12 +02:00
Guillaume Ayoub
35a0047b38 Merge pull request #182 from dnnr/serialize-sorted
Sort items before serializing to minimize diff
2014-07-28 11:21:48 +02:00
Guillaume Ayoub
f92f9f5e7d Merge pull request #175 from Ede123/master
Return "401 unauthorized" on unauthorized DELETE requests (fixes #125)
2014-07-28 11:20:45 +02:00
Guillaume Ayoub
bbe7588156 Merge pull request #189 from deronnax/revert#00674fe
revert of 00674fe
2014-07-28 10:49:29 +02:00
Guillaume Ayoub
cdad148bd0 else if → elif 2014-07-28 10:24:43 +02:00
Mathieu Dupuy
4643112511 deplace pid file creation in child process 2014-07-25 15:52:04 +02:00
Mathieu Dupuy
a94984b653 revert of 00674fe 2014-07-25 15:41:56 +02:00
Daniel Danner
1769a68719 Sort items before serializing to minimize diff 2014-07-09 17:41:57 +02:00
Ede123
c9bd2d0135 Signed-off-by: Ede123 <Eduard.Braun2@gmx.de> 2014-06-21 15:34:22 +02:00
Guillaume Ayoub
6854cd0ee3 Use warning instead of warn for logging (fix #170) 2014-06-15 10:19:34 +02:00
Guillaume Ayoub
c5f19bb05b Merge pull request #160 from red-hood/master
Allow tilde expansion for htpasswd file
2014-06-15 10:07:54 +02:00
Markus Unterwaditzer
030436327a Fix #143
Since all iCalendar objects have VCALENDAR inside them, that tag is
absolutely meaningless (in this context).
2014-06-04 22:55:35 +02:00
Christian Roeder
8673717838 Allow tilde expansion for htpasswd file
Call os.path.expanduser on the location given by the config parameter.
This will allow to use settings like
  htpasswd_filename = ~/.config/radicale/users
2014-05-14 01:42:19 +02:00
Guillaume Ayoub
6021f16866 Fix owner_* methods (fix #151) 2014-05-06 15:15:58 +02:00
Guillaume Ayoub
1ab07d84e6 Add some documentation about the "user" key in the "regex" rights module 2014-04-16 18:56:57 +02:00
Guillaume Ayoub
799dbfe612 Fix "authenticated" method 2014-04-16 17:05:20 +02:00
Guillaume Ayoub
3e893a3420 Merge pull request #142 from mike-perdide/authenticated_feature
Adding a new "authenticated" ACL type.
2014-04-15 16:48:19 +02:00
Julien Miotte
aabebb5578 Adding a new "authenticated" ACL type.
When set, all authenticated users will have rw permissions on all
collections, but no anonymous user will be able to read or write any
collection.
2014-04-09 00:02:39 +02:00
Julien Miotte
963e21212b Renaming the regex.py methods args for coherence. 2014-04-09 00:02:09 +02:00
Julien Miotte
6677dbcdc9 Moving the debug log at the proper place.
If we don't do this, we might get the following in the logs:

  2014-04-08 20:00:59,354 - DEBUG: Section 'r' matches
  2014-04-08 20:00:59,354 - DEBUG: Section 'r' does not match

which is a bit confusing.
2014-04-09 00:02:03 +02:00
Markus Kaiserswerth
0dee34b3a8 Add SSL ciphers argument only if supported, fixes Python 2.6 compat 2014-03-19 14:04:25 +01:00
Guillaume Ayoub
45f8e76643 Revert "Follow the depth in REPORT requests"
This reverts commit 9556508b2a.
2014-03-05 19:26:42 +01:00
Guillaume Ayoub
9556508b2a Follow the depth in REPORT requests 2014-03-04 01:37:14 +01:00
Guillaume Ayoub
066dffd614 Cut line 2014-03-04 01:08:56 +01:00
Guillaume Ayoub
3bd5b8f0fc Let's try to release 0.9 beta 1 2014-02-24 23:26:40 +01:00
Guillaume Ayoub
f9ce1d0e6d Remove the backend/type split for rights in configuration 2014-02-05 14:11:40 +01:00
Guillaume Ayoub
2ad8b57305 Merge branch 'apache_auth' of git://github.com/jaesivsm/Radicale into jaesivsm-apache_auth
Conflicts:
	radicale/__init__.py
2014-02-05 13:09:37 +01:00
Guillaume Ayoub
701df2d201 Use environ.get instead of try/except 2014-02-05 13:01:49 +01:00
Guillaume Ayoub
f7c7746643 Merge pull request #99 from horazont/fix-preauth
Fix issues if authentication is done by web server
2014-02-05 12:59:45 +01:00
Christoph Polcin
3aa992e518 Find collections if necessary 2014-01-19 20:11:47 +01:00
Christoph Polcin
90d82d044c Fix access to collections
under certain conditions it was possible to pass the final access control
if-clause. the master branch granted access if:

    if ((read_allowed_items or write_allowed_items)
        and (not user or auth.is_authenticated(user, password))) or
        function == self.options or not items:

the easy-connect branch from pull request #95 adds:
    (is_authenticated and function == self.propfind) or

the last `or not items` condition levers out the previous authentication and
access control. that isn't that big secuity issue because in this case there
are no collection and items at all. but "bad" and anonymous users could gather
data and information which not destined for them.

this commit fixes and simplifies the if-clause.
2014-01-19 20:04:37 +01:00
Christoph Polcin
387e1fee76 Fix calendar/addressbook-home-set in PROPFIND response 2014-01-19 19:35:53 +01:00
Christoph Polcin
d09b16c5ad Fix principal-collection-set in PROPFIND response 2014-01-19 19:35:53 +01:00
Christoph Polcin
83db27303f Respond to all authenticated PROPFIND requests 2014-01-19 19:35:46 +01:00
François Schmidts
b9ff564c1f not only apache uses REMOTE_USER
removing the apache mention to make the config more "webserver agnostic"
2014-01-15 23:01:36 +01:00
François Schmidts
18ea7e4942 removing the user and password getting from main __call__ function 2014-01-15 22:40:33 +01:00
François Schmidts
34163c5020 making radicale support authenticated user from apache 2014-01-15 09:50:22 +01:00
Jonas Wielicki
d9df9a36e1 Fix issues if authentication is done by web server
This patch fixes `user` always being None if the authentication is
offloaded to the webserver, as it is suggested in the documentation.

For normal access, this is not a problem, but it becomes a problem if a
client wants to get the current-user-principal, for which the user name
is required.
2014-01-14 20:46:47 +01:00
Christoph Polcin
2ddec14535 Fix principal URLs in PROPFIND response 2014-01-05 21:22:53 +01:00
Sergey Fursov
1d0418594d Allow attach custom rights backend, small fix in default config file 2013-12-29 15:13:35 +04:00
Sergey Fursov
3b0328ca1e Allow attach custom storage backend 2013-12-28 14:15:35 +04:00
Sergey Fursov
a91a7790c5 Allow attach custom auth handler 2013-12-28 13:31:32 +04:00
Sergey Fursov
dca10fa14e Different rights management backends
Initially only one backend - regular expressions based
2013-12-25 03:44:24 +04:00
Guillaume Ayoub
0e566e4c97 Merge branch 'apple' 2013-12-24 11:22:57 +01:00
Guillaume Ayoub
a7be59b9f7 Merge pull request #92 from cristen/master
Fix wrong syntax in config file and fix #58
2013-12-24 02:21:43 -08:00
Jean-Marc Martins
7ac971e022 Fix wrong syntax in config file and fix #58 2013-12-23 16:45:15 +01:00
Guillaume Ayoub
fae2b30ec4 Merge branch 'master' of git://github.com/cristen/Radicale into cristen-master
Conflicts:
	radicale/storage/database.py
	schema.sql
2013-12-17 14:42:20 +01:00
Jean-Marc Martins
56581a998a Fix database Fix bug #77 HELL YEAH ! 2013-12-17 14:35:55 +01:00
Jean-Marc Martins
f377bd1356 Fix ssl protocol 2013-12-13 15:17:30 +01:00
Jean-Marc Martins
d765544edd Add ssl protocol and ciphers in config 2013-12-13 14:31:09 +01:00
Guillaume Ayoub
0c2c9c3a7e Store collection's parent in database (bug #77) 2013-10-31 16:07:37 +01:00
Guillaume Ayoub
a920518a26 Return an int for __hash__ 2013-10-31 14:05:15 +01:00
Guillaume Ayoub
ce8e86af63 Allow read-only access to .well-known/ca(l|rd)av (related to #32) 2013-10-31 13:57:37 +01:00
Guillaume Ayoub
92b3cf41bc Simple try/except import trick 2013-10-29 14:09:46 +01:00
Guillaume Ayoub
830774824e Merge pull request #75 from davidaurelio/master
Fix python 3 problems with default rights
2013-10-29 03:16:09 -07:00
Guillaume Ayoub
337d2719be Cosmetics 2013-10-29 09:30:51 +01:00
9m66p93w
6bc745fe45 Replace built-in hash function with hashlib.
The built-in hash function returns inconsistent values in Python 3.
2013-10-27 22:55:01 -04:00
David Aurelio
fb784c28c4 Fix python 3 problem: 'str' does not support the buffer interface 2013-10-27 22:36:56 +01:00
Guillaume Ayoub
fe1cd1d44d Use collection URL instead of main folder as user's main URL (see #32) 2013-10-24 15:31:49 +02:00
Guillaume Ayoub
a617c4db26 Fix authentication with Python 3 (see #70) 2013-10-18 14:06:57 +02:00
Guillaume Ayoub
659757f173 Style fixes 2013-10-01 13:04:24 +02:00
Štěpán Henek
7c03089601 Bugfix: auth PAM check for membership in primary and supplementary groups 2013-09-27 21:14:27 +02:00
Štěpán Henek
ee687bea18 Bugfix: auth PAM doesn't throw an exception when authenticating without username and password 2013-09-27 20:44:41 +02:00
Guillaume Ayoub
07f7e46b3e Small fixes 2013-09-25 13:04:14 +02:00
Jean-Marc Martins
a631c8c761 Fix compatibility between python2 and 3 2013-09-19 14:40:03 +02:00
Jean-Marc Martins
6c40f5e24a Merge branch 'authentication' of github.com:cristen/Radicale into authentication 2013-09-13 17:41:21 +02:00
Jean-Marc Martins
fe28b040bd Adds the committer in the config + python3 support 2013-09-13 17:26:03 +02:00
Jean-Marc Martins
e2512b12fb Fixed partially anonymous authentication 2013-09-13 15:05:02 +02:00
Jean-Marc Martins
58faf725b0 Fixed authentication for anonymous users 2013-09-12 17:39:20 +02:00
Guillaume Ayoub
43785e48a9 Get configuration keys at runtime, not when module is imported (fixes #64) 2013-09-12 13:48:49 +02:00
Guillaume Ayoub
15d8a8eb84 Remove useless primary key from line table 2013-09-07 09:50:13 +02:00
Guillaume Ayoub
0e5ef007f1 Use table attribute instead of string in database order by (probably fixes #59) 2013-09-06 22:09:16 +02:00
Guillaume Ayoub
7266c8018f Merge pull request #61 from cristen/tests
Tests
2013-09-06 07:13:17 -07:00
Guillaume Ayoub
ff535b62b0 Remove useless config keys 2013-09-06 16:00:12 +02:00
Jean-Marc Martins
ce59d9ea87 Added functionnal tests 2013-09-05 15:13:31 +02:00
Guillaume Ayoub
dbb866a750 Don't create the repository for each change 2013-08-30 19:00:10 +02:00
Jean-Marc Martins
97a19405c4 Adds git support to Radicale (Fix #30) 2013-08-30 17:23:04 +02:00
Jean-Marc Martins
6e98b1b3e8 Adds multifilesystem storage backend (See #30) 2013-08-29 16:55:36 +02:00
Jean-Marc Martins
484933d4b6 Merge branch 'master' of github.com:Kozea/Radicale 2013-08-28 10:48:15 +02:00
Ossi Salmi
8c3cf6bccd Fix built-in owner_only right 2013-08-28 00:56:45 +03:00
Guillaume Ayoub
423feaec2a Get a random color for calendars with no color 2013-08-27 17:06:16 +02:00
Guillaume Ayoub
00b498677d Merge pull request #48 from jspricke/color
Add color support
2013-08-27 08:02:38 -07:00
Jean-Marc Martins
056dec5819 Decode urls in XML (fix #26) 2013-08-27 16:43:36 +02:00
Guillaume Ayoub
f09b070e40 Fix stupid bug in logs 2013-08-27 15:19:15 +02:00
Guillaume Ayoub
c0c652b3f8 Add documentation and example for rights management 2013-08-27 11:05:54 +02:00
Guillaume Ayoub
a884169487 Don't be so optimistic about collection detection.
For clients that can't create collections with MK* requests and that don't
use GET requests, is_leaf gives False for empty collections only reached
through a PROPFIND request. As Radicale can't create a collection for
each type of request, we have to strip the last part of path for paths ending
with .ics and .vcf, as they can be represent items and not collections.
2013-08-25 09:35:22 +02:00
Guillaume Ayoub
205600c2d1 Fix the test used to guess if a path is a collection 2013-08-24 01:26:06 +02:00
Guillaume Ayoub
2cd90c6a4a Use a simpler code to detect not-created-yet addressbooks 2013-08-23 13:40:17 +02:00
Guillaume Ayoub
61eedc2b7c Match stupid naming conventions used by Apple's clients for collections 2013-08-23 13:33:35 +02:00
Guillaume Ayoub
07a9ce8296 Fix owner_* rights with python2 (fix #49) 2013-08-21 06:58:30 +02:00
Jochen Sprickerhof
5f2245c35f Add color support
You can change the default color by changing the props (.props file for
the filesystem storage backend).
2013-08-17 12:16:37 +02:00
Guillaume Ayoub
f7f26afd6b Fix rights type "None" 2013-08-14 11:58:08 +02:00
Guillaume Ayoub
d1379e349a Don't check the file twice for rights 2013-08-14 10:52:50 +02:00
Guillaume Ayoub
586773148e Use a more simple rights manager 2013-08-14 10:50:59 +02:00
Guillaume Ayoub
3e3f07a6de Assume that the collection is an addressbook when "carddav" is in URL 2013-07-26 17:47:51 +02:00
Guillaume Ayoub
faa331ccc3 Change a couple of things in regex-based rights manager 2013-07-23 18:05:22 +02:00
mail@sweil.de
eed0f74fad New rights management method: regex
user and collection are matched against regular expression to determine read/write access
2013-07-19 15:16:36 +02:00
Guillaume Ayoub
b8848de15e Preparing next version 2013-07-12 18:40:12 +02:00
Guillaume Ayoub
2df8f92f87 Version 0.8 2013-07-12 17:45:30 +02:00
Guillaume Ayoub
05dbd71eca Fix logging 2013-07-12 17:45:09 +02:00
Guillaume Ayoub
b60b759a36 Use extra parameter instead of formatted line in logger 2013-07-12 16:28:58 +02:00
Guillaume Ayoub
c4f2587fd9 Pylint 2013-07-12 15:25:57 +02:00
Guillaume Ayoub
18f5c334f1 Clean log module 2013-07-12 15:12:07 +02:00
Guillaume Ayoub
af30483f69 Fix docstring again 2013-07-09 18:33:35 +02:00
Guillaume Ayoub
7a6efedcff Fix docstring 2013-07-09 18:32:42 +02:00
Felix Lange
b737d17172 Print a debug message when the logging config file doesn't exist 2013-07-07 15:48:14 +02:00
Felix Lange
ada23997a9 Resolve logging configuration file when logging is started 2013-07-07 15:07:21 +02:00
Guillaume Ayoub
de1e57081b Put the realm in the configuration file (fix #37) 2013-06-28 16:39:09 +02:00
Guillaume Ayoub
70f8ee94d9 Fix supported-calendar-component-set for collection's components 2013-06-17 11:30:26 +02:00
Guillaume Ayoub
d38c4d1c1d Fix config files management 2013-06-04 16:59:21 +02:00
Guillaume Ayoub
8adb096de2 Fix the warning if the configuration file is not found 2013-06-04 15:12:06 +02:00
Guillaume Ayoub
61d063c610 Print a warning if the configuration file is not found 2013-06-04 16:00:46 +03:00
Guillaume Ayoub
847235f6e7 Read the configuration file for rights each time
We now re-parse the file each time we need to get the rights. It's
definitely too much, but it's not the slowest part of Radicale.
2013-05-22 18:49:30 +02:00
Guillaume Ayoub
1b098058bd Update the documentation about leading slash in right management file's sections 2013-05-15 22:49:48 +02:00
Guillaume Ayoub
ca0a1ecfde Log if the file used for rights management is not found 2013-05-15 22:49:02 +02:00
Guillaume Ayoub
fce91e7060 Allow ~ in rights filename 2013-05-15 22:41:51 +02:00
Guillaume Ayoub
45e844cda2 Fix a read/write mismatch in from_file rights manager 2013-05-15 22:29:40 +02:00
Guillaume Ayoub
dd7f886fcc Add content type for collection items 2013-05-14 13:18:12 +02:00
Guillaume Ayoub
b7aa5c8d14 Fix collection properties set by proppatch or mk* requests 2013-05-13 23:19:22 +02:00
Guillaume Ayoub
fab7796ca0 Allow additional HTTP headers in configuration file
Best ratio coolness/sloc ever!
2013-05-13 18:15:08 +02:00
Guillaume Ayoub
040d3b87a8 Revert a strange commit (let's say I was tired) 2013-05-13 18:14:42 +02:00
Guillaume Ayoub
69e2eb0908 Store the supported-calendar-component-set property in the calendar properties 2013-05-10 14:56:17 +02:00
Guillaume Ayoub
e9e811d375 Allow requests with no maching items (ie. requests at "/") 2013-05-01 20:36:41 +02:00
Guillaume Ayoub
45c1647a92 Don't try TLS with SSL connections 2013-05-01 20:24:41 +02:00
Guillaume Ayoub
0f0bddedc9 Fix types of IMAP config parameters 2013-05-01 20:24:05 +02:00
Guillaume Ayoub
9a49be1e10 Don't try to login with IMAP and courier when user or password is empty 2013-05-01 20:23:03 +02:00
Guillaume Ayoub
e4af425893 Fix some corner-cases for requests at root path 2013-05-01 20:13:51 +02:00
Guillaume Ayoub
f73b44a311 Useless typo 2013-05-01 20:12:24 +02:00
Guillaume Ayoub
bf8e874e4d Merge *base_prefix config keys into base_prefix (fixes #996) 2013-04-30 14:02:17 +02:00
Guillaume Ayoub
eaa969a05c Merge pull request #24 from vuntz/radicale-in-subdir
Allow running radicale in a subdir, as well as in a subdir behind a proxy
2013-04-26 08:33:12 -07:00
Guillaume Ayoub
5c4fb8529d Fix modification time for not-created-yet collections 2013-04-26 13:29:24 +02:00
Guillaume Ayoub
406bb6e8cc Update copyright years 2013-04-26 01:28:03 +02:00
Guillaume Ayoub
22077aa7a1 Clean the http-based auth module 2013-04-26 01:14:33 +02:00
Guillaume Ayoub
494ffbd762 Merge pull request #15 from MelianLabs/http
Added HTTP-based authentication
2013-04-25 16:07:49 -07:00
Guillaume Ayoub
2738d10830 Support SSL for IMAP authentication
Based on Nikita Koshikov's commit:
https://github.com/interlegis/Radicale/commit/000fc2a
2013-04-26 00:56:56 +02:00
Guillaume Ayoub
a01e4d18e1 Clean database storage code 2013-04-20 12:59:56 +02:00
Guillaume Ayoub
16c6f55ebd Initial *untested* support for database storage 2013-04-20 12:51:32 +02:00
Jonathan Dupart
7a96578ca4 Typo: missing comma
sync-collection and expand-property where returned concatenated in
PROPFIND answers.
2013-04-09 00:42:25 +02:00
Vincent Untz
74590cfd0c Add proxy_base_prefix option to help run in a subdir behind a proxy
I have a setup where Radicale is running as the normal process, and
nginx is acting as proxy for Radicale for requests under /radicale/.
This means that all requests to nginx that go to /radicale/ are sent to
a radicale server that expects requests coming at /.

Obviously, all the href need to have the /radicale/ prefix to have
things work. So a new option proxy_base_prefix is added to allow having
such a setup.

All href that are sent in the replies will have the proxy_base_prefix
prepended.
2013-03-18 18:20:06 +01:00
Vincent Untz
0dbf71f57f Fix issues with base_prefix option 2013-03-18 18:13:28 +01:00
Fabrice Bellet
54bda5594c Handle use in a subdir. Patch from Clint Adams <clint@softwarefreedom.org> adapted from http://redmine.kozea.fr/issues/996 2013-03-18 18:10:13 +01:00
Guillaume Ayoub
b6b48b5af7 Typo 2013-02-27 10:36:54 +01:00
Christoph Polcin
9972897d75 accepts PROPFIND whitout request body 2013-02-26 00:45:08 +01:00
Guillaume Ayoub
dd94660ef0 Use "is None" instead of "== None" 2013-02-01 00:16:31 +01:00
Guillaume DOTT
85a7b7db50 Prevent exception in from_file when user is None 2013-01-31 22:41:50 +01:00
Guillaume Ayoub
bcdf00f85e Allow colon characters in passwords (fixes #1308) 2013-01-31 17:27:23 +01:00
Guillaume Ayoub
151f82c593 Typo 2013-01-16 11:16:16 +01:00
Mark Adams
d23cabf8f6 Added -C command line flag for specifying configuration file location. 2013-01-15 13:18:09 -06:00
Guillaume DOTT
5a3f0e4d97 Handle exceptions when looking for rights in a file 2012-12-11 15:03:29 +01:00
Ehsanul Hoque
dbc622e8d7 Added HTTP-based authentication
The purpose of this is in order to tie CalDAV accounts to an external web
application. This application must provide a URL end point to which a POST
request can be made, with the username/password sent as the payload. A 200 or
201 response is considered successful authentication. Any other response is
a failure.
2012-09-28 09:52:17 +06:00
Guillaume Ayoub
4c064bcf35 Clean rights from file and remove tests 2012-09-15 09:08:01 +02:00
Guillaume Ayoub
7b15832dbf Merge pull request #12 from matthiasjordan/master
File-based rights and testing
2012-09-14 05:23:24 -07:00
Guillaume Ayoub
e06cfa4de0 Handle "If-None-Match: *" HTTP headers for PUT requests 2012-08-31 17:24:32 +02:00
Matthias Jordan
e08aa6176c Less aggressive logging 2012-08-18 00:36:30 +02:00
Matthias Jordan
0c4562c01d Using different HTTP status codes in some cases where auth or rights are violated 2012-08-18 00:18:22 +02:00
Matthias Jordan
db708a0853 Checking rights only once. Also taking care of mistakenly checking
ownership of events. xmlutils is now unaware of rights.
2012-08-15 22:36:42 +02:00
Matthias Jordan
0722db04fb Extract method 2012-08-15 15:12:18 +02:00
Matthias Jordan
bc0b74c555 Using collection's URL for logging instead of its name 2012-08-11 00:57:15 +02:00
Matthias Jordan
e3bc6afdd3 Added file-based rights management 2012-08-11 00:56:45 +02:00
Guillaume Ayoub
237f42909a Add owner_write rights manager 2012-08-09 17:32:03 +02:00
Guillaume Ayoub
98bbe61f67 Use relative imports 2012-08-09 17:31:36 +02:00
Guillaume Ayoub
9f446cb261 Fix GET requests 2012-08-09 16:00:31 +02:00
Guillaume Ayoub
17857654b0 Use the same import mechanisms for auth, storage, rights 2012-08-09 15:39:01 +02:00
Guillaume Ayoub
3ddbb80674 Fix OPTIONS requests 2012-08-09 14:29:44 +02:00
Guillaume Ayoub
4fa53d15b3 Fix the auth checking algorithm 2012-08-09 14:15:20 +02:00
Guillaume Ayoub
e33ee8ea7c Small fixes 2012-08-08 18:54:58 +02:00
Guillaume Ayoub
e14bed9f95 Add rights section in config module 2012-08-08 18:45:55 +02:00
Guillaume Ayoub
b4a7ada5f2 is_authorized returns True when no auth method is set 2012-08-08 18:44:25 +02:00
Guillaume Ayoub
45afac5353 Code cleaned and modules renamed
*Radicale is probably broken now*
2012-08-08 18:29:09 +02:00
Guillaume Ayoub
a17ad1b6a3 Un-revert some lost commits 2012-08-08 16:37:18 +02:00
Matthias Jordan
55a13d4c39 Merge remote-tracking branch 'upstream/master'
Conflicts:
	radicale/__init__.py
	radicale/acl/courier.py
2012-08-04 11:27:51 +02:00
Guillaume Ayoub
7d06d1b4d5 Version set to "git" 2012-08-03 14:37:40 +02:00
Guillaume Ayoub
0cf9b92ce7 Version 0.7.1 2012-08-03 14:37:02 +02:00
Guillaume Ayoub
7ae764fd4b Enhance readability according to PEP8 2012-08-03 14:08:11 +02:00
Guillaume Ayoub
f593ab0fbd Set the maximuml line length to 79 instead of 80 2012-08-03 13:55:52 +02:00
Matthias Jordan
e40e68b528 Separation of authentication and authorization. Separation of read and write authorization.
Static test strategies for authentication. Barely tested. Use at your own risk!
2012-08-03 13:10:20 +02:00
Guillaume Ayoub
a7481a0546 Clean the server's __call__ method, with comments and better variable names 2012-08-03 11:52:30 +02:00
Guillaume Ayoub
9d193b6b30 Don't start Radicale when PID file exists (fixes #890) 2012-08-03 00:29:06 +02:00
Guillaume Ayoub
83baebd750 PEP8 and cleanup for the new IMAP ACL module 2012-07-16 19:09:35 +02:00
Daniel Aleksandersen
e2d9f79dc4 Default config values for IMAP ACL
Hostname ``localhost``on port ``143`` (standard port).
2012-07-05 20:54:33 +02:00
Daniel Aleksandersen
360d4e6411 New IMAP ACL
Secure authentication based on the ``imaplib`` module.

Validating users against a modern IMAP4rev1 server that awaits STARTTLS
on port 143. Legacy SSL (often on legacy port 993) is deprecated and
thus unsupported. STARTTLS is enforced except if host is ``localhost``
as passwords are sent in PLAIN.

Python 3.2 or newer is required for TLS.
2012-07-05 20:52:10 +02:00
Daniel Aleksandersen
a45b7b7c23 Return the group database entry 2012-07-04 15:56:15 +03:00
Guillaume Ayoub
5a260d33db Merge pull request #6 from antonyc/patch-1
Fix typo in config file for htpasswd* entries
2012-07-02 04:43:14 -07:00
Benjamin Frank
03fc5fc526 Fix Courier ACL
Replaced blacklisting approach with a whitelisting on, thus preventing access
due to responses from authlib not containing the word 'FAIL', e.g. empty ones
(see http://www.courier-mta.org/authlib/README_authlib.html#authpipeproto)
2012-07-02 13:30:28 +02:00
Guillaume Ayoub
ea94ec919e Use the right namespace for adressbook tags 2012-06-28 11:28:42 +02:00