tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
838 Commits 2 Branches 0 Tags
Commit Graph

603 Commits

Author SHA1 Message Date
Guillaume Ayoub
799dbfe612 Fix "authenticated" method 2014-04-16 17:05:20 +02:00
Guillaume Ayoub
3e893a3420 Merge pull request #142 from mike-perdide/authenticated_feature 
Adding a new "authenticated" ACL type.
 2014-04-15 16:48:19 +02:00
Julien Miotte
aabebb5578 Adding a new "authenticated" ACL type. 
When set, all authenticated users will have rw permissions on all
collections, but no anonymous user will be able to read or write any
collection.
 2014-04-09 00:02:39 +02:00
Julien Miotte
963e21212b Renaming the regex.py methods args for coherence. 2014-04-09 00:02:09 +02:00
Julien Miotte
6677dbcdc9 Moving the debug log at the proper place. 
If we don't do this, we might get the following in the logs:

  2014-04-08 20:00:59,354 - DEBUG: Section 'r' matches
  2014-04-08 20:00:59,354 - DEBUG: Section 'r' does not match

which is a bit confusing.
 2014-04-09 00:02:03 +02:00
Markus Kaiserswerth
0dee34b3a8 Add SSL ciphers argument only if supported, fixes Python 2.6 compat 2014-03-19 14:04:25 +01:00
Guillaume Ayoub
45f8e76643 Revert "Follow the depth in REPORT requests" 
This reverts commit 9556508b2a0c719515daab2e43554534ab383519.
 2014-03-05 19:26:42 +01:00
Guillaume Ayoub
9556508b2a Follow the depth in REPORT requests 2014-03-04 01:37:14 +01:00
Guillaume Ayoub
066dffd614 Cut line 2014-03-04 01:08:56 +01:00
Guillaume Ayoub
3bd5b8f0fc Let's try to release 0.9 beta 1 2014-02-24 23:26:40 +01:00
Guillaume Ayoub
f9ce1d0e6d Remove the backend/type split for rights in configuration 2014-02-05 14:11:40 +01:00
Guillaume Ayoub
2ad8b57305 Merge branch 'apache_auth' of git://github.com/jaesivsm/Radicale into jaesivsm-apache_auth 
Conflicts:
	radicale/__init__.py
 2014-02-05 13:09:37 +01:00
Guillaume Ayoub
701df2d201 Use environ.get instead of try/except 2014-02-05 13:01:49 +01:00
Guillaume Ayoub
f7c7746643 Merge pull request #99 from horazont/fix-preauth 
Fix issues if authentication is done by web server
 2014-02-05 12:59:45 +01:00
Christoph Polcin
3aa992e518 Find collections if necessary 2014-01-19 20:11:47 +01:00
Christoph Polcin
90d82d044c Fix access to collections 
under certain conditions it was possible to pass the final access control
if-clause. the master branch granted access if:

    if ((read_allowed_items or write_allowed_items)
        and (not user or auth.is_authenticated(user, password))) or
        function == self.options or not items:

the easy-connect branch from pull request #95 adds:
    (is_authenticated and function == self.propfind) or

the last `or not items` condition levers out the previous authentication and
access control. that isn't that big secuity issue because in this case there
are no collection and items at all. but "bad" and anonymous users could gather
data and information which not destined for them.

this commit fixes and simplifies the if-clause.
 2014-01-19 20:04:37 +01:00
Christoph Polcin
387e1fee76 Fix calendar/addressbook-home-set in PROPFIND response 2014-01-19 19:35:53 +01:00
Christoph Polcin
d09b16c5ad Fix principal-collection-set in PROPFIND response 2014-01-19 19:35:53 +01:00
Christoph Polcin
83db27303f Respond to all authenticated PROPFIND requests 2014-01-19 19:35:46 +01:00
François Schmidts
b9ff564c1f not only apache uses REMOTE_USER 
removing the apache mention to make the config more "webserver agnostic"
 2014-01-15 23:01:36 +01:00
François Schmidts
18ea7e4942 removing the user and password getting from main __call__ function 2014-01-15 22:40:33 +01:00
François Schmidts
34163c5020 making radicale support authenticated user from apache 2014-01-15 09:50:22 +01:00
Jonas Wielicki
d9df9a36e1 Fix issues if authentication is done by web server 
This patch fixes `user` always being None if the authentication is
offloaded to the webserver, as it is suggested in the documentation.

For normal access, this is not a problem, but it becomes a problem if a
client wants to get the current-user-principal, for which the user name
is required.
 2014-01-14 20:46:47 +01:00
Christoph Polcin
2ddec14535 Fix principal URLs in PROPFIND response 2014-01-05 21:22:53 +01:00
Sergey Fursov
1d0418594d Allow attach custom rights backend, small fix in default config file 2013-12-29 15:13:35 +04:00
Sergey Fursov
3b0328ca1e Allow attach custom storage backend 2013-12-28 14:15:35 +04:00
Sergey Fursov
a91a7790c5 Allow attach custom auth handler 2013-12-28 13:31:32 +04:00
Sergey Fursov
dca10fa14e Different rights management backends 
Initially only one backend - regular expressions based
 2013-12-25 03:44:24 +04:00
Guillaume Ayoub
0e566e4c97 Merge branch 'apple' 2013-12-24 11:22:57 +01:00
Guillaume Ayoub
a7be59b9f7 Merge pull request #92 from cristen/master 
Fix wrong syntax in config file and fix #58
 2013-12-24 02:21:43 -08:00
Jean-Marc Martins
7ac971e022 Fix wrong syntax in config file and fix #58 2013-12-23 16:45:15 +01:00
Guillaume Ayoub
fae2b30ec4 Merge branch 'master' of git://github.com/cristen/Radicale into cristen-master 
Conflicts:
	radicale/storage/database.py
	schema.sql
 2013-12-17 14:42:20 +01:00
Jean-Marc Martins
56581a998a Fix database Fix bug #77 HELL YEAH ! 2013-12-17 14:35:55 +01:00
Jean-Marc Martins
f377bd1356 Fix ssl protocol 2013-12-13 15:17:30 +01:00
Jean-Marc Martins
d765544edd Add ssl protocol and ciphers in config 2013-12-13 14:31:09 +01:00
Guillaume Ayoub
0c2c9c3a7e Store collection's parent in database (bug #77) 2013-10-31 16:07:37 +01:00
Guillaume Ayoub
a920518a26 Return an int for __hash__ 2013-10-31 14:05:15 +01:00
Guillaume Ayoub
ce8e86af63 Allow read-only access to .well-known/ca(l|rd)av (related to #32) 2013-10-31 13:57:37 +01:00
Guillaume Ayoub
92b3cf41bc Simple try/except import trick 2013-10-29 14:09:46 +01:00
Guillaume Ayoub
830774824e Merge pull request #75 from davidaurelio/master 
Fix python 3 problems with default rights
 2013-10-29 03:16:09 -07:00
Guillaume Ayoub
337d2719be Cosmetics 2013-10-29 09:30:51 +01:00
9m66p93w
6bc745fe45 Replace built-in hash function with hashlib. 
The built-in hash function returns inconsistent values in Python 3.
 2013-10-27 22:55:01 -04:00
David Aurelio
fb784c28c4 Fix python 3 problem: 'str' does not support the buffer interface 2013-10-27 22:36:56 +01:00
Guillaume Ayoub
fe1cd1d44d Use collection URL instead of main folder as user's main URL (see #32) 2013-10-24 15:31:49 +02:00
Guillaume Ayoub
a617c4db26 Fix authentication with Python 3 (see #70) 2013-10-18 14:06:57 +02:00
Guillaume Ayoub
659757f173 Style fixes 2013-10-01 13:04:24 +02:00
Štěpán Henek
7c03089601 Bugfix: auth PAM check for membership in primary and supplementary groups 2013-09-27 21:14:27 +02:00
Štěpán Henek
ee687bea18 Bugfix: auth PAM doesn't throw an exception when authenticating without username and password 2013-09-27 20:44:41 +02:00
Guillaume Ayoub
07f7e46b3e Small fixes 2013-09-25 13:04:14 +02:00
Jean-Marc Martins
a631c8c761 Fix compatibility between python2 and 3 2013-09-19 14:40:03 +02:00