799dbfe612
Fix "authenticated" method
2014-04-16 17:05:20 +02:00
3e893a3420
Merge pull request #142 from mike-perdide/authenticated_feature
...
Adding a new "authenticated" ACL type.
2014-04-15 16:48:19 +02:00
aabebb5578
Adding a new "authenticated" ACL type.
...
When set, all authenticated users will have rw permissions on all
collections, but no anonymous user will be able to read or write any
collection.
2014-04-09 00:02:39 +02:00
963e21212b
Renaming the regex.py methods args for coherence.
2014-04-09 00:02:09 +02:00
6677dbcdc9
Moving the debug log at the proper place.
...
If we don't do this, we might get the following in the logs:
2014-04-08 20:00:59,354 - DEBUG: Section 'r' matches
2014-04-08 20:00:59,354 - DEBUG: Section 'r' does not match
which is a bit confusing.
2014-04-09 00:02:03 +02:00
0dee34b3a8
Add SSL ciphers argument only if supported, fixes Python 2.6 compat
2014-03-19 14:04:25 +01:00
45f8e76643
Revert "Follow the depth in REPORT requests"
...
This reverts commit 9556508b2a
2014-03-05 19:26:42 +01:00
9556508b2a
Follow the depth in REPORT requests
2014-03-04 01:37:14 +01:00
066dffd614
Cut line
2014-03-04 01:08:56 +01:00
3bd5b8f0fc
Let's try to release 0.9 beta 1
2014-02-24 23:26:40 +01:00
f9ce1d0e6d
Remove the backend/type split for rights in configuration
2014-02-05 14:11:40 +01:00
2ad8b57305
Merge branch 'apache_auth' of git://github.com/jaesivsm/Radicale into jaesivsm-apache_auth
...
Conflicts:
radicale/__init__.py
2014-02-05 13:09:37 +01:00
701df2d201
Use environ.get instead of try/except
2014-02-05 13:01:49 +01:00
f7c7746643
Merge pull request #99 from horazont/fix-preauth
...
Fix issues if authentication is done by web server
2014-02-05 12:59:45 +01:00
3aa992e518
Find collections if necessary
2014-01-19 20:11:47 +01:00
90d82d044c
Fix access to collections
...
under certain conditions it was possible to pass the final access control
if-clause. the master branch granted access if:
if ((read_allowed_items or write_allowed_items)
and (not user or auth.is_authenticated(user, password))) or
function == self.options or not items:
the easy-connect branch from pull request #95 adds:
(is_authenticated and function == self.propfind) or
the last `or not items` condition levers out the previous authentication and
access control. that isn't that big secuity issue because in this case there
are no collection and items at all. but "bad" and anonymous users could gather
data and information which not destined for them.
this commit fixes and simplifies the if-clause.
2014-01-19 20:04:37 +01:00
387e1fee76
Fix calendar/addressbook-home-set in PROPFIND response
2014-01-19 19:35:53 +01:00
d09b16c5ad
Fix principal-collection-set in PROPFIND response
2014-01-19 19:35:53 +01:00
83db27303f
Respond to all authenticated PROPFIND requests
2014-01-19 19:35:46 +01:00
b9ff564c1f
not only apache uses REMOTE_USER
...
removing the apache mention to make the config more "webserver agnostic"
2014-01-15 23:01:36 +01:00
18ea7e4942
removing the user and password getting from main __call__ function
2014-01-15 22:40:33 +01:00
34163c5020
making radicale support authenticated user from apache
2014-01-15 09:50:22 +01:00
d9df9a36e1
Fix issues if authentication is done by web server
...
This patch fixes `user` always being None if the authentication is
offloaded to the webserver, as it is suggested in the documentation.
For normal access, this is not a problem, but it becomes a problem if a
client wants to get the current-user-principal, for which the user name
is required.
2014-01-14 20:46:47 +01:00
2ddec14535
Fix principal URLs in PROPFIND response
2014-01-05 21:22:53 +01:00
1d0418594d
Allow attach custom rights backend, small fix in default config file
2013-12-29 15:13:35 +04:00
3b0328ca1e
Allow attach custom storage backend
2013-12-28 14:15:35 +04:00
a91a7790c5
Allow attach custom auth handler
2013-12-28 13:31:32 +04:00
dca10fa14e
Different rights management backends
...
Initially only one backend - regular expressions based
2013-12-25 03:44:24 +04:00
0e566e4c97
Merge branch 'apple'
2013-12-24 11:22:57 +01:00
a7be59b9f7
Merge pull request #92 from cristen/master
...
Fix wrong syntax in config file and fix #58
2013-12-24 02:21:43 -08:00
7ac971e022
Fix wrong syntax in config file and fix #58
2013-12-23 16:45:15 +01:00
fae2b30ec4
Merge branch 'master' of git://github.com/cristen/Radicale into cristen-master
...
Conflicts:
radicale/storage/database.py
schema.sql
2013-12-17 14:42:20 +01:00
56581a998a
Fix database Fix bug #77 HELL YEAH !
2013-12-17 14:35:55 +01:00
f377bd1356
Fix ssl protocol
2013-12-13 15:17:30 +01:00
d765544edd
Add ssl protocol and ciphers in config
2013-12-13 14:31:09 +01:00
0c2c9c3a7e
Store collection's parent in database (bug #77 )
2013-10-31 16:07:37 +01:00
a920518a26
Return an int for __hash__
2013-10-31 14:05:15 +01:00
ce8e86af63
Allow read-only access to .well-known/ca(l|rd)av (related to #32 )
2013-10-31 13:57:37 +01:00
92b3cf41bc
Simple try/except import trick
2013-10-29 14:09:46 +01:00
830774824e
Merge pull request #75 from davidaurelio/master
...
Fix python 3 problems with default rights
2013-10-29 03:16:09 -07:00
337d2719be
Cosmetics
2013-10-29 09:30:51 +01:00
6bc745fe45
Replace built-in hash function with hashlib.
...
The built-in hash function returns inconsistent values in Python 3.
2013-10-27 22:55:01 -04:00
fb784c28c4
Fix python 3 problem: 'str' does not support the buffer interface
2013-10-27 22:36:56 +01:00
fe1cd1d44d
Use collection URL instead of main folder as user's main URL (see #32 )
2013-10-24 15:31:49 +02:00
a617c4db26
Fix authentication with Python 3 (see #70 )
2013-10-18 14:06:57 +02:00
659757f173
Style fixes
2013-10-01 13:04:24 +02:00
7c03089601
Bugfix: auth PAM check for membership in primary and supplementary groups
2013-09-27 21:14:27 +02:00
ee687bea18
Bugfix: auth PAM doesn't throw an exception when authenticating without username and password
2013-09-27 20:44:41 +02:00
07f7e46b3e
Small fixes
2013-09-25 13:04:14 +02:00
a631c8c761
Fix compatibility between python2 and 3
2013-09-19 14:40:03 +02:00
