701df2d201
Use environ.get instead of try/except
2014-02-05 13:01:49 +01:00
f7c7746643
Merge pull request #99 from horazont/fix-preauth
...
Fix issues if authentication is done by web server
2014-02-05 12:59:45 +01:00
c953211175
Merge pull request #100 from chripo/fix-access
...
Fix access
2014-02-05 12:47:43 +01:00
00674fe8b0
Merge pull request #95 from chripo/easy-connect
...
Easy connect
2014-02-05 12:38:09 +01:00
3aa992e518
Find collections if necessary
2014-01-19 20:11:47 +01:00
90d82d044c
Fix access to collections
...
under certain conditions it was possible to pass the final access control
if-clause. the master branch granted access if:
if ((read_allowed_items or write_allowed_items)
and (not user or auth.is_authenticated(user, password))) or
function == self.options or not items:
the easy-connect branch from pull request #95 adds:
(is_authenticated and function == self.propfind) or
the last `or not items` condition levers out the previous authentication and
access control. that isn't that big secuity issue because in this case there
are no collection and items at all. but "bad" and anonymous users could gather
data and information which not destined for them.
this commit fixes and simplifies the if-clause.
2014-01-19 20:04:37 +01:00
387e1fee76
Fix calendar/addressbook-home-set in PROPFIND response
2014-01-19 19:35:53 +01:00
d09b16c5ad
Fix principal-collection-set in PROPFIND response
2014-01-19 19:35:53 +01:00
83db27303f
Respond to all authenticated PROPFIND requests
2014-01-19 19:35:46 +01:00
b9ff564c1f
not only apache uses REMOTE_USER
...
removing the apache mention to make the config more "webserver agnostic"
2014-01-15 23:01:36 +01:00
18ea7e4942
removing the user and password getting from main __call__ function
2014-01-15 22:40:33 +01:00
34163c5020
making radicale support authenticated user from apache
2014-01-15 09:50:22 +01:00
d9df9a36e1
Fix issues if authentication is done by web server
...
This patch fixes `user` always being None if the authentication is
offloaded to the webserver, as it is suggested in the documentation.
For normal access, this is not a problem, but it becomes a problem if a
client wants to get the current-user-principal, for which the user name
is required.
2014-01-14 20:46:47 +01:00
e2dbdd4d96
Merge pull request #97 from rngtng/fix-manifest
...
Fix wrong filename in Manifest
2014-01-13 04:43:19 -08:00
39efc3b781
fix wrong filename in Manifest
2014-01-10 20:32:22 +01:00
2ddec14535
Fix principal URLs in PROPFIND response
2014-01-05 21:22:53 +01:00
97efc1c86f
Update NEWS
2013-12-30 13:54:14 +01:00
a4a2c7e206
Merge pull request #93 from hovel/master
...
Custom handlers for auth and storage, simplified tests structure, added rights management backends
2013-12-30 04:45:49 -08:00
1362976400
fixed default config
2013-12-29 18:30:53 +04:00
1d0418594d
Allow attach custom rights backend, small fix in default config file
2013-12-29 15:13:35 +04:00
017df0ddcf
Simplified tests structure
2013-12-28 14:40:29 +04:00
3b0328ca1e
Allow attach custom storage backend
2013-12-28 14:15:35 +04:00
a91a7790c5
Allow attach custom auth handler
2013-12-28 13:31:32 +04:00
dca10fa14e
Different rights management backends
...
Initially only one backend - regular expressions based
2013-12-25 03:44:24 +04:00
3ee47dd242
Update NEWS
2013-12-24 12:14:25 +01:00
0e566e4c97
Merge branch 'apple'
2013-12-24 11:22:57 +01:00
a7be59b9f7
Merge pull request #92 from cristen/master
...
Fix wrong syntax in config file and fix #58
2013-12-24 02:21:43 -08:00
7ac971e022
Fix wrong syntax in config file and fix #58
2013-12-23 16:45:15 +01:00
17dc3beadd
Merge branch 'master' of github.com:Kozea/Radicale
2013-12-17 14:42:52 +01:00
fae2b30ec4
Merge branch 'master' of git://github.com/cristen/Radicale into cristen-master
...
Conflicts:
radicale/storage/database.py
schema.sql
2013-12-17 14:42:20 +01:00
56581a998a
Fix database Fix bug #77 HELL YEAH !
2013-12-17 14:35:55 +01:00
8969dae12f
Merge pull request #90 from cristen/master
...
Refs #87 Add ssl options
2013-12-13 06:22:16 -08:00
f377bd1356
Fix ssl protocol
2013-12-13 15:17:30 +01:00
f133b8a588
Add an example for multiple IP addresses in the configuration file
2013-12-13 14:56:03 +01:00
d765544edd
Add ssl protocol and ciphers in config
2013-12-13 14:31:09 +01:00
a957ebf397
Fix schema again
2013-10-31 16:32:19 +01:00
30e8d12001
Fix sql schema
2013-10-31 16:09:28 +01:00
0c2c9c3a7e
Store collection's parent in database (bug #77 )
2013-10-31 16:07:37 +01:00
a920518a26
Return an int for __hash__
2013-10-31 14:05:15 +01:00
ce8e86af63
Allow read-only access to .well-known/ca(l|rd)av (related to #32 )
2013-10-31 13:57:37 +01:00
92b3cf41bc
Simple try/except import trick
2013-10-29 14:09:46 +01:00
830774824e
Merge pull request #75 from davidaurelio/master
...
Fix python 3 problems with default rights
2013-10-29 03:16:09 -07:00
94a29992b7
Update NEWS
2013-10-29 10:56:10 +01:00
9c59c089ef
Remove useless comment
2013-10-29 10:41:23 +01:00
337d2719be
Cosmetics
2013-10-29 09:30:51 +01:00
e5b578d219
Merge pull request #76 from 9m66p93w/hashing
...
Replace built-in hash function with hashlib.
2013-10-29 01:28:38 -07:00
6bc745fe45
Replace built-in hash function with hashlib.
...
The built-in hash function returns inconsistent values in Python 3.
2013-10-27 22:55:01 -04:00
fb784c28c4
Fix python 3 problem: 'str' does not support the buffer interface
2013-10-27 22:36:56 +01:00
fe1cd1d44d
Use collection URL instead of main folder as user's main URL (see #32 )
2013-10-24 15:31:49 +02:00
a617c4db26
Fix authentication with Python 3 (see #70 )
2013-10-18 14:06:57 +02:00
