tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,057 Commits 2 Branches 0 Tags 3 MiB
7e29d9b5c3
Commit Graph

1505 Commits

Author SHA1 Message Date
Unrud
e807b5d953 Move storage hook tests from BaseRequestsMixIn to TestMultiFileSystem 2017-07-27 19:08:00 +02:00
Unrud
deffed8f14 Do SSL handshake in request thread (fixes #674) 
The handshake could block the main thread, especially since the socket timeout was not set at that point.
 2017-07-27 01:46:27 +02:00
Unrud
b3957bc2c7 Bump version to 2.1.2 2017-07-24 04:22:57 +02:00
Unrud
1f4fb9e306 Use repr(...) instead of "%r" % ... 2017-07-22 23:32:26 +02:00
Unrud
d0aacd3dcf Check uploaded data for more than one VCALENDAR 2017-07-22 23:32:26 +02:00
Unrud
316b0a5832 Change owner and is_principal to properties in BaseCollection 2017-07-22 23:32:26 +02:00
Unrud
1ce404ca35 Rename encoding to _encoding in Collection 2017-07-22 23:32:26 +02:00
Unrud
33ad60503f Sort keys of properties JSON file 2017-07-22 23:32:26 +02:00
Unrud
71916452ec Include properties in collection etag 2017-07-22 23:32:26 +02:00
Unrud
a26d90d8d7 Web interface: Delete empty properties 2017-07-22 23:32:26 +02:00
Unrud
05b1e8296c Check collection properties 2017-07-22 23:32:26 +02:00
Unrud
863c70f35f Improve validation of uploaded items and stored items 
This reverts commit 4533f76df9.
 2017-07-22 23:32:26 +02:00
Unrud
e0045ca98d Don't use VObject for collection serialization 2017-07-22 23:32:26 +02:00
Unrud
debba3c7a1 Don't serialize collection for etag 2017-07-22 23:32:26 +02:00
Unrud
95380c5ce7 Add file name to VObject serialization errors 2017-07-22 23:32:26 +02:00
Unrud
4533f76df9 Accept VLIST items (fixes #661) 
Custom format used by SOGo Connector to store lists of contacts
 2017-07-21 16:12:19 +02:00
Unrud
4f831de006 Verify number of components in items 2017-07-15 09:42:01 +02:00
Unrud
d3a90d16c3 Improve log message when fsync'ing directory fails (fixes 656) 2017-07-15 09:42:00 +02:00
Unrud
56c88b4c54 Remove workarounds for bugs in VObject 
The bugs got fixed in version 0.9.5
 2017-07-01 05:45:15 +02:00
Unrud
f4a9399a97 Change HTTP response 303 to 302 2017-07-01 04:20:13 +02:00
Unrud
9f0611cd20 Small improvements for tests 2017-07-01 04:20:11 +02:00
Unrud
08919510cb Bump version to 2.1.1 2017-07-01 01:25:16 +02:00
Unrud
2b3fd1fb9b Add missing UIDs instead of failing 2017-07-01 01:24:53 +02:00
Unrud
019dc7a39c Use UUID format for random UIDs 2017-07-01 01:24:53 +02:00
Unrud
5b3fbb79a1 Small improvements for tests 2017-07-01 01:24:53 +02:00
Unrud
02575580c6 Test creation of whole address book 2017-07-01 01:24:53 +02:00
Unrud
70043c07b9 Improve test for creation of whole calendar 2017-07-01 01:24:53 +02:00
Unrud
cc888ebe9e Test adding contact to address book 2017-07-01 01:24:53 +02:00
Unrud
c135dc026d Fix uploading of whole address books 2017-07-01 01:24:53 +02:00
Unrud
69086c6d70 Remove some hacks for bugs fixed in VObject 0.9.5 2017-07-01 01:24:53 +02:00
Unrud
5576cb38eb Bump version to 2.1.0 2017-06-25 09:55:39 +02:00
Unrud
6bf7aa2b3c Bump version to 2.1.0rc3 2017-06-23 22:04:37 +02:00
Unrud
98caa88a25 Include VObject version in item cache hash 2017-06-23 22:04:37 +02:00
Unrud
df5565f237 Only send timeout responses for client timeouts 
A timeout could happen in an custom storage backend.
 2017-06-23 21:55:44 +02:00
Unrud
746cd9feb1 Include exception in timeout log message 2017-06-23 21:55:42 +02:00
Unrud
65a1b572e3 Bump version to 2.1.0rc2 2017-06-21 09:57:52 +02:00
Unrud
2b45af92f3 Small improvements for wording in exceptions messages 2017-06-21 09:57:52 +02:00
Unrud
68184858b4 Add request method and path to error message 2017-06-21 09:54:33 +02:00
Unrud
276de4fd3a Allow additional config options for external plugins 2017-06-21 09:54:33 +02:00
Unrud
db93d969ab Bump version to 2.1.0rc1 2017-06-17 01:45:53 +02:00
Unrud
39a11bc7b7 Change "answer" to "response" in log message 2017-06-17 01:41:33 +02:00
Unrud
cf9129f6db Name web plugin as the other plugins 2017-06-16 23:28:15 +02:00
Unrud
9ce8e9d94d Include path in access denied log message 2017-06-16 23:28:15 +02:00
Unrud
070a39a51d Improve documentation 2017-06-16 23:28:15 +02:00
Unrud
0cb6642ec3 Don't overwrite environment variables 
The original PATH_INFO is required for redirects.
 2017-06-16 23:28:15 +02:00
Unrud
ded660df07 Don't leak existing user in owner_only rights plugin 
If a user didn't exist the error message for the principal collection was 404.
 2017-06-16 23:28:15 +02:00
Unrud
5669433f58 Let rights plugins decide if access to item is granted 2017-06-16 23:28:15 +02:00
Unrud
04c51d2ced Check if item is collection with storage.BaseCollection 
The same as in xmlutils.py
 2017-06-16 23:12:08 +02:00
Unrud
73a73bb0a5 Improve log message for discovery of unsafe paths 2017-06-16 23:11:43 +02:00
Unrud
67669bd690 Rename path to sane_path 2017-06-16 23:11:29 +02:00
Unrud
5a0d4f7f2f Remove unused variable 2017-06-16 23:11:22 +02:00
Unrud
12dbeeecb3 Separate imports of pytest and radicale 
Depending on the install location of pytest this causes isort to pass or fail.
 2017-06-16 01:39:30 +02:00
Unrud
75605b5f03 Catch all exceptions when loading plugins 2017-06-15 23:54:32 +02:00
Unrud
6f5e30670f Don't change permissions of lock file 
The file is part of the storage folder. Setting permissions of the storage folder is not handled by Radicale.
 2017-06-15 23:44:39 +02:00
Unrud
f1f94dffbd Output raw collection path 
The same as everywhere else.
 2017-06-15 23:44:35 +02:00
Unrud
6b8de92c57 Small improvements for Collection 2017-06-09 02:59:29 +02:00
Unrud
e09d33f3ee Document properties of BaseCollection 2017-06-09 02:59:29 +02:00
Unrud
79e7232ecb Rename self._meta to self._meta_cache and self._etag to self._etag_cache 2017-06-09 02:59:29 +02:00
Unrud
12871fdcb3 Workaround for bugs in VObject during filtering 2017-06-09 02:59:29 +02:00
Unrud
db572e91f8 Test time range filtering with RDATE 2017-06-09 02:59:29 +02:00
Unrud
c54196bb72 Test time range filtering with overwritten recurrence 2017-06-09 02:59:29 +02:00
Unrud
f9d299fbb9 Match time against all components 2017-06-09 02:59:29 +02:00
Unrud
f5835cfe46 raise VObjectBugException for bugs with recurrence rules 2017-06-09 02:59:29 +02:00
Unrud
02371685bd Respond with bad request when MKCOL, MCALENDAR or MOVE fails 2017-06-09 02:59:29 +02:00
Unrud
48d2a33053 Rename upload_all_atomic to _upload_all_atomic 2017-06-09 02:59:29 +02:00
Unrud
dbd06a1952 Default implementation for BaseCollection.serialize 2017-06-09 02:59:29 +02:00
Unrud
47d311b101 Improve doc strings 2017-06-09 02:59:29 +02:00
Unrud
12f9ac44c2 Remove __init__ from BaseCollection 
It's not used anywhere
 2017-06-09 02:59:29 +02:00
Unrud
a4fc123286 Use last_modified attribute of item 2017-06-09 02:59:29 +02:00
Unrud
30a4105065 Add TODO comments for time ranges 2017-06-07 21:54:49 +02:00
Unrud
bab35e9692 Detect errors in recurrence rules early 2017-06-07 21:54:38 +02:00
Unrud
0e35ab1baf Fix detection of infinite recurrence 
* The RRULE field might not exist.
* vobject also accepts lower case COUNT and UNTIL.
 2017-06-07 15:31:05 +02:00
Unrud
3753364fc8 XML error message for invalid sync-token 2017-06-07 14:17:57 +02:00
Unrud
13381fb829 Change logging level of invalid sync token to warning 
Some clients stop to work, when told their sync-token are invalid.
 2017-06-07 14:15:30 +02:00
Unrud
1b54b23bb3 Add info about disabling locking to error message 2017-06-07 14:14:09 +02:00
Unrud
217859bf5e Fix empty REPORT requests 2017-06-07 14:13:12 +02:00
Unrud
2860c664d0 Check that vobject_item have a UID 2017-06-06 20:01:09 +02:00
Unrud
fe97741f08 Better reporting of errors in PUT requests 2017-06-06 20:01:07 +02:00
Unrud
e47747d4d4 return None instead of False if UID field is missing 2017-06-06 20:01:06 +02:00
Unrud
bea855cb80 Improve file names used when uploading whole collection 
* Use 64 bit random sequence (extremely low chance of collisions)
* Improve error message in case of collisions
* Add file extension to names
 2017-06-06 20:01:04 +02:00
Unrud
a6a3756e05 Check error code of PUT request 
Detect errors early
 2017-06-06 20:01:02 +02:00
Unrud
5660f70753 Rename deleted item in test 
The backend may derive the item name from the UID (e.g. "event1.ics" from the UID "event1").
 2017-06-06 20:00:59 +02:00
Unrud
ee214d6697 Remove user from URL 
It's not supported by many clients.
 2017-06-04 15:43:55 +02:00
Unrud
37c9a1da18 Store user and password in session storage 
Allow reloading of the page.
 2017-06-04 15:43:27 +02:00
Unrud
4afbefbc9f Disable update timer 2017-06-04 15:43:20 +02:00
Unrud
fca70f482f Web interface: Wrapping of URLs, titles, ... 2017-06-04 15:42:33 +02:00
Unrud
396b9ffecb Log error message from parser for items in storage 2017-06-02 16:36:02 +02:00
Unrud
a1ebc52b39 Don't delete cache entry that gets overwritten 
It's unnecessary.
 2017-06-02 14:19:53 +02:00
Unrud
07c792f14e Use %r n error messages for token names 2017-06-02 14:18:39 +02:00
Unrud
9ceae0a751 Make Radicale fast (#569) 
* Change get_multi to also return missing items

get_multi is not used anywhere and this makes it easier to use.

* Use get_multi for report requests

* Add get_all to BaseCollection

This can be used for optimization on multifilesystem.

* Use iterator for files

* Remove unnecessary checks

This never happens and would be an error.

* Don't raise exception when calling get with colliding name

This behavior is wrong, it should be handled as if the file doesn't exist.

* Use get_all and get_multi to skip unnecessary checks

Collision checks are slow on big collections.

* Use exception instead of existence checks

It's a bit faster.

* Use os.scandir instead of os.listdir

It's faster and doesn't load all files at once.

* Cache metadata when storage is read-only

Metadata is queried a lot during a request. It's quiet slow to load and parse the file every time.

* Cache the etag when the storage is read-only

The etag is calculated twice for GET requests on collections.

* Add helper method for cleaning caches

* Use item etags to calculate collection etag

It's very slow and unnecessary to parse all files with VObject and serialize them again.

* Cache serialized collections in file system

Serialization is very slow for big collections. This caches the result in a file.

* Add helper function for prefilters

The simplify_prefilters functions converts XML filters to a simple tag and time range, which can be easily matched against the tag and time range that are extracted from vobject_items by the function find_tag_and_time_range.

* Add ability to cache etag and serialization of item

Parsing items with vobject is very slow and not required for many requests.
Caching can be used to speed it up.

* Cache metadata and serialization from items in file system

Store the serialized text and the tag and time range from vobject_items in the cache.
The metadata is used for prefilters.

* Remove the cache for the serialization of collections

* Serialize calendars without vobject

Merge the calendar components manually. This is much faster and requires less memory. Caching of the result is not required anymore.

* Allow pre_filtered_list to indicate that filters match

The storage backend can indicate that it evaluated the filters completely.

* Skip filtering with vobject if prefiltering is sufficient

``simplify_prefilters`` indicates if the simplified condition is identical to ``filters``.
This is used in the multifilesystem backend to detect if prefiltering is sufficient.

* Make constants global

* Use generator expressions

* Only extract elements from inside of VCALENDAR

This is unnecessary at the moment, the text representation should never contain anything but VCALENDAR.

* Improve comments

* restore backward compatiblity

* Small improvements for fastbackend
 2017-06-02 14:14:55 +02:00
Unrud
78a62aee86 Merge pull request #565 from Unrud/synctoken 
Support for sync-token and sync-collection
 2017-06-02 13:01:54 +02:00
Unrud
7687afc4c6 Merge pull request #622 from Unrud/clientcertificate 
Add option for CA certificate for validating clients
 2017-06-02 12:59:35 +02:00
Unrud
f633b48a7a Real sync-collection support for the multifilesystem backend 2017-06-02 12:53:37 +02:00
Unrud
0ffa97eca0 Allow opening binary files with _atomic_write 2017-06-02 12:44:36 +02:00
Unrud
1dee561692 Add helper method for cleaning caches 2017-06-02 12:44:34 +02:00
Unrud
3009ce5414 Test sync-token and sync-collection 2017-06-02 12:44:31 +02:00
Unrud
f2b415c4a6 Initial sync-token and sync-collection support 
Use the etag of the collection as the sync token and tell the client that the token is invalid when the collection changed.
 2017-06-02 12:44:23 +02:00
Unrud
428abf10de don't use REMOTE_USER in tests 2017-06-02 12:43:44 +02:00
Unrud
6edaf27a38 rename backend from "None" to "none" 2017-06-02 12:43:23 +02:00
Unrud
5d27265d5c fail when logging config file is not found 2017-06-02 12:43:03 +02:00
Unrud
1812aeb238 include expected type of config option in error 2017-06-02 12:42:40 +02:00
Unrud
881757815f Add simple range checking to config options 2017-06-02 12:42:19 +02:00
Unrud
95a8c7b903 use mapping api to set config options 
Provides protection against typos in names
 2017-06-02 12:41:47 +02:00
Unrud
3af5809d71 Add option for CA certificate for validating clients 
This can be used to secure TCP traffic between Radicale and a reverse proxy
 2017-06-02 12:41:03 +02:00
Unrud
3bfac019a8 Close lock file when running tests 
The name of configuration option was wrong.
 2017-06-01 16:10:50 +02:00
Unrud
c400414b27 Don't turn off all locking with filesystem_locking 2017-06-01 16:10:34 +02:00
Unrud
f715f0ba8a Remove font from web interface 2017-06-01 16:10:17 +02:00
Unrud
ac230efa57 Merge pull request #619 from Unrud/log_unsafe_paths 
Log unsafe paths
 2017-06-01 12:55:45 +02:00
Unrud
efb20d994f Adjust imports for isort 2017-06-01 12:45:44 +02:00
Unrud
2178ba58be Log unsafe paths 2017-06-01 12:45:44 +02:00
Unrud
8fed92dc24 Fix absolute paths in web interface when SCRIPT_NAME is used 2017-06-01 12:13:34 +02:00
Unrud
fd55bbce15 Adjust imports for isort 2017-06-01 11:54:04 +02:00
Unrud
a18874fc59 raise exception when locking the storage fails 
Previously it was silently ignored, which is dangerous when multiple instances of Radicale are running.
A configuration option to disable locking was added.
 2017-06-01 11:21:22 +02:00
Unrud
9585c0b048 Web interface for managing calendars and addressbooks 2017-05-31 13:18:42 +02:00
Unrud
ab9e9b2d7c Add web interface module 2017-05-31 13:18:40 +02:00
Unrud
eba6621f17 Rename backends from None to none 
All other backend names are lower case.
 2017-05-31 12:02:29 +02:00
Unrud
edaf21561d Don't strip SCRIPT_NAME from PATH_INFO 2017-05-31 12:01:37 +02:00
Unrud
5704b5021b PATH_INFO might not exist if it's empty 2017-05-31 12:01:35 +02:00
Unrud
f12dd31b4b Small improvements for auth tests 2017-05-31 12:01:33 +02:00
Unrud
c9664137a5 Improve error handling 
* Check the configuration file for errors (check option names and basic type checking).
  * Perform basic type checking on command line arguments.
  * Only print stack traces in debug mode.
  * Include much more information in error messages (e.g. include the path of invalid files).
  * Send Bad Request to clients for invalid XML requests or iCalendar data.
  * Change the log level of some messages.
 2017-05-31 11:31:54 +02:00
Unrud
c2387403dd Test the remote_user and http_x_remote user backends 2017-05-31 02:07:52 +02:00
Unrud
09bde14e50 Allow auth backends to provide login and password 
This is used to implement an auth backend that takes the credentials from an HTTP header (e.g. accounts are managed by an reverse proxy)
 2017-05-31 02:07:49 +02:00
Unrud
3e715a9aff Test rights management 2017-05-31 01:41:23 +02:00
Unrud
5ce2c62402 Implement rights types directly 
This is faster and easier to understand.
 2017-05-31 00:43:07 +02:00
Unrud
8536ffee44 Preserve empty PATH_INFO from WSGI and strip base prefix from destination 2017-05-30 22:58:57 +02:00
Unrud
11c5dfdb53 Improve handling of XML requests and responses 
* Move parsing/serialization of XML requests/responses from ``xmlutils.py`` to ``__init__.py``.
  * Log XML requests/responses in pretty-printed form.
      * Previously only the responses were logged in readable form. This is useful for debugging.
      * The XML documents are only converted for pretty-printing if debugging is enabled (it's expensive)
  * Send XML responses in minimized form to clients.
  * Add **encoding** attribute to XML declaration in XML response.
  * Only decode XML requests once. (Previously they were decoded, encoded and decoded again.)
 2017-05-30 09:15:51 +02:00
Unrud
f1a9cf7694 Allow already encoded answers 2017-05-30 09:02:37 +02:00
Unrud
bc49542a62 Merge pull request #587 from Unrud/testscapturelogging 
Capture log messages during tests
 2017-05-30 07:55:05 +02:00
Unrud
9cd9ad9a02 Only register exit function if a PID file was created 
The function only deletes the PID file.
 2017-05-30 07:41:50 +02:00
Unrud
01ea0a3c40 Capture log messages during tests 
The log messages help finding problems with failed tests.
 2017-05-30 05:44:02 +02:00
Unrud
6762fc1cad Expand user on PID path 2017-05-30 05:10:07 +02:00
Unrud
fcccb3f7af Daemonize after creation of network sockets 
The original process should exit after the server is ready.
See also https://www.freedesktop.org/software/systemd/man/daemon.html#SysV%20Daemons
 2017-05-30 05:10:07 +02:00
Unrud
360e88f350 Write PID file in original process 
This ensures that the PID is written, when the process exists.
 2017-05-30 05:10:07 +02:00
Unrud
6ade44c773 Make relative PID path absolute 
The daemon changes the current directory to root.
 2017-05-30 05:10:07 +02:00
Unrud
65c53df5b3 Keep original exception when PID file creation fails 2017-05-30 05:10:07 +02:00
Unrud
79bcedd4bc Refactor: Extract daemonize function 2017-05-30 05:10:07 +02:00
Guillaume Ayoub
a94a3bc7c2 Version 2.0.0 2017-05-27 18:10:46 +02:00
Guillaume Ayoub
3e0c8cf285 Update copyright years 2017-05-27 17:28:07 +02:00
Guillaume Ayoub
1825c35bc7 Merge pull request #608 from Unrud/config_file 
Fail if config file is not found
 2017-05-26 11:08:12 +02:00
Guillaume Ayoub
e4af3fc3cd Merge pull request #604 from Unrud/config_logging_config 
Disable logging config by default
 2017-05-26 11:06:27 +02:00
Unrud
577d9317d2 Strip script name from path 2017-05-26 11:02:07 +02:00
Unrud
d2a17c36ae Fail if configuration is not found 
If a configuration file is passed with a command line argument and the file is not found, Radicale shows a warning and continues with the default configuration.
There is no reason for doing this, Radicale should just fail.

Instead, this PR allows passing an empty string like ``--config ""``. Radicale will use the default configuration in this case, without trying to load the configuration from the common paths. Previously you had to do specify a path that doesn't exist like ``--config /does/not/exist``, which looks a bit ugly and showed a warning message.
 2017-05-24 21:01:23 +02:00
Unrud
fed974e018 Disable logging config by default 
Radicale always tries to load the system-wide configuration file. To turn this off, the logging-config option has to be added to all configuration files and command line arguments. It's easier to disable it by default and only add it once to the system-wide config file.
 2017-05-24 17:03:48 +02:00
Guillaume Ayoub
22d364729b Use "&" instead of "+" to test booleans 2017-05-23 17:11:28 +02:00
Guillaume Ayoub
5066e97c66 Always compare both login and password to avoid timing attacks 
Related to #591.
 2017-05-23 16:55:43 +02:00
Unrud
cf78a23856 Improve logging 
Log failed login attempts more clearly and also log access violations of authenticated users.
 2017-05-23 04:16:52 +02:00
Unrud
f2fb07fa84 Move authentication delay into __init__.py and add config 
Use the delay for all backends (not only htpasswd).
Add configuration option to configure the delay.
 2017-05-23 04:07:32 +02:00
Unrud
fb970246e0 Only query auth backend when a user is set 2017-05-23 04:07:32 +02:00
Unrud
c4537b1f5c Compare passwords and hashes in constant time (Fixes #591) 2017-05-23 04:07:32 +02:00
Unrud
fc309562da Repair SSHA method 2017-05-23 04:07:31 +02:00
Unrud
99bda37839 Repair auth tests, add tests for all methods and cross check 
The auth tests were not doing anything because "Basic" was missing in the AUTHORIZATION header.
 2017-05-23 04:07:31 +02:00
Guillaume Ayoub
dcb0638538 Version 2.0.0rc2 2017-04-19 14:10:02 +02:00
Guillaume Ayoub
059ba8dec1 Random timer to avoid timing oracles and simple bruteforce attacks 
Important note: this is a security fix.
 2017-04-19 13:48:30 +02:00
Guillaume Ayoub
8293ca5c1c Fix a CLI help description 2017-04-15 16:03:51 +02:00
Guillaume Ayoub
7e2406c778 Version 2.0.0rc1 2017-04-15 15:51:05 +02:00
Guillaume Ayoub
864eb5931a Merge setup.cfg and pytest.ini, fix tests 2017-04-15 10:51:00 +02:00
Guillaume Ayoub
26d8214296 Merge pull request #566 from Unrud/cleanxmlutils 
Some small fixes for xmlutils.py
 2017-04-15 09:24:38 +02:00
Guillaume Ayoub
b173307f55 Merge pull request #570 from Unrud/patch-5 
Fix permissions for REPORT request
 2017-04-15 09:20:01 +02:00
Guillaume Ayoub
d74ee7b688 Merge pull request #553 from Kozea/config 
Change default values for the config
 2017-04-15 09:19:32 +02:00
Unrud
4f6d2e8b58 Only search for filter that are direct children 2017-03-18 04:59:27 +01:00
Unrud
a05cca563a Stop iterating when a component is found 2017-03-18 04:58:55 +01:00
Unrud
8a98f4861d Fix permissions for REPORT request 
Only read access is required.
 2017-03-13 08:22:14 +01:00
Unrud
c027b68b4f PROPFIND: return all supported report methods 
addressbook-multiget, addressbook-query, calendar-multiget and calendar-query were missing.
sync-collection only works for leaf collections.
 2017-03-10 22:30:44 +01:00
Unrud
53a7e15833 Return empty result for unsupported report methods 2017-03-10 22:19:10 +01:00
Unrud
2f67da5750 Remove unnecessary conditions 2017-03-10 22:16:46 +01:00
Unrud
a7f12b5fac PROPFIND: only one privilege per privilege element 
Before: <privilege><read /><write /></privilege>
After: <privilege><read /></privilege><privilege><write /></privilege>
 2017-03-10 22:14:13 +01:00
Unrud
7d687205bd Use logger for WSGIServer 
Log exception from the WSGIServer. Exceptions from socket timeouts are currently written to stderr.
 2017-03-10 13:39:26 +01:00
Guillaume Ayoub
edebcf03c7 Merge pull request #558 from Unrud/collision 
Check for conflicting file names
 2017-03-08 15:58:48 +01:00
Guillaume Ayoub
33b27a2e71 Merge pull request #559 from Unrud/remotehostlogging 
Cleanup remote host logging
 2017-03-08 15:57:07 +01:00
Guillaume Ayoub
9b8fc4ac14 Update and fix some config values 2017-03-08 15:50:24 +01:00
Unrud
5cd5cfe368 Use REMOTE_ADDR if REMOTE_HOST is missing 
WSGIRequestHandler doesn't set REMOTE_HOST if dns lookup is disabled.
 2017-03-07 20:34:37 +01:00
Unrud
69d39b47ca Also log the forwarding host for forwarded requests 2017-03-07 20:34:36 +01:00
Unrud
c104da28ce Use UNKNOWN if user agent is missing 
This is much shorter and doesn't clutter the log as much.
 2017-03-07 20:33:37 +01:00
Unrud
266dc608f2 Remove unnecessary if-statements 2017-03-07 20:32:23 +01:00
Unrud
c6c32945a0 Log unsafe paths when discovering collections 2017-03-07 18:24:40 +01:00
Unrud
9b27d075b6 Always close files when creating collection 
If an exception occurs we rely on garbage collection to close the files.
 2017-03-07 18:13:52 +01:00
Unrud
2d170bd41f Check for conflicting file names 
On Windows file systems the user "TESTUS~1" can access the data of the user "testuser".
 2017-03-07 18:04:51 +01:00
Guillaume Ayoub
4278cc3443 Set htpasswd encryption type to plain in tests 2017-03-04 14:25:01 +01:00
Guillaume Ayoub
78abe39002 Set authentication method when testing rights 2017-03-04 14:22:28 +01:00
Guillaume Ayoub
b47505d5bd Don't set rights management when no authentication is set 2017-03-04 14:15:46 +01:00
Guillaume Ayoub
8cc15a3d25 Change default values for the config 
Fix #346.
 2017-03-04 14:06:09 +01:00
Guillaume Ayoub
fc04e4543b Remove unused import 2017-02-26 16:41:59 +01:00
Guillaume Ayoub
6b683477cb Merge branch 'improved-broken-vcard-handling' of https://github.com/pbiering/Radicale into pbiering-improved-broken-vcard-handling 2017-02-26 16:35:44 +01:00
Guillaume Ayoub
5d67257555 Merge branch 'trycatch-broken-objects' of https://github.com/pbiering/Radicale into pbiering-trycatch-broken-objects 2017-02-26 16:24:41 +01:00
Guillaume Ayoub
46fcec8fe0 Cosmetics 2017-02-26 16:19:38 +01:00
Guillaume Ayoub
e6880057a2 Merge pull request #518 from pbiering/improved-access-logging 
improved request logging
 2017-02-26 16:17:44 +01:00
Guillaume Ayoub
9d958e8e51 Remove unused import 2017-02-26 16:13:50 +01:00
Guillaume Ayoub
04764c2af4 Merge branch 'storage' of https://github.com/Unrud/Radicale into Unrud-storage 2017-02-26 15:48:22 +01:00
Guillaume Ayoub
b9db971060 Merge branch 'fixed-propfind-handling' of https://github.com/muggenhor/Radicale into muggenhor-fixed-propfind-handling 2017-02-26 15:33:34 +01:00
Guillaume Ayoub
3213495245 Merge branch 'url' of https://github.com/Unrud/Radicale into Unrud-url 2017-02-26 14:43:59 +01:00
Guillaume Ayoub
78db0072bc Merge pull request #521 from stephane-martin/fix-support-report-set-xml-element 
<report> should contain XML elements, not text
 2017-02-26 14:37:38 +01:00
Guillaume Ayoub
34a82c9b69 Merge pull request #540 from twoodcock/master 
remove umask(0) in daemon mode
 2017-02-26 14:35:19 +01:00
Tim Woodcock
7f0d717459 remove umask(0) in daemon mode 2016-11-29 16:33:10 -08:00
Guillaume Ayoub
e55d75ce46 Set charsets in headers 2016-10-12 14:50:53 +02:00
Guillaume Ayoub
c459d32a19 Use argparse to parse command arguments 
This commit also allows users to specify all the config values through
the command line.

Fix #154.
 2016-10-12 14:30:18 +02:00
Yohann Rebattu
6d76cfa5aa use dash instead of underscore in options as well 2016-10-12 10:48:14 +02:00
Yohann Rebattu
fb3e733596 use dash instead of underscore 2016-10-12 10:44:13 +02:00
Yohann Rebattu
d6ee788ff5 comment… 2016-10-11 18:22:26 +02:00
Yohann Rebattu
ca2d519345 use group exclusively except for config 2016-10-11 18:21:17 +02:00
Yohann Rebattu
11710f75a8 allow config override from commandline 2016-10-11 18:17:01 +02:00
Stephane Martin
5abc8aea43 <report> should contain XML elements, not text 2016-09-20 00:27:03 +02:00
Peter Bieringer
c578470fc3 log depth also on response log line 2016-09-19 20:11:52 +02:00
Peter Bieringer
f52fa73cab check env first before using HTTP_DEPTH 2016-09-19 20:04:11 +02:00
Peter Bieringer
87061df68f add conditional logging of given depth 2016-09-19 19:59:47 +02:00
Peter Bieringer
830d6f9305 add examples of broken vcard and vevent 2016-09-18 19:36:54 +02:00
Peter Bieringer
a5e3ffa427 realign change 2016-09-18 19:30:51 +02:00
Peter Bieringer
e05206eec3 Merge branch 'improved-broken-vcard-handling' of github.com:pbiering/Radicale into improved-broken-vcard-handling 2016-09-18 19:28:15 +02:00
Peter Bieringer
af5c1582dc improved detection of broken vcards 2016-09-18 19:23:24 +02:00
Peter Bieringer
1ffdb03106 simplify patch 2016-09-17 18:16:27 +02:00
Peter Bieringer
ff02d17619 remove temporary debug statements 2016-09-17 17:44:33 +02:00
Peter Bieringer
1cfd3fd95b filter broken vcard entries before delivered, found on real life system at least 2 cards where vobject claimed about 
vobject.base.ValidateError: 'VCARD components must contain at least 1 N'
 2016-09-17 16:53:24 +02:00
Peter Bieringer
18181374e1 log exception for broken items 2016-09-17 16:29:40 +02:00
Peter Bieringer
d116423458 improved request logging 2016-09-17 15:35:43 +02:00
Peter Bieringer
e6ba31937a 3rd catch 2016-09-17 15:11:02 +02:00
Peter Bieringer
a57fcad270 catch 2nd case for broken object 2016-09-17 13:56:27 +02:00
Peter Bieringer
cd97aab72c try/catch of objects avoiding not serving any object in case an object has no valid contents 
also log duration of how many objects are read per folder
 2016-09-17 12:52:42 +02:00
Guillaume Ayoub
0c1dbc30bd Log read objects 2016-09-16 14:13:53 +02:00
Guillaume Ayoub
ecb8a99ed1 Merge branch 'master' of github.com:Kozea/radicale 2016-09-16 14:12:36 +02:00
Guillaume Ayoub
2c938ea67a Don't log when skipping .Radicale* files 
Patch proposed by @pbiering.
 2016-09-16 14:12:05 +02:00
Unrud
def34b1454 Fix BaseCollection.move 
The update method doesn't exist.
 2016-09-15 11:18:55 +02:00
Guillaume Ayoub
e95d187cbc Merge pull request #509 from Unrud/patch-2 
Set password to empty string instead of None
 2016-09-07 16:08:37 +02:00
Unrud
f7435814fc Repair hreferences in REPORT response 
They were not extended with base_prefix.
 2016-09-06 16:53:20 +02:00
Unrud
eb4b513d63 Quote hreferences 
RFC 4918 states that they are URIs and RFC 3986 says that URIs must always be in percent-encoded form.
 2016-09-06 16:53:20 +02:00
Unrud
83046c80c4 Let reverse proxies overwrite script name 
Reverse proxies can overwrite the script name with the HTTP header field X-Script-Name.
 2016-09-06 16:53:14 +02:00
Unrud
90486f33a5 Log invalid URLs in XML requests 
Before the requests either failed or the invalid hreference was silently dropped.
 2016-09-04 22:28:01 +02:00
Unrud
d5b8ddd71c Check that name is valid in name_from_path 
Before it was possible craft XML requests, so that the storage backend got requests with invalid hrefs.
 2016-09-04 22:28:01 +02:00
Unrud
139076faee Sanitize URLs from XML requests 2016-09-04 22:27:59 +02:00
Unrud
13d652b094 Remove unnecessary module prefix 2016-09-04 22:26:46 +02:00
Unrud
664fa71278 Don't double unquote request URL 
"%2525" was transformed to "%" instead of "%25".
 2016-09-04 22:26:46 +02:00
Unrud
dbaf58dbfe Remove base_prefix and use SCRIPT_NAME instead 
This conforms with the WSGI reference (PEP 333)
 2016-09-04 22:26:40 +02:00
Unrud
03fbb1e68e Don't strip {} in get method 
If someone uploads a file that starts or ends with the chars {}, all REPORT requests on that collection will fail and it's impossible to delete the file.
 2016-09-04 13:35:44 +02:00
Unrud
6df54bf88a Log name of faulty component 
If vobject can't parse a component it raises an exception, but the filename of that component is missing in the logs.
 2016-09-04 13:23:01 +02:00
Unrud
5ccfe16372 Remove Collection.has 
It's the same as BaseCollection.has
 2016-09-04 13:21:57 +02:00
Unrud
de09f6689a Only relevant files for last_modified calculation 
Leftovers from failed transactions etc. should not change that property.
 2016-09-04 13:16:42 +02:00
Unrud
cd9f789294 Name variables for files f 
fd sounds more like file descriptions.
prop doesn't sound like a file at all.
 2016-09-04 13:14:51 +02:00
Unrud
f5650df5f7 Remove checks for existence of collection 
They are unnecessary since the discover methods stopped returning collections that actually don't exist.
 2016-09-04 13:13:35 +02:00
Unrud
e7d8b4816c Duplicate code: Use list and get methods 2016-09-04 13:12:55 +02:00
Unrud
5dbf9df876 Add missing checks for safe fileystem components 
Currently it's not possible to exploit these.
 2016-09-04 13:09:10 +02:00
Unrud
dc501d5dc5 Refactor/Duplicate code: Extract _fsync method 2016-09-04 13:08:12 +02:00
Unrud
77e9ca1252 Remove EtagMismatchError 
Etags are not checked in storage anymore and this is unused.
 2016-09-04 13:06:09 +02:00
Unrud
a12ef69129 Secure is_safe_filesystem_path_component 
On Windows 1/2 would be a safe filesystem path component, but it's not safe to pass it to path_to_filesystem.
Currently only the get method can be called with a href like that and it checked for that.
This just moves the check into the is_safe_filesystem_path_component function.
 2016-09-04 12:55:28 +02:00
Unrud
a4a6a62643 Duplicate code: Use is_safe_path_component 2016-09-04 12:53:07 +02:00
Unrud
8d5f2ded42 Describe encoding of Etag 2016-09-04 12:52:29 +02:00
Unrud
d371179487 thread and level in simple log formatter 
The log messages are a mess without any allocation to threads.
 2016-09-04 11:47:27 +02:00
Unrud
fe5daf801a Set password to empty string instead of None 
Prevent exception in auth module.
 2016-09-03 10:01:52 +02:00
Guillaume Ayoub
b85fc5bed6 Merge pull request #507 from Unrud/auth 
Repair and test authentication
 2016-09-02 18:36:31 +02:00
Unrud
9e27d4e2a8 Emulate fullmatch with match 
re.fullmatch was introduced in Python 3.4
 2016-09-02 15:06:32 +02:00
Unrud
b25a601e28 Test custom header 2016-09-02 14:52:45 +02:00
Unrud
11df2f1184 Test authentication 
Test for 2a9f37defb
 2016-09-02 14:42:22 +02:00
Unrud
2a9f37defb Repair authentication 2016-09-02 14:41:31 +02:00
Guillaume Ayoub
88d558f9fa Remove useless nested tuples 2016-09-02 11:05:35 +02:00
Guillaume Ayoub
68e1e9dfb2 Don't use mutables in constants or parameters 2016-09-02 11:04:29 +02:00
Unrud
20b1480399 Make copy of headers before mutating 2016-09-02 04:23:47 +02:00
Unrud
f7e995f9f6 Move encoding of answer into response function 
Fix #505
 2016-09-02 04:10:11 +02:00
Unrud
3df367aad2 Test REPORT on item 
Test for 90e4655a44
 2016-09-01 06:17:18 +02:00
Unrud
9d2743d797 Test authorization 2016-09-01 06:15:31 +02:00
Guillaume Ayoub
e25373fa85 Merge pull request #501 from Unrud/httperrors 
HTTP error messages
 2016-08-31 14:49:19 +02:00
Guillaume Ayoub
8d92b371e4 Merge pull request #502 from Unrud/patch-40 
Plain text for GET / instead of malformed HTML
 2016-08-31 14:42:59 +02:00
Guillaume Ayoub
db681da08e Merge pull request #500 from Unrud/loginuser 
Map logins to internal users in Auth module
 2016-08-31 14:40:08 +02:00
Unrud
f875bcd892 Plain text for GET / instead of malformed HTML 
It's basically the same in browsers and looks nicer in tools that don't support HTML rendering (like curl).
 2016-08-31 02:01:18 +02:00
Unrud
ff2b8f6e5c Use NOT_FOUND instead of GONE 
Thunderbird doesn't recognize the status code correctly and shows an synchronization error.
 2016-08-31 01:54:31 +02:00
Unrud
1ea9b1dca9 Return error for GET requests on directories 
Radicale doesn't support directory listings.
 2016-08-31 00:45:14 +02:00
Unrud
4ac2e68f5c Add HTTP error messages 
Browsers just show a blank page if an error occurs. You have to open the developer tools to see the HTTP status code. E.g. a user wants to download a calendar in the browser and the URL is wrong.

Some tools like curl don't show any indication of an error.
 2016-08-31 00:41:08 +02:00
Unrud
689e5c9dd5 Map logins to internal users in Auth module 
This makes it possible to implement #349 as a Auth module. Another use case would be to encode usernames that contain characters unsupported by the file system.
 2016-08-30 23:13:33 +02:00
Unrud
e782808a14 Remove empty line in log 
Separating requests by an empty line doesn't work any longer with parallel (overlapping) requests.
 2016-08-30 14:04:16 +02:00
Markus Unterwaditzer
90e4655a44 Don't return <item>/ for events 2016-08-29 17:29:46 +02:00
Guillaume Ayoub
947c57312c Fix a variable name 
Fix #494
 2016-08-29 12:09:17 +02:00
Guillaume Ayoub
34ad1b9073 Remove useless import 2016-08-29 12:07:58 +02:00
Guillaume Ayoub
fd1742fcea Fix typo 2016-08-29 12:07:30 +02:00
Guillaume Ayoub
9e78454da2 Merge branch 'remupdate' of https://github.com/Unrud/Radicale into Unrud-remupdate 2016-08-26 22:50:26 +02:00
Guillaume Ayoub
a3dcfaacd6 Merge pull request #491 from Unrud/uploadall 
Optimize upload of whole collections
 2016-08-26 22:34:46 +02:00
Guillaume Ayoub
ac61b18237 Merge pull request #490 from Unrud/hook 
Move hook into storage.Collection
 2016-08-26 15:58:42 +02:00
Guillaume Ayoub
0e646cdae4 Merge branch 'Unrud-logging' 2016-08-25 11:52:12 +02:00
Unrud
c5342d36d5 Remove BaseCollection.update 
I don't think that this can be used for optimizations.

It's useless in the filesystem backend, SQL has REPLACE and I doubt that there is much use in any other storage mechanism.
 2016-08-25 06:37:12 +02:00
Unrud
ea63f461a8 Rename upload_all to upload_all_nonatomic 2016-08-25 06:03:13 +02:00
Unrud
30d287ce00 Write files nonatomic in upload_all 
It's only used in temporary collections.
 2016-08-25 06:03:13 +02:00
Unrud
e31ea57883 Use upload_all for addressbook 2016-08-25 06:03:13 +02:00
Unrud
bc0f8b0a47 Remove duplicate code 2016-08-25 06:03:13 +02:00
Unrud
c57307c585 Rename collections to vobject_items 
Like the parameter name of upload_all
 2016-08-25 05:52:26 +02:00
Unrud
6045ad97fe Move upload_all from BaseCollection to Collection 
This is not used anywhere outside of Collection and probably never will be as WebDAV doesn't support bulk uploads.
 2016-08-25 05:47:31 +02:00
Unrud
10786cbad8 Move hook into storage.Collection 
The hook is only valid for filesystem storage, it's meaningless for other backends like databases.
 2016-08-25 05:40:46 +02:00
Unrud
8db580abce Try to decode URLs with utf-8 (Fixes #486) 2016-08-25 05:30:46 +02:00
Unrud
e40e46e164 Don't disable existing loggers 
The logger is retrieved before configure_from_file is called and gets disabled, the same happens when the logging configuration is reloaded.
 2016-08-25 05:24:29 +02:00
Unrud
de8c2f0909 Fix SIGHUP handler 
The function handler_generator seems useless and the return statement is missing.
 2016-08-25 05:24:29 +02:00
Unrud
3b71ab960e Log exceptions (Fixes #447) 
Exceptions were just written to stderr but not into logs.
 2016-08-25 05:24:24 +02:00
Unrud
c091399f5e Write log to stderr 
Be consistent with python's default behavior and play nice with CGI.
 2016-08-25 05:19:38 +02:00
Unrud
14515cfe27 Fix logger configuration 
Apply patch from #485
 2016-08-25 04:29:02 +02:00
Guillaume Ayoub
79bfa9c1d3 Merge pull request #482 from Unrud/smallimprovements 
Some small cosmetic improvements for xmlutils
 2016-08-24 18:11:06 +02:00
Unrud
f9cabfb20b Test empty filter 
Test for d1dbd1df54
 2016-08-24 17:52:39 +02:00
Unrud
d1dbd1df54 Fix empty filter 
DAVdroid sends <CARD:filter />, which causes an exception.
 2016-08-24 17:45:10 +02:00
Unrud
469efbb032 Cosmetics 2016-08-13 04:52:51 +02:00
Unrud
453a8ba636 Fix "fix this" in xmlutils 2016-08-13 04:51:42 +02:00
Unrud
ecd0a16214 Remove unused variable path 2016-08-13 04:48:59 +02:00
Unrud
1c6e626979 Simplify name_from_path and add error check 2016-08-13 04:47:35 +02:00
Guillaume Ayoub
3b29a56c81 Merge pull request #480 from Unrud/currentuserprincipal 
Ask for authentication if current-user-principal is requested
 2016-08-13 04:25:55 +02:00
Unrud
c29fd1ca61 Check that item is a collection 2016-08-13 00:19:14 +02:00
Unrud
cf4a6ef749 Revert 1ffc171f35 
Maybe I misunderstand the RFC, but this properties are related to a principal collection. DAVdroid without preemptive authentication doesn't like this and tries to create calendars and addressbooks in /.
 2016-08-13 00:17:50 +02:00
Unrud
4438d2ba9a Require user for current-user-principal 
DAVdroid dropped support for preemptive authentication in version 1.2.3.
Returning the DAV:unauthenticated pseudo-principal as specified in RFC 5397 doesn't seem to work for DAVdroid.
 2016-08-12 23:41:34 +02:00
Unrud
6515062bcd Return HTTP status in xmlutils.propfind 2016-08-12 23:34:08 +02:00
Florian Mounier
c95437367f This is very important 2016-08-12 15:05:05 +02:00
Florian Mounier
416f9ddef1 Add an upload_all method for subsequent optimizations. 2016-08-12 14:58:32 +02:00
Guillaume Ayoub
8d863e52b2 Re-enable properties storage on al collections 
Fix #475.
 2016-08-11 12:07:19 +02:00
Guillaume Ayoub
d3d29802ad Merge pull request #474 from Unrud/patch-31 
PROPFIND rights checking
 2016-08-11 11:44:43 +02:00
Guillaume Ayoub
e66a35e996 Merge pull request #476 from Unrud/closelockfile 
Add option to close lock file
 2016-08-11 11:43:40 +02:00
Guillaume Ayoub
f395e256ff Merge pull request #478 from Unrud/patch-33 
Correctly write line endings to files
 2016-08-11 11:43:18 +02:00
Unrud
9e84b459ae Correctly write line endings to files 
vobject uses \r\n as line endings. Writing this to a file is not a problem on Linux and newer versions of MacOS. On Windows \r\r\n gets written to disk and on older versions of MacOS \r\r gets written to disk, because python replaces \n by the system depended line ending.
 2016-08-11 05:43:18 +02:00
Unrud
7a01f905de Enable close_lock_file for tests 2016-08-11 05:20:31 +02:00
Unrud
3f5dd70580 Add option to close lock file 
Close the lock file, when no more clients are waiting.
This option is not very useful in general, but on Windows files that are opened cannot be deleted. This causes tests to fail, because the deletion of the temporary filesystem folder fails.
 2016-08-11 05:19:23 +02:00
Unrud
0060130c3b Remove etags from raw data 
Remove all etags that are directly calculated from data that's read from files.
1. They are not used anywhere (luckily).
2. Etags that are send to clients are calculated from the output of vobject's serialize method. If files are edited externally and vobject normalizes them (like wrapping long lines or replacing all line endings by \r\n), the etags that are sent to the client and the etags that are calculated from raw data will never match. If a new version of vobject is released and the formatting changes slightly, the checks will also always fail.
 2016-08-11 05:05:10 +02:00
Guillaume Ayoub
35d12ee97e Merge pull request #472 from Unrud/patch-30 
Use os.replace instead of os.rename
 2016-08-11 04:23:56 +02:00
Guillaume Ayoub
69386410e5 Merge pull request #473 from Unrud/tests 
Tests
 2016-08-11 04:23:23 +02:00
Unrud
4eb04e3526 PROPFIND rights checking 
Return 404 and 403 only when it's appropriate. Don't ask users for passwords if an item just doesn't exist (e.g. mistyped URL).
 2016-08-11 02:19:48 +02:00
Unrud
30b3273efa Test that the requests fails if the hook fails 2016-08-11 00:37:19 +02:00
Unrud
2b45cffa0e Test that hook gets executed when the principal collection is created 
Test for ee5b8facda
 2016-08-11 00:37:19 +02:00
Unrud
080ed31d27 Test that storage is locked when hook runs 
Test for 65af0592d3
 2016-08-11 00:37:19 +02:00
Unrud
952609deee Test that hook gets executed on write accesses 2016-08-11 00:37:19 +02:00
Unrud
893051645e Test fsync 
Enable syncing for at least one test.
Test for 5c2075cb6c.
 2016-08-11 00:37:19 +02:00
Unrud
6d80b70b8c Test that the root collection always exists 
Test for 6c3e59fd11
 2016-08-11 00:37:19 +02:00
Unrud
97edacd71a Test implicit creation of principal collection 
Test for 81b04890f1
 2016-08-11 00:37:19 +02:00
Unrud
62892e3423 Test PROPPATCH 2016-08-11 00:37:13 +02:00
Unrud
51bf95f00d Don't run all tests twice 
Only verify that custom backend loading works with a simple test.
 2016-08-11 00:32:24 +02:00
Unrud
c8e8993ec2 Refactor: Move common code into BaseFileSystemTest 2016-08-11 00:32:24 +02:00
Unrud
e2b87d145f Cosmetics: Don't use % for logging 2016-08-10 23:43:32 +02:00
Unrud
9192a7751b Remove incorrect argument 
In rare cases this can cause a crash.
 2016-08-10 23:41:19 +02:00
Unrud
b8126f8d24 Use os.replace instead of os.rename 
On Windows os.replace sets the MOVEFILE_REPLACE_EXISTING flag for MoveFileEx.
On POSIX it's the same as os.rename.
 2016-08-10 19:26:07 +02:00
Guillaume Ayoub
5c2075cb6c Fix _atomic_write 2016-08-08 14:55:01 +02:00
Guillaume Ayoub
5e5b8b844f Cosmetics 2016-08-08 13:39:01 +02:00
Guillaume Ayoub
1e5c9f63a0 Merge pull request #468 from Unrud/disablefsync 
Add option to disable syncing to disk
 2016-08-08 13:00:12 +02:00
Guillaume Ayoub
c4cf918bf2 Merge pull request #470 from Unrud/readcontent 
Read content after access checks
 2016-08-08 12:57:59 +02:00
Unrud
a9b89be5c7 Read content after access checks 
Unauthorized users can't fill up RAM with crap anymore.
 2016-08-08 07:00:24 +02:00
Unrud
f294b1cf17 Add access check to PROPFIND 2016-08-08 06:59:15 +02:00
Unrud
eb15de0c5b Test PUT with whole collection 2016-08-08 06:09:24 +02:00
Unrud
68286faa63 Atomic replacement of whole collection by PUT 2016-08-08 06:08:52 +02:00
Unrud
0675328a02 Replace collection in Collection.create_collection 2016-08-08 06:08:01 +02:00
Unrud
6d85a731e5 Disable syncing to disk for tests 
This reduces test time by almost 70%.
 2016-08-08 05:30:16 +02:00
Unrud
f5f52582a1 Add option to disable syncing to disk 
Disabling syncing increases the risk of data loss when the system crashes or power fails. On the positive it can increase the performance to a great extent.
 2016-08-08 05:20:25 +02:00
Unrud
c336e0581e Remove atomicwrites 
Unfortunately the library doesn't support disabling of disk syncing, fortunately we only need a small subset of it's functionality which is easy to implement.
 2016-08-08 05:02:36 +02:00
Unrud
3c736cade8 Refactor: Move sync_directory into Collection class 
This is not used anywhere else.
 2016-08-08 04:07:01 +02:00
Guillaume Ayoub
9f2cbb81a3 Merge pull request #466 from Unrud/fixpath 
Set correct path for child collections
 2016-08-07 18:43:41 +02:00
Unrud
ce0a2fd01d Test PROPFIND 
Regression test for cfa8c7d8b4
 2016-08-07 18:08:10 +02:00
Unrud
cfa8c7d8b4 Set correct path for child collections 2016-08-07 17:50:31 +02:00
Unrud
4f37e90e20 Some clients expect collections to end with / 
Compatibility with InfCloud/CalDavZAP/CardDavMATE
 2016-08-07 17:50:04 +02:00
Unrud
ee5b8facda Always use wrapper to lock collection 
Also run the hook after creation of the principal collection.
 2016-08-07 17:14:47 +02:00
Guillaume Ayoub
4236077b04 Document _makedirs_synced and remove exist_ok 2016-08-06 14:08:21 +02:00
Guillaume Ayoub
4549d1b2db Merge pull request #462 from Unrud/durabledirs 
Durable creation of directories and make sure that the root colleciton exists.
 2016-08-06 14:02:41 +02:00
Guillaume Ayoub
a7923008ce Remove unused import 2016-08-06 13:29:07 +02:00
Guillaume Ayoub
0cda9f611d Merge pull request #463 from Unrud/atomicmove 
Atomic MOVE
 2016-08-06 13:27:38 +02:00
Guillaume Ayoub
071a829af8 Merge pull request #453 from Unrud/delete 
Delete atomic and durable
 2016-08-06 12:52:38 +02:00
Unrud
5f66d009d6 Atomic MOVE in multifilesystem 2016-08-06 05:09:06 +02:00
Unrud
23582c8208 Expose low level MOVE operation in storage.BaseCollection 2016-08-06 05:09:00 +02:00
Unrud
17ff22cae4 Support replacing in MOVE method 2016-08-06 04:45:44 +02:00
Unrud
89ac2fb397 Remove faulty check 
This should have been (to_path.strip("/")+"/").startswith(path.strip("/")+"/").
But it's not required as we don't support moving collections.
 2016-08-06 04:44:18 +02:00
Unrud
07dc71fd73 Update comment 2016-08-06 04:07:55 +02:00
Unrud
6c3e59fd11 Make sure that the root collection exists. 
Since the collections are not directly in **filesystem_path** anymore,
the folder is not created by ``Collection.acquire_lock``.
 2016-08-06 04:07:55 +02:00
Unrud
05a4285f54 Durable creation of intermediate directories 2016-08-06 04:07:50 +02:00
Guillaume Ayoub
9aefc500ec Merge pull request #461 from Unrud/patch-27 
Remove old code
 2016-08-05 17:48:03 +02:00
Unrud
bfb7aec7be Test deletion of root collection 2016-08-05 17:40:47 +02:00
Unrud
f4eb143ba8 use tempfile to delete collection 2016-08-05 17:40:47 +02:00
Unrud
5a9d956b49 delete atomic and durable 
See #440
 2016-08-05 17:40:47 +02:00
Unrud
9dd241a54b Add test for deletion of collection 2016-08-05 17:40:47 +02:00
Unrud
6d77e24028 Remove old code 
This was missed while merging #457 and #459.
 2016-08-05 17:05:32 +02:00
Unrud
65af0592d3 Run hook while storage is still locked 2016-08-05 16:58:03 +02:00
Guillaume Ayoub
50438bc2c0 Remove fixed TODOs 2016-08-05 02:57:17 +02:00
Guillaume Ayoub
8682504c6e Strip empty lines from content 2016-08-05 02:25:15 +02:00
Guillaume Ayoub
26e1c9ba89 Fix collection creation with PUT request 2016-08-05 02:24:52 +02:00
Guillaume Ayoub
8ac3ce1a89 Clean many, many things 2016-08-05 02:14:49 +02:00
Guillaume Ayoub
92a0027ae1 Merge branch 'rights' of https://github.com/Unrud/Radicale into Unrud-rights 2016-08-04 23:35:01 +02:00
Guillaume Ayoub
2eaedf448f Merge pull request #457 from Unrud/atomiccreate 
Atomic creation of collections and atomic PROPPATCH
 2016-08-04 22:55:15 +02:00
Unrud
8ce6d1af30 Use flock locks for storage locking 
These locks are compatible with the command line utility flock,
which comes preinstalled with most Linux distributions.
 2016-08-04 06:15:05 +02:00
Unrud
066b5994d1 Improve rights checking and request handlers 
* Access rights are checked before the storage is locked and
    collections are loaded.
  * DELETE sends 410 instead of doing nothing or crashing if the target
    doesn't exist.
  * GET always returns 404 if the target doesn't exist.
  * GET doesn't crash if a collection without tag property is requested.
  * MKCOL and MKCALENDAR send 409 if the target already exists.
  * MOVE checks if the target collection of an item actually exists and
    sends 409 otherwise.
  * PUT doesn't crash if a whole collection that doesn't exist yet is
    uploaded and ``content-type`` is ``text/vcard`` or
    ``text/calendar``.
  * PUT distinguishes between simple items and whole collections by the
    following criteria: Target is a collection; Parent exists; Parent
    has the tag property set; Parent contains other items. Before only
    the first two criteria where used, which was very unrelieable. #384
  * PROPPATCH is only allowed on collections and 409 is send otherwise.
  * ``Rights.authorized`` takes a path instead of a collection.
  * ``Collection.discover`` only returns items in ``path``, that
    actually exist. #442
 2016-08-04 06:08:08 +02:00
Unrud
ae89082c24 Atomic creation of collections 2016-08-03 15:50:55 +02:00
Unrud
e34d1c46cd Move collections into collection-root folder 
This is required for atomic creation and deletion of the "/" collection.
 2016-08-03 15:50:38 +02:00
Unrud
bd7641699e Atomic PROPPATCH 2016-08-03 14:45:52 +02:00
Unrud
de510148a0 *args and **kwargs for test collection 2016-08-03 14:35:50 +02:00
Unrud
0fc7f787a8 Remove test_folder configuration 
It's not used.
 2016-08-03 14:34:36 +02:00
Guillaume Ayoub
b71664b322 Return UNAUTHORIZED for NOT_FOUND PROPFINDs 2016-08-02 17:24:04 +02:00
Guillaume Ayoub
76b859c28e Rename .collection.props into .Radicale.props 2016-08-02 16:58:44 +02:00
Guillaume Ayoub
2f202d14e0 Fix .collection.props 2016-08-02 16:57:20 +02:00
Guillaume Ayoub
5b04ba18a8 Hide collection.props 2016-08-02 16:51:50 +02:00
Guillaume Ayoub
da22778ce3 Merge pull request #456 from Unrud/props 
Properties inside of collection
 2016-08-02 16:50:23 +02:00
Unrud
13c693ba35 Properties inside of collection 
* Creation and deletion of collections can be atomic.
  * The properties file of the root collection is not outside of the
    filesystem_folder.
  * It's easier to delete and move collections by hand.
  * This breaks backward compatibility.
 2016-08-02 16:35:38 +02:00
Guillaume Ayoub
1ffc171f35 Always return collections home sets 2016-08-02 16:27:18 +02:00
Guillaume Ayoub
5ed60ce09d Always return current-user-principal 2016-08-02 15:43:31 +02:00
Guillaume Ayoub
3e52f34309 Remove pylint 2016-08-02 14:39:20 +02:00
Guillaume Ayoub
301bb552d7 Cosmetics 2016-08-02 14:37:39 +02:00
Guillaume Ayoub
d322d3f394 Clean the user's collection creation code 2016-08-02 14:00:42 +02:00
Guillaume Ayoub
04010ff8d3 Merge pull request #455 from Unrud/home 
Creating addressbooks and calendars in DAVdroid
 2016-08-02 13:51:29 +02:00
Guillaume Ayoub
71be1a56b8 Change find_available_file_name into private method 2016-08-02 12:11:38 +02:00
Guillaume Ayoub
a7f078eb54 Change find_available_file_name into a method 2016-08-02 11:16:24 +02:00
Guillaume Ayoub
880744ada7 Merge pull request #454 from Unrud/uniq 
Check if file name already exists
 2016-08-02 11:12:30 +02:00
Unrud
81b04890f1 Create principal collection automatically 2016-08-02 08:04:12 +02:00
Unrud
39d38f36a5 Check if file name already exists 
The chances are pretty low but maybe the RNG is bad or something
 2016-08-02 07:33:47 +02:00
Unrud
d5008672c5 Principal associated properties only on principal collections 
This misguides DAVdroid into creating new calendars and addressbooks in /
 2016-08-01 20:48:57 +02:00
Unrud
03cbcee5cd / is not a principal 2016-08-01 20:46:57 +02:00
Unrud
7aa481aaa1 Return / for principal-collection-set 
From RFC3744: This protected property of a resource contains a set of URLs that identify the root collections that contain the principals that are available on the server that implements this resource.
 2016-08-01 20:44:04 +02:00
Unrud
8f91190949 Remove duplicate code 2016-08-01 20:42:03 +02:00
Guillaume Ayoub
6b30870be5 Minor cleanups 
Everything works fine with Apple clients now.
 2016-08-01 19:00:57 +02:00
Guillaume Ayoub
b517818749 Don't reject everybody from "/" with owner_only 
Fix 407.
 2016-08-01 18:59:47 +02:00
Guillaume Ayoub
6bfdcbafec Cosmetics 2016-08-01 12:50:51 +02:00
Guillaume Ayoub
711ecf5df2 Merge pull request #451 from Unrud/removewellknown 
Remove /.well-known
 2016-08-01 12:20:55 +02:00
Guillaume Ayoub
9d3086427d Merge pull request #450 from Unrud/safeusernames 
Prevent unsafe usernames
 2016-08-01 12:14:40 +02:00
Unrud
9dd8c65d65 Always match full username/collection with regex 
It's easy to forget $ at the end of a regex and it's counter-intuitive that ^ is implicit but $ is not.
 2016-08-01 10:07:21 +02:00
Unrud
fd977891e8 Remove /.well-known 
I can't think of a sane use-case for this.
 2016-08-01 09:31:25 +02:00
Unrud
da1a693620 Prevent unsafe usernames 
If an attacker is able to create an account with a username like "user/calendar.ics", he can access collections of other users.
 2016-08-01 09:10:23 +02:00
Guillaume Ayoub
b3d8833779 Normalize the version number 2016-07-30 16:43:29 +02:00
Guillaume Ayoub
dc406c17fd Merge pull request #425 from Unrud/patch-19 
Don't silently drop files
 2016-07-30 15:28:35 +02:00
Guillaume Ayoub
62588477f6 Merge pull request #429 from Unrud/hook 
Add hook for storage changes
 2016-07-30 15:26:17 +02:00
Guillaume Ayoub
0a2d12a4a3 Merge pull request #445 from Unrud/patch-24 
Point well-known to /
 2016-07-30 15:25:01 +02:00
Unrud
0306ee6dcc Point well-known to / 
Fixes #431
 2016-07-14 10:13:20 +02:00
Unrud
21d7d5a453 Hide temporary files 
Fixes #443
 2016-07-14 09:09:10 +02:00
Unrud
0a32e46295 Improve error message 2016-07-14 08:08:08 +02:00
Unrud
e3d7d08eab Don't silently drop files 2016-07-14 08:08:08 +02:00
Unrud
0263251ecf Add hook for storage changes 2016-07-14 07:57:46 +02:00
Guillaume Ayoub
ef63865e31 Merge pull request #428 from Unrud/patch-22 
Add timeout to connections, limit size of request body and limit number of parallel connections
 2016-07-14 02:06:24 +02:00
Guillaume Ayoub
5bd80d8d13 Don't crash when getting unknown collections 
Fix #422.
 2016-07-14 01:39:57 +02:00
Guillaume Ayoub
4c91ee8906 Atomic writes (fix #440) 2016-07-14 01:14:42 +02:00
Guillaume Ayoub
5e5427f987 Cosmetics 2016-07-13 17:59:52 +02:00
Florian Mounier
eb1f964ee2 Fix docstring 2016-07-12 18:12:42 +02:00
Florian Mounier
9225fd5fbd Add a test for update 2016-07-12 18:08:01 +02:00
Florian Mounier
6f9e9f21dd Merge branch 'optimize_storage_collection' 2016-07-08 15:35:43 +02:00
Florian Mounier
2ff47620f8 Merge branch 'date_indexed_collection' 2016-07-08 11:39:15 +02:00
Florian Mounier
36333765d6 Merge branch 'test_in_radicale' 2016-07-08 11:38:09 +02:00
Florian Mounier
39823f8909 Add a pre_filtered_list method in collection. This allow filters optimizations 2016-07-08 11:37:30 +02:00
Florian Mounier
a2d6977cd6 Fix logic in loops 2016-07-07 17:53:35 +02:00
Florian Mounier
10e7a776fc Merge branch 'master' into optimize_storage_collection 2016-07-07 17:52:16 +02:00
Guillaume Ayoub
8c225f019c Fix support of recurring events 2016-07-07 17:49:56 +02:00
Florian Mounier
364ed3689d Optimise collection creation by avoiding nested_loop 2016-07-07 16:13:32 +02:00
Florian Mounier
9056561211 Move test inside radicale 2016-07-07 14:30:10 +02:00
Guillaume Ayoub
21461ddb4e Fix name_from_path 2016-07-06 17:11:12 +02:00
Guillaume Ayoub
6a4fe6beb5 Add a very, very important full stop. 2016-07-05 18:07:36 +02:00
Florian Mounier
a7549bc652 Split the main run function to allow the use of radicale serving programatically. Add an extra_config parameter to the config load to override config. 2016-07-05 17:50:40 +02:00
Florian Mounier
383409213e deflate seems to be problematic with different implementations (http://stackoverflow.com/questions/388595/why-use-deflate-instead-of-gzip-for-text-files-served-by-apache/388633#388633). Using gzip instead. 2016-07-04 17:00:43 +02:00
Guillaume Ayoub
9300d25d61 Update __main__.py 2016-07-04 14:35:38 +02:00
Florian Mounier
221379ef85 Sort imports 2016-07-04 14:32:33 +02:00
Guillaume Ayoub
fd3b0718fd Fix coding style 2016-07-01 16:44:12 +02:00
Guillaume Ayoub
c294477aee Support recurring items in time filters 
Fix #33.
 2016-07-01 16:40:43 +02:00
Guillaume Ayoub
5b5edaac2f Fix FCGI and WSGI scripts 2016-07-01 10:28:51 +02:00
Guillaume Ayoub
4e8f518cbb Remove spaces from empty lines 2016-06-26 21:23:29 +02:00
Nicolas Bonfante
dfc215b63f solving bug when trying to filter an Event on a DATETIME which have no timezone 2016-06-24 14:02:35 +02:00
Nicolas Bonfante
4872ea5d58 correcting bug in test vjournal 2016-06-15 18:09:09 +02:00
Cedric Boscher
e4e1d81f9f debug on tests 2016-06-15 18:01:19 +02:00
Nicolas Bonfante
1613c4955f adding test for Vjournal filtering 2016-06-15 16:17:51 +02:00
Nicolas Bonfante
38845da762 solve bug in vjournal time filter 2016-06-15 15:48:35 +02:00
Cedric Boscher
a5d5cc8b2c debug VTODO and first tests running 2016-06-15 15:45:27 +02:00
Cedric Boscher
2957b40473 clean code 2016-06-15 10:16:44 +02:00
Cedric Boscher
21ea648a44 Merge branch 'master' of github.com:Kozea/Radicale 2016-06-15 09:56:16 +02:00
Cedric Boscher
7de63f8335 VTODO first implementation 2016-06-15 09:56:05 +02:00
Nicolas Bonfante
e1f3045f1f adding VJournal method 2016-06-15 09:55:30 +02:00
Guillaume Ayoub
40406359e5 Merge pull request #423 from Unrud/patch-17 
Resolve naming conflict
 2016-06-13 15:08:33 +02:00
Guillaume Ayoub
9592ec3a66 Merge pull request #424 from Unrud/patch-18 
Fix time range matching
 2016-06-13 15:08:01 +02:00