tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,079 Commits 2 Branches 0 Tags
a2ceaa41a4fc7860dc845b85c7221c3ebfa74c42
Commit Graph

59 Commits

Author SHA1 Message Date
Lauri Tirkkonen
4c44940ec1 config & rights: use open() for better error messages 
ConfigParser().read() doesn't differentiate between different types of
failure to read files, causing eg. "No such file" to be logged in all
cases, for example if permissions are insufficient. fix that by using
open() and ConfigParser().read_file() instead.
 2022-01-11 20:20:21 +01:00
Unrud
bbaf0ebd8c Change name in file header 2021-12-09 16:55:46 +01:00
Unrud
cecb17df03 More type hints 2021-09-26 22:24:45 +02:00
Unrud
7f2d5cea62 New right "i": Only allowing HTTP method GET 2020-04-22 19:20:42 +02:00
Unrud
d5f5eeeddf from_file rights: Replace config parser interpolation 2020-04-22 19:20:24 +02:00
Unrud
f6a3a19680 Simplify Rights plugin interface 2020-04-09 22:02:03 +02:00
Unrud
db7587c593 Cosmetic changes 2020-01-21 19:40:02 +01:00
Unrud
e07df9fd1d Prefix internal attributes with underscore 2020-01-19 21:07:54 +01:00
Unrud
8f55ab858c Improve documentation 2020-01-17 05:00:30 +01:00
Unrud
0cd95f8a39 Rename loader to load_plugin 2020-01-15 00:33:21 +01:00
Unrud
8543f3ea1d Extract method loader() 2020-01-14 22:43:48 +01:00
Unrud
2e4924a0da Improve documentation 2020-01-13 15:51:10 +01:00
Unrud
88a0af8ba1 Improve documentation 2020-01-12 23:32:28 +01:00
Unrud
b7590f8c84 Rework configuration 2019-06-17 04:18:09 +02:00
Unrud
63e6d091b9 Update copyright 2019-06-17 04:13:24 +02:00
Unrud
6e19ed893a show module name in error message 2018-09-18 21:04:57 +02:00
Unrud
5e0a387ed9 remove whitespace before email 2018-09-04 03:33:47 +02:00
Unrud
5429f5c1a9 assert sanitized and stripped paths 2018-08-28 16:19:50 +02:00
Unrud
8869b34470 refactor 2018-08-28 16:19:43 +02:00
Guillaume Ayoub
1001bcb676 Remove extra auth, rights and storage modules 2016-04-07 19:02:52 +02:00
Guillaume Ayoub
434cb533e9 Remove Python 2 support 2016-03-31 19:57:40 +02:00
Guillaume Ayoub
83304c1378 Stupid me, that was PEP 20 (fix 347 for Python 2 too) 2016-01-06 21:44:20 +01:00
Guillaume Ayoub
620d9f8316 Readability counts - PEP8™ (fix #347) 2016-01-06 20:19:12 +01:00
Guillaume Ayoub
e7ce00d54f Style 2015-12-31 12:49:41 +01:00
Guillaume Ayoub
b484d42547 Merge pull request #335 from Kozea/permissions 
Use the first matching section for getting rights
 2015-12-31 11:30:29 +01:00
Unrud
4bfe7c9f79 Prevent "regex injection" 
If an attacker is able to authenticate with a user name like .* he can bypass limitations imposed by "owner_write" and "owner_only".
 2015-12-23 07:05:20 +01:00
Guillaume Ayoub
e807c3d35b Use the first matching section for getting rights 2015-12-03 15:22:12 +01:00
Guillaume Ayoub
e69bec1272 Don't rely on case-sensitive imports, fix #282 
We should burn PEP 235, bicameral scripts, encodings, Python2/3 compatibility,
Windows, MacOS X, filenames, unicode (including composite characters), and the
whole world. And LF/CR too, of course.

Let's recreate a language relying on only two characters. Anyone interested?
 2015-04-29 18:55:56 +02:00
Guillaume Ayoub
2b4485f6ae Allow requests on root folder for authenticated users 2014-08-07 15:06:48 +02:00
Guillaume Ayoub
6021f16866 Fix owner_* methods (fix #151) 2014-05-06 15:15:58 +02:00
Guillaume Ayoub
1ab07d84e6 Add some documentation about the "user" key in the "regex" rights module 2014-04-16 18:56:57 +02:00
Guillaume Ayoub
799dbfe612 Fix "authenticated" method 2014-04-16 17:05:20 +02:00
Guillaume Ayoub
3e893a3420 Merge pull request #142 from mike-perdide/authenticated_feature 
Adding a new "authenticated" ACL type.
 2014-04-15 16:48:19 +02:00
Julien Miotte
aabebb5578 Adding a new "authenticated" ACL type. 
When set, all authenticated users will have rw permissions on all
collections, but no anonymous user will be able to read or write any
collection.
 2014-04-09 00:02:39 +02:00
Julien Miotte
963e21212b Renaming the regex.py methods args for coherence. 2014-04-09 00:02:09 +02:00
Julien Miotte
6677dbcdc9 Moving the debug log at the proper place. 
If we don't do this, we might get the following in the logs:

  2014-04-08 20:00:59,354 - DEBUG: Section 'r' matches
  2014-04-08 20:00:59,354 - DEBUG: Section 'r' does not match

which is a bit confusing.
 2014-04-09 00:02:03 +02:00
Guillaume Ayoub
f9ce1d0e6d Remove the backend/type split for rights in configuration 2014-02-05 14:11:40 +01:00
Sergey Fursov
1d0418594d Allow attach custom rights backend, small fix in default config file 2013-12-29 15:13:35 +04:00
Sergey Fursov
dca10fa14e Different rights management backends 
Initially only one backend - regular expressions based
 2013-12-25 03:44:24 +04:00
Guillaume Ayoub
586773148e Use a more simple rights manager 2013-08-14 10:50:59 +02:00
Guillaume Ayoub
faa331ccc3 Change a couple of things in regex-based rights manager 2013-07-23 18:05:22 +02:00
mail@sweil.de
eed0f74fad New rights management method: regex 
user and collection are matched against regular expression to determine read/write access
 2013-07-19 15:16:36 +02:00
Guillaume Ayoub
af30483f69 Fix docstring again 2013-07-09 18:33:35 +02:00
Guillaume Ayoub
7a6efedcff Fix docstring 2013-07-09 18:32:42 +02:00
Guillaume Ayoub
847235f6e7 Read the configuration file for rights each time 
We now re-parse the file each time we need to get the rights. It's
definitely too much, but it's not the slowest part of Radicale.
 2013-05-22 18:49:30 +02:00
Guillaume Ayoub
1b098058bd Update the documentation about leading slash in right management file's sections 2013-05-15 22:49:48 +02:00
Guillaume Ayoub
ca0a1ecfde Log if the file used for rights management is not found 2013-05-15 22:49:02 +02:00
Guillaume Ayoub
fce91e7060 Allow ~ in rights filename 2013-05-15 22:41:51 +02:00
Guillaume Ayoub
45e844cda2 Fix a read/write mismatch in from_file rights manager 2013-05-15 22:29:40 +02:00
Guillaume Ayoub
406bb6e8cc Update copyright years 2013-04-26 01:28:03 +02:00