tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,519 Commits 2 Branches 0 Tags
f87c16a42b4b6d7a39c0f00e21b605641547ed0c
Commit Graph

402 Commits

Author SHA1 Message Date
deronnax
b863e8390e add ".well-known" addresses feature (closes #126) 2014-10-20 18:51:43 +02:00
deronnax
c180b4ace3 decode http resquest content later 2014-10-20 17:32:10 +02:00
Guillaume Ayoub
a6884492a2 Version 0.9 2014-08-13 13:12:19 +02:00
Guillaume Ayoub
9ad9c466e2 Add an option allowing requests without base_prefix 
Related to #147, patch proposed by jheidemann
 2014-08-06 11:51:11 +02:00
Guillaume Ayoub
a5c5f2494f New version 2014-07-28 13:03:06 +02:00
Guillaume Ayoub
a65f96fe41 Fix syntax error 2014-07-28 11:28:12 +02:00
Guillaume Ayoub
f92f9f5e7d Merge pull request #175 from Ede123/master 
Return "401 unauthorized" on unauthorized DELETE requests (fixes #125)
 2014-07-28 11:20:45 +02:00
Mathieu Dupuy
a94984b653 revert of 00674fe 2014-07-25 15:41:56 +02:00
Ede123
c9bd2d0135 Signed-off-by: Ede123 <Eduard.Braun2@gmx.de> 2014-06-21 15:34:22 +02:00
Guillaume Ayoub
6854cd0ee3 Use warning instead of warn for logging (fix #170) 2014-06-15 10:19:34 +02:00
Markus Kaiserswerth
0dee34b3a8 Add SSL ciphers argument only if supported, fixes Python 2.6 compat 2014-03-19 14:04:25 +01:00
Guillaume Ayoub
45f8e76643 Revert "Follow the depth in REPORT requests" 
This reverts commit 9556508b2a.
 2014-03-05 19:26:42 +01:00
Guillaume Ayoub
9556508b2a Follow the depth in REPORT requests 2014-03-04 01:37:14 +01:00
Guillaume Ayoub
066dffd614 Cut line 2014-03-04 01:08:56 +01:00
Guillaume Ayoub
3bd5b8f0fc Let's try to release 0.9 beta 1 2014-02-24 23:26:40 +01:00
Guillaume Ayoub
701df2d201 Use environ.get instead of try/except 2014-02-05 13:01:49 +01:00
Guillaume Ayoub
f7c7746643 Merge pull request #99 from horazont/fix-preauth 
Fix issues if authentication is done by web server
 2014-02-05 12:59:45 +01:00
Christoph Polcin
3aa992e518 Find collections if necessary 2014-01-19 20:11:47 +01:00
Christoph Polcin
90d82d044c Fix access to collections 
under certain conditions it was possible to pass the final access control
if-clause. the master branch granted access if:

    if ((read_allowed_items or write_allowed_items)
        and (not user or auth.is_authenticated(user, password))) or
        function == self.options or not items:

the easy-connect branch from pull request #95 adds:
    (is_authenticated and function == self.propfind) or

the last `or not items` condition levers out the previous authentication and
access control. that isn't that big secuity issue because in this case there
are no collection and items at all. but "bad" and anonymous users could gather
data and information which not destined for them.

this commit fixes and simplifies the if-clause.
 2014-01-19 20:04:37 +01:00
Christoph Polcin
83db27303f Respond to all authenticated PROPFIND requests 2014-01-19 19:35:46 +01:00
Jonas Wielicki
d9df9a36e1 Fix issues if authentication is done by web server 
This patch fixes `user` always being None if the authentication is
offloaded to the webserver, as it is suggested in the documentation.

For normal access, this is not a problem, but it becomes a problem if a
client wants to get the current-user-principal, for which the user name
is required.
 2014-01-14 20:46:47 +01:00
Sergey Fursov
dca10fa14e Different rights management backends 
Initially only one backend - regular expressions based
 2013-12-25 03:44:24 +04:00
Jean-Marc Martins
7ac971e022 Fix wrong syntax in config file and fix #58 2013-12-23 16:45:15 +01:00
Jean-Marc Martins
f377bd1356 Fix ssl protocol 2013-12-13 15:17:30 +01:00
Jean-Marc Martins
d765544edd Add ssl protocol and ciphers in config 2013-12-13 14:31:09 +01:00
Jean-Marc Martins
a631c8c761 Fix compatibility between python2 and 3 2013-09-19 14:40:03 +02:00
Jean-Marc Martins
e2512b12fb Fixed partially anonymous authentication 2013-09-13 15:05:02 +02:00
Jean-Marc Martins
58faf725b0 Fixed authentication for anonymous users 2013-09-12 17:39:20 +02:00
Guillaume Ayoub
43785e48a9 Get configuration keys at runtime, not when module is imported (fixes #64) 2013-09-12 13:48:49 +02:00
Jean-Marc Martins
97a19405c4 Adds git support to Radicale (Fix #30) 2013-08-30 17:23:04 +02:00
Guillaume Ayoub
f7f26afd6b Fix rights type "None" 2013-08-14 11:58:08 +02:00
Guillaume Ayoub
586773148e Use a more simple rights manager 2013-08-14 10:50:59 +02:00
Guillaume Ayoub
b8848de15e Preparing next version 2013-07-12 18:40:12 +02:00
Guillaume Ayoub
2df8f92f87 Version 0.8 2013-07-12 17:45:30 +02:00
Guillaume Ayoub
c4f2587fd9 Pylint 2013-07-12 15:25:57 +02:00
Guillaume Ayoub
de1e57081b Put the realm in the configuration file (fix #37) 2013-06-28 16:39:09 +02:00
Guillaume Ayoub
fab7796ca0 Allow additional HTTP headers in configuration file 
Best ratio coolness/sloc ever!
 2013-05-13 18:15:08 +02:00
Guillaume Ayoub
e9e811d375 Allow requests with no maching items (ie. requests at "/") 2013-05-01 20:36:41 +02:00
Guillaume Ayoub
f73b44a311 Useless typo 2013-05-01 20:12:24 +02:00
Guillaume Ayoub
bf8e874e4d Merge *base_prefix config keys into base_prefix (fixes #996) 2013-04-30 14:02:17 +02:00
Guillaume Ayoub
406bb6e8cc Update copyright years 2013-04-26 01:28:03 +02:00
Guillaume Ayoub
bcdf00f85e Allow colon characters in passwords (fixes #1308) 2013-01-31 17:27:23 +01:00
Guillaume Ayoub
4c064bcf35 Clean rights from file and remove tests 2012-09-15 09:08:01 +02:00
Guillaume Ayoub
7b15832dbf Merge pull request #12 from matthiasjordan/master 
File-based rights and testing
 2012-09-14 05:23:24 -07:00
Guillaume Ayoub
e06cfa4de0 Handle "If-None-Match: *" HTTP headers for PUT requests 2012-08-31 17:24:32 +02:00
Matthias Jordan
e08aa6176c Less aggressive logging 2012-08-18 00:36:30 +02:00
Matthias Jordan
0c4562c01d Using different HTTP status codes in some cases where auth or rights are violated 2012-08-18 00:18:22 +02:00
Matthias Jordan
db708a0853 Checking rights only once. Also taking care of mistakenly checking 
ownership of events. xmlutils is now unaware of rights.
 2012-08-15 22:36:42 +02:00
Matthias Jordan
0722db04fb Extract method 2012-08-15 15:12:18 +02:00
Matthias Jordan
bc0b74c555 Using collection's URL for logging instead of its name 2012-08-11 00:57:15 +02:00