Revision: 791 http://trac.macosforge.org/projects/calendarserver/changeset/791 Author: cdaboo@apple.com Date: 2006-12-11 12:42:10 -0800 (Mon, 11 Dec 2006) Log Message: ----------- Fix access control specs for admin. Modified Paths: -------------- CalendarServer/trunk/conf/caldavd-test.plist CalendarServer/trunk/conf/caldavd.plist CalendarServer/trunk/twistedcaldav/tap.py Modified: CalendarServer/trunk/conf/caldavd-test.plist =================================================================== --- CalendarServer/trunk/conf/caldavd-test.plist 2006-12-11 19:22:04 UTC (rev 790) +++ CalendarServer/trunk/conf/caldavd-test.plist 2006-12-11 20:42:10 UTC (rev 791) @@ -159,5 +159,15 @@ <key>SACLEnable</key> <false/> + <key>AuthSchemes</key> + <array> + <string>Basic</string> + </array> + + <key>AdminPrincipals</key> + <array> + <string>/principals/user/admin</string> + </array> + </dict> </plist> Modified: CalendarServer/trunk/conf/caldavd.plist =================================================================== --- CalendarServer/trunk/conf/caldavd.plist 2006-12-11 19:22:04 UTC (rev 790) +++ CalendarServer/trunk/conf/caldavd.plist 2006-12-11 20:42:10 UTC (rev 791) @@ -112,7 +112,7 @@ <key>AdminPrincipals</key> <array> - <string>/principals/users/admin</string> + <string>/principals/user/admin</string> </array> </dict> Modified: CalendarServer/trunk/twistedcaldav/tap.py =================================================================== --- CalendarServer/trunk/twistedcaldav/tap.py 2006-12-11 19:22:04 UTC (rev 790) +++ CalendarServer/trunk/twistedcaldav/tap.py 2006-12-11 20:42:10 UTC (rev 791) @@ -31,6 +31,7 @@ from twisted.web2.dav import auth from twisted.web2.dav import davxml +from twisted.web2.dav.resource import TwistedACLInheritable from twisted.web2.auth import basic from twisted.web2.auth import digest from twisted.web2.channel import http @@ -116,13 +117,20 @@ rootACEs = [ davxml.ACE( davxml.Principal(davxml.All()), - davxml.Grant(davxml.Privilege(davxml.Read()))),] + davxml.Grant(davxml.Privilege(davxml.Read())), + davxml.Protected(), + ), + ] for principal in config.AdminPrincipals: rootACEs.append( davxml.ACE( davxml.Principal(davxml.HRef(principal)), - davxml.Grant(davxml.Privilege(davxml.All())))) + davxml.Grant(davxml.Privilege(davxml.All())), + davxml.Protected(), + TwistedACLInheritable(), + ) + ) root.setAccessControlList(davxml.ACL(*rootACEs))