Revision: 2107 http://trac.macosforge.org/projects/calendarserver/changeset/2107 Author: wsanchez@apple.com Date: 2008-01-11 13:39:36 -0800 (Fri, 11 Jan 2008) Log Message: ----------- Pull up r2046, sudo users shouldn't be enabled for calendaring Modified Paths: -------------- CalendarServer/branches/release/CalendarServer-1.2-dev/twistedcaldav/directory/sudo.py CalendarServer/branches/release/CalendarServer-1.2-dev/twistedcaldav/directory/test/test_sudo.py Modified: CalendarServer/branches/release/CalendarServer-1.2-dev/twistedcaldav/directory/sudo.py =================================================================== --- CalendarServer/branches/release/CalendarServer-1.2-dev/twistedcaldav/directory/sudo.py 2008-01-11 21:19:38 UTC (rev 2106) +++ CalendarServer/branches/release/CalendarServer-1.2-dev/twistedcaldav/directory/sudo.py 2008-01-11 21:39:36 UTC (rev 2107) @@ -27,13 +27,13 @@ from twisted.python.filepath import FilePath -from twisted.cred.credentials import (IUsernamePassword, +from twisted.cred.credentials import (IUsernamePassword, IUsernameHashedPassword) from twisted.cred.error import UnauthorizedLogin from twistedcaldav.py.plistlib import readPlist -from twistedcaldav.directory.directory import (DirectoryService, +from twistedcaldav.directory.directory import (DirectoryService, DirectoryRecord, UnknownRecordTypeError) @@ -58,7 +58,7 @@ if isinstance(plistFile, (unicode, str)): plistFile = FilePath(plistFile) - + self.plistFile = plistFile self._fileInfo = None self._accounts() @@ -104,12 +104,12 @@ # implementation because you shouldn't have a principal object for a # disabled directory principal. sudouser = self.recordWithShortName( - SudoDirectoryService.recordType_sudoers, + SudoDirectoryService.recordType_sudoers, credentials.credentials.username) if sudouser is None: raise UnauthorizedLogin("No such user: %s" % (sudouser,)) - + if sudouser.verifyCredentials(credentials.credentials): return ( credentials.authnPrincipal.principalURL(), @@ -117,7 +117,7 @@ ) else: raise UnauthorizedLogin( - "Incorrect credentials for %s" % (sudouser,)) + "Incorrect credentials for %s" % (sudouser,)) class SudoDirectoryRecord(DirectoryRecord): @@ -133,7 +133,8 @@ shortName=shortName, fullName=shortName, calendarUserAddresses=set(), - autoSchedule=False) + autoSchedule=False, + enabledForCalendaring=False) self.password = entry['password'] @@ -142,5 +143,5 @@ return credentials.checkPassword(self.password) elif IUsernameHashedPassword.providedBy(credentials): return credentials.checkPassword(self.password) - + return super(SudoDirectoryRecord, self).verifyCredentials(credentials) Modified: CalendarServer/branches/release/CalendarServer-1.2-dev/twistedcaldav/directory/test/test_sudo.py =================================================================== --- CalendarServer/branches/release/CalendarServer-1.2-dev/twistedcaldav/directory/test/test_sudo.py 2008-01-11 21:19:38 UTC (rev 2106) +++ CalendarServer/branches/release/CalendarServer-1.2-dev/twistedcaldav/directory/test/test_sudo.py 2008-01-11 21:39:36 UTC (rev 2107) @@ -84,3 +84,11 @@ record = service.recordWithShortName(self.recordType, 'bob') self.assertEquals(record.password, 'bob') + + def test_calendaringDisabled(self): + service = self.service() + + record = service.recordWithShortName(self.recordType, 'alice') + + self.failIf(record.enabledForCalendaring, + "sudoers should have enabledForCalendaring=False")