[CalendarServer-changes] [689] CalendarServer/branches/SACLs
source_changes at macosforge.org
source_changes at macosforge.org
Tue Dec 5 10:26:19 PST 2006
Revision: 689
http://trac.macosforge.org/projects/calendarserver/changeset/689
Author: dreid at apple.com
Date: 2006-12-05 10:26:18 -0800 (Tue, 05 Dec 2006)
Log Message:
-----------
remove SACLService config option, and change the service option to not have the com.apple.access_ prefix because this gets added by mbr_check_service_membership
Modified Paths:
--------------
CalendarServer/branches/SACLs/conf/caldavd.plist
CalendarServer/branches/SACLs/twistedcaldav/caldavd.py
CalendarServer/branches/SACLs/twistedcaldav/root.py
CalendarServer/branches/SACLs/twistedcaldav/test/test_root.py
Modified: CalendarServer/branches/SACLs/conf/caldavd.plist
===================================================================
--- CalendarServer/branches/SACLs/conf/caldavd.plist 2006-12-05 18:12:21 UTC (rev 688)
+++ CalendarServer/branches/SACLs/conf/caldavd.plist 2006-12-05 18:26:18 UTC (rev 689)
@@ -122,9 +122,5 @@
<key>SACLEnable</key>
<true/>
-
- <key>SACLService</key>
- <string>com.apple.access_calendar</string>
-
</dict>
</plist>
Modified: CalendarServer/branches/SACLs/twistedcaldav/caldavd.py
===================================================================
--- CalendarServer/branches/SACLs/twistedcaldav/caldavd.py 2006-12-05 18:12:21 UTC (rev 688)
+++ CalendarServer/branches/SACLs/twistedcaldav/caldavd.py 2006-12-05 18:26:18 UTC (rev 689)
@@ -68,11 +68,12 @@
'UserQuotaBytes': 104857600,
'Verbose': False,
'twistdLocation': '/usr/share/caldavd/bin/twistd',
- 'SACLEnable': False,
- 'SACLService': 'com.apple.access_calendar',
+ 'SACLEnable': True,
}
-
+# FIXME: This doesn't actually work because the webserver runs in a different
+# python process from the commandline util caldavd that actually parses the
+# plists the twistd plugin will fix this.
CONFIG = DEFAULTS.copy()
Modified: CalendarServer/branches/SACLs/twistedcaldav/root.py
===================================================================
--- CalendarServer/branches/SACLs/twistedcaldav/root.py 2006-12-05 18:12:21 UTC (rev 688)
+++ CalendarServer/branches/SACLs/twistedcaldav/root.py 2006-12-05 18:26:18 UTC (rev 689)
@@ -32,7 +32,7 @@
"""
useSacls = False
- saclService = None
+ saclService = 'calendar'
def __init__(self, path, *args, **kwargs):
super(RootResource, self).__init__(path, *args, **kwargs)
@@ -40,8 +40,7 @@
from twistedcaldav import caldavd
if caldavd.CONFIG['SACLEnable'] and RootResource.CheckSACL:
- self.saclService = caldavd.CONFIG['SACLService']
- self.useSacls = caldavd.CONFIG['SACLEnable']
+ self.useSacls = True
def checkSacl(self, request):
"""Check SACLs against the current request
@@ -70,8 +69,8 @@
# Figure out the "username" from the davxml.Principal object
username = authzUser.children[0].children[0].data
username = username.split('/')[-1]
-
- if not RootResource.CheckSACL(username, self.saclService):
+
+ if RootResource.CheckSACL(username, self.saclService) != 0:
return Failure(HTTPError(403))
return True
Modified: CalendarServer/branches/SACLs/twistedcaldav/test/test_root.py
===================================================================
--- CalendarServer/branches/SACLs/twistedcaldav/test/test_root.py 2006-12-05 18:12:21 UTC (rev 688)
+++ CalendarServer/branches/SACLs/twistedcaldav/test/test_root.py 2006-12-05 18:26:18 UTC (rev 689)
@@ -46,10 +46,13 @@
def __call__(self, username, service):
if service not in self.sacls:
- return False
+ return 1
- return username in self.sacls[service]
+ if username in self.sacls[service]:
+ return 0
+ return 1
+
class RootTests(TestCase):
def setUp(self):
self.docroot = self.mktemp()
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20061205/b9d61b69/attachment.html
More information about the calendarserver-changes
mailing list