[CalendarServer-changes] [879]
CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav
source_changes at macosforge.org
source_changes at macosforge.org
Wed Dec 20 23:11:01 PST 2006
Revision: 879
http://trac.macosforge.org/projects/calendarserver/changeset/879
Author: cdaboo at apple.com
Date: 2006-12-20 23:11:01 -0800 (Wed, 20 Dec 2006)
Log Message:
-----------
Provision default ACLs for calendar user proxies.
Modified Paths:
--------------
CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav/directory/calendar.py
CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav/schedule.py
Modified: CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav/directory/calendar.py
===================================================================
--- CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav/directory/calendar.py 2006-12-21 07:04:38 UTC (rev 878)
+++ CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav/directory/calendar.py 2006-12-21 07:11:01 UTC (rev 879)
@@ -256,7 +256,7 @@
# See DirectoryPrincipalProvisioningResource.__init__()
myPrincipal = self._parent._parent.directory.principalCollection.principalForRecord(self.record)
- return davxml.ACL(
+ aces = (
# DAV:read access for authenticated users.
davxml.ACE(
davxml.Principal(davxml.Authenticated()),
@@ -270,7 +270,27 @@
TwistedACLInheritable(),
),
)
+
+ if config.CalendarUserProxyEnabled:
+ aces += (
+ # DAV:read access for this principal's calendar-proxy-read users.
+ davxml.ACE(
+ davxml.Principal(davxml.HRef(joinURL(myPrincipal.principalURL(), "calendar-proxy-read"))),
+ davxml.Grant(davxml.Privilege(davxml.Read())),
+ davxml.Protected(),
+ TwistedACLInheritable(),
+ ),
+ # DAV:read/DAV:write access for this principal's calendar-proxy-write users.
+ davxml.ACE(
+ davxml.Principal(davxml.HRef(joinURL(myPrincipal.principalURL(), "calendar-proxy-write"))),
+ davxml.Grant(davxml.Privilege(davxml.Read()), davxml.Privilege(davxml.Write())),
+ davxml.Protected(),
+ TwistedACLInheritable(),
+ ),
+ )
+ return davxml.ACL(*aces)
+
def principalCollections(self):
return self._parent.principalCollections()
Modified: CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav/schedule.py
===================================================================
--- CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav/schedule.py 2006-12-21 07:04:38 UTC (rev 878)
+++ CalendarServer/branches/users/cdaboo/cuproxy-857/twistedcaldav/schedule.py 2006-12-21 07:11:01 UTC (rev 879)
@@ -41,6 +41,7 @@
from twistedcaldav import itip
from twistedcaldav.resource import CalDAVResource
from twistedcaldav.caldavxml import caldav_namespace, TimeRange
+from twistedcaldav.config import config
from twistedcaldav.ical import Component
from twistedcaldav.method import report_common
from twistedcaldav.method.put_common import storeCalendarObjectResource
@@ -85,6 +86,7 @@
)
def defaultAccessControlList(self):
+
return davxml.ACL(
# CalDAV:schedule for any authenticated user
davxml.ACE(
@@ -101,6 +103,26 @@
Extends L{DAVResource} to provide CalDAV functionality.
"""
+
+ def defaultAccessControlList(self):
+
+ if config.CalendarUserProxyEnabled:
+ # FIXME: directory.principalCollection smells like a hack
+ # See DirectoryPrincipalProvisioningResource.__init__()
+ myPrincipal = self._parent._parent._parent.directory.principalCollection.principalForRecord(self.record)
+
+ return davxml.ACL(
+ # CalDAV:schedule for any authenticated user
+ davxml.ACE(
+ davxml.Principal(davxml.HRef(joinURL(myPrincipal.principalURL(), "calendar-proxy-write"))),
+ davxml.Grant(
+ davxml.Privilege(caldavxml.Schedule()),
+ ),
+ ),
+ )
+ else:
+ return super(ScheduleOutboxResource, self).defaultAccessControlList()
+
def resourceType(self):
return davxml.ResourceType(
davxml.ResourceType.collection,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20061220/30b923f0/attachment.html
More information about the calendarserver-changes
mailing list