[CalendarServer-changes] [411]
CalendarServer/branches/users/wsanchez/provisioning/lib-patches/
Twisted/twisted.web2.dav.resource.patch
source_changes at macosforge.org
source_changes at macosforge.org
Thu Nov 9 15:25:06 PST 2006
Revision: 411
http://trac.macosforge.org/projects/calendarserver/changeset/411
Author: wsanchez at apple.com
Date: 2006-11-09 15:25:06 -0800 (Thu, 09 Nov 2006)
Log Message:
-----------
Trap UnauthorizedLogin in onError() in authorize()
Modified Paths:
--------------
CalendarServer/branches/users/wsanchez/provisioning/lib-patches/Twisted/twisted.web2.dav.resource.patch
Modified: CalendarServer/branches/users/wsanchez/provisioning/lib-patches/Twisted/twisted.web2.dav.resource.patch
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/lib-patches/Twisted/twisted.web2.dav.resource.patch 2006-11-09 22:29:41 UTC (rev 410)
+++ CalendarServer/branches/users/wsanchez/provisioning/lib-patches/Twisted/twisted.web2.dav.resource.patch 2006-11-09 23:25:06 UTC (rev 411)
@@ -2,15 +2,16 @@
===================================================================
--- twisted/web2/dav/resource.py (revision 18545)
+++ twisted/web2/dav/resource.py (working copy)
-@@ -44,6 +44,7 @@
+@@ -44,6 +44,8 @@
from zope.interface import implements
from twisted.python import log
+from twisted.python.failure import Failure
++from twisted.cred.error import UnauthorizedLogin
from twisted.internet.defer import Deferred, maybeDeferred, succeed
from twisted.internet.defer import waitForDeferred, deferredGenerator
from twisted.internet import reactor
-@@ -130,6 +131,8 @@
+@@ -130,6 +132,8 @@
(dav_namespace, "acl-restrictions" ), # RFC 3744, section 5.6
(dav_namespace, "inherited-acl-set" ), # RFC 3744, section 5.7
(dav_namespace, "principal-collection-set" ), # RFC 3744, section 5.8
@@ -19,7 +20,7 @@
(twisted_dav_namespace, "resource-class"),
)
-@@ -166,6 +169,14 @@
+@@ -166,6 +170,14 @@
if qname[0] == twisted_private_namespace:
return succeed(False)
@@ -34,7 +35,7 @@
return succeed(qname in self.liveProperties or self.deadProperties().contains(qname))
def readProperty(self, property, request):
-@@ -286,7 +297,33 @@
+@@ -286,7 +298,33 @@
d.addCallback(gotACL)
return d
return ifAllowed((davxml.ReadACL(),), callback)
@@ -68,7 +69,7 @@
elif namespace == twisted_dav_namespace:
if name == "resource-class":
class ResourceClass (davxml.WebDAVTextElement):
-@@ -366,12 +403,26 @@
+@@ -366,12 +404,26 @@
# FIXME: A set would be better here, that that's a python 2.4+ feature.
qnames = list(self.liveProperties)
@@ -96,7 +97,7 @@
def listAllprop(self, request):
"""
Some DAV properties should not be returned to a C{DAV:allprop} query.
-@@ -509,6 +560,9 @@
+@@ -509,6 +561,9 @@
reactor.callLater(0, getChild)
def checkPrivileges(child):
@@ -106,7 +107,7 @@
if privileges is None:
return child
-@@ -517,14 +571,17 @@
+@@ -517,14 +572,17 @@
return d
def gotChild(child, childpath):
@@ -131,7 +132,7 @@
reactor.callLater(0, getChild)
-@@ -535,10 +592,10 @@
+@@ -535,10 +593,10 @@
completionDeferred.callback(None)
else:
childpath = joinURL(basepath, childname)
@@ -146,17 +147,15 @@
getChild()
-@@ -564,19 +621,23 @@
+@@ -564,19 +622,21 @@
See L{IDAVResource.authorize}.
"""
def onError(failure):
- log.err("Invalid authentication details: %s" % (request,))
- raise HTTPError(UnauthorizedResponse(
-+ if failure.check(HTTPError):
-+ return failure
++ failure.trap(UnauthorizedLogin)
+
-+ log.err("Invalid authentication details:")
-+ log.err(failure)
++ log.err("Authentication failed: %s" % (failure.value,))
+ return Failure(HTTPError(UnauthorizedResponse(
request.credentialFactories,
request.remoteAddr
@@ -175,7 +174,7 @@
response = UnauthorizedResponse(request.credentialFactories,
request.remoteAddr)
else:
-@@ -587,7 +648,7 @@
+@@ -587,7 +647,7 @@
# class is supposed to be a FORBIDDEN status code and
# "Authorization will not help" according to RFC2616
#
@@ -184,7 +183,7 @@
d = self.checkPrivileges(request, privileges, recurse)
d.addErrback(onErrors)
-@@ -600,16 +661,22 @@
+@@ -600,16 +660,22 @@
def authenticate(self, request):
def loginSuccess(result):
@@ -211,7 +210,7 @@
authHeader = request.headers.getHeader('authorization')
-@@ -625,9 +692,10 @@
+@@ -625,9 +691,10 @@
# Try to match principals in each principal collection on the resource
def gotDetails(details):
@@ -225,7 +224,7 @@
def login(pcreds):
d = request.portal.login(pcreds, None, *request.loginInterfaces)
-@@ -635,13 +703,15 @@
+@@ -635,13 +702,15 @@
return d
@@ -245,7 +244,7 @@
##
# ACL
-@@ -650,10 +720,10 @@
+@@ -650,10 +719,10 @@
def currentPrincipal(self, request):
"""
@param request: the request being processed.
@@ -259,7 +258,7 @@
else:
return unauthenticatedPrincipal
-@@ -666,32 +736,26 @@
+@@ -666,32 +735,26 @@
present on this resource, it tries to get it from the parent, unless it
is the root or has no parent.
"""
@@ -308,7 +307,7 @@
def defaultAccessControlList(self):
"""
@return: the L{davxml.ACL} element containing the default access control
-@@ -1146,49 +1210,96 @@
+@@ -1146,49 +1209,96 @@
This implementation returns an empty set.
"""
@@ -427,7 +426,7 @@
def samePrincipal(self, principal1, principal2):
"""
Check whether the two prinicpals are exactly the same in terms of
-@@ -1511,6 +1622,265 @@
+@@ -1511,6 +1621,265 @@
return None
##
@@ -693,7 +692,7 @@
# HTTP
##
-@@ -1558,7 +1928,7 @@
+@@ -1558,7 +1927,7 @@
"""
DAV resource with no children.
"""
@@ -702,7 +701,7 @@
return succeed(None)
class DAVPrincipalResource (DAVLeafResource):
-@@ -1712,6 +2082,37 @@
+@@ -1712,6 +2081,37 @@
davxml.registerElement(TwistedACLInheritable)
davxml.ACE.allowed_children[(twisted_dav_namespace, "inheritable")] = (0, 1)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20061109/55ff1e8f/attachment.html
More information about the calendarserver-changes
mailing list