[CalendarServer-changes] [459] CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/ static.py

source_changes at macosforge.org source_changes at macosforge.org
Tue Nov 14 19:14:48 PST 2006


Revision: 459
          http://trac.macosforge.org/projects/calendarserver/changeset/459
Author:   wsanchez at apple.com
Date:     2006-11-14 19:14:48 -0800 (Tue, 14 Nov 2006)

Log Message:
-----------
Implement defaultAccessControlList() so that the owner has write access to their home collection.

Modified Paths:
--------------
    CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/static.py

Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/static.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/static.py	2006-11-15 03:14:14 UTC (rev 458)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/static.py	2006-11-15 03:14:48 UTC (rev 459)
@@ -460,7 +460,7 @@
         return self.directory.recordTypes()
 
     def principalCollections(self, request):
-        # FIXME: self.directory.principalCollection smells like a hack
+        # FIXME: directory.principalCollection smells like a hack
         # See DirectoryPrincipalProvisioningResource.__init__()
         return self.directory.principalCollection.principalCollections(request)
 
@@ -562,6 +562,30 @@
         return super(CalendarHomeFile, self).getChild(name)
 
     ##
+    # ACL
+    ##
+
+    def defaultAccessControlList(self):
+        # FIXME: directory.principalCollection smells like a hack
+        # See DirectoryPrincipalProvisioningResource.__init__()
+        myPrincipal = self._parent._parent.directory.principalCollection.principalForRecord(self.record)
+
+        return davxml.ACL(
+            # Read access for authenticated users.
+            davxml.ACE(
+                davxml.Principal(davxml.Authenticated()),
+                davxml.Grant(davxml.Privilege(davxml.Read())),
+            ),
+            # Inheritable all access to resource's associated principal.
+            davxml.ACE(
+                davxml.Principal(davxml.HRef(myPrincipal.principalURL())),
+                davxml.Grant(davxml.Privilege(davxml.All())),
+                davxml.Protected(),
+                TwistedACLInheritable(),
+            ),
+        )
+
+    ##
     # Quota
     ##
 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20061114/3ff42d18/attachment.html


More information about the calendarserver-changes mailing list