[CalendarServer-changes] [497] CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav

source_changes at macosforge.org source_changes at macosforge.org
Thu Nov 16 17:35:00 PST 2006 

Revision: 497
          http://trac.macosforge.org/projects/calendarserver/changeset/497
Author:   wsanchez at apple.com
Date:     2006-11-16 17:35:00 -0800 (Thu, 16 Nov 2006)

Log Message:
-----------
Ixnay on the irectoryCredentialsCheckerDay

Modified Paths:
--------------
    CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/cred.py
    CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/directory.py
    CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/repository.py

Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/cred.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/cred.py	2006-11-17 01:14:20 UTC (rev 496)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/cred.py	2006-11-17 01:35:00 UTC (rev 497)
@@ -1,59 +0,0 @@
-##
-# Copyright (c) 2006 Apple Computer, Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# DRI: Wilfredo Sanchez, wsanchez at apple.com
-##
-
-"""
-Implements a directory-backed principal hierarchy.
-"""
-
-__all__ = [
-    "DirectoryCredentialsChecker",
-]
-
-from zope.interface import implements
-
-from twisted.cred.error import UnauthorizedLogin
-from twisted.cred.checkers import ICredentialsChecker
-from twisted.web2.dav.auth import IPrincipalCredentials
-
-class DirectoryCredentialsChecker (object):
-    implements(ICredentialsChecker)
-
-    credentialInterfaces = (IPrincipalCredentials,)
-
-    def __init__(self, service):
-        """
-        @param service: an L{IDirectoryService} provider.
-        """
-        self.service = service
-
-    def requestAvatarId(self, credentials):
-        credentials = IPrincipalCredentials(credentials)
-
-        # FIXME: ?
-        # We were checking if principal is enabled; seems unnecessary in current
-        # implementation because you shouldn't have a principal object for a
-        # disabled directory principal.
-
-        user = self.service.recordWithShortName("user", credentials.credentials.username)
-        if user is None:
-            raise UnauthorizedLogin("No such user: %s" % (user,))
-
-        if user.verifyCredentials(credentials.credentials):
-            return (credentials.authnPrincipal.principalURL(), credentials.authzPrincipal.principalURL())
-        else:
-            raise UnauthorizedLogin("Incorrect credentials for %s" % (user,)) 

Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/directory.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/directory.py	2006-11-17 01:14:20 UTC (rev 496)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/directory.py	2006-11-17 01:35:00 UTC (rev 497)
@@ -32,11 +32,35 @@
 
 from zope.interface import implements
 
+from twisted.cred.error import UnauthorizedLogin
+from twisted.cred.checkers import ICredentialsChecker
+from twisted.web2.dav.auth import IPrincipalCredentials
+
 from twistedcaldav.directory.idirectory import IDirectoryService, IDirectoryRecord
 
 class DirectoryService(object):
-    implements(IDirectoryService)
+    implements(IDirectoryService, ICredentialsChecker)
 
+    # For ICredentialsChecker
+    credentialInterfaces = (IPrincipalCredentials,)
+
+    def requestAvatarId(self, credentials):
+        credentials = IPrincipalCredentials(credentials)
+
+        # FIXME: ?
+        # We were checking if principal is enabled; seems unnecessary in current
+        # implementation because you shouldn't have a principal object for a
+        # disabled directory principal.
+
+        user = self.recordWithShortName("user", credentials.credentials.username)
+        if user is None:
+            raise UnauthorizedLogin("No such user: %s" % (user,))
+
+        if user.verifyCredentials(credentials.credentials):
+            return (credentials.authnPrincipal.principalURL(), credentials.authzPrincipal.principalURL())
+        else:
+            raise UnauthorizedLogin("Incorrect credentials for %s" % (user,)) 
+
 class DirectoryRecord(object):
     implements(IDirectoryRecord)
 

Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/repository.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/repository.py	2006-11-17 01:14:20 UTC (rev 496)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/repository.py	2006-11-17 01:35:00 UTC (rev 497)
@@ -54,7 +54,6 @@
 from twistedcaldav.logging import RotatingFileAccessLoggingObserver
 from twistedcaldav.resource import CalDAVResource
 from twistedcaldav.static import CalDAVFile, CalendarHomeFile, CalendarPrincipalFile
-from twistedcaldav.directory.cred import DirectoryCredentialsChecker
 from twistedcaldav.directory.idirectory import IDirectoryService
 from twistedcaldav.directory.appleopendirectory import OpenDirectoryService
 
@@ -239,9 +238,9 @@
         portal.registerChecker(auth.TwistedPropertyChecker())
         print "Using property-based password checker."
     elif authenticator.credentials == ATTRIBUTE_VALUE_DIRECTORY:
-        opendirectory = OpenDirectoryService(authenticator.directoryNode)
-        directory.service = opendirectory
-        portal.registerChecker(DirectoryCredentialsChecker(opendirectory))
+        service = OpenDirectoryService(authenticator.directoryNode)
+        directory.service = service
+        portal.registerChecker(service)
         print "Using directory-based password checker."
     elif authenticator.credentials == ATTRIBUTE_VALUE_KERBEROS:
         if authenticator.type == "basic":

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20061116/8f466b14/attachment.html

More information about the calendarserver-changes mailing list