[CalendarServer-changes] [2273]
CalendarServer/branches/users/cdaboo/better-proxy-db-2269/
lib-patches/Twisted/twisted.web2.dav.resource.patch
source_changes at macosforge.org
source_changes at macosforge.org
Tue Apr 1 13:40:47 PDT 2008
Revision: 2273
http://trac.macosforge.org/projects/calendarserver/changeset/2273
Author: cdaboo at apple.com
Date: 2008-04-01 13:40:46 -0700 (Tue, 01 Apr 2008)
Log Message:
-----------
No longer do principal matches with calculating inherited aces as we don't want to do proxy DB
queries unless we really have to.
Modified Paths:
--------------
CalendarServer/branches/users/cdaboo/better-proxy-db-2269/lib-patches/Twisted/twisted.web2.dav.resource.patch
Modified: CalendarServer/branches/users/cdaboo/better-proxy-db-2269/lib-patches/Twisted/twisted.web2.dav.resource.patch
===================================================================
--- CalendarServer/branches/users/cdaboo/better-proxy-db-2269/lib-patches/Twisted/twisted.web2.dav.resource.patch 2008-04-01 20:07:00 UTC (rev 2272)
+++ CalendarServer/branches/users/cdaboo/better-proxy-db-2269/lib-patches/Twisted/twisted.web2.dav.resource.patch 2008-04-01 20:40:46 UTC (rev 2273)
@@ -371,29 +371,42 @@
aces.append(davxml.ACE(*children))
else:
aces.extend(inherited_aces)
-@@ -1128,14 +1198,18 @@
+@@ -1105,8 +1175,7 @@
+ the child resource loop and supply those to the checkPrivileges on each child.
+
+ @param request: the L{IRequest} for the request in progress.
+- @return: a C{list} of L{Ace}s that child resources of this one will
+- inherit and which will match the currently authenticated principal.
++ @return: a C{list} of L{Ace}s that child resources of this one will inherit
+ """
+
+ # Get the parent ACLs with inheritance and preserve the <inheritable> element.
+@@ -1128,21 +1197,9 @@
# Adjust ACE for inherit on this resource
children = list(ace.children)
children.remove(TwistedACLInheritable())
- children.append(davxml.Inherited(davxml.HRef.fromString(request.urlForResource(self))))
+ children.append(davxml.Inherited(davxml.HRef(request.urlForResource(self))))
aces.append(davxml.ACE(*children))
-
- # Filter out those that do not have a principal match with the current principal
- principal = self.currentPrincipal(request)
- filteredaces = []
- for ace in aces:
+-
+- # Filter out those that do not have a principal match with the current principal
+- principal = self.currentPrincipal(request)
+- filteredaces = []
+- for ace in aces:
- if self.matchPrincipal(principal, ace.principal, request):
-+ match = waitForDeferred(self.matchPrincipal(principal, ace.principal, request))
-+ yield match
-+ match = match.getResult()
-+
-+ if match:
- if ace.invert:
- continue
- else:
-@@ -1152,49 +1226,69 @@
+- if ace.invert:
+- continue
+- else:
+- if not ace.invert:
+- continue
+- filteredaces.append(ace)
+- yield filteredaces
++ yield aces
+ inheritedACEsforChildren = deferredGenerator(inheritedACEsforChildren)
+
+@@ -1152,49 +1209,69 @@
+
This implementation returns an empty set.
"""
-
@@ -490,7 +503,7 @@
def samePrincipal(self, principal1, principal2):
"""
Check whether the two prinicpals are exactly the same in terms of
-@@ -1219,7 +1313,6 @@
+@@ -1219,7 +1296,6 @@
return False
def matchPrincipal(self, principal1, principal2, request):
@@ -498,7 +511,7 @@
"""
Check whether the principal1 is a principal in the set defined by
principal2.
-@@ -1244,6 +1337,9 @@
+@@ -1244,6 +1320,9 @@
if isinstance(principal1, davxml.Unauthenticated):
yield False
return
@@ -508,7 +521,7 @@
else:
yield True
return
-@@ -1271,7 +1367,6 @@
+@@ -1271,7 +1350,6 @@
assert principal2 is not None, "principal2 is None"
@@ -516,7 +529,7 @@
# Compare two HRefs and do group membership test as well
if principal1 == principal2:
yield True
-@@ -1302,9 +1397,9 @@
+@@ -1302,9 +1380,9 @@
def testGroup(group):
# Get principal resource for principal2
if group and isinstance(group, DAVPrincipalResource):
@@ -529,7 +542,7 @@
return False
-@@ -1351,11 +1446,16 @@
+@@ -1351,11 +1429,16 @@
@return C{True} if C{href_principal} is valid, C{False} otherwise.
This implementation tests for a href element that corresponds to
@@ -549,7 +562,7 @@
return d
def resolvePrincipal(self, principal, request):
-@@ -1432,7 +1532,7 @@
+@@ -1432,7 +1515,7 @@
log.err("DAV:self ACE is set on non-principal resource %r" % (self,))
yield None
return
@@ -558,7 +571,7 @@
if isinstance(principal, davxml.HRef):
yield principal
-@@ -1517,6 +1617,270 @@
+@@ -1517,6 +1600,270 @@
return None
##
@@ -829,7 +842,7 @@
# HTTP
##
-@@ -1567,7 +1931,7 @@
+@@ -1567,7 +1914,7 @@
def findChildren(self, depth, request, callback, privileges=None, inherited_aces=None):
return succeed(None)
@@ -838,7 +851,7 @@
"""
Resource representing a WebDAV principal. (RFC 3744, section 2)
"""
-@@ -1577,7 +1941,7 @@
+@@ -1577,7 +1924,7 @@
# WebDAV
##
@@ -847,7 +860,7 @@
(dav_namespace, "alternate-URI-set"),
(dav_namespace, "principal-URL" ),
(dav_namespace, "group-member-set" ),
-@@ -1585,14 +1949,11 @@
+@@ -1585,14 +1932,11 @@
)
def davComplianceClasses(self):
@@ -863,7 +876,7 @@
def readProperty(self, property, request):
def defer():
if type(property) is tuple:
-@@ -1610,10 +1971,10 @@
+@@ -1610,10 +1954,10 @@
return davxml.PrincipalURL(davxml.HRef(self.principalURL()))
if name == "group-member-set":
@@ -876,7 +889,7 @@
if name == "resourcetype":
if self.isCollection():
-@@ -1677,8 +2038,27 @@
+@@ -1677,8 +2021,27 @@
if self.principalURL() == uri:
return True
else:
@@ -905,7 +918,7 @@
class AccessDeniedError(Exception):
def __init__(self, errors):
"""
-@@ -1718,6 +2098,37 @@
+@@ -1718,6 +2081,37 @@
davxml.registerElement(TwistedACLInheritable)
davxml.ACE.allowed_children[(twisted_dav_namespace, "inheritable")] = (0, 1)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20080401/c624b8d1/attachment-0001.html
More information about the calendarserver-changes
mailing list