[CalendarServer-changes] [2300] CalendarServer/branches/release/CalendarServer-1.3-dev/lib-patches/ Twisted/twisted.web2.dav.resource.patch

source_changes at macosforge.org source_changes at macosforge.org
Fri Apr 11 02:57:24 PDT 2008


Revision: 2300
          http://trac.macosforge.org/projects/calendarserver/changeset/2300
Author:   wsanchez at apple.com
Date:     2008-04-11 02:57:24 -0700 (Fri, 11 Apr 2008)

Log Message:
-----------
Pull up r2289: ACE inheritable state lost when ACL update is done

Modified Paths:
--------------
    CalendarServer/branches/release/CalendarServer-1.3-dev/lib-patches/Twisted/twisted.web2.dav.resource.patch

Modified: CalendarServer/branches/release/CalendarServer-1.3-dev/lib-patches/Twisted/twisted.web2.dav.resource.patch
===================================================================
--- CalendarServer/branches/release/CalendarServer-1.3-dev/lib-patches/Twisted/twisted.web2.dav.resource.patch	2008-04-11 09:49:58 UTC (rev 2299)
+++ CalendarServer/branches/release/CalendarServer-1.3-dev/lib-patches/Twisted/twisted.web2.dav.resource.patch	2008-04-11 09:57:24 UTC (rev 2300)
@@ -350,8 +350,19 @@
      def setAccessControlList(self, acl):
          """
          See L{IDAVResource.setAccessControlList}.
-@@ -1038,9 +1108,9 @@
+@@ -748,7 +818,9 @@
+         # 10. Verify that new acl is not in conflict with itself
+         # 11. Update acl on the resource
  
+-        old_acl = waitForDeferred(self.accessControlList(request))
++        # Get the current access control list, preserving any private properties on the ACEs as 
++        # we will need to keep those when we change the ACL. 
++        old_acl = waitForDeferred(self.accessControlList(request, expanding=True)) 
+         yield old_acl
+         old_acl = old_acl.getResult()
+ 
+@@ -1038,9 +1110,9 @@
+ 
              if myURL == "/":
                  # If we get to the root without any ACLs, then use the default.
 +                acl = self.defaultRootAccessControlList()
@@ -362,7 +373,7 @@
  
          # Dynamically update privileges for those ace's that are inherited.
          if inheritance:
-@@ -1076,7 +1146,7 @@
+@@ -1076,7 +1148,7 @@
                                  # Adjust ACE for inherit on this resource
                                  children = list(ace.children)
                                  children.remove(TwistedACLInheritable())
@@ -371,7 +382,7 @@
                                  aces.append(davxml.ACE(*children))
              else:
                  aces.extend(inherited_aces)
-@@ -1128,7 +1198,7 @@
+@@ -1128,7 +1200,7 @@
                  # Adjust ACE for inherit on this resource
                  children = list(ace.children)
                  children.remove(TwistedACLInheritable())
@@ -380,7 +391,7 @@
                  aces.append(davxml.ACE(*children))
                  
          # Filter out those that do not have a principal match with the current principal
-@@ -1152,49 +1222,69 @@
+@@ -1152,49 +1224,69 @@
  
          This implementation returns an empty set.
          """
@@ -478,7 +489,7 @@
      def samePrincipal(self, principal1, principal2):
          """
          Check whether the two prinicpals are exactly the same in terms of
-@@ -1219,7 +1309,6 @@
+@@ -1219,7 +1311,6 @@
              return False
                  
      def matchPrincipal(self, principal1, principal2, request):
@@ -486,7 +497,7 @@
          """
          Check whether the principal1 is a principal in the set defined by
          principal2.
-@@ -1244,6 +1333,9 @@
+@@ -1244,6 +1335,9 @@
              if isinstance(principal1, davxml.Unauthenticated):
                  yield False
                  return
@@ -496,7 +507,7 @@
              else:
                  yield True
                  return
-@@ -1271,7 +1363,6 @@
+@@ -1271,7 +1365,6 @@
  
          assert principal2 is not None, "principal2 is None"
  
@@ -504,7 +515,7 @@
          # Compare two HRefs and do group membership test as well
          if principal1 == principal2:
              yield True
-@@ -1302,9 +1393,9 @@
+@@ -1302,9 +1395,9 @@
          def testGroup(group):
              # Get principal resource for principal2
              if group and isinstance(group, DAVPrincipalResource):
@@ -517,7 +528,7 @@
                  
              return False
  
-@@ -1351,11 +1442,16 @@
+@@ -1351,11 +1444,16 @@
          @return C{True} if C{href_principal} is valid, C{False} otherwise.
  
          This implementation tests for a href element that corresponds to
@@ -537,7 +548,7 @@
          return d
  
      def resolvePrincipal(self, principal, request):
-@@ -1432,7 +1528,7 @@
+@@ -1432,7 +1530,7 @@
                  log.err("DAV:self ACE is set on non-principal resource %r" % (self,))
                  yield None
                  return
@@ -546,7 +557,7 @@
  
          if isinstance(principal, davxml.HRef):
              yield principal
-@@ -1517,6 +1613,270 @@
+@@ -1517,6 +1615,270 @@
          return None
  
      ##
@@ -817,7 +828,7 @@
      # HTTP
      ##
  
-@@ -1567,7 +1927,7 @@
+@@ -1567,7 +1929,7 @@
      def findChildren(self, depth, request, callback, privileges=None, inherited_aces=None):
          return succeed(None)
  
@@ -826,7 +837,7 @@
      """
      Resource representing a WebDAV principal.  (RFC 3744, section 2)
      """
-@@ -1577,7 +1937,7 @@
+@@ -1577,7 +1939,7 @@
      # WebDAV
      ##
  
@@ -835,7 +846,7 @@
          (dav_namespace, "alternate-URI-set"),
          (dav_namespace, "principal-URL"    ),
          (dav_namespace, "group-member-set" ),
-@@ -1585,14 +1945,11 @@
+@@ -1585,14 +1947,11 @@
      )
  
      def davComplianceClasses(self):
@@ -851,7 +862,7 @@
      def readProperty(self, property, request):
          def defer():
              if type(property) is tuple:
-@@ -1610,10 +1967,10 @@
+@@ -1610,10 +1969,10 @@
                      return davxml.PrincipalURL(davxml.HRef(self.principalURL()))
  
                  if name == "group-member-set":
@@ -864,7 +875,7 @@
  
                  if name == "resourcetype":
                      if self.isCollection():
-@@ -1677,8 +2034,27 @@
+@@ -1677,8 +2036,27 @@
          if self.principalURL() == uri:
              return True
          else:
@@ -893,7 +904,7 @@
  class AccessDeniedError(Exception):
      def __init__(self, errors):
          """ 
-@@ -1718,6 +2094,37 @@
+@@ -1718,6 +2096,37 @@
  davxml.registerElement(TwistedACLInheritable)
  davxml.ACE.allowed_children[(twisted_dav_namespace, "inheritable")] = (0, 1)
  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20080411/3ec251e7/attachment-0001.html


More information about the calendarserver-changes mailing list