[CalendarServer-changes] [2171] CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py
source_changes at macosforge.org
source_changes at macosforge.org
Thu Feb 21 13:50:42 PST 2008
Revision: 2171
http://trac.macosforge.org/projects/calendarserver/changeset/2171
Author: wsanchez at apple.com
Date: 2008-02-21 13:50:41 -0800 (Thu, 21 Feb 2008)
Log Message:
-----------
Need to fetch user records from DS even if they lack locator values.
Correctly filter out users and groups based on valid locator values for the server.
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py
Modified: CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py 2008-02-21 20:19:48 UTC (rev 2170)
+++ CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py 2008-02-21 21:50:41 UTC (rev 2171)
@@ -146,7 +146,8 @@
for GUID in self._expandGroupMembership(
group.get(dsattributes.kDSNAttrGroupMembers, []),
group.get(dsattributes.kDSNAttrNestedGroups, []),
- processedGUIDs):
+ processedGUIDs
+ ):
yield GUID
def __cmp__(self, other):
@@ -184,13 +185,13 @@
dsattributes.kDS1AttrGeneratedUID,
dsattributes.kDSNAttrRecordName,
dsattributes.kDSNAttrMetaNodeLocation,
- 'dsAttrTypeNative:apple-serviceinfo',
+ "dsAttrTypeNative:apple-serviceinfo",
]
records = opendirectory.queryRecordsWithAttributes_list(
self.directory,
dsquery.match(
- 'dsAttrTypeNative:apple-serviceinfo',
+ "dsAttrTypeNative:apple-serviceinfo",
vhostname,
dsattributes.eDSContains,
).generate(),
@@ -239,7 +240,7 @@
recordlocation = "%s/Computers/%s" % (record[dsattributes.kDSNAttrMetaNodeLocation], recordname)
# First check for apple-serviceinfo attribute
- plist = record.get('dsAttrTypeNative:apple-serviceinfo', None)
+ plist = record.get("dsAttrTypeNative:apple-serviceinfo", None)
if not plist:
return False
@@ -454,21 +455,46 @@
enabledForCalendaring = True
if self.requireComputerRecord:
- if not value.get(dsattributes.kDSNAttrServicesLocator):
- if (
- recordType == DirectoryService.recordType_users or
- recordType == DirectoryService.recordType_groups
- ):
- enabledForCalendaring = False
- logging.debug(
- "Record (%s) %s is not enabled for calendaring but may be used in ACLs"
- % (recordType, recordShortName), system="OpenDirectoryService"
- )
+ servicesLocators = value.get(dsattributes.kDSNAttrServicesLocator)
+
+ def allowForACLs():
+ return recordType in (
+ DirectoryService.recordType_users,
+ DirectoryService.recordType_groups,
+ )
+
+ def disableForCalendaring():
+ logging.debug(
+ "Record (%s) %s is not enabled for calendaring but may be used in ACLs"
+ % (recordType, recordShortName), system="OpenDirectoryService"
+ )
+ enabledForCalendaring = False
+
+ def invalidRecord():
+ logging.err(
+ "Directory (incorrectly) returned a record with no applicable "
+ "ServicesLocator attribute: (%s) %s"
+ % (recordType, recordShortName), system="OpenDirectoryService"
+ )
+
+ if servicesLocators:
+ if type(servicesLocators) is str:
+ servicesLocators = (servicesLocators,)
+
+ for locator in servicesLocators:
+ if locator in self.servicetags:
+ break
else:
- logging.err(
- "Directory (incorrectly) returned a record with no ServicesLocator attribute: (%s) %s"
- % (recordType, recordShortName), system="OpenDirectoryService"
- )
+ if allowForACLs():
+ disableForCalendaring()
+ else:
+ invalidRecord()
+ continue
+ else:
+ if allowForACLs():
+ disableForCalendaring()
+ else:
+ invalidRecord()
continue
# Now get useful record info.
@@ -487,7 +513,7 @@
else:
calendarUserAddresses = ()
- # Special case for groups.
+ # Special case for groups, which have members.
if recordType == DirectoryService.recordType_groups:
memberGUIDs = value.get(dsattributes.kDSNAttrGroupMembers)
if memberGUIDs is None:
@@ -526,9 +552,6 @@
proxyGUIDs = proxyGUIDs,
)
- del recordShortName
- del recordGUID
-
def disableRecord(record):
logging.warn("Record disabled due to conflict: %s" % (record,), system="OpenDirectoryService")
@@ -654,10 +677,13 @@
query = dsquery.expression(dsquery.expression.OR, guidQueries)
#
- # For groups, we'll load all entries, even if they don't
- # have a services locator for this server.
+ # For users and groups, we'll load all entries, even if
+ # they don't have a services locator for this server.
#
- elif recordType != DirectoryService.recordType_groups:
+ elif (
+ recordType != DirectoryService.recordType_users and
+ recordType != DirectoryService.recordType_groups
+ ):
tag_queries = []
for tag in self.servicetags:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20080221/f2941ac3/attachment.html
More information about the calendarserver-changes
mailing list