[CalendarServer-changes] [3155] CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav

source_changes at macosforge.org source_changes at macosforge.org
Wed Oct 15 16:29:17 PDT 2008


Revision: 3155
          http://trac.macosforge.org/projects/calendarserver/changeset/3155
Author:   sagen at apple.com
Date:     2008-10-15 16:29:16 -0700 (Wed, 15 Oct 2008)
Log Message:
-----------
Checkpoint of work in progress

Modified Paths:
--------------
    CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/config.py
    CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/directory/calendar.py
    CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/root.py
    CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/tap.py

Added Paths:
-----------
    CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/directory/wiki.py

Modified: CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/config.py
===================================================================
--- CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/config.py	2008-10-15 23:26:28 UTC (rev 3154)
+++ CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/config.py	2008-10-15 23:29:16 UTC (rev 3155)
@@ -124,7 +124,8 @@
             "Enabled": False,
             "Cookie": "sessionID",
             "URL": "http://127.0.0.1/RPC2",
-            "method": "userForSession",
+            "UserMethod": "userForSession",
+            "WikiMethod": "accessLevelForUserWikiCalendar",
         },
     },
 

Modified: CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/directory/calendar.py
===================================================================
--- CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/directory/calendar.py	2008-10-15 23:26:28 UTC (rev 3154)
+++ CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/directory/calendar.py	2008-10-15 23:29:16 UTC (rev 3155)
@@ -27,7 +27,7 @@
     "DirectoryCalendarHomeResource",
 ]
 
-from twisted.internet.defer import succeed
+from twisted.internet.defer import succeed, inlineCallbacks, returnValue
 from twisted.web2 import responsecode
 from twisted.web2.dav import davxml
 from twisted.web2.http import HTTPError
@@ -42,6 +42,7 @@
 from twistedcaldav.resource import CalDAVResource
 from twistedcaldav.schedule import ScheduleInboxResource, ScheduleOutboxResource
 from twistedcaldav.directory.idirectory import IDirectoryService
+from twistedcaldav.directory.wiki import WikiDirectoryService, getWikiACL
 from twistedcaldav.directory.resource import AutoProvisioningResourceMixIn
 
 # Use __underbars__ convention to avoid conflicts with directory resource types.
@@ -410,10 +411,27 @@
 
         return davxml.ACL(*aces)
 
+    @inlineCallbacks
     def accessControlList(self, request, inheritance=True, expanding=False, inherited_aces=None):
-        # Permissions here are fixed, and are not subject to inherritance rules, etc.
-        return succeed(self.defaultAccessControlList())
 
+        # If this is a wiki-related resource, ACL depends on wiki server:
+        if self.record.recordType == WikiDirectoryService.recordType_wikis:
+
+            if hasattr(request, 'wikiACL'):
+                # We've already looked up wikiACL during this request
+                returnValue(request.wikiACL)
+
+            # query the wiki server
+            # import pdb; pdb.set_trace()
+            request.wikiACL = yield (getWikiACL(request, request.wikiUser,
+                self.record.shortName))
+
+            returnValue(request.wikiACL)
+
+        # ...otherwise permissions are fixed, and are not subject to
+        # inheritance rules, etc.
+        returnValue(self.defaultAccessControlList())
+
     def principalCollections(self):
         return self.parent.principalCollections()
 

Added: CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/directory/wiki.py
===================================================================
--- CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/directory/wiki.py	                        (rev 0)
+++ CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/directory/wiki.py	2008-10-15 23:29:16 UTC (rev 3155)
@@ -0,0 +1,163 @@
+##
+# Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+"""
+Directory service implementation for users who are allowed to authorize
+as other principals.
+"""
+
+__all__ = [
+    "WikiDirectoryService",
+]
+
+from twisted.python.filepath import FilePath
+from twisted.web2.dav import davxml
+from twisted.web.xmlrpc import Proxy
+from twisted.web2.http import HTTPError, StatusResponse
+
+from twistedcaldav.config import config
+from twistedcaldav.py.plistlib import readPlist
+from twistedcaldav.directory.directory import (DirectoryService,
+                                               DirectoryRecord,
+                                               UnknownRecordTypeError)
+
+class WikiDirectoryService(DirectoryService):
+    """
+    L{IDirectoryService} implementation for Wikis.
+    """
+    baseGUID = "d79ef1e0-9a42-11dd-ad8b-0800200c9a66"
+
+    realmName = None
+
+    recordType_wikis = "wikis"
+
+
+    def __repr__(self):
+        return "<%s %r>" % (self.__class__.__name__, self.realmName)
+
+    def __init__(self):
+        super(WikiDirectoryService, self).__init__()
+        self.byGUID = {}
+        self.byShortName = {}
+
+    def recordTypes(self):
+        return (WikiDirectoryService.recordType_wikis,)
+
+    def listRecords(self, recordType):
+        return []
+
+    def recordWithShortName(self, recordType, shortName):
+        if recordType != WikiDirectoryService.recordType_wikis:
+            raise UnknownRecordTypeError(recordType)
+
+        if self.byShortName.has_key(shortName):
+            return self.byShortName[shortName]
+
+        record = WikiDirectoryRecord(
+            self,
+            WikiDirectoryService.recordType_wikis,
+            shortName,
+            None
+        )
+        self.log_info("Returning wiki record with GUID %s" % (record.guid,))
+        self.byGUID[record.guid] = record
+        self.byShortName[shortName] = record
+        return record
+
+    def recordWithGUID(self, guid):
+        return self.byGUID.get(guid, None)
+
+
+
+class WikiDirectoryRecord(DirectoryRecord):
+    """
+    L{DirectoryRecord} implementation for Wikis.
+    """
+
+    def __init__(self, service, recordType, shortName, entry):
+        super(WikiDirectoryRecord, self).__init__(
+            service=service,
+            recordType=recordType,
+            guid=None,
+            shortName=shortName,
+            fullName=shortName,
+            firstName="",
+            lastName="",
+            emailAddresses=set(),
+            calendarUserAddresses=set(),
+            autoSchedule=False,
+            enabledForCalendaring=True)
+
+
+    def verifyCredentials(self, credentials):
+        import pdb; pdb.set_trace()
+        if IUsernamePassword.providedBy(credentials):
+            return credentials.checkPassword(self.password)
+        elif IUsernameHashedPassword.providedBy(credentials):
+            return credentials.checkPassword(self.password)
+
+        return super(WikiDirectoryRecord, self).verifyCredentials(credentials)
+
+
+def getWikiACL(request, userID, wikiID):
+
+    def wikiACLSuccess(access):
+        import pdb; pdb.set_trace()
+
+        if access == "read":
+            return davxml.ACL(
+                (
+                    davxml.ACE(
+                        request.authnUser,
+                        davxml.Grant(
+                            davxml.Privilege(davxml.Read()),
+                        ),
+                    ),
+                )
+            )
+
+        elif access in ("write", "admin"):
+            return davxml.ACL(
+                (
+                    davxml.ACE(
+                        request.authnUser,
+                        davxml.Grant(
+                            davxml.Privilege(davxml.Read()),
+                        ),
+                    ),
+                    davxml.ACE(
+                        request.authnUser,
+                        davxml.Grant(
+                            davxml.Privilege(davxml.Write()),
+                        ),
+                    ),
+                )
+            )
+        else:
+            return davxml.ACL( )
+
+    def wikiACLFailure(error):
+        if error.value.faultCode == 12:
+            raise HTTPError(StatusResponse(404, error.value.faultString))
+
+        return davxml.ACL( )
+
+    wikiConfig = config.Authentication["Wiki"]
+
+    proxy = Proxy(wikiConfig["URL"])
+    d = proxy.callRemote(wikiConfig["WikiMethod"], userID, wikiID).addCallbacks(
+        wikiACLSuccess, wikiACLFailure)
+    return d

Modified: CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/root.py
===================================================================
--- CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/root.py	2008-10-15 23:26:28 UTC (rev 3154)
+++ CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/root.py	2008-10-15 23:29:16 UTC (rev 3155)
@@ -183,6 +183,7 @@
                 ))
             request.authnUser = request.authzUser = davxml.Principal(
                 davxml.HRef.fromString("/principals/__uids__/%s/" % (record.guid,)))
+            request.wikiUser = username
 
         def invalidSessionID(error):
             raise HTTPError(StatusResponse(
@@ -202,13 +203,17 @@
 
             if token is not None:
                 proxy = Proxy(wikiConfig["URL"])
-                d = proxy.callRemote(wikiConfig["method"], token).addCallbacks(
-                    validSessionID, invalidSessionID)
+                d = proxy.callRemote(wikiConfig["UserMethod"],
+                    token).addCallbacks(validSessionID, invalidSessionID)
                 d.addCallback(lambda _: super(RootResource, self
                                               ).locateChild(request, segments))
                 return d
 
+        # TODO: REMOVE!!!!!
+        validSessionID("sagen")
+        return super(RootResource, self).locateChild(request, segments)
 
+
         if self.useSacls and not hasattr(request, "checkedSACL") and not hasattr(request, "checkingSACL"):
             d = self.checkSacl(request)
             d.addCallback(lambda _: super(RootResource, self

Modified: CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/tap.py
===================================================================
--- CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/tap.py	2008-10-15 23:26:28 UTC (rev 3154)
+++ CalendarServer/branches/users/sagen/wikitype-3152/twistedcaldav/tap.py	2008-10-15 23:29:16 UTC (rev 3155)
@@ -51,6 +51,7 @@
 from twistedcaldav.directory.principal import DirectoryPrincipalProvisioningResource
 from twistedcaldav.directory.aggregate import AggregateDirectoryService
 from twistedcaldav.directory.sudo import SudoDirectoryService
+from twistedcaldav.directory.wiki import WikiDirectoryService
 from twistedcaldav.static import CalendarHomeProvisioningFile
 from twistedcaldav.static import IScheduleInboxFile
 from twistedcaldav.static import TimezoneServiceFile
@@ -455,6 +456,7 @@
         #
         directories = []
 
+
         directoryClass = namedClass(config.DirectoryService["type"])
 
         log.info("Configuring directory service of type: %s"
@@ -479,12 +481,19 @@
             log.info("Not using SudoDirectoryService; file doesn't exist: %s"
                      % (config.SudoersFile,))
 
+        # TODO: make this configurable
+        wikiDirectory = WikiDirectoryService()
+        wikiDirectory.realmName = baseDirectory.realmName
+        directories.append(wikiDirectory)
+
+
         directory = AggregateDirectoryService(directories)
 
         if sudoDirectory:
             directory.userRecordTypes.insert(0,
                 SudoDirectoryService.recordType_sudoers)
 
+
         #
         # Configure Memcached Client Pool
         #
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20081015/3b1a3401/attachment-0001.html 


More information about the calendarserver-changes mailing list