[CalendarServer-changes] [4057] CalendarServer/branches/users/sagen/wikiauth-4053

[source_changes at macosforge.org]

Revision: 4057
          http://trac.macosforge.org/projects/calendarserver/changeset/4057
Author:   sagen at apple.com
Date:     2009-04-22 08:28:53 -0700 (Wed, 22 Apr 2009)
Log Message:
-----------
When a non-calendar-enabled user accesses a wiki, the authzUser becomes the wiki principal

Modified Paths:
--------------
    CalendarServer/branches/users/sagen/wikiauth-4053/calendarserver/provision/root.py
    CalendarServer/branches/users/sagen/wikiauth-4053/twistedcaldav/directory/wiki.py

Modified: CalendarServer/branches/users/sagen/wikiauth-4053/calendarserver/provision/root.py
===================================================================
--- CalendarServer/branches/users/sagen/wikiauth-4053/calendarserver/provision/root.py	2009-04-22 03:40:46 UTC (rev 4056)
+++ CalendarServer/branches/users/sagen/wikiauth-4053/calendarserver/provision/root.py	2009-04-22 15:28:53 UTC (rev 4057)
@@ -203,14 +203,16 @@
 
                     if not isinstance(principal, DirectoryCalendarPrincipalResource):
                         # Not enabled for calendaring, so use the wiki principal as authzUser if the resource is within
-                        # a wiki.  Examining the segments to determine this:
-                        if len(segments) > 2 and segments[0] in ("principals", "calendars"):
+                        # a wiki.  Examining the request path to determine this:
+                        path = request.prepath
+                        if len(path) > 2 and path[0] in ("principals", "calendars"):
                             wikiName = None
-                            if segments[1] == "wikis":
-                                wikiName = segments[2]
-                            elif segments[1] == "__uids__" and segments[2].startswith("wiki-"):
-                                wikiName = segments[2][5:]
+                            if path[1] == "wikis":
+                                wikiName = path[2]
+                            elif path[1] == "__uids__" and path[2].startswith("wiki-"):
+                                wikiName = path[2][5:]
                             if wikiName:
+                                log.debug("Using %s wiki as authzUser instead of %s" % (wikiName, username))
                                 request.authzUser = davxml.Principal(
                                     davxml.HRef.fromString("/principals/wikis/%s/" % (wikiName,))
                                 )

Modified: CalendarServer/branches/users/sagen/wikiauth-4053/twistedcaldav/directory/wiki.py
===================================================================
--- CalendarServer/branches/users/sagen/wikiauth-4053/twistedcaldav/directory/wiki.py	2009-04-22 03:40:46 UTC (rev 4056)
+++ CalendarServer/branches/users/sagen/wikiauth-4053/twistedcaldav/directory/wiki.py	2009-04-22 15:28:53 UTC (rev 4057)
@@ -167,7 +167,7 @@
         if access == "read":
             request.wikiACL =   davxml.ACL(
                                     davxml.ACE(
-                                        request.authzUser,
+                                        request.authnUser,
                                         davxml.Grant(
                                             davxml.Privilege(davxml.Read()),
                                         ),
@@ -188,14 +188,14 @@
         elif access in ("write", "admin"):
             request.wikiACL =   davxml.ACL(
                                     davxml.ACE(
-                                        request.authzUser,
+                                        request.authnUser,
                                         davxml.Grant(
                                             davxml.Privilege(davxml.Read()),
                                         ),
                                         TwistedACLInheritable(),
                                     ),
                                     davxml.ACE(
-                                        request.authzUser,
+                                        request.authnUser,
                                         davxml.Grant(
                                             davxml.Privilege(davxml.Write()),
                                         ),
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090422/d2965d07/attachment.html>