[CalendarServer-changes] [4510] CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav
source_changes at macosforge.org
source_changes at macosforge.org
Wed Aug 26 13:26:23 PDT 2009
Revision: 4510
http://trac.macosforge.org/projects/calendarserver/changeset/4510
Author: cdaboo at apple.com
Date: 2009-08-26 13:26:23 -0700 (Wed, 26 Aug 2009)
Log Message:
-----------
Handle proper privilege checking for a partitioned free-busy request.
Modified Paths:
--------------
CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/method/report_common.py
CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/scheduling/caldav.py
CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/scheduling/processing.py
Modified: CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/method/report_common.py
===================================================================
--- CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/method/report_common.py 2009-08-26 19:08:10 UTC (rev 4509)
+++ CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/method/report_common.py 2009-08-26 20:26:23 UTC (rev 4510)
@@ -290,7 +290,7 @@
@inlineCallbacks
def generateFreeBusyInfo(request, calresource, fbinfo, timerange, matchtotal,
- excludeuid=None, organizer=None, same_calendar_user=False,
+ excludeuid=None, organizer=None, organizerPrincipal=None, same_calendar_user=False,
servertoserver=False):
"""
Run a free busy report on the specified calendar collection
@@ -313,7 +313,7 @@
# TODO: for server-to-server we bypass this right now as we have no way to authorize external users.
if not servertoserver:
try:
- yield calresource.checkPrivileges(request, (caldavxml.ReadFreeBusy(),))
+ yield calresource.checkPrivileges(request, (caldavxml.ReadFreeBusy(),), principal=organizerPrincipal)
except AccessDeniedError:
returnValue(matchtotal)
@@ -371,7 +371,7 @@
# TODO: for server-to-server we bypass this right now as we have no way to authorize external users.
if not servertoserver:
try:
- yield child.checkPrivileges(request, (caldavxml.ReadFreeBusy(),), inherited_aces=filteredaces)
+ yield child.checkPrivileges(request, (caldavxml.ReadFreeBusy(),), inherited_aces=filteredaces, principal=organizerPrincipal)
except AccessDeniedError:
continue
Modified: CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/scheduling/caldav.py
===================================================================
--- CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/scheduling/caldav.py 2009-08-26 19:08:10 UTC (rev 4509)
+++ CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/scheduling/caldav.py 2009-08-26 20:26:23 UTC (rev 4510)
@@ -38,7 +38,8 @@
from twistedcaldav.log import Logger
from twistedcaldav.method import report_common
from twistedcaldav.resource import isCalendarCollectionResource
-from twistedcaldav.scheduling.cuaddress import LocalCalendarUser, RemoteCalendarUser
+from twistedcaldav.scheduling.cuaddress import LocalCalendarUser, RemoteCalendarUser,\
+ PartitionedCalendarUser
from twistedcaldav.scheduling.delivery import DeliveryService
from twistedcaldav.scheduling.itip import iTIPRequestStatus
from twistedcaldav.scheduling.processing import ImplicitProcessor, ImplicitProcessorException
@@ -96,14 +97,18 @@
organizerProp = self.scheduler.calendar.getOrganizerProperty()
uid = self.scheduler.calendar.resourceUID()
+ organizerPrincipal = None
+ if type(self.scheduler.organizer) in (LocalCalendarUser, PartitionedCalendarUser,):
+ organizerPrincipal = davxml.Principal(davxml.HRef(self.scheduler.organizer.principal.principalURL()))
+
for recipient in self.recipients:
#
# Check access controls
#
- if isinstance(self.scheduler.organizer, LocalCalendarUser):
+ if organizerPrincipal:
try:
- yield recipient.inbox.checkPrivileges(self.scheduler.request, (caldavxml.ScheduleDeliver(),), principal=davxml.Principal(davxml.HRef(self.scheduler.organizer.principal.principalURL())))
+ yield recipient.inbox.checkPrivileges(self.scheduler.request, (caldavxml.ScheduleDeliver(),), principal=organizerPrincipal)
except AccessDeniedError:
log.err("Could not access Inbox for recipient: %s" % (recipient.cuaddr,))
err = HTTPError(ErrorResponse(responsecode.NOT_FOUND, (caldav_namespace, "recipient-permissions")))
@@ -120,7 +125,7 @@
# Different behavior for free-busy vs regular invite
if self.freebusy:
- yield self.generateFreeBusyResponse(recipient, self.responses, organizerProp, uid)
+ yield self.generateFreeBusyResponse(recipient, self.responses, organizerProp, organizerPrincipal, uid)
else:
yield self.generateResponse(recipient, self.responses)
@@ -137,7 +142,7 @@
# Do implicit scheduling message processing.
try:
processor = ImplicitProcessor()
- processed, autoprocessed, changes = (yield processor.doImplicitProcessing(
+ _ignore_processed, autoprocessed, changes = (yield processor.doImplicitProcessing(
self.scheduler.request,
self.scheduler.calendar,
self.scheduler.originator,
@@ -189,7 +194,7 @@
returnValue(True)
@inlineCallbacks
- def generateFreeBusyResponse(self, recipient, responses, organizerProp, uid):
+ def generateFreeBusyResponse(self, recipient, responses, organizerProp, organizerPrincipal, uid):
# Extract the ATTENDEE property matching current recipient from the calendar data
cuas = recipient.principal.calendarUserAddresses()
@@ -201,6 +206,7 @@
fbresult = (yield self.generateAttendeeFreeBusyResponse(
recipient,
organizerProp,
+ organizerPrincipal,
uid,
attendeeProp,
remote,
@@ -215,7 +221,7 @@
returnValue(True)
@inlineCallbacks
- def generateAttendeeFreeBusyResponse(self, recipient, organizerProp, uid, attendeeProp, remote):
+ def generateAttendeeFreeBusyResponse(self, recipient, organizerProp, organizerPrincipal, uid, attendeeProp, remote):
# Find the current recipients calendar-free-busy-set
fbset = (yield recipient.principal.calendarFreeBusyURIs(self.scheduler.request))
@@ -254,8 +260,9 @@
matchtotal,
excludeuid = self.scheduler.excludeUID,
organizer = self.scheduler.organizer.cuaddr,
+ organizerPrincipal = organizerPrincipal,
same_calendar_user = same_calendar_user,
- servertoserver=remote
+ servertoserver=remote,
))
# Build VFREEBUSY iTIP reply for this recipient
Modified: CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/scheduling/processing.py
===================================================================
--- CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/scheduling/processing.py 2009-08-26 19:08:10 UTC (rev 4509)
+++ CalendarServer/branches/users/cdaboo/partition-4464/twistedcaldav/scheduling/processing.py 2009-08-26 20:26:23 UTC (rev 4510)
@@ -487,7 +487,7 @@
tr.start = makeTimedUTC(instance.start)
tr.end = makeTimedUTC(instance.end)
- yield report_common.generateFreeBusyInfo(self.request, testcal, fbinfo, tr, 0, uid)
+ yield report_common.generateFreeBusyInfo(self.request, testcal, fbinfo, tr, 0, uid, servertoserver=True)
# If any fbinfo entries exist we have an overlap
if len(fbinfo[0]) or len(fbinfo[1]) or len(fbinfo[2]):
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090826/94f2919b/attachment-0001.html>
More information about the calendarserver-changes
mailing list