[CalendarServer-changes] [3799] CalendarServer/trunk/calendarserver/provision

source_changes at macosforge.org source_changes at macosforge.org
Thu Mar 5 19:40:43 PST 2009 

Revision: 3799
          http://trac.macosforge.org/projects/calendarserver/changeset/3799
Author:   cdaboo at apple.com
Date:     2009-03-05 19:40:42 -0800 (Thu, 05 Mar 2009)
Log Message:
-----------
Fix bad SACL/response cache interaction.

Modified Paths:
--------------
    CalendarServer/trunk/calendarserver/provision/root.py
    CalendarServer/trunk/calendarserver/provision/test/test_root.py

Modified: CalendarServer/trunk/calendarserver/provision/root.py
===================================================================
--- CalendarServer/trunk/calendarserver/provision/root.py	2009-03-05 22:48:52 UTC (rev 3798)
+++ CalendarServer/trunk/calendarserver/provision/root.py	2009-03-06 03:40:42 UTC (rev 3799)
@@ -125,7 +125,16 @@
 
         # Figure out the "username" from the davxml.Principal object
         request.checkingSACL = True
-        principal = (yield request.locateResource(authzUser.children[0].children[0].data))
+
+        for collection in self.principalCollections():
+            principal = collection._principalForURI(authzUser.children[0].children[0].data)
+            if principal is None:
+                response = (yield UnauthorizedResponse.makeResponse(
+                    request.credentialFactories,
+                    request.remoteAddr
+                ))
+                raise HTTPError(response)
+
         delattr(request, "checkingSACL")
         username = principal.record.shortNames[0]
 
@@ -201,7 +210,7 @@
                             "Your client software (%s) is not allowed to access this service." % (agent,)
                         ))
 
-        if request.method == "PROPFIND" and not getattr(request, "notInCache", False):
+        if request.method == "PROPFIND" and not getattr(request, "notInCache", False) and len(segments) > 1:
             try:
                 authnUser, authzUser = (yield self.authenticate(request))
                 request.authnUser = authnUser

Modified: CalendarServer/trunk/calendarserver/provision/test/test_root.py
===================================================================
--- CalendarServer/trunk/calendarserver/provision/test/test_root.py	2009-03-05 22:48:52 UTC (rev 3798)
+++ CalendarServer/trunk/calendarserver/provision/test/test_root.py	2009-03-06 03:40:42 UTC (rev 3799)
@@ -1,5 +1,5 @@
 ##
-# Copyright (c) 2005-2007 Apple Inc. All rights reserved.
+# Copyright (c) 2005-2009 Apple Inc. All rights reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -76,6 +76,8 @@
 
         self.site = server.Site(self.root)
 
+class SACLTests(RootTests):
+    
     @inlineCallbacks
     def test_noSacls(self):
         """
@@ -244,3 +246,71 @@
             headers=http_headers.Headers({"Destination":"/copy/"})
         )
         return self.send(request, do_test)
+
+class SACLCacheTests(RootTests):
+    
+    class StubResponseCacheResource(object):
+        def __init__(self):
+            self.cache = {}
+            self.responseCache = self
+    
+
+        def getResponseForRequest(self, request):
+            if str(request) in self.cache:
+                return self.cache[str(request)]
+    
+    
+        def cacheResponseForRequest(self, request, response):
+            self.cache[str(request)] = response
+            return response
+
+    def setUp(self):
+        super(SACLCacheTests, self).setUp()
+        self.root.resource.responseCache = SACLCacheTests.StubResponseCacheResource()
+
+    @inlineCallbacks
+    def test_PROPFIND(self):
+        self.root.resource.useSacls = True
+
+        body = """<?xml version="1.0" encoding="utf-8" ?>
+<D:propfind xmlns:D="DAV:">
+<D:prop>
+<D:getetag/>
+<D:displayname/>
+</D:prop>
+</D:propfind>
+"""
+
+        request = SimpleRequest(
+            self.site,
+            "PROPFIND",
+            "/principals/users/dreid/",
+            headers=http_headers.Headers({
+                    'Authorization': ['basic', '%s' % ('dreid:dierd'.encode('base64'),)],
+                    'Content-Type': 'application/xml; charset="utf-8"',
+                    'Depth':'1',
+            }),
+            content=body
+        )
+
+        response = (yield self.send(request, None))
+        print response
+        if response.code != responsecode.MULTI_STATUS:
+            self.fail("Incorrect response for PROPFIND /principals/: %s" % (response.code,))
+
+        request = SimpleRequest(
+            self.site,
+            "PROPFIND",
+            "/principals/users/dreid/",
+            headers=http_headers.Headers({
+                    'Authorization': ['basic', '%s' % ('dreid:dierd'.encode('base64'),)],
+                    'Content-Type': 'application/xml; charset="utf-8"',
+                    'Depth':'1',
+            }),
+            content=body
+        )
+
+        response = (yield self.send(request, None))
+        print response
+        if response.code != responsecode.MULTI_STATUS:
+            self.fail("Incorrect response for PROPFIND /principals/: %s" % (response.code,))
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090305/cebac710/attachment-0001.html>

More information about the calendarserver-changes mailing list