[CalendarServer-changes] [5509] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Thu Apr 22 15:19:08 PDT 2010
Revision: 5509
http://trac.macosforge.org/projects/calendarserver/changeset/5509
Author: sagen at apple.com
Date: 2010-04-22 15:19:07 -0700 (Thu, 22 Apr 2010)
Log Message:
-----------
Don't return a 403 when the username is unknown, return a 401.
Modified Paths:
--------------
CalendarServer/trunk/twext/web2/dav/resource.py
CalendarServer/trunk/twistedcaldav/extensions.py
Modified: CalendarServer/trunk/twext/web2/dav/resource.py
===================================================================
--- CalendarServer/trunk/twext/web2/dav/resource.py 2010-04-22 22:17:18 UTC (rev 5508)
+++ CalendarServer/trunk/twext/web2/dav/resource.py 2010-04-22 22:19:07 UTC (rev 5509)
@@ -974,6 +974,10 @@
# Try to match principals in each principal collection
# on the resource
def gotDetails(details, creds):
+ if details == (None, None):
+ log.msg("Could not find the principal resource for user id: %s" % (creds.username,))
+ raise HTTPError(responsecode.UNAUTHORIZED)
+
authnPrincipal = IDAVPrincipalResource(details[0])
authzPrincipal = IDAVPrincipalResource(details[1])
return PrincipalCredentials(
@@ -1549,9 +1553,7 @@
authnPrincipal = self.findPrincipalForAuthID(authid)
if authnPrincipal is None:
- log.msg("Could not find the principal resource for user id: %s"
- % (authid,))
- raise HTTPError(responsecode.FORBIDDEN)
+ return succeed((None, None))
d = self.authorizationPrincipal(request, authid, authnPrincipal)
d.addCallback(lambda authzPrincipal: (authnPrincipal, authzPrincipal))
Modified: CalendarServer/trunk/twistedcaldav/extensions.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/extensions.py 2010-04-22 22:17:18 UTC (rev 5508)
+++ CalendarServer/trunk/twistedcaldav/extensions.py 2010-04-22 22:19:07 UTC (rev 5509)
@@ -131,6 +131,10 @@
# Try to match principals in each principal collection on the resource
authnPrincipal, authzPrincipal = (yield self.principalsForAuthID(request, creds))
+ if (authnPrincipal, authzPrincipal) == (None, None):
+ log.info("Could not find the principal resource for user id: %s" % (creds.username,))
+ raise HTTPError(responsecode.UNAUTHORIZED)
+
authnPrincipal = IDAVPrincipalResource(authnPrincipal)
authzPrincipal = IDAVPrincipalResource(authzPrincipal)
@@ -169,9 +173,7 @@
authnPrincipal = self.findPrincipalForAuthID(creds)
if authnPrincipal is None:
- log.info("Could not find the principal resource for user id: %s"
- % (creds.username,))
- raise HTTPError(responsecode.FORBIDDEN)
+ return succeed((None, None))
d = self.authorizationPrincipal(request, creds.username, authnPrincipal)
d.addCallback(lambda authzPrincipal: (authnPrincipal, authzPrincipal))
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20100422/a406e9ee/attachment-0001.html>
More information about the calendarserver-changes
mailing list