[CalendarServer-changes] [7307] CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py
source_changes at macosforge.org
source_changes at macosforge.org
Fri Apr 8 15:22:18 PDT 2011
Revision: 7307
http://trac.macosforge.org/projects/calendarserver/changeset/7307
Author: sagen at apple.com
Date: 2011-04-08 15:22:17 -0700 (Fri, 08 Apr 2011)
Log Message:
-----------
When restrictTo group is in effect, don't apply that restriction to groups returned via principal-property-search.
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py
Modified: CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py 2011-04-08 21:06:22 UTC (rev 7306)
+++ CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py 2011-04-08 22:22:17 UTC (rev 7307)
@@ -412,12 +412,6 @@
recordGUID = value.get(dsattributes.kDS1AttrGeneratedUID)
- # Skip if group restriction is in place and guid is not
- # a member
- if self.restrictedGUIDs is not None:
- if str(recordGUID) not in self.restrictedGUIDs:
- continue
-
recordType = value.get(dsattributes.kDSNAttrRecordType)
if isinstance(recordType, list):
recordType = recordType[0]
@@ -425,6 +419,13 @@
continue
recordType = self._fromODRecordTypes[recordType]
+ # Skip if group restriction is in place and guid is not
+ # a member (but don't skip any groups)
+ if (recordType != self.recordType_groups and
+ self.restrictedGUIDs is not None):
+ if str(recordGUID) not in self.restrictedGUIDs:
+ continue
+
recordAuthIDs = self._setFromAttribute(
value.get(dsattributes.kDSNAttrAltSecurityIdentities))
recordFullName = value.get(
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20110408/bce32a3a/attachment-0001.html>
More information about the calendarserver-changes
mailing list