[CalendarServer-changes] [6810] CalendarServer/trunk/twistedcaldav/storebridge.py
source_changes at macosforge.org
source_changes at macosforge.org
Wed Jan 26 10:22:18 PST 2011
Revision: 6810
http://trac.macosforge.org/projects/calendarserver/changeset/6810
Author: cdaboo at apple.com
Date: 2011-01-26 10:22:17 -0800 (Wed, 26 Jan 2011)
Log Message:
-----------
Allow sharees access to dropboxes of shared resources.
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/storebridge.py
Modified: CalendarServer/trunk/twistedcaldav/storebridge.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/storebridge.py 2011-01-26 18:21:10 UTC (rev 6809)
+++ CalendarServer/trunk/twistedcaldav/storebridge.py 2011-01-26 18:22:17 UTC (rev 6810)
@@ -959,10 +959,68 @@
TwistedACLInheritable(),
))
+ # Now also need invitees
+ newACEs.extend((yield self.sharedDropboxACEs()))
+
returnValue(davxml.ACL(*tuple(originalACEs + newACEs)))
+ @inlineCallbacks
+ def sharedDropboxACEs(self):
+ aces = ()
+ records = yield self._newStoreCalendarObject._parentCollection.retrieveOldInvites().allRecords()
+ for record in records:
+ # Invite shares use access mode from the invite
+ if record.state != "ACCEPTED":
+ continue
+
+ userprivs = [
+ ]
+ if record.access in ("read-only", "read-write", "read-write-schedule",):
+ userprivs.append(davxml.Privilege(davxml.Read()))
+ userprivs.append(davxml.Privilege(davxml.ReadACL()))
+ userprivs.append(davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()))
+ if record.access in ("read-only",):
+ userprivs.append(davxml.Privilege(davxml.WriteProperties()))
+ if record.access in ("read-write", "read-write-schedule",):
+ userprivs.append(davxml.Privilege(davxml.Write()))
+ proxyprivs = list(userprivs)
+ proxyprivs.remove(davxml.Privilege(davxml.ReadACL()))
+ aces += (
+ # Inheritable specific access for the resource's associated principal.
+ davxml.ACE(
+ davxml.Principal(davxml.HRef(record.principalURL)),
+ davxml.Grant(*userprivs),
+ davxml.Protected(),
+ TwistedACLInheritable(),
+ ),
+ )
+
+ if config.EnableProxyPrincipals:
+ aces += (
+ # DAV:read/DAV:read-current-user-privilege-set access for this principal's calendar-proxy-read users.
+ davxml.ACE(
+ davxml.Principal(davxml.HRef(joinURL(record.principalURL, "calendar-proxy-read/"))),
+ davxml.Grant(
+ davxml.Privilege(davxml.Read()),
+ davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
+ ),
+ davxml.Protected(),
+ TwistedACLInheritable(),
+ ),
+ # DAV:read/DAV:read-current-user-privilege-set/DAV:write access for this principal's calendar-proxy-write users.
+ davxml.ACE(
+ davxml.Principal(davxml.HRef(joinURL(record.principalURL, "calendar-proxy-write/"))),
+ davxml.Grant(*proxyprivs),
+ davxml.Protected(),
+ TwistedACLInheritable(),
+ ),
+ )
+
+ returnValue(aces)
+
+
class CalendarAttachment(_NewStoreFileMetaDataHelper, _GetChildHelper):
def __init__(self, calendarObject, attachment, attachmentName, **kw):
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20110126/7f237833/attachment.html>
More information about the calendarserver-changes
mailing list