[CalendarServer-changes] [7536] CalendarServer/trunk

source_changes at macosforge.org source_changes at macosforge.org
Fri May 27 09:03:42 PDT 2011


Revision: 7536
          http://trac.macosforge.org/projects/calendarserver/changeset/7536
Author:   sagen at apple.com
Date:     2011-05-27 09:03:40 -0700 (Fri, 27 May 2011)
Log Message:
-----------
enabledForLogin now comes from augments (although it comes from LDAP when using that directory service)

Also checking in some pyflakes import cleanup.

Modified Paths:
--------------
    CalendarServer/trunk/calendarserver/tap/util.py
    CalendarServer/trunk/calendarserver/tools/principals.py
    CalendarServer/trunk/calendarserver/tools/resources.py
    CalendarServer/trunk/calendarserver/tools/test/test_gateway.py
    CalendarServer/trunk/calendarserver/tools/test/test_resources.py
    CalendarServer/trunk/calendarserver/tools/util.py
    CalendarServer/trunk/conf/caldavd-test.plist
    CalendarServer/trunk/contrib/certupdate/calendarcertupdate.py
    CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py
    CalendarServer/trunk/twistedcaldav/directory/augment.py
    CalendarServer/trunk/twistedcaldav/directory/directory.py
    CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
    CalendarServer/trunk/twistedcaldav/directory/principal.py
    CalendarServer/trunk/twistedcaldav/directory/test/augments-test-default.xml
    CalendarServer/trunk/twistedcaldav/directory/test/augments-test.xml
    CalendarServer/trunk/twistedcaldav/directory/test/test_augment.py
    CalendarServer/trunk/twistedcaldav/directory/wiki.py
    CalendarServer/trunk/twistedcaldav/directory/xmlaugmentsparser.py
    CalendarServer/trunk/twistedcaldav/directory/xmlfile.py
    CalendarServer/trunk/twistedcaldav/stdconfig.py

Modified: CalendarServer/trunk/calendarserver/tap/util.py
===================================================================
--- CalendarServer/trunk/calendarserver/tap/util.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/calendarserver/tap/util.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -45,7 +45,7 @@
 from twisted.python.reflect import namedClass
 
 from twistedcaldav.bind import doBind
-from twistedcaldav.directory import augment, calendaruserproxy
+from twistedcaldav.directory import calendaruserproxy
 from twistedcaldav.directory.addressbook import DirectoryAddressBookHomeProvisioningResource
 from twistedcaldav.directory.aggregate import AggregateDirectoryService
 from twistedcaldav.directory.calendar import DirectoryCalendarHomeProvisioningResource

Modified: CalendarServer/trunk/calendarserver/tools/principals.py
===================================================================
--- CalendarServer/trunk/calendarserver/tools/principals.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/calendarserver/tools/principals.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -35,7 +35,6 @@
 
 from twistedcaldav.config import config, ConfigurationError
 from twistedcaldav.directory.directory import UnknownRecordTypeError, DirectoryError
-from twistedcaldav.directory import augment
 
 from calendarserver.tools.util import loadConfig, getDirectory, setupMemcached,  booleanArgument, checkDirectory
 

Modified: CalendarServer/trunk/calendarserver/tools/resources.py
===================================================================
--- CalendarServer/trunk/calendarserver/tools/resources.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/calendarserver/tools/resources.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -26,7 +26,6 @@
 from twisted.internet.defer import inlineCallbacks
 from twisted.python.util import switchUID
 from twistedcaldav.config import config, ConfigurationError
-from twistedcaldav.directory import augment
 from twistedcaldav.directory.appleopendirectory import OpenDirectoryService
 from twistedcaldav.directory.directory import DirectoryService, DirectoryError
 from twistedcaldav.directory.xmlfile import XMLDirectoryService

Modified: CalendarServer/trunk/calendarserver/tools/test/test_gateway.py
===================================================================
--- CalendarServer/trunk/calendarserver/tools/test/test_gateway.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/calendarserver/tools/test/test_gateway.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -27,9 +27,7 @@
 from twistedcaldav.test.util import TestCase, CapturingProcessProtocol
 from calendarserver.tools.util import getDirectory
 
-from twistedcaldav.directory import augment
 
-
 class GatewayTestCase(TestCase):
 
     def setUp(self):

Modified: CalendarServer/trunk/calendarserver/tools/test/test_resources.py
===================================================================
--- CalendarServer/trunk/calendarserver/tools/test/test_resources.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/calendarserver/tools/test/test_resources.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -16,7 +16,6 @@
 
 from calendarserver.tools.resources import migrateResources
 from twisted.internet.defer import inlineCallbacks, succeed
-from twistedcaldav.directory import augment
 from twistedcaldav.directory.directory import DirectoryService
 from twistedcaldav.test.util import TestCase
 

Modified: CalendarServer/trunk/calendarserver/tools/util.py
===================================================================
--- CalendarServer/trunk/calendarserver/tools/util.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/calendarserver/tools/util.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -41,7 +41,7 @@
 
 from twistedcaldav import memcachepool
 from twistedcaldav.config import config, ConfigurationError
-from twistedcaldav.directory import augment, calendaruserproxy
+from twistedcaldav.directory import calendaruserproxy
 from twistedcaldav.directory.aggregate import AggregateDirectoryService
 from twistedcaldav.directory.directory import DirectoryService, DirectoryRecord
 from twistedcaldav.notify import NotifierFactory

Modified: CalendarServer/trunk/conf/caldavd-test.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd-test.plist	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/conf/caldavd-test.plist	2011-05-27 16:03:40 UTC (rev 7536)
@@ -259,6 +259,10 @@
             <string></string>
             <key>recordName</key>
             <string>uid</string>
+            <key>loginEnabledAttr</key>
+            <string>loginEnabled</string>
+            <key>loginEnabledValue</key>
+            <string>yes</string>
           </dict>
           <key>groups</key>
           <dict>

Modified: CalendarServer/trunk/contrib/certupdate/calendarcertupdate.py
===================================================================
--- CalendarServer/trunk/contrib/certupdate/calendarcertupdate.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/contrib/certupdate/calendarcertupdate.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -18,11 +18,10 @@
 # Apple's written consent.
 
 import datetime
-import os
 import subprocess
 import sys
 
-from plistlib import readPlist, readPlistFromString, writePlist
+from plistlib import readPlist, writePlist
 
 LOG = "/var/log/caldavd/certupdate.log"
 SERVICE_NAME = "calendar"

Modified: CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/appleopendirectory.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -33,7 +33,6 @@
 from twext.web2.auth.digest import DigestedCredentials
 
 from twistedcaldav.config import config
-from twistedcaldav.directory import augment
 from twistedcaldav.directory.cachingdirectory import CachingDirectoryService,\
     CachingDirectoryRecord
 from twistedcaldav.directory.directory import DirectoryService, DirectoryRecord
@@ -241,6 +240,7 @@
 
         guids = set()
 
+        self.log_info("Looking up which groups %s is a member of" % (guid,))
         try:
             self.log_debug("opendirectory.queryRecordsWithAttribute_list(%r,%r,%r,%r,%r,%r,%r)" % (
                 self.directory,
@@ -301,6 +301,8 @@
             if recordGUID:
                 guids.add(recordGUID)
 
+        self.log_info("%s is a member of %d groups" % (guid, len(guids)))
+
         return guids
 
     def proxiesForGUID(self, recordType, guid):

Modified: CalendarServer/trunk/twistedcaldav/directory/augment.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/augment.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/augment.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -49,6 +49,7 @@
         enabledForCalendaring=False,
         autoSchedule=False,
         enabledForAddressBooks=False,
+        enabledForLogin=True,
     ):
         self.uid = uid
         self.enabled = enabled
@@ -56,6 +57,7 @@
         self.partitionID = partitionID
         self.enabledForCalendaring = enabledForCalendaring
         self.enabledForAddressBooks = enabledForAddressBooks
+        self.enabledForLogin = enabledForLogin
         self.autoSchedule = autoSchedule
         self.clonedFromDefault = False
 
@@ -114,6 +116,7 @@
             enabled=True,
             enabledForCalendaring=True,
             enabledForAddressBooks=True,
+            enabledForLogin=True,
         )
         self.cachedRecords["Default"] = result
         result = copy.deepcopy(result)
@@ -412,6 +415,7 @@
             addSubElement(recordNode, xmlaugmentsparser.ELEMENT_PARTITIONID, record.partitionID)
         addSubElement(recordNode, xmlaugmentsparser.ELEMENT_ENABLECALENDAR, "true" if record.enabledForCalendaring else "false")
         addSubElement(recordNode, xmlaugmentsparser.ELEMENT_ENABLEADDRESSBOOK, "true" if record.enabledForAddressBooks else "false")
+        addSubElement(recordNode, xmlaugmentsparser.ELEMENT_ENABLELOGIN, "true" if record.enabledForLogin else "false")
         addSubElement(recordNode, xmlaugmentsparser.ELEMENT_AUTOSCHEDULE, "true" if record.autoSchedule else "false")
 
     def refresh(self):
@@ -471,6 +475,7 @@
                 enabled=True,
                 enabledForCalendaring=True,
                 enabledForAddressBooks=True,
+                enabledForLogin=True,
             )
 
         # Compare previously seen modification time and size of each
@@ -523,11 +528,11 @@
         """
         
         # Query for the record information
-        results = (yield self.query("select UID, ENABLED, SERVERID, PARTITIONID, CALENDARING, ADDRESSBOOKS, AUTOSCHEDULE from AUGMENTS where UID = :1", (uid,)))
+        results = (yield self.query("select UID, ENABLED, SERVERID, PARTITIONID, CALENDARING, ADDRESSBOOKS, AUTOSCHEDULE, LOGINENABLED from AUGMENTS where UID = :1", (uid,)))
         if not results:
             returnValue(None)
         else:
-            uid, enabled, serverid, partitionid, enabledForCalendaring, enabledForAddressBooks, autoSchedule = results[0]
+            uid, enabled, serverid, partitionid, enabledForCalendaring, enabledForAddressBooks, autoSchedule, enabledForLogin = results[0]
             
             record = AugmentRecord(
                 uid = uid,
@@ -536,6 +541,7 @@
                 partitionID = partitionid,
                 enabledForCalendaring = enabledForCalendaring == "T",
                 enabledForAddressBooks = enabledForAddressBooks == "T",
+                enabledForLogin = enabledForLogin == "T",
                 autoSchedule = autoSchedule == "T",
             )
             
@@ -598,6 +604,7 @@
                 ("CALENDARING",  "text(1)"),
                 ("ADDRESSBOOKS", "text(1)"),
                 ("AUTOSCHEDULE", "text(1)"),
+                ("LOGINENABLED", "text(1)"),
             ),
             ifnotexists=True,
         )
@@ -620,8 +627,8 @@
     def _addRecord(self, record):
         yield self.execute(
             """insert or replace into AUGMENTS
-            (UID, ENABLED, SERVERID, PARTITIONID, CALENDARING, ADDRESSBOOKS, AUTOSCHEDULE)
-            values (:1, :2, :3, :4, :5, :6, :7)""",
+            (UID, ENABLED, SERVERID, PARTITIONID, CALENDARING, ADDRESSBOOKS, AUTOSCHEDULE, LOGINENABLED)
+            values (:1, :2, :3, :4, :5, :6, :7, :8)""",
             (
                 record.uid,
                 "T" if record.enabled else "F",
@@ -630,6 +637,7 @@
                 "T" if record.enabledForCalendaring else "F",
                 "T" if record.enabledForAddressBooks else "F",
                 "T" if record.autoSchedule else "F",
+                "T" if record.enabledForLogin else "F",
             )
         )
 
@@ -650,8 +658,8 @@
     def _addRecord(self, record):
         yield self.execute(
             """insert into AUGMENTS
-            (UID, ENABLED, SERVERID, PARTITIONID, CALENDARING, ADDRESSBOOKS, AUTOSCHEDULE)
-            values (:1, :2, :3, :4, :5, :6, :7)""",
+            (UID, ENABLED, SERVERID, PARTITIONID, CALENDARING, ADDRESSBOOKS, AUTOSCHEDULE, LOGINENABLED)
+            values (:1, :2, :3, :4, :5, :6, :7, :8)""",
             (
                 record.uid,
                 "T" if record.enabled else "F",
@@ -660,6 +668,7 @@
                 "T" if record.enabledForCalendaring else "F",
                 "T" if record.enabledForAddressBooks else "F",
                 "T" if record.autoSchedule else "F",
+                "T" if record.enabledForLogin else "F",
             )
         )
 
@@ -667,8 +676,8 @@
     def _modifyRecord(self, record):
         yield self.execute(
             """update AUGMENTS set
-            (UID, ENABLED, SERVERID, PARTITIONID, CALENDARING, ADDRESSBOOKS, AUTOSCHEDULE) =
-            (:1, :2, :3, :4, :5, :6, :7) where UID = :8""",
+            (UID, ENABLED, SERVERID, PARTITIONID, CALENDARING, ADDRESSBOOKS, AUTOSCHEDULE, LOGINENABLED) =
+            (:1, :2, :3, :4, :5, :6, :7 :8) where UID = :9""",
             (
                 record.uid,
                 "T" if record.enabled else "F",
@@ -677,6 +686,7 @@
                 "T" if record.enabledForCalendaring else "F",
                 "T" if record.enabledForAddressBooks else "F",
                 "T" if record.autoSchedule else "F",
+                "T" if record.enabledForLogin else "F",
                 record.uid,
             )
         )

Modified: CalendarServer/trunk/twistedcaldav/directory/directory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/directory.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/directory.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -115,6 +115,11 @@
         if credentials.authnPrincipal is None:
             raise UnauthorizedLogin("No such user: %s" % (credentials.credentials.username,))
 
+        # See if record is enabledForLogin
+        if not credentials.authnPrincipal.record.isLoginEnabled():
+            raise UnauthorizedLogin("User not allowed to log in: %s" %
+                (credentials.credentials.username,))
+
         # Handle Kerberos as a separate behavior
         try:
             from twistedcaldav.authkerb import NegotiateCredentials
@@ -358,6 +363,7 @@
         calendarUserAddresses=set(), autoSchedule=False, enabledForCalendaring=None,
         enabledForAddressBooks=None,
         uid=None,
+        enabledForLogin=True,
         **kwargs
     ):
         assert service.realmName is not None
@@ -389,6 +395,7 @@
         self.enabledForCalendaring  = enabledForCalendaring
         self.autoSchedule           = autoSchedule
         self.enabledForAddressBooks = enabledForAddressBooks
+        self.enabledForLogin        = enabledForLogin
         self.extras                 = kwargs
 
 
@@ -437,6 +444,7 @@
             self.enabledForCalendaring = augment.enabledForCalendaring
             self.enabledForAddressBooks = augment.enabledForAddressBooks
             self.autoSchedule = augment.autoSchedule
+            self.enabledForLogin = augment.enabledForLogin
 
             if (self.enabledForCalendaring or self.enabledForAddressBooks) and self.recordType == self.service.recordType_groups:
                 self.enabledForCalendaring = False
@@ -454,6 +462,7 @@
             self.partitionID = ""
             self.enabledForCalendaring = False
             self.enabledForAddressBooks = False
+            self.enabledForLogin = False
 
 
     def applySACLs(self):
@@ -472,6 +481,13 @@
                                % (username,))
                 self.enabledForAddressBooks = False
 
+    def isLoginEnabled(self):
+        """
+        Returns True if the user should be allowed to log in, based on the
+        enabledForLogin attribute, which is currently controlled by the
+        DirectoryService implementation.
+        """
+        return self.enabledForLogin
 
     def members(self):
         return ()

Modified: CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -52,8 +52,8 @@
 from twisted.cred.credentials import UsernamePassword
 from twistedcaldav.directory.cachingdirectory import (CachingDirectoryService,
     CachingDirectoryRecord)
-from twistedcaldav.directory import augment
 from twistedcaldav.directory.directory import DirectoryConfigurationError
+from twistedcaldav.directory.augment import AugmentRecord
 from twisted.internet.defer import succeed
 
 class LdapDirectoryService(CachingDirectoryService):
@@ -99,6 +99,8 @@
                     "emailSuffix": None, # used only to synthesize email address
                     "filter": None, # additional filter for this type
                     "recordName": "uid", # uniquely identifies user records
+                    "loginEnabledAttr" : "loginEnabled", # attribute controlling login
+                    "loginEnabledValue" : "yes", # value of above attribute
                 },
                 "groups": {
                     "rdn": "ou=Group",
@@ -174,6 +176,8 @@
             attrSet.add(self.groupSchema["nestedGroupsAttr"])
         if self.groupSchema["memberIdAttr"]:
             attrSet.add(self.groupSchema["memberIdAttr"])
+        if self.rdnSchema["users"]["loginEnabledAttr"]:
+            attrSet.add(self.rdnSchema["users"]["loginEnabledAttr"])
         self.attrList = list(attrSet)
 
         self.typeRDNs = {}
@@ -248,6 +252,7 @@
             self.authLDAP = self.createLDAPConnection()
         self.log_debug("Authenticating %s" % (dn,))
         self.authLDAP.bind_s(dn, password)
+        self.log_debug("Authentication succeeded for %s" % (dn,))
 
 
     @property
@@ -390,9 +395,10 @@
         firstName = None
         lastName = None
         emailAddresses = set()
-        calendarUserAddresses = set()
         enabledForCalendaring = None
+        enabledForAddressBooks = None
         uid = None
+        enabledForLogin = True
 
         # First check for and add guid
         guidAttr = self.rdnSchema["guidAttr"]
@@ -403,6 +409,7 @@
         emailAddresses = self._getMultipleLdapAttributes(attrs, "mail")
         emailSuffix = self.rdnSchema[recordType]["emailSuffix"]
 
+
         if len(emailAddresses) == 0 and emailSuffix is not None:
             emailPrefix = self._getUniqueLdapAttribute(attrs,
                 self.rdnSchema[recordType]["attr"])
@@ -415,16 +422,28 @@
                 "displayName", "gecos")
             firstName = self._getUniqueLdapAttribute(attrs, "givenName")
             lastName = self._getUniqueLdapAttribute(attrs, "sn", "surname")
-            calendarUserAddresses = emailAddresses
             enabledForCalendaring = True
+            enabledForAddressBooks = True
+
+            # Check login control attribute
+            loginEnabledAttr = self.rdnSchema[recordType]["loginEnabledAttr"]
+            if loginEnabledAttr:
+                loginEnabledValue = self.rdnSchema[recordType]["loginEnabledValue"]
+                enabledForLogin = self._getUniqueLdapAttribute(attrs,
+                    loginEnabledAttr) == loginEnabledValue
+
         elif recordType == self.recordType_groups:
             fullName = self._getUniqueLdapAttribute(attrs, "cn")
             enabledForCalendaring = False
+            enabledForAddressBooks = False
+            enabledForLogin = False
+
         elif recordType in (self.recordType_resources,
             self.recordType_locations):
             fullName = self._getUniqueLdapAttribute(attrs, "cn")
-            calendarUserAddresses = emailAddresses
             enabledForCalendaring = True
+            enabledForAddressBooks = False
+            enabledForLogin = False
 
         record = LdapDirectoryRecord(
             service                 = self,
@@ -436,19 +455,23 @@
             firstName               = firstName,
             lastName                = lastName,
             emailAddresses          = emailAddresses,
-            calendarUserAddresses   = calendarUserAddresses,
-            enabledForCalendaring   = enabledForCalendaring,
             uid                     = uid,
             dn                      = dn,
             attrs                   = attrs,
         )
 
-        # Look up augment information
-        # TODO: this needs to be deferred but for now we hard code the
-        # deferred result because we know it is completing immediately.
-        d = self.augmentService.getAugmentRecord(record.guid,
-            recordType)
-        d.addCallback(lambda x:record.addAugmentInformation(x))
+        # Generate an augment record based on information retrieved from LDAP
+        augmentRecord = AugmentRecord(
+            guid,
+            enabled=True,
+            serverID="", # TODO: add to LDAP?
+            partitionID="", # TODO: add to LDAP?
+            enabledForCalendaring=enabledForCalendaring,
+            autoSchedule=False, # TODO: add to LDAP?
+            enabledForAddressBooks=enabledForAddressBooks, # TODO: add to LDAP?
+            enabledForLogin=enabledForLogin,
+        )
+        record.addAugmentInformation(augmentRecord)
 
         return record
 
@@ -546,9 +569,9 @@
         Carries out the work of a principal-property-search against LDAP
         Returns a deferred list of directory records.
         """
-
         records = []
 
+        self.log_debug("Peforming principal property search for %s" % (fields,))
         recordTypes = [recordType] if recordType else self.recordTypes()
         for recordType in recordTypes:
             filter = buildFilter(self.attributeMapping, fields, operand=operand)
@@ -562,11 +585,13 @@
                     (ldap.dn.dn2str(base), filter))
                 results = self.ldap.search_s(ldap.dn.dn2str(base),
                     ldap.SCOPE_SUBTREE, filter, self.attrList)
+                self.log_debug("LDAP search returned %d results" % (len(results),))
 
                 for dn, attrs in results:
                     # Skip if group restriction is in place and guid is not
                     # a member
-                    if self.restrictedGUIDs is not None:
+                    if (recordType != self.recordType_groups and
+                        self.restrictedGUIDs is not None):
                         guidAttr = self.rdnSchema["guidAttr"]
                         if guidAttr:
                             guid = self._getUniqueLdapAttribute(attrs, guidAttr)
@@ -576,6 +601,7 @@
                     record = self._ldapResultToRecord(dn, attrs, recordType)
                     records.append(record)
 
+        self.log_debug("Principal property search matched %d records" % (len(records),))
         return succeed(records)
 
 
@@ -620,8 +646,7 @@
         self, service, recordType,
         guid, shortNames, authIDs, fullName,
         firstName, lastName, emailAddresses,
-        calendarUserAddresses, enabledForCalendaring, uid,
-        dn, attrs
+        uid, dn, attrs
     ):
         super(LdapDirectoryRecord, self).__init__(
             service               = service,
@@ -633,8 +658,6 @@
             firstName             = firstName,
             lastName              = lastName,
             emailAddresses        = emailAddresses,
-            calendarUserAddresses = calendarUserAddresses,
-            enabledForCalendaring = enabledForCalendaring,
             uid                   = uid,
         )
 
@@ -826,3 +849,4 @@
                 raise DirectoryConfigurationError(msg)
 
         return super(LdapDirectoryRecord, self).verifyCredentials(credentials)
+

Modified: CalendarServer/trunk/twistedcaldav/directory/principal.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/principal.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/principal.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -52,7 +52,6 @@
 from twistedcaldav.config import config
 from twistedcaldav.cache import DisabledCacheNotifier, PropfindCacheMixin
 from twistedcaldav.directory import calendaruserproxy
-from twistedcaldav.directory import augment
 from twistedcaldav.directory.calendaruserproxy import CalendarUserProxyPrincipalResource
 from twistedcaldav.directory.common import uidsResourceName
 from twistedcaldav.directory.directory import DirectoryService, DirectoryRecord

Modified: CalendarServer/trunk/twistedcaldav/directory/test/augments-test-default.xml
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/augments-test-default.xml	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/test/augments-test-default.xml	2011-05-27 16:03:40 UTC (rev 7536)
@@ -116,4 +116,15 @@
     <enable-addressbook>true</enable-addressbook>
     <auto-schedule>true</auto-schedule>
   </record>
+  <record>
+    <uid>FC674703-8008-4A77-B80E-0DB55A9CE620</uid>
+    <enable-login>false</enable-login>
+  </record>
+  <record>
+    <uid>B473DC32-1B0D-45EE-9BAC-DA878AE9CE74</uid>
+    <enable-login>true</enable-login>
+  </record>
+  <record>
+    <uid>9F2B176D-B3F5-483A-AA63-0A1FC6E6D54B</uid>
+  </record>
 </augments>

Modified: CalendarServer/trunk/twistedcaldav/directory/test/augments-test.xml
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/augments-test.xml	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/test/augments-test.xml	2011-05-27 16:03:40 UTC (rev 7536)
@@ -58,4 +58,15 @@
     <enable-addressbook>true</enable-addressbook>
     <auto-schedule>true</auto-schedule>
   </record>
+  <record>
+    <uid>FC674703-8008-4A77-B80E-0DB55A9CE620</uid>
+    <enable-login>false</enable-login>
+  </record>
+  <record>
+    <uid>B473DC32-1B0D-45EE-9BAC-DA878AE9CE74</uid>
+    <enable-login>true</enable-login>
+  </record>
+  <record>
+    <uid>9F2B176D-B3F5-483A-AA63-0A1FC6E6D54B</uid>
+  </record>
 </augments>

Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_augment.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_augment.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_augment.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -35,6 +35,9 @@
     {"uid":"5FF60DAD-0BDE-4508-8C77-15F0CA5C8DD1", "enabled":True,  "partitionID":"00001", "enabledForCalendaring":False, "enabledForAddressBooks":False, "autoSchedule":False},
     {"uid":"543D28BA-F74F-4D5F-9243-B3E3A61171E5", "enabled":True,  "partitionID":"00002", "enabledForCalendaring":False, "enabledForAddressBooks":False, "autoSchedule":False},
     {"uid":"6A73326A-F781-47E7-A9F8-AF47364D4152", "enabled":True,  "partitionID":"00002", "enabledForCalendaring":True, "enabledForAddressBooks":True, "autoSchedule":True},
+    {"uid":"FC674703-8008-4A77-B80E-0DB55A9CE620", "enabledForLogin":False,}, # Explicitly false
+    {"uid":"B473DC32-1B0D-45EE-9BAC-DA878AE9CE74", "enabledForLogin":True,}, # Explicitly True
+    {"uid":"9F2B176D-B3F5-483A-AA63-0A1FC6E6D54B", "enabledForLogin":True,}, # Default is True
 )
 
 testRecordWildcardDefault = (

Modified: CalendarServer/trunk/twistedcaldav/directory/wiki.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/wiki.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/wiki.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -249,7 +249,7 @@
 
     except Fault, fault:
 
-        log.debug("Wiki ACL result: user [%s], wiki [%s], FAULT [%s]" % (userID,
+        log.error("Wiki ACL result: user [%s], wiki [%s], FAULT [%s]" % (userID,
             wikiID, fault))
 
         if fault.faultCode == 2: # non-existent user

Modified: CalendarServer/trunk/twistedcaldav/directory/xmlaugmentsparser.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/xmlaugmentsparser.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/xmlaugmentsparser.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -40,6 +40,7 @@
 ELEMENT_HOSTEDAT          = "hosted-at"   # Backwards compatibility
 ELEMENT_ENABLECALENDAR    = "enable-calendar"
 ELEMENT_ENABLEADDRESSBOOK = "enable-addressbook"
+ELEMENT_ENABLELOGIN       = "enable-login"
 ELEMENT_AUTOSCHEDULE      = "auto-schedule"
 
 ATTRIBUTE_REPEAT          = "repeat"
@@ -55,6 +56,7 @@
     ELEMENT_HOSTEDAT:          "partitionID",   # Backwards compatibility
     ELEMENT_ENABLECALENDAR:    "enabledForCalendaring",
     ELEMENT_ENABLEADDRESSBOOK: "enabledForAddressBooks",
+    ELEMENT_ENABLELOGIN:       "enabledForLogin",
     ELEMENT_AUTOSCHEDULE:      "autoSchedule",
 }
 
@@ -104,6 +106,7 @@
                     ELEMENT_ENABLE,
                     ELEMENT_ENABLECALENDAR,
                     ELEMENT_ENABLEADDRESSBOOK,
+                    ELEMENT_ENABLELOGIN,
                     ELEMENT_AUTOSCHEDULE,
                 ):
                     fields[node.tag] = node.text == VALUE_TRUE

Modified: CalendarServer/trunk/twistedcaldav/directory/xmlfile.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/xmlfile.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/directory/xmlfile.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -32,7 +32,6 @@
 from twistedcaldav.config import config
 
 from twistedcaldav.config import fullServerPath
-from twistedcaldav.directory import augment
 from twistedcaldav.directory.directory import DirectoryService, DirectoryRecord, DirectoryError
 from twistedcaldav.directory.xmlaccountsparser import XMLAccountsParser, XMLAccountRecord
 from twistedcaldav.scheduling.cuaddress import normalizeCUAddr

Modified: CalendarServer/trunk/twistedcaldav/stdconfig.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/stdconfig.py	2011-05-26 22:03:57 UTC (rev 7535)
+++ CalendarServer/trunk/twistedcaldav/stdconfig.py	2011-05-27 16:03:40 UTC (rev 7536)
@@ -79,6 +79,8 @@
                 "emailSuffix": None, # used only to synthesize email address
                 "filter": None, # additional filter for this type
                 "recordName": "userid", # uniquely identifies user records
+                "loginEnabledAttr" : "loginEnabled", # attribute controlling login
+                "loginEnabledValue" : "yes", # value of above attribute
             },
             "groups": {
                 "rdn": "ou=Group",
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20110527/e4d07c93/attachment-0001.html>


More information about the calendarserver-changes mailing list