[CalendarServer-changes] [11365] CalendarServer/trunk/twistedcaldav
source_changes at macosforge.org
source_changes at macosforge.org
Fri Jun 14 12:25:43 PDT 2013
Revision: 11365
http://trac.calendarserver.org//changeset/11365
Author: sagen at apple.com
Date: 2013-06-14 12:25:43 -0700 (Fri, 14 Jun 2013)
Log Message:
-----------
calendarserver-principal-search now uses all tokens as long as one of them is at least two letters long.
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
CalendarServer/trunk/twistedcaldav/extensions.py
CalendarServer/trunk/twistedcaldav/test/test_extensions.py
Modified: CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2013-06-14 03:13:09 UTC (rev 11364)
+++ CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2013-06-14 19:25:43 UTC (rev 11365)
@@ -1431,7 +1431,7 @@
"""
filterStr = None
- tokens = [ldapEsc(t) for t in tokens if len(t) > 2]
+ tokens = [ldapEsc(t) for t in tokens]
if len(tokens) == 0:
return None
Modified: CalendarServer/trunk/twistedcaldav/extensions.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/extensions.py 2013-06-14 03:13:09 UTC (rev 11364)
+++ CalendarServer/trunk/twistedcaldav/extensions.py 2013-06-14 19:25:43 UTC (rev 11365)
@@ -273,6 +273,10 @@
tokens, context, applyTo, clientLimit, propElement = extractCalendarServerPrincipalSearchData(calendarserver_principal_search)
+ if not validateTokens(tokens):
+ raise HTTPError(StatusResponse(responsecode.FORBIDDEN,
+ "Insufficient search token length"))
+
# Run report
resultsWereLimited = None
resources = []
@@ -998,3 +1002,19 @@
raise HTTPError(StatusResponse(responsecode.BAD_REQUEST, msg))
return tokens, context, applyTo, clientLimit, propElement
+
+
+def validateTokens(tokens):
+ """
+ Make sure there is at least one token longer than one character
+
+ @param tokens: the tokens to inspect
+ @type tokens: iterable of utf-8 encoded strings
+
+ @return: True if tokens are valid, False otherwise
+ @rtype: boolean
+ """
+ for token in tokens:
+ if len(token) > 1:
+ return True
+ return False
Modified: CalendarServer/trunk/twistedcaldav/test/test_extensions.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/test/test_extensions.py 2013-06-14 03:13:09 UTC (rev 11364)
+++ CalendarServer/trunk/twistedcaldav/test/test_extensions.py 2013-06-14 19:25:43 UTC (rev 11365)
@@ -22,7 +22,7 @@
from twisted.internet.defer import inlineCallbacks, Deferred, succeed
from twisted.web.microdom import parseString
-from twistedcaldav.extensions import DAVFile, DAVResourceWithChildrenMixin, extractCalendarServerPrincipalSearchData
+from twistedcaldav.extensions import DAVFile, DAVResourceWithChildrenMixin, extractCalendarServerPrincipalSearchData, validateTokens
from twistedcaldav.test.util import TestCase
from txdav.xml.element import WebDAVElement, ResourceType
@@ -265,3 +265,18 @@
self.assertEquals(context, None)
self.assertTrue(applyTo)
self.assertEquals(clientLimit, 42)
+
+ def test_validateTokens(self):
+ """
+ Ensure validateTokens only returns True if there is at least one token
+ longer than one character
+ """
+ self.assertTrue(validateTokens(["abc"]))
+ self.assertTrue(validateTokens(["ab", "c"]))
+ self.assertTrue(validateTokens(["ab"]))
+ self.assertFalse(validateTokens(["a"]))
+ self.assertFalse(validateTokens(["a", "b", "c"]))
+ self.assertFalse(validateTokens([""]))
+ self.assertFalse(validateTokens([]))
+
+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20130614/f0805660/attachment.html>
More information about the calendarserver-changes
mailing list