[CalendarServer-changes] [11812] CalendarServer/trunk/twistedcaldav/directory
source_changes at macosforge.org
source_changes at macosforge.org
Mon Oct 14 13:33:47 PDT 2013
Revision: 11812
http://trac.calendarserver.org//changeset/11812
Author: sagen at apple.com
Date: 2013-10-14 13:33:47 -0700 (Mon, 14 Oct 2013)
Log Message:
-----------
When fetching external proxy assignments, only take into account those for records which are enabledForCalendaring.
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/directory.py
CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
CalendarServer/trunk/twistedcaldav/directory/test/test_directory.py
Modified: CalendarServer/trunk/twistedcaldav/directory/directory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/directory.py 2013-10-13 14:59:35 UTC (rev 11811)
+++ CalendarServer/trunk/twistedcaldav/directory/directory.py 2013-10-14 20:33:47 UTC (rev 11812)
@@ -533,10 +533,11 @@
)
for record in resources:
guid = record.guid
- assignments.append(("%s#calendar-proxy-write" % (guid,),
- record.externalProxies()))
- assignments.append(("%s#calendar-proxy-read" % (guid,),
- record.externalReadOnlyProxies()))
+ if record.enabledForCalendaring:
+ assignments.append(("%s#calendar-proxy-write" % (guid,),
+ record.externalProxies()))
+ assignments.append(("%s#calendar-proxy-read" % (guid,),
+ record.externalReadOnlyProxies()))
return assignments
Modified: CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2013-10-13 14:59:35 UTC (rev 11811)
+++ CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2013-10-14 20:33:47 UTC (rev 11812)
@@ -391,6 +391,12 @@
# Build filter
filterstr = "(|(%s=*)(%s=*))" % (readAttr, writeAttr)
+ # ...taking into account only calendar-enabled records
+ enabledAttr = self.rdnSchema["locations"]["calendarEnabledAttr"]
+ enabledValue = self.rdnSchema["locations"]["calendarEnabledValue"]
+ if enabledAttr and enabledValue:
+ filterstr = "(&(%s=%s)%s)" % (enabledAttr, enabledValue, filterstr)
+
attrlist = [guidAttr, readAttr, writeAttr]
# Query the LDAP server
@@ -1046,7 +1052,7 @@
try:
record = self._ldapResultToRecord(dn, attrs, recordType)
- self.log.debug("Got LDAP record %s" % (record,))
+ self.log.debug("Got LDAP record {rec}", rec=record)
if not unrestricted:
self.log.debug("%s is not enabled because it's not a member of group: %s" % (dn, self.restrictToGroup))
Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_directory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_directory.py 2013-10-13 14:59:35 UTC (rev 11811)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_directory.py 2013-10-14 20:33:47 UTC (rev 11812)
@@ -540,7 +540,167 @@
groups,
)
+ #
+ # Now remove all external assignments, and those should take effect.
+ #
+ def fakeExternalProxiesEmpty():
+ return []
+ updater = GroupMembershipCacheUpdater(
+ calendaruserproxy.ProxyDBService, self.directoryService, 30, 30, 30,
+ cache=cache, useExternalProxies=True,
+ externalProxiesSource=fakeExternalProxiesEmpty)
+
+ yield updater.updateCache()
+
+ delegates = (
+
+ # record name
+ # read-write delegators
+ # read-only delegators
+ # groups delegate is in (restricted to only those groups
+ # participating in delegation)
+
+ # Note: "transporter" is now gone for everyone
+
+ ("wsanchez",
+ set(["mercury", "apollo", "orion", "gemini"]),
+ set(["non_calendar_proxy"]),
+ set(['left_coast',
+ 'both_coasts',
+ 'recursive1_coasts',
+ 'recursive2_coasts',
+ 'gemini#calendar-proxy-write',
+ ]),
+ ),
+ ("cdaboo",
+ set(["apollo", "orion", "non_calendar_proxy"]),
+ set(["non_calendar_proxy"]),
+ set(['both_coasts',
+ 'non_calendar_group',
+ 'recursive1_coasts',
+ 'recursive2_coasts',
+ ]),
+ ),
+ ("lecroy",
+ set(["apollo", "mercury", "non_calendar_proxy"]),
+ set(),
+ set(['both_coasts',
+ 'left_coast',
+ 'non_calendar_group',
+ ]),
+ ),
+ )
+
+ for name, write, read, groups in delegates:
+ delegate = self._getPrincipalByShortName(DirectoryService.recordType_users, name)
+
+ proxyFor = (yield delegate.proxyFor(True))
+ self.assertEquals(
+ set([p.record.guid for p in proxyFor]),
+ write,
+ )
+ proxyFor = (yield delegate.proxyFor(False))
+ self.assertEquals(
+ set([p.record.guid for p in proxyFor]),
+ read,
+ )
+ groupsIn = (yield delegate.groupMemberships())
+ uids = set()
+ for group in groupsIn:
+ try:
+ uid = group.uid # a sub-principal
+ except AttributeError:
+ uid = group.record.guid # a regular group
+ uids.add(uid)
+ self.assertEquals(
+ set(uids),
+ groups,
+ )
+
+ #
+ # Now add back an external assignments, and those should take effect.
+ #
+ def fakeExternalProxiesAdded():
+ return [
+ (
+ "transporter#calendar-proxy-write",
+ set(["8B4288F6-CC82-491D-8EF9-642EF4F3E7D0"])
+ ),
+ ]
+
+ updater = GroupMembershipCacheUpdater(
+ calendaruserproxy.ProxyDBService, self.directoryService, 30, 30, 30,
+ cache=cache, useExternalProxies=True,
+ externalProxiesSource=fakeExternalProxiesAdded)
+
+ yield updater.updateCache()
+
+ delegates = (
+
+ # record name
+ # read-write delegators
+ # read-only delegators
+ # groups delegate is in (restricted to only those groups
+ # participating in delegation)
+
+ ("wsanchez",
+ set(["mercury", "apollo", "orion", "gemini"]),
+ set(["non_calendar_proxy"]),
+ set(['left_coast',
+ 'both_coasts',
+ 'recursive1_coasts',
+ 'recursive2_coasts',
+ 'gemini#calendar-proxy-write',
+ ]),
+ ),
+ ("cdaboo",
+ set(["apollo", "orion", "non_calendar_proxy"]),
+ set(["non_calendar_proxy"]),
+ set(['both_coasts',
+ 'non_calendar_group',
+ 'recursive1_coasts',
+ 'recursive2_coasts',
+ ]),
+ ),
+ ("lecroy",
+ set(["apollo", "mercury", "non_calendar_proxy", "transporter"]),
+ set(),
+ set(['both_coasts',
+ 'left_coast',
+ 'non_calendar_group',
+ 'transporter#calendar-proxy-write',
+ ]),
+ ),
+ )
+
+ for name, write, read, groups in delegates:
+ delegate = self._getPrincipalByShortName(DirectoryService.recordType_users, name)
+
+ proxyFor = (yield delegate.proxyFor(True))
+ self.assertEquals(
+ set([p.record.guid for p in proxyFor]),
+ write,
+ )
+ proxyFor = (yield delegate.proxyFor(False))
+ self.assertEquals(
+ set([p.record.guid for p in proxyFor]),
+ read,
+ )
+ groupsIn = (yield delegate.groupMemberships())
+ uids = set()
+ for group in groupsIn:
+ try:
+ uid = group.uid # a sub-principal
+ except AttributeError:
+ uid = group.record.guid # a regular group
+ uids.add(uid)
+ self.assertEquals(
+ set(uids),
+ groups,
+ )
+
+
def test_diffAssignments(self):
"""
Ensure external proxy assignment diffing works
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20131014/198b64da/attachment.html>
More information about the calendarserver-changes
mailing list