[CalendarServer-changes] [13017] CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/ directory/wiki.py
source_changes at macosforge.org
source_changes at macosforge.org
Thu Mar 27 19:08:34 PDT 2014
Revision: 13017
http://trac.calendarserver.org//changeset/13017
Author: sagen at apple.com
Date: 2014-03-27 19:08:34 -0700 (Thu, 27 Mar 2014)
Log Message:
-----------
Remove old wiki service
Removed Paths:
-------------
CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py
Deleted: CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py
===================================================================
--- CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py 2014-03-28 02:08:12 UTC (rev 13016)
+++ CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py 2014-03-28 02:08:34 UTC (rev 13017)
@@ -1,369 +0,0 @@
-##
-# Copyright (c) 2006-2014 Apple Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##
-
-"""
-Directory service implementation for users who are allowed to authorize
-as other principals.
-"""
-
-
-from twisted.internet.defer import inlineCallbacks, returnValue, succeed
-from twistedcaldav.config import config
-from twisted.web.xmlrpc import Proxy, Fault
-from calendarserver.platform.darwin.wiki import accessForUserToWiki
-from twext.python.log import Logger
-
-from twext.internet.gaiendpoint import MultiFailure
-from txweb2 import responsecode
-# from txweb2.auth.wrapper import UnauthorizedResponse
-# from txweb2.dav.resource import TwistedACLInheritable
-from txweb2.http import HTTPError, StatusResponse
-
-from twisted.web.error import Error as WebError
-
-# from twistedcaldav.directory.directory import DirectoryService, \
-# DirectoryRecord, UnknownRecordTypeError
-
-# from txdav.xml import element as davxml
-
-log = Logger()
-
-# class WikiDirectoryService(DirectoryService):
-
-
-class WikiDirectoryService(object):
- """
- L{IDirectoryService} implementation for Wikis.
- """
- baseGUID = "D79EF1E0-9A42-11DD-AD8B-0800200C9A66"
-
- realmName = None
-
- recordType_wikis = "wikis"
-
- UIDPrefix = "wiki-"
-
-
-# def __repr__(self):
-# return "<%s %r>" % (self.__class__.__name__, self.realmName)
-
-
-# def __init__(self):
-# super(WikiDirectoryService, self).__init__()
-# self.byUID = {}
-# self.byShortName = {}
-
-
-# def recordTypes(self):
-# return (WikiDirectoryService.recordType_wikis,)
-
-
-# def listRecords(self, recordType):
-# return ()
-
-
-# def recordWithShortName(self, recordType, shortName):
-# if recordType != WikiDirectoryService.recordType_wikis:
-# raise UnknownRecordTypeError(recordType)
-
-# if shortName in self.byShortName:
-# record = self.byShortName[shortName]
-# return record
-
-# record = self._addRecord(shortName)
-# return record
-
-
-# def recordWithUID(self, uid):
-
-# if uid in self.byUID:
-# record = self.byUID[uid]
-# return record
-
-# if uid.startswith(self.UIDPrefix):
-# shortName = uid[len(self.UIDPrefix):]
-# record = self._addRecord(shortName)
-# return record
-# else:
-# return None
-
-
-# def _addRecord(self, shortName):
-
-# record = WikiDirectoryRecord(
-# self,
-# WikiDirectoryService.recordType_wikis,
-# shortName,
-# None
-# )
-# self.byUID[record.uid] = record
-# self.byShortName[shortName] = record
-# return record
-
-
-
-# class WikiDirectoryRecord(DirectoryRecord):
-# """
-# L{DirectoryRecord} implementation for Wikis.
-# """
-
-# def __init__(self, service, recordType, shortName, entry):
-# super(WikiDirectoryRecord, self).__init__(
-# service=service,
-# recordType=recordType,
-# guid=None,
-# shortNames=(shortName,),
-# fullName=shortName,
-# enabledForCalendaring=True,
-# uid="%s%s" % (WikiDirectoryService.UIDPrefix, shortName),
-# )
-# # Wiki enabling doesn't come from augments db, so enable here...
-# self.enabled = True
-
-
-
- at inlineCallbacks
-def getWikiAccess(userID, wikiID, method=None):
- """
- Ask the wiki server we're paired with what level of access the userID has
- for the given wikiID. Possible values are "read", "write", and "admin"
- (which we treat as "write").
-
- @param userID: the GUID (UUID) of the user's directory record.
- @type userID: L{bytes} (UTF-8)
-
- @param wikiID: the short name of the wiki principal's synthetic directory
- record. (See L{WikiDirectoryService}).
- @type wikiID: L{bytes} (UTF-8)
-
- @return: A string indicating the level of access that the given user has to
- the given wiki. Possible values are:
-
- 1. C{b"no-access"} for read-only access
-
- 2. C{b"no-access"} for read/write access
-
- 3. C{b"no-access"} for administrative access (which, for calendaring
- purposes, should be equialent to read/write)
-
- 4. C{b"no-access"} for a user who is not allowed to see the wiki at
- all.
-
- @rtype: L{bytes}
-
- @raise: L{HTTPError} indicating that there is a problem requesting
- permission information. This may be raised with a few different status
- codes, each indicating a different problem:
-
- 1. L{responsecode.FORBIDDEN}: The user represented by C{userID} did not
- exist.
-
- 2. L{responsecode.NOT_FOUND}: The wiki represented by C{wikiID} did not
- exist.
-
- 3. L{responsecode.SERVICE_UNAVAILABLE}: The service that we are
- checking permissions with is currently offline or responding with an
- unknown fault.
- """
- wikiConfig = config.Authentication.Wiki
- if method is None:
- if wikiConfig.LionCompatibility:
- method = Proxy(wikiConfig["URL"]).callRemote
- else:
- method = accessForUserToWiki
- try:
-
- log.debug("Looking up Wiki ACL for: user [%s], wiki [%s]" % (userID,
- wikiID))
- if wikiConfig.LionCompatibility:
- access = (yield method(wikiConfig["WikiMethod"],
- userID, wikiID))
- else:
- access = (yield method(userID, wikiID,
- host=wikiConfig.CollabHost, port=wikiConfig.CollabPort))
-
- log.debug("Wiki ACL result: user [%s], wiki [%s], access [%s]" %
- (userID, wikiID, access))
- returnValue(access)
-
- except MultiFailure, e:
- log.error("Wiki ACL error: user [%s], wiki [%s], MultiFailure [%s]" %
- (userID, wikiID, e))
- raise HTTPError(StatusResponse(responsecode.SERVICE_UNAVAILABLE,
- "\n".join([str(f) for f in e.failures])))
-
- except Fault, fault:
-
- log.debug("Wiki ACL result: user [%s], wiki [%s], FAULT [%s]" % (userID,
- wikiID, fault))
-
- if fault.faultCode == 2: # non-existent user
- raise HTTPError(StatusResponse(responsecode.FORBIDDEN,
- fault.faultString))
-
- elif fault.faultCode == 12: # non-existent wiki
- raise HTTPError(StatusResponse(responsecode.NOT_FOUND,
- fault.faultString))
-
- else:
- # Unknown fault returned from wiki server. Log the error and
- # return 503 Service Unavailable to the client.
- log.error("Wiki ACL error: user [%s], wiki [%s], FAULT [%s]" %
- (userID, wikiID, fault))
- raise HTTPError(StatusResponse(responsecode.SERVICE_UNAVAILABLE,
- fault.faultString))
-
- except WebError, w:
- status = int(w.status)
-
- log.debug("Wiki ACL result: user [%s], wiki [%s], status [%s]" %
- (userID, wikiID, status))
-
- if status == responsecode.FORBIDDEN: # non-existent user
- raise HTTPError(StatusResponse(responsecode.FORBIDDEN,
- "Unknown User"))
-
- elif status == responsecode.NOT_FOUND: # non-existent wiki
- raise HTTPError(StatusResponse(responsecode.NOT_FOUND,
- "Unknown Wiki"))
-
- else:
- # Unknown fault returned from wiki server. Log the error and
- # return 503 Service Unavailable to the client.
- log.error("Wiki ACL error: user [%s], wiki [%s], status [%s]" %
- (userID, wikiID, status))
- raise HTTPError(StatusResponse(responsecode.SERVICE_UNAVAILABLE,
- w.message))
-
-
-
-# def getWikiACL(resource, request):
-# return succeed(None)
-# @inlineCallbacks
-# def getWikiACL(resource, request):
-# """
-# Ask the wiki server we're paired with what level of access the authnUser has.
-
-# Returns an ACL.
-
-# Wiki authentication is a bit tricky because the end-user accessing a group
-# calendar may not actually be enabled for calendaring. Therefore in that
-# situation, the authzUser will have been replaced with the wiki principal
-# in locateChild( ), so that any changes the user makes will have the wiki
-# as the originator. The authnUser will always be the end-user.
-# """
-# from twistedcaldav.directory.principal import DirectoryPrincipalResource
-
-# if (not hasattr(resource, "record") or
-# resource.record.recordType != WikiDirectoryService.recordType_wikis):
-# returnValue(None)
-
-# if hasattr(request, 'wikiACL'):
-# returnValue(request.wikiACL)
-
-# userID = "unauthenticated"
-# wikiID = resource.record.shortNames[0]
-
-# try:
-# url = str(request.authnUser.children[0])
-# principal = (yield request.locateResource(url))
-# if isinstance(principal, DirectoryPrincipalResource):
-# userID = principal.record.guid
-# except:
-# # TODO: better error handling
-# pass
-
-# try:
-# access = (yield getWikiAccess(userID, wikiID))
-
-# # The ACL we returns has ACEs for the end-user and the wiki principal
-# # in case authzUser is the wiki principal.
-# if access == "read":
-# request.wikiACL = davxml.ACL(
-# davxml.ACE(
-# request.authnUser,
-# davxml.Grant(
-# davxml.Privilege(davxml.Read()),
-# davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
-
-# # We allow write-properties so that direct sharees can change
-# # e.g. calendar color properties
-# davxml.Privilege(davxml.WriteProperties()),
-# ),
-# TwistedACLInheritable(),
-# ),
-# davxml.ACE(
-# davxml.Principal(
-# davxml.HRef.fromString("/principals/wikis/%s/" % (wikiID,))
-# ),
-# davxml.Grant(
-# davxml.Privilege(davxml.Read()),
-# davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
-# ),
-# TwistedACLInheritable(),
-# )
-# )
-# returnValue(request.wikiACL)
-
-# elif access in ("write", "admin"):
-# request.wikiACL = davxml.ACL(
-# davxml.ACE(
-# request.authnUser,
-# davxml.Grant(
-# davxml.Privilege(davxml.Read()),
-# davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
-# davxml.Privilege(davxml.Write()),
-# ),
-# TwistedACLInheritable(),
-# ),
-# davxml.ACE(
-# davxml.Principal(
-# davxml.HRef.fromString("/principals/wikis/%s/" % (wikiID,))
-# ),
-# davxml.Grant(
-# davxml.Privilege(davxml.Read()),
-# davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
-# davxml.Privilege(davxml.Write()),
-# ),
-# TwistedACLInheritable(),
-# )
-# )
-# returnValue(request.wikiACL)
-
-# else: # "no-access":
-
-# if userID == "unauthenticated":
-# # Return a 401 so they have an opportunity to log in
-# response = (yield UnauthorizedResponse.makeResponse(
-# request.credentialFactories,
-# request.remoteAddr,
-# ))
-# raise HTTPError(response)
-
-# raise HTTPError(
-# StatusResponse(
-# responsecode.FORBIDDEN,
-# "You are not allowed to access this wiki"
-# )
-# )
-
-# except HTTPError:
-# # pass through the HTTPError we might have raised above
-# raise
-
-# except Exception, e:
-# log.error("Wiki ACL lookup failed: %s" % (e,))
-# raise HTTPError(StatusResponse(responsecode.SERVICE_UNAVAILABLE, "Wiki ACL lookup failed"))
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20140327/e1527b3b/attachment-0001.html>
More information about the calendarserver-changes
mailing list