[CalendarServer-changes] [13069] CalendarServer/branches/users/sagen/move2who-4/calendarserver/ provision/root.py
source_changes at macosforge.org
source_changes at macosforge.org
Mon Mar 31 15:43:14 PDT 2014
Revision: 13069
http://trac.calendarserver.org//changeset/13069
Author: wsanchez at apple.com
Date: 2014-03-31 15:43:14 -0700 (Mon, 31 Mar 2014)
Log Message:
-----------
lint
Modified Paths:
--------------
CalendarServer/branches/users/sagen/move2who-4/calendarserver/provision/root.py
Modified: CalendarServer/branches/users/sagen/move2who-4/calendarserver/provision/root.py
===================================================================
--- CalendarServer/branches/users/sagen/move2who-4/calendarserver/provision/root.py 2014-03-31 22:18:29 UTC (rev 13068)
+++ CalendarServer/branches/users/sagen/move2who-4/calendarserver/provision/root.py 2014-03-31 22:43:14 UTC (rev 13069)
@@ -19,7 +19,6 @@
"RootResource",
]
-from txdav.who.wiki import uidForAuthToken
from twext.python.log import Logger
from twisted.cred.error import LoginFailed, UnauthorizedLogin
from twisted.internet.defer import inlineCallbacks, returnValue, succeed
@@ -35,6 +34,7 @@
from twistedcaldav.extensions import ReadOnlyResourceMixIn
from twistedcaldav.resource import CalDAVComplianceMixIn
from txdav.who.wiki import DirectoryService as WikiDirectoryService
+from txdav.who.wiki import uidForAuthToken
from txdav.xml import element as davxml
from txweb2 import responsecode
from txweb2.auth.wrapper import UnauthorizedResponse
@@ -44,7 +44,10 @@
log = Logger()
-class RootResource (ReadOnlyResourceMixIn, DirectoryPrincipalPropertySearchMixIn, CalDAVComplianceMixIn, DAVFile):
+class RootResource(
+ ReadOnlyResourceMixIn, DirectoryPrincipalPropertySearchMixIn,
+ CalDAVComplianceMixIn, DAVFile
+):
"""
A special root resource that contains support checking SACLs
as well as adding responseFilters.
@@ -56,17 +59,17 @@
# starts with any of these, then the list of SACLs are checked. If the
# request path does not start with any of these, then no SACLs are checked.
saclMap = {
- "addressbooks" : ("addressbook",),
- "calendars" : ("calendar",),
- "directory" : ("addressbook",),
- "principals" : ("addressbook", "calendar"),
- "webcal" : ("calendar",),
+ "addressbooks": ("addressbook",),
+ "calendars": ("calendar",),
+ "directory": ("addressbook",),
+ "principals": ("addressbook", "calendar"),
+ "webcal": ("calendar",),
}
# If a top-level resource path starts with any of these, an unauthenticated
# request is redirected to the auth url (config.WebCalendarAuthPath)
authServiceMap = {
- "webcal" : True,
+ "webcal": True,
}
def __init__(self, path, *args, **kwargs):
@@ -80,11 +83,17 @@
self.contentFilters = []
- if config.EnableResponseCache and config.Memcached.Pools.Default.ClientEnabled:
+ if (
+ config.EnableResponseCache and
+ config.Memcached.Pools.Default.ClientEnabled
+ ):
self.responseCache = MemcacheResponseCache(self.fp)
- # These class attributes need to be setup with our memcache notifier
- DirectoryPrincipalResource.cacheNotifierFactory = MemcacheChangeNotifier
+ # These class attributes need to be setup with our memcache\
+ # notifier
+ DirectoryPrincipalResource.cacheNotifierFactory = (
+ MemcacheChangeNotifier
+ )
else:
self.responseCache = DisabledCache()
@@ -96,7 +105,9 @@
def deadProperties(self):
if not hasattr(self, "_dead_properties"):
# Get the property store from super
- deadProperties = namedClass(config.RootResourcePropStoreClass)(self)
+ deadProperties = (
+ namedClass(config.RootResourcePropStoreClass)(self)
+ )
# Wrap the property store in a memory store
if isinstance(deadProperties, xattrPropertyStore):
@@ -158,7 +169,9 @@
request.checkingSACL = True
for collection in self.principalCollections():
- principal = yield collection._principalForURI(authzUser.children[0].children[0].data)
+ principal = yield collection._principalForURI(
+ authzUser.children[0].children[0].data
+ )
if principal is None:
response = (yield UnauthorizedResponse.makeResponse(
request.credentialFactories,
@@ -183,7 +196,10 @@
if access:
returnValue(True)
- log.warn("User %r is not enabled with the %r SACL(s)" % (username, saclServices,))
+ log.warn(
+ "User {user!r} is not enabled with the {sacl!r} SACL(s)",
+ user=username, sacl=saclServices
+ )
raise HTTPError(responsecode.FORBIDDEN)
@@ -227,45 +243,71 @@
token = None
if token is not None and token != "unauthenticated":
- log.debug("Wiki sessionID cookie value: %s" % (token,))
+ log.debug(
+ "Wiki sessionID cookie value: {token}", token=token
+ )
record = None
try:
- uid = (yield uidForAuthToken(token))
+ uid = yield uidForAuthToken(token)
if uid == "unauthenticated":
uid = None
- except WebError, w:
+ except WebError as w:
uid = None
# FORBIDDEN status means it's an unknown token
if int(w.status) == responsecode.NOT_FOUND:
- log.debug("Unknown wiki token: %s" % (token,))
+ log.debug(
+ "Unknown wiki token: {token}", token=token
+ )
else:
- log.error("Failed to look up wiki token %s: %s" %
- (token, w.message,))
+ log.error(
+ "Failed to look up wiki token {token}: "
+ "{message}",
+ token=token, message=w.message
+ )
- except Exception, e:
- log.error("Failed to look up wiki token (%s)" % (e,))
+ except Exception as e:
+ log.error(
+ "Failed to look up wiki token: {error}",
+ error=e
+ )
uid = None
if uid is not None:
- log.debug("Wiki lookup returned uid: %s" % (uid,))
+ log.debug(
+ "Wiki lookup returned uid: {uid}", uid=uid
+ )
principal = None
directory = request.site.resource.getDirectory()
record = yield directory.recordWithUID(uid)
if record is not None:
username = record.shortNames[0]
- log.debug("Wiki user record for user %s : %s" % (username, record))
+ log.debug(
+ "Wiki user record for user {user}: {record}",
+ user=username, record=record
+ )
for collection in self.principalCollections():
- principal = yield collection.principalForRecord(record)
+ principal = (
+ yield collection.principalForRecord(record)
+ )
if principal is not None:
break
if principal:
- log.debug("Wiki-authenticated principal %s being assigned to authnUser and authzUser" % (record.uid,))
- request.authzUser = request.authnUser = davxml.Principal(
- davxml.HRef.fromString("/principals/__uids__/%s/" % (record.uid,))
+ log.debug(
+ "Wiki-authenticated principal {record.uid} "
+ "being assigned to authnUser and authzUser",
+ record=record
)
+ request.authzUser = request.authnUser = (
+ davxml.Principal(
+ davxml.HRef.fromString(
+ "/principals/__uids__/{}/"
+ .format(record.uid)
+ )
+ )
+ )
if not hasattr(request, "authzUser") and config.WebCalendarAuthPath:
topLevel = request.path.strip("/").split("/")[0]
@@ -275,25 +317,27 @@
# Use config.ServerHostName if no x-forwarded-host header,
# otherwise use the final hostname in x-forwarded-host.
- host = request.headers.getRawHeaders("x-forwarded-host",
- [config.ServerHostName])[-1].split(",")[-1].strip()
+ host = request.headers.getRawHeaders(
+ "x-forwarded-host",
+ [config.ServerHostName]
+ )[-1].split(",")[-1].strip()
port = 443 if config.EnableSSL else 80
scheme = "https" if config.EnableSSL else "http"
response = RedirectResponse(
- request.unparseURL(
- host=host,
- port=port,
- scheme=scheme,
- path=config.WebCalendarAuthPath,
- querystring="redirect=%s://%s%s" % (
- scheme,
- host,
- request.path
- )
- ),
- temporary=True
- )
+ request.unparseURL(
+ host=host,
+ port=port,
+ scheme=scheme,
+ path=config.WebCalendarAuthPath,
+ querystring="redirect={}://{}{}".format(
+ scheme,
+ host,
+ request.path
+ )
+ ),
+ temporary=True
+ )
raise HTTPError(response)
# We don't want the /inbox resource to pay attention to SACLs because
@@ -303,10 +347,17 @@
if segments[0] in ("inbox", "timezones"):
request.checkedSACL = True
- elif (len(segments) > 2 and segments[0] in ("calendars", "principals") and
+ elif (
(
- segments[1] == "wikis" or
- (segments[1] == "__uids__" and segments[2].startswith(WikiDirectoryService.uidPrefix))
+ len(segments) > 2 and
+ segments[0] in ("calendars", "principals") and
+ (
+ segments[1] == "wikis" or
+ (
+ segments[1] == "__uids__" and
+ segments[2].startswith(WikiDirectoryService.uidPrefix)
+ )
+ )
)
):
# This is a wiki-related calendar resource. SACLs are not checked.
@@ -321,12 +372,21 @@
else:
wikiName = segments[2][5:]
if wikiName:
- log.debug("Wiki principal %s being assigned to authzUser" % (wikiName,))
+ log.debug(
+ "Wiki principal {name} being assigned to authzUser",
+ name=wikiName
+ )
request.authzUser = davxml.Principal(
- davxml.HRef.fromString("/principals/wikis/%s/" % (wikiName,))
+ davxml.HRef.fromString(
+ "/principals/wikis/{}/".format(wikiName)
+ )
)
- elif self.useSacls and not hasattr(request, "checkedSACL") and not hasattr(request, "checkingSACL"):
+ elif (
+ self.useSacls and
+ not hasattr(request, "checkedSACL") and
+ not hasattr(request, "checkingSACL")
+ ):
yield self.checkSacl(request)
if config.RejectClients:
@@ -337,28 +397,37 @@
if agent is not None:
for reject in config.RejectClients:
if reject.search(agent) is not None:
- log.info("Rejecting user-agent: %s" % (agent,))
+ log.info("Rejecting user-agent: {agent}", agent=agent)
raise HTTPError(StatusResponse(
responsecode.FORBIDDEN,
- "Your client software (%s) is not allowed to access this service." % (agent,)
+ "Your client software ({}) is not allowed to "
+ "access this service."
+ .format(agent)
))
- if config.EnableResponseCache and request.method == "PROPFIND" and not getattr(request, "notInCache", False) and len(segments) > 1:
+ if (
+ config.EnableResponseCache and
+ request.method == "PROPFIND" and
+ not getattr(request, "notInCache", False) and
+ len(segments) > 1
+ ):
try:
- authnUser, authzUser = (yield self.authenticate(request))
+ authnUser, authzUser = yield self.authenticate(request)
request.authnUser = authnUser
request.authzUser = authzUser
except (UnauthorizedLogin, LoginFailed):
- response = (yield UnauthorizedResponse.makeResponse(
+ response = yield UnauthorizedResponse.makeResponse(
request.credentialFactories,
request.remoteAddr
- ))
+ )
raise HTTPError(response)
try:
if not getattr(request, "checkingCache", False):
request.checkingCache = True
- response = (yield self.responseCache.getResponseForRequest(request))
+ response = yield self.responseCache.getResponseForRequest(
+ request
+ )
if response is None:
request.notInCache = True
raise KeyError("Not found in cache.")
@@ -367,7 +436,9 @@
except KeyError:
pass
- child = (yield super(RootResource, self).locateChild(request, segments))
+ child = yield super(RootResource, self).locateChild(
+ request, segments
+ )
returnValue(child)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20140331/6171c9ca/attachment-0001.html>
More information about the calendarserver-changes
mailing list