<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[13017] CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.calendarserver.org//changeset/13017">13017</a></dd>
<dt>Author</dt> <dd>sagen@apple.com</dd>
<dt>Date</dt> <dd>2014-03-27 19:08:34 -0700 (Thu, 27 Mar 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>Remove old wiki service</pre>
<h3>Removed Paths</h3>
<ul>
<li><a href="#CalendarServerbranchesuserssagenmove2who4twistedcaldavdirectorywikipy">CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="CalendarServerbranchesuserssagenmove2who4twistedcaldavdirectorywikipy"></a>
<div class="delfile"><h4>Deleted: CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py (13016 => 13017)</h4>
<pre class="diff"><span>
<span class="info">--- CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py        2014-03-28 02:08:12 UTC (rev 13016)
+++ CalendarServer/branches/users/sagen/move2who-4/twistedcaldav/directory/wiki.py        2014-03-28 02:08:34 UTC (rev 13017)
</span><span class="lines">@@ -1,369 +0,0 @@
</span><del>-##
-# Copyright (c) 2006-2014 Apple Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##
-
-"""
-Directory service implementation for users who are allowed to authorize
-as other principals.
-"""
-
-
-from twisted.internet.defer import inlineCallbacks, returnValue, succeed
-from twistedcaldav.config import config
-from twisted.web.xmlrpc import Proxy, Fault
-from calendarserver.platform.darwin.wiki import accessForUserToWiki
-from twext.python.log import Logger
-
-from twext.internet.gaiendpoint import MultiFailure
-from txweb2 import responsecode
-# from txweb2.auth.wrapper import UnauthorizedResponse
-# from txweb2.dav.resource import TwistedACLInheritable
-from txweb2.http import HTTPError, StatusResponse
-
-from twisted.web.error import Error as WebError
-
-# from twistedcaldav.directory.directory import DirectoryService, \
-# DirectoryRecord, UnknownRecordTypeError
-
-# from txdav.xml import element as davxml
-
-log = Logger()
-
-# class WikiDirectoryService(DirectoryService):
-
-
-class WikiDirectoryService(object):
- """
- L{IDirectoryService} implementation for Wikis.
- """
- baseGUID = "D79EF1E0-9A42-11DD-AD8B-0800200C9A66"
-
- realmName = None
-
- recordType_wikis = "wikis"
-
- UIDPrefix = "wiki-"
-
-
-# def __repr__(self):
-# return "<%s %r>" % (self.__class__.__name__, self.realmName)
-
-
-# def __init__(self):
-# super(WikiDirectoryService, self).__init__()
-# self.byUID = {}
-# self.byShortName = {}
-
-
-# def recordTypes(self):
-# return (WikiDirectoryService.recordType_wikis,)
-
-
-# def listRecords(self, recordType):
-# return ()
-
-
-# def recordWithShortName(self, recordType, shortName):
-# if recordType != WikiDirectoryService.recordType_wikis:
-# raise UnknownRecordTypeError(recordType)
-
-# if shortName in self.byShortName:
-# record = self.byShortName[shortName]
-# return record
-
-# record = self._addRecord(shortName)
-# return record
-
-
-# def recordWithUID(self, uid):
-
-# if uid in self.byUID:
-# record = self.byUID[uid]
-# return record
-
-# if uid.startswith(self.UIDPrefix):
-# shortName = uid[len(self.UIDPrefix):]
-# record = self._addRecord(shortName)
-# return record
-# else:
-# return None
-
-
-# def _addRecord(self, shortName):
-
-# record = WikiDirectoryRecord(
-# self,
-# WikiDirectoryService.recordType_wikis,
-# shortName,
-# None
-# )
-# self.byUID[record.uid] = record
-# self.byShortName[shortName] = record
-# return record
-
-
-
-# class WikiDirectoryRecord(DirectoryRecord):
-# """
-# L{DirectoryRecord} implementation for Wikis.
-# """
-
-# def __init__(self, service, recordType, shortName, entry):
-# super(WikiDirectoryRecord, self).__init__(
-# service=service,
-# recordType=recordType,
-# guid=None,
-# shortNames=(shortName,),
-# fullName=shortName,
-# enabledForCalendaring=True,
-# uid="%s%s" % (WikiDirectoryService.UIDPrefix, shortName),
-# )
-# # Wiki enabling doesn't come from augments db, so enable here...
-# self.enabled = True
-
-
-
-@inlineCallbacks
-def getWikiAccess(userID, wikiID, method=None):
- """
- Ask the wiki server we're paired with what level of access the userID has
- for the given wikiID. Possible values are "read", "write", and "admin"
- (which we treat as "write").
-
- @param userID: the GUID (UUID) of the user's directory record.
- @type userID: L{bytes} (UTF-8)
-
- @param wikiID: the short name of the wiki principal's synthetic directory
- record. (See L{WikiDirectoryService}).
- @type wikiID: L{bytes} (UTF-8)
-
- @return: A string indicating the level of access that the given user has to
- the given wiki. Possible values are:
-
- 1. C{b"no-access"} for read-only access
-
- 2. C{b"no-access"} for read/write access
-
- 3. C{b"no-access"} for administrative access (which, for calendaring
- purposes, should be equialent to read/write)
-
- 4. C{b"no-access"} for a user who is not allowed to see the wiki at
- all.
-
- @rtype: L{bytes}
-
- @raise: L{HTTPError} indicating that there is a problem requesting
- permission information. This may be raised with a few different status
- codes, each indicating a different problem:
-
- 1. L{responsecode.FORBIDDEN}: The user represented by C{userID} did not
- exist.
-
- 2. L{responsecode.NOT_FOUND}: The wiki represented by C{wikiID} did not
- exist.
-
- 3. L{responsecode.SERVICE_UNAVAILABLE}: The service that we are
- checking permissions with is currently offline or responding with an
- unknown fault.
- """
- wikiConfig = config.Authentication.Wiki
- if method is None:
- if wikiConfig.LionCompatibility:
- method = Proxy(wikiConfig["URL"]).callRemote
- else:
- method = accessForUserToWiki
- try:
-
- log.debug("Looking up Wiki ACL for: user [%s], wiki [%s]" % (userID,
- wikiID))
- if wikiConfig.LionCompatibility:
- access = (yield method(wikiConfig["WikiMethod"],
- userID, wikiID))
- else:
- access = (yield method(userID, wikiID,
- host=wikiConfig.CollabHost, port=wikiConfig.CollabPort))
-
- log.debug("Wiki ACL result: user [%s], wiki [%s], access [%s]" %
- (userID, wikiID, access))
- returnValue(access)
-
- except MultiFailure, e:
- log.error("Wiki ACL error: user [%s], wiki [%s], MultiFailure [%s]" %
- (userID, wikiID, e))
- raise HTTPError(StatusResponse(responsecode.SERVICE_UNAVAILABLE,
- "\n".join([str(f) for f in e.failures])))
-
- except Fault, fault:
-
- log.debug("Wiki ACL result: user [%s], wiki [%s], FAULT [%s]" % (userID,
- wikiID, fault))
-
- if fault.faultCode == 2: # non-existent user
- raise HTTPError(StatusResponse(responsecode.FORBIDDEN,
- fault.faultString))
-
- elif fault.faultCode == 12: # non-existent wiki
- raise HTTPError(StatusResponse(responsecode.NOT_FOUND,
- fault.faultString))
-
- else:
- # Unknown fault returned from wiki server. Log the error and
- # return 503 Service Unavailable to the client.
- log.error("Wiki ACL error: user [%s], wiki [%s], FAULT [%s]" %
- (userID, wikiID, fault))
- raise HTTPError(StatusResponse(responsecode.SERVICE_UNAVAILABLE,
- fault.faultString))
-
- except WebError, w:
- status = int(w.status)
-
- log.debug("Wiki ACL result: user [%s], wiki [%s], status [%s]" %
- (userID, wikiID, status))
-
- if status == responsecode.FORBIDDEN: # non-existent user
- raise HTTPError(StatusResponse(responsecode.FORBIDDEN,
- "Unknown User"))
-
- elif status == responsecode.NOT_FOUND: # non-existent wiki
- raise HTTPError(StatusResponse(responsecode.NOT_FOUND,
- "Unknown Wiki"))
-
- else:
- # Unknown fault returned from wiki server. Log the error and
- # return 503 Service Unavailable to the client.
- log.error("Wiki ACL error: user [%s], wiki [%s], status [%s]" %
- (userID, wikiID, status))
- raise HTTPError(StatusResponse(responsecode.SERVICE_UNAVAILABLE,
- w.message))
-
-
-
-# def getWikiACL(resource, request):
-# return succeed(None)
-# @inlineCallbacks
-# def getWikiACL(resource, request):
-# """
-# Ask the wiki server we're paired with what level of access the authnUser has.
-
-# Returns an ACL.
-
-# Wiki authentication is a bit tricky because the end-user accessing a group
-# calendar may not actually be enabled for calendaring. Therefore in that
-# situation, the authzUser will have been replaced with the wiki principal
-# in locateChild( ), so that any changes the user makes will have the wiki
-# as the originator. The authnUser will always be the end-user.
-# """
-# from twistedcaldav.directory.principal import DirectoryPrincipalResource
-
-# if (not hasattr(resource, "record") or
-# resource.record.recordType != WikiDirectoryService.recordType_wikis):
-# returnValue(None)
-
-# if hasattr(request, 'wikiACL'):
-# returnValue(request.wikiACL)
-
-# userID = "unauthenticated"
-# wikiID = resource.record.shortNames[0]
-
-# try:
-# url = str(request.authnUser.children[0])
-# principal = (yield request.locateResource(url))
-# if isinstance(principal, DirectoryPrincipalResource):
-# userID = principal.record.guid
-# except:
-# # TODO: better error handling
-# pass
-
-# try:
-# access = (yield getWikiAccess(userID, wikiID))
-
-# # The ACL we returns has ACEs for the end-user and the wiki principal
-# # in case authzUser is the wiki principal.
-# if access == "read":
-# request.wikiACL = davxml.ACL(
-# davxml.ACE(
-# request.authnUser,
-# davxml.Grant(
-# davxml.Privilege(davxml.Read()),
-# davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
-
-# # We allow write-properties so that direct sharees can change
-# # e.g. calendar color properties
-# davxml.Privilege(davxml.WriteProperties()),
-# ),
-# TwistedACLInheritable(),
-# ),
-# davxml.ACE(
-# davxml.Principal(
-# davxml.HRef.fromString("/principals/wikis/%s/" % (wikiID,))
-# ),
-# davxml.Grant(
-# davxml.Privilege(davxml.Read()),
-# davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
-# ),
-# TwistedACLInheritable(),
-# )
-# )
-# returnValue(request.wikiACL)
-
-# elif access in ("write", "admin"):
-# request.wikiACL = davxml.ACL(
-# davxml.ACE(
-# request.authnUser,
-# davxml.Grant(
-# davxml.Privilege(davxml.Read()),
-# davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
-# davxml.Privilege(davxml.Write()),
-# ),
-# TwistedACLInheritable(),
-# ),
-# davxml.ACE(
-# davxml.Principal(
-# davxml.HRef.fromString("/principals/wikis/%s/" % (wikiID,))
-# ),
-# davxml.Grant(
-# davxml.Privilege(davxml.Read()),
-# davxml.Privilege(davxml.ReadCurrentUserPrivilegeSet()),
-# davxml.Privilege(davxml.Write()),
-# ),
-# TwistedACLInheritable(),
-# )
-# )
-# returnValue(request.wikiACL)
-
-# else: # "no-access":
-
-# if userID == "unauthenticated":
-# # Return a 401 so they have an opportunity to log in
-# response = (yield UnauthorizedResponse.makeResponse(
-# request.credentialFactories,
-# request.remoteAddr,
-# ))
-# raise HTTPError(response)
-
-# raise HTTPError(
-# StatusResponse(
-# responsecode.FORBIDDEN,
-# "You are not allowed to access this wiki"
-# )
-# )
-
-# except HTTPError:
-# # pass through the HTTPError we might have raised above
-# raise
-
-# except Exception, e:
-# log.error("Wiki ACL lookup failed: %s" % (e,))
-# raise HTTPError(StatusResponse(responsecode.SERVICE_UNAVAILABLE, "Wiki ACL lookup failed"))
</del></span></pre>
</div>
</div>
</body>
</html>