[CalendarServer-dev] Create Users API

Andre LaBranche dre at apple.com
Thu Mar 31 13:18:25 PDT 2016 

Hi,

> On Mar 31, 2016, at 12:54 PM, Maximiliano Sbrocca <maximiliano.sbrocca at santexgroup.com> wrote:
> 
> Many thanks Andre for your reply. For sure that this helps.
> 
> One more question. As you said, in my tests I'm using the XMLs where I previously created the users I need (I would use the default ones too). I saw that if you try to sync a Calendar client for an account or user that doesn't exist, you'll get an error. 
> 
> My question is: if you choose as auth method LDAP are the users inside the server synchronized automatically? 

Yes, although I wouldn't use the word 'synchronized' as that implies (to me anyway) that CalendarServer maintains a complete copy of everything that is also in LDAP, and that is not the case.

When configured to use LDAP, CalendarServer will query LDAP for any and all principal lookups. All the LDAP interactions are funneled through a 'sidecar' process we call the DirectoryProxy - this process does not service CalDAV requests, and exists only to serve other CalendarServer processes. The communication between CalDAV processes and the DirectoryProxy happens over a unix domain socket. We maintain two levels of caching of LDAP data, to reduce LDAP traffic, both with configurable timeouts. One cache is in the sidecar, and another is in each individual CalDAV daemon. So although CalendarServer can use any of the records in LDAP, it will only fetch and cache records that are used by clients or otherwise referenced by calendar data.

To customize the cache timeouts, use the following caldavd.plist options <http://trac.calendarserver.org/browser/CalendarServer/trunk/conf/caldavd-stdconfig.plist#L1701>. If not specified, the default values shown below will be used.

        <key>DirectoryProxy</key>
	<dict>
                <key>InProcessCachingSeconds</key>
                <integer>60</integer>

                <key>InSidecarCachingSeconds</key>
                <integer>120</integer>
        </dict>

Cheers,
-dre


> 
> Regards!
> Maxi
> 
> On Thu, Mar 31, 2016 at 3:43 PM, Andre LaBranche <dre at apple.com <mailto:dre at apple.com>> wrote:
> Hello,
> 
> Replies inline.
> 
>> On Mar 31, 2016, at 6:41 AM, Maximiliano Sbrocca <maximiliano.sbrocca at santexgroup.com <mailto:maximiliano.sbrocca at santexgroup.com>> wrote:
>> 
>> Hello everybody,
>> 
>> 
>>     My name is Maxi and I'm analyzing caldav servers to implement in the company I'm working for. The company has an app where events are created. Once it happen, emails are sent with ICS files. The idea is to also save the events in the caldav server. I've this part working (dev mode) by calling the Darwin API (http://localhost:8008/calendars/users/ <http://localhost:8008/calendars/users/><USER>/calendar/<ICS-File>.ics and the ics file content in the request body). Then users will be able to sync their events against the caldav server. (This is also working. I was able to sync my events using Evolution and Thunderbird).
>> 
>>      What I need now, is some help with the API part for users creation. 
> 
> There is no such API. CalendarServer itself does not act as a directory service; instead it accesses an existing directory service in a read-only fashion to acquire the various record types used by the service. The options for the directory backend are: XML files, such as the ones you see in the SVN checkout under conf/auth, or LDAP.
> 
> The calendarserver_manage_princinpals tool does allow for creating location, resource, or 'address' records (address records are used to support newer geo features), but not user records. For production uses, we generally don't recommend using the XML file method as it's not very interoperable. The interoperable, production-grade option is LDAP. You are still free to spin your own workflow around modification of the XML files, which might still be the path of least resistance if you don't need to interoperate with a lot of other things.
> 
> Hope this helps,
> -dre
> 
>>      Logged as the admin (admin/admin) I'm making PUT calls to:
>> 
>> http://localhost:8008/calendars/users/ <http://localhost:8008/calendars/users/>
>> 
>>      The request header has Authorization - Basic for admin/admin and the body I'm sending is:
>> 
>> <record type="user">
>>     <short-name>maxi.sbrocca</short-name>
>>     <uid>maxi.sbrocca</uid>
>>     <password>password</password>
>>     <full-name>Maxi Sbrocca</full-name>
>>     <email>maximiliano.sbrocca at santexgroup.com <mailto:maximiliano.sbrocca at santexgroup.com></email>
>>   </record>
>> 
>> 
>>      And the response error I'm getting is:
>> 
>> <?xml version='1.0' encoding='UTF-8'?>
>> <error xmlns='DAV:'>
>>     <need-privileges>
>>         <resource>
>>             <href>/calendars/users/</href>
>>             <privilege>
>>                 <write-content/>
>>             </privilege>
>>         </resource>
>>     </need-privileges>
>> </error>
>> 
>>     I'm not seeing any console log error:
>> 
>> 2016-03-31T10:40:24-0300 [caldav-0]  [txweb2.server#info] PUT /calendars/users/ HTTP/1.1
>> 
>>      Could you please help me to find out what I'm doing wrong?
>>    
>> Thanks in advance,
>> -- 
>> Sbrocca Hector Maximiliano
>> Software Engineer
>> 
>> 
>> 
>> Vélez Sársfield 576  4° piso.  
>> Córdoba, Argentina.              
>> +54 (0351) 589 7070     
>> www.santexgroup.com <http://www.santexgroup.com/>
>> 
>> Follow us
>> 
>>  <https://www.facebook.com/SantexGroup>  <https://twitter.com/santexgroup>  <https://plus.google.com/+Santexgroup/posts>  <https://www.linkedin.com/company/129740?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A129740%2Cidx%3A1-1-1%2CtarId%3A1442929736721%2Ctas%3Asantex>  <https://www.youtube.com/user/TheSantexChannel>  <http://santexgroup.com/blog/>_______________________________________________
>> calendarserver-dev mailing list
>> calendarserver-dev at lists.macosforge.org <mailto:calendarserver-dev at lists.macosforge.org>
>> https://lists.macosforge.org/mailman/listinfo/calendarserver-dev <https://lists.macosforge.org/mailman/listinfo/calendarserver-dev>
> 
> 
> 
> 
> -- 
> Sbrocca Hector Maximiliano
> Software Engineer
> 
> 
> 
> Vélez Sársfield 576  4° piso.  
> Córdoba, Argentina.              
> +54 (0351) 589 7070     
> www.santexgroup.com <http://www.santexgroup.com/>
> 
> Follow us
> 
>  <https://www.facebook.com/SantexGroup>  <https://twitter.com/santexgroup>  <https://plus.google.com/+Santexgroup/posts>  <https://www.linkedin.com/company/129740?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A129740%2Cidx%3A1-1-1%2CtarId%3A1442929736721%2Ctas%3Asantex>  <https://www.youtube.com/user/TheSantexChannel>  <http://santexgroup.com/blog/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-dev/attachments/20160331/7adcd129/attachment-0001.html>

More information about the calendarserver-dev mailing list