TouchInstinct
/
Radicale
310
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
623 Commits 1 Branch 0 Tags 3 MiB
Commit Graph

452 Commits

Author SHA1 Message Date
Guillaume Ayoub 3e893a3420 Merge pull request #142 from mike-perdide/authenticated_feature 
Adding a new "authenticated" ACL type.
 2014-04-15 16:48:19 +02:00
Julien Miotte aabebb5578 Adding a new "authenticated" ACL type. 
When set, all authenticated users will have rw permissions on all
collections, but no anonymous user will be able to read or write any
collection.
 2014-04-09 00:02:39 +02:00
Julien Miotte 963e21212b Renaming the regex.py methods args for coherence. 2014-04-09 00:02:09 +02:00
Julien Miotte 6677dbcdc9 Moving the debug log at the proper place. 
If we don't do this, we might get the following in the logs:

  2014-04-08 20:00:59,354 - DEBUG: Section 'r' matches
  2014-04-08 20:00:59,354 - DEBUG: Section 'r' does not match

which is a bit confusing.
 2014-04-09 00:02:03 +02:00
Markus Kaiserswerth 0dee34b3a8 Add SSL ciphers argument only if supported, fixes Python 2.6 compat 2014-03-19 14:04:25 +01:00
Guillaume Ayoub 45f8e76643 Revert "Follow the depth in REPORT requests" 
This reverts commit 9556508b2a.
 2014-03-05 19:26:42 +01:00
Guillaume Ayoub 9556508b2a Follow the depth in REPORT requests 2014-03-04 01:37:14 +01:00
Guillaume Ayoub 066dffd614 Cut line 2014-03-04 01:08:56 +01:00
Guillaume Ayoub 3bd5b8f0fc Let's try to release 0.9 beta 1 2014-02-24 23:26:40 +01:00
Guillaume Ayoub f9ce1d0e6d Remove the backend/type split for rights in configuration 2014-02-05 14:11:40 +01:00
Guillaume Ayoub 2ad8b57305 Merge branch 'apache_auth' of git://github.com/jaesivsm/Radicale into jaesivsm-apache_auth 
Conflicts:
	radicale/__init__.py
 2014-02-05 13:09:37 +01:00
Guillaume Ayoub 701df2d201 Use environ.get instead of try/except 2014-02-05 13:01:49 +01:00
Guillaume Ayoub f7c7746643 Merge pull request #99 from horazont/fix-preauth 
Fix issues if authentication is done by web server
 2014-02-05 12:59:45 +01:00
Christoph Polcin 3aa992e518 Find collections if necessary 2014-01-19 20:11:47 +01:00
Christoph Polcin 90d82d044c Fix access to collections 
under certain conditions it was possible to pass the final access control
if-clause. the master branch granted access if:

    if ((read_allowed_items or write_allowed_items)
        and (not user or auth.is_authenticated(user, password))) or
        function == self.options or not items:

the easy-connect branch from pull request #95 adds:
    (is_authenticated and function == self.propfind) or

the last `or not items` condition levers out the previous authentication and
access control. that isn't that big secuity issue because in this case there
are no collection and items at all. but "bad" and anonymous users could gather
data and information which not destined for them.

this commit fixes and simplifies the if-clause.
 2014-01-19 20:04:37 +01:00
Christoph Polcin 387e1fee76 Fix calendar/addressbook-home-set in PROPFIND response 2014-01-19 19:35:53 +01:00
Christoph Polcin d09b16c5ad Fix principal-collection-set in PROPFIND response 2014-01-19 19:35:53 +01:00
Christoph Polcin 83db27303f Respond to all authenticated PROPFIND requests 2014-01-19 19:35:46 +01:00
François Schmidts b9ff564c1f not only apache uses REMOTE_USER 
removing the apache mention to make the config more "webserver agnostic"
 2014-01-15 23:01:36 +01:00
François Schmidts 18ea7e4942 removing the user and password getting from main __call__ function 2014-01-15 22:40:33 +01:00
François Schmidts 34163c5020 making radicale support authenticated user from apache 2014-01-15 09:50:22 +01:00
Jonas Wielicki d9df9a36e1 Fix issues if authentication is done by web server 
This patch fixes `user` always being None if the authentication is
offloaded to the webserver, as it is suggested in the documentation.

For normal access, this is not a problem, but it becomes a problem if a
client wants to get the current-user-principal, for which the user name
is required.
 2014-01-14 20:46:47 +01:00
Christoph Polcin 2ddec14535 Fix principal URLs in PROPFIND response 2014-01-05 21:22:53 +01:00
Sergey Fursov 1d0418594d Allow attach custom rights backend, small fix in default config file 2013-12-29 15:13:35 +04:00
Sergey Fursov 3b0328ca1e Allow attach custom storage backend 2013-12-28 14:15:35 +04:00
Sergey Fursov a91a7790c5 Allow attach custom auth handler 2013-12-28 13:31:32 +04:00
Sergey Fursov dca10fa14e Different rights management backends 
Initially only one backend - regular expressions based
 2013-12-25 03:44:24 +04:00
Guillaume Ayoub 0e566e4c97 Merge branch 'apple' 2013-12-24 11:22:57 +01:00
Guillaume Ayoub a7be59b9f7 Merge pull request #92 from cristen/master 
Fix wrong syntax in config file and fix #58
 2013-12-24 02:21:43 -08:00
Jean-Marc Martins 7ac971e022 Fix wrong syntax in config file and fix #58 2013-12-23 16:45:15 +01:00
Guillaume Ayoub fae2b30ec4 Merge branch 'master' of git://github.com/cristen/Radicale into cristen-master 
Conflicts:
	radicale/storage/database.py
	schema.sql
 2013-12-17 14:42:20 +01:00
Jean-Marc Martins 56581a998a Fix database Fix bug #77 HELL YEAH ! 2013-12-17 14:35:55 +01:00
Jean-Marc Martins f377bd1356 Fix ssl protocol 2013-12-13 15:17:30 +01:00
Jean-Marc Martins d765544edd Add ssl protocol and ciphers in config 2013-12-13 14:31:09 +01:00
Guillaume Ayoub 0c2c9c3a7e Store collection's parent in database (bug #77) 2013-10-31 16:07:37 +01:00
Guillaume Ayoub a920518a26 Return an int for __hash__ 2013-10-31 14:05:15 +01:00
Guillaume Ayoub ce8e86af63 Allow read-only access to .well-known/ca(l|rd)av (related to #32) 2013-10-31 13:57:37 +01:00
Guillaume Ayoub 92b3cf41bc Simple try/except import trick 2013-10-29 14:09:46 +01:00
Guillaume Ayoub 830774824e Merge pull request #75 from davidaurelio/master 
Fix python 3 problems with default rights
 2013-10-29 03:16:09 -07:00
Guillaume Ayoub 337d2719be Cosmetics 2013-10-29 09:30:51 +01:00
9m66p93w 6bc745fe45 Replace built-in hash function with hashlib. 
The built-in hash function returns inconsistent values in Python 3.
 2013-10-27 22:55:01 -04:00
David Aurelio fb784c28c4 Fix python 3 problem: 'str' does not support the buffer interface 2013-10-27 22:36:56 +01:00
Guillaume Ayoub fe1cd1d44d Use collection URL instead of main folder as user's main URL (see #32) 2013-10-24 15:31:49 +02:00
Guillaume Ayoub a617c4db26 Fix authentication with Python 3 (see #70) 2013-10-18 14:06:57 +02:00
Guillaume Ayoub 659757f173 Style fixes 2013-10-01 13:04:24 +02:00
Štěpán Henek 7c03089601 Bugfix: auth PAM check for membership in primary and supplementary groups 2013-09-27 21:14:27 +02:00
Štěpán Henek ee687bea18 Bugfix: auth PAM doesn't throw an exception when authenticating without username and password 2013-09-27 20:44:41 +02:00
Guillaume Ayoub 07f7e46b3e Small fixes 2013-09-25 13:04:14 +02:00
Jean-Marc Martins a631c8c761 Fix compatibility between python2 and 3 2013-09-19 14:40:03 +02:00
Jean-Marc Martins 6c40f5e24a Merge branch 'authentication' of github.com:cristen/Radicale into authentication 2013-09-13 17:41:21 +02:00