Get configuration keys at runtime, not when module is imported (fixes #64)

radicale/__init__.py

@@ -55,13 +55,6 @@ VERSION = "git"
 # tries to access information they don't have rights to
 NOT_ALLOWED = (client.FORBIDDEN, {}, None)
 
-# Standard "authenticate" response that is returned when a user tries to access
-# non-public information w/o submitting proper authentication credentials
-WRONG_CREDENTIALS = (
-    client.UNAUTHORIZED,
-    {"WWW-Authenticate": "Basic realm=\"%s\"" % config.get("server", "realm")},
-    None)
-
 
 class HTTPServer(wsgiref.simple_server.WSGIServer, object):
     """HTTP server."""
@@ -303,7 +296,11 @@ class Application(object):
         else:
             # Unknown or unauthorized user
             log.LOGGER.info("%s refused" % (user or "Anonymous user"))
-            status, headers, answer = WRONG_CREDENTIALS
+            status = client.UNAUTHORIZED
+            headers = {
+                "WWW-Authenticate":
+                "Basic realm=\"%s\"" % config.get("server", "realm")}
+            answer = None
 
         # Set content length
         if answer:

radicale/rights.py

@@ -50,8 +50,6 @@ except ImportError:
 # pylint: enable=F0401
 
 
-FILENAME = os.path.expanduser(config.get("rights", "file"))
-TYPE = config.get("rights", "type").lower()
 DEFINED_RIGHTS = {
     "owner_write": "[r]\nuser:.*\ncollection:.*\npermission:r\n"
                    "[w]\nuser:.*\ncollection:^%(login)s/.+$\npermission:w",
@@ -60,17 +58,19 @@ DEFINED_RIGHTS = {
 
 def _read_from_sections(user, collection, permission):
     """Get regex sections."""
+    filename = os.path.expanduser(config.get("rights", "file"))
+    rights_type = config.get("rights", "type").lower()
     regex = ConfigParser({"login": user, "path": collection})
-    if TYPE in DEFINED_RIGHTS:
-        log.LOGGER.debug("Rights type '%s'" % TYPE)
-        regex.readfp(io.BytesIO(DEFINED_RIGHTS[TYPE]))
-    elif TYPE == "from_file":
-        log.LOGGER.debug("Reading rights from file %s" % FILENAME)
-        if not regex.read(FILENAME):
-            log.LOGGER.error("File '%s' not found for rights" % FILENAME)
+    if rights_type in DEFINED_RIGHTS:
+        log.LOGGER.debug("Rights type '%s'" % rights_type)
+        regex.readfp(io.BytesIO(DEFINED_RIGHTS[rights_type]))
+    elif rights_type == "from_file":
+        log.LOGGER.debug("Reading rights from file %s" % filename)
+        if not regex.read(filename):
+            log.LOGGER.error("File '%s' not found for rights" % filename)
             return False
     else:
-        log.LOGGER.error("Unknown rights type '%s'" % TYPE)
+        log.LOGGER.error("Unknown rights type '%s'" % rights_type)
         return False
 
     for section in regex.sections():
@@ -92,5 +92,6 @@ def _read_from_sections(user, collection, permission):
 
 def authorized(user, collection, right):
     """Check if the user is allowed to read or write the collection."""
-    return TYPE == "none" or (user and _read_from_sections(
+    rights_type = config.get("rights", "type").lower()
+    return rights_type == "none" or (user and _read_from_sections(
         user, collection.url.rstrip("/") or "/", right))