Home Explore Help
Sign In
mirrors
/
Radicale
mirror of https://github.com/Kozea/Radicale
1
0
Fork 0
Files Issues 0 Wiki
Tree: a17ad1b6a3
Branches Tags
Radicale
/
radicale
/
authorization
/
static.py

static.py 2.1 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. # -*- coding: utf-8 -*-
    2. 

  2. #
    3. 

  3. # This file is part of Radicale Server - Calendar Server
    4. 

  4. # Copyright © 2011-2012 Guillaume Ayoub
    5. 

  5. #
    6. 

  6. # This library is free software: you can redistribute it and/or modify
    7. 

  7. # it under the terms of the GNU General Public License as published by
    8. 

  8. # the Free Software Foundation, either version 3 of the License, or
    9. 

  9. # (at your option) any later version.
    10. 

  10. #
    11. 

  11. # This library is distributed in the hope that it will be useful,
    12. 

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14. # GNU General Public License for more details.
    15. 

  15. #
    16. 

  16. # You should have received a copy of the GNU General Public License
    17. 

  17. # along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18. 

  19. """
    20. 

  20. Radicale authorization module.
    21. 

  21. 

  22. Manages who is authorized to access a collection.
    23. 

  23. 

  24. The policy is that the owner may read and write in
    25. 

  25. all collections and some special rights are hardcoded.
    26. 

  26. 

  27. """
    28. 

  28. 

  29. import os
    30. 

  30. import sys
    31. 

  31. 

  32. from radicale import authorization, config, log
    33. 

  33. from radicale.authorization import owneronly
    34. 

  34. 

  35. 

  36. 

  37. def read_authorized(user, collection):
    38. 

  38.     """Check if the user is allowed to read the collection"""
    39. 

  39.     log.LOGGER.debug("read_authorized '" + user + "' in '" + collection.owner + "/" + collection.name + "'");
    40. 

  40.     
    41. 

  41.     if owneronly.read_authorized(user, collection):
    42. 

  42.         return True
    43. 

  43.     
    44. 

  44.     if user == "user1" and collection.owner == "user2" and collection.name == "user2sharedwithuser1":
    45. 

  45.         return True
    46. 

  46.     if user == "user2" and collection.owner == "user1" and collection.name == "user1sharedwithuser2":
    47. 

  47.         return True
    48. 

  48.     
    49. 

  49.     return False
    50. 

  50. 

  51. 

  52. def write_authorized(user, collection):
    53. 

  53.     """Check if the user is allowed to write the collection"""
    54. 

  54.     log.LOGGER.debug("write_authorized '" + user + "' in '" + collection.owner + "/" + collection.name + "'");
    55. 

  55. 

  56.     if owneronly.write_authorized(user, collection):
    57. 

  57.         return True
    58. 

  58.     
    59. 

  59.     if user == "user1" and collection.owner == "user2" and collection.name == "user2sharedwithuser1":
    60. 

  60.         return True
    61. 

  61.     if user == "user2" and collection.owner == "user1" and collection.name == "user1sharedwithuser2":
    62. 

  62.         return False
    63. 

  63. 

  64.     return False
    65. 

  65.     
    66.