From 0fe561dd45e8a1f9a46dbb1c1e2e642b367b17d8 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Guido=20G=C3=BCnther?= Date: Fri, 8 Apr 2016 23:35:55 +0200 Subject: [PATCH] Add nopwd ACL This acl only verifies that the passed in username matches the collection owner. No password is verified. This can e.g. be used for GSSAPI authenticaation or HTTP header based authentication after a authenticating reverse proxy. --- calypso/acl/nopwd.py | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 calypso/acl/nopwd.py diff --git a/calypso/acl/nopwd.py b/calypso/acl/nopwd.py new file mode 100644 index 0000000..4ef84ba --- /dev/null +++ b/calypso/acl/nopwd.py @@ -0,0 +1,37 @@ +# -*- coding: utf-8 -*- +# +# This file is part of Calypso Server - Calendar Server +# Copyright © 2016 Guido Günther +# +# This library is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Calypso. If not, see . + +""" +nopwd ACL. + +only verify the user has access, ignore password +""" +import logging +from calypso import config + +log = logging.getLogger() + + +def has_right(owner, user, password): + """Check if ``user`` is valid.""" + log.debug("owner %s user %s", owner, user) + if user == owner or not PERSONAL: + return True + return False + +PERSONAL = config.getboolean("acl", "personal") -- 2.34.1