Radicale/radicale/rights/from_file.py

# This file is part of Radicale - CalDAV and CardDAV server
# Copyright © 2012-2017 Guillaume Ayoub
# Copyright © 2017-2021 Unrud <unrud@outlook.com>
# Copyright © 2024-2024 Peter Bieringer <pb@bieringer.de>
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Radicale.  If not, see <http://www.gnu.org/licenses/>.

"""
Rights backend based on a regex-based file whose name is specified in the
config (section "rights", key "file").

The login is matched against the "user" key, and the collection path
is matched against the "collection" key. In the "collection" regex you can use
`{user}` and get groups from the "user" regex with `{0}`, `{1}`, etc.
In consequence of the parameter substitution you have to write `{{` and `}}`
if you want to use regular curly braces in the "user" and "collection" regexes.

For example, for the "user" key, ".+" means "authenticated user" and ".*"
means "anybody" (including anonymous users).

Section names are only used for naming the rule.

Leading or ending slashes are trimmed from collection's path.

"""

import configparser
import re

from radicale import config, pathutils, rights
from radicale.log import logger


class Rights(rights.BaseRights):

    _filename: str

    def __init__(self, configuration: config.Configuration) -> None:
        super().__init__(configuration)
        self._filename = configuration.get("rights", "file")
        self._log_rights_rule_doesnt_match_on_debug = configuration.get("logging", "rights_rule_doesnt_match_on_debug")
        self._rights_config = configparser.ConfigParser()
        try:
            with open(self._filename, "r") as f:
                self._rights_config.read_file(f)
            logger.debug("Read rights file")
        except Exception as e:
            raise RuntimeError("Failed to load rights file %r: %s" %
                               (self._filename, e)) from e

    def authorization(self, user: str, path: str) -> str:
        user = user or ""
        sane_path = pathutils.strip_path(path)
        # Prevent "regex injection"
        escaped_user = re.escape(user)
        if not self._log_rights_rule_doesnt_match_on_debug:
            logger.debug("logging of rules which doesn't match suppressed by config/option [logging] rights_rule_doesnt_match_on_debug")
        for section in self._rights_config.sections():
            group_match = None
            user_match = None
            try:
                user_pattern = self._rights_config.get(section, "user", fallback="")
                collection_pattern = self._rights_config.get(section, "collection")
                allowed_groups = self._rights_config.get(section, "groups", fallback="").split(",")
                try:
                    group_match = len(self._user_groups.intersection(allowed_groups)) > 0
                except Exception:
                    pass
                # Use empty format() for harmonized handling of curly braces
                if user_pattern != "":
                    user_match = re.fullmatch(user_pattern.format(), user)
                user_collection_match = user_match and re.fullmatch(
                    collection_pattern.format(
                        *(re.escape(s) for s in user_match.groups()),
                        user=escaped_user), sane_path)
                group_collection_match = group_match and re.fullmatch(
                    collection_pattern.format(user=escaped_user), sane_path)
            except Exception as e:
                raise RuntimeError("Error in section %r of rights file %r: "
                                   "%s" % (section, self._filename, e)) from e
            if user_match and user_collection_match:
                permission = self._rights_config.get(section, "permissions")
                logger.debug("Rule %r:%r matches %r:%r from section %r permission %r",
                             user, sane_path, user_pattern,
                             collection_pattern, section, permission)
                return permission
            if group_match and group_collection_match:
                permission = self._rights_config.get(section, "permissions")
                logger.debug("Rule %r:%r matches %r:%r from section %r permission %r by group membership",
                             user, sane_path, user_pattern,
                             collection_pattern, section, permission)
                return permission
            if self._log_rights_rule_doesnt_match_on_debug:
                logger.debug("Rule %r:%r doesn't match %r:%r from section %r",
                             user, sane_path, user_pattern, collection_pattern,
                             section)
        logger.debug("Rights: %r:%r doesn't match any section", user, sane_path)
        return ""
Change name in file header 2021-12-08 21:45:42 +01:00			`# This file is part of Radicale - CalDAV and CardDAV server`
refactor 2018-08-28 16:19:36 +02:00			`# Copyright © 2012-2017 Guillaume Ayoub`
update copyright 2024-12-03 21:20:44 +01:00			`# Copyright © 2017-2021 Unrud <unrud@outlook.com>`
			`# Copyright © 2024-2024 Peter Bieringer <pb@bieringer.de>`
refactor 2018-08-28 16:19:36 +02:00			`#`
			`# This library is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU General Public License as published by`
			`# the Free Software Foundation, either version 3 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# This library is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License`
			`# along with Radicale. If not, see <http://www.gnu.org/licenses/>.`

Improve documentation 2020-01-12 23:32:28 +01:00			`"""`
			`Rights backend based on a regex-based file whose name is specified in the`
from_file rights: Replace config parser interpolation 2020-04-22 19:20:24 +02:00			`config (section "rights", key "file").`
Improve documentation 2020-01-12 23:32:28 +01:00
from_file rights: Replace config parser interpolation 2020-04-22 19:20:24 +02:00			`The login is matched against the "user" key, and the collection path`
			`is matched against the "collection" key. In the "collection" regex you can use`
			`{user}` and get groups from the "user" regex with `{0}`, `{1}`, etc.
fix misspellings 2024-07-24 11:22:49 +02:00			In consequence of the parameter substitution you have to write `{{` and `}}`
from_file rights: Replace config parser interpolation 2020-04-22 19:20:24 +02:00			`if you want to use regular curly braces in the "user" and "collection" regexes.`
Improve documentation 2020-01-12 23:32:28 +01:00
			`For example, for the "user" key, ".+" means "authenticated user" and ".*"`
			`means "anybody" (including anonymous users).`

			`Section names are only used for naming the rule.`

			`Leading or ending slashes are trimmed from collection's path.`

			`"""`

Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`import configparser`
refactor 2018-08-28 16:19:36 +02:00			`import re`

More type hints 2021-07-26 20:56:46 +02:00			`from radicale import config, pathutils, rights`
refactor 2018-08-28 16:19:36 +02:00			`from radicale.log import logger`


			`class Rights(rights.BaseRights):`
More type hints 2021-07-26 20:56:46 +02:00
			`_filename: str`

			`def __init__(self, configuration: config.Configuration) -> None:`
refactor 2018-08-28 16:19:36 +02:00			`super().__init__(configuration)`
Prefix internal attributes with underscore 2020-01-19 18:01:13 +01:00			`self._filename = configuration.get("rights", "file")`
align option name 2024-08-28 08:59:32 +02:00			`self._log_rights_rule_doesnt_match_on_debug = configuration.get("logging", "rights_rule_doesnt_match_on_debug")`
Increase performace: open and parse rigts file only by starting. Hanlde right sections without user. 2024-09-21 18:39:39 +02:00			`self._rights_config = configparser.ConfigParser()`
			`try:`
			`with open(self._filename, "r") as f:`
			`self._rights_config.read_file(f)`
			`logger.debug("Read rights file")`
			`except Exception as e:`
			`raise RuntimeError("Failed to load rights file %r: %s" %`
			`(self._filename, e)) from e`
refactor 2018-08-28 16:19:36 +02:00
More type hints 2021-07-26 20:56:46 +02:00			`def authorization(self, user: str, path: str) -> str:`
refactor 2018-08-28 16:19:36 +02:00			`user = user or ""`
assert sanitized and stripped paths 2018-08-28 16:19:50 +02:00			`sane_path = pathutils.strip_path(path)`
refactor 2018-08-28 16:19:36 +02:00			`# Prevent "regex injection"`
from_file rights: Replace config parser interpolation 2020-04-22 19:20:24 +02:00			`escaped_user = re.escape(user)`
align option name 2024-08-28 08:59:32 +02:00			`if not self._log_rights_rule_doesnt_match_on_debug:`
			`logger.debug("logging of rules which doesn't match suppressed by config/option [logging] rights_rule_doesnt_match_on_debug")`
Increase performace: open and parse rigts file only by starting. Hanlde right sections without user. 2024-09-21 18:39:39 +02:00			`for section in self._rights_config.sections():`
Adapt function template discovery to the implementation 2024-09-22 18:38:21 +02:00			`group_match = None`
			`user_match = None`
refactor 2018-08-28 16:19:36 +02:00			`try:`
Increase performace: open and parse rigts file only by starting. Hanlde right sections without user. 2024-09-21 18:39:39 +02:00			`user_pattern = self._rights_config.get(section, "user", fallback="")`
			`collection_pattern = self._rights_config.get(section, "collection")`
			`allowed_groups = self._rights_config.get(section, "groups", fallback="").split(",")`
Implementing group based collection matching. Optimize rights evaluation. 2022-02-21 08:36:10 +01:00			`try:`
Apply suggestions of mypy 2024-09-11 09:13:26 +02:00			`group_match = len(self._user_groups.intersection(allowed_groups)) > 0`
Fix the problems found by flake8. 2024-09-11 08:12:08 +02:00			`except Exception:`
Implementing group based collection matching. Optimize rights evaluation. 2022-02-21 08:36:10 +01:00			`pass`
from_file rights: Replace config parser interpolation 2020-04-22 19:20:24 +02:00			`# Use empty format() for harmonized handling of curly braces`
Increase performace: open and parse rigts file only by starting. Hanlde right sections without user. 2024-09-21 18:39:39 +02:00			`if user_pattern != "":`
			`user_match = re.fullmatch(user_pattern.format(), user)`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`user_collection_match = user_match and re.fullmatch(`
refactor 2018-08-28 16:19:36 +02:00			`collection_pattern.format(`
More type hints 2021-07-26 20:56:46 +02:00			`*(re.escape(s) for s in user_match.groups()),`
from_file rights: Replace config parser interpolation 2020-04-22 19:20:24 +02:00			`user=escaped_user), sane_path)`
Skip group collection match when groups are not used 2024-12-07 18:24:29 +00:00			`group_collection_match = group_match and re.fullmatch(`
			`collection_pattern.format(user=escaped_user), sane_path)`
refactor 2018-08-28 16:19:36 +02:00			`except Exception as e:`
			`raise RuntimeError("Error in section %r of rights file %r: "`
Prefix internal attributes with underscore 2020-01-19 18:01:13 +01:00			`"%s" % (section, self._filename, e)) from e`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`if user_match and user_collection_match:`
Increase performace: open and parse rigts file only by starting. Hanlde right sections without user. 2024-09-21 18:39:39 +02:00			`permission = self._rights_config.get(section, "permissions")`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`logger.debug("Rule %r:%r matches %r:%r from section %r permission %r",`
			`user, sane_path, user_pattern,`
			`collection_pattern, section, permission)`
			`return permission`
			`if group_match and group_collection_match:`
Increase performace: open and parse rigts file only by starting. Hanlde right sections without user. 2024-09-21 18:39:39 +02:00			`permission = self._rights_config.get(section, "permissions")`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`logger.debug("Rule %r:%r matches %r:%r from section %r permission %r by group membership",`
refactor 2018-08-28 16:19:36 +02:00			`user, sane_path, user_pattern,`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`collection_pattern, section, permission)`
			`return permission`
align option name 2024-08-28 08:59:32 +02:00			`if self._log_rights_rule_doesnt_match_on_debug:`
Enhancement: add option to toggle debug log of right with doesn't match 2024-08-28 08:03:16 +02:00			`logger.debug("Rule %r:%r doesn't match %r:%r from section %r",`
align option name 2024-08-28 08:59:32 +02:00			`user, sane_path, user_pattern, collection_pattern,`
			`section)`
Fix: debug logging in rights/from_file 2024-12-03 21:19:12 +01:00			`logger.debug("Rights: %r:%r doesn't match any section", user, sane_path)`
refactor 2018-08-28 16:19:36 +02:00			`return ""`