2010-01-15 00:15:41 +01:00
|
|
|
# -*- coding: utf-8 -*-
|
2008-12-30 16:25:42 +00:00
|
|
|
#
|
|
|
|
|
# This file is part of Radicale Server - Calendar Server
|
2011-01-09 17:46:22 +01:00
|
|
|
# Copyright © 2008-2011 Guillaume Ayoub
|
2009-07-27 15:04:54 +00:00
|
|
|
# Copyright © 2008 Nicolas Kandel
|
|
|
|
|
# Copyright © 2008 Pascal Halter
|
2008-12-30 16:25:42 +00:00
|
|
|
#
|
|
|
|
|
# This library is free software: you can redistribute it and/or modify
|
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
# (at your option) any later version.
|
|
|
|
|
#
|
|
|
|
|
# This library is distributed in the hope that it will be useful,
|
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
|
#
|
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
|
# along with Radicale. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
2010-01-19 20:31:21 +01:00
|
|
|
"""
|
|
|
|
|
Radicale Server module.
|
|
|
|
|
|
|
|
|
|
This module offers 3 useful classes:
|
|
|
|
|
|
|
|
|
|
- ``HTTPServer`` is a simple HTTP server;
|
|
|
|
|
- ``HTTPSServer`` is a HTTPS server, wrapping the HTTP server in a socket
|
|
|
|
|
managing SSL connections;
|
|
|
|
|
- ``CalendarHTTPHandler`` is a CalDAV request handler for HTTP(S) servers.
|
|
|
|
|
|
|
|
|
|
To use this module, you should take a look at the file ``radicale.py`` that
|
|
|
|
|
should have been included in this package.
|
|
|
|
|
|
|
|
|
|
"""
|
|
|
|
|
|
2010-02-10 23:52:50 +01:00
|
|
|
import os
|
2010-04-09 21:52:15 +02:00
|
|
|
import posixpath
|
2010-01-21 18:52:53 +01:00
|
|
|
import base64
|
2010-01-19 17:49:32 +01:00
|
|
|
import socket
|
2010-02-10 23:52:50 +01:00
|
|
|
# Manage Python2/3 different modules
|
2010-06-05 01:18:59 +02:00
|
|
|
# pylint: disable=F0401
|
2010-01-15 16:04:03 +01:00
|
|
|
try:
|
|
|
|
|
from http import client, server
|
|
|
|
|
except ImportError:
|
|
|
|
|
import httplib as client
|
|
|
|
|
import BaseHTTPServer as server
|
2010-06-05 01:18:59 +02:00
|
|
|
# pylint: enable=F0401
|
2008-12-30 16:25:42 +00:00
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
from radicale import acl, config, ical, log, xmlutils
|
2010-02-10 18:57:21 +01:00
|
|
|
|
2010-01-21 18:52:53 +01:00
|
|
|
|
2010-08-07 23:37:05 +02:00
|
|
|
VERSION = "git"
|
2010-05-31 00:49:52 +02:00
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
# Decorators can access ``request`` protected functions
|
|
|
|
|
# pylint: disable=W0212
|
|
|
|
|
|
2010-02-10 18:57:21 +01:00
|
|
|
def _check(request, function):
|
2010-01-21 18:52:53 +01:00
|
|
|
"""Check if user has sufficient rights for performing ``request``."""
|
2011-04-10 18:17:06 +02:00
|
|
|
if not request._calendar or not request.server.acl:
|
2011-02-12 12:05:02 +01:00
|
|
|
return function(request)
|
|
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
log.LOGGER.info("Checking rights for %s" % request._calendar.owner)
|
|
|
|
|
|
2010-01-21 18:52:53 +01:00
|
|
|
authorization = request.headers.get("Authorization", None)
|
|
|
|
|
if authorization:
|
|
|
|
|
challenge = authorization.lstrip("Basic").strip().encode("ascii")
|
2010-04-09 21:53:00 +02:00
|
|
|
plain = request._decode(base64.b64decode(challenge))
|
2010-01-21 18:52:53 +01:00
|
|
|
user, password = plain.split(":")
|
|
|
|
|
else:
|
|
|
|
|
user = password = None
|
|
|
|
|
|
2010-07-03 16:27:48 +02:00
|
|
|
if request.server.acl.has_right(request._calendar.owner, user, password):
|
2010-01-21 18:52:53 +01:00
|
|
|
function(request)
|
2011-04-10 18:17:06 +02:00
|
|
|
log.LOGGER.info("%s allowed" % request._calendar.owner)
|
2010-01-21 18:52:53 +01:00
|
|
|
else:
|
|
|
|
|
request.send_response(client.UNAUTHORIZED)
|
|
|
|
|
request.send_header(
|
|
|
|
|
"WWW-Authenticate",
|
|
|
|
|
"Basic realm=\"Radicale Server - Password Required\"")
|
|
|
|
|
request.end_headers()
|
2011-04-10 18:17:06 +02:00
|
|
|
log.LOGGER.info("%s refused" % request._calendar.owner)
|
|
|
|
|
|
|
|
|
|
def _log_request_content(request, function):
|
|
|
|
|
"""Log the content of the request and store it in the request object."""
|
|
|
|
|
log.LOGGER.info(
|
|
|
|
|
"%s request at %s recieved from %s" % (
|
|
|
|
|
request.command, request.path, request.client_address[0]))
|
|
|
|
|
|
|
|
|
|
content_length = int(request.headers.get("Content-Length", 0))
|
|
|
|
|
if content_length:
|
|
|
|
|
request._content = request.rfile.read(content_length)
|
|
|
|
|
log.LOGGER.debug("Request content:\n%s" % request._content)
|
|
|
|
|
else:
|
|
|
|
|
request._content = None
|
|
|
|
|
|
|
|
|
|
return function(request)
|
|
|
|
|
|
|
|
|
|
# pylint: enable=W0212
|
2010-01-21 18:52:53 +01:00
|
|
|
|
2008-12-30 16:25:42 +00:00
|
|
|
|
2010-01-19 20:31:21 +01:00
|
|
|
class HTTPServer(server.HTTPServer):
|
|
|
|
|
"""HTTP server."""
|
2010-09-12 13:13:21 +02:00
|
|
|
PROTOCOL = "http"
|
|
|
|
|
|
2010-04-13 00:41:56 +02:00
|
|
|
# Maybe a Pylint bug, ``__init__`` calls ``server.HTTPServer.__init__``
|
2010-06-05 01:18:59 +02:00
|
|
|
# pylint: disable=W0231
|
2011-04-02 21:45:45 +02:00
|
|
|
def __init__(self, address, handler, bind_and_activate=True):
|
2010-01-21 18:52:53 +01:00
|
|
|
"""Create server."""
|
2011-04-02 21:45:45 +02:00
|
|
|
ipv6 = ":" in address[0]
|
2011-02-08 19:27:00 +01:00
|
|
|
|
2011-04-02 21:45:45 +02:00
|
|
|
if ipv6:
|
2011-02-08 19:27:00 +01:00
|
|
|
self.address_family = socket.AF_INET6
|
|
|
|
|
|
2011-04-02 21:45:45 +02:00
|
|
|
# Do not bind and activate, as we might change socketopts
|
|
|
|
|
server.HTTPServer.__init__(self, address, handler, False)
|
2011-02-08 19:27:00 +01:00
|
|
|
|
2011-04-02 21:45:45 +02:00
|
|
|
if ipv6:
|
|
|
|
|
# Only allow IPv6 connections to the IPv6 socket
|
2011-02-08 19:27:00 +01:00
|
|
|
self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, 1)
|
|
|
|
|
|
|
|
|
|
if bind_and_activate:
|
|
|
|
|
self.server_bind()
|
|
|
|
|
self.server_activate()
|
|
|
|
|
|
2010-01-21 18:52:53 +01:00
|
|
|
self.acl = acl.load()
|
2010-06-05 01:18:59 +02:00
|
|
|
# pylint: enable=W0231
|
2010-01-19 17:49:32 +01:00
|
|
|
|
2010-02-10 18:57:21 +01:00
|
|
|
|
2010-01-19 17:49:32 +01:00
|
|
|
class HTTPSServer(HTTPServer):
|
2010-01-19 20:31:21 +01:00
|
|
|
"""HTTPS server."""
|
2010-09-12 13:13:21 +02:00
|
|
|
PROTOCOL = "https"
|
2011-01-09 17:41:42 +01:00
|
|
|
|
2011-04-02 21:45:45 +02:00
|
|
|
def __init__(self, address, handler, bind_and_activate=True):
|
2010-01-19 20:31:21 +01:00
|
|
|
"""Create server by wrapping HTTP socket in an SSL socket."""
|
2010-01-19 17:49:32 +01:00
|
|
|
# Fails with Python 2.5, import if needed
|
2010-06-05 01:18:59 +02:00
|
|
|
# pylint: disable=F0401
|
2010-01-19 17:49:32 +01:00
|
|
|
import ssl
|
2010-06-05 01:18:59 +02:00
|
|
|
# pylint: enable=F0401
|
2010-01-19 17:49:32 +01:00
|
|
|
|
2011-02-08 19:27:00 +01:00
|
|
|
HTTPServer.__init__(self, address, handler, False)
|
2010-01-19 17:49:32 +01:00
|
|
|
self.socket = ssl.wrap_socket(
|
2011-04-02 21:45:45 +02:00
|
|
|
self.socket,
|
2010-04-10 00:18:38 +02:00
|
|
|
server_side=True,
|
2010-01-19 17:49:32 +01:00
|
|
|
certfile=config.get("server", "certificate"),
|
|
|
|
|
keyfile=config.get("server", "key"),
|
|
|
|
|
ssl_version=ssl.PROTOCOL_SSLv23)
|
2011-02-08 19:27:00 +01:00
|
|
|
|
|
|
|
|
if bind_and_activate:
|
|
|
|
|
self.server_bind()
|
|
|
|
|
self.server_activate()
|
2010-01-19 17:49:32 +01:00
|
|
|
|
2010-02-10 18:57:21 +01:00
|
|
|
|
2010-01-19 17:49:32 +01:00
|
|
|
class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
2010-01-10 18:55:32 +01:00
|
|
|
"""HTTP requests handler for calendars."""
|
2010-01-19 20:31:21 +01:00
|
|
|
_encoding = config.get("encoding", "request")
|
|
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
# Request handlers decorators
|
2010-02-10 18:57:21 +01:00
|
|
|
check_rights = lambda function: lambda request: _check(request, function)
|
2011-04-10 18:17:06 +02:00
|
|
|
log_request_content = \
|
|
|
|
|
lambda function: lambda request: _log_request_content(request, function)
|
|
|
|
|
|
|
|
|
|
# Maybe a Pylint bug, ``__init__`` calls ``server.HTTPServer.__init__``
|
|
|
|
|
# pylint: disable=W0231
|
|
|
|
|
def __init__(self, request, client_address, http_server):
|
|
|
|
|
self._content = None
|
|
|
|
|
self._answer = None
|
|
|
|
|
server.BaseHTTPRequestHandler.__init__(
|
|
|
|
|
self, request, client_address, http_server)
|
|
|
|
|
# pylint: enable=W0231
|
2010-02-10 18:57:21 +01:00
|
|
|
|
2010-01-19 20:31:21 +01:00
|
|
|
@property
|
2010-02-10 23:52:50 +01:00
|
|
|
def _calendar(self):
|
2010-02-11 01:41:24 +01:00
|
|
|
"""The ``ical.Calendar`` object corresponding to the given path."""
|
2010-04-09 21:52:15 +02:00
|
|
|
# ``self.path`` must be something like a posix path
|
2010-02-10 23:52:50 +01:00
|
|
|
# ``normpath`` should clean malformed and malicious request paths
|
2010-04-09 21:52:15 +02:00
|
|
|
attributes = posixpath.normpath(self.path.strip("/")).split("/")
|
2011-04-10 19:17:35 +02:00
|
|
|
if attributes:
|
|
|
|
|
path = "/".join(attributes[:min(len(attributes), 2)])
|
2010-02-11 01:41:24 +01:00
|
|
|
return ical.Calendar(path)
|
2008-12-30 16:25:42 +00:00
|
|
|
|
2010-02-10 23:52:50 +01:00
|
|
|
def _decode(self, text):
|
2010-01-21 18:52:53 +01:00
|
|
|
"""Try to decode text according to various parameters."""
|
|
|
|
|
# List of charsets to try
|
|
|
|
|
charsets = []
|
|
|
|
|
|
|
|
|
|
# First append content charset given in the request
|
2010-04-09 21:56:20 +02:00
|
|
|
content_type = self.headers.get("Content-Type", None)
|
2010-02-10 18:57:21 +01:00
|
|
|
if content_type and "charset=" in content_type:
|
|
|
|
|
charsets.append(content_type.split("charset=")[1].strip())
|
2010-01-21 18:52:53 +01:00
|
|
|
# Then append default Radicale charset
|
|
|
|
|
charsets.append(self._encoding)
|
|
|
|
|
# Then append various fallbacks
|
|
|
|
|
charsets.append("utf-8")
|
|
|
|
|
charsets.append("iso8859-1")
|
|
|
|
|
|
|
|
|
|
# Try to decode
|
|
|
|
|
for charset in charsets:
|
|
|
|
|
try:
|
|
|
|
|
return text.decode(charset)
|
|
|
|
|
except UnicodeDecodeError:
|
|
|
|
|
pass
|
|
|
|
|
raise UnicodeDecodeError
|
|
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
def log_message(self, *args, **kwargs):
|
|
|
|
|
"""Disable inner logging management."""
|
|
|
|
|
|
2010-02-10 18:57:21 +01:00
|
|
|
# Naming methods ``do_*`` is OK here
|
2010-06-05 01:18:59 +02:00
|
|
|
# pylint: disable=C0103
|
2010-02-10 18:57:21 +01:00
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
@log_request_content
|
2010-01-16 13:33:50 +01:00
|
|
|
def do_GET(self):
|
2010-01-19 20:31:21 +01:00
|
|
|
"""Manage GET request."""
|
2010-06-27 01:45:49 +02:00
|
|
|
self.do_HEAD()
|
2010-12-20 15:49:48 +01:00
|
|
|
if self._answer:
|
|
|
|
|
self.wfile.write(self._answer)
|
2010-06-27 01:45:49 +02:00
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
@log_request_content
|
2010-06-27 01:45:49 +02:00
|
|
|
@check_rights
|
|
|
|
|
def do_HEAD(self):
|
|
|
|
|
"""Manage HEAD request."""
|
2010-06-24 00:36:00 +02:00
|
|
|
item_name = xmlutils.name_from_path(self.path)
|
2010-04-19 16:09:50 +02:00
|
|
|
if item_name:
|
|
|
|
|
# Get calendar item
|
|
|
|
|
item = self._calendar.get_item(item_name)
|
2010-09-07 01:42:20 +02:00
|
|
|
if item:
|
|
|
|
|
items = self._calendar.timezones
|
|
|
|
|
items.append(item)
|
|
|
|
|
answer_text = ical.serialize(
|
|
|
|
|
headers=self._calendar.headers, items=items)
|
|
|
|
|
etag = item.etag
|
|
|
|
|
else:
|
2010-12-20 15:49:48 +01:00
|
|
|
self._answer = None
|
2010-09-07 01:42:20 +02:00
|
|
|
self.send_response(client.GONE)
|
|
|
|
|
return
|
2010-04-19 16:09:50 +02:00
|
|
|
else:
|
|
|
|
|
# Get whole calendar
|
|
|
|
|
answer_text = self._calendar.text
|
|
|
|
|
etag = self._calendar.etag
|
2010-01-16 13:33:50 +01:00
|
|
|
|
2010-06-27 01:45:49 +02:00
|
|
|
self._answer = answer_text.encode(self._encoding)
|
2010-01-16 13:33:50 +01:00
|
|
|
self.send_response(client.OK)
|
2010-06-27 01:45:49 +02:00
|
|
|
self.send_header("Content-Length", len(self._answer))
|
2010-04-19 16:09:50 +02:00
|
|
|
self.send_header("Content-Type", "text/calendar")
|
2010-06-24 01:50:21 +02:00
|
|
|
self.send_header("Last-Modified", self._calendar.last_modified)
|
2010-04-19 16:09:50 +02:00
|
|
|
self.send_header("ETag", etag)
|
2010-01-16 13:33:50 +01:00
|
|
|
self.end_headers()
|
|
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
@log_request_content
|
2010-01-21 18:52:53 +01:00
|
|
|
@check_rights
|
2010-01-10 18:55:32 +01:00
|
|
|
def do_DELETE(self):
|
2010-01-19 20:31:21 +01:00
|
|
|
"""Manage DELETE request."""
|
2010-04-12 14:43:40 +02:00
|
|
|
item = self._calendar.get_item(xmlutils.name_from_path(self.path))
|
|
|
|
|
if item and self.headers.get("If-Match", item.etag) == item.etag:
|
|
|
|
|
# No ETag precondition or precondition verified, delete item
|
2010-06-27 01:45:49 +02:00
|
|
|
self._answer = xmlutils.delete(self.path, self._calendar)
|
2010-04-12 14:43:40 +02:00
|
|
|
|
|
|
|
|
self.send_response(client.NO_CONTENT)
|
2010-06-27 01:45:49 +02:00
|
|
|
self.send_header("Content-Length", len(self._answer))
|
2010-04-12 14:43:40 +02:00
|
|
|
self.end_headers()
|
2010-06-27 01:45:49 +02:00
|
|
|
self.wfile.write(self._answer)
|
2010-04-12 14:43:40 +02:00
|
|
|
else:
|
|
|
|
|
# No item or ETag precondition not verified, do not delete item
|
|
|
|
|
self.send_response(client.PRECONDITION_FAILED)
|
2008-12-30 16:25:42 +00:00
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
@log_request_content
|
2011-02-01 17:01:30 +01:00
|
|
|
@check_rights
|
|
|
|
|
def do_MKCALENDAR(self):
|
|
|
|
|
"""Manage MKCALENDAR request."""
|
|
|
|
|
self.send_response(client.CREATED)
|
|
|
|
|
self.end_headers()
|
|
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
@log_request_content
|
2010-01-10 18:55:32 +01:00
|
|
|
def do_OPTIONS(self):
|
2010-01-19 20:31:21 +01:00
|
|
|
"""Manage OPTIONS request."""
|
2010-01-15 16:04:03 +01:00
|
|
|
self.send_response(client.OK)
|
2010-09-28 16:04:17 +02:00
|
|
|
self.send_header(
|
2011-02-01 17:01:30 +01:00
|
|
|
"Allow", "DELETE, HEAD, GET, MKCALENDAR, "
|
|
|
|
|
"OPTIONS, PROPFIND, PUT, REPORT")
|
2010-01-10 18:55:32 +01:00
|
|
|
self.send_header("DAV", "1, calendar-access")
|
|
|
|
|
self.end_headers()
|
2008-12-30 16:25:42 +00:00
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
@log_request_content
|
2010-01-10 18:55:32 +01:00
|
|
|
def do_PROPFIND(self):
|
2010-01-19 20:31:21 +01:00
|
|
|
"""Manage PROPFIND request."""
|
2010-09-28 16:04:17 +02:00
|
|
|
self._answer = xmlutils.propfind(
|
2011-04-10 18:17:06 +02:00
|
|
|
self.path, self._content, self._calendar,
|
2011-01-07 15:25:05 +01:00
|
|
|
self.headers.get("depth", "infinity"))
|
2008-12-30 16:25:42 +00:00
|
|
|
|
2010-01-15 16:04:03 +01:00
|
|
|
self.send_response(client.MULTI_STATUS)
|
2010-01-10 18:55:32 +01:00
|
|
|
self.send_header("DAV", "1, calendar-access")
|
2010-06-27 01:45:49 +02:00
|
|
|
self.send_header("Content-Length", len(self._answer))
|
2010-11-30 11:57:37 +01:00
|
|
|
self.send_header("Content-Type", "text/xml")
|
2010-01-10 18:55:32 +01:00
|
|
|
self.end_headers()
|
2010-06-27 01:45:49 +02:00
|
|
|
self.wfile.write(self._answer)
|
2010-01-10 18:55:32 +01:00
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
@log_request_content
|
2010-01-21 18:52:53 +01:00
|
|
|
@check_rights
|
2010-01-10 18:55:32 +01:00
|
|
|
def do_PUT(self):
|
2010-01-19 20:31:21 +01:00
|
|
|
"""Manage PUT request."""
|
2010-04-19 16:09:50 +02:00
|
|
|
item_name = xmlutils.name_from_path(self.path)
|
|
|
|
|
item = self._calendar.get_item(item_name)
|
2010-04-13 00:25:01 +02:00
|
|
|
if (not item and not self.headers.get("If-Match")) or \
|
|
|
|
|
(item and self.headers.get("If-Match", item.etag) == item.etag):
|
|
|
|
|
# PUT allowed in 3 cases
|
|
|
|
|
# Case 1: No item and no ETag precondition: Add new item
|
|
|
|
|
# Case 2: Item and ETag precondition verified: Modify item
|
|
|
|
|
# Case 3: Item and no Etag precondition: Force modifying item
|
2011-04-10 18:17:06 +02:00
|
|
|
ical_request = self._decode(self._content)
|
2010-04-12 14:43:40 +02:00
|
|
|
xmlutils.put(self.path, ical_request, self._calendar)
|
2010-04-19 16:09:50 +02:00
|
|
|
etag = self._calendar.get_item(item_name).etag
|
2010-04-12 14:43:40 +02:00
|
|
|
|
|
|
|
|
self.send_response(client.CREATED)
|
2010-04-19 16:09:50 +02:00
|
|
|
self.send_header("ETag", etag)
|
|
|
|
|
self.end_headers()
|
2010-04-12 14:43:40 +02:00
|
|
|
else:
|
2010-04-13 00:25:01 +02:00
|
|
|
# PUT rejected in all other cases
|
2010-04-12 14:43:40 +02:00
|
|
|
self.send_response(client.PRECONDITION_FAILED)
|
2008-12-30 16:25:42 +00:00
|
|
|
|
2011-04-10 18:17:06 +02:00
|
|
|
@log_request_content
|
2010-01-21 18:52:53 +01:00
|
|
|
@check_rights
|
2010-01-10 18:55:32 +01:00
|
|
|
def do_REPORT(self):
|
2010-01-19 20:31:21 +01:00
|
|
|
"""Manage REPORT request."""
|
2011-04-10 18:17:06 +02:00
|
|
|
self._answer = xmlutils.report(self.path, self._content, self._calendar)
|
2008-12-30 16:25:42 +00:00
|
|
|
|
2010-01-15 16:04:03 +01:00
|
|
|
self.send_response(client.MULTI_STATUS)
|
2010-06-27 01:45:49 +02:00
|
|
|
self.send_header("Content-Length", len(self._answer))
|
2010-01-10 18:55:32 +01:00
|
|
|
self.end_headers()
|
2010-06-27 01:45:49 +02:00
|
|
|
self.wfile.write(self._answer)
|
2010-02-10 23:52:50 +01:00
|
|
|
|
2010-06-05 01:18:59 +02:00
|
|
|
# pylint: enable=C0103
|
