oss/Radicale
oss/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-07-23 17:48:30 +00:00
Code Wiki Activity

Separation of authentication and authorization. Separation of read and write authorization.

Browse source 
Static test strategies for authentication. Barely tested. Use at your own risk!
This commit is contained in:
Matthias Jordan 2012-08-03 13:10:20 +02:00
parent 83baebd750
commit e40e68b528
14 changed files with 478 additions and 132 deletions
Download patch file Download diff file Expand all files Collapse all files

7
radicale/acl/PAM.py
View file

@ -33,11 +33,8 @@ from radicale import acl, config, log
GROUP_MEMBERSHIP = config.get("acl", "pam_group_membership")
def has_right(owner, user, password):
def is_authenticated(user, password):
"""Check if ``user``/``password`` couple is valid."""
if not user or (owner not in acl.PRIVATE_USERS and user != owner):
# No user given, or owner is not private and is not user, forbidden
return False
# Check whether the user exists in the PAM system
try:
@ -50,7 +47,7 @@ def has_right(owner, user, password):
# Check whether the group exists
try:
members = grp.getgrnam(GROUP_MEMBERSHIP).gr_mem
members = grp.getgrnam(GROUP_MEMBERSHIP)
except KeyError:
log.LOGGER.debug(
"The PAM membership required group (%s) doesn't exist" %