Separation of authentication and authorization. Separation of read and write authorization.

Static test strategies for authentication. Barely tested. Use at your own risk!
2025-09-15 20:36:55 +00:00 · 2012-08-03 13:10:20 +02:00 · 2012-08-03 13:10:20 +02:00 · e40e68b528
commit e40e68b528
parent 83baebd750
14 changed files with 478 additions and 132 deletions
--- a/radicale/acl/htpasswd.py
+++ b/radicale/acl/htpasswd.py
@ -58,11 +58,11 @@ def _sha1(hash_value, password):
    return sha1.digest() == base64.b64decode(hash_value)


-def has_right(owner, user, password):
+def is_authenticated(user, password):
    """Check if ``user``/``password`` couple is valid."""
    for line in open(FILENAME).readlines():
        if line.strip():
            login, hash_value = line.strip().split(":")
-            if login == user and (owner in acl.PRIVATE_USERS or owner == user):
+            if login == user:
                return globals()["_%s" % ENCRYPTION](hash_value, password)
    return False