oss/Radicale
oss/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-06-29 16:55:32 +00:00
Code Wiki Activity
1027 commits 5 branches 81 tags 7.5 MiB
Commit graph

24 commits

Author SHA1 Message Date
Guillaume Ayoub
b517818749 Don't reject everybody from "/" with owner_only 
Fix 407.
 2016-08-01 18:59:47 +02:00
Guillaume Ayoub
6bfdcbafec Cosmetics 2016-08-01 12:50:51 +02:00
Guillaume Ayoub
9d3086427d Merge pull request #450 from Unrud/safeusernames 
Prevent unsafe usernames
 2016-08-01 12:14:40 +02:00
Unrud
9dd8c65d65 Always match full username/collection with regex 
It's easy to forget $ at the end of a regex and it's counter-intuitive that ^ is implicit but $ is not.
 2016-08-01 10:07:21 +02:00
Unrud
da1a693620 Prevent unsafe usernames 
If an attacker is able to create an account with a username like "user/calendar.ics", he can access collections of other users.
 2016-08-01 09:10:23 +02:00
Florian Mounier
221379ef85 Sort imports 2016-07-04 14:32:33 +02:00
Markus Unterwaditzer
0de3ad36be Fixes to Rights 
- BaseRights expects the config and logger params
- user may be None, which leads to errors when trying to use it with
  regexes.
 2016-04-22 20:30:40 +02:00
Guillaume Ayoub
2f97d7d1e1 Remove global state about configuration and logs 
Many things have been changed to make this possible, probably leading to
many hidden bugs waiting to be found.

Related to #122.
 2016-04-22 11:37:02 +09:00
Guillaume Ayoub
e586569b31 Fix a lot of details 2016-04-12 18:21:18 +02:00
Guillaume Ayoub
1001bcb676 Remove extra auth, rights and storage modules 2016-04-07 19:02:52 +02:00
Sergey Fursov
dca10fa14e Different rights management backends 
Initially only one backend - regular expressions based
 2013-12-25 03:44:24 +04:00
Guillaume Ayoub
0e566e4c97 Merge branch 'apple' 2013-12-24 11:22:57 +01:00
Guillaume Ayoub
ce8e86af63 Allow read-only access to .well-known/ca(l|rd)av (related to #32) 2013-10-31 13:57:37 +01:00
Guillaume Ayoub
92b3cf41bc Simple try/except import trick 2013-10-29 14:09:46 +01:00
David Aurelio
fb784c28c4 Fix python 3 problem: 'str' does not support the buffer interface 2013-10-27 22:36:56 +01:00
Jean-Marc Martins
e2512b12fb Fixed partially anonymous authentication 2013-09-13 15:05:02 +02:00
Jean-Marc Martins
58faf725b0 Fixed authentication for anonymous users 2013-09-12 17:39:20 +02:00
Guillaume Ayoub
43785e48a9 Get configuration keys at runtime, not when module is imported (fixes #64) 2013-09-12 13:48:49 +02:00
Ossi Salmi
8c3cf6bccd Fix built-in owner_only right 2013-08-28 00:56:45 +03:00
Guillaume Ayoub
c0c652b3f8 Add documentation and example for rights management 2013-08-27 11:05:54 +02:00
Guillaume Ayoub
07a9ce8296 Fix owner_* rights with python2 (fix #49) 2013-08-21 06:58:30 +02:00
Guillaume Ayoub
f7f26afd6b Fix rights type "None" 2013-08-14 11:58:08 +02:00
Guillaume Ayoub
d1379e349a Don't check the file twice for rights 2013-08-14 10:52:50 +02:00
Guillaume Ayoub
586773148e Use a more simple rights manager 2013-08-14 10:50:59 +02:00
Renamed from radicale/rights/regex.py (Browse further)