diff options
Diffstat (limited to 'src/webdav/acp/AceHandler.py')
-rw-r--r-- | src/webdav/acp/AceHandler.py | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/src/webdav/acp/AceHandler.py b/src/webdav/acp/AceHandler.py new file mode 100644 index 0000000..e07b74d --- /dev/null +++ b/src/webdav/acp/AceHandler.py @@ -0,0 +1,182 @@ +# Copyright 2008 German Aerospace Center (DLR) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +""" +Handling of WebDAV Access Protocol Extensions and ACL preparation for UI. +""" + + +from webdav import Constants +from webdav.WebdavClient import ResourceStorer +from webdav.Connection import WebdavError + + +__version__ = "$LastChangedRevision$" + + +def extractSupportedPrivilegeSet(userPrivileges): + """ + Returns a dictionary of supported privileges. + + @param userPrivileges: A DOM tree. + @type userPrivileges: L{webdav.WebdavResponse.Element} object + + @raise WebdavError: When unknown elements appear in the + C{DAV:supported-privilege} appear a L{WebdavError} is raised. + + @return: A dictionary with privilege names as keys and privilege descriptions as values. + @rtype: C{dictionary} + """ + result = {} + for element in userPrivileges.children: + if element.name == Constants.TAG_SUPPORTED_PRIVILEGE: + privName = '' + privDescription = '' + for privilege in element.children: + if privilege.name == Constants.TAG_PRIVILEGE: + privName = privilege.children[0].name + elif privilege.name == Constants.TAG_DESCRIPTION: + privDescription = privilege.textof() + else: + raise WebdavError('Unknown element in DAV:supported-privilege: ' + privilege.name) + + if privName and privDescription: + result[privName] = privDescription + privName = '' + privDescription = '' + else: + raise WebdavError('Invalid element tag in DAV:supported-privilege-set: ' + element.name) + return result + + +def _insertAclDisplaynames(acl): + """ + Modifies the ACL by adding the human readable names + (DAV:displayname property) of each principal found in an ACL. + + This should be done with the REPORT method, but it is not supported by + Jacarta Slide, yet. (As of Aug. 1, 2003 in CVS repository) + + So we are going to do it differently by foot the harder way ... + + @param acl: An ACL object for which the displaynames should be retrieved. + @type acl: L{ACL} object + """ + ## This is redundant code to be still kept for the REPORT method way of doing it ... + ## property = '''<D:prop><D:displayname/></D:prop>''' + ## return self.getReport(REPORT_ACL_PRINCIPAL_PROP_SET, property) + for ace in acl.aces: + if not ace.principal.property: + principalConnection = \ + ResourceStorer(ace.principal.principalURL) + ace.principal.displayname = \ + principalConnection.readProperty(Constants.NS_DAV, Constants.PROP_DISPLAY_NAME) + + +def prepareAcls(acls): + """ + Returns all ACLs describing the behaviour of the resource. The information + in the ACL is modified to contain all information needed to display in the UI. + + @param acls: ACL objects. + @type acls: C{list} of L{ACL} objects + + @return: (non-valid) ACLs that contain both grant and deny clauses in an ACE. + Displaynames are added to the Principals where needed. + @rtype: C{list} of L{ACL} objects + """ + for acl in acls.keys(): + acls[acl] = acls[acl].joinGrantDeny() + _insertAclDisplaynames(acls[acl]) + return acls + + +def prepareAcl(acl): + """ + Returns an ACL describing the behaviour of the resource. The information + in the ACL is modified to contain all information needed to display in the UI. + + @param acl: An ACL object. + @type acl: L{ACL} object + + @return: A (non-valid) ACL that contains both grant and deny clauses in an ACE. + Displaynames are added to the Principals where needed. + @rtype: L{ACL} object + """ + acl = acl.joinGrantDeny() + _insertAclDisplaynames(acl) + return acl + + +def refineAclForSet(acl): + """ + Sets the ACL composed from the UI on the WebDAV server. For that purpose the + ACL object gets refined first to form a well accepted ACL to be set by the + ACL WebDAV method. + + @param acl: An ACL object to be refined. + @type acl: L{ACL} object + + @return: A valid ACL that contains only grant or deny clauses in an ACE. + Inherited and protected ACEs are stripped out. + @rtype: L{ACL} object + """ + acl = acl.splitGrantDeny() + acl = acl.stripAces() + return acl + + +##~ unsupported or unfinished methods: +##~ +##~ def report(self, report, request=None, lockToken=None): +##~ """ +##~ This method implements the WebDAV ACP method: REPORT for given report +##~ types. +##~ +##~ Parameters: +##~ +##~ 'report' -- Report type as a string. +##~ +##~ 'request' -- XML content of the request for the report (defaults to None). +##~ +##~ 'lockToken' -- Lock token to be set (defaults to None). +##~ """ +##~ raise WebdavError('Reports are not supported by our Jacarta Slide, yet (as of Aug. 1, 2003 in CVS).') +##~ +##~ headers = createCondition(lockToken) +##~ headers['Content-Type'] = XML_CONTENT_TYPE +##~ body = '<D:%s xmlns:D="DAV:">%s</D:%s>' % (report, request, report) +##~ #print "Body: ", body +##~ response = self.connection._request('REPORT', self.path, body, headers) +##~ return response +##~ ## TODO: parse DAV:error response +##~ +##~ +##~ def getAllAcls(self): +##~ """ +##~ Returns a dictionary of ACL resources with respective ACL objects +##~ that apply to the given resource. +##~ +##~ ### This method needs to be extended for inherited ACLs when Tamino +##~ support tells me (Guy) how to get to them. +##~ """ +##~ acls = {self.path: self.getAcl()} +##~ for ace in acls[self.path].aces: +##~ if ace.inherited: +##~ if not ace.inherited in acls: +##~ acls[ace.inherited] = self.getAcl() +##~ +##~ # append some more stuff here to acls for possible inherited ACLs +##~ return acls |