Raise an exception when an attempt to set an invalid principal as a g…

…roup member occurs. git-svn-id: https://svn.calendarserver.org/repository/calendarserver/CalendarServer/trunk@1264 e27351fd-9f3e-4f54-a53b-843176b1656c
apple · Feb 24, 2007 · 31e8e22 · 31e8e22
1 parent 05a1c3b
commit 31e8e22
Showing 1 changed file with 14 additions and 10 deletions.
diff --git a/twistedcaldav/directory/calendaruserproxy.py b/twistedcaldav/directory/calendaruserproxy.py
@@ -24,21 +24,17 @@
     "CalendarUserProxyPrincipalResource",
 ]
 
-from urllib import unquote
-
 from twisted.internet.defer import succeed
 from twisted.python import log
 from twisted.python.failure import Failure
 from twisted.web2 import responsecode
 from twisted.web2.dav import davxml
 from twisted.web2.dav.element.base import dav_namespace
 from twisted.web2.dav.util import joinURL
-from twisted.web2.http import Response
-from twisted.web2.http_headers import MimeType
+from twisted.web2.http import HTTPError, StatusResponse
 
 from twistedcaldav.extensions import DAVFile, DAVPrincipalResource
 from twistedcaldav.extensions import ReadOnlyWritePropertiesResourceMixIn
-from twistedcaldav.resource import CalendarPrincipalResource
 from twistedcaldav.sql import AbstractSQLDatabase
 from twistedcaldav.static import AutoProvisioningFileMixIn
 
@@ -137,17 +133,25 @@ def setGroupMemberSet(self, new_members, request):
         # Really, c-u-p principals should be treated the same way as any other principal, so
         # they should be allowed as members of groups.
         #
-        # This implementation simply ignores any principal URIs that correspond to c-u-p principals.
+        # This implementation now raises an exception for any principal it cannot find.
 
         # Break out the list into a set of URIs.
         members = [str(h) for h in new_members.children]
 
         # Map the URIs to principals.
-        # NB Non-matching URIs will return None foe the principal
-        principals = [self.pcollection._principalForURI(uri) for uri in members]
+        principals = []
+        for uri in members:
+            principal = self.pcollection._principalForURI(uri)
+            # Invalid principals MUST result in an error.
+            if principal is None:
+                raise HTTPError(StatusResponse(
+                    responsecode.BAD_REQUEST,
+                    "Attempt to use a non-existent principal %s as a group member of %s." % (uri, self.principalURL(),)
+                ))
+            principals.append(principal)
 
-        # Map the principals to GUIDs, ignoring principals that are None.
-        guids = [p.principalUID() for p in principals if p is not None]
+        # Map the principals to GUIDs.
+        guids = [p.principalUID() for p in principals]
 
         self._index().setGroupMembers(self.guid, guids)
         return succeed(True)