Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

Raise an exception when an attempt to set an invalid principal as a g…

…roup member occurs.

git-svn-id: https://svn.calendarserver.org/repository/calendarserver/CalendarServer/trunk@1264 e27351fd-9f3e-4f54-a53b-843176b1656c
  • Loading branch information
cyrusdaboo committed Feb 24, 2007
1 parent 05a1c3b commit 31e8e22d60128f7bfe29004e5548478dc7c4f44c
Showing with 14 additions and 10 deletions.
  1. +14 −10 twistedcaldav/directory/calendaruserproxy.py
@@ -24,21 +24,17 @@
"CalendarUserProxyPrincipalResource",
]

from urllib import unquote

from twisted.internet.defer import succeed
from twisted.python import log
from twisted.python.failure import Failure
from twisted.web2 import responsecode
from twisted.web2.dav import davxml
from twisted.web2.dav.element.base import dav_namespace
from twisted.web2.dav.util import joinURL
from twisted.web2.http import Response
from twisted.web2.http_headers import MimeType
from twisted.web2.http import HTTPError, StatusResponse

from twistedcaldav.extensions import DAVFile, DAVPrincipalResource
from twistedcaldav.extensions import ReadOnlyWritePropertiesResourceMixIn
from twistedcaldav.resource import CalendarPrincipalResource
from twistedcaldav.sql import AbstractSQLDatabase
from twistedcaldav.static import AutoProvisioningFileMixIn

@@ -137,17 +133,25 @@ def setGroupMemberSet(self, new_members, request):
# Really, c-u-p principals should be treated the same way as any other principal, so
# they should be allowed as members of groups.
#
# This implementation simply ignores any principal URIs that correspond to c-u-p principals.
# This implementation now raises an exception for any principal it cannot find.

# Break out the list into a set of URIs.
members = [str(h) for h in new_members.children]

# Map the URIs to principals.
# NB Non-matching URIs will return None foe the principal
principals = [self.pcollection._principalForURI(uri) for uri in members]
principals = []
for uri in members:
principal = self.pcollection._principalForURI(uri)
# Invalid principals MUST result in an error.
if principal is None:
raise HTTPError(StatusResponse(
responsecode.BAD_REQUEST,
"Attempt to use a non-existent principal %s as a group member of %s." % (uri, self.principalURL(),)
))
principals.append(principal)

# Map the principals to GUIDs, ignoring principals that are None.
guids = [p.principalUID() for p in principals if p is not None]
# Map the principals to GUIDs.
guids = [p.principalUID() for p in principals]

self._index().setGroupMembers(self.guid, guids)
return succeed(True)

0 comments on commit 31e8e22

Please sign in to comment.
You can’t perform that action at this time.