[Calypso] calypso with davdroid: in the direction of principals

Jelmer Vernooij jelmer at samba.org
Mon Apr 14 18:01:37 PDT 2014 

On Fri, Apr 04, 2014 at 03:03:25PM +0200, chrysn wrote:
> On Sat, Mar 08, 2014 at 06:03:02PM +0000, Jelmer Vernooij wrote:
> > Rather than adding labels, couldn't we just add a setting for the
> > principal with substition for the username? E.g.:
> > 
> > [server]
> > principal = /+{USER}
> > 
> > That seems much simpler.
> 
> that approach was clearly not intended for production, but was the
> quickest i could sketch up.
> 
> i've built on your patch, and started providing a proper resource for
> principal, calendar and addressbook home set.
> 
> On Mon, Mar 31, 2014 at 09:19:16AM +0200, Guido Günther wrote:
> > We already assume that the first part of the path is the owner for
> > permision checks (see url_to_owner and acl/httpasswd). Shouldn't we just
> > set the current-user-principal to the first path component as well?
> 
> i'd like to think of the principal as distinct from the "folder" where a
> user's collections reside in -- it can be implemented in the same
> resource, but does not need to. 
> 
> according to personal url preferences, you can set user_principal to
> "/%(user)s/" or "/+%(user)s/" or "/principals/%(user)s/". (name clashes
> might be an issue if you name your address book like the addressbook
> home set, but yeah.
> 
> > We could then use this to query home-collection like:
> > 
> > ~/.config/calypso/calendars/
> >                       `- princ1/ 
> >                               `- collection1          
> >                               `- collection2
> >                       `- princ2/
> >                               `- collectionfoo
> >                               `- collectionbar
> > 
> > by simply retrurning all git repositories below princ1/ as
> > home-collections for each user.
> 
> the current implementation tries to build a collection from all
> non-hidden directories under the storage folder, and lists them in the
> home sets depending on permissions and their type.
> 
> 
> the patch set i'm suggesting is quite comprehensive. apart from the
> previously suggested patches (some of which i've built upon, otherwise
> i'd have started from master), [1] changes:
> 
> * support the address-data report entry
> 
> * new classes that represent non-collection resources (principals and
>   home sets)
> 
>   in the final version, they are passed to the xmlutils.propfind method
>   in parallel with `collection`; however, they implement their propfind
>   methods themselves. (the big switch list with attributes became a
>   hassle with the increasing number of isinstance() checks for that).
> 
>   (this creates compatibility with clients that only do
>   auto-configuration like DavDroid, and makes configuration easier with
>   many others).
> 
> * collection enumeration by walking the storage folder
> 
> * explicit per-resource configuration in .calypso-collection
> 
>   this was started by jelmer with inspecting the .git/description
>   contents, but didn't go far enough -- for one, that does not work when
>   the git repository is rooted higher up in the hierarchy, and then, it
>   won't allow finer control of permissions, which is implemented now
>   too. (a collection can be set personal or public, and if it's
>   personal, additional users can be granted access to it).
> 
>   explicit configuration also declares now as which type of collection
>   (address book or calendar) a collection is published. the old way of
>   just publishing both the address book and the calendar attributes fail
>   with clients like acal (which previously treated all calypso
>   repositories as address books).
> 
>   a fallback is in place for existing repositories that determines the
>   type of a collection based on its contents.
> 
> * bugfixes
> 
> some code gets moved through the patches, so i tried to structure it
> with relatively small commits.
> 
> 
> please try out my integration branch at [1], which contains all other
> patches sent by jelmer and guido in the last weeks, with your own setup;
> it works for me and i'm confident it will work for you, but software is
> prone to bugs, so let's better check twice.
> 
> keith, if no negative responses come back, please consider merging these
> patches.
> 

I can confirm that this works with DAVDroid. I needed the attached
patch though, since I'm using fake ACLs.

There are some other rough edges (not introduced by this patch). For
example, I have a couple of invalid vcards (no FN) that cause
tracebacks from calypso and then empty files in the repository.

Cheers,

Jelmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Accept-keyword-arguments-in-crypto.acl.fake.patch
Type: text/x-diff
Size: 632 bytes
Desc: not available
URL: </pipermail/calypso/attachments/20140415/1c36f5ad/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: </pipermail/calypso/attachments/20140415/1c36f5ad/attachment.sig>

More information about the Calypso mailing list