# -*- coding: utf-8 -*-

#    Copyright 2018 Fabien Bourgeois <fabien@yaltik.com>
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU Affero General Public License as
#    published by the Free Software Foundation, either version 3 of the
#    License, or (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU Affero General Public License for more details.
#
#    You should have received a copy of the GNU Affero General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.

""" Odoo Radicale Rights Plugin """

import logging
from configparser import Error
from radicale.rights import BaseRights
_logger = logging.getLogger(__name__)


class Rights(BaseRights):
    """ BaseRights implementation for Odoo Radicale """

    def authorized(self, user, path, permission):
        """ Authorized only readonly for authenticated users on their path """
        if not user:
            return False
        if path == '/':
            return True
        path = path.strip('/').split('/')
        if user != path[0]:
            return False
        # Authorize if readonly or read-write for odoo-contact
        is_main = (len(path) == 1 and user == path[0])
        is_odoo_contact = (len(path) > 1 and path[1] == 'odoo-contact')
        return is_main or is_odoo_contact or permission == 'r'