42 lines
1.5 KiB
Python
42 lines
1.5 KiB
Python
# -*- coding: utf-8 -*-
|
|
|
|
# Copyright 2018 Fabien Bourgeois <fabien@yaltik.com>
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU Affero General Public License as
|
|
# published by the Free Software Foundation, either version 3 of the
|
|
# License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
""" Odoo Radicale Rights Plugin """
|
|
|
|
import logging
|
|
from configparser import Error
|
|
from radicale.rights import BaseRights
|
|
_logger = logging.getLogger(__name__)
|
|
|
|
|
|
class Rights(BaseRights):
|
|
""" BaseRights implementation for Odoo Radicale """
|
|
|
|
def authorized(self, user, path, permission):
|
|
""" Authorized only readonly for authenticated users on their path """
|
|
if not user:
|
|
return False
|
|
if path == '/':
|
|
return True
|
|
path = path.strip('/').split('/')
|
|
if user != path[0]:
|
|
return False
|
|
# Authorize if readonly or read-write for odoo-contact
|
|
is_main = (len(path) == 1 and user == path[0])
|
|
is_odoo_contact = (len(path) > 1 and path[1] == 'odoo-contact')
|
|
return is_main or is_odoo_contact or permission == 'r'
|