EVOLUTION-MANAGER

Edit File: init.py

import configparser
import os.path
import posixpath
import re
from importlib import import_module

from radicale import storage
from radicale.rights import BaseRights

class Rights(BaseRights):
    def __init__(self, configuration, logger):
        super().__init__(configuration, logger)
        self.filename = os.path.expanduser(configuration.get("rights", "file"))

def authorized(self, user, path, permission, full_path=""):
        user = user or ""
        sane_path = storage.sanitize_path(path).strip("/")
        # Prevent "regex injection"
        user_escaped = re.escape(user)
        sane_path_escaped = re.escape(sane_path)
        regex = configparser.ConfigParser(
            {"login": user_escaped, "path": sane_path_escaped})
        try:
            if not regex.read(self.filename):
                raise RuntimeError("No such file: %r" %
                                   self.filename)
        except Exception as e:
            raise RuntimeError("Failed to load rights file %r: %s" %
                               (self.filename, e)) from e
        for section in regex.sections():
            try:
                re_user_pattern = regex.get(section, "user")
                re_collection_pattern = regex.get(section, "collection")
                # Emulate fullmatch
                user_match = re.match(r"(?:%s)\Z" % re_user_pattern, user)
                collection_match = user_match and re.match(
                    r"(?:%s)\Z" % re_collection_pattern.format(
                        *map(re.escape, user_match.groups())), sane_path)
                file_match = True if full_path.find("_write.ics") != -1 else False
            except Exception as e:
                raise RuntimeError("Error in section %r of rights file %r: "
                                   "%s" % (section, self.filename, e)) from e
            if user_match and collection_match:
                if file_match and section == "allow-shared-read":
                    self.logger.debug("Rule %r:%r matches %r:%r from section %r Full Access",
                                  user, sane_path, re_user_pattern,
                                  re_collection_pattern, section)
                    return permission in regex.get("admin", "permission")
                else:
                    self.logger.debug("Rule %r:%r matches %r:%r from section %r",
                                  user, sane_path, re_user_pattern,
                                  re_collection_pattern, section)
                    return permission in regex.get(section, "permission")
        self.logger.info(
            "Rights: %r:%r doesn't match any section", user, sane_path)
        return False
    def authorized_item(self, user, path, permission):
        _path = path
        path = storage.sanitize_path(path)
        parent_path = storage.sanitize_path(
            "/%s/" % posixpath.dirname(path.strip("/")))
        return self.authorized(user, parent_path, permission, _path)

EVOLUTION-MANAGER

Edit File: __init__.py

Edit File: init.py