def setUp(self): super(TestCase, self).setUp() # FIXME: this is only here to workaround circular imports doBind() config.reset() serverroot = self.mktemp() os.mkdir(serverroot) config.ServerRoot = os.path.abspath(serverroot) config.ConfigRoot = "config" config.LogRoot = "logs" config.RunRoot = "logs" if not os.path.exists(config.DataRoot): os.makedirs(config.DataRoot) if not os.path.exists(config.DocumentRoot): os.makedirs(config.DocumentRoot) if not os.path.exists(config.ConfigRoot): os.makedirs(config.ConfigRoot) if not os.path.exists(config.LogRoot): os.makedirs(config.LogRoot) config.Memcached.Pools.Default.ClientEnabled = False config.Memcached.Pools.Default.ServerEnabled = False ClientFactory.allowTestCache = True memcacher.Memcacher.allowTestCache = True config.DirectoryAddressBook.Enabled = False
def setUp(self): super(TestCase, self).setUp() # FIXME: this is only here to workaround circular imports doBind() self.serverRoot = self.mktemp() os.mkdir(self.serverRoot) self.configure() if not os.path.exists(config.DataRoot): os.makedirs(config.DataRoot) if not os.path.exists(config.DocumentRoot): os.makedirs(config.DocumentRoot) if not os.path.exists(config.ConfigRoot): os.makedirs(config.ConfigRoot) if not os.path.exists(config.LogRoot): os.makedirs(config.LogRoot)
def getRootResource(config, newStore, resources=None): """ Set up directory service and resource hierarchy based on config. Return root resource. Additional resources can be added to the hierarchy by passing a list of tuples containing: path, resource class, __init__ args list, and optional authentication schemes list ("basic", "digest"). If the store is specified, then it has already been constructed, so use it. Otherwise build one with L{storeFromConfig}. """ if newStore is None: raise RuntimeError("Internal error, 'newStore' must be specified.") if resources is None: resources = [] # FIXME: this is only here to workaround circular imports doBind() # # Default resource classes # rootResourceClass = RootResource calendarResourceClass = DirectoryCalendarHomeProvisioningResource iScheduleResourceClass = IScheduleInboxResource timezoneServiceResourceClass = TimezoneServiceResource timezoneStdServiceResourceClass = TimezoneStdServiceResource webCalendarResourceClass = WebCalendarResource webAdminResourceClass = WebAdminResource addressBookResourceClass = DirectoryAddressBookHomeProvisioningResource directoryBackedAddressBookResourceClass = DirectoryBackedAddressBookResource apnSubscriptionResourceClass = APNSubscriptionResource directory = newStore.directoryService() # # Setup the ProxyDB Service # proxydbClass = namedClass(config.ProxyDBService.type) log.info("Configuring proxydb service of type: {cls}", cls=proxydbClass) try: calendaruserproxy.ProxyDBService = proxydbClass(**config.ProxyDBService.params) except IOError: log.error("Could not start proxydb service") raise # # Configure the Site and Wrappers # wireEncryptedCredentialFactories = [] wireUnencryptedCredentialFactories = [] portal = Portal(auth.DavRealm()) portal.registerChecker(directory) realm = directory.realmName or "" log.info("Configuring authentication for realm: {realm}", realm=realm) for scheme, schemeConfig in config.Authentication.iteritems(): scheme = scheme.lower() credFactory = None if schemeConfig["Enabled"]: log.info("Setting up scheme: {scheme}", scheme=scheme) if scheme == "kerberos": if not NegotiateCredentialFactory: log.info("Kerberos support not available") continue try: principal = schemeConfig["ServicePrincipal"] if not principal: credFactory = NegotiateCredentialFactory( type="HTTP", hostname=config.ServerHostName, ) else: credFactory = NegotiateCredentialFactory( principal=principal, ) except ValueError: log.info("Could not start Kerberos") continue elif scheme == "digest": credFactory = QopDigestCredentialFactory( schemeConfig["Algorithm"], schemeConfig["Qop"], realm, ) elif scheme == "basic": credFactory = BasicCredentialFactory(realm) elif scheme == "wiki": pass else: log.error("Unknown scheme: {scheme}", scheme=scheme) if credFactory: wireEncryptedCredentialFactories.append(credFactory) if schemeConfig.get("AllowedOverWireUnencrypted", False): wireUnencryptedCredentialFactories.append(credFactory) # # Setup Resource hierarchy # log.info("Setting up document root at: {root}", root=config.DocumentRoot) principalCollection = directory.principalCollection if config.EnableCalDAV: log.info("Setting up calendar collection: {cls}", cls=calendarResourceClass) calendarCollection = calendarResourceClass( directory, "/calendars/", newStore, ) if config.EnableCardDAV: log.info("Setting up address book collection: {cls}", cls=addressBookResourceClass) addressBookCollection = addressBookResourceClass( directory, "/addressbooks/", newStore, ) directoryPath = os.path.join(config.DocumentRoot, config.DirectoryAddressBook.name) if config.DirectoryAddressBook.Enabled and config.EnableSearchAddressBook: log.info("Setting up directory address book: {cls}", cls=directoryBackedAddressBookResourceClass) directoryBackedAddressBookCollection = directoryBackedAddressBookResourceClass( principalCollections=(principalCollection,) ) if _reactor._started: directoryBackedAddressBookCollection.provisionDirectory() else: addSystemEventTrigger("after", "startup", directoryBackedAddressBookCollection.provisionDirectory) else: # remove /directory from previous runs that may have created it try: FilePath(directoryPath).remove() log.info("Deleted: {path}", path=directoryPath) except (OSError, IOError), e: if e.errno != errno.ENOENT: log.error("Could not delete: {path} : {error}", path=directoryPath, error=e)
def getRootResource(config, resources=None): """ Set up directory service and resource hierarchy based on config. Return root resource. Additional resources can be added to the hierarchy by passing a list of tuples containing: path, resource class, __init__ args list, and optional authentication scheme ("basic" or "digest"). """ # FIXME: this is only here to workaround circular imports doBind() # # Default resource classes # rootResourceClass = RootResource principalResourceClass = DirectoryPrincipalProvisioningResource calendarResourceClass = DirectoryCalendarHomeProvisioningResource iScheduleResourceClass = IScheduleInboxResource timezoneServiceResourceClass = TimezoneServiceResource webCalendarResourceClass = WebCalendarResource webAdminResourceClass = WebAdminResource addressBookResourceClass = DirectoryAddressBookHomeProvisioningResource directoryBackedAddressBookResourceClass = DirectoryBackedAddressBookResource # # Setup the Directory # directories = [] directoryClass = namedClass(config.DirectoryService.type) log.info("Configuring directory service of type: %s" % (config.DirectoryService.type,)) baseDirectory = directoryClass(config.DirectoryService.params) # Wait for the directory to become available while not baseDirectory.isAvailable(): sleep(5) directories.append(baseDirectory) # # Setup the Locations and Resources Service # if config.ResourceService.Enabled: resourceClass = namedClass(config.ResourceService.type) log.info("Configuring resource service of type: %s" % (resourceClass,)) resourceDirectory = resourceClass(config.ResourceService.params) resourceDirectory.realmName = baseDirectory.realmName directories.append(resourceDirectory) # # Add sudoers directory # sudoDirectory = None if config.SudoersFile and os.path.exists(config.SudoersFile): log.info("Configuring SudoDirectoryService with file: %s" % (config.SudoersFile,)) sudoDirectory = SudoDirectoryService(config.SudoersFile) sudoDirectory.realmName = baseDirectory.realmName CalDAVResource.sudoDirectory = sudoDirectory directories.insert(0, sudoDirectory) else: log.info( "Not using SudoDirectoryService; file doesn't exist: %s" % (config.SudoersFile,) ) # # Add wiki directory service # if config.Authentication.Wiki.Enabled: wikiDirectory = WikiDirectoryService() wikiDirectory.realmName = baseDirectory.realmName directories.append(wikiDirectory) # # Add internal directory service # Right now we only use this for CardDAV # if config.EnableCardDAV: internalDirectory = InternalDirectoryService(baseDirectory.realmName) directories.append(internalDirectory) directory = AggregateDirectoryService(directories) if sudoDirectory: directory.userRecordTypes.insert(0, SudoDirectoryService.recordType_sudoers) # # Use system-wide realm on OSX # try: import ServerFoundation realmName = ServerFoundation.XSAuthenticator.defaultRealm().encode("utf-8") directory.setRealm(realmName) except ImportError: pass # # Setup the Augment Service # augmentClass = namedClass(config.AugmentService.type) log.info("Configuring augment service of type: %s" % (augmentClass,)) try: augment.AugmentService = augmentClass(**config.AugmentService.params) except IOError: log.error("Could not start augment service") raise # # Setup the ProxyDB Service # proxydbClass = namedClass(config.ProxyDBService.type) log.info("Configuring proxydb service of type: %s" % (proxydbClass,)) try: calendaruserproxy.ProxyDBService = proxydbClass(**config.ProxyDBService.params) except IOError: log.error("Could not start proxydb service") raise # # Configure Memcached Client Pool # memcachepool.installPools( config.Memcached.Pools, config.Memcached.MaxClients, ) # # Configure the Site and Wrappers # credentialFactories = [] portal = Portal(auth.DavRealm()) portal.registerChecker(directory) realm = directory.realmName or "" log.info("Configuring authentication for realm: %s" % (realm,)) for scheme, schemeConfig in config.Authentication.iteritems(): scheme = scheme.lower() credFactory = None if schemeConfig["Enabled"]: log.info("Setting up scheme: %s" % (scheme,)) if scheme == "kerberos": if not NegotiateCredentialFactory: log.info("Kerberos support not available") continue try: principal = schemeConfig["ServicePrincipal"] if not principal: credFactory = NegotiateCredentialFactory( type="HTTP", hostname=config.ServerHostName, ) else: credFactory = NegotiateCredentialFactory( principal=principal, ) except ValueError: log.info("Could not start Kerberos") continue elif scheme == "digest": credFactory = QopDigestCredentialFactory( schemeConfig["Algorithm"], schemeConfig["Qop"], realm, ) elif scheme == "basic": credFactory = BasicCredentialFactory(realm) elif scheme == "wiki": pass else: log.error("Unknown scheme: %s" % (scheme,)) if credFactory: credentialFactories.append(credFactory) # # Setup Resource hierarchy # log.info("Setting up document root at: %s" % (config.DocumentRoot,)) log.info("Setting up principal collection: %r" % (principalResourceClass,)) principalCollection = principalResourceClass("/principals/", directory) # # Configure NotifierFactory # if config.Notifications.Enabled: notifierFactory = NotifierFactory( config.Notifications.InternalNotificationHost, config.Notifications.InternalNotificationPort, ) else: notifierFactory = None if config.UseDatabase: _dbRoot = CachingFilePath(config.DatabaseRoot) _postgresService = PostgresService(_dbRoot, None, v1_schema, "caldav", logFile=config.PostgresLogFile) _newStore = CommonSQLDataStore(_postgresService.produceConnection, notifierFactory, _dbRoot.child("attachments"), config.EnableCalDAV, config.EnableCardDAV) else: _newStore = CommonFileDataStore(FilePath(config.DocumentRoot), notifierFactory, config.EnableCalDAV, config.EnableCardDAV) if config.EnableCalDAV: log.info("Setting up calendar collection: %r" % (calendarResourceClass,)) calendarCollection = calendarResourceClass( directory, "/calendars/", _newStore, ) if config.EnableCardDAV: log.info("Setting up address book collection: %r" % (addressBookResourceClass,)) addressBookCollection = addressBookResourceClass( directory, "/addressbooks/", _newStore, ) directoryPath = os.path.join(config.DocumentRoot, config.DirectoryAddressBook.name) if config.DirectoryAddressBook.Enabled and config.EnableSearchAddressBook: log.info("Setting up directory address book: %r" % (directoryBackedAddressBookResourceClass,)) directoryBackedAddressBookCollection = directoryBackedAddressBookResourceClass( principalCollections=(principalCollection,) ) addSystemEventTrigger("after", "startup", directoryBackedAddressBookCollection.provisionDirectory) else: # remove /directory from previous runs that may have created it try: FilePath(directoryPath).remove() log.info("Deleted: %s" % directoryPath) except (OSError, IOError), e: if e.errno != errno.ENOENT: log.error("Could not delete: %s : %r" % (directoryPath, e,))
def getRootResource(config, newStore, resources=None): """ Set up directory service and resource hierarchy based on config. Return root resource. Additional resources can be added to the hierarchy by passing a list of tuples containing: path, resource class, __init__ args list, and optional authentication schemes list ("basic", "digest"). If the store is specified, then it has already been constructed, so use it. Otherwise build one with L{storeFromConfig}. """ if newStore is None: raise RuntimeError("Internal error, 'newStore' must be specified.") if resources is None: resources = [] # FIXME: this is only here to workaround circular imports doBind() # # Default resource classes # rootResourceClass = RootResource calendarResourceClass = DirectoryCalendarHomeProvisioningResource iScheduleResourceClass = IScheduleInboxResource conduitResourceClass = ConduitResource timezoneServiceResourceClass = TimezoneServiceResource timezoneStdServiceResourceClass = TimezoneStdServiceResource webCalendarResourceClass = WebCalendarResource webAdminResourceClass = WebAdminLandingResource addressBookResourceClass = DirectoryAddressBookHomeProvisioningResource directoryBackedAddressBookResourceClass = DirectoryBackedAddressBookResource apnSubscriptionResourceClass = APNSubscriptionResource principalResourceClass = DirectoryPrincipalProvisioningResource directory = newStore.directoryService() principalCollection = principalResourceClass("/principals/", directory) # # Configure the Site and Wrappers # wireEncryptedCredentialFactories = [] wireUnencryptedCredentialFactories = [] portal = Portal(auth.DavRealm()) portal.registerChecker(UsernamePasswordCredentialChecker(directory)) portal.registerChecker(HTTPDigestCredentialChecker(directory)) portal.registerChecker(PrincipalCredentialChecker()) realm = directory.realmName.encode("utf-8") or "" log.info("Configuring authentication for realm: {realm}", realm=realm) for scheme, schemeConfig in config.Authentication.iteritems(): scheme = scheme.lower() credFactory = None if schemeConfig["Enabled"]: log.info("Setting up scheme: {scheme}", scheme=scheme) if scheme == "kerberos": if not NegotiateCredentialFactory: log.info("Kerberos support not available") continue try: principal = schemeConfig["ServicePrincipal"] if not principal: credFactory = NegotiateCredentialFactory( type="HTTP", hostname=config.ServerHostName, ) else: credFactory = NegotiateCredentialFactory( principal=principal, ) except ValueError: log.info("Could not start Kerberos") continue elif scheme == "digest": credFactory = QopDigestCredentialFactory( schemeConfig["Algorithm"], schemeConfig["Qop"], realm, ) elif scheme == "basic": credFactory = BasicCredentialFactory(realm) elif scheme == "wiki": pass else: log.error("Unknown scheme: {scheme}", scheme=scheme) if credFactory: wireEncryptedCredentialFactories.append(credFactory) if schemeConfig.get("AllowedOverWireUnencrypted", False): wireUnencryptedCredentialFactories.append(credFactory) # # Setup Resource hierarchy # log.info("Setting up document root at: {root}", root=config.DocumentRoot) # principalCollection = directory.principalCollection if config.EnableCalDAV: log.info("Setting up calendar collection: {cls}", cls=calendarResourceClass) calendarCollection = calendarResourceClass( directory, "/calendars/", newStore, ) if config.EnableCardDAV: log.info("Setting up address book collection: {cls}", cls=addressBookResourceClass) addressBookCollection = addressBookResourceClass( directory, "/addressbooks/", newStore, ) if config.DirectoryAddressBook.Enabled and config.EnableSearchAddressBook: log.info("Setting up directory address book: {cls}", cls=directoryBackedAddressBookResourceClass) directoryBackedAddressBookCollection = directoryBackedAddressBookResourceClass( principalCollections=(principalCollection,), principalDirectory=directory, uri=joinURL("/", config.DirectoryAddressBook.name, "/") ) if _reactor._started: directoryBackedAddressBookCollection.provisionDirectory() else: addSystemEventTrigger("after", "startup", directoryBackedAddressBookCollection.provisionDirectory) else: # remove /directory from previous runs that may have created it directoryPath = os.path.join(config.DocumentRoot, config.DirectoryAddressBook.name) try: FilePath(directoryPath).remove() log.info("Deleted: {path}", path=directoryPath) except (OSError, IOError), e: if e.errno != errno.ENOENT: log.error("Could not delete: {path} : {error}", path=directoryPath, error=e)