jelmer / xandikos

A CalDAV/CardDAV server backed by Git
https://www.xandikos.org/
GNU General Public License v3.0
423 stars 42 forks source link

Create and select user_principal based on web authenticated user. #179

Open pusateri opened 2 years ago

pusateri commented 2 years ago

I'm not expecting this to get merged right now. Just putting it here for a place holder and feedback. Will begin working on get_resource() ACLS.

Also updates nginx example to pass $remote_user as HTTP_X_REMOTE_USER from a proxy.

pusateri commented 2 years ago

We should add similar logic for the non-wsgi codepath in xandikos/web.py

If the non-wsgi codepath is web.py:main(), doesn't the current_user_principal argument do the same thing? Or do you want read the REMOTE_USER as an environment variable? Is run_simple_server() even used anywhere?

jelmer commented 2 years ago

Sorry for the delay - I've been traveling - but should be able to follow up more quickly during the next couple of weeks.

We should add similar logic for the non-wsgi codepath in xandikos/web.py

If the non-wsgi codepath is web.py:main(), doesn't the current_user_principal argument do the same thing? Or do you want read the REMOTE_USER as an environment variable?

In the non-wsgi codepath, REMOTE_USER could vary per request, so we can't read it from the environment. Right now, we just have a single principal, but in the future XandikosApp can't have a current_user_principal variable since there will be multiple. Hope that makes sense.

is run_simple_server() even used anywhere?

run_simple_server() is (meant to be) used in the testsuites of CalDAV/CardDAV client applications and libraries like pycaldav and vdirsync. It allows them to quickly spin up a trivial server to run tests against.