Option to allow un-authenticated local write access

src/calibre/srv/cdb.py

@@ -36,5 +36,5 @@ def cdb_run(ctx, rd, which):
         result = m.implementation(db, ctx.notify_changes, *args)
     except Exception as err:
         import traceback
-        return {'err': as_unicode(err), 'tb':traceback.format_stack()}
+        return {'err': as_unicode(err), 'tb': traceback.format_exc()}
     return {'result': result}

src/calibre/srv/handler.py

@@ -74,6 +74,8 @@ class Context(object):
 
     def check_for_write_access(self, data):
         if not data.username:
+            if data.is_local_connection and self.opts.local_write:
+                return
             raise HTTPForbidden('Anonymous users are not allowed to make changes')
         if self.user_manager.is_readonly(data.username):
             raise HTTPForbidden('The user {} does not have permission to make changes'.format(data.username))

src/calibre/srv/http_response.py

@@ -210,14 +210,14 @@ class RequestData(object):  # {{{
     username = None
 
     def __init__(self, method, path, query, inheaders, request_body_file, outheaders, response_protocol,
-                 static_cache, opts, remote_addr, remote_port, translator_cache, tdir):
+                 static_cache, opts, remote_addr, remote_port, is_local_connection, translator_cache, tdir):
 
         (self.method, self.path, self.query, self.inheaders, self.request_body_file, self.outheaders,
          self.response_protocol, self.static_cache, self.translator_cache) = (
             method, path, query, inheaders, request_body_file, outheaders,
             response_protocol, static_cache, translator_cache
         )
-        self.remote_addr, self.remote_port = remote_addr, remote_port
+        self.remote_addr, self.remote_port, self.is_local_connection = remote_addr, remote_port, is_local_connection
         self.opts = opts
         self.status_code = httplib.OK
         self.outcookie = Cookie()
@@ -430,7 +430,8 @@ class HTTPConnection(HTTPRequest):
         data = RequestData(
             self.method, self.path, self.query, inheaders, request_body_file,
             outheaders, self.response_protocol, self.static_cache, self.opts,
-            self.remote_addr, self.remote_port, self.translator_cache, self.tdir
+            self.remote_addr, self.remote_port, self.is_local_connection,
+            self.translator_cache, self.tdir
         )
         self.queue_job(self.run_request_handler, data)
 

src/calibre/srv/loop.py

@@ -128,6 +128,7 @@ class Connection(object):  # {{{
         except Exception:
             # In case addr is None, which can occassionally happen
             self.remote_addr = self.remote_port = None
+        self.is_local_connection = self.remote_addr in ('127.0.0.1', '::1')
         self.orig_send_bufsize = self.send_bufsize = 4096
         self.tdir = tdir
         self.ssl_context = ssl_context

src/calibre/srv/opts.py

@@ -133,6 +133,17 @@ raw_options = (
     _('By default, the server is unrestricted, allowing anyone to access it. You can'
     ' restrict access to predefined users with this option.'),
 
+    _('Allow un-authenticated local connections to make changes'),
+    'local_write', False,
+    _('By default, if you do not turn on authentication, the server operates in'
+      ' read-only mode, so as to not allow anonymous users to make changes to your'
+      ' calibre libraries. This option allows anybody connecting from the same'
+      ' computer as the server is running on to make changes. This is useful'
+      ' if you want to run the server without authentication but still'
+      ' use calibredb to make changes to your calibre libraries. Note that'
+      ' turning on this option means any program running on the computer'
+      ' can make changes to your calibre libraries.'),
+
     _('Path to user database'),
     'userdb', None,
     _('Path to a file in which to store the user and password information. By default a'