Filter private calendar objects in shared calendarstags/v9.1.0RC1
@@ -72,7 +72,3 @@ Options -Indexes | |||
<IfModule pagespeed_module> | |||
ModPagespeed Off | |||
</IfModule> | |||
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE #### | |||
ErrorDocument 403 /core/templates/403.php | |||
ErrorDocument 404 /core/templates/404.php |
@@ -504,7 +504,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription | |||
'calendarid' => $row['calendarid'], | |||
'size' => (int)$row['size'], | |||
'component' => strtolower($row['componenttype']), | |||
'classification'=> $row['classification'] | |||
'classification'=> (int)$row['classification'] | |||
]; | |||
} | |||
@@ -548,7 +548,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription | |||
'size' => (int)$row['size'], | |||
'calendardata' => $this->readBlob($row['calendardata']), | |||
'component' => strtolower($row['componenttype']), | |||
'classification'=> $row['classification'] | |||
'classification'=> (int)$row['classification'] | |||
]; | |||
} | |||
@@ -586,7 +586,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription | |||
'size' => (int)$row['size'], | |||
'calendardata' => $this->readBlob($row['calendardata']), | |||
'component' => strtolower($row['componenttype']), | |||
'classification' => $row['classification'] | |||
'classification' => (int)$row['classification'] | |||
]; | |||
} |
@@ -26,6 +26,7 @@ use OCA\DAV\DAV\Sharing\IShareable; | |||
use OCP\IL10N; | |||
use Sabre\CalDAV\Backend\BackendInterface; | |||
use Sabre\DAV\Exception\Forbidden; | |||
use Sabre\DAV\Exception\NotFound; | |||
use Sabre\DAV\PropPatch; | |||
class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { | |||
@@ -162,6 +163,78 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { | |||
parent::propPatch($propPatch); | |||
} | |||
function getChild($name) { | |||
$obj = $this->caldavBackend->getCalendarObject($this->calendarInfo['id'], $name); | |||
if (!$obj) { | |||
throw new NotFound('Calendar object not found'); | |||
} | |||
if ($this->isShared() && $obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE) { | |||
throw new NotFound('Calendar object not found'); | |||
} | |||
$obj['acl'] = $this->getChildACL(); | |||
return new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj); | |||
} | |||
function getChildren() { | |||
$objs = $this->caldavBackend->getCalendarObjects($this->calendarInfo['id']); | |||
$children = []; | |||
foreach ($objs as $obj) { | |||
if ($this->isShared() && $obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE) { | |||
continue; | |||
} | |||
$obj['acl'] = $this->getChildACL(); | |||
$children[] = new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj); | |||
} | |||
return $children; | |||
} | |||
function getMultipleChildren(array $paths) { | |||
$objs = $this->caldavBackend->getMultipleCalendarObjects($this->calendarInfo['id'], $paths); | |||
$children = []; | |||
foreach ($objs as $obj) { | |||
if ($this->isShared() && $obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE) { | |||
continue; | |||
} | |||
$obj['acl'] = $this->getChildACL(); | |||
$children[] = new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj); | |||
} | |||
return $children; | |||
} | |||
function childExists($name) { | |||
$obj = $this->caldavBackend->getCalendarObject($this->calendarInfo['id'], $name); | |||
if (!$obj) { | |||
return false; | |||
} | |||
if ($this->isShared() && $obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE) { | |||
return false; | |||
} | |||
return true; | |||
} | |||
function calendarQuery(array $filters) { | |||
$uris = $this->caldavBackend->calendarQuery($this->calendarInfo['id'], $filters); | |||
if ($this->isShared()) { | |||
return array_filter($uris, function ($uri) { | |||
return $this->childExists($uri); | |||
}); | |||
} | |||
return $uris; | |||
} | |||
private function canWrite() { | |||
if (isset($this->calendarInfo['{http://owncloud.org/ns}read-only'])) { | |||
return !$this->calendarInfo['{http://owncloud.org/ns}read-only']; | |||
@@ -169,4 +242,8 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { | |||
return true; | |||
} | |||
private function isShared() { | |||
return isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal']); | |||
} | |||
} |
@@ -0,0 +1,92 @@ | |||
<?php | |||
/** | |||
* @author Thomas Müller <thomas.mueller@tmit.eu> | |||
* | |||
* @copyright Copyright (c) 2016, ownCloud, Inc. | |||
* @license AGPL-3.0 | |||
* | |||
* This code is free software: you can redistribute it and/or modify | |||
* it under the terms of the GNU Affero General Public License, version 3, | |||
* as published by the Free Software Foundation. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
* GNU Affero General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Affero General Public License, version 3, | |||
* along with this program. If not, see <http://www.gnu.org/licenses/> | |||
* | |||
*/ | |||
namespace OCA\DAV\CalDAV; | |||
use Sabre\VObject\Component; | |||
use Sabre\VObject\Property; | |||
use Sabre\VObject\Reader; | |||
class CalendarObject extends \Sabre\CalDAV\CalendarObject { | |||
/** | |||
* @inheritdoc | |||
*/ | |||
function get() { | |||
$data = parent::get(); | |||
if ($this->isShared() && $this->objectData['classification'] === CalDavBackend::CLASSIFICATION_CONFIDENTIAL) { | |||
return $this->createConfidentialObject($data); | |||
} | |||
return $data; | |||
} | |||
private function isShared() { | |||
return isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal']); | |||
} | |||
/** | |||
* @param string $calData | |||
* @return string | |||
*/ | |||
private static function createConfidentialObject($calData) { | |||
$vObject = Reader::read($calData); | |||
/** @var Component $vElement */ | |||
$vElement = null; | |||
if(isset($vObject->VEVENT)) { | |||
$vElement = $vObject->VEVENT; | |||
} | |||
if(isset($vObject->VJOURNAL)) { | |||
$vElement = $vObject->VJOURNAL; | |||
} | |||
if(isset($vObject->VTODO)) { | |||
$vElement = $vObject->VTODO; | |||
} | |||
if(!is_null($vElement)) { | |||
foreach ($vElement->children as &$property) { | |||
/** @var Property $property */ | |||
switch($property->name) { | |||
case 'CREATED': | |||
case 'DTSTART': | |||
case 'RRULE': | |||
case 'DURATION': | |||
case 'DTEND': | |||
case 'CLASS': | |||
case 'UID': | |||
break; | |||
case 'SUMMARY': | |||
$property->setValue('Busy'); | |||
break; | |||
default: | |||
$vElement->__unset($property->name); | |||
unset($property); | |||
break; | |||
} | |||
} | |||
} | |||
return $vObject->serialize(); | |||
} | |||
} |
@@ -27,6 +27,7 @@ use OCA\DAV\CalDAV\CalDavBackend; | |||
use OCA\DAV\CalDAV\Calendar; | |||
use OCP\IL10N; | |||
use Sabre\DAV\PropPatch; | |||
use Sabre\VObject\Reader; | |||
use Test\TestCase; | |||
class CalendarTest extends TestCase { | |||
@@ -189,4 +190,153 @@ class CalendarTest extends TestCase { | |||
'birthday calendar' => [false, false, false, BirthdayService::BIRTHDAY_CALENDAR_URI] | |||
]; | |||
} | |||
/** | |||
* @dataProvider providesConfidentialClassificationData | |||
* @param $expectedChildren | |||
* @param $isShared | |||
*/ | |||
public function testPrivateClassification($expectedChildren, $isShared) { | |||
$calObject0 = ['uri' => 'event-0', 'classification' => CalDavBackend::CLASSIFICATION_PUBLIC]; | |||
$calObject1 = ['uri' => 'event-1', 'classification' => CalDavBackend::CLASSIFICATION_CONFIDENTIAL]; | |||
$calObject2 = ['uri' => 'event-2', 'classification' => CalDavBackend::CLASSIFICATION_PRIVATE]; | |||
/** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */ | |||
$backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock(); | |||
$backend->expects($this->any())->method('getCalendarObjects')->willReturn([ | |||
$calObject0, $calObject1, $calObject2 | |||
]); | |||
$backend->expects($this->any())->method('getMultipleCalendarObjects') | |||
->with(666, ['event-0', 'event-1', 'event-2']) | |||
->willReturn([ | |||
$calObject0, $calObject1, $calObject2 | |||
]); | |||
$backend->expects($this->any())->method('getCalendarObject') | |||
->willReturn($calObject2)->with(666, 'event-2'); | |||
$calendarInfo = [ | |||
'principaluri' => 'user2', | |||
'id' => 666, | |||
'uri' => 'cal', | |||
]; | |||
if ($isShared) { | |||
$calendarInfo['{http://owncloud.org/ns}owner-principal'] = 'user1'; | |||
} | |||
$c = new Calendar($backend, $calendarInfo, $this->l10n); | |||
$children = $c->getChildren(); | |||
$this->assertEquals($expectedChildren, count($children)); | |||
$children = $c->getMultipleChildren(['event-0', 'event-1', 'event-2']); | |||
$this->assertEquals($expectedChildren, count($children)); | |||
$this->assertEquals(!$isShared, $c->childExists('event-2')); | |||
} | |||
/** | |||
* @dataProvider providesConfidentialClassificationData | |||
* @param $expectedChildren | |||
* @param $isShared | |||
*/ | |||
public function testConfidentialClassification($expectedChildren, $isShared) { | |||
$start = '20160609'; | |||
$end = '20160610'; | |||
$calData = <<<EOD | |||
BEGIN:VCALENDAR | |||
PRODID:-//ownCloud calendar v1.2.2 | |||
BEGIN:VEVENT | |||
CREATED:20160602T133732 | |||
DTSTAMP:20160602T133732 | |||
LAST-MODIFIED:20160602T133732 | |||
UID:wej2z68l9h | |||
SUMMARY:Test Event | |||
LOCATION:Somewhere ... | |||
ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;CUTYPE=INDIVIDUAL;CN=de | |||
epdiver:MAILTO:thomas.mueller@tmit.eu | |||
ORGANIZER;CN=deepdiver:MAILTO:thomas.mueller@tmit.eu | |||
DESCRIPTION:maybe .... | |||
DTSTART;TZID=Europe/Berlin;VALUE=DATE:$start | |||
DTEND;TZID=Europe/Berlin;VALUE=DATE:$end | |||
RRULE:FREQ=DAILY | |||
BEGIN:VALARM | |||
ACTION:AUDIO | |||
TRIGGER:-PT15M | |||
END:VALARM | |||
END:VEVENT | |||
BEGIN:VTIMEZONE | |||
TZID:Europe/Berlin | |||
BEGIN:DAYLIGHT | |||
DTSTART:19810329T020000 | |||
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU | |||
TZNAME:MESZ | |||
TZOFFSETFROM:+0100 | |||
TZOFFSETTO:+0200 | |||
END:DAYLIGHT | |||
BEGIN:STANDARD | |||
DTSTART:19961027T030000 | |||
RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU | |||
TZNAME:MEZ | |||
TZOFFSETFROM:+0200 | |||
TZOFFSETTO:+0100 | |||
END:STANDARD | |||
END:VTIMEZONE | |||
END:VCALENDAR | |||
EOD; | |||
$calObject0 = ['uri' => 'event-0', 'classification' => CalDavBackend::CLASSIFICATION_PUBLIC]; | |||
$calObject1 = ['uri' => 'event-1', 'classification' => CalDavBackend::CLASSIFICATION_CONFIDENTIAL, 'calendardata' => $calData]; | |||
$calObject2 = ['uri' => 'event-2', 'classification' => CalDavBackend::CLASSIFICATION_PRIVATE]; | |||
/** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */ | |||
$backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock(); | |||
$backend->expects($this->any())->method('getCalendarObjects')->willReturn([ | |||
$calObject0, $calObject1, $calObject2 | |||
]); | |||
$backend->expects($this->any())->method('getMultipleCalendarObjects') | |||
->with(666, ['event-0', 'event-1', 'event-2']) | |||
->willReturn([ | |||
$calObject0, $calObject1, $calObject2 | |||
]); | |||
$backend->expects($this->any())->method('getCalendarObject') | |||
->willReturn($calObject1)->with(666, 'event-1'); | |||
$calendarInfo = [ | |||
'principaluri' => 'user2', | |||
'id' => 666, | |||
'uri' => 'cal', | |||
]; | |||
if ($isShared) { | |||
$calendarInfo['{http://owncloud.org/ns}owner-principal'] = 'user1'; | |||
} | |||
$c = new Calendar($backend, $calendarInfo, $this->l10n); | |||
// test private event | |||
$privateEvent = $c->getChild('event-1'); | |||
$calData = $privateEvent->get(); | |||
$event = Reader::read($calData); | |||
$this->assertEquals($start, $event->VEVENT->DTSTART->getValue()); | |||
$this->assertEquals($end, $event->VEVENT->DTEND->getValue()); | |||
if ($isShared) { | |||
$this->assertEquals('Busy', $event->VEVENT->SUMMARY->getValue()); | |||
$this->assertArrayNotHasKey('ATTENDEE', $event->VEVENT); | |||
$this->assertArrayNotHasKey('LOCATION', $event->VEVENT); | |||
$this->assertArrayNotHasKey('DESCRIPTION', $event->VEVENT); | |||
$this->assertArrayNotHasKey('ORGANIZER', $event->VEVENT); | |||
} else { | |||
$this->assertEquals('Test Event', $event->VEVENT->SUMMARY->getValue()); | |||
} | |||
} | |||
public function providesConfidentialClassificationData() { | |||
return [ | |||
[3, false], | |||
[2, true] | |||
]; | |||
} | |||
} |