@@ -339,6 +339,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription | |||
'{' . Plugin::NS_CALDAV . '}schedule-calendar-transp' => new ScheduleCalendarTransp($row['transparent']?'transparent':'opaque'), | |||
'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $row['principaluri'], | |||
'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only' => (int)$row['access'] === Backend::ACCESS_READ, | |||
'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}public' => (int)$row['access'] === self::ACCESS_PUBLIC, | |||
]; | |||
foreach($this->propertyMap as $xmlName=>$dbName) { |
@@ -90,7 +90,7 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { | |||
} | |||
/** | |||
* @return str | |||
* @return string | |||
*/ | |||
public function getPrincipalURI() { | |||
return $this->calendarInfo['principaluri']; | |||
@@ -124,6 +124,13 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { | |||
]; | |||
} | |||
} | |||
if ($this->isPublic()) { | |||
$acl[] = [ | |||
'privilege' => '{DAV:}read', | |||
'principal' => 'principals/system/public', | |||
'protected' => true, | |||
]; | |||
} | |||
/** @var CalDavBackend $calDavBackend */ | |||
$calDavBackend = $this->caldavBackend; | |||
@@ -264,6 +271,10 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { | |||
return true; | |||
} | |||
private function isPublic() { | |||
return isset($this->calendarInfo['{http://owncloud.org/ns}public']); | |||
} | |||
private function isShared() { | |||
return isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal']); | |||
} |
@@ -0,0 +1,86 @@ | |||
<?php | |||
/** | |||
* @author Thomas Müller <thomas.mueller@tmit.eu> | |||
* | |||
* @copyright Copyright (c) 2016, ownCloud, Inc. | |||
* @license AGPL-3.0 | |||
* | |||
* This code is free software: you can redistribute it and/or modify | |||
* it under the terms of the GNU Affero General Public License, version 3, | |||
* as published by the Free Software Foundation. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
* GNU Affero General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Affero General Public License, version 3, | |||
* along with this program. If not, see <http://www.gnu.org/licenses/> | |||
* | |||
*/ | |||
namespace OCA\DAV\DAV; | |||
use Sabre\DAV\Auth\Backend\BackendInterface; | |||
use Sabre\HTTP\RequestInterface; | |||
use Sabre\HTTP\ResponseInterface; | |||
class PublicAuth implements BackendInterface { | |||
/** @var string[] */ | |||
private $publicURLs; | |||
/** | |||
* @param string[] $publicURLs | |||
*/ | |||
public function __construct() { | |||
$this->publicURLs = [ | |||
'public-calendars/' | |||
]; | |||
} | |||
/** | |||
* When this method is called, the backend must check if authentication was | |||
* successful. | |||
* | |||
* The returned value must be one of the following | |||
* | |||
* [true, "principals/username"] | |||
* [false, "reason for failure"] | |||
* | |||
* If authentication was successful, it's expected that the authentication | |||
* backend returns a so-called principal url. | |||
* | |||
* Examples of a principal url: | |||
* | |||
* principals/admin | |||
* principals/user1 | |||
* principals/users/joe | |||
* principals/uid/123457 | |||
* | |||
* If you don't use WebDAV ACL (RFC3744) we recommend that you simply | |||
* return a string such as: | |||
* | |||
* principals/users/[username] | |||
* | |||
* @param RequestInterface $request | |||
* @param ResponseInterface $response | |||
* @return array | |||
*/ | |||
function check(RequestInterface $request, ResponseInterface $response) { | |||
$url = $request->getPath(); | |||
$matchingUrls = array_filter($this->publicURLs, function ($publicUrl) use ($url) { | |||
return strpos($url, $publicUrl, 0) === 0; | |||
}); | |||
if ($matchingUrls) { | |||
return [true, "principals/system/public"]; | |||
} | |||
return [false, "No public access to this resource."]; | |||
} | |||
/** | |||
* @inheritdoc | |||
*/ | |||
function challenge(RequestInterface $request, ResponseInterface $response) { | |||
} | |||
} |
@@ -51,6 +51,10 @@ class SystemPrincipalBackend extends AbstractBackend { | |||
'uri' => 'principals/system/system', | |||
'{DAV:}displayname' => 'system', | |||
]; | |||
$principals[] = [ | |||
'uri' => 'principals/system/public', | |||
'{DAV:}displayname' => 'public', | |||
]; | |||
} | |||
return $principals; | |||
@@ -73,6 +77,13 @@ class SystemPrincipalBackend extends AbstractBackend { | |||
]; | |||
return $principal; | |||
} | |||
if ($path === 'principals/system/public') { | |||
$principal = [ | |||
'uri' => 'principals/system/public', | |||
'{DAV:}displayname' => 'public', | |||
]; | |||
return $principal; | |||
} | |||
return null; | |||
} |
@@ -35,6 +35,7 @@ use OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin; | |||
use OCA\DAV\Connector\Sabre\DavAclPlugin; | |||
use OCA\DAV\Connector\Sabre\DummyGetResponsePlugin; | |||
use OCA\DAV\Connector\Sabre\FilesPlugin; | |||
use OCA\DAV\DAV\PublicAuth; | |||
use OCA\DAV\Files\BrowserErrorPagePlugin; | |||
use OCA\DAV\Files\CustomPropertiesBackend; | |||
use OCP\IRequest; | |||
@@ -78,6 +79,8 @@ class Server { | |||
$this->server->addPlugin(new BlockLegacyClientPlugin(\OC::$server->getConfig())); | |||
$authPlugin = new Plugin(); | |||
$authPlugin->addBackend($authBackend); | |||
$authPlugin->addBackend(new PublicAuth()); | |||
$this->server->addPlugin($authPlugin); | |||
// allow setup of additional auth backends |