diff options
author | Georg Ehrke <developer@georgehrke.com> | 2018-05-22 15:09:21 +0200 |
---|---|---|
committer | Georg Ehrke <developer@georgehrke.com> | 2018-05-22 19:16:26 +0200 |
commit | 367ca563b429e9a93326f960e14863fe05ecec35 (patch) | |
tree | 9b8fe85951f489daa0c109b52d5a6abbda9cc56d | |
parent | 57d4a16cfbbab9087925484207826446b14163b0 (diff) | |
download | nextcloud-server-367ca563b429e9a93326f960e14863fe05ecec35.tar.gz nextcloud-server-367ca563b429e9a93326f960e14863fe05ecec35.zip |
allow admins to override FreeBusy capabilities without modifying ShareAPI capabilities
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
-rw-r--r-- | apps/dav/appinfo/v1/caldav.php | 1 | ||||
-rw-r--r-- | apps/dav/appinfo/v1/carddav.php | 1 | ||||
-rw-r--r-- | apps/dav/lib/Command/CreateCalendar.php | 3 | ||||
-rw-r--r-- | apps/dav/lib/Connector/Sabre/Principal.php | 19 | ||||
-rw-r--r-- | apps/dav/lib/RootCollection.php | 3 | ||||
-rw-r--r-- | apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php | 228 | ||||
-rw-r--r-- | apps/files_trashbin/lib/AppInfo/Application.php | 3 | ||||
-rw-r--r-- | apps/files_versions/lib/AppInfo/Application.php | 3 |
8 files changed, 172 insertions, 89 deletions
diff --git a/apps/dav/appinfo/v1/caldav.php b/apps/dav/appinfo/v1/caldav.php index b4907ce94cb..ecc4fbb8b60 100644 --- a/apps/dav/appinfo/v1/caldav.php +++ b/apps/dav/appinfo/v1/caldav.php @@ -46,6 +46,7 @@ $principalBackend = new Principal( \OC::$server->getGroupManager(), \OC::$server->getShareManager(), \OC::$server->getUserSession(), + \OC::$server->getConfig(), 'principals/' ); $db = \OC::$server->getDatabaseConnection(); diff --git a/apps/dav/appinfo/v1/carddav.php b/apps/dav/appinfo/v1/carddav.php index eddc7a794ac..e55eee610ef 100644 --- a/apps/dav/appinfo/v1/carddav.php +++ b/apps/dav/appinfo/v1/carddav.php @@ -47,6 +47,7 @@ $principalBackend = new Principal( \OC::$server->getGroupManager(), \OC::$server->getShareManager(), \OC::$server->getUserSession(), + \OC::$server->getConfig(), 'principals/' ); $db = \OC::$server->getDatabaseConnection(); diff --git a/apps/dav/lib/Command/CreateCalendar.php b/apps/dav/lib/Command/CreateCalendar.php index 1cbd7b60944..45dd9ba941a 100644 --- a/apps/dav/lib/Command/CreateCalendar.php +++ b/apps/dav/lib/Command/CreateCalendar.php @@ -77,7 +77,8 @@ class CreateCalendar extends Command { $this->userManager, $this->groupManager, \OC::$server->getShareManager(), - \OC::$server->getUserSession() + \OC::$server->getUserSession(), + \OC::$server->getConfig() ); $random = \OC::$server->getSecureRandom(); $logger = \OC::$server->getLogger(); diff --git a/apps/dav/lib/Connector/Sabre/Principal.php b/apps/dav/lib/Connector/Sabre/Principal.php index b2f57cf715c..92b3bccb69f 100644 --- a/apps/dav/lib/Connector/Sabre/Principal.php +++ b/apps/dav/lib/Connector/Sabre/Principal.php @@ -30,6 +30,7 @@ namespace OCA\DAV\Connector\Sabre; +use OCP\IConfig; use OCP\IGroup; use OCP\IGroupManager; use OCP\IUser; @@ -54,6 +55,9 @@ class Principal implements BackendInterface { /** @var IUserSession */ private $userSession; + /** @var IConfig */ + private $config; + /** @var string */ private $principalPrefix; @@ -65,17 +69,20 @@ class Principal implements BackendInterface { * @param IGroupManager $groupManager * @param IShareManager $shareManager * @param IUserSession $userSession + * @param IConfig $config * @param string $principalPrefix */ public function __construct(IUserManager $userManager, IGroupManager $groupManager, IShareManager $shareManager, IUserSession $userSession, + IConfig $config, $principalPrefix = 'principals/users/') { $this->userManager = $userManager; $this->groupManager = $groupManager; $this->shareManager = $shareManager; $this->userSession = $userSession; + $this->config = $config; $this->principalPrefix = trim($principalPrefix, '/'); $this->hasGroups = ($principalPrefix === 'principals/users/'); } @@ -205,8 +212,10 @@ class Principal implements BackendInterface { protected function searchUserPrincipals(array $searchProperties, $test = 'allof') { $results = []; - // If sharing is disabled, return the empty array - if (!$this->shareManager->shareApiEnabled()) { + // If sharing is disabled (or FreeBusy was disabled on purpose), return the empty array + $shareAPIEnabled = $this->shareManager->shareApiEnabled(); + $disableFreeBusy = $this->config->getAppValue('dav', 'disableFreeBusy', $shareAPIEnabled ? 'no' : 'yes'); + if ($disableFreeBusy === 'yes') { return []; } @@ -289,8 +298,10 @@ class Principal implements BackendInterface { * @return string */ function findByUri($uri, $principalPrefix) { - // If sharing is disabled, return null as in user not found - if (!$this->shareManager->shareApiEnabled()) { + // If sharing is disabled (or FreeBusy was disabled on purpose), return the empty array + $shareAPIEnabled = $this->shareManager->shareApiEnabled(); + $disableFreeBusy = $this->config->getAppValue('dav', 'disableFreeBusy', $shareAPIEnabled ? 'no' : 'yes'); + if ($disableFreeBusy === 'yes') { return null; } diff --git a/apps/dav/lib/RootCollection.php b/apps/dav/lib/RootCollection.php index a39b8716110..b9f381b4b92 100644 --- a/apps/dav/lib/RootCollection.php +++ b/apps/dav/lib/RootCollection.php @@ -51,7 +51,8 @@ class RootCollection extends SimpleCollection { $userManager, $groupManager, $shareManager, - \OC::$server->getUserSession() + \OC::$server->getUserSession(), + $config ); $groupPrincipalBackend = new GroupPrincipalBackend($groupManager); // as soon as debug mode is enabled we allow listing of principals diff --git a/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php b/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php index 7b9929bc4f3..7e82c446760 100644 --- a/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php +++ b/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php @@ -27,6 +27,7 @@ namespace OCA\DAV\Tests\unit\Connector\Sabre; use OC\User\User; +use OCP\IConfig; use OCP\IGroup; use OCP\IGroupManager; use OCP\IUser; @@ -47,18 +48,22 @@ class PrincipalTest extends TestCase { private $shareManager; /** @var IUserSession | \PHPUnit_Framework_MockObject_MockObject */ private $userSession; + /** @var IConfig | \PHPUnit_Framework_MockObject_MockObject */ + private $config; public function setUp() { $this->userManager = $this->createMock(IUserManager::class); $this->groupManager = $this->createMock(IGroupManager::class); $this->shareManager = $this->createMock(IManager::class); $this->userSession = $this->createMock(IUserSession::class); + $this->config = $this->createMock(IConfig::class); $this->connector = new \OCA\DAV\Connector\Sabre\Principal( $this->userManager, $this->groupManager, $this->shareManager, - $this->userSession); + $this->userSession, + $this->config); parent::setUp(); } @@ -278,26 +283,37 @@ class PrincipalTest extends TestCase { /** * @dataProvider searchPrincipalsDataProvider */ - public function testSearchPrincipals($sharingEnabled, $groupsOnly, $result) { + public function testSearchPrincipals($disableFreeBusy, $sharingEnabled, $disableFBSharingCombination, $groupsOnly, $result) { $this->shareManager->expects($this->once()) ->method('shareAPIEnabled') ->will($this->returnValue($sharingEnabled)); - - if ($sharingEnabled) { - $this->shareManager->expects($this->once()) - ->method('shareWithGroupMembersOnly') - ->will($this->returnValue($groupsOnly)); - - if ($groupsOnly) { - $user = $this->createMock(IUser::class); - $this->userSession->expects($this->once()) - ->method('getUser') - ->will($this->returnValue($user)); - - $this->groupManager->expects($this->at(0)) - ->method('getUserGroupIds') - ->with($user) - ->will($this->returnValue(['group1', 'group2'])); + $this->config->expects($this->once()) + ->method('getAppValue') + ->with('dav', 'disableFreeBusy', $sharingEnabled ? 'no' : 'yes') + ->will($this->returnValue($disableFBSharingCombination)); + + if ($disableFreeBusy === 'no') { + if ($sharingEnabled) { + $this->shareManager->expects($this->once()) + ->method('shareWithGroupMembersOnly') + ->will($this->returnValue($groupsOnly)); + + if ($groupsOnly) { + $user = $this->createMock(IUser::class); + $this->userSession->expects($this->once()) + ->method('getUser') + ->will($this->returnValue($user)); + + $this->groupManager->expects($this->at(0)) + ->method('getUserGroupIds') + ->with($user) + ->will($this->returnValue(['group1', 'group2'])); + } + } else { + $this->shareManager->expects($this->never()) + ->method('shareWithGroupMembersOnly'); + $this->groupManager->expects($this->never()) + ->method($this->anything()); } } else { $this->shareManager->expects($this->never()) @@ -306,27 +322,43 @@ class PrincipalTest extends TestCase { ->method($this->anything()); } + $user2 = $this->createMock(IUser::class); $user2->method('getUID')->will($this->returnValue('user2')); $user3 = $this->createMock(IUser::class); $user3->method('getUID')->will($this->returnValue('user3')); - if ($sharingEnabled) { - $this->userManager->expects($this->at(0)) - ->method('getByEmail') - ->with('user') - ->will($this->returnValue([$user2, $user3])); + if ($disableFreeBusy === 'no') { + if ($sharingEnabled) { + $this->userManager->expects($this->at(0)) + ->method('getByEmail') + ->with('user') + ->will($this->returnValue([$user2, $user3])); + } else { + $this->userManager->expects($this->never()) + ->method('getByEmail'); + } + } else { + $this->userManager->expects($this->never()) + ->method('getByEmail'); } - if ($sharingEnabled && $groupsOnly) { - $this->groupManager->expects($this->at(1)) - ->method('getUserGroupIds') - ->with($user2) - ->will($this->returnValue(['group1', 'group3'])); - $this->groupManager->expects($this->at(2)) - ->method('getUserGroupIds') - ->with($user3) - ->will($this->returnValue(['group3', 'group4'])); + if ($disableFreeBusy === 'no') { + if ($sharingEnabled && $groupsOnly) { + $this->groupManager->expects($this->at(1)) + ->method('getUserGroupIds') + ->with($user2) + ->will($this->returnValue(['group1', 'group3'])); + $this->groupManager->expects($this->at(2)) + ->method('getUserGroupIds') + ->with($user3) + ->will($this->returnValue(['group3', 'group4'])); + } + } else { + $this->groupManager->expects($this->never()) + ->method('getUserGroupIds'); + $this->groupManager->expects($this->never()) + ->method('getUserGroupIds'); } $this->assertEquals($result, $this->connector->searchPrincipals('principals/users', @@ -335,9 +367,12 @@ class PrincipalTest extends TestCase { public function searchPrincipalsDataProvider() { return [ - [true, false, ['principals/users/user2', 'principals/users/user3']], - [true, true, ['principals/users/user2']], - [false, false, []], + ['yes', true, 'yes', false, []], + ['no', true, 'no', false, ['principals/users/user2', 'principals/users/user3']], + ['yes', true, 'yes', true, []], + ['no', true, 'no', true, ['principals/users/user2']], + ['yes', false, 'yes', false, []], + ['no', false, 'yes', false, []], ]; } @@ -345,6 +380,10 @@ class PrincipalTest extends TestCase { $this->shareManager->expects($this->once()) ->method('shareApiEnabled') ->will($this->returnValue(false)); + $this->config->expects($this->once()) + ->method('getAppValue') + ->with('dav', 'disableFreeBusy', 'yes') + ->will($this->returnValue('yes')); $this->assertEquals(null, $this->connector->findByUri('mailto:user@foo.com', 'principals/users')); } @@ -352,45 +391,56 @@ class PrincipalTest extends TestCase { /** * @dataProvider findByUriWithGroupRestrictionDataProvider */ - public function testFindByUriWithGroupRestriction($uri, $email, $expects) { + public function testFindByUriWithGroupRestriction($disableFreeBusy, $uri, $email, $expects) { $this->shareManager->expects($this->once()) ->method('shareApiEnabled') ->will($this->returnValue(true)); + $this->config->expects($this->once()) + ->method('getAppValue') + ->with('dav', 'disableFreeBusy', 'no') + ->will($this->returnValue($disableFreeBusy)); - $this->shareManager->expects($this->once()) - ->method('shareWithGroupMembersOnly') - ->will($this->returnValue(true)); + if ($disableFreeBusy === 'yes') { + $this->shareManager->expects($this->never()) + ->method('shareWithGroupMembersOnly'); + $this->userSession->expects($this->never()) + ->method('getUser'); + } else { + $this->shareManager->expects($this->once()) + ->method('shareWithGroupMembersOnly') + ->will($this->returnValue(true)); - $user = $this->createMock(IUser::class); - $this->userSession->expects($this->once()) - ->method('getUser') - ->will($this->returnValue($user)); + $user = $this->createMock(IUser::class); + $this->userSession->expects($this->once()) + ->method('getUser') + ->will($this->returnValue($user)); - $this->groupManager->expects($this->at(0)) - ->method('getUserGroupIds') - ->with($user) - ->will($this->returnValue(['group1', 'group2'])); + $this->groupManager->expects($this->at(0)) + ->method('getUserGroupIds') + ->with($user) + ->will($this->returnValue(['group1', 'group2'])); - $user2 = $this->createMock(IUser::class); - $user2->method('getUID')->will($this->returnValue('user2')); - $user3 = $this->createMock(IUser::class); - $user3->method('getUID')->will($this->returnValue('user3')); + $user2 = $this->createMock(IUser::class); + $user2->method('getUID')->will($this->returnValue('user2')); + $user3 = $this->createMock(IUser::class); + $user3->method('getUID')->will($this->returnValue('user3')); - $this->userManager->expects($this->once()) - ->method('getByEmail') - ->with($email) - ->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3])); + $this->userManager->expects($this->once()) + ->method('getByEmail') + ->with($email) + ->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3])); - if ($email === 'user2@foo.bar') { - $this->groupManager->expects($this->at(1)) - ->method('getUserGroupIds') - ->with($user2) - ->will($this->returnValue(['group1', 'group3'])); - } else { - $this->groupManager->expects($this->at(1)) - ->method('getUserGroupIds') - ->with($user3) - ->will($this->returnValue(['group3', 'group3'])); + if ($email === 'user2@foo.bar') { + $this->groupManager->expects($this->at(1)) + ->method('getUserGroupIds') + ->with($user2) + ->will($this->returnValue(['group1', 'group3'])); + } else { + $this->groupManager->expects($this->at(1)) + ->method('getUserGroupIds') + ->with($user3) + ->will($this->returnValue(['group3', 'group3'])); + } } $this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users')); @@ -398,40 +448,56 @@ class PrincipalTest extends TestCase { public function findByUriWithGroupRestrictionDataProvider() { return [ - ['mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'], - ['mailto:user3@foo.bar', 'user3@foo.bar', null], + ['yes', 'mailto:user2@foo.bar', 'user2@foo.bar', null], + ['no', 'mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'], + ['yes', 'mailto:user3@foo.bar', 'user3@foo.bar', null], + ['no', 'mailto:user3@foo.bar', 'user3@foo.bar', null], ]; } /** * @dataProvider findByUriWithoutGroupRestrictionDataProvider */ - public function testFindByUriWithoutGroupRestriction($uri, $email, $expects) { + public function testFindByUriWithoutGroupRestriction($disableFreeBusy, $uri, $email, $expects) { $this->shareManager->expects($this->once()) ->method('shareApiEnabled') ->will($this->returnValue(true)); + $this->config->expects($this->once()) + ->method('getAppValue') + ->with('dav', 'disableFreeBusy', 'no') + ->will($this->returnValue($disableFreeBusy)); - $this->shareManager->expects($this->once()) - ->method('shareWithGroupMembersOnly') - ->will($this->returnValue(false)); + if ($disableFreeBusy === 'yes') { + $this->shareManager->expects($this->never()) + ->method('shareWithGroupMembersOnly'); - $user2 = $this->createMock(IUser::class); - $user2->method('getUID')->will($this->returnValue('user2')); - $user3 = $this->createMock(IUser::class); - $user3->method('getUID')->will($this->returnValue('user3')); + $this->userManager->expects($this->never()) + ->method('getByEmail'); + } else { + $this->shareManager->expects($this->once()) + ->method('shareWithGroupMembersOnly') + ->will($this->returnValue(false)); - $this->userManager->expects($this->once()) - ->method('getByEmail') - ->with($email) - ->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3])); + $user2 = $this->createMock(IUser::class); + $user2->method('getUID')->will($this->returnValue('user2')); + $user3 = $this->createMock(IUser::class); + $user3->method('getUID')->will($this->returnValue('user3')); + + $this->userManager->expects($this->once()) + ->method('getByEmail') + ->with($email) + ->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3])); + } $this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users')); } public function findByUriWithoutGroupRestrictionDataProvider() { return [ - ['mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'], - ['mailto:user3@foo.bar', 'user3@foo.bar', 'principals/users/user3'], + ['yes', 'mailto:user2@foo.bar', 'user2@foo.bar', null], + ['yes', 'mailto:user3@foo.bar', 'user3@foo.bar', null], + ['no', 'mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'], + ['no', 'mailto:user3@foo.bar', 'user3@foo.bar', 'principals/users/user3'], ]; } } diff --git a/apps/files_trashbin/lib/AppInfo/Application.php b/apps/files_trashbin/lib/AppInfo/Application.php index ea27c8c16ea..8e4ec255567 100644 --- a/apps/files_trashbin/lib/AppInfo/Application.php +++ b/apps/files_trashbin/lib/AppInfo/Application.php @@ -57,7 +57,8 @@ class Application extends App { \OC::$server->getUserManager(), \OC::$server->getGroupManager(), \OC::$server->getShareManager(), - \OC::$server->getUserSession() + \OC::$server->getUserSession(), + \OC::$server->getConfig() ); }); } diff --git a/apps/files_versions/lib/AppInfo/Application.php b/apps/files_versions/lib/AppInfo/Application.php index be80f7d853b..340b5ab5cbd 100644 --- a/apps/files_versions/lib/AppInfo/Application.php +++ b/apps/files_versions/lib/AppInfo/Application.php @@ -48,7 +48,8 @@ class Application extends App { \OC::$server->getUserManager(), \OC::$server->getGroupManager(), \OC::$server->getShareManager(), - \OC::$server->getUserSession() + \OC::$server->getUserSession(), + \OC::$server->getConfig() ); }); } |