summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2018-06-01 12:00:56 +0200
committerGitHub <noreply@github.com>2018-06-01 12:00:56 +0200
commitc3fc789b2cad0b065647421a85b7d1d04fca03aa (patch)
tree4c0da7230cf6505e6b2caab417fc724121d16e79
parentd3fceb9b83dc3f826b91d9ebcad9bbb74153e072 (diff)
parent367ca563b429e9a93326f960e14863fe05ecec35 (diff)
downloadnextcloud-server-c3fc789b2cad0b065647421a85b7d1d04fca03aa.tar.gz
nextcloud-server-c3fc789b2cad0b065647421a85b7d1d04fca03aa.zip
Merge pull request #9550 from nextcloud/bugfix/noid/override_freebusy_sharing_rules
allow admins to disable FreeBusy without modifying ShareAPI capabilities
-rw-r--r--apps/dav/appinfo/v1/caldav.php1
-rw-r--r--apps/dav/appinfo/v1/carddav.php1
-rw-r--r--apps/dav/lib/Command/CreateCalendar.php3
-rw-r--r--apps/dav/lib/Connector/Sabre/Principal.php19
-rw-r--r--apps/dav/lib/RootCollection.php3
-rw-r--r--apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php228
-rw-r--r--apps/files_trashbin/lib/AppInfo/Application.php3
-rw-r--r--apps/files_versions/lib/AppInfo/Application.php3
8 files changed, 172 insertions, 89 deletions
diff --git a/apps/dav/appinfo/v1/caldav.php b/apps/dav/appinfo/v1/caldav.php
index b4907ce94cb..ecc4fbb8b60 100644
--- a/apps/dav/appinfo/v1/caldav.php
+++ b/apps/dav/appinfo/v1/caldav.php
@@ -46,6 +46,7 @@ $principalBackend = new Principal(
\OC::$server->getGroupManager(),
\OC::$server->getShareManager(),
\OC::$server->getUserSession(),
+ \OC::$server->getConfig(),
'principals/'
);
$db = \OC::$server->getDatabaseConnection();
diff --git a/apps/dav/appinfo/v1/carddav.php b/apps/dav/appinfo/v1/carddav.php
index eddc7a794ac..e55eee610ef 100644
--- a/apps/dav/appinfo/v1/carddav.php
+++ b/apps/dav/appinfo/v1/carddav.php
@@ -47,6 +47,7 @@ $principalBackend = new Principal(
\OC::$server->getGroupManager(),
\OC::$server->getShareManager(),
\OC::$server->getUserSession(),
+ \OC::$server->getConfig(),
'principals/'
);
$db = \OC::$server->getDatabaseConnection();
diff --git a/apps/dav/lib/Command/CreateCalendar.php b/apps/dav/lib/Command/CreateCalendar.php
index 1cbd7b60944..45dd9ba941a 100644
--- a/apps/dav/lib/Command/CreateCalendar.php
+++ b/apps/dav/lib/Command/CreateCalendar.php
@@ -77,7 +77,8 @@ class CreateCalendar extends Command {
$this->userManager,
$this->groupManager,
\OC::$server->getShareManager(),
- \OC::$server->getUserSession()
+ \OC::$server->getUserSession(),
+ \OC::$server->getConfig()
);
$random = \OC::$server->getSecureRandom();
$logger = \OC::$server->getLogger();
diff --git a/apps/dav/lib/Connector/Sabre/Principal.php b/apps/dav/lib/Connector/Sabre/Principal.php
index b94b093ab50..feba4d04624 100644
--- a/apps/dav/lib/Connector/Sabre/Principal.php
+++ b/apps/dav/lib/Connector/Sabre/Principal.php
@@ -30,6 +30,7 @@
namespace OCA\DAV\Connector\Sabre;
+use OCP\IConfig;
use OCP\IGroup;
use OCP\IGroupManager;
use OCP\IUser;
@@ -54,6 +55,9 @@ class Principal implements BackendInterface {
/** @var IUserSession */
private $userSession;
+ /** @var IConfig */
+ private $config;
+
/** @var string */
private $principalPrefix;
@@ -65,17 +69,20 @@ class Principal implements BackendInterface {
* @param IGroupManager $groupManager
* @param IShareManager $shareManager
* @param IUserSession $userSession
+ * @param IConfig $config
* @param string $principalPrefix
*/
public function __construct(IUserManager $userManager,
IGroupManager $groupManager,
IShareManager $shareManager,
IUserSession $userSession,
+ IConfig $config,
$principalPrefix = 'principals/users/') {
$this->userManager = $userManager;
$this->groupManager = $groupManager;
$this->shareManager = $shareManager;
$this->userSession = $userSession;
+ $this->config = $config;
$this->principalPrefix = trim($principalPrefix, '/');
$this->hasGroups = ($principalPrefix === 'principals/users/');
}
@@ -205,8 +212,10 @@ class Principal implements BackendInterface {
protected function searchUserPrincipals(array $searchProperties, $test = 'allof') {
$results = [];
- // If sharing is disabled, return the empty array
- if (!$this->shareManager->shareApiEnabled()) {
+ // If sharing is disabled (or FreeBusy was disabled on purpose), return the empty array
+ $shareAPIEnabled = $this->shareManager->shareApiEnabled();
+ $disableFreeBusy = $this->config->getAppValue('dav', 'disableFreeBusy', $shareAPIEnabled ? 'no' : 'yes');
+ if ($disableFreeBusy === 'yes') {
return [];
}
@@ -289,8 +298,10 @@ class Principal implements BackendInterface {
* @return string
*/
function findByUri($uri, $principalPrefix) {
- // If sharing is disabled, return null as in user not found
- if (!$this->shareManager->shareApiEnabled()) {
+ // If sharing is disabled (or FreeBusy was disabled on purpose), return the empty array
+ $shareAPIEnabled = $this->shareManager->shareApiEnabled();
+ $disableFreeBusy = $this->config->getAppValue('dav', 'disableFreeBusy', $shareAPIEnabled ? 'no' : 'yes');
+ if ($disableFreeBusy === 'yes') {
return null;
}
diff --git a/apps/dav/lib/RootCollection.php b/apps/dav/lib/RootCollection.php
index a39b8716110..b9f381b4b92 100644
--- a/apps/dav/lib/RootCollection.php
+++ b/apps/dav/lib/RootCollection.php
@@ -51,7 +51,8 @@ class RootCollection extends SimpleCollection {
$userManager,
$groupManager,
$shareManager,
- \OC::$server->getUserSession()
+ \OC::$server->getUserSession(),
+ $config
);
$groupPrincipalBackend = new GroupPrincipalBackend($groupManager);
// as soon as debug mode is enabled we allow listing of principals
diff --git a/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php b/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php
index 7b9929bc4f3..7e82c446760 100644
--- a/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php
+++ b/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php
@@ -27,6 +27,7 @@
namespace OCA\DAV\Tests\unit\Connector\Sabre;
use OC\User\User;
+use OCP\IConfig;
use OCP\IGroup;
use OCP\IGroupManager;
use OCP\IUser;
@@ -47,18 +48,22 @@ class PrincipalTest extends TestCase {
private $shareManager;
/** @var IUserSession | \PHPUnit_Framework_MockObject_MockObject */
private $userSession;
+ /** @var IConfig | \PHPUnit_Framework_MockObject_MockObject */
+ private $config;
public function setUp() {
$this->userManager = $this->createMock(IUserManager::class);
$this->groupManager = $this->createMock(IGroupManager::class);
$this->shareManager = $this->createMock(IManager::class);
$this->userSession = $this->createMock(IUserSession::class);
+ $this->config = $this->createMock(IConfig::class);
$this->connector = new \OCA\DAV\Connector\Sabre\Principal(
$this->userManager,
$this->groupManager,
$this->shareManager,
- $this->userSession);
+ $this->userSession,
+ $this->config);
parent::setUp();
}
@@ -278,26 +283,37 @@ class PrincipalTest extends TestCase {
/**
* @dataProvider searchPrincipalsDataProvider
*/
- public function testSearchPrincipals($sharingEnabled, $groupsOnly, $result) {
+ public function testSearchPrincipals($disableFreeBusy, $sharingEnabled, $disableFBSharingCombination, $groupsOnly, $result) {
$this->shareManager->expects($this->once())
->method('shareAPIEnabled')
->will($this->returnValue($sharingEnabled));
-
- if ($sharingEnabled) {
- $this->shareManager->expects($this->once())
- ->method('shareWithGroupMembersOnly')
- ->will($this->returnValue($groupsOnly));
-
- if ($groupsOnly) {
- $user = $this->createMock(IUser::class);
- $this->userSession->expects($this->once())
- ->method('getUser')
- ->will($this->returnValue($user));
-
- $this->groupManager->expects($this->at(0))
- ->method('getUserGroupIds')
- ->with($user)
- ->will($this->returnValue(['group1', 'group2']));
+ $this->config->expects($this->once())
+ ->method('getAppValue')
+ ->with('dav', 'disableFreeBusy', $sharingEnabled ? 'no' : 'yes')
+ ->will($this->returnValue($disableFBSharingCombination));
+
+ if ($disableFreeBusy === 'no') {
+ if ($sharingEnabled) {
+ $this->shareManager->expects($this->once())
+ ->method('shareWithGroupMembersOnly')
+ ->will($this->returnValue($groupsOnly));
+
+ if ($groupsOnly) {
+ $user = $this->createMock(IUser::class);
+ $this->userSession->expects($this->once())
+ ->method('getUser')
+ ->will($this->returnValue($user));
+
+ $this->groupManager->expects($this->at(0))
+ ->method('getUserGroupIds')
+ ->with($user)
+ ->will($this->returnValue(['group1', 'group2']));
+ }
+ } else {
+ $this->shareManager->expects($this->never())
+ ->method('shareWithGroupMembersOnly');
+ $this->groupManager->expects($this->never())
+ ->method($this->anything());
}
} else {
$this->shareManager->expects($this->never())
@@ -306,27 +322,43 @@ class PrincipalTest extends TestCase {
->method($this->anything());
}
+
$user2 = $this->createMock(IUser::class);
$user2->method('getUID')->will($this->returnValue('user2'));
$user3 = $this->createMock(IUser::class);
$user3->method('getUID')->will($this->returnValue('user3'));
- if ($sharingEnabled) {
- $this->userManager->expects($this->at(0))
- ->method('getByEmail')
- ->with('user')
- ->will($this->returnValue([$user2, $user3]));
+ if ($disableFreeBusy === 'no') {
+ if ($sharingEnabled) {
+ $this->userManager->expects($this->at(0))
+ ->method('getByEmail')
+ ->with('user')
+ ->will($this->returnValue([$user2, $user3]));
+ } else {
+ $this->userManager->expects($this->never())
+ ->method('getByEmail');
+ }
+ } else {
+ $this->userManager->expects($this->never())
+ ->method('getByEmail');
}
- if ($sharingEnabled && $groupsOnly) {
- $this->groupManager->expects($this->at(1))
- ->method('getUserGroupIds')
- ->with($user2)
- ->will($this->returnValue(['group1', 'group3']));
- $this->groupManager->expects($this->at(2))
- ->method('getUserGroupIds')
- ->with($user3)
- ->will($this->returnValue(['group3', 'group4']));
+ if ($disableFreeBusy === 'no') {
+ if ($sharingEnabled && $groupsOnly) {
+ $this->groupManager->expects($this->at(1))
+ ->method('getUserGroupIds')
+ ->with($user2)
+ ->will($this->returnValue(['group1', 'group3']));
+ $this->groupManager->expects($this->at(2))
+ ->method('getUserGroupIds')
+ ->with($user3)
+ ->will($this->returnValue(['group3', 'group4']));
+ }
+ } else {
+ $this->groupManager->expects($this->never())
+ ->method('getUserGroupIds');
+ $this->groupManager->expects($this->never())
+ ->method('getUserGroupIds');
}
$this->assertEquals($result, $this->connector->searchPrincipals('principals/users',
@@ -335,9 +367,12 @@ class PrincipalTest extends TestCase {
public function searchPrincipalsDataProvider() {
return [
- [true, false, ['principals/users/user2', 'principals/users/user3']],
- [true, true, ['principals/users/user2']],
- [false, false, []],
+ ['yes', true, 'yes', false, []],
+ ['no', true, 'no', false, ['principals/users/user2', 'principals/users/user3']],
+ ['yes', true, 'yes', true, []],
+ ['no', true, 'no', true, ['principals/users/user2']],
+ ['yes', false, 'yes', false, []],
+ ['no', false, 'yes', false, []],
];
}
@@ -345,6 +380,10 @@ class PrincipalTest extends TestCase {
$this->shareManager->expects($this->once())
->method('shareApiEnabled')
->will($this->returnValue(false));
+ $this->config->expects($this->once())
+ ->method('getAppValue')
+ ->with('dav', 'disableFreeBusy', 'yes')
+ ->will($this->returnValue('yes'));
$this->assertEquals(null, $this->connector->findByUri('mailto:user@foo.com', 'principals/users'));
}
@@ -352,45 +391,56 @@ class PrincipalTest extends TestCase {
/**
* @dataProvider findByUriWithGroupRestrictionDataProvider
*/
- public function testFindByUriWithGroupRestriction($uri, $email, $expects) {
+ public function testFindByUriWithGroupRestriction($disableFreeBusy, $uri, $email, $expects) {
$this->shareManager->expects($this->once())
->method('shareApiEnabled')
->will($this->returnValue(true));
+ $this->config->expects($this->once())
+ ->method('getAppValue')
+ ->with('dav', 'disableFreeBusy', 'no')
+ ->will($this->returnValue($disableFreeBusy));
- $this->shareManager->expects($this->once())
- ->method('shareWithGroupMembersOnly')
- ->will($this->returnValue(true));
+ if ($disableFreeBusy === 'yes') {
+ $this->shareManager->expects($this->never())
+ ->method('shareWithGroupMembersOnly');
+ $this->userSession->expects($this->never())
+ ->method('getUser');
+ } else {
+ $this->shareManager->expects($this->once())
+ ->method('shareWithGroupMembersOnly')
+ ->will($this->returnValue(true));
- $user = $this->createMock(IUser::class);
- $this->userSession->expects($this->once())
- ->method('getUser')
- ->will($this->returnValue($user));
+ $user = $this->createMock(IUser::class);
+ $this->userSession->expects($this->once())
+ ->method('getUser')
+ ->will($this->returnValue($user));
- $this->groupManager->expects($this->at(0))
- ->method('getUserGroupIds')
- ->with($user)
- ->will($this->returnValue(['group1', 'group2']));
+ $this->groupManager->expects($this->at(0))
+ ->method('getUserGroupIds')
+ ->with($user)
+ ->will($this->returnValue(['group1', 'group2']));
- $user2 = $this->createMock(IUser::class);
- $user2->method('getUID')->will($this->returnValue('user2'));
- $user3 = $this->createMock(IUser::class);
- $user3->method('getUID')->will($this->returnValue('user3'));
+ $user2 = $this->createMock(IUser::class);
+ $user2->method('getUID')->will($this->returnValue('user2'));
+ $user3 = $this->createMock(IUser::class);
+ $user3->method('getUID')->will($this->returnValue('user3'));
- $this->userManager->expects($this->once())
- ->method('getByEmail')
- ->with($email)
- ->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
+ $this->userManager->expects($this->once())
+ ->method('getByEmail')
+ ->with($email)
+ ->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
- if ($email === 'user2@foo.bar') {
- $this->groupManager->expects($this->at(1))
- ->method('getUserGroupIds')
- ->with($user2)
- ->will($this->returnValue(['group1', 'group3']));
- } else {
- $this->groupManager->expects($this->at(1))
- ->method('getUserGroupIds')
- ->with($user3)
- ->will($this->returnValue(['group3', 'group3']));
+ if ($email === 'user2@foo.bar') {
+ $this->groupManager->expects($this->at(1))
+ ->method('getUserGroupIds')
+ ->with($user2)
+ ->will($this->returnValue(['group1', 'group3']));
+ } else {
+ $this->groupManager->expects($this->at(1))
+ ->method('getUserGroupIds')
+ ->with($user3)
+ ->will($this->returnValue(['group3', 'group3']));
+ }
}
$this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users'));
@@ -398,40 +448,56 @@ class PrincipalTest extends TestCase {
public function findByUriWithGroupRestrictionDataProvider() {
return [
- ['mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'],
- ['mailto:user3@foo.bar', 'user3@foo.bar', null],
+ ['yes', 'mailto:user2@foo.bar', 'user2@foo.bar', null],
+ ['no', 'mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'],
+ ['yes', 'mailto:user3@foo.bar', 'user3@foo.bar', null],
+ ['no', 'mailto:user3@foo.bar', 'user3@foo.bar', null],
];
}
/**
* @dataProvider findByUriWithoutGroupRestrictionDataProvider
*/
- public function testFindByUriWithoutGroupRestriction($uri, $email, $expects) {
+ public function testFindByUriWithoutGroupRestriction($disableFreeBusy, $uri, $email, $expects) {
$this->shareManager->expects($this->once())
->method('shareApiEnabled')
->will($this->returnValue(true));
+ $this->config->expects($this->once())
+ ->method('getAppValue')
+ ->with('dav', 'disableFreeBusy', 'no')
+ ->will($this->returnValue($disableFreeBusy));
- $this->shareManager->expects($this->once())
- ->method('shareWithGroupMembersOnly')
- ->will($this->returnValue(false));
+ if ($disableFreeBusy === 'yes') {
+ $this->shareManager->expects($this->never())
+ ->method('shareWithGroupMembersOnly');
- $user2 = $this->createMock(IUser::class);
- $user2->method('getUID')->will($this->returnValue('user2'));
- $user3 = $this->createMock(IUser::class);
- $user3->method('getUID')->will($this->returnValue('user3'));
+ $this->userManager->expects($this->never())
+ ->method('getByEmail');
+ } else {
+ $this->shareManager->expects($this->once())
+ ->method('shareWithGroupMembersOnly')
+ ->will($this->returnValue(false));
- $this->userManager->expects($this->once())
- ->method('getByEmail')
- ->with($email)
- ->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
+ $user2 = $this->createMock(IUser::class);
+ $user2->method('getUID')->will($this->returnValue('user2'));
+ $user3 = $this->createMock(IUser::class);
+ $user3->method('getUID')->will($this->returnValue('user3'));
+
+ $this->userManager->expects($this->once())
+ ->method('getByEmail')
+ ->with($email)
+ ->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
+ }
$this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users'));
}
public function findByUriWithoutGroupRestrictionDataProvider() {
return [
- ['mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'],
- ['mailto:user3@foo.bar', 'user3@foo.bar', 'principals/users/user3'],
+ ['yes', 'mailto:user2@foo.bar', 'user2@foo.bar', null],
+ ['yes', 'mailto:user3@foo.bar', 'user3@foo.bar', null],
+ ['no', 'mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'],
+ ['no', 'mailto:user3@foo.bar', 'user3@foo.bar', 'principals/users/user3'],
];
}
}
diff --git a/apps/files_trashbin/lib/AppInfo/Application.php b/apps/files_trashbin/lib/AppInfo/Application.php
index ea27c8c16ea..8e4ec255567 100644
--- a/apps/files_trashbin/lib/AppInfo/Application.php
+++ b/apps/files_trashbin/lib/AppInfo/Application.php
@@ -57,7 +57,8 @@ class Application extends App {
\OC::$server->getUserManager(),
\OC::$server->getGroupManager(),
\OC::$server->getShareManager(),
- \OC::$server->getUserSession()
+ \OC::$server->getUserSession(),
+ \OC::$server->getConfig()
);
});
}
diff --git a/apps/files_versions/lib/AppInfo/Application.php b/apps/files_versions/lib/AppInfo/Application.php
index be80f7d853b..340b5ab5cbd 100644
--- a/apps/files_versions/lib/AppInfo/Application.php
+++ b/apps/files_versions/lib/AppInfo/Application.php
@@ -48,7 +48,8 @@ class Application extends App {
\OC::$server->getUserManager(),
\OC::$server->getGroupManager(),
\OC::$server->getShareManager(),
- \OC::$server->getUserSession()
+ \OC::$server->getUserSession(),
+ \OC::$server->getConfig()
);
});
}