diff options
author | Andy Scherzinger <info@andy-scherzinger.de> | 2024-03-21 15:55:23 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-03-21 15:55:23 +0100 |
commit | fb3d58d4a589a8152d687456d328cc4c7bb2ff9a (patch) | |
tree | ca5964cedc4b3c6418c984c41f7cbe6065ff2fc3 | |
parent | 157881412bb4b19fa96e933b78865c68dec9a6ac (diff) | |
parent | e6df2a49815e25cc53d74f1877afc9269d87e554 (diff) | |
download | nextcloud-server-fb3d58d4a589a8152d687456d328cc4c7bb2ff9a.tar.gz nextcloud-server-fb3d58d4a589a8152d687456d328cc4c7bb2ff9a.zip |
Merge pull request #44377 from nextcloud/backport/44376/stable28
[stable28] fix(dav): ACLs for shared addressbooks
m--------- | 3rdparty | 0 | ||||
-rw-r--r-- | apps/dav/lib/CardDAV/AddressBook.php | 7 | ||||
-rw-r--r-- | apps/dav/lib/DAV/Sharing/Backend.php | 2 | ||||
-rw-r--r-- | apps/dav/tests/unit/CardDAV/AddressBookTest.php | 2 |
4 files changed, 8 insertions, 3 deletions
diff --git a/3rdparty b/3rdparty -Subproject 9aabf1a490571ef88073d069222e9a232b772fc +Subproject e8a165a3811f1b454694337aaff47c30888ca9f diff --git a/apps/dav/lib/CardDAV/AddressBook.php b/apps/dav/lib/CardDAV/AddressBook.php index 468961b958e..4f589031f06 100644 --- a/apps/dav/lib/CardDAV/AddressBook.php +++ b/apps/dav/lib/CardDAV/AddressBook.php @@ -118,7 +118,7 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable, IMov ], [ 'privilege' => '{DAV:}write-properties', - 'principal' => '{DAV:}authenticated', + 'principal' => $this->getOwner(), 'protected' => true, ], ]; @@ -129,6 +129,11 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable, IMov 'principal' => '{DAV:}authenticated', 'protected' => true, ]; + $acl[] = [ + 'privilege' => '{DAV:}write-properties', + 'principal' => '{DAV:}authenticated', + 'protected' => true, + ]; } if (!$this->isShared()) { diff --git a/apps/dav/lib/DAV/Sharing/Backend.php b/apps/dav/lib/DAV/Sharing/Backend.php index b115ef61313..f5c2a6c7688 100644 --- a/apps/dav/lib/DAV/Sharing/Backend.php +++ b/apps/dav/lib/DAV/Sharing/Backend.php @@ -265,7 +265,7 @@ class Backend { 'principal' => $share['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}principal'], 'protected' => true, ]; - } elseif ($this->resourceType === 'calendar') { + } elseif (in_array($this->resourceType, ['calendar','addressbook'])) { // Allow changing the properties of read only calendars, // so users can change the visibility. $acl[] = [ diff --git a/apps/dav/tests/unit/CardDAV/AddressBookTest.php b/apps/dav/tests/unit/CardDAV/AddressBookTest.php index f9cba4e6a83..fa312f98797 100644 --- a/apps/dav/tests/unit/CardDAV/AddressBookTest.php +++ b/apps/dav/tests/unit/CardDAV/AddressBookTest.php @@ -169,7 +169,7 @@ class AddressBookTest extends TestCase { 'protected' => true ], [ 'privilege' => '{DAV:}write-properties', - 'principal' => '{DAV:}authenticated', + 'principal' => $hasOwnerSet ? 'user1' : 'user2', 'protected' => true ]]; if ($hasOwnerSet) { |