aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndy Scherzinger <info@andy-scherzinger.de>2024-03-21 15:55:23 +0100
committerGitHub <noreply@github.com>2024-03-21 15:55:23 +0100
commitfb3d58d4a589a8152d687456d328cc4c7bb2ff9a (patch)
treeca5964cedc4b3c6418c984c41f7cbe6065ff2fc3
parent157881412bb4b19fa96e933b78865c68dec9a6ac (diff)
parente6df2a49815e25cc53d74f1877afc9269d87e554 (diff)
downloadnextcloud-server-fb3d58d4a589a8152d687456d328cc4c7bb2ff9a.tar.gz
nextcloud-server-fb3d58d4a589a8152d687456d328cc4c7bb2ff9a.zip
Merge pull request #44377 from nextcloud/backport/44376/stable28
[stable28] fix(dav): ACLs for shared addressbooks
m---------3rdparty0
-rw-r--r--apps/dav/lib/CardDAV/AddressBook.php7
-rw-r--r--apps/dav/lib/DAV/Sharing/Backend.php2
-rw-r--r--apps/dav/tests/unit/CardDAV/AddressBookTest.php2
4 files changed, 8 insertions, 3 deletions
diff --git a/3rdparty b/3rdparty
-Subproject 9aabf1a490571ef88073d069222e9a232b772fc
+Subproject e8a165a3811f1b454694337aaff47c30888ca9f
diff --git a/apps/dav/lib/CardDAV/AddressBook.php b/apps/dav/lib/CardDAV/AddressBook.php
index 468961b958e..4f589031f06 100644
--- a/apps/dav/lib/CardDAV/AddressBook.php
+++ b/apps/dav/lib/CardDAV/AddressBook.php
@@ -118,7 +118,7 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable, IMov
],
[
'privilege' => '{DAV:}write-properties',
- 'principal' => '{DAV:}authenticated',
+ 'principal' => $this->getOwner(),
'protected' => true,
],
];
@@ -129,6 +129,11 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable, IMov
'principal' => '{DAV:}authenticated',
'protected' => true,
];
+ $acl[] = [
+ 'privilege' => '{DAV:}write-properties',
+ 'principal' => '{DAV:}authenticated',
+ 'protected' => true,
+ ];
}
if (!$this->isShared()) {
diff --git a/apps/dav/lib/DAV/Sharing/Backend.php b/apps/dav/lib/DAV/Sharing/Backend.php
index b115ef61313..f5c2a6c7688 100644
--- a/apps/dav/lib/DAV/Sharing/Backend.php
+++ b/apps/dav/lib/DAV/Sharing/Backend.php
@@ -265,7 +265,7 @@ class Backend {
'principal' => $share['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}principal'],
'protected' => true,
];
- } elseif ($this->resourceType === 'calendar') {
+ } elseif (in_array($this->resourceType, ['calendar','addressbook'])) {
// Allow changing the properties of read only calendars,
// so users can change the visibility.
$acl[] = [
diff --git a/apps/dav/tests/unit/CardDAV/AddressBookTest.php b/apps/dav/tests/unit/CardDAV/AddressBookTest.php
index f9cba4e6a83..fa312f98797 100644
--- a/apps/dav/tests/unit/CardDAV/AddressBookTest.php
+++ b/apps/dav/tests/unit/CardDAV/AddressBookTest.php
@@ -169,7 +169,7 @@ class AddressBookTest extends TestCase {
'protected' => true
], [
'privilege' => '{DAV:}write-properties',
- 'principal' => '{DAV:}authenticated',
+ 'principal' => $hasOwnerSet ? 'user1' : 'user2',
'protected' => true
]];
if ($hasOwnerSet) {