diff options
| author | Georg Ehrke <developer@georgehrke.com> | 2020-08-11 09:24:08 +0200 |
|---|---|---|
| committer | Georg Ehrke <developer@georgehrke.com> | 2020-08-18 13:18:00 +0200 |
| commit | 14755d85d657ab9bac4458b891c6f43b110b1cf2 (patch) | |
| tree | 4eea0f88ac0902dafc25574f9eb1b553c1987797 /apps/dav/lib/CalDAV | |
| parent | f6daf17fa773bd4b9c9aae070e39dfbefe8de935 (diff) | |
| download | nextcloud-server-14755d85d657ab9bac4458b891c6f43b110b1cf2.tar.gz nextcloud-server-14755d85d657ab9bac4458b891c6f43b110b1cf2.zip | |
Add ability to limit sharing to owner
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
Diffstat (limited to 'apps/dav/lib/CalDAV')
| -rw-r--r-- | apps/dav/lib/CalDAV/Publishing/PublishPlugin.php | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php b/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php index eee651647cb..f34baffd784 100644 --- a/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php +++ b/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php @@ -133,7 +133,12 @@ class PublishPlugin extends ServerPlugin { $canShare = (!$node->isSubscription() && $node->canWrite()); $canPublish = (!$node->isSubscription() && $node->canWrite()); - return new AllowedSharingModes($canShare, $canPublish); + if ($this->config->getAppValue('dav', 'limitAddressBookAndCalendarSharingToOwner', 'no') === 'yes') { + $canShare &= ($node->getOwner() === $node->getPrincipalURI()); + $canPublish &= ($node->getOwner() === $node->getPrincipalURI()); + } + + return new AllowedSharingModes((bool)$canShare, (bool)$canPublish); }); } } @@ -190,7 +195,14 @@ class PublishPlugin extends ServerPlugin { // If there's no ACL support, we allow everything if ($acl) { + /** @var \Sabre\DAVACL\Plugin $acl */ $acl->checkPrivileges($path, '{DAV:}write'); + + $limitSharingToOwner = $this->config->getAppValue('dav', 'limitAddressBookAndCalendarSharingToOwner', 'no') === 'yes'; + $isOwner = $acl->getCurrentUserPrincipal() === $node->getOwner(); + if ($limitSharingToOwner && !$isOwner) { + return; + } } $node->setPublishStatus(true); @@ -218,7 +230,14 @@ class PublishPlugin extends ServerPlugin { // If there's no ACL support, we allow everything if ($acl) { + /** @var \Sabre\DAVACL\Plugin $acl */ $acl->checkPrivileges($path, '{DAV:}write'); + + $limitSharingToOwner = $this->config->getAppValue('dav', 'limitAddressBookAndCalendarSharingToOwner', 'no') === 'yes'; + $isOwner = $acl->getCurrentUserPrincipal() === $node->getOwner(); + if ($limitSharingToOwner && !$isOwner) { + return; + } } $node->setPublishStatus(false); |