aboutsummaryrefslogtreecommitdiffstats
path: root/apps/dav
diff options
context:
space:
mode:
authorThomas Müller <thomas.mueller@tmit.eu>2016-05-31 18:10:31 +0200
committerThomas Müller <thomas.mueller@tmit.eu>2016-06-09 11:09:14 +0200
commitbfcd1dc49c6fe296559131841ee0096ec1ce89c7 (patch)
treeb446145bd3aab4e96740552426859e45a57615d1 /apps/dav
parent082f456b8b835efc3fa37af7e1628da8d5781331 (diff)
downloadnextcloud-server-bfcd1dc49c6fe296559131841ee0096ec1ce89c7.tar.gz
nextcloud-server-bfcd1dc49c6fe296559131841ee0096ec1ce89c7.zip
Filter confidential calendar objects in shared calendars
Filter private calendar objects in shared calendars
Diffstat (limited to 'apps/dav')
-rw-r--r--apps/dav/lib/CalDAV/CalDavBackend.php6
-rw-r--r--apps/dav/lib/CalDAV/Calendar.php77
-rw-r--r--apps/dav/lib/CalDAV/CalendarObject.php92
-rw-r--r--apps/dav/tests/unit/CalDAV/CalendarTest.php150
4 files changed, 322 insertions, 3 deletions
diff --git a/apps/dav/lib/CalDAV/CalDavBackend.php b/apps/dav/lib/CalDAV/CalDavBackend.php
index 1950b87df34..ce494082976 100644
--- a/apps/dav/lib/CalDAV/CalDavBackend.php
+++ b/apps/dav/lib/CalDAV/CalDavBackend.php
@@ -504,7 +504,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
'calendarid' => $row['calendarid'],
'size' => (int)$row['size'],
'component' => strtolower($row['componenttype']),
- 'classification'=> $row['classification']
+ 'classification'=> (int)$row['classification']
];
}
@@ -548,7 +548,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
'size' => (int)$row['size'],
'calendardata' => $this->readBlob($row['calendardata']),
'component' => strtolower($row['componenttype']),
- 'classification'=> $row['classification']
+ 'classification'=> (int)$row['classification']
];
}
@@ -586,7 +586,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
'size' => (int)$row['size'],
'calendardata' => $this->readBlob($row['calendardata']),
'component' => strtolower($row['componenttype']),
- 'classification' => $row['classification']
+ 'classification' => (int)$row['classification']
];
}
diff --git a/apps/dav/lib/CalDAV/Calendar.php b/apps/dav/lib/CalDAV/Calendar.php
index 73b3957a9b0..785bb5699e2 100644
--- a/apps/dav/lib/CalDAV/Calendar.php
+++ b/apps/dav/lib/CalDAV/Calendar.php
@@ -26,6 +26,7 @@ use OCA\DAV\DAV\Sharing\IShareable;
use OCP\IL10N;
use Sabre\CalDAV\Backend\BackendInterface;
use Sabre\DAV\Exception\Forbidden;
+use Sabre\DAV\Exception\NotFound;
use Sabre\DAV\PropPatch;
class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
@@ -162,6 +163,78 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
parent::propPatch($propPatch);
}
+ function getChild($name) {
+
+ $obj = $this->caldavBackend->getCalendarObject($this->calendarInfo['id'], $name);
+
+ if (!$obj) {
+ throw new NotFound('Calendar object not found');
+ }
+
+ if ($this->isShared() && $obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE) {
+ throw new NotFound('Calendar object not found');
+ }
+
+ $obj['acl'] = $this->getChildACL();
+
+ return new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj);
+
+ }
+
+ function getChildren() {
+
+ $objs = $this->caldavBackend->getCalendarObjects($this->calendarInfo['id']);
+ $children = [];
+ foreach ($objs as $obj) {
+ if ($this->isShared() && $obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE) {
+ continue;
+ }
+ $obj['acl'] = $this->getChildACL();
+ $children[] = new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj);
+ }
+ return $children;
+
+ }
+
+ function getMultipleChildren(array $paths) {
+
+ $objs = $this->caldavBackend->getMultipleCalendarObjects($this->calendarInfo['id'], $paths);
+ $children = [];
+ foreach ($objs as $obj) {
+ if ($this->isShared() && $obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE) {
+ continue;
+ }
+ $obj['acl'] = $this->getChildACL();
+ $children[] = new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj);
+ }
+ return $children;
+
+ }
+
+ function childExists($name) {
+ $obj = $this->caldavBackend->getCalendarObject($this->calendarInfo['id'], $name);
+ if (!$obj) {
+ return false;
+ }
+ if ($this->isShared() && $obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE) {
+ return false;
+ }
+
+ return true;
+ }
+
+ function calendarQuery(array $filters) {
+
+ $uris = $this->caldavBackend->calendarQuery($this->calendarInfo['id'], $filters);
+ if ($this->isShared()) {
+ return array_filter($uris, function ($uri) {
+ return $this->childExists($uri);
+ });
+ }
+
+ return $uris;
+ }
+
private function canWrite() {
if (isset($this->calendarInfo['{http://owncloud.org/ns}read-only'])) {
return !$this->calendarInfo['{http://owncloud.org/ns}read-only'];
@@ -169,4 +242,8 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
return true;
}
+ private function isShared() {
+ return isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal']);
+ }
+
}
diff --git a/apps/dav/lib/CalDAV/CalendarObject.php b/apps/dav/lib/CalDAV/CalendarObject.php
new file mode 100644
index 00000000000..b4a58b52093
--- /dev/null
+++ b/apps/dav/lib/CalDAV/CalendarObject.php
@@ -0,0 +1,92 @@
+<?php
+/**
+ * @author Thomas Müller <thomas.mueller@tmit.eu>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OCA\DAV\CalDAV;
+
+
+use Sabre\VObject\Component;
+use Sabre\VObject\Property;
+use Sabre\VObject\Reader;
+
+class CalendarObject extends \Sabre\CalDAV\CalendarObject {
+
+ /**
+ * @inheritdoc
+ */
+ function get() {
+ $data = parent::get();
+ if ($this->isShared() && $this->objectData['classification'] === CalDavBackend::CLASSIFICATION_CONFIDENTIAL) {
+ return $this->createConfidentialObject($data);
+ }
+ return $data;
+ }
+
+ private function isShared() {
+ return isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal']);
+ }
+
+ /**
+ * @param string $calData
+ * @return string
+ */
+ private static function createConfidentialObject($calData) {
+
+ $vObject = Reader::read($calData);
+
+ /** @var Component $vElement */
+ $vElement = null;
+ if(isset($vObject->VEVENT)) {
+ $vElement = $vObject->VEVENT;
+ }
+ if(isset($vObject->VJOURNAL)) {
+ $vElement = $vObject->VJOURNAL;
+ }
+ if(isset($vObject->VTODO)) {
+ $vElement = $vObject->VTODO;
+ }
+ if(!is_null($vElement)) {
+ foreach ($vElement->children as &$property) {
+ /** @var Property $property */
+ switch($property->name) {
+ case 'CREATED':
+ case 'DTSTART':
+ case 'RRULE':
+ case 'DURATION':
+ case 'DTEND':
+ case 'CLASS':
+ case 'UID':
+ break;
+ case 'SUMMARY':
+ $property->setValue('Busy');
+ break;
+ default:
+ $vElement->__unset($property->name);
+ unset($property);
+ break;
+ }
+ }
+ }
+
+ return $vObject->serialize();
+ }
+
+}
diff --git a/apps/dav/tests/unit/CalDAV/CalendarTest.php b/apps/dav/tests/unit/CalDAV/CalendarTest.php
index 73d85e82bbc..56a2d4fcba7 100644
--- a/apps/dav/tests/unit/CalDAV/CalendarTest.php
+++ b/apps/dav/tests/unit/CalDAV/CalendarTest.php
@@ -27,6 +27,7 @@ use OCA\DAV\CalDAV\CalDavBackend;
use OCA\DAV\CalDAV\Calendar;
use OCP\IL10N;
use Sabre\DAV\PropPatch;
+use Sabre\VObject\Reader;
use Test\TestCase;
class CalendarTest extends TestCase {
@@ -189,4 +190,153 @@ class CalendarTest extends TestCase {
'birthday calendar' => [false, false, false, BirthdayService::BIRTHDAY_CALENDAR_URI]
];
}
+
+ /**
+ * @dataProvider providesConfidentialClassificationData
+ * @param $expectedChildren
+ * @param $isShared
+ */
+ public function testPrivateClassification($expectedChildren, $isShared) {
+
+ $calObject0 = ['uri' => 'event-0', 'classification' => CalDavBackend::CLASSIFICATION_PUBLIC];
+ $calObject1 = ['uri' => 'event-1', 'classification' => CalDavBackend::CLASSIFICATION_CONFIDENTIAL];
+ $calObject2 = ['uri' => 'event-2', 'classification' => CalDavBackend::CLASSIFICATION_PRIVATE];
+
+ /** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */
+ $backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock();
+ $backend->expects($this->any())->method('getCalendarObjects')->willReturn([
+ $calObject0, $calObject1, $calObject2
+ ]);
+ $backend->expects($this->any())->method('getMultipleCalendarObjects')
+ ->with(666, ['event-0', 'event-1', 'event-2'])
+ ->willReturn([
+ $calObject0, $calObject1, $calObject2
+ ]);
+ $backend->expects($this->any())->method('getCalendarObject')
+ ->willReturn($calObject2)->with(666, 'event-2');
+
+ $calendarInfo = [
+ 'principaluri' => 'user2',
+ 'id' => 666,
+ 'uri' => 'cal',
+ ];
+
+ if ($isShared) {
+ $calendarInfo['{http://owncloud.org/ns}owner-principal'] = 'user1';
+
+ }
+ $c = new Calendar($backend, $calendarInfo, $this->l10n);
+ $children = $c->getChildren();
+ $this->assertEquals($expectedChildren, count($children));
+ $children = $c->getMultipleChildren(['event-0', 'event-1', 'event-2']);
+ $this->assertEquals($expectedChildren, count($children));
+
+ $this->assertEquals(!$isShared, $c->childExists('event-2'));
+ }
+
+ /**
+ * @dataProvider providesConfidentialClassificationData
+ * @param $expectedChildren
+ * @param $isShared
+ */
+ public function testConfidentialClassification($expectedChildren, $isShared) {
+ $start = '20160609';
+ $end = '20160610';
+
+ $calData = <<<EOD
+BEGIN:VCALENDAR
+PRODID:-//ownCloud calendar v1.2.2
+BEGIN:VEVENT
+CREATED:20160602T133732
+DTSTAMP:20160602T133732
+LAST-MODIFIED:20160602T133732
+UID:wej2z68l9h
+SUMMARY:Test Event
+LOCATION:Somewhere ...
+ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;CUTYPE=INDIVIDUAL;CN=de
+ epdiver:MAILTO:thomas.mueller@tmit.eu
+ORGANIZER;CN=deepdiver:MAILTO:thomas.mueller@tmit.eu
+DESCRIPTION:maybe ....
+DTSTART;TZID=Europe/Berlin;VALUE=DATE:$start
+DTEND;TZID=Europe/Berlin;VALUE=DATE:$end
+RRULE:FREQ=DAILY
+BEGIN:VALARM
+ACTION:AUDIO
+TRIGGER:-PT15M
+END:VALARM
+END:VEVENT
+BEGIN:VTIMEZONE
+TZID:Europe/Berlin
+BEGIN:DAYLIGHT
+DTSTART:19810329T020000
+RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU
+TZNAME:MESZ
+TZOFFSETFROM:+0100
+TZOFFSETTO:+0200
+END:DAYLIGHT
+BEGIN:STANDARD
+DTSTART:19961027T030000
+RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU
+TZNAME:MEZ
+TZOFFSETFROM:+0200
+TZOFFSETTO:+0100
+END:STANDARD
+END:VTIMEZONE
+END:VCALENDAR
+EOD;
+
+ $calObject0 = ['uri' => 'event-0', 'classification' => CalDavBackend::CLASSIFICATION_PUBLIC];
+ $calObject1 = ['uri' => 'event-1', 'classification' => CalDavBackend::CLASSIFICATION_CONFIDENTIAL, 'calendardata' => $calData];
+ $calObject2 = ['uri' => 'event-2', 'classification' => CalDavBackend::CLASSIFICATION_PRIVATE];
+
+ /** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */
+ $backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock();
+ $backend->expects($this->any())->method('getCalendarObjects')->willReturn([
+ $calObject0, $calObject1, $calObject2
+ ]);
+ $backend->expects($this->any())->method('getMultipleCalendarObjects')
+ ->with(666, ['event-0', 'event-1', 'event-2'])
+ ->willReturn([
+ $calObject0, $calObject1, $calObject2
+ ]);
+ $backend->expects($this->any())->method('getCalendarObject')
+ ->willReturn($calObject1)->with(666, 'event-1');
+
+ $calendarInfo = [
+ 'principaluri' => 'user2',
+ 'id' => 666,
+ 'uri' => 'cal',
+ ];
+
+ if ($isShared) {
+ $calendarInfo['{http://owncloud.org/ns}owner-principal'] = 'user1';
+
+ }
+ $c = new Calendar($backend, $calendarInfo, $this->l10n);
+
+ // test private event
+ $privateEvent = $c->getChild('event-1');
+ $calData = $privateEvent->get();
+ $event = Reader::read($calData);
+
+ $this->assertEquals($start, $event->VEVENT->DTSTART->getValue());
+ $this->assertEquals($end, $event->VEVENT->DTEND->getValue());
+
+ if ($isShared) {
+ $this->assertEquals('Busy', $event->VEVENT->SUMMARY->getValue());
+ $this->assertArrayNotHasKey('ATTENDEE', $event->VEVENT);
+ $this->assertArrayNotHasKey('LOCATION', $event->VEVENT);
+ $this->assertArrayNotHasKey('DESCRIPTION', $event->VEVENT);
+ $this->assertArrayNotHasKey('ORGANIZER', $event->VEVENT);
+ } else {
+ $this->assertEquals('Test Event', $event->VEVENT->SUMMARY->getValue());
+ }
+ }
+
+ public function providesConfidentialClassificationData() {
+ return [
+ [3, false],
+ [2, true]
+ ];
+ }
}