diff options
| author | Daniel Kesselberg <mail@danielkesselberg.de> | 2023-06-12 11:26:23 +0200 |
|---|---|---|
| committer | Daniel <mail@danielkesselberg.de> | 2023-07-04 10:32:26 +0200 |
| commit | 8e00afbb470dea73c881c5675924079dc1915f69 (patch) | |
| tree | f08053e5bbabdb4cfa64b8cebd162136a84e9116 /apps/dav | |
| parent | 61f8314f83c64fddcb7d0353c654de07ce0a1be2 (diff) | |
| download | nextcloud-server-8e00afbb470dea73c881c5675924079dc1915f69.tar.gz nextcloud-server-8e00afbb470dea73c881c5675924079dc1915f69.zip | |
perf: skip request without write permission
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Diffstat (limited to 'apps/dav')
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/DavAclPlugin.php | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php index 6842975835d..7fa94d7b903 100644 --- a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php +++ b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php @@ -94,8 +94,19 @@ class DavAclPlugin extends \Sabre\DAVACL\Plugin { $path = $request->getPath(); // prevent the plugin from causing an unneeded overhead for file requests - if (strpos($path, 'files/') !== 0) { - parent::beforeMethod($request, $response); + if (str_starts_with($path, 'files/')) { + return; + } + + parent::beforeMethod($request, $response); + + $createAddressbookOrCalendarRequest = ($request->getMethod() === 'MKCALENDAR' || $request->getMethod() === 'MKCOL') + && (str_starts_with($path, 'addressbooks/') || str_starts_with($path, 'calendars/')); + + if ($createAddressbookOrCalendarRequest) { + [$parentName] = \Sabre\Uri\split($path); + // is calendars/users/bob or addressbooks/users/bob writeable? + $this->checkPrivileges($parentName, '{DAV:}write'); } } } |