Deleting a shared address book results in unshare

5 files changed, 200 insertions, 11 deletions

diff --git a/apps/dav/lib/caldav/calendar.php b/apps/dav/lib/caldav/calendar.php
index f34ecfd5791..8ed5b6563d0 100644
--- a/apps/dav/lib/caldav/calendar.php
+++ b/apps/dav/lib/caldav/calendar.php
@@ -3,6 +3,7 @@
 namespace OCA\DAV\CalDAV;
 
 use OCA\DAV\DAV\Sharing\IShareable;
+use Sabre\DAV\Exception\Forbidden;
 
 class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 
@@ -43,9 +44,9 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 	 * @return array
 	 */
 	function getShares() {
-		/** @var CalDavBackend $caldavBackend */
-		$caldavBackend = $this->caldavBackend;
-		return $caldavBackend->getShares($this->getResourceId());
+		/** @var CalDavBackend $calDavBackend */
+		$calDavBackend = $this->caldavBackend;
+		return $calDavBackend->getShares($this->getResourceId());
 	}
 
 	/**
@@ -58,17 +59,17 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 	function getACL() {
 		$acl = parent::getACL();
 
-		/** @var CalDavBackend $caldavBackend */
-		$caldavBackend = $this->caldavBackend;
-		return $caldavBackend->applyShareAcl($this->getResourceId(), $acl);
+		/** @var CalDavBackend $calDavBackend */
+		$calDavBackend = $this->caldavBackend;
+		return $calDavBackend->applyShareAcl($this->getResourceId(), $acl);
 	}
 
 	function getChildACL() {
 		$acl = parent::getChildACL();
 
-		/** @var CalDavBackend $caldavBackend */
-		$caldavBackend = $this->caldavBackend;
-		return $caldavBackend->applyShareAcl($this->getResourceId(), $acl);
+		/** @var CalDavBackend $calDavBackend */
+		$calDavBackend = $this->caldavBackend;
+		return $calDavBackend->applyShareAcl($this->getResourceId(), $acl);
 	}
 
 	function getOwner() {
@@ -80,10 +81,19 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 
 	function delete() {
 		if (isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal'])) {
+			$principal = 'principal:' . parent::getOwner();
+			$shares = $this->getShares();
+			$shares = array_filter($shares, function($share) use ($principal){
+				return $share['href'] === $principal;
+			});
+			if (empty($shares)) {
+				throw new Forbidden();
+			}
+
 			/** @var CalDavBackend $calDavBackend */
 			$calDavBackend = $this->caldavBackend;
 			$calDavBackend->updateShares($this, [], [
-				'href' => "principal:" . parent::getOwner()
+				'href' => $principal
 			]);
 			return;
 		}
diff --git a/apps/dav/lib/carddav/addressbook.php b/apps/dav/lib/carddav/addressbook.php
index 513eae4d723..ca3f5ba0ef6 100644
--- a/apps/dav/lib/carddav/addressbook.php
+++ b/apps/dav/lib/carddav/addressbook.php
@@ -21,6 +21,7 @@
 namespace OCA\DAV\CardDAV;
 
 use OCA\DAV\DAV\Sharing\IShareable;
+use Sabre\DAV\Exception\Forbidden;
 use Sabre\DAV\Exception\NotFound;
 
 class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable {
@@ -132,4 +133,32 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable {
 	public function getResourceId() {
 		return $this->addressBookInfo['id'];
 	}
+
+	function getOwner() {
+		if (isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
+			return $this->addressBookInfo['{http://owncloud.org/ns}owner-principal'];
+		}
+		return parent::getOwner();
+	}
+
+	function delete() {
+		if (isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
+			$principal = 'principal:' . parent::getOwner();
+			$shares = $this->getShares();
+			$shares = array_filter($shares, function($share) use ($principal){
+				return $share['href'] === $principal;
+			});
+			if (empty($shares)) {
+				throw new Forbidden();
+			}
+
+			/** @var CardDavBackend $cardDavBackend */
+			$cardDavBackend = $this->carddavBackend;
+			$cardDavBackend->updateShares($this, [], [
+				'href' => $principal
+			]);
+			return;
+		}
+		parent::delete();
+	}
 }
diff --git a/apps/dav/tests/travis/caldavtest/tests/CardDAV/sharing-addressbooks.xml b/apps/dav/tests/travis/caldavtest/tests/CardDAV/sharing-addressbooks.xml
index 37b4941b9f1..84ee6265017 100644
--- a/apps/dav/tests/travis/caldavtest/tests/CardDAV/sharing-addressbooks.xml
+++ b/apps/dav/tests/travis/caldavtest/tests/CardDAV/sharing-addressbooks.xml
@@ -238,7 +238,70 @@
 				</verify>
 			</request>
 		</test>
-	</test-suite>
+		<test name='14'>
+			<description>Un-share by delete</description>
+			<request user="$userid2:" pswd="$pswd2:">
+				<method>DELETE</method>
+				<ruri>$addressbookhome2:/addressbook_shared_by_user01/</ruri>
+				<verify>
+					<callback>statusCode</callback>
+				</verify>
+			</request>
+		</test>
+		<test name='15'>
+			<description>Original address book still exists</description>
+			<request>
+				<method>PROPFIND</method>
+				<ruri>$addressbookhome1:/addressbook/</ruri>
+				<header>
+					<name>Depth</name>
+					<value>0</value>
+				</header>
+				<data>
+					<content-type>text/xml; charset=utf-8</content-type>
+					<filepath>Resource/CardDAV/sharing/read-write/4.xml</filepath>
+				</data>
+				<verify>
+					<callback>xmlElementMatch</callback>
+					<arg>
+						<name>exists</name>
+						<value>$verify-property-prefix:/{DAV:}owner/{DAV:}href[=$principaluri1:]</value>
+						<value>$verify-property-prefix:/{DAV:}resourcetype/{DAV:}collection</value>
+						<value>$verify-property-prefix:/{DAV:}resourcetype/{urn:ietf:params:xml:ns:carddav}addressbook</value>
+						<value>$verify-property-prefix:/{DAV:}current-user-privilege-set/{DAV:}privilege/{DAV:}read</value>
+						<value>$verify-property-prefix:/{DAV:}current-user-privilege-set/{DAV:}privilege/{DAV:}write</value>
+						<value>$verify-property-prefix:/{DAV:}current-user-privilege-set/{DAV:}privilege/{DAV:}bind</value>
+						<value>$verify-property-prefix:/{DAV:}current-user-privilege-set/{DAV:}privilege/{DAV:}unbind</value>
+					</arg>
+					<arg>
+						<name>notexists</name>
+						<value>$verify-property-prefix:/{DAV:}current-user-privilege-set/{DAV:}privilege/{DAV:}admin</value>
+						<value>$verify-property-prefix:/{DAV:}current-user-privilege-set/{DAV:}privilege/{DAV:}all</value>
+					</arg>
+				</verify>			</request>
+		</test>
+		<test name='16'>
+			<description>Shared calendar no longer exists Depth:1</description>
+			<request user="$userid2:" pswd="$pswd2:">
+				<method>PROPFIND</method>
+				<ruri>$addressbookhome2:</ruri>
+				<header>
+					<name>Depth</name>
+					<value>1</value>
+				</header>
+				<data>
+					<content-type>text/xml; charset=utf-8</content-type>
+					<filepath>Resource/CardDAV/sharing/read-write/4.xml</filepath>
+				</data>
+				<verify>
+					<callback>xmlElementMatch</callback>
+					<arg>
+						<name>notexists</name>
+						<value>$multistatus-response-prefix:[^{DAV:}href=$addressbookhome2:/addressbook_shared_by_user01/]</value>
+					</arg>
+				</verify>
+			</request>
+		</test>	</test-suite>
 	
 	<end>
 	</end>
diff --git a/apps/dav/tests/unit/caldav/calendartest.php b/apps/dav/tests/unit/caldav/calendartest.php
index 561ce6c8351..93b3f4bff8c 100644
--- a/apps/dav/tests/unit/caldav/calendartest.php
+++ b/apps/dav/tests/unit/caldav/calendartest.php
@@ -31,9 +31,32 @@ class CalendarTest extends TestCase {
 		/** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */
 		$backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock();
 		$backend->expects($this->once())->method('updateShares');
+		$backend->method('getShares')->willReturn([
+			['href' => 'principal:user2']
+		]);
 		$calendarInfo = [
 			'{http://owncloud.org/ns}owner-principal' => 'user1',
 			'principaluri' => 'user2',
+			'id' => 666
+		];
+		$c = new Calendar($backend, $calendarInfo);
+		$c->delete();
+	}
+
+	/**
+	 * @expectedException \Sabre\DAV\Exception\Forbidden
+	 */
+	public function testDeleteFromGroup() {
+		/** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */
+		$backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock();
+		$backend->expects($this->never())->method('updateShares');
+		$backend->method('getShares')->willReturn([
+			['href' => 'principal:group2']
+		]);
+		$calendarInfo = [
+			'{http://owncloud.org/ns}owner-principal' => 'user1',
+			'principaluri' => 'user2',
+			'id' => 666
 		];
 		$c = new Calendar($backend, $calendarInfo);
 		$c->delete();
diff --git a/apps/dav/tests/unit/carddav/addressbooktest.php b/apps/dav/tests/unit/carddav/addressbooktest.php
new file mode 100644
index 00000000000..d714fc71679
--- /dev/null
+++ b/apps/dav/tests/unit/carddav/addressbooktest.php
@@ -0,0 +1,64 @@
+<?php
+/**
+ * @author Thomas Müller <thomas.mueller@tmit.eu>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\DAV\Tests\Unit\CardDAV;
+
+use OCA\DAV\CardDAV\AddressBook;
+use OCA\DAV\CardDAV\CardDavBackend;
+use Test\TestCase;
+
+class AddressBookTest extends TestCase {
+
+	public function testDelete() {
+		/** @var \PHPUnit_Framework_MockObject_MockObject | CardDavBackend $backend */
+		$backend = $this->getMockBuilder('OCA\DAV\CardDAV\CardDavBackend')->disableOriginalConstructor()->getMock();
+		$backend->expects($this->once())->method('updateShares');
+		$backend->method('getShares')->willReturn([
+			['href' => 'principal:user2']
+		]);
+		$calendarInfo = [
+			'{http://owncloud.org/ns}owner-principal' => 'user1',
+			'principaluri' => 'user2',
+			'id' => 666
+		];
+		$c = new AddressBook($backend, $calendarInfo);
+		$c->delete();
+	}
+
+	/**
+	 * @expectedException \Sabre\DAV\Exception\Forbidden
+	 */
+	public function testDeleteFromGroup() {
+		/** @var \PHPUnit_Framework_MockObject_MockObject | CardDavBackend $backend */
+		$backend = $this->getMockBuilder('OCA\DAV\CardDAV\CardDavBackend')->disableOriginalConstructor()->getMock();
+		$backend->expects($this->never())->method('updateShares');
+		$backend->method('getShares')->willReturn([
+			['href' => 'principal:group2']
+		]);
+		$calendarInfo = [
+			'{http://owncloud.org/ns}owner-principal' => 'user1',
+			'principaluri' => 'user2',
+			'id' => 666
+		];
+		$c = new AddressBook($backend, $calendarInfo);
+		$c->delete();
+	}
+}