diff options
Diffstat (limited to 'apps/dav/lib/CalDAV/Calendar.php')
| -rw-r--r-- | apps/dav/lib/CalDAV/Calendar.php | 87 |
1 files changed, 49 insertions, 38 deletions
diff --git a/apps/dav/lib/CalDAV/Calendar.php b/apps/dav/lib/CalDAV/Calendar.php index ae5cb226b0e..38def19af1d 100644 --- a/apps/dav/lib/CalDAV/Calendar.php +++ b/apps/dav/lib/CalDAV/Calendar.php @@ -47,9 +47,14 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { /** @var IConfig */ private $config; - /** @var ProxyMapper */ - private $proxyMapper; - + /** + * Calendar constructor. + * + * @param BackendInterface $caldavBackend + * @param $calendarInfo + * @param IL10N $l10n + * @param IConfig $config + */ public function __construct(BackendInterface $caldavBackend, $calendarInfo, IL10N $l10n, IConfig $config) { parent::__construct($caldavBackend, $calendarInfo); @@ -62,9 +67,6 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { } $this->config = $config; - - // TODO: proper DI - $this->proxyMapper = \OC::$server->query(ProxyMapper::class); } /** @@ -126,29 +128,60 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { return $this->calendarInfo['principaluri']; } + /** + * @return array + */ public function getACL() { $acl = [ [ 'privilege' => '{DAV:}read', 'principal' => $this->getOwner(), 'protected' => true, - ]]; + ], + [ + 'privilege' => '{DAV:}read', + 'principal' => $this->getOwner() . '/calendar-proxy-write', + 'protected' => true, + ], + [ + 'privilege' => '{DAV:}read', + 'principal' => $this->getOwner() . '/calendar-proxy-read', + 'protected' => true, + ], + ]; + if ($this->getName() !== BirthdayService::BIRTHDAY_CALENDAR_URI) { $acl[] = [ 'privilege' => '{DAV:}write', 'principal' => $this->getOwner(), 'protected' => true, ]; + $acl[] = [ + 'privilege' => '{DAV:}write', + 'principal' => $this->getOwner() . '/calendar-proxy-write', + 'protected' => true, + ]; } else { $acl[] = [ 'privilege' => '{DAV:}write-properties', 'principal' => $this->getOwner(), 'protected' => true, ]; + $acl[] = [ + 'privilege' => '{DAV:}write-properties', + 'principal' => $this->getOwner() . '/calendar-proxy-write', + 'protected' => true, + ]; } + $acl[] = [ + 'privilege' => '{DAV:}write-properties', + 'principal' => $this->getOwner() . '/calendar-proxy-read', + 'protected' => true, + ]; + if (!$this->isShared()) { - return $this->addProxies($acl); + return $acl; } if ($this->getOwner() !== parent::getOwner()) { @@ -180,38 +213,16 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { } $acl = $this->caldavBackend->applyShareAcl($this->getResourceId(), $acl); - $allowedPrincipals = [$this->getOwner(), parent::getOwner(), 'principals/system/public']; - $acl = array_filter($acl, function($rule) use ($allowedPrincipals) { + $allowedPrincipals = [ + $this->getOwner(), + $this->getOwner(). '/calendar-proxy-read', + $this->getOwner(). '/calendar-proxy-write', + parent::getOwner(), + 'principals/system/public' + ]; + return array_filter($acl, function($rule) use ($allowedPrincipals) { return \in_array($rule['principal'], $allowedPrincipals, true); }); - - $acl = $this->addProxies($acl); - - return $acl; - } - - public function addProxies(array $acl): array { - list($prefix, $name) = \Sabre\Uri\split($this->getOwner()); - $proxies = $this->proxyMapper->getProxiesOf($name); - - foreach ($proxies as $proxy) { - if ($proxy->getPermissions() & ProxyMapper::PERMISSION_READ) { - $acl[] = [ - 'privilege' => '{DAV:}read', - 'principal' => 'principals/users/' . $proxy->getProxyId(), - 'protected' => true, - ]; - } - if ($proxy->getPermissions() & ProxyMapper::PERMISSION_WRITE) { - $acl[] = [ - 'privilege' => '{DAV:}write', - 'principal' => 'principals/users/' . $proxy->getProxyId(), - 'protected' => true, - ]; - } - } - - return $acl; } public function getChildACL() { |