summaryrefslogtreecommitdiffstats
path: root/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/dav/lib/Connector/Sabre/DavAclPlugin.php')
-rw-r--r--apps/dav/lib/Connector/Sabre/DavAclPlugin.php17
1 files changed, 17 insertions, 0 deletions
diff --git a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
index 244394ec6fc..427a3756019 100644
--- a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
+++ b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
@@ -23,6 +23,7 @@
namespace OCA\DAV\Connector\Sabre;
+use Sabre\CalDAV\Principal\User;
use Sabre\DAV\Exception\NotFound;
use Sabre\DAV\IFile;
use Sabre\DAV\INode;
@@ -72,4 +73,20 @@ class DavAclPlugin extends \Sabre\DAVACL\Plugin {
return $access;
}
+
+ public function propFind(PropFind $propFind, INode $node) {
+ // If the node is neither readable nor writable then fail unless its of
+ // the standard user-principal
+ if(!($node instanceof User)) {
+ $path = $propFind->getPath();
+ $readPermissions = $this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, false);
+ $writePermissions = $this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, false);
+ if ($readPermissions === false && $writePermissions === false) {
+ $this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, true);
+ $this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, true);
+ }
+ }
+
+ return parent::propFind($propFind, $node);
+ }
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-30 16:27:52 +0000