diff --git a/apps/dav/lib/CalDAV/CalDavBackend.php b/apps/dav/lib/CalDAV/CalDavBackend.php index dfef311132..dbe8643823 100644 --- a/apps/dav/lib/CalDAV/CalDavBackend.php +++ b/apps/dav/lib/CalDAV/CalDavBackend.php @@ -277,7 +277,21 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription ->setParameter('principaluri', $principals, \Doctrine\DBAL\Connection::PARAM_STR_ARRAY) ->execute(); + $readOnlyPropertyName = '{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only'; while($row = $result->fetch()) { + $readOnly = (int) $row['access'] === Backend::ACCESS_READ; + if (isset($calendars[$row['id']])) { + if ($readOnly) { + // New share can not have more permissions then the old one. + continue; + } + if (isset($calendars[$row['id']][$readOnlyPropertyName]) && + $calendars[$row['id']][$readOnlyPropertyName] === 0) { + // Old share is already read-write, no more permissions can be gained + continue; + } + } + list(, $name) = URLUtil::splitPath($row['principaluri']); $uri = $row['uri'] . '_shared_by_' . $name; $row['displayname'] = $row['displayname'] . ' (' . $this->getUserDisplayName($name) . ')'; @@ -294,16 +308,14 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription '{' . Plugin::NS_CALDAV . '}supported-calendar-component-set' => new SupportedCalendarComponentSet($components), '{' . Plugin::NS_CALDAV . '}schedule-calendar-transp' => new ScheduleCalendarTransp($row['transparent']?'transparent':'opaque'), '{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $this->convertPrincipal($row['principaluri'], !$this->legacyEndpoint), - '{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only' => (int)$row['access'] === Backend::ACCESS_READ, + $readOnlyPropertyName => $readOnly, ]; foreach($this->propertyMap as $xmlName=>$dbName) { $calendar[$xmlName] = $row[$dbName]; } - if (!isset($calendars[$calendar['id']])) { - $calendars[$calendar['id']] = $calendar; - } + $calendars[$calendar['id']] = $calendar; } $result->closeCursor(); diff --git a/apps/dav/lib/CardDAV/CardDavBackend.php b/apps/dav/lib/CardDAV/CardDavBackend.php index b71c6380a9..6f9a73298e 100644 --- a/apps/dav/lib/CardDAV/CardDavBackend.php +++ b/apps/dav/lib/CardDAV/CardDavBackend.php @@ -172,23 +172,36 @@ class CardDavBackend implements BackendInterface, SyncSupport { ->setParameter('principaluri', $principals, IQueryBuilder::PARAM_STR_ARRAY) ->execute(); + $readOnlyPropertyName = '{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only'; while($row = $result->fetch()) { + $readOnly = (int) $row['access'] === Backend::ACCESS_READ; + if (isset($addressBooks[$row['id']])) { + if ($readOnly) { + // New share can not have more permissions then the old one. + continue; + } + if (isset($addressBooks[$row['id']][$readOnlyPropertyName]) && + $addressBooks[$row['id']][$readOnlyPropertyName] === 0) { + // Old share is already read-write, no more permissions can be gained + continue; + } + } + list(, $name) = URLUtil::splitPath($row['principaluri']); $uri = $row['uri'] . '_shared_by_' . $name; $displayName = $row['displayname'] . ' (' . $this->getUserDisplayName($name) . ')'; - if (!isset($addressBooks[$row['id']])) { - $addressBooks[$row['id']] = [ - 'id' => $row['id'], - 'uri' => $uri, - 'principaluri' => $principalUriOriginal, - '{DAV:}displayname' => $displayName, - '{' . Plugin::NS_CARDDAV . '}addressbook-description' => $row['description'], - '{http://calendarserver.org/ns/}getctag' => $row['synctoken'], - '{http://sabredav.org/ns}sync-token' => $row['synctoken']?$row['synctoken']:'0', - '{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $row['principaluri'], - '{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only' => (int)$row['access'] === Backend::ACCESS_READ, - ]; - } + + $addressBooks[$row['id']] = [ + 'id' => $row['id'], + 'uri' => $uri, + 'principaluri' => $principalUriOriginal, + '{DAV:}displayname' => $displayName, + '{' . Plugin::NS_CARDDAV . '}addressbook-description' => $row['description'], + '{http://calendarserver.org/ns/}getctag' => $row['synctoken'], + '{http://sabredav.org/ns}sync-token' => $row['synctoken']?$row['synctoken']:'0', + '{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $row['principaluri'], + $readOnlyPropertyName => $readOnly, + ]; } $result->closeCursor(); diff --git a/apps/dav/tests/unit/CalDAV/AbstractCalDavBackendTest.php b/apps/dav/tests/unit/CalDAV/AbstractCalDavBackendTest.php index d15be72c77..ffdba9c5c8 100644 --- a/apps/dav/tests/unit/CalDAV/AbstractCalDavBackendTest.php +++ b/apps/dav/tests/unit/CalDAV/AbstractCalDavBackendTest.php @@ -55,6 +55,7 @@ abstract class AbstractCalDavBackendTest extends TestCase { const UNIT_TEST_USER = 'principals/users/caldav-unit-test'; const UNIT_TEST_USER1 = 'principals/users/caldav-unit-test1'; const UNIT_TEST_GROUP = 'principals/groups/caldav-unit-test-group'; + const UNIT_TEST_GROUP2 = 'principals/groups/caldav-unit-test-group2'; public function setUp() { parent::setUp(); @@ -71,7 +72,7 @@ abstract class AbstractCalDavBackendTest extends TestCase { ]); $this->principal->expects($this->any())->method('getGroupMembership') ->withAnyParameters() - ->willReturn([self::UNIT_TEST_GROUP]); + ->willReturn([self::UNIT_TEST_GROUP, self::UNIT_TEST_GROUP2]); $db = \OC::$server->getDatabaseConnection(); $this->random = \OC::$server->getSecureRandom(); diff --git a/apps/dav/tests/unit/CalDAV/CalDavBackendTest.php b/apps/dav/tests/unit/CalDAV/CalDavBackendTest.php index bd6c9f2788..fe40689e45 100644 --- a/apps/dav/tests/unit/CalDAV/CalDavBackendTest.php +++ b/apps/dav/tests/unit/CalDAV/CalDavBackendTest.php @@ -83,6 +83,26 @@ class CalDavBackendTest extends AbstractCalDavBackendTest { 'readOnly' => true ] ]], + [true, true, true, false, [ + [ + 'href' => 'principal:' . self::UNIT_TEST_GROUP, + 'readOnly' => true, + ], + [ + 'href' => 'principal:' . self::UNIT_TEST_GROUP2, + 'readOnly' => false, + ], + ]], + [true, true, true, true, [ + [ + 'href' => 'principal:' . self::UNIT_TEST_GROUP, + 'readOnly' => false, + ], + [ + 'href' => 'principal:' . self::UNIT_TEST_GROUP2, + 'readOnly' => true, + ], + ]], [true, false, false, false, [ [ 'href' => 'principal:' . self::UNIT_TEST_USER1,