mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

allow admins to override FreeBusy capabilities without modifying ShareAPI capabilities 

Signed-off-by: Georg Ehrke <developer@georgehrke.com>
This commit is contained in:
Georg Ehrke 2018-05-22 15:09:21 +02:00
parent 57d4a16cfb
commit 367ca563b4
No known key found for this signature in database
GPG Key ID: 9D98FD9380A1CB43
8 changed files with 172 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/dav/appinfo/v1/caldav.php
View File

@ -46,6 +46,7 @@ $principalBackend = new Principal(
\OC::$server->getGroupManager(), \OC::$server->getGroupManager(),
\OC::$server->getShareManager(), \OC::$server->getShareManager(),
\OC::$server->getUserSession(), \OC::$server->getUserSession(),
\OC::$server->getConfig(),
'principals/' 'principals/'
); );
$db = \OC::$server->getDatabaseConnection(); $db = \OC::$server->getDatabaseConnection();

1
apps/dav/appinfo/v1/carddav.php
View File

@ -47,6 +47,7 @@ $principalBackend = new Principal(
\OC::$server->getGroupManager(), \OC::$server->getGroupManager(),
\OC::$server->getShareManager(), \OC::$server->getShareManager(),
\OC::$server->getUserSession(), \OC::$server->getUserSession(),
\OC::$server->getConfig(),
'principals/' 'principals/'
); );
$db = \OC::$server->getDatabaseConnection(); $db = \OC::$server->getDatabaseConnection();

3
apps/dav/lib/Command/CreateCalendar.php
View File

@ -77,7 +77,8 @@ class CreateCalendar extends Command {
$this->userManager, $this->userManager,
$this->groupManager, $this->groupManager,
\OC::$server->getShareManager(), \OC::$server->getShareManager(),
\OC::$server->getUserSession() \OC::$server->getUserSession(),
\OC::$server->getConfig()
); );
$random = \OC::$server->getSecureRandom(); $random = \OC::$server->getSecureRandom();
$logger = \OC::$server->getLogger(); $logger = \OC::$server->getLogger();

19
apps/dav/lib/Connector/Sabre/Principal.php
View File

@ -30,6 +30,7 @@
namespace OCA\DAV\Connector\Sabre; namespace OCA\DAV\Connector\Sabre;
use OCP\IConfig;
use OCP\IGroup; use OCP\IGroup;
use OCP\IGroupManager; use OCP\IGroupManager;
use OCP\IUser; use OCP\IUser;
@ -54,6 +55,9 @@ class Principal implements BackendInterface {
/** @var IUserSession */ /** @var IUserSession */
private $userSession; private $userSession;
/** @var IConfig */
private $config;
/** @var string */ /** @var string */
private $principalPrefix; private $principalPrefix;
@ -65,17 +69,20 @@ class Principal implements BackendInterface {
* @param IGroupManager $groupManager * @param IGroupManager $groupManager
* @param IShareManager $shareManager * @param IShareManager $shareManager
* @param IUserSession $userSession * @param IUserSession $userSession
* @param IConfig $config
* @param string $principalPrefix * @param string $principalPrefix
*/ */
public function __construct(IUserManager $userManager, public function __construct(IUserManager $userManager,
IGroupManager $groupManager, IGroupManager $groupManager,
IShareManager $shareManager, IShareManager $shareManager,
IUserSession $userSession, IUserSession $userSession,
IConfig $config,
$principalPrefix = 'principals/users/') { $principalPrefix = 'principals/users/') {
$this->userManager = $userManager; $this->userManager = $userManager;
$this->groupManager = $groupManager; $this->groupManager = $groupManager;
$this->shareManager = $shareManager; $this->shareManager = $shareManager;
$this->userSession = $userSession; $this->userSession = $userSession;
$this->config = $config;
$this->principalPrefix = trim($principalPrefix, '/'); $this->principalPrefix = trim($principalPrefix, '/');
$this->hasGroups = ($principalPrefix === 'principals/users/'); $this->hasGroups = ($principalPrefix === 'principals/users/');
} }
@ -205,8 +212,10 @@ class Principal implements BackendInterface {
protected function searchUserPrincipals(array $searchProperties, $test = 'allof') { protected function searchUserPrincipals(array $searchProperties, $test = 'allof') {
$results = []; $results = [];
// If sharing is disabled, return the empty array // If sharing is disabled (or FreeBusy was disabled on purpose), return the empty array
if (!$this->shareManager->shareApiEnabled()) { $shareAPIEnabled = $this->shareManager->shareApiEnabled();
$disableFreeBusy = $this->config->getAppValue('dav', 'disableFreeBusy', $shareAPIEnabled ? 'no' : 'yes');
if ($disableFreeBusy === 'yes') {
return []; return [];
} }
@ -289,8 +298,10 @@ class Principal implements BackendInterface {
* @return string * @return string
*/ */
function findByUri($uri, $principalPrefix) { function findByUri($uri, $principalPrefix) {
// If sharing is disabled, return null as in user not found // If sharing is disabled (or FreeBusy was disabled on purpose), return the empty array
if (!$this->shareManager->shareApiEnabled()) { $shareAPIEnabled = $this->shareManager->shareApiEnabled();
$disableFreeBusy = $this->config->getAppValue('dav', 'disableFreeBusy', $shareAPIEnabled ? 'no' : 'yes');
if ($disableFreeBusy === 'yes') {
return null; return null;
} }

3
apps/dav/lib/RootCollection.php
View File

@ -51,7 +51,8 @@ class RootCollection extends SimpleCollection {
$userManager, $userManager,
$groupManager, $groupManager,
$shareManager, $shareManager,
\OC::$server->getUserSession() \OC::$server->getUserSession(),
$config
); );
$groupPrincipalBackend = new GroupPrincipalBackend($groupManager); $groupPrincipalBackend = new GroupPrincipalBackend($groupManager);
// as soon as debug mode is enabled we allow listing of principals // as soon as debug mode is enabled we allow listing of principals

228
apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php
View File

@ -27,6 +27,7 @@
namespace OCA\DAV\Tests\unit\Connector\Sabre; namespace OCA\DAV\Tests\unit\Connector\Sabre;
use OC\User\User; use OC\User\User;
use OCP\IConfig;
use OCP\IGroup; use OCP\IGroup;
use OCP\IGroupManager; use OCP\IGroupManager;
use OCP\IUser; use OCP\IUser;
@ -47,18 +48,22 @@ class PrincipalTest extends TestCase {
private $shareManager; private $shareManager;
/** @var IUserSession | \PHPUnit_Framework_MockObject_MockObject */ /** @var IUserSession | \PHPUnit_Framework_MockObject_MockObject */
private $userSession; private $userSession;
/** @var IConfig | \PHPUnit_Framework_MockObject_MockObject */
private $config;
public function setUp() { public function setUp() {
$this->userManager = $this->createMock(IUserManager::class); $this->userManager = $this->createMock(IUserManager::class);
$this->groupManager = $this->createMock(IGroupManager::class); $this->groupManager = $this->createMock(IGroupManager::class);
$this->shareManager = $this->createMock(IManager::class); $this->shareManager = $this->createMock(IManager::class);
$this->userSession = $this->createMock(IUserSession::class); $this->userSession = $this->createMock(IUserSession::class);
$this->config = $this->createMock(IConfig::class);
$this->connector = new \OCA\DAV\Connector\Sabre\Principal( $this->connector = new \OCA\DAV\Connector\Sabre\Principal(
$this->userManager, $this->userManager,
$this->groupManager, $this->groupManager,
$this->shareManager, $this->shareManager,
$this->userSession); $this->userSession,
$this->config);
parent::setUp(); parent::setUp();
} }
@ -278,26 +283,37 @@ class PrincipalTest extends TestCase {
/** /**
* @dataProvider searchPrincipalsDataProvider * @dataProvider searchPrincipalsDataProvider
*/ */
public function testSearchPrincipals($sharingEnabled, $groupsOnly, $result) { public function testSearchPrincipals($disableFreeBusy, $sharingEnabled, $disableFBSharingCombination, $groupsOnly, $result) {
$this->shareManager->expects($this->once()) $this->shareManager->expects($this->once())
->method('shareAPIEnabled') ->method('shareAPIEnabled')
->will($this->returnValue($sharingEnabled)); ->will($this->returnValue($sharingEnabled));
$this->config->expects($this->once())
->method('getAppValue')
->with('dav', 'disableFreeBusy', $sharingEnabled ? 'no' : 'yes')
->will($this->returnValue($disableFBSharingCombination));
if ($sharingEnabled) { if ($disableFreeBusy === 'no') {
$this->shareManager->expects($this->once()) if ($sharingEnabled) {
->method('shareWithGroupMembersOnly') $this->shareManager->expects($this->once())
->will($this->returnValue($groupsOnly)); ->method('shareWithGroupMembersOnly')
->will($this->returnValue($groupsOnly));
if ($groupsOnly) { if ($groupsOnly) {
$user = $this->createMock(IUser::class); $user = $this->createMock(IUser::class);
$this->userSession->expects($this->once()) $this->userSession->expects($this->once())
->method('getUser') ->method('getUser')
->will($this->returnValue($user)); ->will($this->returnValue($user));
$this->groupManager->expects($this->at(0)) $this->groupManager->expects($this->at(0))
->method('getUserGroupIds') ->method('getUserGroupIds')
->with($user) ->with($user)
->will($this->returnValue(['group1', 'group2'])); ->will($this->returnValue(['group1', 'group2']));
}
} else {
$this->shareManager->expects($this->never())
->method('shareWithGroupMembersOnly');
$this->groupManager->expects($this->never())
->method($this->anything());
} }
} else { } else {
$this->shareManager->expects($this->never()) $this->shareManager->expects($this->never())
@ -306,27 +322,43 @@ class PrincipalTest extends TestCase {
->method($this->anything()); ->method($this->anything());
} }
$user2 = $this->createMock(IUser::class); $user2 = $this->createMock(IUser::class);
$user2->method('getUID')->will($this->returnValue('user2')); $user2->method('getUID')->will($this->returnValue('user2'));
$user3 = $this->createMock(IUser::class); $user3 = $this->createMock(IUser::class);
$user3->method('getUID')->will($this->returnValue('user3')); $user3->method('getUID')->will($this->returnValue('user3'));
if ($sharingEnabled) { if ($disableFreeBusy === 'no') {
$this->userManager->expects($this->at(0)) if ($sharingEnabled) {
->method('getByEmail') $this->userManager->expects($this->at(0))
->with('user') ->method('getByEmail')
->will($this->returnValue([$user2, $user3])); ->with('user')
->will($this->returnValue([$user2, $user3]));
} else {
$this->userManager->expects($this->never())
->method('getByEmail');
}
} else {
$this->userManager->expects($this->never())
->method('getByEmail');
} }
if ($sharingEnabled && $groupsOnly) { if ($disableFreeBusy === 'no') {
$this->groupManager->expects($this->at(1)) if ($sharingEnabled && $groupsOnly) {
->method('getUserGroupIds') $this->groupManager->expects($this->at(1))
->with($user2) ->method('getUserGroupIds')
->will($this->returnValue(['group1', 'group3'])); ->with($user2)
$this->groupManager->expects($this->at(2)) ->will($this->returnValue(['group1', 'group3']));
->method('getUserGroupIds') $this->groupManager->expects($this->at(2))
->with($user3) ->method('getUserGroupIds')
->will($this->returnValue(['group3', 'group4'])); ->with($user3)
->will($this->returnValue(['group3', 'group4']));
}
} else {
$this->groupManager->expects($this->never())
->method('getUserGroupIds');
$this->groupManager->expects($this->never())
->method('getUserGroupIds');
} }
$this->assertEquals($result, $this->connector->searchPrincipals('principals/users', $this->assertEquals($result, $this->connector->searchPrincipals('principals/users',
@ -335,9 +367,12 @@ class PrincipalTest extends TestCase {
public function searchPrincipalsDataProvider() { public function searchPrincipalsDataProvider() {
return [ return [
[true, false, ['principals/users/user2', 'principals/users/user3']], ['yes', true, 'yes', false, []],
[true, true, ['principals/users/user2']], ['no', true, 'no', false, ['principals/users/user2', 'principals/users/user3']],
[false, false, []], ['yes', true, 'yes', true, []],
['no', true, 'no', true, ['principals/users/user2']],
['yes', false, 'yes', false, []],
['no', false, 'yes', false, []],
]; ];
} }
@ -345,6 +380,10 @@ class PrincipalTest extends TestCase {
$this->shareManager->expects($this->once()) $this->shareManager->expects($this->once())
->method('shareApiEnabled') ->method('shareApiEnabled')
->will($this->returnValue(false)); ->will($this->returnValue(false));
$this->config->expects($this->once())
->method('getAppValue')
->with('dav', 'disableFreeBusy', 'yes')
->will($this->returnValue('yes'));
$this->assertEquals(null, $this->connector->findByUri('mailto:user@foo.com', 'principals/users')); $this->assertEquals(null, $this->connector->findByUri('mailto:user@foo.com', 'principals/users'));
} }
@ -352,45 +391,56 @@ class PrincipalTest extends TestCase {
/** /**
* @dataProvider findByUriWithGroupRestrictionDataProvider * @dataProvider findByUriWithGroupRestrictionDataProvider
*/ */
public function testFindByUriWithGroupRestriction($uri, $email, $expects) { public function testFindByUriWithGroupRestriction($disableFreeBusy, $uri, $email, $expects) {
$this->shareManager->expects($this->once()) $this->shareManager->expects($this->once())
->method('shareApiEnabled') ->method('shareApiEnabled')
->will($this->returnValue(true)); ->will($this->returnValue(true));
$this->config->expects($this->once())
->method('getAppValue')
->with('dav', 'disableFreeBusy', 'no')
->will($this->returnValue($disableFreeBusy));
$this->shareManager->expects($this->once()) if ($disableFreeBusy === 'yes') {
->method('shareWithGroupMembersOnly') $this->shareManager->expects($this->never())
->will($this->returnValue(true)); ->method('shareWithGroupMembersOnly');
$this->userSession->expects($this->never())
$user = $this->createMock(IUser::class); ->method('getUser');
$this->userSession->expects($this->once())
->method('getUser')
->will($this->returnValue($user));
$this->groupManager->expects($this->at(0))
->method('getUserGroupIds')
->with($user)
->will($this->returnValue(['group1', 'group2']));
$user2 = $this->createMock(IUser::class);
$user2->method('getUID')->will($this->returnValue('user2'));
$user3 = $this->createMock(IUser::class);
$user3->method('getUID')->will($this->returnValue('user3'));
$this->userManager->expects($this->once())
->method('getByEmail')
->with($email)
->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
if ($email === 'user2@foo.bar') {
$this->groupManager->expects($this->at(1))
->method('getUserGroupIds')
->with($user2)
->will($this->returnValue(['group1', 'group3']));
} else { } else {
$this->groupManager->expects($this->at(1)) $this->shareManager->expects($this->once())
->method('shareWithGroupMembersOnly')
->will($this->returnValue(true));
$user = $this->createMock(IUser::class);
$this->userSession->expects($this->once())
->method('getUser')
->will($this->returnValue($user));
$this->groupManager->expects($this->at(0))
->method('getUserGroupIds') ->method('getUserGroupIds')
->with($user3) ->with($user)
->will($this->returnValue(['group3', 'group3'])); ->will($this->returnValue(['group1', 'group2']));
$user2 = $this->createMock(IUser::class);
$user2->method('getUID')->will($this->returnValue('user2'));
$user3 = $this->createMock(IUser::class);
$user3->method('getUID')->will($this->returnValue('user3'));
$this->userManager->expects($this->once())
->method('getByEmail')
->with($email)
->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
if ($email === 'user2@foo.bar') {
$this->groupManager->expects($this->at(1))
->method('getUserGroupIds')
->with($user2)
->will($this->returnValue(['group1', 'group3']));
} else {
$this->groupManager->expects($this->at(1))
->method('getUserGroupIds')
->with($user3)
->will($this->returnValue(['group3', 'group3']));
}
} }
$this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users')); $this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users'));
@ -398,40 +448,56 @@ class PrincipalTest extends TestCase {
public function findByUriWithGroupRestrictionDataProvider() { public function findByUriWithGroupRestrictionDataProvider() {
return [ return [
['mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'], ['yes', 'mailto:user2@foo.bar', 'user2@foo.bar', null],
['mailto:user3@foo.bar', 'user3@foo.bar', null], ['no', 'mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'],
['yes', 'mailto:user3@foo.bar', 'user3@foo.bar', null],
['no', 'mailto:user3@foo.bar', 'user3@foo.bar', null],
]; ];
} }
/** /**
* @dataProvider findByUriWithoutGroupRestrictionDataProvider * @dataProvider findByUriWithoutGroupRestrictionDataProvider
*/ */
public function testFindByUriWithoutGroupRestriction($uri, $email, $expects) { public function testFindByUriWithoutGroupRestriction($disableFreeBusy, $uri, $email, $expects) {
$this->shareManager->expects($this->once()) $this->shareManager->expects($this->once())
->method('shareApiEnabled') ->method('shareApiEnabled')
->will($this->returnValue(true)); ->will($this->returnValue(true));
$this->config->expects($this->once())
->method('getAppValue')
->with('dav', 'disableFreeBusy', 'no')
->will($this->returnValue($disableFreeBusy));
$this->shareManager->expects($this->once()) if ($disableFreeBusy === 'yes') {
->method('shareWithGroupMembersOnly') $this->shareManager->expects($this->never())
->will($this->returnValue(false)); ->method('shareWithGroupMembersOnly');
$user2 = $this->createMock(IUser::class); $this->userManager->expects($this->never())
$user2->method('getUID')->will($this->returnValue('user2')); ->method('getByEmail');
$user3 = $this->createMock(IUser::class); } else {
$user3->method('getUID')->will($this->returnValue('user3')); $this->shareManager->expects($this->once())
->method('shareWithGroupMembersOnly')
->will($this->returnValue(false));
$this->userManager->expects($this->once()) $user2 = $this->createMock(IUser::class);
->method('getByEmail') $user2->method('getUID')->will($this->returnValue('user2'));
->with($email) $user3 = $this->createMock(IUser::class);
->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3])); $user3->method('getUID')->will($this->returnValue('user3'));
$this->userManager->expects($this->once())
->method('getByEmail')
->with($email)
->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
}
$this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users')); $this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users'));
} }
public function findByUriWithoutGroupRestrictionDataProvider() { public function findByUriWithoutGroupRestrictionDataProvider() {
return [ return [
['mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'], ['yes', 'mailto:user2@foo.bar', 'user2@foo.bar', null],
['mailto:user3@foo.bar', 'user3@foo.bar', 'principals/users/user3'], ['yes', 'mailto:user3@foo.bar', 'user3@foo.bar', null],
['no', 'mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'],
['no', 'mailto:user3@foo.bar', 'user3@foo.bar', 'principals/users/user3'],
]; ];
} }
} }

3
apps/files_trashbin/lib/AppInfo/Application.php
View File

@ -57,7 +57,8 @@ class Application extends App {
\OC::$server->getUserManager(), \OC::$server->getUserManager(),
\OC::$server->getGroupManager(), \OC::$server->getGroupManager(),
\OC::$server->getShareManager(), \OC::$server->getShareManager(),
\OC::$server->getUserSession() \OC::$server->getUserSession(),
\OC::$server->getConfig()
); );
}); });
} }

3
apps/files_versions/lib/AppInfo/Application.php
View File

@ -48,7 +48,8 @@ class Application extends App {
\OC::$server->getUserManager(), \OC::$server->getUserManager(),
\OC::$server->getGroupManager(), \OC::$server->getGroupManager(),
\OC::$server->getShareManager(), \OC::$server->getShareManager(),
\OC::$server->getUserSession() \OC::$server->getUserSession(),
\OC::$server->getConfig()
); );
}); });
} }