From 1d1247069f3d36dca0e54a71295ee1626e342fab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 21 Apr 2016 13:36:52 +0200 Subject: [PATCH] Birthday calendar should never have write acl - fixes #24154 --- apps/dav/lib/caldav/calendar.php | 13 +++++++------ apps/dav/tests/unit/caldav/caldavbackendtest.php | 2 ++ apps/dav/tests/unit/caldav/calendartest.php | 13 +++++++++++-- apps/dav/tests/unit/connector/publicauth.php | 7 +++++++ 4 files changed, 27 insertions(+), 8 deletions(-) diff --git a/apps/dav/lib/caldav/calendar.php b/apps/dav/lib/caldav/calendar.php index 6d6c0b5d7a..f3637692e4 100644 --- a/apps/dav/lib/caldav/calendar.php +++ b/apps/dav/lib/caldav/calendar.php @@ -33,7 +33,6 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { parent::__construct($caldavBackend, $calendarInfo); if ($this->getName() === BirthdayService::BIRTHDAY_CALENDAR_URI) { - $this->calendarInfo['{http://sabredav.org/ns}read-only'] = true; $this->calendarInfo['{DAV:}displayname'] = $l10n->t('Contact birthdays'); } } @@ -94,11 +93,13 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { 'principal' => $this->getOwner(), 'protected' => true, ]]; - $acl[] = [ - 'privilege' => '{DAV:}write', - 'principal' => $this->getOwner(), - 'protected' => true, - ]; + if ($this->getName() !== BirthdayService::BIRTHDAY_CALENDAR_URI) { + $acl[] = [ + 'privilege' => '{DAV:}write', + 'principal' => $this->getOwner(), + 'protected' => true, + ]; + } if ($this->getOwner() !== parent::getOwner()) { $acl[] = [ 'privilege' => '{DAV:}read', diff --git a/apps/dav/tests/unit/caldav/caldavbackendtest.php b/apps/dav/tests/unit/caldav/caldavbackendtest.php index a4a19f5bd3..440db7636e 100644 --- a/apps/dav/tests/unit/caldav/caldavbackendtest.php +++ b/apps/dav/tests/unit/caldav/caldavbackendtest.php @@ -25,6 +25,7 @@ use DateTimeZone; use OCA\DAV\CalDAV\CalDavBackend; use OCA\DAV\CalDAV\Calendar; use OCA\DAV\Connector\Sabre\Principal; +use OCP\IL10N; use Sabre\CalDAV\Xml\Property\SupportedCalendarComponentSet; use Sabre\DAV\PropPatch; use Sabre\DAV\Xml\Property\Href; @@ -136,6 +137,7 @@ class CalDavBackendTest extends TestCase { */ public function testCalendarSharing($userCanRead, $userCanWrite, $groupCanRead, $groupCanWrite, $add) { + /** @var IL10N | \PHPUnit_Framework_MockObject_MockObject $l10n */ $l10n = $this->getMockBuilder('\OCP\IL10N') ->disableOriginalConstructor()->getMock(); $l10n diff --git a/apps/dav/tests/unit/caldav/calendartest.php b/apps/dav/tests/unit/caldav/calendartest.php index 812e0074d1..f13edde608 100644 --- a/apps/dav/tests/unit/caldav/calendartest.php +++ b/apps/dav/tests/unit/caldav/calendartest.php @@ -21,6 +21,7 @@ namespace OCA\DAV\Tests\Unit\CalDAV; +use OCA\DAV\CalDAV\BirthdayService; use OCA\DAV\CalDAV\CalDavBackend; use OCA\DAV\CalDAV\Calendar; use OCP\IL10N; @@ -123,14 +124,14 @@ class CalendarTest extends TestCase { /** * @dataProvider providesReadOnlyInfo */ - public function testAcl($expectsWrite, $readOnlyValue, $hasOwnerSet) { + public function testAcl($expectsWrite, $readOnlyValue, $hasOwnerSet, $uri = 'default') { /** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */ $backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock(); $backend->expects($this->any())->method('applyShareAcl')->willReturnArgument(1); $calendarInfo = [ 'principaluri' => 'user2', 'id' => 666, - 'uri' => 'default' + 'uri' => $uri ]; if (!is_null($readOnlyValue)) { $calendarInfo['{http://owncloud.org/ns}read-only'] = $readOnlyValue; @@ -151,6 +152,13 @@ class CalendarTest extends TestCase { 'principal' => $hasOwnerSet ? 'user1' : 'user2', 'protected' => true ]]; + if ($uri === BirthdayService::BIRTHDAY_CALENDAR_URI) { + $expectedAcl = [[ + 'privilege' => '{DAV:}read', + 'principal' => $hasOwnerSet ? 'user1' : 'user2', + 'protected' => true + ]]; + } if ($hasOwnerSet) { $expectedAcl[] = [ 'privilege' => '{DAV:}read', @@ -177,6 +185,7 @@ class CalendarTest extends TestCase { 'read-only property not set and no owner' => [true, null, false], 'read-only property is false and no owner' => [true, false, false], 'read-only property is true and no owner' => [false, true, false], + 'birthday calendar' => [false, false, false, BirthdayService::BIRTHDAY_CALENDAR_URI] ]; } } diff --git a/apps/dav/tests/unit/connector/publicauth.php b/apps/dav/tests/unit/connector/publicauth.php index 5f46651d37..76a6e1ac6a 100644 --- a/apps/dav/tests/unit/connector/publicauth.php +++ b/apps/dav/tests/unit/connector/publicauth.php @@ -7,6 +7,13 @@ use OCP\ISession; use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\IManager; +/** + * Class PublicAuth + * + * @group DB + * + * @package OCA\DAV\Tests\Unit\Connector + */ class PublicAuth extends \Test\TestCase { /** @var ISession|\PHPUnit_Framework_MockObject_MockObject */