mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #24155 from owncloud/fix-birthday_calendar-acl 

Birthday calendar should never have write acl
This commit is contained in:
Thomas Müller 2016-04-21 16:49:21 +02:00
parent 80959ad95a 1d1247069f
commit 6e4a28ae86
4 changed files with 27 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
apps/dav/lib/caldav/calendar.php
View File

@ -33,7 +33,6 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
parent::__construct($caldavBackend, $calendarInfo); parent::__construct($caldavBackend, $calendarInfo);
if ($this->getName() === BirthdayService::BIRTHDAY_CALENDAR_URI) { if ($this->getName() === BirthdayService::BIRTHDAY_CALENDAR_URI) {
$this->calendarInfo['{http://sabredav.org/ns}read-only'] = true;
$this->calendarInfo['{DAV:}displayname'] = $l10n->t('Contact birthdays'); $this->calendarInfo['{DAV:}displayname'] = $l10n->t('Contact birthdays');
} }
} }
@ -94,11 +93,13 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
'principal' => $this->getOwner(), 'principal' => $this->getOwner(),
'protected' => true, 'protected' => true,
]]; ]];
$acl[] = [ if ($this->getName() !== BirthdayService::BIRTHDAY_CALENDAR_URI) {
'privilege' => '{DAV:}write', $acl[] = [
'principal' => $this->getOwner(), 'privilege' => '{DAV:}write',
'protected' => true, 'principal' => $this->getOwner(),
]; 'protected' => true,
];
}
if ($this->getOwner() !== parent::getOwner()) { if ($this->getOwner() !== parent::getOwner()) {
$acl[] = [ $acl[] = [
'privilege' => '{DAV:}read', 'privilege' => '{DAV:}read',

2
apps/dav/tests/unit/caldav/caldavbackendtest.php
View File

@ -25,6 +25,7 @@ use DateTimeZone;
use OCA\DAV\CalDAV\CalDavBackend; use OCA\DAV\CalDAV\CalDavBackend;
use OCA\DAV\CalDAV\Calendar; use OCA\DAV\CalDAV\Calendar;
use OCA\DAV\Connector\Sabre\Principal; use OCA\DAV\Connector\Sabre\Principal;
use OCP\IL10N;
use Sabre\CalDAV\Xml\Property\SupportedCalendarComponentSet; use Sabre\CalDAV\Xml\Property\SupportedCalendarComponentSet;
use Sabre\DAV\PropPatch; use Sabre\DAV\PropPatch;
use Sabre\DAV\Xml\Property\Href; use Sabre\DAV\Xml\Property\Href;
@ -136,6 +137,7 @@ class CalDavBackendTest extends TestCase {
*/ */
public function testCalendarSharing($userCanRead, $userCanWrite, $groupCanRead, $groupCanWrite, $add) { public function testCalendarSharing($userCanRead, $userCanWrite, $groupCanRead, $groupCanWrite, $add) {
/** @var IL10N | \PHPUnit_Framework_MockObject_MockObject $l10n */
$l10n = $this->getMockBuilder('\OCP\IL10N') $l10n = $this->getMockBuilder('\OCP\IL10N')
->disableOriginalConstructor()->getMock(); ->disableOriginalConstructor()->getMock();
$l10n $l10n

13
apps/dav/tests/unit/caldav/calendartest.php
View File

@ -21,6 +21,7 @@
namespace OCA\DAV\Tests\Unit\CalDAV; namespace OCA\DAV\Tests\Unit\CalDAV;
use OCA\DAV\CalDAV\BirthdayService;
use OCA\DAV\CalDAV\CalDavBackend; use OCA\DAV\CalDAV\CalDavBackend;
use OCA\DAV\CalDAV\Calendar; use OCA\DAV\CalDAV\Calendar;
use OCP\IL10N; use OCP\IL10N;
@ -123,14 +124,14 @@ class CalendarTest extends TestCase {
/** /**
* @dataProvider providesReadOnlyInfo * @dataProvider providesReadOnlyInfo
*/ */
public function testAcl($expectsWrite, $readOnlyValue, $hasOwnerSet) { public function testAcl($expectsWrite, $readOnlyValue, $hasOwnerSet, $uri = 'default') {
/** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */ /** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */
$backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock(); $backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock();
$backend->expects($this->any())->method('applyShareAcl')->willReturnArgument(1); $backend->expects($this->any())->method('applyShareAcl')->willReturnArgument(1);
$calendarInfo = [ $calendarInfo = [
'principaluri' => 'user2', 'principaluri' => 'user2',
'id' => 666, 'id' => 666,
'uri' => 'default' 'uri' => $uri
]; ];
if (!is_null($readOnlyValue)) { if (!is_null($readOnlyValue)) {
$calendarInfo['{http://owncloud.org/ns}read-only'] = $readOnlyValue; $calendarInfo['{http://owncloud.org/ns}read-only'] = $readOnlyValue;
@ -151,6 +152,13 @@ class CalendarTest extends TestCase {
'principal' => $hasOwnerSet ? 'user1' : 'user2', 'principal' => $hasOwnerSet ? 'user1' : 'user2',
'protected' => true 'protected' => true
]]; ]];
if ($uri === BirthdayService::BIRTHDAY_CALENDAR_URI) {
$expectedAcl = [[
'privilege' => '{DAV:}read',
'principal' => $hasOwnerSet ? 'user1' : 'user2',
'protected' => true
]];
}
if ($hasOwnerSet) { if ($hasOwnerSet) {
$expectedAcl[] = [ $expectedAcl[] = [
'privilege' => '{DAV:}read', 'privilege' => '{DAV:}read',
@ -177,6 +185,7 @@ class CalendarTest extends TestCase {
'read-only property not set and no owner' => [true, null, false], 'read-only property not set and no owner' => [true, null, false],
'read-only property is false and no owner' => [true, false, false], 'read-only property is false and no owner' => [true, false, false],
'read-only property is true and no owner' => [false, true, false], 'read-only property is true and no owner' => [false, true, false],
'birthday calendar' => [false, false, false, BirthdayService::BIRTHDAY_CALENDAR_URI]
]; ];
} }
} }

7
apps/dav/tests/unit/connector/publicauth.php
View File

@ -7,6 +7,13 @@ use OCP\ISession;
use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\Exceptions\ShareNotFound;
use OCP\Share\IManager; use OCP\Share\IManager;
/**
* Class PublicAuth
*
* @group DB
*
* @package OCA\DAV\Tests\Unit\Connector
*/
class PublicAuth extends \Test\TestCase { class PublicAuth extends \Test\TestCase {
/** @var ISession|\PHPUnit_Framework_MockObject_MockObject */ /** @var ISession|\PHPUnit_Framework_MockObject_MockObject */