From 4e50dd87d511597d1e7afbe231893fd3d79f2098 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 21 Apr 2016 13:36:52 +0200 Subject: [PATCH] Birthday calendar should never have write acl - fixes #24154 --- apps/dav/lib/caldav/calendar.php | 20 +++++++------------ .../tests/unit/caldav/caldavbackendtest.php | 1 + apps/dav/tests/unit/caldav/calendartest.php | 13 ++++++++++-- 3 files changed, 19 insertions(+), 15 deletions(-) diff --git a/apps/dav/lib/caldav/calendar.php b/apps/dav/lib/caldav/calendar.php index 5072d96107..9ff73f43f1 100644 --- a/apps/dav/lib/caldav/calendar.php +++ b/apps/dav/lib/caldav/calendar.php @@ -28,14 +28,6 @@ use Sabre\DAV\PropPatch; class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { - public function __construct(BackendInterface $caldavBackend, $calendarInfo) { - parent::__construct($caldavBackend, $calendarInfo); - - if ($this->getName() === BirthdayService::BIRTHDAY_CALENDAR_URI) { - $this->calendarInfo['{http://sabredav.org/ns}read-only'] = true; - } - } - /** * Updates the list of shares. * @@ -92,11 +84,13 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { 'principal' => $this->getOwner(), 'protected' => true, ]]; - $acl[] = [ - 'privilege' => '{DAV:}write', - 'principal' => $this->getOwner(), - 'protected' => true, - ]; + if ($this->getName() !== BirthdayService::BIRTHDAY_CALENDAR_URI) { + $acl[] = [ + 'privilege' => '{DAV:}write', + 'principal' => $this->getOwner(), + 'protected' => true, + ]; + } if ($this->getOwner() !== parent::getOwner()) { $acl[] = [ 'privilege' => '{DAV:}read', diff --git a/apps/dav/tests/unit/caldav/caldavbackendtest.php b/apps/dav/tests/unit/caldav/caldavbackendtest.php index 87a700a473..4a41c3e567 100644 --- a/apps/dav/tests/unit/caldav/caldavbackendtest.php +++ b/apps/dav/tests/unit/caldav/caldavbackendtest.php @@ -25,6 +25,7 @@ use DateTimeZone; use OCA\DAV\CalDAV\CalDavBackend; use OCA\DAV\CalDAV\Calendar; use OCA\DAV\Connector\Sabre\Principal; +use OCP\IL10N; use Sabre\CalDAV\Xml\Property\SupportedCalendarComponentSet; use Sabre\DAV\PropPatch; use Sabre\DAV\Xml\Property\Href; diff --git a/apps/dav/tests/unit/caldav/calendartest.php b/apps/dav/tests/unit/caldav/calendartest.php index 9e0c3c6c7e..41363dbf97 100644 --- a/apps/dav/tests/unit/caldav/calendartest.php +++ b/apps/dav/tests/unit/caldav/calendartest.php @@ -21,6 +21,7 @@ namespace OCA\DAV\Tests\Unit\CalDAV; +use OCA\DAV\CalDAV\BirthdayService; use OCA\DAV\CalDAV\CalDavBackend; use OCA\DAV\CalDAV\Calendar; use Sabre\DAV\PropPatch; @@ -107,14 +108,14 @@ class CalendarTest extends TestCase { /** * @dataProvider providesReadOnlyInfo */ - public function testAcl($expectsWrite, $readOnlyValue, $hasOwnerSet) { + public function testAcl($expectsWrite, $readOnlyValue, $hasOwnerSet, $uri = 'default') { /** @var \PHPUnit_Framework_MockObject_MockObject | CalDavBackend $backend */ $backend = $this->getMockBuilder('OCA\DAV\CalDAV\CalDavBackend')->disableOriginalConstructor()->getMock(); $backend->expects($this->any())->method('applyShareAcl')->willReturnArgument(1); $calendarInfo = [ 'principaluri' => 'user2', 'id' => 666, - 'uri' => 'default' + 'uri' => $uri ]; if (!is_null($readOnlyValue)) { $calendarInfo['{http://owncloud.org/ns}read-only'] = $readOnlyValue; @@ -135,6 +136,13 @@ class CalendarTest extends TestCase { 'principal' => $hasOwnerSet ? 'user1' : 'user2', 'protected' => true ]]; + if ($uri === BirthdayService::BIRTHDAY_CALENDAR_URI) { + $expectedAcl = [[ + 'privilege' => '{DAV:}read', + 'principal' => $hasOwnerSet ? 'user1' : 'user2', + 'protected' => true + ]]; + } if ($hasOwnerSet) { $expectedAcl[] = [ 'privilege' => '{DAV:}read', @@ -161,6 +169,7 @@ class CalendarTest extends TestCase { 'read-only property not set and no owner' => [true, null, false], 'read-only property is false and no owner' => [true, false, false], 'read-only property is true and no owner' => [false, true, false], + 'birthday calendar' => [false, false, false, BirthdayService::BIRTHDAY_CALENDAR_URI] ]; } }