Add correct principals for the current user before ACL check
This commit is contained in:
Joas Schilling
Thomas Müller
parent
4e2f9ce05b
commit
b216be8cca
|
|
@ -62,7 +62,10 @@ $server->setBaseUri($baseuri);
|
|||
$server->addPlugin(new MaintenancePlugin());
|
||||
$server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend, 'ownCloud'));
|
||||
$server->addPlugin(new \Sabre\CalDAV\Plugin());
|
||||
$server->addPlugin(new \Sabre\DAVACL\Plugin());
|
||||
|
||||
$acl = new \OCA\DAV\Connector\LegacyDAVACL();
|
||||
$server->addPlugin($acl);
|
||||
|
||||
$server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin());
|
||||
$server->addPlugin(new ExceptionLoggerPlugin('caldav', \OC::$server->getLogger()));
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,6 @@
|
|||
// Backends
|
||||
use OCA\DAV\CardDAV\AddressBookRoot;
|
||||
use OCA\DAV\CardDAV\CardDavBackend;
|
||||
use OCA\DAV\Connector\Sabre\AppEnabledPlugin;
|
||||
use OCA\DAV\Connector\Sabre\Auth;
|
||||
use OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin;
|
||||
use OCA\DAV\Connector\Sabre\MaintenancePlugin;
|
||||
|
|
@ -63,7 +62,10 @@ $server->setBaseUri($baseuri);
|
|||
$server->addPlugin(new MaintenancePlugin());
|
||||
$server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend, 'ownCloud'));
|
||||
$server->addPlugin(new Plugin());
|
||||
$server->addPlugin(new \Sabre\DAVACL\Plugin());
|
||||
|
||||
$acl = new \OCA\DAV\Connector\LegacyDAVACL();
|
||||
$server->addPlugin($acl);
|
||||
|
||||
$server->addPlugin(new \Sabre\CardDAV\VCFExportPlugin());
|
||||
$server->addPlugin(new ExceptionLoggerPlugin('carddav', \OC::$server->getLogger()));
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,69 @@
|
|||
<?php
|
||||
/**
|
||||
* @author Joas Schilling <nickvergessen@owncloud.com>
|
||||
*
|
||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||
* @license AGPL-3.0
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\DAV\Connector;
|
||||
|
||||
|
||||
use Sabre\HTTP\URLUtil;
|
||||
|
||||
class LegacyDAVACL extends \Sabre\DAVACL\Plugin {
|
||||
|
||||
/**
|
||||
* Converts the v1 principal `principal/<username>` to the new v2
|
||||
* `principal/users/<username>` which is required for permission checks
|
||||
*
|
||||
* @inheritdoc
|
||||
*/
|
||||
function getCurrentUserPrincipal() {
|
||||
$principalV1 = parent::getCurrentUserPrincipal();
|
||||
if (is_null($principalV1)) {
|
||||
return $principalV1;
|
||||
}
|
||||
return $this->convertPrincipal($principalV1, true);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
function getCurrentUserPrincipals() {
|
||||
$principalV2 = $this->getCurrentUserPrincipal();
|
||||
|
||||
if (is_null($principalV2)) return [];
|
||||
|
||||
$principalV1 = $this->convertPrincipal($principalV2, false);
|
||||
return array_merge(
|
||||
[
|
||||
$principalV2,
|
||||
$principalV1
|
||||
],
|
||||
$this->getPrincipalMembership($principalV1)
|
||||
);
|
||||
}
|
||||
|
||||
private function convertPrincipal($principal, $toV2) {
|
||||
list(, $name) = URLUtil::splitPath($principal);
|
||||
if ($toV2) {
|
||||
return "principals/users/$name";
|
||||
}
|
||||
return "principals/$name";
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue