Merge pull request #6715 from go2sh/fix-freebusy

Fix the FreeBusy request handling for proper scheduling support
This commit is contained in:
Morris Jobke 2017-12-11 16:51:15 +01:00 committed by GitHub
commit d0ec0ce71c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 420 additions and 25 deletions

View File

@ -44,6 +44,8 @@ $authBackend = new Auth(
$principalBackend = new Principal(
\OC::$server->getUserManager(),
\OC::$server->getGroupManager(),
\OC::$server->getShareManager(),
\OC::$server->getUserSession(),
'principals/'
);
$db = \OC::$server->getDatabaseConnection();

View File

@ -45,6 +45,8 @@ $authBackend = new Auth(
$principalBackend = new Principal(
\OC::$server->getUserManager(),
\OC::$server->getGroupManager(),
\OC::$server->getShareManager(),
\OC::$server->getUserSession(),
'principals/'
);
$db = \OC::$server->getDatabaseConnection();

View File

@ -30,6 +30,8 @@ return array(
'OCA\\DAV\\CalDAV\\CalendarObject' => $baseDir . '/../lib/CalDAV/CalendarObject.php',
'OCA\\DAV\\CalDAV\\CalendarRoot' => $baseDir . '/../lib/CalDAV/CalendarRoot.php',
'OCA\\DAV\\CalDAV\\Plugin' => $baseDir . '/../lib/CalDAV/Plugin.php',
'OCA\\DAV\\CalDAV\\Principal\\Collection' => $baseDir . '/../lib/CalDAV/Principal/Collection.php',
'OCA\\DAV\\CalDAV\\Principal\\User' => $baseDir . '/../lib/CalDAV/Principal/User.php',
'OCA\\DAV\\CalDAV\\PublicCalendar' => $baseDir . '/../lib/CalDAV/PublicCalendar.php',
'OCA\\DAV\\CalDAV\\PublicCalendarObject' => $baseDir . '/../lib/CalDAV/PublicCalendarObject.php',
'OCA\\DAV\\CalDAV\\PublicCalendarRoot' => $baseDir . '/../lib/CalDAV/PublicCalendarRoot.php',

View File

@ -45,6 +45,8 @@ class ComposerStaticInitDAV
'OCA\\DAV\\CalDAV\\CalendarObject' => __DIR__ . '/..' . '/../lib/CalDAV/CalendarObject.php',
'OCA\\DAV\\CalDAV\\CalendarRoot' => __DIR__ . '/..' . '/../lib/CalDAV/CalendarRoot.php',
'OCA\\DAV\\CalDAV\\Plugin' => __DIR__ . '/..' . '/../lib/CalDAV/Plugin.php',
'OCA\\DAV\\CalDAV\\Principal\\Collection' => __DIR__ . '/..' . '/../lib/CalDAV/Principal/Collection.php',
'OCA\\DAV\\CalDAV\\Principal\\User' => __DIR__ . '/..' . '/../lib/CalDAV/Principal/User.php',
'OCA\\DAV\\CalDAV\\PublicCalendar' => __DIR__ . '/..' . '/../lib/CalDAV/PublicCalendar.php',
'OCA\\DAV\\CalDAV\\PublicCalendarObject' => __DIR__ . '/..' . '/../lib/CalDAV/PublicCalendarObject.php',
'OCA\\DAV\\CalDAV\\PublicCalendarRoot' => __DIR__ . '/..' . '/../lib/CalDAV/PublicCalendarRoot.php',

View File

@ -353,7 +353,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
'{' . Plugin::NS_CALENDARSERVER . '}getctag' => 'http://sabre.io/ns/sync/' . ($row['synctoken']?$row['synctoken']:'0'),
'{http://sabredav.org/ns}sync-token' => $row['synctoken']?$row['synctoken']:'0',
'{' . Plugin::NS_CALDAV . '}supported-calendar-component-set' => new SupportedCalendarComponentSet($components),
'{' . Plugin::NS_CALDAV . '}schedule-calendar-transp' => new ScheduleCalendarTransp($row['transparent']?'transparent':'opaque'),
'{' . Plugin::NS_CALDAV . '}schedule-calendar-transp' => new ScheduleCalendarTransp('transparent'),
'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $this->convertPrincipal($row['principaluri'], !$this->legacyEndpoint),
$readOnlyPropertyName => $readOnly,
];

View File

@ -0,0 +1,45 @@
<?php
/**
* @copyright Copyright (c) 2017, Christoph Seitz <christoph.seitz@posteo.de>
*
* @author Christoph Seitz <christoph.seitz@posteo.de>
*
* @license GNU AGPL version 3 or any later version
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\DAV\CalDAV\Principal;
use OCA\DAV\CalDAV\Principal\User;
/**
* Class Collection
*
* @package OCA\DAV\CalDAV\Principal
*/
class Collection extends \Sabre\CalDAV\Principal\Collection {
/**
* Returns a child object based on principal information
*
* @param array $principalInfo
* @return User
*/
function getChildForPrincipal(array $principalInfo) {
return new User($this->principalBackend, $principalInfo);
}
}

View File

@ -0,0 +1,55 @@
<?php
/**
* @copyright Copyright (c) 2017, Christoph Seitz <christoph.seitz@posteo.de>
*
* @author Christoph Seitz <christoph.seitz@posteo.de>
*
* @license GNU AGPL version 3 or any later version
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\DAV\CalDAV\Principal;
/**
* Class User
*
* @package OCA\DAV\CalDAV\Principal
*/
class User extends \Sabre\CalDAV\Principal\User {
/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
function getACL() {
$acl = parent::getACL();
$acl[] = [
'privilege' => '{DAV:}read',
'principal' => '{DAV:}authenticated',
'protected' => true,
];
return $acl;
}
}

View File

@ -75,7 +75,9 @@ class CreateCalendar extends Command {
}
$principalBackend = new Principal(
$this->userManager,
$this->groupManager
$this->groupManager,
\OC::$server->getShareManager(),
\OC::$server->getUserSession()
);
$random = \OC::$server->getSecureRandom();
$logger = \OC::$server->getLogger();

View File

@ -34,6 +34,8 @@ use OCP\IGroup;
use OCP\IGroupManager;
use OCP\IUser;
use OCP\IUserManager;
use OCP\IUserSession;
use OCP\Share\IManager as IShareManager;
use Sabre\DAV\Exception;
use \Sabre\DAV\PropPatch;
use Sabre\DAVACL\PrincipalBackend\BackendInterface;
@ -47,6 +49,12 @@ class Principal implements BackendInterface {
/** @var IGroupManager */
private $groupManager;
/** @var IShareManager */
private $shareManager;
/** @var IUserSession */
private $userSession;
/** @var string */
private $principalPrefix;
@ -56,13 +64,19 @@ class Principal implements BackendInterface {
/**
* @param IUserManager $userManager
* @param IGroupManager $groupManager
* @param IShareManager $shareManager
* @param IUserSession $userSession
* @param string $principalPrefix
*/
public function __construct(IUserManager $userManager,
IGroupManager $groupManager,
IShareManager $shareManager,
IUserSession $userSession,
$principalPrefix = 'principals/users/') {
$this->userManager = $userManager;
$this->groupManager = $groupManager;
$this->shareManager = $shareManager;
$this->userSession = $userSession;
$this->principalPrefix = trim($principalPrefix, '/');
$this->hasGroups = ($principalPrefix === 'principals/users/');
}
@ -106,7 +120,7 @@ class Principal implements BackendInterface {
if ($prefix === $this->principalPrefix) {
$user = $this->userManager->get($name);
if (!is_null($user)) {
if ($user !== null) {
return $this->userToPrincipal($user);
}
}
@ -182,6 +196,74 @@ class Principal implements BackendInterface {
return 0;
}
/**
* Search user principals
*
* @param array $searchProperties
* @param string $test
* @return array
*/
protected function searchUserPrincipals(array $searchProperties, $test = 'allof') {
$results = [];
// If sharing is disabled, return the empty array
if (!$this->shareManager->shareApiEnabled()) {
return [];
}
// If sharing is restricted to group members only,
// return only members that have groups in common
$restrictGroups = false;
if ($this->shareManager->shareWithGroupMembersOnly()) {
$user = $this->userSession->getUser();
if (!$user) {
return [];
}
$restrictGroups = $this->groupManager->getUserGroupIds($user);
}
foreach ($searchProperties as $prop => $value) {
switch ($prop) {
case '{http://sabredav.org/ns}email-address':
$users = $this->userManager->getByEmail($value);
$results[] = array_reduce($users, function(array $carry, IUser $user) use ($restrictGroups) {
// is sharing restricted to groups only?
if ($restrictGroups !== false) {
$userGroups = $this->groupManager->getUserGroupIds($user);
if (count(array_intersect($userGroups, $restrictGroups)) === 0) {
return $carry;
}
}
$carry[] = $this->principalPrefix . '/' . $user->getUID();
return $carry;
}, []);
break;
default:
$results[] = [];
break;
}
}
// results is an array of arrays, so this is not the first search result
// but the results of the first searchProperty
if (count($results) === 1) {
return $results[0];
}
switch ($test) {
case 'anyof':
return array_unique(array_merge(...$results));
case 'allof':
default:
return array_intersect(...$results);
}
}
/**
* @param string $prefixPath
* @param array $searchProperties
@ -189,7 +271,17 @@ class Principal implements BackendInterface {
* @return array
*/
function searchPrincipals($prefixPath, array $searchProperties, $test = 'allof') {
return [];
if (count($searchProperties) === 0) {
return [];
}
switch ($prefixPath) {
case 'principals/users':
return $this->searchUserPrincipals($searchProperties, $test);
default:
return [];
}
}
/**
@ -198,15 +290,43 @@ class Principal implements BackendInterface {
* @return string
*/
function findByUri($uri, $principalPrefix) {
if (substr($uri, 0, 7) === 'mailto:') {
$email = substr($uri, 7);
$users = $this->userManager->getByEmail($email);
if (count($users) === 1) {
return $this->principalPrefix . '/' . $users[0]->getUID();
// If sharing is disabled, return null as in user not found
if (!$this->shareManager->shareApiEnabled()) {
return null;
}
// If sharing is restricted to group members only,
// return only members that have groups in common
$restrictGroups = false;
if ($this->shareManager->shareWithGroupMembersOnly()) {
$user = $this->userSession->getUser();
if (!$user) {
return null;
}
$restrictGroups = $this->groupManager->getUserGroupIds($user);
}
if (strpos($uri, 'mailto:') === 0) {
if ($principalPrefix === 'principals/users') {
$users = $this->userManager->getByEmail(substr($uri, 7));
if (count($users) !== 1) {
return null;
}
$user = $users[0];
if ($restrictGroups !== false) {
$userGroups = $this->groupManager->getUserGroupIds($user);
if (count(array_intersect($userGroups, $restrictGroups)) === 0) {
return null;
}
}
return $this->principalPrefix . '/' . $user->getUID();
}
}
return '';
return null;
}
/**

View File

@ -32,7 +32,7 @@ use OCA\DAV\CardDAV\CardDavBackend;
use OCA\DAV\Connector\Sabre\Principal;
use OCA\DAV\DAV\GroupPrincipalBackend;
use OCA\DAV\DAV\SystemPrincipalBackend;
use Sabre\CalDAV\Principal\Collection;
use OCA\DAV\CalDAV\Principal\Collection;
use Sabre\DAV\SimpleCollection;
class RootCollection extends SimpleCollection {
@ -43,11 +43,14 @@ class RootCollection extends SimpleCollection {
$logger = \OC::$server->getLogger();
$userManager = \OC::$server->getUserManager();
$groupManager = \OC::$server->getGroupManager();
$shareManager = \OC::$server->getShareManager();
$db = \OC::$server->getDatabaseConnection();
$dispatcher = \OC::$server->getEventDispatcher();
$userPrincipalBackend = new Principal(
$userManager,
$groupManager
$groupManager,
$shareManager,
\OC::$server->getUserSession()
);
$groupPrincipalBackend = new GroupPrincipalBackend($groupManager);
// as soon as debug mode is enabled we allow listing of principals

View File

@ -29,6 +29,9 @@ namespace OCA\DAV\Tests\unit\Connector\Sabre;
use OC\User\User;
use OCP\IGroup;
use OCP\IGroupManager;
use OCP\IUser;
use OCP\IUserSession;
use OCP\Share\IManager;
use \Sabre\DAV\PropPatch;
use OCP\IUserManager;
use Test\TestCase;
@ -40,14 +43,22 @@ class PrincipalTest extends TestCase {
private $connector;
/** @var IGroupManager | \PHPUnit_Framework_MockObject_MockObject */
private $groupManager;
/** @var IManager | \PHPUnit_Framework_MockObject_MockObject */
private $shareManager;
/** @var IUserSession | \PHPUnit_Framework_MockObject_MockObject */
private $userSession;
public function setUp() {
$this->userManager = $this->createMock(IUserManager::class);
$this->groupManager = $this->createMock(IGroupManager::class);
$this->shareManager = $this->createMock(IManager::class);
$this->userSession = $this->createMock(IUserSession::class);
$this->connector = new \OCA\DAV\Connector\Sabre\Principal(
$this->userManager,
$this->groupManager);
$this->groupManager,
$this->shareManager,
$this->userSession);
parent::setUp();
}
@ -255,21 +266,172 @@ class PrincipalTest extends TestCase {
$this->assertSame(0, $this->connector->updatePrincipal('foo', new PropPatch(array())));
}
public function testSearchPrincipals() {
public function testSearchPrincipalsWithEmptySearchProperties() {
$this->assertSame([], $this->connector->searchPrincipals('principals/users', []));
}
public function testFindByUri() {
$fooUser = $this->createMock(User::class);
$fooUser
->expects($this->exactly(1))
->method('getUID')
->will($this->returnValue('foo'));
public function testSearchPrincipalsWithWrongPrefixPath() {
$this->assertSame([], $this->connector->searchPrincipals('principals/groups',
['{http://sabredav.org/ns}email-address' => 'foo']));
}
$this->userManager->expects($this->once())->method('getByEmail')->willReturn([
$fooUser
]);
$ret = $this->connector->findByUri('mailto:foo@bar.net', 'principals/users');
$this->assertSame('principals/users/foo', $ret);
/**
* @dataProvider searchPrincipalsDataProvider
*/
public function testSearchPrincipals($sharingEnabled, $groupsOnly, $result) {
$this->shareManager->expects($this->once())
->method('shareAPIEnabled')
->will($this->returnValue($sharingEnabled));
if ($sharingEnabled) {
$this->shareManager->expects($this->once())
->method('shareWithGroupMembersOnly')
->will($this->returnValue($groupsOnly));
if ($groupsOnly) {
$user = $this->createMock(IUser::class);
$this->userSession->expects($this->once())
->method('getUser')
->will($this->returnValue($user));
$this->groupManager->expects($this->at(0))
->method('getUserGroupIds')
->with($user)
->will($this->returnValue(['group1', 'group2']));
}
} else {
$this->shareManager->expects($this->never())
->method('shareWithGroupMembersOnly');
$this->groupManager->expects($this->never())
->method($this->anything());
}
$user2 = $this->createMock(IUser::class);
$user2->method('getUID')->will($this->returnValue('user2'));
$user3 = $this->createMock(IUser::class);
$user3->method('getUID')->will($this->returnValue('user3'));
if ($sharingEnabled) {
$this->userManager->expects($this->at(0))
->method('getByEmail')
->with('user')
->will($this->returnValue([$user2, $user3]));
}
if ($sharingEnabled && $groupsOnly) {
$this->groupManager->expects($this->at(1))
->method('getUserGroupIds')
->with($user2)
->will($this->returnValue(['group1', 'group3']));
$this->groupManager->expects($this->at(2))
->method('getUserGroupIds')
->with($user3)
->will($this->returnValue(['group3', 'group4']));
}
$this->assertEquals($result, $this->connector->searchPrincipals('principals/users',
['{http://sabredav.org/ns}email-address' => 'user']));
}
public function searchPrincipalsDataProvider() {
return [
[true, false, ['principals/users/user2', 'principals/users/user3']],
[true, true, ['principals/users/user2']],
[false, false, []],
];
}
public function testFindByUriSharingApiDisabled() {
$this->shareManager->expects($this->once())
->method('shareApiEnabled')
->will($this->returnValue(false));
$this->assertEquals(null, $this->connector->findByUri('mailto:user@foo.com', 'principals/users'));
}
/**
* @dataProvider findByUriWithGroupRestrictionDataProvider
*/
public function testFindByUriWithGroupRestriction($uri, $email, $expects) {
$this->shareManager->expects($this->once())
->method('shareApiEnabled')
->will($this->returnValue(true));
$this->shareManager->expects($this->once())
->method('shareWithGroupMembersOnly')
->will($this->returnValue(true));
$user = $this->createMock(IUser::class);
$this->userSession->expects($this->once())
->method('getUser')
->will($this->returnValue($user));
$this->groupManager->expects($this->at(0))
->method('getUserGroupIds')
->with($user)
->will($this->returnValue(['group1', 'group2']));
$user2 = $this->createMock(IUser::class);
$user2->method('getUID')->will($this->returnValue('user2'));
$user3 = $this->createMock(IUser::class);
$user3->method('getUID')->will($this->returnValue('user3'));
$this->userManager->expects($this->once())
->method('getByEmail')
->with($email)
->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
if ($email === 'user2@foo.bar') {
$this->groupManager->expects($this->at(1))
->method('getUserGroupIds')
->with($user2)
->will($this->returnValue(['group1', 'group3']));
} else {
$this->groupManager->expects($this->at(1))
->method('getUserGroupIds')
->with($user3)
->will($this->returnValue(['group3', 'group3']));
}
$this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users'));
}
public function findByUriWithGroupRestrictionDataProvider() {
return [
['mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'],
['mailto:user3@foo.bar', 'user3@foo.bar', null],
];
}
/**
* @dataProvider findByUriWithoutGroupRestrictionDataProvider
*/
public function testFindByUriWithoutGroupRestriction($uri, $email, $expects) {
$this->shareManager->expects($this->once())
->method('shareApiEnabled')
->will($this->returnValue(true));
$this->shareManager->expects($this->once())
->method('shareWithGroupMembersOnly')
->will($this->returnValue(false));
$user2 = $this->createMock(IUser::class);
$user2->method('getUID')->will($this->returnValue('user2'));
$user3 = $this->createMock(IUser::class);
$user3->method('getUID')->will($this->returnValue('user3'));
$this->userManager->expects($this->once())
->method('getByEmail')
->with($email)
->will($this->returnValue([$email === 'user2@foo.bar' ? $user2 : $user3]));
$this->assertEquals($expects, $this->connector->findByUri($uri, 'principals/users'));
}
public function findByUriWithoutGroupRestrictionDataProvider() {
return [
['mailto:user2@foo.bar', 'user2@foo.bar', 'principals/users/user2'],
['mailto:user3@foo.bar', 'user3@foo.bar', 'principals/users/user3'],
];
}
}