Commit Graph

174 Commits

Author SHA1 Message Date
Roeland Jago Douma f57a3aa81b
[DAV][CalDAV] Fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:16 +02:00
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Joas Schilling 984933e586
Only use readable chars in Share Tokens
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-18 15:44:34 +02:00
Joas Schilling 90fa27694a
Use PNG version of the icons for shipped activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 13:48:51 +02:00
Morris Jobke ca3c69c8ae Merge pull request #5298 from nextcloud/bugfix/4885/calendar_shares_url_special_char_issue
urldecode group principals in Cal- and CardDAV backend
2017-06-14 23:10:40 -05:00
Morris Jobke ac565cecad Merge pull request #5300 from nextcloud/bugfix/noid/fix_proppatch_requests_to_groupshares
allow users to send PropPatch request when calendar is group-shared with them
2017-06-14 23:00:39 -05:00
Georg Ehrke 35781ae45c
urldecode group principals in Cal- and CardDAV backend
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-12 21:01:30 +02:00
Georg Ehrke 0f1d47cdf3
allow users to send PropPatch request when calendar is group-shared with them
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 09:21:56 +02:00
Georg Ehrke 9563c25c69
allow PropPatch requests to contact_birthdays
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 08:00:52 +02:00
Georg Ehrke 4b5379309e
fix replacing of 4MB Unicode Chars in cal props table
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-05-21 13:26:46 +02:00
Georg Ehrke 255442f281
fix PROPPATCH requests to read-only shared calendars
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-05-08 12:09:15 +02:00
Georg Ehrke 0f8a9514de
rename calendarobjects_properties -> calendarobjects_props
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-28 20:21:46 +02:00
Georg Ehrke 8d00458b56
unit test custom calendar search
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-28 20:21:36 +02:00
Georg Ehrke c76633bb8a
require at least one param or prop filter element
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-25 18:20:32 +02:00
Georg Ehrke ac3cc5211b
updateProperties: catch exception when reading calendar data
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-25 16:42:41 +02:00
Georg Ehrke dd424fcb7b
unit test CalDAV Search Plugin
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-25 16:39:17 +02:00
Georg Ehrke 40eec1e63c
add repairstep with backgroundjob to index calendar data
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-25 11:55:31 +02:00
Georg Ehrke e760cda96f
remove unused CalendarSearchValidator
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-24 22:38:21 +02:00
Georg Ehrke 57b543a918
add Nextcloud Search extension to CalDAV
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-24 22:38:20 +02:00
Joas Schilling 3d671cc536 Merge pull request #4443 from nextcloud/cleanup-unused-imports
Remove unused use statements
2017-04-24 11:47:37 +02:00
Georg Ehrke c89e057d27
add owner-displayname property to calendars and addressbooks
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-23 11:26:49 +02:00
Morris Jobke c54a59d51e
Remove unused use statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 19:23:31 -05:00
Joas Schilling 088f4422f9
Fix remaining "PHP Inspection" warnings
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 10:44:11 +02:00
Joas Schilling 62ef59616d
Add public access modifier to all methods
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 10:44:11 +02:00
Joas Schilling c2d1e6e7ff
Restrict share handling to the owner only
Otherwise group members can remove the share for the complete group,
remove edit permissions and even single user shares for other users.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 10:44:11 +02:00
Georg Ehrke c99bdc9eb4
don't remove owner property for public calendars
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-09 21:20:59 +02:00
Lukas Reschke 63288ebc50
Don't list on public calendar endpoints
There is no need to allow listing here.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-05 22:43:05 +02:00
Morris Jobke 51bcb0bbe1 Merge pull request #3620 from nextcloud/feature/1463/editable_color_name_for_shared_calendars
allow sharees to edit certain calendar properties for themselves
2017-04-03 13:12:56 -05:00
Joas Schilling 43143e170e
Make sure transparency is an integer when saving a calendar
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-30 17:58:33 +02:00
Georg Ehrke b887adf386
allow sharees to edit certain calendar properties for themselves
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-03-27 17:21:57 +02:00
Georg Ehrke 896dd76ab5
fix bug with shared_by for own calendars if shared
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-03-25 23:07:09 +01:00
Joas Schilling 2eb27c636d
Make sure shares use read-write when available
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-02 12:28:57 +01:00
Joas Schilling 6dbdca0721
Don't waste energy unless necessary
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-02 12:28:56 +01:00
Georg Ehrke 97d3020027
fix shared-as-busy events for owner
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-01-26 12:06:07 +01:00
Joas Schilling a70a081fff
Make sure the used event type and the setting/filter are the same
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-10 12:28:55 +01:00
Thomas Müller d5d726fc24
Fix generation of birthday, deathdate and anniversary in case where no year is set - which is allowed as per https://tools.ietf.org/html/rfc6350#section-6.2.5 (#26756)
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-05 09:00:33 +01:00
Roeland Jago Douma db3c918adb
Fix legacy caldav endpoints
* CaldavBackend is now endpoint aware (use old style principals on old
endpoint and new onces on new).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-02 15:02:18 +01:00
Lukas Reschke 3c34b8577c
Add test execution against legacy DAV backend
Since the tests to quite hugely rely on sync tokens being present I also included those in the legacy backend.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-02 15:02:18 +01:00
Joas Schilling 89ba394c89
Fix the Todos filter
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-12 15:26:28 +01:00
Joas Schilling 474720ff1c
Overwrite the schedule target calendar with the personal one and create it if missing
Otherwise this leads to problems like events being added to the birthday calendar,
if that one is the first calendar which was created for the user. See:
https://github.com/nextcloud/server/pull/2274

Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-09 09:34:25 +01:00
Joas Schilling b2f46bfa04
Adjust all implementations in the server repo
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-01 11:35:23 +01:00
Joas Schilling b4d76b16b4
Add tests for the base provider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-30 12:04:19 +01:00
Joas Schilling ad10c5c4b4
Deduplicate the provider code
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-30 11:39:38 +01:00
Joas Schilling 4c0263b78a
Move event and todo parsing to new API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 16:27:12 +01:00
Joas Schilling 8d87e39146
Deduplicate icon assignment
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 16:08:58 +01:00
Joas Schilling ddc82b4ca2
Move calendar activity parsing to new API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 15:47:43 +01:00
Joas Schilling a16fd3991a
Move CalDAV activity settings to new API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 15:06:54 +01:00
Joas Schilling 253a75e5ae
Move CalDAV activity filters to new API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 15:04:08 +01:00
Lukas Reschke d0c3c5cee3 Merge pull request #2225 from nextcloud/fix_caldav_proppatch_requests
fix PropPatch requests on calendars
2016-11-21 22:54:17 +01:00
Georg Ehrke 3a8c4230be
fix PropPatch requests on calendars
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2016-11-21 22:10:51 +01:00
Georg Ehrke 44f55fe415
BirthdayCalendar: fix issue with birthyear to high when birthday on Dec 31st
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2016-11-17 15:28:15 +01:00
Joas Schilling 6047493b6d
Fix integration tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:46 +01:00
Roeland Jago Douma 1e6175dfcb
Fix CalendarTest
* Made sure delete from self works again (and is tested)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 15:40:59 +01:00
Roeland Jago Douma c016d947e2
Fix plugin
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 15:10:38 +01:00
Roeland Jago Douma 6d1c0be47d
Minor fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 15:10:15 +01:00
Thomas Müller c778b1bade
Update sabre dav to 3.2 (#26115)
* Update sabre/dav to 3.2.0

* Adjust code to work with sabre/dav 3.2.0 and it's dependencies

* Adding own CalDAV plugin to fix calendar home property

* Test if there is a user logged in when listing files home

* Update sabre version used by integration tests

* Disable unauthenticated DAV access

This is needed to make Sabre 3.2 behave like we did before.
Eventually we should integrate better with the ACL plugin which itself
should implement an auth failure when appropriate.

=====

* Fixed so cherry-pick was succesfull

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 13:35:10 +01:00
Joas Schilling 52dd27892b
Use the event dispatcher
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:59 +01:00
Joas Schilling d3e8463de2
Use a different type for events and todos
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:59 +01:00
Joas Schilling 43b46bcc6a
Activities for events and todos
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling 07f6747305
Move the methods into a new class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling 776622f3de
Add activities for shares
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling 35ce4c772c
Fix unshare actions for author != owner
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling 9a7c522cc6
Add activity for unshare from group
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling 83d51afab1
Unshare user activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:57 +01:00
Joas Schilling 90578327d5
Start working on calendar activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:57 +01:00
Thomas Müller 5cd90d4116
[9.2] Sync deathdate and anniversary to birthday calendar (#25655)
* Sync deathdate and anniversary to birthday calendar (which should be renamed maybe)

* Sync deathdate and anniversary to birthday calendar (which should be renamed maybe)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-14 10:12:43 +02:00
Joas Schilling a4f82f13f3
Translate the personal calendar
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-06 14:19:58 +02:00
Morris Jobke ef0760f84f Merge pull request #1545 from nextcloud/delete-calendars-with-their-users
Delete calendars with their users
2016-09-28 21:42:55 +02:00
Thomas Citharel 6c8bcb38f1
Rename deleteAllSharesForUser() to deleteAllSharesByUser()
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2016-09-28 15:32:03 +02:00
Lukas Reschke 06e969cb74 Merge pull request #1197 from nextcloud/oc-public-sharing
CalDAV calendar public sharing
2016-09-27 18:51:40 +02:00
Thomas Citharel da1543eef7
fix deletion of calendars
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:33:56 +02:00
Thomas Citharel 5215833fe4
delete shares to an user
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:30:19 +02:00
Lukas Reschke 4f4286932f Merge pull request #1457 from nextcloud/upstream-fix-birthday-calendar-component
[Upstream] fix birthday calendar component
2016-09-26 13:21:08 +02:00
Thomas Citharel dcc23114e9
fix annotations & copyright headers 2016-09-26 11:55:43 +02:00
Thomas Citharel 17d5dfdeb1
add in same request 2016-09-26 11:55:43 +02:00
Thomas Citharel 8360222554
fix public calendars 2016-09-26 11:55:42 +02:00
Thomas Müller d884370844
Use true random string as uri for public calendars - as a result we can no longer return the pre-publish-url 2016-09-26 11:55:42 +02:00
Lukas Reschke 4659e3ab59
Add new constructor args 2016-09-26 11:55:42 +02:00
Thomas Citharel 3e9a346223
add calendarserver-sharing to the list of advertised features 2016-09-26 11:55:41 +02:00
Thomas Citharel ad0eeaaf1c
use AllowedSharingModes for can-be-published & can-be-shared 2016-09-26 11:55:41 +02:00
Thomas Citharel 6378dbca7e
fix can-be-published 2016-09-26 11:55:41 +02:00
Thomas Citharel f16ea48e96
add can-be-published property 2016-09-26 11:55:40 +02:00
Thomas Citharel a4fe596a21
add space between calendarname and owner name 2016-09-26 11:55:40 +02:00
Thomas Citharel 8433c3ca31
fix getChild() 2016-09-26 11:55:40 +02:00
Thomas Citharel 691b3ab448
Add publicuri to oc_dav_shares table and start working with it 2016-09-26 11:55:39 +02:00
Thomas Citharel dd248caa09
fix some bracket positions 2016-09-26 11:55:39 +02:00
Thomas Citharel 1899116509
move getPublicCalendar inside the caldav backend 2016-09-26 11:55:39 +02:00
Thomas Citharel 762726d988
fix indent once and for all 2016-09-26 11:55:39 +02:00
Thomas Citharel 3921385ed3
fix things (indentation, tests, comments, backend custom implementation 2016-09-26 11:55:39 +02:00
Thomas Müller d0ec6b9c15
Disable OPTIONS handling - done by sabre 2016-09-26 11:55:38 +02:00
Thomas Citharel aadb56dfcc
Fix wrong way to get publish status 2016-09-26 11:55:37 +02:00
Thomas Citharel 2df69ec7f4
correct get published status and minor fixes 2016-09-26 11:55:37 +02:00
Thomas Citharel aca305332a
Fix DB call for MySQL databases 2016-09-26 11:55:37 +02:00
Thomas Citharel 994001c480
Dirty hack to disable dav plugins on public calendar urls 2016-09-26 11:55:36 +02:00
Thomas Müller 00dc157b19
Fix requests for browser plugin as well as for the public calendar root folder 2016-09-26 11:55:36 +02:00
Thomas Müller e7085aab38
Allow not-authenticated access to specific urls 2016-09-26 11:55:36 +02:00
Thomas Müller 90ab6e4fd9
Add new root collection public-calendars which holds all public calendars 2016-09-26 11:55:36 +02:00
Thomas Citharel 8da2100e7d
Start work on returning CalDAV published calendars 2016-09-26 11:55:35 +02:00
Thomas Citharel bd0aae8636
No need to call database twice 2016-09-26 11:55:35 +02:00
Thomas Citharel 7e5a82b968
Use urlgenerator to generate an absolute url
And pass Config the correct way too
2016-09-26 11:55:35 +02:00