* @author Joas Schilling * @author Lukas Reschke * @author Roeland Jago Douma * @author Thomas Citharel * @author Thomas Müller * * @license AGPL-3.0 * * This code is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see * */ namespace OCA\DAV\CalDAV; use OCA\DAV\CalDAV\Proxy\ProxyMapper; use OCA\DAV\DAV\Sharing\IShareable; use OCA\DAV\Exception\UnsupportedLimitOnInitialSyncException; use OCP\IConfig; use OCP\IL10N; use Sabre\CalDAV\Backend\BackendInterface; use Sabre\DAV\Exception\Forbidden; use Sabre\DAV\Exception\NotFound; use Sabre\DAV\PropPatch; /** * Class Calendar * * @package OCA\DAV\CalDAV * @property BackendInterface|CalDavBackend $caldavBackend */ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable { /** @var IConfig */ private $config; /** @var ProxyMapper */ private $proxyMapper; public function __construct(BackendInterface $caldavBackend, $calendarInfo, IL10N $l10n, IConfig $config) { parent::__construct($caldavBackend, $calendarInfo); if ($this->getName() === BirthdayService::BIRTHDAY_CALENDAR_URI) { $this->calendarInfo['{DAV:}displayname'] = $l10n->t('Contact birthdays'); } if ($this->getName() === CalDavBackend::PERSONAL_CALENDAR_URI && $this->calendarInfo['{DAV:}displayname'] === CalDavBackend::PERSONAL_CALENDAR_NAME) { $this->calendarInfo['{DAV:}displayname'] = $l10n->t('Personal'); } $this->config = $config; // TODO: proper DI $this->proxyMapper = \OC::$server->query(ProxyMapper::class); } /** * Updates the list of shares. * * The first array is a list of people that are to be added to the * resource. * * Every element in the add array has the following properties: * * href - A url. Usually a mailto: address * * commonName - Usually a first and last name, or false * * summary - A description of the share, can also be false * * readOnly - A boolean value * * Every element in the remove array is just the address string. * * @param array $add * @param array $remove * @return void * @throws Forbidden */ public function updateShares(array $add, array $remove) { if ($this->isShared()) { throw new Forbidden(); } $this->caldavBackend->updateShares($this, $add, $remove); } /** * Returns the list of people whom this resource is shared with. * * Every element in this array should have the following properties: * * href - Often a mailto: address * * commonName - Optional, for example a first + last name * * status - See the Sabre\CalDAV\SharingPlugin::STATUS_ constants. * * readOnly - boolean * * summary - Optional, a description for the share * * @return array */ public function getShares() { if ($this->isShared()) { return []; } return $this->caldavBackend->getShares($this->getResourceId()); } /** * @return int */ public function getResourceId() { return $this->calendarInfo['id']; } /** * @return string */ public function getPrincipalURI() { return $this->calendarInfo['principaluri']; } public function getACL() { $acl = [ [ 'privilege' => '{DAV:}read', 'principal' => $this->getOwner(), 'protected' => true, ]]; if ($this->getName() !== BirthdayService::BIRTHDAY_CALENDAR_URI) { $acl[] = [ 'privilege' => '{DAV:}write', 'principal' => $this->getOwner(), 'protected' => true, ]; } else { $acl[] = [ 'privilege' => '{DAV:}write-properties', 'principal' => $this->getOwner(), 'protected' => true, ]; } if (!$this->isShared()) { return $this->addProxies($acl); } if ($this->getOwner() !== parent::getOwner()) { $acl[] = [ 'privilege' => '{DAV:}read', 'principal' => parent::getOwner(), 'protected' => true, ]; if ($this->canWrite()) { $acl[] = [ 'privilege' => '{DAV:}write', 'principal' => parent::getOwner(), 'protected' => true, ]; } else { $acl[] = [ 'privilege' => '{DAV:}write-properties', 'principal' => parent::getOwner(), 'protected' => true, ]; } } if ($this->isPublic()) { $acl[] = [ 'privilege' => '{DAV:}read', 'principal' => 'principals/system/public', 'protected' => true, ]; } $acl = $this->caldavBackend->applyShareAcl($this->getResourceId(), $acl); $allowedPrincipals = [$this->getOwner(), parent::getOwner(), 'principals/system/public']; $acl = array_filter($acl, function($rule) use ($allowedPrincipals) { return \in_array($rule['principal'], $allowedPrincipals, true); }); $acl = $this->addProxies($acl); return $acl; } public function addProxies(array $acl): array { list($prefix, $name) = \Sabre\Uri\split($this->getOwner()); $proxies = $this->proxyMapper->getProxiesOf($name); foreach ($proxies as $proxy) { if ($proxy->getPermissions() & ProxyMapper::PERMISSION_READ) { $acl[] = [ 'privilege' => '{DAV:}read', 'principal' => 'principals/users/' . $proxy->getProxyId(), 'protected' => true, ]; } if ($proxy->getPermissions() & ProxyMapper::PERMISSION_WRITE) { $acl[] = [ 'privilege' => '{DAV:}write', 'principal' => 'principals/users/' . $proxy->getProxyId(), 'protected' => true, ]; } } return $acl; } public function getChildACL() { return $this->getACL(); } public function getOwner() { if (isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal'])) { return $this->calendarInfo['{http://owncloud.org/ns}owner-principal']; } return parent::getOwner(); } public function delete() { if (isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal']) && $this->calendarInfo['{http://owncloud.org/ns}owner-principal'] !== $this->calendarInfo['principaluri']) { $principal = 'principal:' . parent::getOwner(); $shares = $this->caldavBackend->getShares($this->getResourceId()); $shares = array_filter($shares, function($share) use ($principal){ return $share['href'] === $principal; }); if (empty($shares)) { throw new Forbidden(); } $this->caldavBackend->updateShares($this, [], [ $principal ]); return; } // Remember when a user deleted their birthday calendar // in order to not regenerate it on the next contacts change if ($this->getName() === BirthdayService::BIRTHDAY_CALENDAR_URI) { $principalURI = $this->getPrincipalURI(); $userId = substr($principalURI, 17); $this->config->setUserValue($userId, 'dav', 'generateBirthdayCalendar', 'no'); } parent::delete(); } public function propPatch(PropPatch $propPatch) { // parent::propPatch will only update calendars table // if calendar is shared, changes have to be made to the properties table if (!$this->isShared()) { parent::propPatch($propPatch); } } public function getChild($name) { $obj = $this->caldavBackend->getCalendarObject($this->calendarInfo['id'], $name); if (!$obj) { throw new NotFound('Calendar object not found'); } if ($obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE && $this->isShared()) { throw new NotFound('Calendar object not found'); } $obj['acl'] = $this->getChildACL(); return new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj); } public function getChildren() { $objs = $this->caldavBackend->getCalendarObjects($this->calendarInfo['id']); $children = []; foreach ($objs as $obj) { if ($obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE && $this->isShared()) { continue; } $obj['acl'] = $this->getChildACL(); $children[] = new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj); } return $children; } public function getMultipleChildren(array $paths) { $objs = $this->caldavBackend->getMultipleCalendarObjects($this->calendarInfo['id'], $paths); $children = []; foreach ($objs as $obj) { if ($obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE && $this->isShared()) { continue; } $obj['acl'] = $this->getChildACL(); $children[] = new CalendarObject($this->caldavBackend, $this->calendarInfo, $obj); } return $children; } public function childExists($name) { $obj = $this->caldavBackend->getCalendarObject($this->calendarInfo['id'], $name); if (!$obj) { return false; } if ($obj['classification'] === CalDavBackend::CLASSIFICATION_PRIVATE && $this->isShared()) { return false; } return true; } public function calendarQuery(array $filters) { $uris = $this->caldavBackend->calendarQuery($this->calendarInfo['id'], $filters); if ($this->isShared()) { return array_filter($uris, function ($uri) { return $this->childExists($uri); }); } return $uris; } /** * @param boolean $value * @return string|null */ public function setPublishStatus($value) { $publicUri = $this->caldavBackend->setPublishStatus($value, $this); $this->calendarInfo['publicuri'] = $publicUri; return $publicUri; } /** * @return mixed $value */ public function getPublishStatus() { return $this->caldavBackend->getPublishStatus($this); } private function canWrite() { if (isset($this->calendarInfo['{http://owncloud.org/ns}read-only'])) { return !$this->calendarInfo['{http://owncloud.org/ns}read-only']; } return true; } private function isPublic() { return isset($this->calendarInfo['{http://owncloud.org/ns}public']); } protected function isShared() { if (!isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal'])) { return false; } return $this->calendarInfo['{http://owncloud.org/ns}owner-principal'] !== $this->calendarInfo['principaluri']; } public function isSubscription() { return isset($this->calendarInfo['{http://calendarserver.org/ns/}source']); } /** * @inheritDoc */ public function getChanges($syncToken, $syncLevel, $limit = null) { if (!$syncToken && $limit) { throw new UnsupportedLimitOnInitialSyncException(); } return parent::getChanges($syncToken, $syncLevel, $limit); } }