* Calendar/Resources/CalDAV: fix not reported priviledges for resources causing resource calendars to appear readonly in CalDAV clients

This commit is contained in:
ralf 2024-07-12 08:16:33 +02:00
parent 0d91361c47
commit 45e52153f2
3 changed files with 20 additions and 11 deletions

View File

@ -1237,15 +1237,16 @@ class addressbook_groupdav extends Api\CalDAV\Handler
*
* Reimplemented to account for static LDAP ACL and accounts (owner=0)
*
* @return array user-id => EGW_ACL_ADD|EGW_ACL_READ|EGW_ACL_EDIT|EGW_ACL_DELETE pairs
* @param ?string $user the user whose grants for the current user are requested, or null for all
* @return array user-id => Api\Acl::ADD|Api\Acl::READ|Api\Acl::EDIT|Api\Acl::DELETE pairs
*/
public function get_grants()
public function get_grants(string $user=null)
{
$grants = $this->bo->get_grants($this->bo->user);
// remove add and delete grants for accounts (for admins too)
// as accounts can not be created as contacts, they eg. need further data
// and admins might not recognice they delete an account incl. its data
// as accounts can not be created as contacts, they e.g. need further data
// and admins might not recognize they delete an account incl. its data
if (isset($grants[0])) $grants[0] &= ~(EGW_ACL_ADD|EGW_ACL_DELETE);
return $grants;

View File

@ -531,17 +531,18 @@ abstract class Handler
/**
* Get grants of current user and app
*
* @param ?string $user the user whose grants for the current user are requested, or null for all
* @return array user-id => Api\Acl::ADD|Api\Acl::READ|Api\Acl::EDIT|Api\Acl::DELETE pairs
*/
public function get_grants()
public function get_grants(string $user=null)
{
return $this->acl->get_grants($this->app, $this->app != 'addressbook');
}
/**
* Return priviledges for current user, default is read and read-current-user-privilege-set
* Return privileges for current user, default is read and read-current-user-privilege-set
*
* Priviledges are for the collection, not the resources / entries!
* Privileges are for the collection, not the resources / entries!
*
* @param string $path path of collection
* @param int $user =null owner of the collection, default current user
@ -551,7 +552,7 @@ abstract class Handler
{
unset($path); // not used, but required by function signature
$grants = $this->get_grants();
$grants = $this->get_grants($user);
$priviledes = array('read-current-user-privilege-set' => 'read-current-user-privilege-set');
if (is_null($user) || $grants[$user] & Api\Acl::READ)

View File

@ -121,13 +121,20 @@ class calendar_groupdav extends Api\CalDAV\Handler
/**
* Get grants of current user and app
*
* Overwritten to return rights modified for certain user-agents (eg. Outlook CalDAV Synchroniser) in the consturctor.
* Overwritten to request rights for non-users ($user is NOT numeric) via calendars resource API.
*
* @param ?string $user the user whose grants for the current user are requested, or null for all
* @return array user-id => Api\Acl::ADD|Api\Acl::READ|Api\Acl::EDIT|Api\Acl::DELETE pairs
*/
public function get_grants()
public function get_grants(string $user=null)
{
return $this->bo->grants;
// grants from all regular users
$grants = $this->bo->grants;
if (!(int)$user && ($info = $this->bo->resource_info($user)))
{
$grants[$user] = $info['rights'] ?? 0;
}
return $grants;
}
/**