fix(caldav): grant sharee Acls to the delegate

Signed-off-by: Hamza <hamzamahjoubi221@gmail.com>
2026-05-21 09:35:30 -04:00 · 2026-05-21 12:30:16 +02:00 · 2026-05-21 12:30:16 +02:00 · 1c0fff7049
commit 1c0fff7049
parent a118773895
2 changed files with 42 additions and 0 deletions
--- a/apps/dav/lib/CalDAV/Calendar.php
+++ b/apps/dav/lib/CalDAV/Calendar.php
@ -177,18 +177,38 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IRestorable, IShareable
 				'principal' => parent::getOwner(),
 				'protected' => true,
 			];
+			$acl[] = [
+				'privilege' => '{DAV:}read',
+				'principal' => parent::getOwner() . '/calendar-proxy-read',
+				'protected' => true,
+			];
+			$acl[] = [
+				'privilege' => '{DAV:}read',
+				'principal' => parent::getOwner() . '/calendar-proxy-write',
+				'protected' => true,
+			];
 			if ($this->canWrite()) {
 				$acl[] = [
 					'privilege' => '{DAV:}write',
 					'principal' => parent::getOwner(),
 					'protected' => true,
 				];
+				$acl[] = [
+					'privilege' => '{DAV:}write',
+					'principal' => parent::getOwner() . '/calendar-proxy-write',
+					'protected' => true,
+				];
 			} else {
 				$acl[] = [
 					'privilege' => '{DAV:}write-properties',
 					'principal' => parent::getOwner(),
 					'protected' => true,
 				];
+				$acl[] = [
+					'privilege' => '{DAV:}write-properties',
+					'principal' => parent::getOwner() . '/calendar-proxy-write',
+					'protected' => true,
+				];
 			}
 		}
 		if ($this->isPublic()) {
@ -205,6 +225,8 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IRestorable, IShareable
 			$this->getOwner() . '/calendar-proxy-read',
 			$this->getOwner() . '/calendar-proxy-write',
 			parent::getOwner(),
+			parent::getOwner() . '/calendar-proxy-read',
+			parent::getOwner() . '/calendar-proxy-write',
 			'principals/system/public',
 		];
 		/** @var list<array{privilege: string, principal: string, protected: bool}> $acl */
--- a/apps/dav/tests/unit/CalDAV/CalendarTest.php
+++ b/apps/dav/tests/unit/CalDAV/CalendarTest.php
@ -236,18 +236,38 @@ class CalendarTest extends TestCase {
 				'principal' => 'user2',
 				'protected' => true
 			];
+			$expectedAcl[] = [
+				'privilege' => '{DAV:}read',
+				'principal' => 'user2/calendar-proxy-read',
+				'protected' => true
+			];
+			$expectedAcl[] = [
+				'privilege' => '{DAV:}read',
+				'principal' => 'user2/calendar-proxy-write',
+				'protected' => true
+			];
 			if ($expectsWrite) {
 				$expectedAcl[] = [
 					'privilege' => '{DAV:}write',
 					'principal' => 'user2',
 					'protected' => true
 				];
+				$expectedAcl[] = [
+					'privilege' => '{DAV:}write',
+					'principal' => 'user2/calendar-proxy-write',
+					'protected' => true
+				];
 			} else {
 				$expectedAcl[] = [
 					'privilege' => '{DAV:}write-properties',
 					'principal' => 'user2',
 					'protected' => true
 				];
+				$expectedAcl[] = [
+					'privilege' => '{DAV:}write-properties',
+					'principal' => 'user2/calendar-proxy-write',
+					'protected' => true
+				];
 			}
 		}
 		$this->assertEquals($expectedAcl, $acl);