Extract cs:allowed-sharing-modes into it's own plugin

So that it's still there when we disable the PublishPlugin

And disable sharing calendars via link when sharik via link is disabled

This mod disallows sharing calendars via link when `shareapi_allow_links`
is disabled.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Signed-off-by: Carl Schwan <carlschwan@kde.org>
Signed-off-by: Pawel Boguslawski <pawel.boguslawski@ib.pl>

apps/dav/composer/composer/autoload_classmap.php

@@ -141,6 +141,7 @@ return array(
     'OCA\\DAV\\CalDAV\\TimeZoneFactory' => $baseDir . '/../lib/CalDAV/TimeZoneFactory.php',
     'OCA\\DAV\\CalDAV\\TimezoneService' => $baseDir . '/../lib/CalDAV/TimezoneService.php',
     'OCA\\DAV\\CalDAV\\TipBroker' => $baseDir . '/../lib/CalDAV/TipBroker.php',
+    'OCA\\DAV\\CalDAV\\SharingPlugin' => $baseDir . '/../lib/CalDAV/SharingPlugin.php',
     'OCA\\DAV\\CalDAV\\Trashbin\\DeletedCalendarObject' => $baseDir . '/../lib/CalDAV/Trashbin/DeletedCalendarObject.php',
     'OCA\\DAV\\CalDAV\\Trashbin\\DeletedCalendarObjectsCollection' => $baseDir . '/../lib/CalDAV/Trashbin/DeletedCalendarObjectsCollection.php',
     'OCA\\DAV\\CalDAV\\Trashbin\\Plugin' => $baseDir . '/../lib/CalDAV/Trashbin/Plugin.php',

apps/dav/composer/composer/autoload_static.php

@@ -156,6 +156,7 @@ class ComposerStaticInitDAV
         'OCA\\DAV\\CalDAV\\TimeZoneFactory' => __DIR__ . '/..' . '/../lib/CalDAV/TimeZoneFactory.php',
         'OCA\\DAV\\CalDAV\\TimezoneService' => __DIR__ . '/..' . '/../lib/CalDAV/TimezoneService.php',
         'OCA\\DAV\\CalDAV\\TipBroker' => __DIR__ . '/..' . '/../lib/CalDAV/TipBroker.php',
+        'OCA\\DAV\\CalDAV\\SharingPlugin' => __DIR__ . '/..' . '/../lib/CalDAV/SharingPlugin.php',
         'OCA\\DAV\\CalDAV\\Trashbin\\DeletedCalendarObject' => __DIR__ . '/..' . '/../lib/CalDAV/Trashbin/DeletedCalendarObject.php',
         'OCA\\DAV\\CalDAV\\Trashbin\\DeletedCalendarObjectsCollection' => __DIR__ . '/..' . '/../lib/CalDAV/Trashbin/DeletedCalendarObjectsCollection.php',
         'OCA\\DAV\\CalDAV\\Trashbin\\Plugin' => __DIR__ . '/..' . '/../lib/CalDAV/Trashbin/Plugin.php',

apps/dav/lib/CalDAV/InvitationResponse/InvitationResponseServer.php

@@ -12,6 +12,7 @@ use OCA\DAV\CalDAV\Auth\CustomPrincipalPlugin;
 use OCA\DAV\CalDAV\Auth\PublicPrincipalPlugin;
 use OCA\DAV\CalDAV\DefaultCalendarValidator;
 use OCA\DAV\CalDAV\Publishing\PublishPlugin;
+use OCA\DAV\CalDAV\SharingPlugin;
 use OCA\DAV\Connector\Sabre\AnonymousOptionsPlugin;
 use OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin;
 use OCA\DAV\Connector\Sabre\CachingTree;
@@ -24,6 +25,7 @@ use OCA\DAV\RootCollection;
 use OCA\Theming\ThemingDefaults;
 use OCP\App\IAppManager;
 use OCP\EventDispatcher\IEventDispatcher;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IURLGenerator;
 use OCP\Server;
@@ -31,8 +33,7 @@ use Psr\Log\LoggerInterface;
 use Sabre\VObject\ITip\Message;
 
 class InvitationResponseServer {
-	/** @var \OCA\DAV\Connector\Sabre\Server */
-	public $server;
+	public \OCA\DAV\Connector\Sabre\Server $server;
 
 	/**
 	 * InvitationResponseServer constructor.
@@ -87,6 +88,7 @@ class InvitationResponseServer {
 		$this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
 		$this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
 		//$this->server->addPlugin(new \OCA\DAV\DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest()));
+		$this->server->addPlugin(new SharingPlugin(Server::get(IAppConfig::class)));
 		$this->server->addPlugin(new PublishPlugin(
 			Server::get(IConfig::class),
 			Server::get(IURLGenerator::class)

apps/dav/lib/CalDAV/PublicCalendar.php

@@ -14,10 +14,9 @@ class PublicCalendar extends Calendar {
 	/**
 	 * @param string $name
 	 * @throws NotFound
-	 * @return PublicCalendarObject
 	 */
 	#[\Override]
-	public function getChild($name) {
+	public function getChild($name): PublicCalendarObject {
 		$obj = $this->caldavBackend->getCalendarObject($this->calendarInfo['id'], $name);
 
 		if (!$obj) {
@@ -35,7 +34,7 @@ class PublicCalendar extends Calendar {
 	 * @return PublicCalendarObject[]
 	 */
 	#[\Override]
-	public function getChildren() {
+	public function getChildren(): array {
 		$objs = $this->caldavBackend->getCalendarObjects($this->calendarInfo['id']);
 		$children = [];
 		foreach ($objs as $obj) {
@@ -53,7 +52,7 @@ class PublicCalendar extends Calendar {
 	 * @return PublicCalendarObject[]
 	 */
 	#[\Override]
-	public function getMultipleChildren(array $paths) {
+	public function getMultipleChildren(array $paths): array {
 		$objs = $this->caldavBackend->getMultipleCalendarObjects($this->calendarInfo['id'], $paths);
 		$children = [];
 		foreach ($objs as $obj) {
@@ -67,11 +66,10 @@ class PublicCalendar extends Calendar {
 	}
 
 	/**
-	 * public calendars are always shared
-	 * @return bool
+	 * Public calendars are always shared
 	 */
 	#[\Override]
-	public function isShared() {
+	public function isShared(): bool {
 		return true;
 	}
 }

apps/dav/lib/CalDAV/PublicCalendarRoot.php

@@ -8,50 +8,39 @@
 
 namespace OCA\DAV\CalDAV;
 
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IL10N;
 use Psr\Log\LoggerInterface;
 use Sabre\DAV\Collection;
 
 class PublicCalendarRoot extends Collection {
-
-	/**
-	 * PublicCalendarRoot constructor.
-	 *
-	 * @param CalDavBackend $caldavBackend
-	 * @param IL10N $l10n
-	 * @param IConfig $config
-	 */
 	public function __construct(
 		protected CalDavBackend $caldavBackend,
 		protected IL10N $l10n,
+		protected IAppConfig $appConfig,
 		protected IConfig $config,
 		private LoggerInterface $logger,
 	) {
 	}
 
-	/**
-	 * @inheritdoc
-	 */
 	#[\Override]
-	public function getName() {
+	public function getName(): string {
 		return 'public-calendars';
 	}
 
-	/**
-	 * @inheritdoc
-	 */
 	#[\Override]
-	public function getChild($name) {
+	public function getChild($name): PublicCalendar {
+		// Sharing via link is allowed by default, but if the option is set it should be checked.
+		if (!$this->appConfig->getValueBool('core', 'shareapi_allow_links', true)) {
+			throw new \Sabre\DAV\Exception\Forbidden();
+		}
 		$calendar = $this->caldavBackend->getPublicCalendar($name);
 		return new PublicCalendar($this->caldavBackend, $calendar, $this->l10n, $this->config, $this->logger);
 	}
 
-	/**
-	 * @inheritdoc
-	 */
 	#[\Override]
-	public function getChildren() {
+	public function getChildren(): array {
 		return [];
 	}
 }

apps/dav/lib/CalDAV/Publishing/PublishPlugin.php

@@ -14,7 +14,6 @@ use OCA\DAV\CalDAV\Publishing\Xml\Publisher;
 use OCP\AppFramework\Http;
 use OCP\IConfig;
 use OCP\IURLGenerator;
-use Sabre\CalDAV\Xml\Property\AllowedSharingModes;
 use Sabre\DAV\Exception\NotFound;
 use Sabre\DAV\INode;
 use Sabre\DAV\PropFind;
@@ -26,12 +25,7 @@ use Sabre\HTTP\ResponseInterface;
 class PublishPlugin extends ServerPlugin {
 	public const NS_CALENDARSERVER = 'http://calendarserver.org/ns/';
 
-	/**
-	 * Reference to SabreDAV server object.
-	 *
-	 * @var \Sabre\DAV\Server
-	 */
-	protected $server;
+	protected Server $server;
 
 	/**
 	 * PublishPlugin constructor.
@@ -60,9 +54,9 @@ class PublishPlugin extends ServerPlugin {
 	 * @return string[]
 	 */
 	#[\Override]
-	public function getFeatures() {
+	public function getFeatures(): array {
 		// May have to be changed to be detected
-		return ['oc-calendar-publishing', 'calendarserver-sharing'];
+		return ['oc-calendar-publishing'];
 	}
 
 	/**
@@ -74,7 +68,7 @@ class PublishPlugin extends ServerPlugin {
 	 * @return string
 	 */
 	#[\Override]
-	public function getPluginName() {
+	public function getPluginName(): string {
 		return 'oc-calendar-publishing';
 	}
 
@@ -121,18 +115,6 @@ class PublishPlugin extends ServerPlugin {
 					return new Publisher($publishUrl, true);
 				}
 			});
-
-			$propFind->handle('{' . self::NS_CALENDARSERVER . '}allowed-sharing-modes', function () use ($node) {
-				$canShare = (!$node->isSubscription() && $node->canWrite());
-				$canPublish = (!$node->isSubscription() && $node->canWrite());
-
-				if ($this->config->getAppValue('dav', 'limitAddressBookAndCalendarSharingToOwner', 'no') === 'yes') {
-					$canShare = $canShare && ($node->getOwner() === $node->getPrincipalURI());
-					$canPublish = $canPublish && ($node->getOwner() === $node->getPrincipalURI());
-				}
-
-				return new AllowedSharingModes($canShare, $canPublish);
-			});
 		}
 	}
 

apps/dav/lib/CalDAV/SharingPlugin.php

@@ -0,0 +1,64 @@
+<?php
+
+// SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
+namespace OCA\DAV\CalDAV;
+
+use OCP\IAppConfig;
+use OCP\IConfig;
+use Override;
+use Sabre\CalDAV\Xml\Property\AllowedSharingModes;
+use Sabre\DAV\INode;
+use Sabre\DAV\PropFind;
+use Sabre\DAV\Server;
+use Sabre\DAV\ServerPlugin;
+
+class SharingPlugin extends ServerPlugin {
+	public const NS_CALENDARSERVER = 'http://calendarserver.org/ns/';
+
+	protected Server $server;
+
+	public function __construct(
+		private readonly IAppConfig $config,
+	) {
+	}
+
+	#[Override]
+	public function getFeatures(): array {
+		// May have to be changed to be detected
+		return ['calendarserver-sharing'];
+	}
+
+	#[Override]
+	public function getPluginName(): string {
+		return 'oc-calendar-sharing';
+	}
+
+	#[Override]
+	public function initialize(Server $server): void {
+		$this->server = $server;
+
+		$this->server->on('propFind', $this->propFind(...));
+	}
+
+	public function propFind(PropFind $propFind, INode $node): void {
+		if ($node instanceof Calendar) {
+			$propFind->handle('{' . self::NS_CALENDARSERVER . '}allowed-sharing-modes', function () use ($node) {
+				$canShare = (!$node->isSubscription() && $node->canWrite());
+				$canPublish = (!$node->isSubscription() && $node->canWrite());
+
+				if ($this->config->getValueBool('dav', 'limitAddressBookAndCalendarSharingToOwner')) {
+					$canShare = $canShare && ($node->getOwner() === $node->getPrincipalURI());
+					$canPublish = $canPublish && ($node->getOwner() === $node->getPrincipalURI());
+				}
+
+				if (!$this->config->getValueBool('core', 'shareapi_allow_links', true)) {
+					$canPublish = false;
+				}
+
+				return new AllowedSharingModes($canShare, $canPublish);
+			});
+		}
+	}
+}

apps/dav/lib/RootCollection.php

@@ -37,6 +37,7 @@ use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Comments\ICommentsManager;
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\Files\IRootFolder;
+use OCP\IAppConfig;
 use OCP\ICacheFactory;
 use OCP\IConfig;
 use OCP\IDBConnection;
@@ -63,6 +64,7 @@ class RootCollection extends SimpleCollection {
 		$db = Server::get(IDBConnection::class);
 		$dispatcher = Server::get(IEventDispatcher::class);
 		$config = Server::get(IConfig::class);
+		$appConfig = Server::get(IAppConfig::class);
 		$proxyMapper = Server::get(ProxyMapper::class);
 		$rootFolder = Server::get(IRootFolder::class);
 		$federatedCalendarFactory = Server::get(FederatedCalendarFactory::class);
@@ -125,7 +127,7 @@ class RootCollection extends SimpleCollection {
 		$roomCalendarRoot = new CalendarRoot($calendarRoomPrincipalBackend, $caldavBackend, 'principals/calendar-rooms', $logger, $l10n, $config, $federatedCalendarFactory);
 		$roomCalendarRoot->disableListing = $disableListing;
 
-		$publicCalendarRoot = new PublicCalendarRoot($caldavBackend, $l10n, $config, $logger);
+		$publicCalendarRoot = new PublicCalendarRoot($caldavBackend, $l10n, $appConfig, $config, $logger);
 
 		$systemTagCollection = Server::get(SystemTagsByIdCollection::class);
 		$systemTagRelationsCollection = new SystemTagsRelationsCollection(

apps/dav/lib/Server.php

@@ -87,6 +87,7 @@ use OCP\FilesMetadata\IFilesMetadataManager;
 use OCP\IAppConfig;
 use OCP\ICacheFactory;
 use OCP\IConfig;
+use OCP\IConfig;
 use OCP\IDateTimeZone;
 use OCP\IDBConnection;
 use OCP\IGroupManager;
@@ -209,15 +210,18 @@ class Server {
 
 			$this->server->addPlugin(\OCP\Server::get(\OCA\DAV\CalDAV\Trashbin\Plugin::class));
 			$this->server->addPlugin(new \OCA\DAV\CalDAV\WebcalCaching\Plugin($this->request));
-			if (\OCP\Server::get(IConfig::class)->getAppValue('dav', 'allow_calendar_link_subscriptions', 'yes') === 'yes') {
+			if (\OCP\Server::get(IAppConfig::class)->getValueBool('dav', 'allow_calendar_link_subscriptions', true)) {
 				$this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
 			}
 
 			$this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
-			$this->server->addPlugin(new PublishPlugin(
-				\OCP\Server::get(IConfig::class),
-				\OCP\Server::get(IURLGenerator::class)
-			));
+			$this->server->addPlugin(new \OCA\DAV\CalDAV\SharingPlugin(\OCP\Server::get(IAppConfig::class)));
+			if (\OCP\Server::get(IAppConfig::class)->getValueBool('core', 'shareapi_allow_links', true)) {
+				$this->server->addPlugin(new PublishPlugin(
+					\OCP\Server::get(IConfig::class),
+					\OCP\Server::get(IURLGenerator::class)
+				));
+			}
 
 			$this->server->addPlugin(\OCP\Server::get(RateLimitingPlugin::class));
 			$this->server->addPlugin(\OCP\Server::get(CalDavValidatePlugin::class));
@@ -345,7 +349,7 @@ class Server {
 					\OCP\Server::get(ICommentsManager::class),
 					$userSession
 				));
-				if (\OCP\Server::get(IConfig::class)->getAppValue('dav', 'sendInvitations', 'yes') === 'yes') {
+				if (\OCP\Server::get(IAppConfig::class)->getValueBool('dav', 'sendInvitations', true)) {
 					$this->server->addPlugin(new IMipPlugin(
 						\OCP\Server::get(IAppConfig::class),
 						\OCP\Server::get(IMailer::class),

build/psalm-baseline.xml

@@ -313,7 +313,6 @@
     <DeprecatedMethod>
       <code><![CDATA[getAppValue]]></code>
       <code><![CDATA[getAppValue]]></code>
-      <code><![CDATA[getAppValue]]></code>
     </DeprecatedMethod>
   </file>
   <file src="apps/dav/lib/CalDAV/Reminder/NotificationProvider/AbstractProvider.php">
@@ -1042,8 +1041,6 @@
     <DeprecatedMethod>
       <code><![CDATA[dispatch]]></code>
       <code><![CDATA[dispatch]]></code>
-      <code><![CDATA[getAppValue]]></code>
-      <code><![CDATA[getAppValue]]></code>
       <code><![CDATA[getL10N]]></code>
       <code><![CDATA[getL10N]]></code>
       <code><![CDATA[getUserFolder]]></code>