diff --git a/apps/dav/composer/composer/autoload_classmap.php b/apps/dav/composer/composer/autoload_classmap.php index 2ca5cf66f90..96d25c57188 100644 --- a/apps/dav/composer/composer/autoload_classmap.php +++ b/apps/dav/composer/composer/autoload_classmap.php @@ -141,6 +141,7 @@ return array( 'OCA\\DAV\\CalDAV\\TimeZoneFactory' => $baseDir . '/../lib/CalDAV/TimeZoneFactory.php', 'OCA\\DAV\\CalDAV\\TimezoneService' => $baseDir . '/../lib/CalDAV/TimezoneService.php', 'OCA\\DAV\\CalDAV\\TipBroker' => $baseDir . '/../lib/CalDAV/TipBroker.php', + 'OCA\\DAV\\CalDAV\\SharingPlugin' => $baseDir . '/../lib/CalDAV/SharingPlugin.php', 'OCA\\DAV\\CalDAV\\Trashbin\\DeletedCalendarObject' => $baseDir . '/../lib/CalDAV/Trashbin/DeletedCalendarObject.php', 'OCA\\DAV\\CalDAV\\Trashbin\\DeletedCalendarObjectsCollection' => $baseDir . '/../lib/CalDAV/Trashbin/DeletedCalendarObjectsCollection.php', 'OCA\\DAV\\CalDAV\\Trashbin\\Plugin' => $baseDir . '/../lib/CalDAV/Trashbin/Plugin.php', diff --git a/apps/dav/composer/composer/autoload_static.php b/apps/dav/composer/composer/autoload_static.php index c35dd97c02c..83fb1e11019 100644 --- a/apps/dav/composer/composer/autoload_static.php +++ b/apps/dav/composer/composer/autoload_static.php @@ -156,6 +156,7 @@ class ComposerStaticInitDAV 'OCA\\DAV\\CalDAV\\TimeZoneFactory' => __DIR__ . '/..' . '/../lib/CalDAV/TimeZoneFactory.php', 'OCA\\DAV\\CalDAV\\TimezoneService' => __DIR__ . '/..' . '/../lib/CalDAV/TimezoneService.php', 'OCA\\DAV\\CalDAV\\TipBroker' => __DIR__ . '/..' . '/../lib/CalDAV/TipBroker.php', + 'OCA\\DAV\\CalDAV\\SharingPlugin' => __DIR__ . '/..' . '/../lib/CalDAV/SharingPlugin.php', 'OCA\\DAV\\CalDAV\\Trashbin\\DeletedCalendarObject' => __DIR__ . '/..' . '/../lib/CalDAV/Trashbin/DeletedCalendarObject.php', 'OCA\\DAV\\CalDAV\\Trashbin\\DeletedCalendarObjectsCollection' => __DIR__ . '/..' . '/../lib/CalDAV/Trashbin/DeletedCalendarObjectsCollection.php', 'OCA\\DAV\\CalDAV\\Trashbin\\Plugin' => __DIR__ . '/..' . '/../lib/CalDAV/Trashbin/Plugin.php', diff --git a/apps/dav/lib/CalDAV/InvitationResponse/InvitationResponseServer.php b/apps/dav/lib/CalDAV/InvitationResponse/InvitationResponseServer.php index de7815c68f2..47c8bf4d485 100644 --- a/apps/dav/lib/CalDAV/InvitationResponse/InvitationResponseServer.php +++ b/apps/dav/lib/CalDAV/InvitationResponse/InvitationResponseServer.php @@ -12,6 +12,7 @@ use OCA\DAV\CalDAV\Auth\CustomPrincipalPlugin; use OCA\DAV\CalDAV\Auth\PublicPrincipalPlugin; use OCA\DAV\CalDAV\DefaultCalendarValidator; use OCA\DAV\CalDAV\Publishing\PublishPlugin; +use OCA\DAV\CalDAV\SharingPlugin; use OCA\DAV\Connector\Sabre\AnonymousOptionsPlugin; use OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin; use OCA\DAV\Connector\Sabre\CachingTree; @@ -24,6 +25,7 @@ use OCA\DAV\RootCollection; use OCA\Theming\ThemingDefaults; use OCP\App\IAppManager; use OCP\EventDispatcher\IEventDispatcher; +use OCP\IAppConfig; use OCP\IConfig; use OCP\IURLGenerator; use OCP\Server; @@ -31,8 +33,7 @@ use Psr\Log\LoggerInterface; use Sabre\VObject\ITip\Message; class InvitationResponseServer { - /** @var \OCA\DAV\Connector\Sabre\Server */ - public $server; + public \OCA\DAV\Connector\Sabre\Server $server; /** * InvitationResponseServer constructor. @@ -87,6 +88,7 @@ class InvitationResponseServer { $this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin()); $this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin()); //$this->server->addPlugin(new \OCA\DAV\DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest())); + $this->server->addPlugin(new SharingPlugin(Server::get(IAppConfig::class))); $this->server->addPlugin(new PublishPlugin( Server::get(IConfig::class), Server::get(IURLGenerator::class) diff --git a/apps/dav/lib/CalDAV/PublicCalendar.php b/apps/dav/lib/CalDAV/PublicCalendar.php index a37b9fa7a8e..6646db3c090 100644 --- a/apps/dav/lib/CalDAV/PublicCalendar.php +++ b/apps/dav/lib/CalDAV/PublicCalendar.php @@ -14,10 +14,9 @@ class PublicCalendar extends Calendar { /** * @param string $name * @throws NotFound - * @return PublicCalendarObject */ #[\Override] - public function getChild($name) { + public function getChild($name): PublicCalendarObject { $obj = $this->caldavBackend->getCalendarObject($this->calendarInfo['id'], $name); if (!$obj) { @@ -35,7 +34,7 @@ class PublicCalendar extends Calendar { * @return PublicCalendarObject[] */ #[\Override] - public function getChildren() { + public function getChildren(): array { $objs = $this->caldavBackend->getCalendarObjects($this->calendarInfo['id']); $children = []; foreach ($objs as $obj) { @@ -53,7 +52,7 @@ class PublicCalendar extends Calendar { * @return PublicCalendarObject[] */ #[\Override] - public function getMultipleChildren(array $paths) { + public function getMultipleChildren(array $paths): array { $objs = $this->caldavBackend->getMultipleCalendarObjects($this->calendarInfo['id'], $paths); $children = []; foreach ($objs as $obj) { @@ -67,11 +66,10 @@ class PublicCalendar extends Calendar { } /** - * public calendars are always shared - * @return bool + * Public calendars are always shared */ #[\Override] - public function isShared() { + public function isShared(): bool { return true; } } diff --git a/apps/dav/lib/CalDAV/PublicCalendarRoot.php b/apps/dav/lib/CalDAV/PublicCalendarRoot.php index aec3f7b6224..aee3dd2935c 100644 --- a/apps/dav/lib/CalDAV/PublicCalendarRoot.php +++ b/apps/dav/lib/CalDAV/PublicCalendarRoot.php @@ -8,50 +8,39 @@ namespace OCA\DAV\CalDAV; +use OCP\IAppConfig; use OCP\IConfig; use OCP\IL10N; use Psr\Log\LoggerInterface; use Sabre\DAV\Collection; class PublicCalendarRoot extends Collection { - - /** - * PublicCalendarRoot constructor. - * - * @param CalDavBackend $caldavBackend - * @param IL10N $l10n - * @param IConfig $config - */ public function __construct( protected CalDavBackend $caldavBackend, protected IL10N $l10n, + protected IAppConfig $appConfig, protected IConfig $config, private LoggerInterface $logger, ) { } - /** - * @inheritdoc - */ #[\Override] - public function getName() { + public function getName(): string { return 'public-calendars'; } - /** - * @inheritdoc - */ #[\Override] - public function getChild($name) { + public function getChild($name): PublicCalendar { + // Sharing via link is allowed by default, but if the option is set it should be checked. + if (!$this->appConfig->getValueBool('core', 'shareapi_allow_links', true)) { + throw new \Sabre\DAV\Exception\Forbidden(); + } $calendar = $this->caldavBackend->getPublicCalendar($name); return new PublicCalendar($this->caldavBackend, $calendar, $this->l10n, $this->config, $this->logger); } - /** - * @inheritdoc - */ #[\Override] - public function getChildren() { + public function getChildren(): array { return []; } } diff --git a/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php b/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php index 619d0fc2931..5b2a68b9456 100644 --- a/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php +++ b/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php @@ -14,7 +14,6 @@ use OCA\DAV\CalDAV\Publishing\Xml\Publisher; use OCP\AppFramework\Http; use OCP\IConfig; use OCP\IURLGenerator; -use Sabre\CalDAV\Xml\Property\AllowedSharingModes; use Sabre\DAV\Exception\NotFound; use Sabre\DAV\INode; use Sabre\DAV\PropFind; @@ -26,12 +25,7 @@ use Sabre\HTTP\ResponseInterface; class PublishPlugin extends ServerPlugin { public const NS_CALENDARSERVER = 'http://calendarserver.org/ns/'; - /** - * Reference to SabreDAV server object. - * - * @var \Sabre\DAV\Server - */ - protected $server; + protected Server $server; /** * PublishPlugin constructor. @@ -60,9 +54,9 @@ class PublishPlugin extends ServerPlugin { * @return string[] */ #[\Override] - public function getFeatures() { + public function getFeatures(): array { // May have to be changed to be detected - return ['oc-calendar-publishing', 'calendarserver-sharing']; + return ['oc-calendar-publishing']; } /** @@ -74,7 +68,7 @@ class PublishPlugin extends ServerPlugin { * @return string */ #[\Override] - public function getPluginName() { + public function getPluginName(): string { return 'oc-calendar-publishing'; } @@ -121,18 +115,6 @@ class PublishPlugin extends ServerPlugin { return new Publisher($publishUrl, true); } }); - - $propFind->handle('{' . self::NS_CALENDARSERVER . '}allowed-sharing-modes', function () use ($node) { - $canShare = (!$node->isSubscription() && $node->canWrite()); - $canPublish = (!$node->isSubscription() && $node->canWrite()); - - if ($this->config->getAppValue('dav', 'limitAddressBookAndCalendarSharingToOwner', 'no') === 'yes') { - $canShare = $canShare && ($node->getOwner() === $node->getPrincipalURI()); - $canPublish = $canPublish && ($node->getOwner() === $node->getPrincipalURI()); - } - - return new AllowedSharingModes($canShare, $canPublish); - }); } } diff --git a/apps/dav/lib/CalDAV/SharingPlugin.php b/apps/dav/lib/CalDAV/SharingPlugin.php new file mode 100644 index 00000000000..091fae24051 --- /dev/null +++ b/apps/dav/lib/CalDAV/SharingPlugin.php @@ -0,0 +1,64 @@ +server = $server; + + $this->server->on('propFind', $this->propFind(...)); + } + + public function propFind(PropFind $propFind, INode $node): void { + if ($node instanceof Calendar) { + $propFind->handle('{' . self::NS_CALENDARSERVER . '}allowed-sharing-modes', function () use ($node) { + $canShare = (!$node->isSubscription() && $node->canWrite()); + $canPublish = (!$node->isSubscription() && $node->canWrite()); + + if ($this->config->getValueBool('dav', 'limitAddressBookAndCalendarSharingToOwner')) { + $canShare = $canShare && ($node->getOwner() === $node->getPrincipalURI()); + $canPublish = $canPublish && ($node->getOwner() === $node->getPrincipalURI()); + } + + if (!$this->config->getValueBool('core', 'shareapi_allow_links', true)) { + $canPublish = false; + } + + return new AllowedSharingModes($canShare, $canPublish); + }); + } + } +} diff --git a/apps/dav/lib/RootCollection.php b/apps/dav/lib/RootCollection.php index ce9ad59e819..95d8d5c8562 100644 --- a/apps/dav/lib/RootCollection.php +++ b/apps/dav/lib/RootCollection.php @@ -37,6 +37,7 @@ use OCP\AppFramework\Utility\ITimeFactory; use OCP\Comments\ICommentsManager; use OCP\EventDispatcher\IEventDispatcher; use OCP\Files\IRootFolder; +use OCP\IAppConfig; use OCP\ICacheFactory; use OCP\IConfig; use OCP\IDBConnection; @@ -63,6 +64,7 @@ class RootCollection extends SimpleCollection { $db = Server::get(IDBConnection::class); $dispatcher = Server::get(IEventDispatcher::class); $config = Server::get(IConfig::class); + $appConfig = Server::get(IAppConfig::class); $proxyMapper = Server::get(ProxyMapper::class); $rootFolder = Server::get(IRootFolder::class); $federatedCalendarFactory = Server::get(FederatedCalendarFactory::class); @@ -125,7 +127,7 @@ class RootCollection extends SimpleCollection { $roomCalendarRoot = new CalendarRoot($calendarRoomPrincipalBackend, $caldavBackend, 'principals/calendar-rooms', $logger, $l10n, $config, $federatedCalendarFactory); $roomCalendarRoot->disableListing = $disableListing; - $publicCalendarRoot = new PublicCalendarRoot($caldavBackend, $l10n, $config, $logger); + $publicCalendarRoot = new PublicCalendarRoot($caldavBackend, $l10n, $appConfig, $config, $logger); $systemTagCollection = Server::get(SystemTagsByIdCollection::class); $systemTagRelationsCollection = new SystemTagsRelationsCollection( diff --git a/apps/dav/lib/Server.php b/apps/dav/lib/Server.php index ea4350bc152..da305d98e1f 100644 --- a/apps/dav/lib/Server.php +++ b/apps/dav/lib/Server.php @@ -87,6 +87,7 @@ use OCP\FilesMetadata\IFilesMetadataManager; use OCP\IAppConfig; use OCP\ICacheFactory; use OCP\IConfig; +use OCP\IConfig; use OCP\IDateTimeZone; use OCP\IDBConnection; use OCP\IGroupManager; @@ -209,15 +210,18 @@ class Server { $this->server->addPlugin(\OCP\Server::get(\OCA\DAV\CalDAV\Trashbin\Plugin::class)); $this->server->addPlugin(new \OCA\DAV\CalDAV\WebcalCaching\Plugin($this->request)); - if (\OCP\Server::get(IConfig::class)->getAppValue('dav', 'allow_calendar_link_subscriptions', 'yes') === 'yes') { + if (\OCP\Server::get(IAppConfig::class)->getValueBool('dav', 'allow_calendar_link_subscriptions', true)) { $this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin()); } $this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin()); - $this->server->addPlugin(new PublishPlugin( - \OCP\Server::get(IConfig::class), - \OCP\Server::get(IURLGenerator::class) - )); + $this->server->addPlugin(new \OCA\DAV\CalDAV\SharingPlugin(\OCP\Server::get(IAppConfig::class))); + if (\OCP\Server::get(IAppConfig::class)->getValueBool('core', 'shareapi_allow_links', true)) { + $this->server->addPlugin(new PublishPlugin( + \OCP\Server::get(IConfig::class), + \OCP\Server::get(IURLGenerator::class) + )); + } $this->server->addPlugin(\OCP\Server::get(RateLimitingPlugin::class)); $this->server->addPlugin(\OCP\Server::get(CalDavValidatePlugin::class)); @@ -345,7 +349,7 @@ class Server { \OCP\Server::get(ICommentsManager::class), $userSession )); - if (\OCP\Server::get(IConfig::class)->getAppValue('dav', 'sendInvitations', 'yes') === 'yes') { + if (\OCP\Server::get(IAppConfig::class)->getValueBool('dav', 'sendInvitations', true)) { $this->server->addPlugin(new IMipPlugin( \OCP\Server::get(IAppConfig::class), \OCP\Server::get(IMailer::class), diff --git a/build/psalm-baseline.xml b/build/psalm-baseline.xml index fe478aab69d..ff052b27dfe 100644 --- a/build/psalm-baseline.xml +++ b/build/psalm-baseline.xml @@ -313,7 +313,6 @@ - @@ -1042,8 +1041,6 @@ - -