limiter = $limiter; $this->userManager = $userManager; $this->cardDavBackend = $cardDavBackend; $this->config = $config; $this->logger = $logger; $this->userId = $userId; } public function initialize(DAV\Server $server): void { $server->on('beforeBind', [$this, 'beforeBind'], 1); } public function beforeBind(string $path): void { if ($this->userId === null) { // We only care about authenticated users here return; } $user = $this->userManager->get($this->userId); if ($user === null) { // We only care about authenticated users here return; } $pathParts = explode('/', $path); if (count($pathParts) === 4 && $pathParts[0] === 'addressbooks') { // Path looks like addressbooks/users/username/addressbooksname so a new addressbook is created try { $this->limiter->registerUserRequest( 'carddav-create-address-book', $this->config->getValueInt('dav', 'rateLimitAddressBookCreation', 10), $this->config->getValueInt('dav', 'rateLimitPeriodAddressBookCreation', 3600), $user ); } catch (RateLimitExceededException $e) { throw new TooManyRequests('Too many addressbooks created', 0, $e); } $addressBookLimit = $this->config->getValueInt('dav', 'maximumAdressbooks', 10); if ($addressBookLimit === -1) { return; } $numAddressbooks = $this->cardDavBackend->getAddressBooksForUserCount('principals/users/' . $user->getUID()); if ($numAddressbooks >= $addressBookLimit) { $this->logger->warning('Maximum number of address books reached', [ 'addressbooks' => $numAddressbooks, 'addressBookLimit' => $addressBookLimit, ]); throw new Forbidden('AddressBook limit reached', 0); } } } }