123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116 |
- <?php
- /**
- * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
- namespace OCA\DAV\CalDAV;
- use OCP\IConfig;
- use Sabre\CalDAV\Plugin as CalDAVPlugin;
- /**
- * Class Outbox
- *
- * @package OCA\DAV\CalDAV
- */
- class Outbox extends \Sabre\CalDAV\Schedule\Outbox {
- /** @var IConfig */
- private $config;
- /** @var null|bool */
- private $disableFreeBusy = null;
- /**
- * Outbox constructor.
- *
- * @param IConfig $config
- * @param string $principalUri
- */
- public function __construct(IConfig $config, string $principalUri) {
- parent::__construct($principalUri);
- $this->config = $config;
- }
- /**
- * Returns a list of ACE's for this node.
- *
- * Each ACE has the following properties:
- * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
- * currently the only supported privileges
- * * 'principal', a url to the principal who owns the node
- * * 'protected' (optional), indicating that this ACE is not allowed to
- * be updated.
- *
- * @return array
- */
- public function getACL() {
- // getACL is called so frequently that we cache the config result
- if ($this->disableFreeBusy === null) {
- $this->disableFreeBusy = ($this->config->getAppValue('dav', 'disableFreeBusy', 'no') === 'yes');
- }
- $commonAcl = [
- [
- 'privilege' => '{DAV:}read',
- 'principal' => $this->getOwner(),
- 'protected' => true,
- ],
- [
- 'privilege' => '{DAV:}read',
- 'principal' => $this->getOwner() . '/calendar-proxy-read',
- 'protected' => true,
- ],
- [
- 'privilege' => '{DAV:}read',
- 'principal' => $this->getOwner() . '/calendar-proxy-write',
- 'protected' => true,
- ],
- ];
- // schedule-send is an aggregate privilege for:
- // - schedule-send-invite
- // - schedule-send-reply
- // - schedule-send-freebusy
- //
- // If FreeBusy is disabled, we have to remove the latter privilege
- if ($this->disableFreeBusy) {
- return array_merge($commonAcl, [
- [
- 'privilege' => '{' . CalDAVPlugin::NS_CALDAV . '}schedule-send-invite',
- 'principal' => $this->getOwner(),
- 'protected' => true,
- ],
- [
- 'privilege' => '{' . CalDAVPlugin::NS_CALDAV . '}schedule-send-invite',
- 'principal' => $this->getOwner() . '/calendar-proxy-write',
- 'protected' => true,
- ],
- [
- 'privilege' => '{' . CalDAVPlugin::NS_CALDAV . '}schedule-send-reply',
- 'principal' => $this->getOwner(),
- 'protected' => true,
- ],
- [
- 'privilege' => '{' . CalDAVPlugin::NS_CALDAV . '}schedule-send-reply',
- 'principal' => $this->getOwner() . '/calendar-proxy-write',
- 'protected' => true,
- ],
- ]);
- }
- return array_merge($commonAcl, [
- [
- 'privilege' => '{' . CalDAVPlugin::NS_CALDAV . '}schedule-send',
- 'principal' => $this->getOwner(),
- 'protected' => true,
- ],
- [
- 'privilege' => '{' . CalDAVPlugin::NS_CALDAV . '}schedule-send',
- 'principal' => $this->getOwner() . '/calendar-proxy-write',
- 'protected' => true,
- ],
- ]);
- }
- }
|