AddressBook.php 7.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. namespace OCA\DAV\CardDAV;
  8. use OCA\DAV\DAV\Sharing\IShareable;
  9. use OCA\DAV\Exception\UnsupportedLimitOnInitialSyncException;
  10. use OCP\DB\Exception;
  11. use OCP\IL10N;
  12. use OCP\Server;
  13. use Psr\Log\LoggerInterface;
  14. use Sabre\CardDAV\Backend\BackendInterface;
  15. use Sabre\DAV\Exception\Forbidden;
  16. use Sabre\DAV\Exception\NotFound;
  17. use Sabre\DAV\IMoveTarget;
  18. use Sabre\DAV\INode;
  19. use Sabre\DAV\PropPatch;
  20. /**
  21. * Class AddressBook
  22. *
  23. * @package OCA\DAV\CardDAV
  24. * @property CardDavBackend $carddavBackend
  25. */
  26. class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable, IMoveTarget {
  27. /**
  28. * AddressBook constructor.
  29. *
  30. * @param BackendInterface $carddavBackend
  31. * @param array $addressBookInfo
  32. * @param IL10N $l10n
  33. */
  34. public function __construct(BackendInterface $carddavBackend, array $addressBookInfo, IL10N $l10n) {
  35. parent::__construct($carddavBackend, $addressBookInfo);
  36. if ($this->addressBookInfo['{DAV:}displayname'] === CardDavBackend::PERSONAL_ADDRESSBOOK_NAME &&
  37. $this->getName() === CardDavBackend::PERSONAL_ADDRESSBOOK_URI) {
  38. $this->addressBookInfo['{DAV:}displayname'] = $l10n->t('Contacts');
  39. }
  40. }
  41. /**
  42. * Updates the list of shares.
  43. *
  44. * The first array is a list of people that are to be added to the
  45. * addressbook.
  46. *
  47. * Every element in the add array has the following properties:
  48. * * href - A url. Usually a mailto: address
  49. * * commonName - Usually a first and last name, or false
  50. * * readOnly - A boolean value
  51. *
  52. * Every element in the remove array is just the address string.
  53. *
  54. * @param list<array{href: string, commonName: string, readOnly: bool}> $add
  55. * @param list<string> $remove
  56. * @throws Forbidden
  57. */
  58. public function updateShares(array $add, array $remove): void {
  59. if ($this->isShared()) {
  60. throw new Forbidden();
  61. }
  62. $this->carddavBackend->updateShares($this, $add, $remove);
  63. }
  64. /**
  65. * Returns the list of people whom this addressbook is shared with.
  66. *
  67. * Every element in this array should have the following properties:
  68. * * href - Often a mailto: address
  69. * * commonName - Optional, for example a first + last name
  70. * * status - See the Sabre\CalDAV\SharingPlugin::STATUS_ constants.
  71. * * readOnly - boolean
  72. *
  73. * @return list<array{href: string, commonName: string, status: int, readOnly: bool, '{http://owncloud.org/ns}principal': string, '{http://owncloud.org/ns}group-share': bool}>
  74. */
  75. public function getShares(): array {
  76. if ($this->isShared()) {
  77. return [];
  78. }
  79. return $this->carddavBackend->getShares($this->getResourceId());
  80. }
  81. public function getACL() {
  82. $acl = [
  83. [
  84. 'privilege' => '{DAV:}read',
  85. 'principal' => $this->getOwner(),
  86. 'protected' => true,
  87. ],[
  88. 'privilege' => '{DAV:}write',
  89. 'principal' => $this->getOwner(),
  90. 'protected' => true,
  91. ],
  92. [
  93. 'privilege' => '{DAV:}write-properties',
  94. 'principal' => $this->getOwner(),
  95. 'protected' => true,
  96. ],
  97. ];
  98. if ($this->getOwner() === 'principals/system/system') {
  99. $acl[] = [
  100. 'privilege' => '{DAV:}read',
  101. 'principal' => '{DAV:}authenticated',
  102. 'protected' => true,
  103. ];
  104. $acl[] = [
  105. 'privilege' => '{DAV:}write-properties',
  106. 'principal' => '{DAV:}authenticated',
  107. 'protected' => true,
  108. ];
  109. }
  110. if (!$this->isShared()) {
  111. return $acl;
  112. }
  113. if ($this->getOwner() !== parent::getOwner()) {
  114. $acl[] = [
  115. 'privilege' => '{DAV:}read',
  116. 'principal' => parent::getOwner(),
  117. 'protected' => true,
  118. ];
  119. if ($this->canWrite()) {
  120. $acl[] = [
  121. 'privilege' => '{DAV:}write',
  122. 'principal' => parent::getOwner(),
  123. 'protected' => true,
  124. ];
  125. }
  126. }
  127. $acl = $this->carddavBackend->applyShareAcl($this->getResourceId(), $acl);
  128. $allowedPrincipals = [$this->getOwner(), parent::getOwner(), 'principals/system/system', '{DAV:}authenticated'];
  129. return array_filter($acl, function ($rule) use ($allowedPrincipals) {
  130. return \in_array($rule['principal'], $allowedPrincipals, true);
  131. });
  132. }
  133. public function getChildACL() {
  134. return $this->getACL();
  135. }
  136. public function getChild($name) {
  137. $obj = $this->carddavBackend->getCard($this->addressBookInfo['id'], $name);
  138. if (!$obj) {
  139. throw new NotFound('Card not found');
  140. }
  141. $obj['acl'] = $this->getChildACL();
  142. return new Card($this->carddavBackend, $this->addressBookInfo, $obj);
  143. }
  144. public function getChildren() {
  145. $objs = $this->carddavBackend->getCards($this->addressBookInfo['id']);
  146. $children = [];
  147. foreach ($objs as $obj) {
  148. $obj['acl'] = $this->getChildACL();
  149. $children[] = new Card($this->carddavBackend, $this->addressBookInfo, $obj);
  150. }
  151. return $children;
  152. }
  153. public function getMultipleChildren(array $paths) {
  154. $objs = $this->carddavBackend->getMultipleCards($this->addressBookInfo['id'], $paths);
  155. $children = [];
  156. foreach ($objs as $obj) {
  157. $obj['acl'] = $this->getChildACL();
  158. $children[] = new Card($this->carddavBackend, $this->addressBookInfo, $obj);
  159. }
  160. return $children;
  161. }
  162. public function getResourceId(): int {
  163. return $this->addressBookInfo['id'];
  164. }
  165. public function getOwner(): ?string {
  166. if (isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
  167. return $this->addressBookInfo['{http://owncloud.org/ns}owner-principal'];
  168. }
  169. return parent::getOwner();
  170. }
  171. public function delete() {
  172. if (isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
  173. $principal = 'principal:' . parent::getOwner();
  174. $shares = $this->carddavBackend->getShares($this->getResourceId());
  175. $shares = array_filter($shares, function ($share) use ($principal) {
  176. return $share['href'] === $principal;
  177. });
  178. if (empty($shares)) {
  179. throw new Forbidden();
  180. }
  181. $this->carddavBackend->updateShares($this, [], [
  182. $principal
  183. ]);
  184. return;
  185. }
  186. parent::delete();
  187. }
  188. public function propPatch(PropPatch $propPatch) {
  189. if (!isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
  190. parent::propPatch($propPatch);
  191. }
  192. }
  193. public function getContactsGroups() {
  194. return $this->carddavBackend->collectCardProperties($this->getResourceId(), 'CATEGORIES');
  195. }
  196. private function isShared(): bool {
  197. if (!isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
  198. return false;
  199. }
  200. return $this->addressBookInfo['{http://owncloud.org/ns}owner-principal'] !== $this->addressBookInfo['principaluri'];
  201. }
  202. private function canWrite(): bool {
  203. if (isset($this->addressBookInfo['{http://owncloud.org/ns}read-only'])) {
  204. return !$this->addressBookInfo['{http://owncloud.org/ns}read-only'];
  205. }
  206. return true;
  207. }
  208. public function getChanges($syncToken, $syncLevel, $limit = null) {
  209. if (!$syncToken && $limit) {
  210. throw new UnsupportedLimitOnInitialSyncException();
  211. }
  212. return parent::getChanges($syncToken, $syncLevel, $limit);
  213. }
  214. /**
  215. * @inheritDoc
  216. */
  217. public function moveInto($targetName, $sourcePath, INode $sourceNode) {
  218. if (!($sourceNode instanceof Card)) {
  219. return false;
  220. }
  221. try {
  222. return $this->carddavBackend->moveCard($sourceNode->getAddressbookId(), (int)$this->addressBookInfo['id'], $sourceNode->getUri(), $sourceNode->getOwner());
  223. } catch (Exception $e) {
  224. // Avoid injecting LoggerInterface everywhere
  225. Server::get(LoggerInterface::class)->error('Could not move calendar object: ' . $e->getMessage(), ['exception' => $e]);
  226. return false;
  227. }
  228. }
  229. }