1
0

AddressBook.php 7.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  6. * @author Georg Ehrke <oc.list@georgehrke.com>
  7. * @author Joas Schilling <coding@schilljs.com>
  8. * @author Roeland Jago Douma <roeland@famdouma.nl>
  9. * @author Thomas Citharel <nextcloud@tcit.fr>
  10. * @author Thomas Müller <thomas.mueller@tmit.eu>
  11. *
  12. * @license AGPL-3.0
  13. *
  14. * This code is free software: you can redistribute it and/or modify
  15. * it under the terms of the GNU Affero General Public License, version 3,
  16. * as published by the Free Software Foundation.
  17. *
  18. * This program is distributed in the hope that it will be useful,
  19. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  20. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  21. * GNU Affero General Public License for more details.
  22. *
  23. * You should have received a copy of the GNU Affero General Public License, version 3,
  24. * along with this program. If not, see <http://www.gnu.org/licenses/>
  25. *
  26. */
  27. namespace OCA\DAV\CardDAV;
  28. use OCA\DAV\DAV\Sharing\IShareable;
  29. use OCA\DAV\Exception\UnsupportedLimitOnInitialSyncException;
  30. use OCP\DB\Exception;
  31. use OCP\IL10N;
  32. use OCP\Server;
  33. use Psr\Log\LoggerInterface;
  34. use Sabre\CardDAV\Backend\BackendInterface;
  35. use Sabre\DAV\Exception\Forbidden;
  36. use Sabre\DAV\Exception\NotFound;
  37. use Sabre\DAV\IMoveTarget;
  38. use Sabre\DAV\INode;
  39. use Sabre\DAV\PropPatch;
  40. /**
  41. * Class AddressBook
  42. *
  43. * @package OCA\DAV\CardDAV
  44. * @property CardDavBackend $carddavBackend
  45. */
  46. class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable, IMoveTarget {
  47. /**
  48. * AddressBook constructor.
  49. *
  50. * @param BackendInterface $carddavBackend
  51. * @param array $addressBookInfo
  52. * @param IL10N $l10n
  53. */
  54. public function __construct(BackendInterface $carddavBackend, array $addressBookInfo, IL10N $l10n) {
  55. parent::__construct($carddavBackend, $addressBookInfo);
  56. if ($this->addressBookInfo['{DAV:}displayname'] === CardDavBackend::PERSONAL_ADDRESSBOOK_NAME &&
  57. $this->getName() === CardDavBackend::PERSONAL_ADDRESSBOOK_URI) {
  58. $this->addressBookInfo['{DAV:}displayname'] = $l10n->t('Contacts');
  59. }
  60. }
  61. /**
  62. * Updates the list of shares.
  63. *
  64. * The first array is a list of people that are to be added to the
  65. * addressbook.
  66. *
  67. * Every element in the add array has the following properties:
  68. * * href - A url. Usually a mailto: address
  69. * * commonName - Usually a first and last name, or false
  70. * * readOnly - A boolean value
  71. *
  72. * Every element in the remove array is just the address string.
  73. *
  74. * @param list<array{href: string, commonName: string, readOnly: bool}> $add
  75. * @param list<string> $remove
  76. * @throws Forbidden
  77. */
  78. public function updateShares(array $add, array $remove): void {
  79. if ($this->isShared()) {
  80. throw new Forbidden();
  81. }
  82. $this->carddavBackend->updateShares($this, $add, $remove);
  83. }
  84. /**
  85. * Returns the list of people whom this addressbook is shared with.
  86. *
  87. * Every element in this array should have the following properties:
  88. * * href - Often a mailto: address
  89. * * commonName - Optional, for example a first + last name
  90. * * status - See the Sabre\CalDAV\SharingPlugin::STATUS_ constants.
  91. * * readOnly - boolean
  92. *
  93. * @return list<array{href: string, commonName: string, status: int, readOnly: bool, '{http://owncloud.org/ns}principal': string, '{http://owncloud.org/ns}group-share': bool}>
  94. */
  95. public function getShares(): array {
  96. if ($this->isShared()) {
  97. return [];
  98. }
  99. return $this->carddavBackend->getShares($this->getResourceId());
  100. }
  101. public function getACL() {
  102. $acl = [
  103. [
  104. 'privilege' => '{DAV:}read',
  105. 'principal' => $this->getOwner(),
  106. 'protected' => true,
  107. ],[
  108. 'privilege' => '{DAV:}write',
  109. 'principal' => $this->getOwner(),
  110. 'protected' => true,
  111. ]
  112. ];
  113. if ($this->getOwner() === 'principals/system/system') {
  114. $acl[] = [
  115. 'privilege' => '{DAV:}read',
  116. 'principal' => '{DAV:}authenticated',
  117. 'protected' => true,
  118. ];
  119. }
  120. if (!$this->isShared()) {
  121. return $acl;
  122. }
  123. if ($this->getOwner() !== parent::getOwner()) {
  124. $acl[] = [
  125. 'privilege' => '{DAV:}read',
  126. 'principal' => parent::getOwner(),
  127. 'protected' => true,
  128. ];
  129. if ($this->canWrite()) {
  130. $acl[] = [
  131. 'privilege' => '{DAV:}write',
  132. 'principal' => parent::getOwner(),
  133. 'protected' => true,
  134. ];
  135. }
  136. }
  137. $acl = $this->carddavBackend->applyShareAcl($this->getResourceId(), $acl);
  138. $allowedPrincipals = [$this->getOwner(), parent::getOwner(), 'principals/system/system'];
  139. return array_filter($acl, function ($rule) use ($allowedPrincipals) {
  140. return \in_array($rule['principal'], $allowedPrincipals, true);
  141. });
  142. }
  143. public function getChildACL() {
  144. return $this->getACL();
  145. }
  146. public function getChild($name) {
  147. $obj = $this->carddavBackend->getCard($this->addressBookInfo['id'], $name);
  148. if (!$obj) {
  149. throw new NotFound('Card not found');
  150. }
  151. $obj['acl'] = $this->getChildACL();
  152. return new Card($this->carddavBackend, $this->addressBookInfo, $obj);
  153. }
  154. public function getChildren()
  155. {
  156. $objs = $this->carddavBackend->getCards($this->addressBookInfo['id']);
  157. $children = [];
  158. foreach ($objs as $obj) {
  159. $obj['acl'] = $this->getChildACL();
  160. $children[] = new Card($this->carddavBackend, $this->addressBookInfo, $obj);
  161. }
  162. return $children;
  163. }
  164. public function getMultipleChildren(array $paths)
  165. {
  166. $objs = $this->carddavBackend->getMultipleCards($this->addressBookInfo['id'], $paths);
  167. $children = [];
  168. foreach ($objs as $obj) {
  169. $obj['acl'] = $this->getChildACL();
  170. $children[] = new Card($this->carddavBackend, $this->addressBookInfo, $obj);
  171. }
  172. return $children;
  173. }
  174. public function getResourceId(): int {
  175. return $this->addressBookInfo['id'];
  176. }
  177. public function getOwner(): ?string {
  178. if (isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
  179. return $this->addressBookInfo['{http://owncloud.org/ns}owner-principal'];
  180. }
  181. return parent::getOwner();
  182. }
  183. public function delete() {
  184. if (isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
  185. $principal = 'principal:' . parent::getOwner();
  186. $shares = $this->carddavBackend->getShares($this->getResourceId());
  187. $shares = array_filter($shares, function ($share) use ($principal) {
  188. return $share['href'] === $principal;
  189. });
  190. if (empty($shares)) {
  191. throw new Forbidden();
  192. }
  193. $this->carddavBackend->updateShares($this, [], [
  194. $principal
  195. ]);
  196. return;
  197. }
  198. parent::delete();
  199. }
  200. public function propPatch(PropPatch $propPatch) {
  201. if (isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
  202. throw new Forbidden();
  203. }
  204. parent::propPatch($propPatch);
  205. }
  206. public function getContactsGroups() {
  207. return $this->carddavBackend->collectCardProperties($this->getResourceId(), 'CATEGORIES');
  208. }
  209. private function isShared(): bool {
  210. if (!isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
  211. return false;
  212. }
  213. return $this->addressBookInfo['{http://owncloud.org/ns}owner-principal'] !== $this->addressBookInfo['principaluri'];
  214. }
  215. private function canWrite(): bool {
  216. if (isset($this->addressBookInfo['{http://owncloud.org/ns}read-only'])) {
  217. return !$this->addressBookInfo['{http://owncloud.org/ns}read-only'];
  218. }
  219. return true;
  220. }
  221. public function getChanges($syncToken, $syncLevel, $limit = null) {
  222. if (!$syncToken && $limit) {
  223. throw new UnsupportedLimitOnInitialSyncException();
  224. }
  225. return parent::getChanges($syncToken, $syncLevel, $limit);
  226. }
  227. /**
  228. * @inheritDoc
  229. */
  230. public function moveInto($targetName, $sourcePath, INode $sourceNode) {
  231. if (!($sourceNode instanceof Card)) {
  232. return false;
  233. }
  234. try {
  235. return $this->carddavBackend->moveCard($sourceNode->getAddressbookId(), (int)$this->addressBookInfo['id'], $sourceNode->getUri(), $sourceNode->getOwner());
  236. } catch (Exception $e) {
  237. // Avoid injecting LoggerInterface everywhere
  238. Server::get(LoggerInterface::class)->error('Could not move calendar object: ' . $e->getMessage(), ['exception' => $e]);
  239. return false;
  240. }
  241. }
  242. }