/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$calendarConnector = new CalendarConnector();
$shareConnector = new ShareConnector();
$uid = $calendarConnector->extractUserID($this->getOwner());
$calendar = $calendarConnector->getCalendar($this->calendarInfo['id'], false, false);
$user = \OCP\USER::getUser();
if ($uid === $user && (bool) $calendar['issubscribe'] === true) {
$readprincipal = 'principals/' . $user;
$writeprincipal = '';
}
if ($uid !== $user) {
$sharedCalendar = $shareConnector->getItemSharedWithBySourceCalendar($this->calendarInfo['id']);
if ($sharedCalendar && $sharedCalendar['permissions'] & $shareConnector->getReadAccess()) {
$readprincipal = 'principals/' . $user;
$writeprincipal = '';
}
if ($sharedCalendar && $sharedCalendar['permissions'] & $shareConnector->getUpdateAccess()) {
$readprincipal = 'principals/' . $user;
$writeprincipal = 'principals/' . $user;
}
}
$acl = array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true), array('privilege' => '{' . \Sabre\CalDAV\Plugin::NS_CALDAV . '}read-free-busy', 'principal' => '{DAV:}authenticated', 'protected' => true));
if (empty($this->calendarInfo['{http://sabredav.org/ns}read-only'])) {
$acl[] = ['privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true];
$acl[] = ['privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true];
}
return $acl;
}
/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$user = \OCP\USER::getUser();
$calendarConnector = new CalendarConnector();
$shareConnector = new ShareConnector();
$objectParser = new ObjectParser($user);
$uid = $calendarConnector->extractUserID($this->getOwner());
if ($uid != $user) {
$object = $objectParser->parse($this->objectData['calendardata']);
$sharedCalendar = $shareConnector->getItemSharedWithBySourceCalendar($this->calendarInfo['id']);
$sharedAccessClassPermissions = $objectParser->getAccessClassPermissions($object);
if ($sharedCalendar && $sharedCalendar['permissions'] & $shareConnector->getReadAccess() && $sharedAccessClassPermissions & $shareConnector->getReadAccess()) {
$readprincipal = 'principals/' . $user;
}
if ($sharedCalendar && $sharedCalendar['permissions'] & $shareConnector->getUpdateAccess() && $sharedAccessClassPermissions & $shareConnector->getUpdateAccess()) {
$writeprincipal = 'principals/' . $user;
} else {
$writeprincipal = '';
}
}
return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true));
}
