/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$uid = CalendarCalendar::extractUserID($this->getOwner());
$calendar = CalendarApp::getCalendar($this->calendarInfo['id'], false, false);
if ($uid === \OCP\USER::getUser() && (bool) $calendar['issubscribe'] === true) {
$readprincipal = 'principals/' . \OCP\USER::getUser();
$writeprincipal = '';
}
if ($uid !== \OCP\USER::getUser()) {
$sharedCalendar = \OCP\Share::getItemSharedWithBySource(CalendarApp::SHARECALENDAR, CalendarApp::SHARECALENDARPREFIX . $this->calendarInfo['id']);
if ($sharedCalendar && $sharedCalendar['permissions'] & \OCP\PERMISSION_READ) {
$readprincipal = 'principals/' . \OCP\USER::getUser();
$writeprincipal = '';
}
if ($sharedCalendar && $sharedCalendar['permissions'] & \OCP\PERMISSION_UPDATE) {
$readprincipal = 'principals/' . \OCP\USER::getUser();
$writeprincipal = 'principals/' . \OCP\USER::getUser();
}
}
$acl = array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true), array('privilege' => '{' . \Sabre\CalDAV\Plugin::NS_CALDAV . '}read-free-busy', 'principal' => '{DAV:}authenticated', 'protected' => true));
if (empty($this->calendarInfo['{http://sabredav.org/ns}read-only'])) {
$acl[] = ['privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true];
$acl[] = ['privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true];
}
return $acl;
}
/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$uid = CalendarCalendar::extractUserID($this->getOwner());
if ($uid != \OCP\USER::getUser()) {
$object = VObject::parse($this->objectData['calendardata']);
$sharedCalendar = \OCP\Share::getItemSharedWithBySource(CalendarApp::SHARECALENDAR, CalendarApp::SHARECALENDARPREFIX . $this->calendarInfo['id']);
$sharedAccessClassPermissions = Object::getAccessClassPermissions($object);
if ($sharedCalendar && $sharedCalendar['permissions'] & \OCP\PERMISSION_READ && $sharedAccessClassPermissions & \OCP\PERMISSION_READ) {
$readprincipal = 'principals/' . \OCP\USER::getUser();
}
if ($sharedCalendar && $sharedCalendar['permissions'] & \OCP\PERMISSION_UPDATE && $sharedAccessClassPermissions & \OCP\PERMISSION_UPDATE) {
$writeprincipal = 'principals/' . \OCP\USER::getUser();
} else {
$writeprincipal = '';
}
}
return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true));
}
