/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$uid = OC_Calendar_Calendar::extractUserID($this->getOwner());
if ($uid != OCP\USER::getUser()) {
$object = OC_VObject::parse($this->objectData['calendardata']);
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $this->calendarInfo['id']);
$sharedAccessClassPermissions = OC_Calendar_App::getAccessClassPermissions($object->VEVENT->CLASS->value);
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_READ && $sharedAccessClassPermissions & OCP\PERMISSION_READ) {
$readprincipal = 'principals/' . OCP\USER::getUser();
}
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_UPDATE && $sharedAccessClassPermissions & OCP\PERMISSION_UPDATE) {
$writeprincipal = 'principals/' . OCP\USER::getUser();
}
}
return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true));
}
/**
* @brief Get the permissions determined by the access class of an event/todo/journal
* @param Sabre_VObject $vobject Sabre VObject
* @return (int) $permissions - CRUDS permissions
* @see OCP\Share
*/
public static function getAccessClassPermissions($vobject)
{
if (isset($vobject->VEVENT)) {
$velement = $vobject->VEVENT;
} elseif (isset($vobject->VJOURNAL)) {
$velement = $vobject->VJOURNAL;
} elseif (isset($vobject->VTODO)) {
$velement = $vobject->VTODO;
}
$accessclass = $velement->getAsString('CLASS');
return OC_Calendar_App::getAccessClassPermissions($accessclass);
}
/**
* @brief Get the permissions determined by the access class of an event/todo/journal
* @param Sabre_VObject $vobject Sabre VObject
* @return (int) $permissions - CRUDS permissions
* @see OCP\Share
*/
public static function getAccessClassPermissions($vobject)
{
$velement = self::getElement($vobject);
$accessclass = $velement->getAsString('CLASS');
return OC_Calendar_App::getAccessClassPermissions($accessclass);
}
