/** * Returns a list of ACE's for this node. * * Each ACE has the following properties: * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are * currently the only supported privileges * * 'principal', a url to the principal who owns the node * * 'protected' (optional), indicating that this ACE is not allowed to * be updated. * * @return array */ public function getACL() { $readprincipal = $this->getOwner(); $writeprincipal = $this->getOwner(); $uid = OC_Calendar_Calendar::extractUserID($this->getOwner()); if ($uid != OCP\USER::getUser()) { $object = OC_VObject::parse($this->objectData['calendardata']); $sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $this->calendarInfo['id']); $sharedAccessClassPermissions = OC_Calendar_App::getAccessClassPermissions($object->VEVENT->CLASS->value); if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_READ && $sharedAccessClassPermissions & OCP\PERMISSION_READ) { $readprincipal = 'principals/' . OCP\USER::getUser(); } if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_UPDATE && $sharedAccessClassPermissions & OCP\PERMISSION_UPDATE) { $writeprincipal = 'principals/' . OCP\USER::getUser(); } } return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true)); }
/** * @brief Get the permissions determined by the access class of an event/todo/journal * @param Sabre_VObject $vobject Sabre VObject * @return (int) $permissions - CRUDS permissions * @see OCP\Share */ public static function getAccessClassPermissions($vobject) { if (isset($vobject->VEVENT)) { $velement = $vobject->VEVENT; } elseif (isset($vobject->VJOURNAL)) { $velement = $vobject->VJOURNAL; } elseif (isset($vobject->VTODO)) { $velement = $vobject->VTODO; } $accessclass = $velement->getAsString('CLASS'); return OC_Calendar_App::getAccessClassPermissions($accessclass); }
/** * @brief Get the permissions determined by the access class of an event/todo/journal * @param Sabre_VObject $vobject Sabre VObject * @return (int) $permissions - CRUDS permissions * @see OCP\Share */ public static function getAccessClassPermissions($vobject) { $velement = self::getElement($vobject); $accessclass = $velement->getAsString('CLASS'); return OC_Calendar_App::getAccessClassPermissions($accessclass); }