/** * Returns a list of ACE's for this node. * * Each ACE has the following properties: * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are * currently the only supported privileges * * 'principal', a url to the principal who owns the node * * 'protected' (optional), indicating that this ACE is not allowed to * be updated. * * @return array */ public function getACL() { $readprincipal = $this->getOwner(); $writeprincipal = $this->getOwner(); $user = \OCP\USER::getUser(); $calendarConnector = new CalendarConnector(); $shareConnector = new ShareConnector(); $objectParser = new ObjectParser($user); $uid = $calendarConnector->extractUserID($this->getOwner()); if ($uid != $user) { $object = $objectParser->parse($this->objectData['calendardata']); $sharedCalendar = $shareConnector->getItemSharedWithBySourceCalendar($this->calendarInfo['id']); $sharedAccessClassPermissions = $objectParser->getAccessClassPermissions($object); if ($sharedCalendar && $sharedCalendar['permissions'] & $shareConnector->getReadAccess() && $sharedAccessClassPermissions & $shareConnector->getReadAccess()) { $readprincipal = 'principals/' . $user; } if ($sharedCalendar && $sharedCalendar['permissions'] & $shareConnector->getUpdateAccess() && $sharedAccessClassPermissions & $shareConnector->getUpdateAccess()) { $writeprincipal = 'principals/' . $user; } else { $writeprincipal = ''; } } return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true)); }
/** * edits an object with the data provided by sabredav * @param integer $id calendar id * @param string $uri the uri of the object * @param string $data object * @param boolean $bLogActivity * @return boolean */ public function updateObject($cid, $uri, $data, $bLogActivity = true) { $this->setUserId(\OCP\User::getUser()); $oldobject = $this->findObjectWhereDAVDataIs($cid, $uri); $calendar = $this->find($cid); $objectParser = new ObjectParser($this->userId); $oldvobject = $objectParser->parse($oldobject['calendardata']); if ($calendar['userid'] !== $this->userId) { $sharedCalendar = $this->shareConnector->getItemSharedWithBySourceCalendar($cid); $sharedAccessClassPermissions = $objectParser->getAccessClassPermissions($oldvobject); if (!$sharedCalendar || !($sharedCalendar['permissions'] & $this->shareConnector->getUpdateAccess()) || !($sharedAccessClassPermissions & $this->shareConnector->getUpdateAccess())) { throw new \Sabre\DAV\Exception\Forbidden('You do not have the permissions to edit this event.'); } } $object = $objectParser->parse($data); list($type, $startdate, $enddate, $summary, $repeating, $uid, $isAlarm, $relatedTo) = $objectParser->extractData($object); $eventDB = new EventDAO($this->db, $this->userId, null); $eventDB->update($type, $startdate, $enddate, $repeating, $summary, $data, time(), $isAlarm, $uid, $relatedTo, $oldobject['id']); $calendarDB = new CalendarDAO($this->db, $this->userId); $calendarDB->touch($oldobject['calendarid']); if ($repeating) { $app = new Application(); $c = $app->getContainer(); $repeatController = $c->query('RepeatController'); $repeatController->updateEvent($oldobject['id']); } if ($bLogActivity === true) { $linkTypeApp = 'calendarplus'; if ($type == 'VTODO') { $linkTypeApp = 'tasksplus'; } $link = \OC::$server->getURLGenerator()->linkToRoute($linkTypeApp . '.page.index') . '#' . urlencode($oldobject['calendarid']); $params = array('mode' => 'edited', 'link' => $link, 'trans_type' => $type, 'summary' => $summary, 'cal_user' => $calendar['userid'], 'cal_displayname' => $calendar['displayname']); ActivityData::logEventActivity($params, true); } return true; }