示例#1
0
 /**
  * Returns a list of ACE's for this node.
  *
  * Each ACE has the following properties:
  *   * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
  *     currently the only supported privileges
  *   * 'principal', a url to the principal who owns the node
  *   * 'protected' (optional), indicating that this ACE is not allowed to
  *      be updated.
  *
  * @return array
  */
 public function getACL()
 {
     $readprincipal = $this->getOwner();
     $writeprincipal = $this->getOwner();
     $uid = CalendarCalendar::extractUserID($this->getOwner());
     $calendar = CalendarApp::getCalendar($this->calendarInfo['id'], false, false);
     if ($uid === \OCP\USER::getUser() && (bool) $calendar['issubscribe'] === true) {
         $readprincipal = 'principals/' . \OCP\USER::getUser();
         $writeprincipal = '';
     }
     if ($uid !== \OCP\USER::getUser()) {
         $sharedCalendar = \OCP\Share::getItemSharedWithBySource(CalendarApp::SHARECALENDAR, CalendarApp::SHARECALENDARPREFIX . $this->calendarInfo['id']);
         if ($sharedCalendar && $sharedCalendar['permissions'] & \OCP\PERMISSION_READ) {
             $readprincipal = 'principals/' . \OCP\USER::getUser();
             $writeprincipal = '';
         }
         if ($sharedCalendar && $sharedCalendar['permissions'] & \OCP\PERMISSION_UPDATE) {
             $readprincipal = 'principals/' . \OCP\USER::getUser();
             $writeprincipal = 'principals/' . \OCP\USER::getUser();
         }
     }
     $acl = array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true), array('privilege' => '{' . \Sabre\CalDAV\Plugin::NS_CALDAV . '}read-free-busy', 'principal' => '{DAV:}authenticated', 'protected' => true));
     if (empty($this->calendarInfo['{http://sabredav.org/ns}read-only'])) {
         $acl[] = ['privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true];
         $acl[] = ['privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true];
     }
     return $acl;
 }
示例#2
0
 /**
  * Returns a list of ACE's for this node.
  *
  * Each ACE has the following properties:
  *   * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
  *     currently the only supported privileges
  *   * 'principal', a url to the principal who owns the node
  *   * 'protected' (optional), indicating that this ACE is not allowed to
  *      be updated.
  *
  * @return array
  */
 public function getACL()
 {
     $readprincipal = $this->getOwner();
     $writeprincipal = $this->getOwner();
     $uid = CalendarCalendar::extractUserID($this->getOwner());
     if ($uid != \OCP\USER::getUser()) {
         $object = VObject::parse($this->objectData['calendardata']);
         $sharedCalendar = \OCP\Share::getItemSharedWithBySource(CalendarApp::SHARECALENDAR, CalendarApp::SHARECALENDARPREFIX . $this->calendarInfo['id']);
         $sharedAccessClassPermissions = Object::getAccessClassPermissions($object);
         if ($sharedCalendar && $sharedCalendar['permissions'] & \OCP\PERMISSION_READ && $sharedAccessClassPermissions & \OCP\PERMISSION_READ) {
             $readprincipal = 'principals/' . \OCP\USER::getUser();
         }
         if ($sharedCalendar && $sharedCalendar['permissions'] & \OCP\PERMISSION_UPDATE && $sharedAccessClassPermissions & \OCP\PERMISSION_UPDATE) {
             $writeprincipal = 'principals/' . \OCP\USER::getUser();
         } else {
             $writeprincipal = '';
         }
     }
     return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true));
 }