fix(dav): ACLs for shared addressbooks

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2 years ago · b6e1685683
parent 03f269829f
commit b6e1685683
3 changed files with 8 additions and 3 deletions
--- a/apps/dav/lib/CardDAV/AddressBook.php
+++ b/apps/dav/lib/CardDAV/AddressBook.php
@ -118,7 +118,7 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable, IMov
 			],
 			[
 				'privilege' => '{DAV:}write-properties',
-				'principal' => '{DAV:}authenticated',
+				'principal' => $this->getOwner(),
 				'protected' => true,
 			],
 		];
@ -129,6 +129,11 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable, IMov
 				'principal' => '{DAV:}authenticated',
 				'protected' => true,
 			];
+			$acl[] = [
+				'privilege' => '{DAV:}write-properties',
+				'principal' => '{DAV:}authenticated',
+				'protected' => true,
+			];
 		}

 		if (!$this->isShared()) {
--- a/apps/dav/lib/DAV/Sharing/Backend.php
+++ b/apps/dav/lib/DAV/Sharing/Backend.php
@ -214,7 +214,7 @@ abstract class Backend {
 					'principal' => $share['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}principal'],
 					'protected' => true,
 				];
-			} elseif ($this->service->getResourceType() === 'calendar') {
+			} elseif (in_array($this->service->getResourceType(), ['calendar','addressbook'])) {
 				// Allow changing the properties of read only calendars,
 				// so users can change the visibility.
 				$acl[] = [
--- a/apps/dav/tests/unit/CardDAV/AddressBookTest.php
+++ b/apps/dav/tests/unit/CardDAV/AddressBookTest.php
@ -169,7 +169,7 @@ class AddressBookTest extends TestCase {
 			'protected' => true
 		], [
 			'privilege' => '{DAV:}write-properties',
-			'principal' => '{DAV:}authenticated',
+			'principal' => $hasOwnerSet ? 'user1' : 'user2',
 			'protected' => true
 		]];
 		if ($hasOwnerSet) {