Skip to content

Commit ad45d6b

Browse files
hamza221hamza221
committed
fix: add proper ACLs for trashbin proxys
fix: add proper ACLs for trashbin proxys Signed-off-by: Hamza <hamzamahjoubi221@gmail.com>
1 parent b9c22da commit ad45d6b

3 files changed

Lines changed: 49 additions & 3 deletions

File tree

apps/dav/lib/CalDAV/Trashbin/DeletedCalendarObject.php

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,17 @@ public function getACL(): array {
9494
],
9595
[
9696
'privilege' => '{DAV:}unbind', // For moving and deletion
97-
'principal' => '{DAV:}owner',
97+
'principal' => $this->getOwner(),
98+
'protected' => true,
99+
],
100+
[
101+
'privilege' => '{DAV:}all',
102+
'principal' => $this->getOwner() . '/calendar-proxy-write',
103+
'protected' => true,
104+
],
105+
[
106+
'privilege' => '{DAV:}read',
107+
'principal' => $this->getOwner() . '/calendar-proxy-read',
98108
'protected' => true,
99109
],
100110
];

apps/dav/lib/CalDAV/Trashbin/DeletedCalendarObjectsCollection.php

Lines changed: 17 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -125,9 +125,24 @@ public function getACL(): array {
125125
],
126126
[
127127
'privilege' => '{DAV:}unbind',
128-
'principal' => '{DAV:}owner',
128+
'principal' => $this->getOwner(),
129+
'protected' => true,
130+
],
131+
[
132+
'privilege' => '{DAV:}read',
133+
'principal' => $this->getOwner() . '/calendar-proxy-write',
134+
'protected' => true,
135+
],
136+
[
137+
'privilege' => '{DAV:}unbind',
138+
'principal' => $this->getOwner() . '/calendar-proxy-write',
129139
'protected' => true,
130-
]
140+
],
141+
[
142+
'privilege' => '{DAV:}read',
143+
'principal' => $this->getOwner() . '/calendar-proxy-read',
144+
'protected' => true,
145+
],
131146
];
132147
}
133148
}

apps/dav/lib/CalDAV/Trashbin/TrashbinHome.php

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,27 @@ public function getOwner(): string {
3636
return $this->principalInfo['uri'];
3737
}
3838

39+
#[\Override]
40+
public function getACL(): array {
41+
return [
42+
[
43+
'privilege' => '{DAV:}all',
44+
'principal' => $this->getOwner(),
45+
'protected' => true,
46+
],
47+
[
48+
'privilege' => '{DAV:}all',
49+
'principal' => $this->getOwner() . '/calendar-proxy-write',
50+
'protected' => true,
51+
],
52+
[
53+
'privilege' => '{DAV:}read',
54+
'principal' => $this->getOwner() . '/calendar-proxy-read',
55+
'protected' => true,
56+
],
57+
];
58+
}
59+
3960
public function createFile($name, $data = null) {
4061
throw new Forbidden('Permission denied to create files in the trashbin');
4162
}

0 commit comments

Comments
 (0)