test: implement RFC6638 testInviteAndRespond with per-server fixes

Implement testInviteAndRespond integration test covering invite/accept
workflows (RFC6638), with support for both auto-scheduling and
inbox-delivery modes, and per-server fixes for all supported servers:
- Handle auto-scheduling servers (Cyrus, Nextcloud) that deliver to
  the calendar directly without requiring inbox delivery
- Restructure test to properly handle both scheduling modes
- Cyrus: fix virtdomains config for cross-user scheduling
- Nextcloud, DAViCal, Baikal, Zimbra, SOGo, Davis, CCS, Stalwart: fixes
- Add scheduling.mailbox.inbox-delivery compatibility hints per server
- Rename scheduling.inbox-delivery → scheduling.mailbox.inbox-delivery
- Fix wrong RFC6638 section references in compatibility hints
- Pass scheduling_users as extra_clients in testCheckCompatibility

Author: tobixen

caldav/calendarobjectresource.py

@@ -696,7 +696,7 @@ def is_invite_request(self) -> bool:
     def is_invite_reply(self) -> bool:
         """
         Returns True if the object is a reply, see
-        :rfc:`2446#section-3.2.3`.
+        :rfc:`5546#section-3.2`.
         """
         self.load(only_if_unloaded=True)
         return self.icalendar_instance.get("method", None) == "REPLY"

caldav/compatibility_hints.py

@@ -269,13 +269,19 @@ class FeatureSet:
             "links": ["https://datatracker.ietf.org/doc/html/rfc6638"],
         },
         "scheduling.mailbox": {
-            "description": "Server provides schedule-inbox and schedule-outbox collections for the principal (RFC6638 sections 2.2-2.3). When unsupported, calls to schedule_inbox() or schedule_outbox() raise NotFoundError.",
-            "links": ["https://datatracker.ietf.org/doc/html/rfc6638#section-2.2"],
+            "description": "Server provides schedule-inbox and schedule-outbox collections for the principal (RFC6638 sections 2.1-2.2). When unsupported, calls to schedule_inbox() or schedule_outbox() raise NotFoundError.",
+            "links": ["https://datatracker.ietf.org/doc/html/rfc6638#section-2.1"],
         },
         "scheduling.calendar-user-address-set": {
             "description": "Server provides the calendar-user-address-set property on the principal (RFC6638 section 2.4.1), used to identify a user's email/URI for scheduling purposes. When unsupported, calendar_user_address_set() raises NotFoundError.",
             "links": ["https://datatracker.ietf.org/doc/html/rfc6638#section-2.4.1"],
         },
+        "scheduling.mailbox.inbox-delivery": {
+            "description": "Server delivers incoming scheduling REQUEST messages to the attendee's schedule-inbox (RFC6638 section 4.1). When unsupported, the server implements automatic scheduling: invitations are auto-processed and placed directly on the attendee's calendar without appearing in the inbox. Clients should check this feature to know whether to look for inbox items after sending an invite, or check the attendee calendar directly.",
+            "links": [
+                "https://datatracker.ietf.org/doc/html/rfc6638#section-4.1",
+            ],
+        },
         'freebusy-query': {'description': "freebusy queries come in two flavors, one query can be done towards a CalDAV server as defined in RFC4791, another query can be done through the scheduling framework, RFC 6638.  Only RFC4791 is tested for as today"},
         "freebusy-query.rfc4791": {
             "description": "Server supports free/busy-query REPORT as specified in RFC4791 section 7.10. The REPORT allows clients to query for free/busy time information for a time range. Servers without this support will typically return an error (often 500 Internal Server Error or 501 Not Implemented). Note: RFC6638 defines a different freebusy mechanism for scheduling",
@@ -977,6 +983,10 @@ def dotted_feature_set_list(self, compact=False):
     'search.comp-type.optional': {'support': 'fragile'}, ## TODO: more research on this, looks like a bug in the checker,
     'search.time-range.alarm': {'support': 'unsupported'},
     'principal-search': "unsupported",
+    ## Zimbra implements server-side automatic scheduling: invitations are
+    ## auto-processed into the attendee's calendar; no iTIP notification appears in the inbox.
+    "scheduling": True,
+    "scheduling.mailbox.inbox-delivery": {"support": "unsupported"},
 
     "old_flags": [
     ## apparently, zimbra has no journal support
@@ -1004,7 +1014,7 @@ def dotted_feature_set_list(self, compact=False):
 
 bedework = {
     ## If tests are yielding unexpected results, try to increase this:
-    'search-cache': {'behaviour': 'delay', 'delay': 1.5},
+    'search-cache': {'behaviour': 'delay', 'delay': 3},
 
     'test-calendar': {'cleanup-regime': 'wipe-calendar'},
     'auto-connect.url': {'basepath': '/ucaldav/'},
@@ -1024,7 +1034,15 @@ def dotted_feature_set_list(self, compact=False):
     'search.comp-type.optional': {'support': 'ungraceful'},
     'search.is-not-defined.dtend': False,
     "principal-search": {  "support": "ungraceful" },
-    "search.unlimited-time-range": {"support": "broken"},
+    ## Bedework hides past non-recurring events from REPORT without a time-range filter,
+    ## but still returns recurring events that have future occurrences.  The unlimited-time-range
+    ## check probe is a past-only non-recurring event; it is not returned even though the
+    ## PrepareCalendar recurring event (RRULE:FREQ=MONTHLY since 2000) is returned.
+    ## Result: objects is non-empty but the probe event is absent → "broken".
+    #"search.unlimited-time-range": {"support": "broken"},
+    ## Bedework uses a pre-built Docker image with no easy way to add users, so
+    ## cross-user scheduling tests cannot be run; inbox-delivery behaviour is unknown.
+    "scheduling.mailbox.inbox-delivery": {"support": "unknown"},
 
     ## TODO: play with this and see if it's needed
     'old_flags': [
@@ -1049,6 +1067,9 @@ def dotted_feature_set_list(self, compact=False):
 }
 
 baikal =  { ## version 0.10.1
+    # Baikal (sabre/dav) delivers iTIP notifications to the attendee inbox AND auto-schedules
+    # into their calendar (quirk: both delivery modes happen simultaneously).
+    "scheduling.mailbox.inbox-delivery": {"support": "quirk", "behaviour": "server delivers iTIP notification to inbox AND auto-schedules into calendar"},
     "http.multiplexing": "fragile", ## ref https://github.com/python-caldav/caldav/issues/564
     'search.comp-type.optional': {'support': 'ungraceful'},
     'search.recurrences.expanded.todo': {'support': 'unsupported'},
@@ -1089,6 +1110,15 @@ def dotted_feature_set_list(self, compact=False):
         'support': 'fragile',
         'behaviour': 'Deleting a recently created calendar fails'},
     # Cyrus may not properly reject wrong passwords in some configurations
+    # Cyrus implements server-side automatic scheduling: for cross-user
+    # invites, the server both auto-processes the invite into the attendee's calendar
+    # AND delivers an iTIP notification copy to the attendee's schedule-inbox.
+    # Clients do not need to explicitly accept from the inbox (auto-accept is done),
+    # but inbox items do appear.  This is "quirk" behaviour: both delivery modes happen.
+    "scheduling.mailbox.inbox-delivery": {
+        "support": "quirk",
+        "behaviour": "server delivers iTIP notification to inbox AND auto-schedules into calendar",
+    },
     'old_flags': []
 }
 
@@ -1109,6 +1139,9 @@ def dotted_feature_set_list(self, compact=False):
     # Disable HTTP/2 multiplexing - davical doesn't support it well and niquests
     # lazy responses cause MultiplexingError when accessing status_code
     "http.multiplexing": { "support": "unsupported" },
+    # DAViCal delivers iTIP notifications to the attendee inbox AND auto-schedules
+    # into their calendar (quirk: both delivery modes happen simultaneously).
+    "scheduling.mailbox.inbox-delivery": {"support": "quirk", "behaviour": "server delivers iTIP notification to inbox AND auto-schedules into calendar"},
     "search.comp-type.optional": { "support": "fragile" },
     "search.recurrences.expanded.exception": { "support": "unsupported" },
     "search.time-range.alarm": { "support": "unsupported" },
@@ -1128,6 +1161,8 @@ def dotted_feature_set_list(self, compact=False):
 }
 
 sogo = {
+    ## scheduling.mailbox.inbox-delivery behaviour unknown until cross-user scheduling tests run
+    "scheduling.mailbox.inbox-delivery": {"support": "unknown"},
     ## I'm surprised, I'm quite sure this was passing earlier.  reported unsupported with caldav commit a98d50490b872e9b9d8e93e2e401c936ad193003, caldav server checker commit 3cae24cf99da1702b851b5a74a9b88c8e5317dad 2026-02-15
     "search.text.category": False,
     "search.time-range.event.old-dates": False,
@@ -1289,6 +1324,10 @@ def dotted_feature_set_list(self, compact=False):
 ## Davis uses sabre/dav (same backend as Baikal), so hints are similar.
 ## TODO: consolidate, make a sabredav dict and let davis/baikal build on it
 davis = {
+    # Davis uses sabre/dav (same backend as Baikal): delivers iTIP notifications to the
+    # attendee inbox AND auto-schedules into their calendar (quirk behaviour).
+    "scheduling": True,
+    "scheduling.mailbox.inbox-delivery": {"support": "quirk", "behaviour": "server delivers iTIP notification to inbox AND auto-schedules into calendar"},
     "search.recurrences.expanded.todo": {"support": "unsupported"},
     "search.recurrences.expanded.exception": {"support": "unsupported"},
     "search.recurrences.includes-implicit.todo": {"support": "unsupported"},
@@ -1310,6 +1349,8 @@ def dotted_feature_set_list(self, compact=False):
 ## cannot be changed.  The pre-provisioned "tasks" calendar supports VTODO only.
 ## VJOURNAL is not supported at all.
 ccs = {
+    ## scheduling.mailbox.inbox-delivery behaviour unknown until cross-user scheduling tests run
+    "scheduling.mailbox.inbox-delivery": {"support": "unknown"},
     "save-load.journal": {"support": "unsupported"},
     "save-load.todo.mixed-calendar": {"support": "unsupported"},
     # CCS enforces unique UIDs across ALL calendars for a user
@@ -1343,6 +1384,8 @@ def dotted_feature_set_list(self, compact=False):
 ## CalDAV served at /dav/cal/<username>/ over HTTP on port 8080.
 ## Feature support mostly unknown until tested; starting with empty hints.
 stalwart = {
+    ## scheduling.mailbox.inbox-delivery behaviour unknown until cross-user scheduling tests run
+    "scheduling.mailbox.inbox-delivery": {"support": "unknown"},
     'rate-limit': {
         'enable': True,
         'default_sleep': 3,
@@ -1499,6 +1542,8 @@ def dotted_feature_set_list(self, compact=False):
     'old_flags': [
         'no_relships',
     ],
+    ## OX App Suite has complex user provisioning; cross-user scheduling tests not yet set up.
+    "scheduling.mailbox.inbox-delivery": {"support": "unknown"},
 }
 
 # fmt: on

tests/docker-test-servers/baikal/create_baikal_db.py

@@ -241,7 +241,9 @@ def add_baikal_user(db_path: Path, username: str, password: str) -> None:
     conn = sqlite3.connect(str(db_path))
     cursor = conn.cursor()
 
-    cursor.execute("INSERT OR REPLACE INTO users (username, digesta1) VALUES (?, ?)", (username, ha1))
+    cursor.execute(
+        "INSERT OR REPLACE INTO users (username, digesta1) VALUES (?, ?)", (username, ha1)
+    )
 
     cursor.execute(
         "INSERT OR IGNORE INTO principals (uri, email, displayname) VALUES (?, ?, ?)",

tests/docker-test-servers/baikal/setup_baikal.sh

@@ -1,52 +1,60 @@
 #!/bin/bash
-# Setup script for Baikal CalDAV server for testing
+# Setup script for Baikal CalDAV server for testing.
 #
-# This script helps configure a fresh Baikal installation for testing.
-# It can be used both locally and in CI environments.
+# Baikal is pre-configured via the committed Specific/ directory which contains
+# a pre-seeded db.sqlite with testuser and user1-user3 for scheduling tests.
+# This script verifies connectivity and re-seeds users if needed (e.g. if the
+# DB was replaced or users were deleted).
 
 set -e
 
+CONTAINER_NAME="baikal-test"
 BAIKAL_URL="${BAIKAL_URL:-http://localhost:8800}"
-BAIKAL_ADMIN_PASSWORD="${BAIKAL_ADMIN_PASSWORD:-admin}"
-BAIKAL_USERNAME="${BAIKAL_USERNAME:-testuser}"
-BAIKAL_PASSWORD="${BAIKAL_PASSWORD:-testpass}"
+DB_PATH="/var/www/baikal/Specific/db/db.sqlite"
+REALM="BaikalDAV"
 
-echo "Setting up Baikal CalDAV server at $BAIKAL_URL"
-
-# Wait for Baikal to be ready
 echo "Waiting for Baikal to be ready..."
-timeout 60 bash -c "until curl -f $BAIKAL_URL/ 2>/dev/null; do echo 'Waiting...'; sleep 2; done" || {
-    echo "Error: Baikal did not become ready in time"
-    exit 1
-}
+max_attempts=30
+for i in $(seq 1 $max_attempts); do
+    if curl -sf "$BAIKAL_URL/" -o /dev/null 2>/dev/null; then
+        echo "✓ Baikal is ready"
+        break
+    fi
+    if [ $i -eq $max_attempts ]; then
+        echo "✗ Baikal did not become ready in time"
+        exit 1
+    fi
+    echo -n "."
+    sleep 2
+done
 
-echo "Baikal is ready!"
+echo ""
+echo "Seeding test users (idempotent)..."
 
-# Note: Baikal requires initial configuration through web interface or config files
-# For automated testing, you may need to:
-# 1. Pre-configure Baikal by mounting a pre-configured config directory
-# 2. Use the Baikal API if available
-# 3. Manually configure once and export the config
+add_user() {
+    local username="$1"
+    local password="$2"
+    local email="$3"
+    local displayname="$4"
+    local ha1
+    ha1=$(python3 -c "import hashlib; print(hashlib.md5('${username}:${REALM}:${password}'.encode()).hexdigest())")
+    docker exec "$CONTAINER_NAME" sqlite3 "$DB_PATH" \
+        "INSERT OR IGNORE INTO users (username, digesta1) VALUES ('${username}', '${ha1}');
+         INSERT OR IGNORE INTO principals (uri, email, displayname) VALUES ('principals/${username}', '${email}', '${displayname}');"
+    echo "  ${username}: OK"
+}
+
+add_user "testuser"  "testpass"  "testuser@example.com"  "Test User"
+add_user "user1"     "testpass1" "user1@example.com"     "User 1"
+add_user "user2"     "testpass2" "user2@example.com"     "User 2"
+add_user "user3"     "testpass3" "user3@example.com"     "User 3"
 
 echo ""
-echo "================================================================"
-echo "IMPORTANT: Baikal Initial Configuration Required"
-echo "================================================================"
-echo ""
-echo "Baikal requires initial setup through the web interface or"
-echo "by providing pre-configured files."
-echo ""
-echo "For automated testing, you have several options:"
-echo ""
-echo "1. Access $BAIKAL_URL in your browser and complete the setup"
-echo "   - Set admin password to: $BAIKAL_ADMIN_PASSWORD"
-echo "   - Create a test user: $BAIKAL_USERNAME / $BAIKAL_PASSWORD"
-echo ""
-echo "2. Mount a pre-configured Baikal config directory:"
-echo "   - Configure Baikal once"
-echo "   - Export the config directory"
-echo "   - Mount it in docker-compose.yml or CI"
+echo "✓ Baikal setup complete!"
 echo ""
-echo "3. For CI/CD: See tests/baikal-config/ for sample configs"
+echo "Credentials:"
+echo "  Test user: testuser / testpass"
+echo "  Scheduling users: user1/testpass1, user2/testpass2, user3/testpass3"
+echo "  CalDAV URL: $BAIKAL_URL/dav.php"
+echo "  Auth type: Digest (realm: $REALM)"
 echo ""
-echo "================================================================"

tests/docker-test-servers/cyrus/docker-compose.yml

@@ -11,7 +11,13 @@ services:
     environment:
       - DEFAULTDOMAIN=example.com
       - SERVERNAME=cyrus-test
-    # No volumes - let data be ephemeral for testing
+    volumes:
+      # Override the imapd.conf template to set virtdomains: off.
+      # This fixes iTIP scheduling delivery: with virtdomains: userid the
+      # caladdress_lookup() function preserves user2@example.com as the
+      # userid, but mailbox ACLs use the short form user2, causing 403.
+      - ./imapd.conf:/srv/cyrus-docker-test-server.git/imapd.conf:ro
+    # Other data remains ephemeral for testing
     # This ensures each start is fresh with newly created users
     healthcheck:
       test: ["CMD", "curl", "-s", "http://localhost:8080/"]

tests/docker-test-servers/cyrus/imapd.conf

@@ -0,0 +1,70 @@
+admins: admin
+allowplaintext: yes
+altnamespace: no
+auditlog: yes
+caldav_allowattach: yes
+caldav_create_attach: yes
+caldav_realm: test
+configdirectory: /var/imap/config
+conversations_counted_flags: \Draft \Flagged
+conversations_max_thread: 1000
+conversations: yes
+crossdomains: yes
+debug: yes
+defaultacl: admin lrswipkxtecdan
+defaultdomain: {{DEFAULTDOMAIN}}
+defaultpartition: default
+defaultsearchtier: t1
+delete_mode: delayed
+expunge_mode: delayed
+httpmodules: caldav carddav jmap
+httpallowcompress: no
+httpprettytelemetry: yes
+imipnotifier: imip
+improved_mboxlist_sort: yes
+jmapauth_allowsasl: yes
+jmap_max_calls_in_request: 256
+jmap_max_size_request: 51200
+jmap_max_size_upload: 209715200
+jmap_nonstandard_extensions: yes
+jmap_preview_annot: /shared/vendor/messagingengine.com/preview
+jmap_querycache_max_age: 5m
+jmap_set_has_attachment: no
+# this is buggy, turn it off
+jmap_vacation: no
+maxheaderlines: 4096
+maxmessagesize: 209715200
+maxquoted: 8388608
+maxword: 8388608
+partition-default: /var/imap/spool
+reverseacls: yes
+rfc3028_strict: no
+sasl_mech_list: PLAIN LOGIN
+sasl_pwcheck_method: saslauthd
+sasl_saslauthd_path: /var/run/cyrus/saslauthd.sock
+savedate: yes
+search_engine: xapian
+search_index_headers: no
+search_batchsize: 512
+search_fuzzy_always: yes
+search_maxtime: 30
+search_snippet_length: 160
+search_normalisation_max: 20000
+search_index_language: yes
+servername: {{SERVERNAME}}
+sievedir: /var/imap/sieve
+smtp_backend: host
+smtp_host: localhost:25
+sync_log: yes
+sync_log_channels: squatter
+t1searchpartition-default: /var/imap/search
+unixhierarchysep: no
+# virtdomains: userid is intentionally disabled here.
+# With virtdomains: userid, caladdress_lookup() preserves the full email
+# form (user2@example.com) as sparam->userid.  But mailbox ACLs and
+# mbname_userid() use the short form (user2) for default-domain users.
+# This mismatch causes caldav_store_preprocess() to fail the ACL check
+# with 403 Forbidden when delivering iTIP invites to the attendee's calendar.
+# Setting virtdomains: off makes caladdress_lookup() strip the domain for
+# local users, so the userid matches the ACL entry.
+virtdomains: off

tests/docker-test-servers/davical/setup_davical.sh

@@ -49,9 +49,14 @@ create_user() {
     if [ -n "$EXISTING_PRINCIPAL" ]; then
         echo "Principal for '${username}' already exists, skipping"
     else
-        run_sql "INSERT INTO principal (type_id, user_no, displayname) SELECT 1, user_no, fullname FROM usr WHERE username='${username}'"
+        # default_privileges: schedule-deliver (7168 = bits for schedule-deliver-invite +
+        # schedule-deliver-reply + schedule-query-freebusy) so other users can send
+        # scheduling invites/replies to this principal's inbox.
+        run_sql "INSERT INTO principal (type_id, user_no, displayname, default_privileges) SELECT 1, user_no, fullname, 7168::BIT(24) FROM usr WHERE username='${username}'"
         echo "Principal for '${username}' created"
     fi
+    # Ensure default_privileges is set even for existing principals (idempotent update)
+    run_sql "UPDATE principal SET default_privileges = 7168::BIT(24) FROM usr WHERE principal.user_no = usr.user_no AND usr.username = '${username}' AND (default_privileges IS NULL OR default_privileges = 0::BIT(24))"
 }
 
 echo ""
@@ -61,6 +66,10 @@ create_user "user1" "testpass1" "User One"
 create_user "user2" "testpass2" "User Two"
 create_user "user3" "testpass3" "User Three"
 
+echo ""
+echo "Enabling local scheduling in DAViCal config..."
+docker exec "$DAVICAL_CONTAINER" sed -i 's|// \$c->enable_scheduling = true;|\$c->enable_scheduling = true;|' /etc/davical/config.php || true
+
 echo ""
 echo "Verifying CalDAV access..."
 max_caldav_attempts=10

tests/docker-test-servers/davis/docker-compose.yml

@@ -17,6 +17,10 @@ services:
       - AUTH_METHOD=Basic
       - APP_SECRET=testserversecret123
       - INVITE_FROM_ADDRESS=test@example.com
+      # Disable SMTP: without a null mailer, sabre/dav tries to send email
+      # notifications on every PUT/DELETE of a scheduled event and returns 500
+      # when it cannot connect to the SMTP server.
+      - MAILER_DSN=null://null
     tmpfs:
       - /data:size=100m
     healthcheck: