Skip to content

Commit c1ec7ca

Browse files
schiessleschiessle
committed
only expose system address book, if it is enabled by the admin. By default the address book will not be exposed.
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
1 parent 5f1e7c6 commit c1ec7ca

File tree

4 files changed

+48
-32
lines changed

4 files changed

+48
-32
lines changed

apps/dav/appinfo/v1/carddav.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@
5757
'principals/'
5858
);
5959
$db = \OC::$server->getDatabaseConnection();
60-
$cardDavBackend = new CardDavBackend($db, $principalBackend, \OC::$server->getUserManager(), \OC::$server->getGroupManager(), \OC::$server->get(\OCP\EventDispatcher\IEventDispatcher::class), \OC::$server->getEventDispatcher());
60+
$cardDavBackend = new CardDavBackend($db, $principalBackend, \OC::$server->getUserManager(), \OC::$server->getGroupManager(), \OC::$server->get(\OCP\EventDispatcher\IEventDispatcher::class), \OC::$server->getEventDispatcher(), \OC::$server->getConfig());
6161

6262
$debugging = \OC::$server->getConfig()->getSystemValue('debug', false);
6363

apps/dav/lib/CardDAV/CardDavBackend.php

Lines changed: 32 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,7 @@
4747
use OCA\DAV\Events\CardUpdatedEvent;
4848
use OCP\DB\QueryBuilder\IQueryBuilder;
4949
use OCP\EventDispatcher\IEventDispatcher;
50+
use OCP\IConfig;
5051
use OCP\IDBConnection;
5152
use OCP\IGroupManager;
5253
use OCP\IUser;
@@ -96,6 +97,9 @@ class CardDavBackend implements BackendInterface, SyncSupport {
9697
/** @var IEventDispatcher */
9798
private $dispatcher;
9899

100+
/** @var IConfig */
101+
private $config;
102+
99103
/** @var EventDispatcherInterface */
100104
private $legacyDispatcher;
101105

@@ -110,18 +114,21 @@ class CardDavBackend implements BackendInterface, SyncSupport {
110114
* @param IGroupManager $groupManager
111115
* @param IEventDispatcher $dispatcher
112116
* @param EventDispatcherInterface $legacyDispatcher
117+
* @param IConfig $config
113118
*/
114119
public function __construct(IDBConnection $db,
115120
Principal $principalBackend,
116121
IUserManager $userManager,
117122
IGroupManager $groupManager,
118123
IEventDispatcher $dispatcher,
119-
EventDispatcherInterface $legacyDispatcher) {
124+
EventDispatcherInterface $legacyDispatcher,
125+
IConfig $config) {
120126
$this->db = $db;
121127
$this->principalBackend = $principalBackend;
122128
$this->userManager = $userManager;
123129
$this->dispatcher = $dispatcher;
124130
$this->legacyDispatcher = $legacyDispatcher;
131+
$this->config = $config;
125132
$this->sharingBackend = new Backend($this->db, $this->userManager, $groupManager, $principalBackend, 'addressbook');
126133
}
127134

@@ -243,29 +250,32 @@ public function getAddressBooksForUser($principalUri) {
243250
$result->closeCursor();
244251

245252
// query for system addressbooks
246-
$principalUri="principals/system/system";
247-
$query = $this->db->getQueryBuilder();
248-
$query->select(['id', 'uri', 'displayname', 'principaluri', 'description', 'synctoken'])
249-
->from('addressbooks')
250-
->where($query->expr()->eq('principaluri', $query->createNamedParameter($principalUri)));
251-
$result = $query->execute();
252-
253-
while ($row = $result->fetch()) {
254-
$addressBooks[$row['id']] = [
255-
'id' => $row['id'],
256-
'uri' => "system-address-book",
257-
'principaluri' => $principalUriOriginal,
258-
'{DAV:}displayname' => "System address book",
259-
'{' . Plugin::NS_CARDDAV . '}addressbook-description' => $row['description'],
260-
'{http://calendarserver.org/ns/}getctag' => $row['synctoken'],
261-
'{http://sabredav.org/ns}sync-token' => $row['synctoken'] ?: '0',
262-
'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $row['principaluri'],
263-
$readOnlyPropertyName => true,
264-
];
253+
$includeSystemAddressBook = $this->config->getAppValue('dav', 'exposeSystemAddressBook', 'no') === 'yes';
254+
if ($includeSystemAddressBook) {
255+
$principalUri="principals/system/system";
256+
$query = $this->db->getQueryBuilder();
257+
$query->select(['id', 'uri', 'displayname', 'principaluri', 'description', 'synctoken'])
258+
->from('addressbooks')
259+
->where($query->expr()->eq('principaluri', $query->createNamedParameter($principalUri)));
260+
$result = $query->execute();
265261

266-
$this->addOwnerPrincipal($addressBooks[$row['id']]);
262+
while ($row = $result->fetch()) {
263+
$addressBooks[$row['id']] = [
264+
'id' => $row['id'],
265+
'uri' => "system-address-book",
266+
'principaluri' => $principalUriOriginal,
267+
'{DAV:}displayname' => "System address book",
268+
'{' . Plugin::NS_CARDDAV . '}addressbook-description' => $row['description'],
269+
'{http://calendarserver.org/ns/}getctag' => $row['synctoken'],
270+
'{http://sabredav.org/ns}sync-token' => $row['synctoken'] ?: '0',
271+
'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $row['principaluri'],
272+
$readOnlyPropertyName => true,
273+
];
274+
275+
$this->addOwnerPrincipal($addressBooks[$row['id']]);
276+
}
277+
$result->closeCursor();
267278
}
268-
$result->closeCursor();
269279

270280
return array_values($addressBooks);
271281
}

apps/dav/lib/RootCollection.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -128,11 +128,11 @@ public function __construct() {
128128
);
129129

130130
$pluginManager = new PluginManager(\OC::$server, \OC::$server->query(IAppManager::class));
131-
$usersCardDavBackend = new CardDavBackend($db, $userPrincipalBackend, $userManager, $groupManager, $dispatcher, $legacyDispatcher);
131+
$usersCardDavBackend = new CardDavBackend($db, $userPrincipalBackend, $userManager, $groupManager, $dispatcher, $legacyDispatcher, \OC::$server->getConfig());
132132
$usersAddressBookRoot = new AddressBookRoot($userPrincipalBackend, $usersCardDavBackend, $pluginManager, 'principals/users');
133133
$usersAddressBookRoot->disableListing = $disableListing;
134134

135-
$systemCardDavBackend = new CardDavBackend($db, $userPrincipalBackend, $userManager, $groupManager, $dispatcher, $legacyDispatcher);
135+
$systemCardDavBackend = new CardDavBackend($db, $userPrincipalBackend, $userManager, $groupManager, $dispatcher, $legacyDispatcher, \OC::$server->getConfig());
136136
$systemAddressBookRoot = new AddressBookRoot(new SystemPrincipalBackend(), $systemCardDavBackend, $pluginManager, 'principals/system');
137137
$systemAddressBookRoot->disableListing = $disableListing;
138138

apps/dav/tests/unit/CardDAV/CardDavBackendTest.php

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,9 @@ class CardDavBackendTest extends TestCase {
8282
/** @var IEventDispatcher|\PHPUnit\Framework\MockObject\MockObject */
8383
private $dispatcher;
8484

85+
/** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */
86+
private $config;
87+
8588
/** @var IDBConnection */
8689
private $db;
8790

@@ -129,6 +132,9 @@ class CardDavBackendTest extends TestCase {
129132
protected function setUp(): void {
130133
parent::setUp();
131134

135+
$this->config = $this->createMock(IConfig::class);
136+
$this->config->expects($this->once())->method('getAppValue')
137+
->with('dav', 'exposeSystemAddressBook', 'no')->willReturn('no');
132138
$this->userManager = $this->createMock(IUserManager::class);
133139
$this->groupManager = $this->createMock(IGroupManager::class);
134140
$this->principal = $this->getMockBuilder(Principal::class)
@@ -156,7 +162,7 @@ protected function setUp(): void {
156162

157163
$this->db = \OC::$server->getDatabaseConnection();
158164

159-
$this->backend = new CardDavBackend($this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher);
165+
$this->backend = new CardDavBackend($this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher, $this->config);
160166
// start every test with a empty cards_properties and cards table
161167
$query = $this->db->getQueryBuilder();
162168
$query->delete('cards_properties')->execute();
@@ -246,7 +252,7 @@ public function testCardOperations() {
246252

247253
/** @var CardDavBackend | \PHPUnit\Framework\MockObject\MockObject $backend */
248254
$backend = $this->getMockBuilder(CardDavBackend::class)
249-
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher])
255+
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher, $this->config])
250256
->setMethods(['updateProperties', 'purgeProperties'])->getMock();
251257

252258
// create a new address book
@@ -318,7 +324,7 @@ public function testCardOperations() {
318324

319325
public function testMultiCard() {
320326
$this->backend = $this->getMockBuilder(CardDavBackend::class)
321-
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher])
327+
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher, $this->config])
322328
->setMethods(['updateProperties'])->getMock();
323329

324330
// create a new address book
@@ -371,7 +377,7 @@ public function testMultiCard() {
371377

372378
public function testMultipleUIDOnDifferentAddressbooks() {
373379
$this->backend = $this->getMockBuilder(CardDavBackend::class)
374-
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher])
380+
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher, $this->config])
375381
->setMethods(['updateProperties'])->getMock();
376382

377383
// create 2 new address books
@@ -414,7 +420,7 @@ public function testMultipleUIDDenied() {
414420

415421
public function testNoValidUID() {
416422
$this->backend = $this->getMockBuilder(CardDavBackend::class)
417-
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher])
423+
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher, $this->config])
418424
->setMethods(['updateProperties'])->getMock();
419425

420426
// create a new address book
@@ -471,7 +477,7 @@ public function testDeleteWithoutCard() {
471477

472478
public function testSyncSupport() {
473479
$this->backend = $this->getMockBuilder(CardDavBackend::class)
474-
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher])
480+
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher, $this->config])
475481
->setMethods(['updateProperties'])->getMock();
476482

477483
// create a new address book
@@ -537,7 +543,7 @@ public function testUpdateProperties() {
537543
$cardId = 2;
538544

539545
$backend = $this->getMockBuilder(CardDavBackend::class)
540-
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher])
546+
->setConstructorArgs([$this->db, $this->principal, $this->userManager, $this->groupManager, $this->dispatcher, $this->legacyDispatcher, $this->config])
541547
->setMethods(['getCardId'])->getMock();
542548

543549
$backend->expects($this->any())->method('getCardId')->willReturn($cardId);

0 commit comments

Comments
 (0)