* SoObjects/Appointments/SOGoAppointmentObject.m
(PUTAction:): detect conflicting event UID and deny the request accordingly. * Tests/Integration/test-caldav-scheduling.py: new test for bug #1853 Monotone-Parent: 32e30de409bdd4e864d0c454e1939c809fb8edcd Monotone-Revision: a4ef73c2ad79c8da8d8e0c93767ab06e14bc846b Monotone-Author: jraby@inverse.ca Monotone-Date: 2012-06-27T16:06:20maint-2.0.2
parent
c74b5a1cc1
commit
38b1cbd014
|
@ -1,3 +1,9 @@
|
|||
2012-06-27 Jean Raby <jraby@inverse.ca>
|
||||
|
||||
* SoObjects/Appointments/SOGoAppointmentObject.m
|
||||
(PUTAction:): detect conflicting event UID and
|
||||
deny the request accordingly.
|
||||
|
||||
2012-06-21 Ludovic Marcotte <lmarcotte@inverse.ca>
|
||||
|
||||
* Added the SOGoSearchMinimumWordLength domain
|
||||
|
|
|
@ -1756,15 +1756,25 @@ inRecurrenceExceptionsForEvent: (iCalEvent *) theEvent
|
|||
{
|
||||
iCalCalendar *calendar;
|
||||
SOGoUser *ownerUser;
|
||||
iCalEvent *event;
|
||||
iCalEvent *event, *conflictingEvent;
|
||||
|
||||
NSString *eventUID;
|
||||
BOOL scheduling;
|
||||
|
||||
calendar = [iCalCalendar parseSingleFromSource: [rq contentAsString]];
|
||||
|
||||
event = [[calendar events] objectAtIndex: 0];
|
||||
eventUID = [event uid];
|
||||
ownerUser = [SOGoUser userWithLogin: owner];
|
||||
scheduling = [self _shouldScheduleEvent: [event organizer]];
|
||||
|
||||
// make sure eventUID doesn't conflict with an existing event - see bug #1853
|
||||
// TODO: send out a no-uid-conflict (DAV:href) xml element (rfc4791 section 5.3.2.1)
|
||||
if (conflictingEvent = [container resourceNameForEventUID: eventUID])
|
||||
{
|
||||
NSString *reason = [NSString stringWithFormat: @"Event UID already in use. (%s)", eventUID];
|
||||
return [NSException exceptionWithHTTPStatus:403 reason: reason];
|
||||
}
|
||||
|
||||
//
|
||||
// New event and we're the organizer -- send invitation to all attendees
|
||||
|
|
|
@ -4,6 +4,9 @@
|
|||
# attendee1_delegate_username and superuser.
|
||||
# when writing new tests, avoid using superuser when not absolutely needed
|
||||
|
||||
# TODO
|
||||
# - Individual tests should set the ACLs themselves on Resources tests
|
||||
|
||||
from config import hostname, port, username, password, \
|
||||
superuser, superuser_password, \
|
||||
attendee1, attendee1_username, \
|
||||
|
@ -791,6 +794,31 @@ class CalDAVSchedulingTest(unittest.TestCase):
|
|||
for attendee in org_ev.vevent.attendee_list:
|
||||
self.assertNotEqual(self.user_email, attendee.value)
|
||||
|
||||
def testEventsWithSameUID(self):
|
||||
""" PUT 2 events with the same UID - bug #1853 """
|
||||
|
||||
ics_name = "test-same-uid.ics"
|
||||
self.ics_list += [ics_name]
|
||||
|
||||
self._deleteEvent(self.client,
|
||||
"%s%s" % (self.user_calendar, ics_name), None)
|
||||
|
||||
conflict_ics_name = "test-same-uid-conflict.ics"
|
||||
self.ics_list += [ics_name]
|
||||
|
||||
self._deleteEvent(self.client,
|
||||
"%s%s" % (self.user_calendar, conflict_ics_name), None)
|
||||
|
||||
# 1. create simple event
|
||||
summary="same uid"
|
||||
uid=summary
|
||||
event = self._newEvent(summary, uid)
|
||||
|
||||
self._putEvent(self.client, "%s%s" % (self.user_calendar, ics_name), event)
|
||||
|
||||
# PUT the same event with a new filename - should trigger a 403
|
||||
self._putEvent(self.client, "%s%s" % (self.user_calendar, conflict_ics_name), event, exp_status=403)
|
||||
|
||||
def testInvitationDelegation(self):
|
||||
""" invitation delegation """
|
||||
|
||||
|
|
Loading…
Reference in New Issue