LupusNobilis
/
sogo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Monotone-Parent: 4ae01eea0221889e088ac21232d629d3b265be05 

Monotone-Revision: 07066101c28f825ad99e746c40e1e3eb5c46ffd5

Monotone-Author: wsourdeau@inverse.ca
Monotone-Date: 2007-12-06T22:54:01
Monotone-Branch: ca.inverse.sogo
maint-2.0.2
Wolfgang Sourdeau 2007-12-06 22:54:01 +00:00
parent e1c159094d
commit 790e92d2ea
6 changed files with 90 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
ChangeLog
View File

@ -1,5 +1,26 @@
2007-12-06 Wolfgang Sourdeau <wsourdeau@inverse.ca>
* SoObjects/Appointments/SOGoCalendarComponent.m
([SOGoCalendarComponent -contentAsString]): securize the returned content.
([SOGoCalendarComponent -aclsForUser:uid]): check whether the user
is an organizer or a participant as well.
* SoObjects/Appointments/SOGoAppointmentObject.m
([SOGoAppointmentObject -changeParticipationStatus:_status]): the
user we should change the status of is not the active user but the
owner of the object. This is for delegation.
* SoObjects/Appointments/SOGoAppointmentFolder.m
([SOGoAppointmentFolder -fetchContentObjectNames]): fetch the
elements through the fetchFields:from:to:title:component: method
method, so that the result is already filtered depending on the
acl.
* UI/Scheduler/UIxComponentEditor.m ([UIxComponentEditor
-toolbar]): if the current user is a delegate, take the permission
"ModifyComponent" into account. Also, do not let him/her modify an
event for which he/she is the organizer.
* SoObjects/Contacts/SOGoContactLDAPFolder.m
([SOGoContactLDAPFolder -davResourceType]): declared as a carddav
addressbook collection.

13
SoObjects/Appointments/SOGoAppointmentFolder.m
View File

@ -26,6 +26,7 @@
#import <NGObjWeb/NSException+HTTP.h>
#import <NGObjWeb/SoObject+SoDAV.h>
#import <NGObjWeb/SoSecurityManager.h>
#import <NGObjWeb/WOContext+SoObjects.h>
#import <NGObjWeb/WOMessage.h>
#import <NGObjWeb/WORequest.h>
@ -230,7 +231,6 @@ static NSNumber *sharedYes = nil;
return filterData;
}
#warning filters is leaked here
- (NSArray *) _parseCalendarFilters: (id <DOMElement>) parentNode
{
NSEnumerator *children;
@ -1422,6 +1422,17 @@ static NSNumber *sharedYes = nil;
// return objectNames;
// }
- (NSArray *) fetchContentObjectNames
{
static NSArray *cNameField = nil;
if (!cNameField)
cNameField = [[NSArray alloc] initWithObjects: @"c_name", nil];
return [[self fetchFields: cNameField from: nil to: nil
title: nil component: nil] objectsForKey: @"c_name"];
}
/* folder type */
- (NSString *) folderType

4
SoObjects/Appointments/SOGoAppointmentObject.m
View File

@ -332,13 +332,15 @@
iCalEvent *event;
iCalPerson *attendee;
NSException *ex;
SOGoUser *ownerUser;
ex = nil;
event = [self component: NO secure: NO];
if (event)
{
attendee = [event findParticipant: [context activeUser]];
ownerUser = [SOGoUser userWithLogin: owner roles: nil];
attendee = [event findParticipant: ownerUser];
if (attendee)
ex = [self _handleAttendee: attendee statusChange: _status
inEvent: event];

19
SoObjects/Appointments/SOGoCalendarComponent.m
View File

@ -27,6 +27,7 @@
#import <NGObjWeb/SoSecurityManager.h>
#import <NGObjWeb/WOApplication.h>
#import <NGObjWeb/WOContext+SoObjects.h>
#import <NGObjWeb/WORequest+So.h>
#import <NGExtensions/NSObject+Logs.h>
#import <NGExtensions/NGHashMap.h>
#import <NGCards/iCalCalendar.h>
@ -142,6 +143,18 @@ static BOOL sendEMailNotifications = NO;
return iCalString;
}
- (NSString *) contentAsString
{
NSString *secureContent;
if ([[context request] isSoWebDAVRequest])
secureContent = [self secureContentAsString];
else
secureContent = [super contentAsString];
return secureContent;
}
- (iCalCalendar *) calendar: (BOOL) create secure: (BOOL) secure
{
NSString *componentTag;
@ -559,6 +572,7 @@ static BOOL sendEMailNotifications = NO;
NSArray *superAcls;
iCalRepeatableEntityObject *component;
NSString *accessRole, *ownerRole;
SOGoUser *aclUser;
roles = [NSMutableArray array];
superAcls = [super aclsForUser: uid];
@ -573,6 +587,11 @@ static BOOL sendEMailNotifications = NO;
{
if (component)
{
aclUser = [SOGoUser userWithLogin: uid roles: nil];
if ([component userIsOrganizer: aclUser])
[roles addObject: SOGoCalendarRole_Organizer];
else if ([component userIsParticipant: aclUser])
[roles addObject: SOGoCalendarRole_Participant];
accessRole = [container roleForComponentsWithAccessClass:
[component symbolicAccessClass]
forUser: uid];

7
SoObjects/Appointments/product.plist
View File

@ -35,13 +35,14 @@
};
SOGoCalendarComponent = {
superclass = "SOGoContentObject";
/* defaultAccess = "SeeComponent"; */
defaultRoles = {
"ViewAllComponent" = ( "Owner", "Organizer", "Participant", "ComponentModifier", "ComponentResponder", "ComponentViewer" );
"ViewDAndT" = ( "Organizer", "Participant", "ComponentDAndTViewer" );
"ModifyComponent" = ( "Owner", "Organizer" );
"RespondToComponent" = ( "Participant" );
/* "SeeComponent" = ( "Owner", "Organizer", "Participant", "ComponentModifier", "ComponentResponder", "ComponentViewer", "ComponentDAndTViewer" ); */
"RespondToComponent" = ( "Participant", "ComponentModifier", "ComponentResponder" );
"Access Object" = ( "Owner", "Organizer", "Participant", "ComponentModifier", "ComponentResponder", "ComponentViewer", "ComponentDAndTViewer" );
"Access Contents Information" = ( "Owner", "Organizer", "Participant", "ComponentModifier", "ComponentResponder", "ComponentViewer", "ComponentDAndTViewer" );
"WebDAV Access" = ( "Owner", "Organizer", "Participant", "ComponentModifier", "ComponentResponder", "ComponentViewer", "ComponentDAndTViewer" );
};
};
SOGoAppointmentObject = {

52
UI/Scheduler/UIxComponentEditor.m
View File

@ -1025,6 +1025,7 @@
SoSecurityManager *sm;
NSString *toolbarFilename, *adminToolbar;
iCalPersonPartStat participationStatus;
SOGoUser *currentUser;
if ([clientObject isKindOfClass: [SOGoAppointmentObject class]])
adminToolbar = @"SOGoAppointmentObject.toolbar";
@ -1034,28 +1035,37 @@
sm = [SoSecurityManager sharedSecurityManager];
if ([[component attendees] count])
{
if ([component userIsOrganizer: ownerUser]
&& ![sm validatePermission: SOGoCalendarPerm_ModifyComponent
onObject: clientObject
inContext: context])
toolbarFilename = adminToolbar;
else if ([component userIsParticipant: ownerUser]
&& ![sm validatePermission: SOGoCalendarPerm_RespondToComponent
onObject: clientObject
inContext: context])
{
participationStatus
= [[component findParticipant: ownerUser] participationStatus];
/* Lightning does not manage participation status within tasks */
if (participationStatus == iCalPersonPartStatAccepted)
toolbarFilename = @"SOGoAppointmentObjectDecline.toolbar";
else if (participationStatus == iCalPersonPartStatDeclined)
toolbarFilename = @"SOGoAppointmentObjectAccept.toolbar";
else
toolbarFilename = @"SOGoAppointmentObjectAcceptOrDecline.toolbar";
}
else
currentUser = [context activeUser];
if ([component userIsOrganizer: currentUser])
toolbarFilename = @"SOGoComponentClose.toolbar";
else
{
if ([component userIsOrganizer: ownerUser]
&& ![sm validatePermission: SOGoCalendarPerm_ModifyComponent
onObject: clientObject
inContext: context])
toolbarFilename = adminToolbar;
else if ([component userIsParticipant: ownerUser]
&& !([sm validatePermission: SOGoCalendarPerm_RespondToComponent
onObject: clientObject
inContext: context]
&& [sm validatePermission: SOGoCalendarPerm_ModifyComponent
onObject: clientObject
inContext: context]))
{
participationStatus
= [[component findParticipant: ownerUser] participationStatus];
/* Lightning does not manage participation status within tasks */
if (participationStatus == iCalPersonPartStatAccepted)
toolbarFilename = @"SOGoAppointmentObjectDecline.toolbar";
else if (participationStatus == iCalPersonPartStatDeclined)
toolbarFilename = @"SOGoAppointmentObjectAccept.toolbar";
else
toolbarFilename = @"SOGoAppointmentObjectAcceptOrDecline.toolbar";
}
else
toolbarFilename = @"SOGoComponentClose.toolbar";
}
}
else
{