LupusNobilis
/
sogo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

oc-contacts: Add edit/delete own and Folder Contact/Owner sharing perm 

By storing these custom MAPI roles in the ACL.

An extension field called 'X-OPENCHANGE-CREATOR' is created in the vcard
to validate the creator/owner of the contact in the shared folder.
pull/209/head
Enrique J. Hernández Blasco 2016-02-09 23:54:15 +01:00
parent dd32c659f6
commit 9d461d646f
2 changed files with 56 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
OpenChange/MAPIStoreContactsFolder.m
View File

@ -74,18 +74,34 @@
- (NSArray *) rolesForExchangeRights: (uint32_t) rights
{
/* Limitations
Following rights are not supported by SOGo specifically:
- CreateSubfolders: No contacts subfolders
- FolderVisible: It is inferred by other rights when extracting
*/
NSMutableArray *roles;
roles = [NSMutableArray arrayWithCapacity: 6];
roles = [NSMutableArray arrayWithCapacity: 8];
if (rights & RightsCreateItems)
[roles addObject: SOGoRole_ObjectCreator];
if (rights & RightsDeleteAll)
[roles addObject: SOGoRole_ObjectEraser];
if (rights & RightsDeleteOwn)
[roles addObject: MAPIStoreRightDeleteOwn];
if (rights & RightsEditAll)
[roles addObject: SOGoRole_ObjectEditor];
if (rights & RightsEditOwn)
[roles addObject: MAPIStoreRightEditOwn];
if (rights & RightsReadItems)
[roles addObject: SOGoRole_ObjectViewer];
if (rights & RightsFolderOwner)
[roles addObject: MAPIStoreRightFolderOwner];
if (rights & RightsFolderContact)
[roles addObject: MAPIStoreRightFolderContact];
return roles;
}
@ -95,15 +111,28 @@
if ([roles containsObject: SOGoRole_ObjectCreator])
rights |= RightsCreateItems;
if ([roles containsObject: SOGoRole_ObjectEraser])
rights |= RightsDeleteAll | RightsDeleteOwn;
else if ([roles containsObject: MAPIStoreRightDeleteOwn])
rights |= RightsDeleteOwn;
if ([roles containsObject: SOGoRole_ObjectEditor])
rights |= RightsEditAll | RightsEditOwn;
else if ([roles containsObject: MAPIStoreRightEditOwn])
rights |= RightsEditOwn;
if ([roles containsObject: SOGoRole_ObjectViewer])
rights |= RightsReadItems;
if (rights != 0)
rights |= RoleNone; /* actually "folder visible" */
if ([roles containsObject: MAPIStoreRightFolderOwner])
rights |= RightsFolderOwner | RoleNone;
if ([roles containsObject: MAPIStoreRightFolderContact])
rights |= RightsFolderContact;
return rights;
}

37
OpenChange/MAPIStoreContactsMessage.m
View File

@ -31,9 +31,11 @@
#import <NGCards/NGVCardPhoto.h>
#import <NGCards/NSArray+NGCards.h>
#import <NGCards/NSString+NGCards.h>
#import <NGObjWeb/WOContext+SoObjects.h>
#import <Contacts/SOGoContactGCSEntry.h>
#import <Mailer/NSString+Mail.h>
#import <SOGo/SOGoPermissions.h>
#import <SOGo/SOGoUser.h>
#import <SOGo/SOGoUserManager.h>
#import "MAPIStoreAttachment.h"
@ -1224,23 +1226,28 @@ enum { // [MS-OXOCNTC] 2.2.1.2.11
}
// ---------------------------------------------------------
// Permissions
// ---------------------------------------------------------
- (NSString *) creator
{
return [[[sogoObject vCard] uniqueChildWithTag: @"x-openchange-creator"]
flattenedValuesForKey: @""];
}
- (NSString *) owner
{
return [self creator];
}
- (BOOL) subscriberCanReadMessage
{
return [[self activeUserRoles] containsObject: SOGoRole_ObjectViewer];
}
- (BOOL) subscriberCanModifyMessage
{
NSArray *roles;
roles = [self activeUserRoles];
return ((isNew
&& [roles containsObject: SOGoRole_ObjectCreator])
|| (!isNew && [roles containsObject: SOGoRole_ObjectEditor]));
}
// ---------------------------------------------------------
// Save
// ---------------------------------------------------------
- (void) saveDistList:(TALLOC_CTX *) memCtx
{
[self warnWithFormat: @"IPM.DistList messages are ignored"];
@ -1584,6 +1591,14 @@ enum { // [MS-OXOCNTC] 2.2.1.2.11
if (value)
[newCard setNote: value];
/* Store the creator name for sharing purposes */
if (isNew)
{
value = [[[self context] activeUser] login];
[[newCard uniqueChildWithTag: @"x-openchange-creator"]
setSingleValue: value forKey: @""];
}
//
// we save the new/modified card
//