oc-contacts: Add edit/delete own and Folder Contact/Owner sharing perm
By storing these custom MAPI roles in the ACL. An extension field called 'X-OPENCHANGE-CREATOR' is created in the vcard to validate the creator/owner of the contact in the shared folder.pull/209/head
parent
dd32c659f6
commit
9d461d646f
|
@ -74,18 +74,34 @@
|
|||
|
||||
- (NSArray *) rolesForExchangeRights: (uint32_t) rights
|
||||
{
|
||||
/* Limitations
|
||||
|
||||
Following rights are not supported by SOGo specifically:
|
||||
|
||||
- CreateSubfolders: No contacts subfolders
|
||||
- FolderVisible: It is inferred by other rights when extracting
|
||||
*/
|
||||
NSMutableArray *roles;
|
||||
|
||||
roles = [NSMutableArray arrayWithCapacity: 6];
|
||||
roles = [NSMutableArray arrayWithCapacity: 8];
|
||||
if (rights & RightsCreateItems)
|
||||
[roles addObject: SOGoRole_ObjectCreator];
|
||||
if (rights & RightsDeleteAll)
|
||||
[roles addObject: SOGoRole_ObjectEraser];
|
||||
if (rights & RightsDeleteOwn)
|
||||
[roles addObject: MAPIStoreRightDeleteOwn];
|
||||
if (rights & RightsEditAll)
|
||||
[roles addObject: SOGoRole_ObjectEditor];
|
||||
if (rights & RightsEditOwn)
|
||||
[roles addObject: MAPIStoreRightEditOwn];
|
||||
if (rights & RightsReadItems)
|
||||
[roles addObject: SOGoRole_ObjectViewer];
|
||||
|
||||
if (rights & RightsFolderOwner)
|
||||
[roles addObject: MAPIStoreRightFolderOwner];
|
||||
if (rights & RightsFolderContact)
|
||||
[roles addObject: MAPIStoreRightFolderContact];
|
||||
|
||||
return roles;
|
||||
}
|
||||
|
||||
|
@ -95,15 +111,28 @@
|
|||
|
||||
if ([roles containsObject: SOGoRole_ObjectCreator])
|
||||
rights |= RightsCreateItems;
|
||||
|
||||
if ([roles containsObject: SOGoRole_ObjectEraser])
|
||||
rights |= RightsDeleteAll | RightsDeleteOwn;
|
||||
else if ([roles containsObject: MAPIStoreRightDeleteOwn])
|
||||
rights |= RightsDeleteOwn;
|
||||
|
||||
if ([roles containsObject: SOGoRole_ObjectEditor])
|
||||
rights |= RightsEditAll | RightsEditOwn;
|
||||
else if ([roles containsObject: MAPIStoreRightEditOwn])
|
||||
rights |= RightsEditOwn;
|
||||
|
||||
if ([roles containsObject: SOGoRole_ObjectViewer])
|
||||
rights |= RightsReadItems;
|
||||
if (rights != 0)
|
||||
rights |= RoleNone; /* actually "folder visible" */
|
||||
|
||||
if ([roles containsObject: MAPIStoreRightFolderOwner])
|
||||
rights |= RightsFolderOwner | RoleNone;
|
||||
|
||||
if ([roles containsObject: MAPIStoreRightFolderContact])
|
||||
rights |= RightsFolderContact;
|
||||
|
||||
return rights;
|
||||
}
|
||||
|
||||
|
|
|
@ -31,9 +31,11 @@
|
|||
#import <NGCards/NGVCardPhoto.h>
|
||||
#import <NGCards/NSArray+NGCards.h>
|
||||
#import <NGCards/NSString+NGCards.h>
|
||||
#import <NGObjWeb/WOContext+SoObjects.h>
|
||||
#import <Contacts/SOGoContactGCSEntry.h>
|
||||
#import <Mailer/NSString+Mail.h>
|
||||
#import <SOGo/SOGoPermissions.h>
|
||||
#import <SOGo/SOGoUser.h>
|
||||
#import <SOGo/SOGoUserManager.h>
|
||||
|
||||
#import "MAPIStoreAttachment.h"
|
||||
|
@ -1224,23 +1226,28 @@ enum { // [MS-OXOCNTC] 2.2.1.2.11
|
|||
}
|
||||
|
||||
// ---------------------------------------------------------
|
||||
// Permissions
|
||||
// ---------------------------------------------------------
|
||||
|
||||
- (NSString *) creator
|
||||
{
|
||||
return [[[sogoObject vCard] uniqueChildWithTag: @"x-openchange-creator"]
|
||||
flattenedValuesForKey: @""];
|
||||
}
|
||||
|
||||
- (NSString *) owner
|
||||
{
|
||||
return [self creator];
|
||||
}
|
||||
|
||||
- (BOOL) subscriberCanReadMessage
|
||||
{
|
||||
return [[self activeUserRoles] containsObject: SOGoRole_ObjectViewer];
|
||||
}
|
||||
|
||||
- (BOOL) subscriberCanModifyMessage
|
||||
{
|
||||
NSArray *roles;
|
||||
|
||||
roles = [self activeUserRoles];
|
||||
|
||||
return ((isNew
|
||||
&& [roles containsObject: SOGoRole_ObjectCreator])
|
||||
|| (!isNew && [roles containsObject: SOGoRole_ObjectEditor]));
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------
|
||||
// Save
|
||||
// ---------------------------------------------------------
|
||||
- (void) saveDistList:(TALLOC_CTX *) memCtx
|
||||
{
|
||||
[self warnWithFormat: @"IPM.DistList messages are ignored"];
|
||||
|
@ -1584,6 +1591,14 @@ enum { // [MS-OXOCNTC] 2.2.1.2.11
|
|||
if (value)
|
||||
[newCard setNote: value];
|
||||
|
||||
/* Store the creator name for sharing purposes */
|
||||
if (isNew)
|
||||
{
|
||||
value = [[[self context] activeUser] login];
|
||||
[[newCard uniqueChildWithTag: @"x-openchange-creator"]
|
||||
setSingleValue: value forKey: @""];
|
||||
}
|
||||
|
||||
//
|
||||
// we save the new/modified card
|
||||
//
|
||||
|
|
Loading…
Reference in New Issue