Webdav sharing in V3.2.0

[Lionel VEST]

Hi,

I discovered SABREDAV two weeks ago, just after V3.2.0 was released

I spent the last few days reading sabredav documentation, studying the code, and trying to implement it in a software that I'm developping since 10 years for a client.

At this point, I achieved to create all the necessary backends to my MYSQL database : auth, principal, caldav, carddav, homecollection

I'm now trying to implement some "sharing" features.
CALDAV sharing works out of the box
I understand that CARDAV sharing isn't implemented yet, so I'll delay this feature and wait for 3.3.

But i'm a bit confused about WEBDAV sharing.
Is it possible to share just one folder or one file ?
I tried to edit the IsharedNode.php file this file doesn't seem to be loaded.
Am I loading the wrong plugins ?

Is there a way to share just one folder in V3.2.0 ?

What file should I edit to make this work ?

Here's my current server.php code (PDO_OPTIMUS are my custom backends) :

Thanks for you help

$principalBackend = new Sabre\DAVACL\PrincipalBackend\PDO_OPTIMUS($pdo);
$caldavBackend = new Sabre\CalDAV\Backend\PDO_OPTIMUS($pdo);
$carddavBackend   = new Sabre\CardDAV\Backend\PDO_OPTIMUS($pdo);
$lockBackend = new Sabre\DAV\Locks\Backend\PDO_OPTIMUS($pdo);
$storageBackend = new Sabre\DAV\PropertyStorage\Backend\PDO_OPTIMUS($pdo);
$authBackend = new Sabre\DAV\Auth\Backend\PDO_OPTIMUS($pdo);
$authBackend->setRealm('OPTIMUS');


$nodes = [
 new Sabre\DAVACL\PrincipalCollection($principalBackend),
 new Sabre\DAVACL\FS\HomeCollection_OPTIMUS($principalBackend, '/srv/files'),
 new Sabre\CalDAV\CalendarRoot($principalBackend, $caldavBackend),
 new Sabre\CardDAV\AddressBookRoot($principalBackend, $carddavBackend),
];


$server = new Sabre\DAV\Server($nodes);


$server->addPlugin(new Sabre\DAV\Auth\Plugin($authBackend));
$server->addPlugin(new Sabre\DAV\Locks\Plugin($lockBackend));
$server->addPlugin(new Sabre\DAV\PropertyStorage\Plugin($storageBackend));
$server->addPlugin(new Sabre\DAV\Browser\Plugin());
$server->addPlugin(new Sabre\DAV\Sharing\Plugin());
$server->addPlugin(new Sabre\DAV\Sync\Plugin());
$server->addPlugin(new Sabre\CalDAV\Plugin());
$server->addPlugin(new Sabre\CalDAV\Schedule\Plugin());
$server->addPlugin(new Sabre\CalDAV\SharingPlugin());
$server->addPlugin(new Sabre\CalDAV\ICSExportPlugin());
$server->addPlugin(new Sabre\CardDAV\Plugin());
$server->addPlugin(new Sabre\CardDAV\VCFExportPlugin());


$aclPlugin = new Sabre\DAVACL\Plugin();

$aclPlugin->allowAccessToNodesWithoutACL = false;
$aclPlugin->hideNodesFromListings = true;
$aclPlugin->adminPrincipals[] = 'principals/postm...@adaris.org';
$server->addPlugin($aclPlugin);


$server->exec();

[me]

Hi Lionel,

On Saturday, August 20, 2016 at 5:25:09 PM UTC-4, Lionel VEST wrote:

Hi,

I discovered SABREDAV two weeks ago, just after V3.2.0 was released

I spent the last few days reading sabredav documentation, studying the code, and trying to implement it in a software that I'm developping since 10 years for a client.

At this point, I achieved to create all the necessary backends to my MYSQL database : auth, principal, caldav, carddav, homecollection

I'm now trying to implement some "sharing" features.
CALDAV sharing works out of the box
I understand that CARDAV sharing isn't implemented yet, so I'll delay this feature and wait for 3.3.

But i'm a bit confused about WEBDAV sharing.
Is it possible to share just one folder or one file ?
I tried to edit the IsharedNode.php file this file doesn't seem to be loaded.
Am I loading the wrong plugins ?

Is there a way to share just one folder in V3.2.0 ?

What file should I edit to make this work ?

There is not really a 'default implementation' for file sharing at the moment. There's also no real immediate plans to do this. I imagine that this needs to be either a funded feature or a contribution from someone in the community, as we don't really have this on our roadmap at the moment.

The key that _was_ added for webdav sharing, is that we've basically added all the hooks to make this work, but it doesn't come with an actual implementation. ISharedNode is indeed the base interface you need to be looking at.




 

Here's my current server.php code (PDO_OPTIMUS are my custom backends) :

OK, the way you're doing this is really bad. You are not supposed to add new classes to the Sabre\ namespace, and I suspect this also means that you're manually adding files to the lib/ directory.
You're not the first to do this, which makes me believe that not everyone is aware how they should extend PHP project correctly with their own namespaces and composer.

So for that reason I wrote a guide that hopefully makes this a bit easier:

http://sabre.io/dav/extending-sabredav/

The general hint I would give you is that if you ever make changes to sabre/dav files, or if you are ever adding files to the sabre/dav source directories, you are doing something really wrong. This is true for sabre/dav, but also true for pretty much any other PHP project. You should treat code from open source projects basically as read-only.

You should be able to do anything you need by just extending classes in your own source directories. Please read the doc and restructure your project in a sane way:

http://sabre.io/dav/extending-sabredav/

Hope this helps!
Evert

[Lionel VEST]

Thanks for your answer.
It is very useful.
So I can stop searching for a feature that isn't fully implemented yet.
I'll try to use the hooks you created

Also thank you for the comment about my code.
I don't use external libraries a lot and I'm a bit confused about the way to extend the classes
I'll check your link

Thanks

[Lionel VEST]

Hi again,

I followed your advice and I'm now working with a "clean" method.
I created an "OPTIMUS" namespace as you recommended :

$authBackend = new Optimus\DAV\Auth\Backend\PDO($pdo);

$authBackend->setRealm('OPTIMUS');

$principalBackend = new Optimus\DAVACL\PrincipalBackend\PDO($pdo);

$caldavBackend = new Sabre\CalDAV\Backend\PDO($pdo);

$carddavBackend   = new Optimus\CardDAV\Backend\PDO($pdo);

$lockBackend = new Sabre\DAV\Locks\Backend\PDO($pdo);

$storageBackend = new Sabre\DAV\PropertyStorage\Backend\PDO($pdo);

I'm now working on the ACL and I'm a bit confused about the way it works.
This is an example groupmembers database

1 4 20

2 4 23

3 48 4

I thought that user 23 would have access only to user 4.

But in fact, it has also access to user 48
As I understand, since user 4 has access to user 48, user 23 also "inherits" the right to access user 48
Is that the expected behaviour ?
How can user 23 get access to user 4, without getting access to user 48.
Is there an easy way with the actual implementation of ACL ?

[Evert Pot]

Logically if user B inherits all the rights from user A, and user C inherits all the rights from user B, user C would also inherit the rights from user A.
For caldav though, there are two special sub-principals, usually in the format:

principals/username/calendar-proxy-read
principals/username/calendar-proxy-write

If you make a principal a member of a different principals calendar-proxy-read sub-principal, they will get read-only access to the latter principals calendar.
Those sub-principals exist to circumvent the inheritence problem, but also allows you to give someone access to your calendars with specific privileges, without letting other users inherit ALL the rights.

However, this feature is specific for calendars and does not extend to other features unless you extend more classes and return different privileges.

principals don't need to represent users. You can in theory create many sub-principals that only act as a 'container' to assign rights to, and make users members of that principal to give them those rights.
Basically a principal can represent a user, a group, a resource, but also a 'role'.

Evert