View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000155 | SOGo | Backend Calendar | public | 2009-09-30 18:08 | 2009-10-15 21:34 |
| Reporter | pmei | Assigned To | |||
| Priority | normal | Severity | major | Reproducibility | have not tried |
| Status | resolved | Resolution | fixed | ||
| Product Version | 1.0.4 | ||||
| Target Version | 1.1.0 | ||||
| Summary | 0000155: iPhone 3.1 OS upgrade makes SOGo cals readonly | ||||
| Description | from Hans Verbrugge's post on Sep. 30, 2009: It turns out that iPhone3.1 iCal is now checking webdav acls, when an account is created. If it does, the server returns a minimal set of privileges. Things started working again, after I removed the account, patched the server, so that it returns write permissions, when iCal goes after the initial PROPFIND. I'm not quite familiar with the source code yet, so I can't tell if this will break anything else or not. With those patches, iPhone3.1 iCal can write in your own caldav calendars again. There is one exception, subscribed calendars (from others) are read-only, even if shared for modification.If you change SoObjects/Appointments/SOGoAppointmentFolder.m SoPerm_OwnerWebDAVAccess (this will give DAV write permissions to the owner only, in the AppointmentFolder) to SoPerm_WebDAVAccess, it will be writable too. There's a glitch here too, it will allow you delete objects in a subscribed calendar, even if those permissions are not granted by the owner of the calendar. Maybe that's an iPhone thing. It will allow you, but it is not erased from the DB, because I can still see it in another iCal (which on my Mac throws an error, stating that deletion is not allowed, if I try there). Should you try this; you will have to invalidate your iPhone caldav account first. You can do this by going to the account settings/advanced and append a character to the url. Then go back to settings, quit and start the calendar app. The caldav calendar will now be gone. Go back to the account settings, remove the character from the url, go back to your calendar and it should work. Again, a big disclaimer here, this works for me, but maybe one of the developers can tell if this is a safe thing to do. Cheers,
| ||||
| Additional Information | [ apply patch to SVN, rev 1508, with "--ignore-whitespace" ] from Hans Verbrugge's post on Sep. 15, 2009: [... running SOGo 1.0.4 ] I recently upgraded from iPhone OS 3.0 (where everything worked fine) to 3.1. With 3.1, my calendars have all become read-only on my iPhone. Now, I don't know what it used to send over the line in 3.0, but in 3.1 it starts with: PROPFIND /SOGo/dav/hans/Calendar/ HTTP/1.1 <?xml version="1.0" encoding="utf-8"?> On my macs I run Leopard (10.5.8) and it starts a session with this; PROPFIND /SOGo/dav/hans/Calendar/ HTTP/1.1 <?xml version="1.0" encoding="utf-8"?> The interesting difference (I think) is the addition of the supported-calendar-component-set and current-user-privilege-set properties in iPhone OS3.1. I can't really tell if this is a bug, or Apple being non compliant. Davical has addressed this issue in a new release (mentioning OS 3.1 brokenness, mmm). Any help or pointers (even to source-code fragments, so I can maybe fix this myself) are greatly appreciated. Cheers,
from Hans Verbrugge's post on Sep. 21, 2009 I've been doing some more research, and it seems 3.1 is now asking for the current-user-privilege-set to find out if some options in the client should be disabled, based on acl/access. If I look at the response that is being sent back, at least for the /dav/user/Calendar collection, I'd expect that if the current user is also the owner, he should have all rights? I don't see any write privileges in there, so I suspect it's the reason why iPhone 3.1 thinks that the collection is read-only (and thus it sees the underlying calendars as read-only). See the output below; Cheers,
<?xml version="1.0" encoding="utf-8"?> | ||||
| Tags | No tags attached. | ||||
2009-09-30 18:08
|
iPhone31_acl_workaround.patch (3,033 bytes)
# svn diff
Index: SoObjects/Appointments/SOGoAppointmentFolder.m
===================================================================
--- SoObjects/Appointments/SOGoAppointmentFolder.m (revision 1508)
+++ SoObjects/Appointments/SOGoAppointmentFolder.m (working copy)
@@ -134,7 +134,8 @@
asChildOf: davElement (@"read", XMLNS_WEBDAV)];
[aclManager registerDAVPermission: davElement (@"write", XMLNS_WEBDAV)
abstract: YES
- withEquivalent: nil
+ withEquivalent: SoPerm_OwnerWebDAVAccess
+ //withEquivalent: nil
asChildOf: davElement (@"all", XMLNS_WEBDAV)];
[aclManager registerDAVPermission: davElement (@"bind", XMLNS_WEBDAV)
abstract: NO
Index: SoObjects/SOGo/SOGoPermissions.h
===================================================================
--- SoObjects/SOGo/SOGoPermissions.h (revision 1508)
+++ SoObjects/SOGo/SOGoPermissions.h (working copy)
@@ -73,7 +73,10 @@
extern NSString *SOGoPerm_DeleteObject;
extern NSString *SOGoPerm_ReadAcls;
extern NSString *SOGoPerm_FreeBusyLookup;
+/* HV: should go to SOPE */
+extern NSString *SoPerm_OwnerWebDAVAccess;
+
extern NSString *SOGoCalendarPerm_ViewWholePublicRecords;
extern NSString *SOGoCalendarPerm_ViewDAndTOfPublicRecords;
extern NSString *SOGoCalendarPerm_ModifyPublicRecords;
Index: SoObjects/SOGo/SOGoPermissions.m
===================================================================
--- SoObjects/SOGo/SOGoPermissions.m (revision 1508)
+++ SoObjects/SOGo/SOGoPermissions.m (working copy)
@@ -78,6 +78,10 @@
currently missing from SOPE */
NSString *SOGoPerm_FreeBusyLookup = @"FreeBusyLookup";
+/* HV: should go to SOPE */
+NSString *SoPerm_OwnerWebDAVAccess = @"OwnerWebDAV Access";
+
+
NSString *SOGoCalendarPerm_ViewWholePublicRecords = @"ViewWholePublicRecords";
NSString *SOGoCalendarPerm_ViewDAndTOfPublicRecords = @"ViewDAndTOfPublicRecords";
NSString *SOGoCalendarPerm_ModifyPublicRecords = @"ModifyPublicRecords";
Index: SoObjects/SOGo/SOGoWebDAVAclManager.m
===================================================================
--- SoObjects/SOGo/SOGoWebDAVAclManager.m (revision 1508)
+++ SoObjects/SOGo/SOGoWebDAVAclManager.m (working copy)
@@ -38,6 +38,7 @@
#import "SOGoWebDAVAclManager.h"
static NSNumber *yesObject = nil;
+extern NSString *SoPerm_OwnerWebDAVAccess;
@interface SoClass (SOGoDAVPermissions)
Index: UI/MainUI/product.plist
===================================================================
--- UI/MainUI/product.plist (revision 1508)
+++ UI/MainUI/product.plist (working copy)
@@ -62,6 +62,7 @@
"Access Object" = ( "Authenticated", "AuthorizedSubscriber" );
"Access Contents Information" = ( "Owner", "ObjectViewer", "ObjectEditor" );
"WebDAV Access" = ( "Authenticated", "AuthorizedSubscriber" );
+ "OwnerWebDAV Access" = ( "Owner" );
"Delete Object" = ( "Owner" );
"Delete Objects" = ( "Owner", "ObjectEraser" );
};
|
 |
Will need to review in details RFC3744 |
|
|
Fixed for iPhone OS 3.1.2 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2009-09-30 18:08 | pmei | New Issue | |
| 2009-09-30 18:08 | pmei | File Added: iPhone31_acl_workaround.patch | |
| 2009-10-09 17:21 | ludovic | Target Version | => 1.1.0 |
| 2009-10-14 23:19 | ludovic | Note Added: 0000164 | |
| 2009-10-15 21:34 |
|
Status | new => assigned |
| 2009-10-15 21:34 |
|
Assigned To | => user4 |
| 2009-10-15 21:34 |
|
Note Added: 0000176 | |
| 2009-10-15 21:34 |
|
Status | assigned => resolved |
| 2009-10-15 21:34 |
|
Resolution | open => fixed |
