feat: restrict calendar invitation users

Signed-off-by: SebastianKrupinski <[email protected]>

Author: SebastianKrupinski

lib/Controller/ContactController.php

@@ -18,6 +18,7 @@
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\QueryException;
 use OCP\Contacts\IManager;
+use OCP\IAppConfig;
 use OCP\IRequest;
 use OCP\IUserManager;
 use Psr\Log\LoggerInterface;
@@ -41,6 +42,7 @@ public function __construct(
 		private IAppManager $appManager,
 		private IUserManager $userManager,
 		private ContactsService $contactsService,
+		private IAppConfig $appConfig,
 		private LoggerInterface $logger,
 	) {
 		parent::__construct($appName, $request);
@@ -100,11 +102,16 @@ public function searchAttendee(string $search):JSONResponse {
 			return new JSONResponse();
 		}
 
-		$result = $this->contactsManager->search($search, ['FN', 'EMAIL'], ['enumeration' => false]);
+		$externalAttendeesDisabled = $this->appConfig->getValueBool('dav', 'caldav_external_attendees_disabled', false);
+		$result = $this->contactsManager->search($search, ['FN', 'EMAIL'], ['enumeration' => true]);
 
 		$contacts = [];
 		foreach ($result as $r) {
-			if ($this->contactsService->isSystemBook($r) || !$this->contactsService->hasEmail($r)) {
+			if (!$this->contactsService->hasEmail($r)) {
+				continue;
+			}
+			// When external attendees are disabled, only include system book contacts
+			if ($externalAttendeesDisabled && !$this->contactsService->isSystemBook($r)) {
 				continue;
 			}
 			$name = $this->contactsService->getNameFromContact($r);
@@ -122,24 +129,27 @@ public function searchAttendee(string $search):JSONResponse {
 			];
 		}
 
-		$groups = $this->contactsManager->search($search, ['CATEGORIES']);
-		$groups = array_filter($groups, function ($group) {
-			return $this->contactsService->hasEmail($group);
-		});
-		$filtered = $this->contactsService->filterGroupsWithCount($groups, $search);
-		foreach ($filtered as $groupName => $count) {
-			if ($count === 0) {
-				continue;
+		// Skip contact groups when external attendees are disabled
+		if (!$externalAttendeesDisabled) {
+			$groups = $this->contactsManager->search($search, ['CATEGORIES']);
+			$groups = array_filter($groups, function ($group) {
+				return $this->contactsService->hasEmail($group);
+			});
+			$filtered = $this->contactsService->filterGroupsWithCount($groups, $search);
+			foreach ($filtered as $groupName => $count) {
+				if ($count === 0) {
+					continue;
+				}
+				$contacts[] = [
+					'name' => $groupName,
+					'emails' => ['mailto:' . urlencode($groupName) . '@group'],
+					'lang' => '',
+					'tzid' => '',
+					'photo' => '',
+					'type' => 'contactsgroup',
+					'members' => $count,
+				];
 			}
-			$contacts[] = [
-				'name' => $groupName,
-				'emails' => ['mailto:' . urlencode($groupName) . '@group'],
-				'lang' => '',
-				'tzid' => '',
-				'photo' => '',
-				'type' => 'contactsgroup',
-				'members' => $count,
-			];
 		}
 
 		return new JSONResponse($contacts);

src/components/Editor/Invitees/InviteesListSearch.vue

@@ -62,7 +62,6 @@ import {
 } from '@nextcloud/vue'
 import debounce from 'debounce'
 import GoogleCirclesCommunitiesIcon from 'vue-material-design-icons/GoogleCirclesCommunities.vue'
-import { principalPropertySearchByDisplaynameOrEmail } from '../../../services/caldavService.js'
 import {
 	circleGetMembers,
 	circleSearchByName,
@@ -118,15 +117,14 @@ export default {
 			if (query.length > 0) {
 				const promises = [
 					this.findAttendeesFromContactsAPI(query),
-					this.findAttendeesFromDAV(query),
 				]
 				if (isCirclesEnabled) {
 					promises.push(this.findAttendeesFromCircles(query))
 				}
 
-				const [contactsResults, davResults, circleResults] = await Promise.all(promises)
+				const results = await Promise.all(promises)
+				const [contactsResults, circleResults] = results
 				matches.push(...contactsResults)
-				matches.push(...davResults)
 				if (isCirclesEnabled) {
 					matches.push(...circleResults)
 				}
@@ -290,44 +288,6 @@ export default {
 			}, [])
 		},
 
-		async findAttendeesFromDAV(query) {
-			let results
-			try {
-				results = await principalPropertySearchByDisplaynameOrEmail(query)
-			} catch (error) {
-				console.debug(error)
-				return []
-			}
-
-			return results.filter((principal) => {
-				if (!principal.email) {
-					return false
-				}
-
-				if (this.alreadyInvitedEmails.includes(principal.email)) {
-					return false
-				}
-
-				// Do not include resources and rooms
-				if (['ROOM', 'RESOURCE'].includes(principal.calendarUserType)) {
-					return false
-				}
-
-				return true
-			}).map((principal) => {
-				return {
-					commonName: principal.displayname,
-					calendarUserType: principal.calendarUserType,
-					email: principal.email,
-					language: principal.language,
-					isUser: principal.calendarUserType === 'INDIVIDUAL',
-					avatar: decodeURIComponent(principal.userId),
-					hasMultipleEMails: false,
-					dropdownName: principal.displayname ? [principal.displayname, principal.email].join(' ') : principal.email,
-				}
-			})
-		},
-
 		async findAttendeesFromCircles(query) {
 			let results
 			try {

tests/php/unit/Controller/ContactControllerTest.php

@@ -12,6 +12,7 @@
 use OCP\App\IAppManager;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\Contacts\IManager;
+use OCP\IAppConfig;
 use OCP\IRequest;
 use OCP\IUserManager;
 use PHPUnit\Framework\MockObject\MockObject;
@@ -34,6 +35,7 @@ class ContactControllerTest extends TestCase {
 	/** @var IUserManager|MockObject */
 	private $userManager;
 	private ContactsService|MockObject $service;
+	private IAppConfig|MockObject $appConfig;
 
 	/** @var ContactController */
 	protected $controller;
@@ -49,13 +51,15 @@ protected function setUp():void {
 		$this->appManager = $this->createMock(IAppManager::class);
 		$this->userManager = $this->createMock(IUserManager::class);
 		$this->service = $this->createMock(ContactsService::class);
+		$this->appConfig = $this->createMock(IAppConfig::class);
 		$this->logger = $this->createMock(NullLogger::class);
 		$this->controller = new ContactController($this->appName,
 			$this->request,
 			$this->manager,
 			$this->appManager,
 			$this->userManager,
 			$this->service,
+			$this->appConfig,
 			$this->logger,
 		);
 	}
@@ -338,6 +342,10 @@ public function testSearchAttendee():void {
 		$this->manager->expects(self::once())
 			->method('isEnabled')
 			->willReturn(true);
+		$this->appConfig->expects(self::once())
+			->method('getValueBool')
+			->with('dav', 'caldav.external_attendees_disabled', false)
+			->willReturn(false);
 		$this->service
 			->method('hasEmail')
 			->willReturnMap([
@@ -360,20 +368,23 @@ public function testSearchAttendee():void {
 				[$user1, 'Person 1'],
 				[$user2, 'Person 2'],
 				[$user3, ''],
+				[$user4, 'Person 3'],
 			]);
-		$this->service->expects(self::exactly(2))
+		$this->service->expects(self::exactly(3))
 			->method('getLanguageId')
 			->willReturnMap([
 				[$user1, 'de'],
-				[$user3, 'en_us'],
+				[$user2, null],
+				[$user4, 'en_us'],
 			]);
-		$this->service->expects(self::exactly(2))
+		$this->service->expects(self::exactly(3))
 			->method('getTimezoneId')
 			->willReturnMap([
 				[$user1, 'Europe/Berlin'],
-				[$user3, 'Australia/Adelaide'],
+				[$user2, null],
+				[$user4, 'Australia/Adelaide'],
 			]);
-		$this->service->expects(self::exactly(2))
+		$this->service->expects(self::exactly(3))
 			->method('getEmail')
 			->willReturnMap([
 				[$user1, [
@@ -382,7 +393,7 @@ public function testSearchAttendee():void {
 				]
 				],
 				[$user2, ['[email protected]']],
-				[$user3, ['foo5@example.com']],
+				[$user4, ['foo4@example.com']],
 			]);
 		$this->service->method('getPhotoUri')
 			->willReturnMap([
@@ -394,7 +405,7 @@ public function testSearchAttendee():void {
 		$this->manager->expects(self::exactly(2))
 			->method('search')
 			->willReturnMap([
-				['search 123', ['FN', 'EMAIL'], ['enumeration' => false], [$user1, $user2, $user3, $user4]],
+				['search 123', ['FN', 'EMAIL'], ['enumeration' => true], [$user1, $user2, $user3, $user4]],
 				['search 123', ['CATEGORIES'], [], [$user4]]
 			]);
 
@@ -421,6 +432,101 @@ public function testSearchAttendee():void {
 				'tzid' => null,
 				'photo' => null,
 				'type' => 'individual'
+			], [
+				'name' => 'Person 3',
+				'emails' => [
+					'[email protected]'
+				],
+				'lang' => 'en_us',
+				'tzid' => 'Australia/Adelaide',
+				'photo' => null,
+				'type' => 'individual'
+			]
+		], $response->getData());
+		$this->assertEquals(200, $response->getStatus());
+	}
+
+	public function testSearchAttendeeExternalAttendeesDisabled():void {
+		$user1 = [
+			'FN' => 'Person 1',
+			'EMAIL' => [
+				'[email protected]',
+				'[email protected]',
+			],
+			'LANG' => 'de',
+			'TZ' => 'Europe/Berlin',
+			'PHOTO' => 'VALUE=uri:http://foo.bar'
+		];
+		$user2 = [
+			'FN' => 'Person 2',
+			'EMAIL' => '[email protected]',
+		];
+		$user3 = [
+			'isLocalSystemBook' => true,
+			'FN' => 'System User',
+			'EMAIL' => '[email protected]',
+			'LANG' => 'en',
+			'TZ' => 'UTC',
+		];
+
+		$this->manager->expects(self::once())
+			->method('isEnabled')
+			->willReturn(true);
+		$this->appConfig->expects(self::once())
+			->method('getValueBool')
+			->with('dav', 'caldav.external_attendees_disabled', false)
+			->willReturn(true);
+		$this->service
+			->method('hasEmail')
+			->willReturnMap([
+				[$user1, true],
+				[$user2, true],
+				[$user3, true],
+			]);
+		$this->service
+			->method('isSystemBook')
+			->willReturnMap([
+				[$user1, false],
+				[$user2, false],
+				[$user3, true],
+			]);
+		$this->service
+			->method('getNameFromContact')
+			->willReturnMap([
+				[$user3, 'System User'],
+			]);
+		$this->service->expects(self::once())
+			->method('getLanguageId')
+			->with($user3)
+			->willReturn('en');
+		$this->service->expects(self::once())
+			->method('getTimezoneId')
+			->with($user3)
+			->willReturn('UTC');
+		$this->service->expects(self::once())
+			->method('getEmail')
+			->with($user3)
+			->willReturn(['[email protected]']);
+		$this->service->expects(self::once())
+			->method('getPhotoUri')
+			->with($user3)
+			->willReturn(null);
+		$this->manager->expects(self::once())
+			->method('search')
+			->with('search 123', ['FN', 'EMAIL'], ['enumeration' => true])
+			->willReturn([$user1, $user2, $user3]);
+
+		$response = $this->controller->searchAttendee('search 123');
+
+		$this->assertInstanceOf(JSONResponse::class, $response);
+		$this->assertEquals([
+			[
+				'name' => 'System User',
+				'emails' => ['[email protected]'],
+				'lang' => 'en',
+				'tzid' => 'UTC',
+				'photo' => null,
+				'type' => 'individual'
 			]
 		], $response->getData());
 		$this->assertEquals(200, $response->getStatus());