fix: aliases and capitalization of emails

Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>

Author: SebastianKrupinski

apps/dav/lib/CalDAV/CalendarImpl.php

@@ -14,6 +14,7 @@
 use OCP\Calendar\CalendarExportOptions;
 use OCP\Calendar\Exceptions\CalendarException;
 use OCP\Calendar\ICalendarExport;
+use OCP\Calendar\ICalendarHandleImip;
 use OCP\Calendar\ICalendarIsEnabled;
 use OCP\Calendar\ICalendarIsShared;
 use OCP\Calendar\ICalendarIsWritable;
@@ -30,7 +31,7 @@
 use Sabre\VObject\Reader;
 use function Sabre\Uri\split as uriSplit;
 
-class CalendarImpl implements ICreateFromString, IHandleImipMessage, ICalendarIsWritable, ICalendarIsShared, ICalendarExport, ICalendarIsEnabled {
+class CalendarImpl implements ICreateFromString, IHandleImipMessage, ICalendarIsEnabled, ICalendarIsWritable, ICalendarIsShared, ICalendarHandleImip, ICalendarExport {
 	public function __construct(
 		private Calendar $calendar,
 		/** @var array<string, mixed> */
@@ -211,60 +212,79 @@ public function createFromString(string $name, string $calendarData): void {
 
 	/**
 	 * @throws CalendarException
+	 *
+	 * @deprecated 32.0.0 Use handleIMip() instead
 	 */
 	public function handleIMipMessage(string $name, string $calendarData): void {
+		/** @var VCalendar $vObject */
+		$vObject = Reader::read($calendarData);
+		$this->handleIMip($vObject);
+	}
+
+	/**
+	 * Processes an iMip message
+	 *
+	 * @since 32.0.0
+	 *
+	 * @throws CalendarException
+	 */
+	public function handleIMip(VCalendar $vObject): void {
 		$server = $this->getInvitationResponseServer();
 
-		/** @var CustomPrincipalPlugin $plugin */
-		$plugin = $server->getServer()->getPlugin('auth');
+		/** @var CustomPrincipalPlugin $authPlugin */
+		$authPlugin = $server->getServer()->getPlugin('auth');
 		// we're working around the previous implementation
 		// that only allowed the public system principal to be used
 		// so set the custom principal here
-		$plugin->setCurrentPrincipal($this->calendar->getPrincipalURI());
+		$authPlugin->setCurrentPrincipal($this->calendar->getPrincipalURI());
 
 		if (empty($this->calendarInfo['uri'])) {
 			throw new CalendarException('Could not write to calendar as URI parameter is missing');
 		}
 		// Force calendar change URI
-		/** @var Schedule\Plugin $schedulingPlugin */
+		/** @var \OCA\DAV\CalDAV\Schedule\Plugin $schedulingPlugin */
 		$schedulingPlugin = $server->getServer()->getPlugin('caldav-schedule');
-		// Let sabre handle the rest
-		$iTipMessage = new Message();
-		/** @var VCalendar $vObject */
-		$vObject = Reader::read($calendarData);
-		/** @var VEvent $vEvent */
-		$vEvent = $vObject->{'VEVENT'};
-
-		if ($vObject->{'METHOD'} === null) {
-			throw new CalendarException('No Method provided for scheduling data. Could not process message');
-		}
-
-		if (!isset($vEvent->{'ORGANIZER'}) || !isset($vEvent->{'ATTENDEE'})) {
-			throw new CalendarException('Could not process scheduling data, neccessary data missing from ICAL');
-		}
-		$organizer = $vEvent->{'ORGANIZER'}->getValue();
-		$attendee = $vEvent->{'ATTENDEE'}->getValue();
-
-		$iTipMessage->method = $vObject->{'METHOD'}->getValue();
-		if ($iTipMessage->method === 'REQUEST') {
-			$iTipMessage->sender = $organizer;
-			$iTipMessage->recipient = $attendee;
-		} elseif ($iTipMessage->method === 'REPLY') {
-			if ($server->isExternalAttendee($vEvent->{'ATTENDEE'}->getValue())) {
-				$iTipMessage->recipient = $organizer;
-			} else {
-				$iTipMessage->recipient = $attendee;
+		// retrieve all uses addresses
+		$userAddresses = $schedulingPlugin->getAddressesForPrincipal($this->calendar->getPrincipalURI());
+		$userAddresses = array_map('strtolower', $userAddresses);
+		// validate the method, recipient and sender
+		$imipMethod = strtoupper($vObject->METHOD->getValue());
+		if (in_array($imipMethod, ['REPLY', 'REFRESH'], true)) {
+			// extract sender (REPLY and REFRESH method should only have one attendee)
+			$sender = strtolower($vObject->VEVENT->ATTENDEE->getValue());
+			// extract and verify the recipient
+			$recipient = strtolower($vObject->VEVENT->ORGANIZER->getValue());
+			if (!in_array($recipient, $userAddresses, true)) {
+				throw new CalendarException('iMip message dose not contain an organizer that matches the user');
+			}
+		} elseif (in_array($imipMethod, ['PUBLISH', 'REQUEST', 'ADD', 'CANCEL'], true)) {
+			// extract sender
+			$sender = strtolower($vObject->VEVENT->ORGANIZER->getValue());
+			// extract and verify the recipient
+			foreach ($vObject->VEVENT->ATTENDEE as $attendee) {
+				$recipient = strtolower($attendee->getValue());
+				if (in_array($recipient, $userAddresses, true)) {
+					break;
+				}
+				$recipient = null;
+			}
+			if ($recipient === null) {
+				throw new CalendarException('iMip message dose not contain an attendee that matches the user');
 			}
-			$iTipMessage->sender = $attendee;
-		} elseif ($iTipMessage->method === 'CANCEL') {
-			$iTipMessage->recipient = $attendee;
-			$iTipMessage->sender = $organizer;
+		} else {
+			throw new CalendarException('iMip message contains a method that is not supported: ' . $imipMethod);
 		}
-		$iTipMessage->uid = isset($vEvent->{'UID'}) ? $vEvent->{'UID'}->getValue() : '';
-		$iTipMessage->component = 'VEVENT';
-		$iTipMessage->sequence = isset($vEvent->{'SEQUENCE'}) ? (int)$vEvent->{'SEQUENCE'}->getValue() : 0;
-		$iTipMessage->message = $vObject;
-		$server->server->emit('schedule', [$iTipMessage]);
+		// generate the iTip message
+		$iTip = new Message();
+		$iTip->method = $imipMethod;
+		$iTip->sender = $sender;
+		$iTip->recipient = $recipient;
+		$iTip->component = 'VEVENT';
+		$iTip->uid = $vObject->VEVENT->UID->getValue();
+		$iTip->sequence = (int)$vObject->VEVENT->SEQUENCE->getValue() ?? 0;
+		$iTip->message = $vObject;
+
+		$server->server->emit('schedule', [$iTip]);
 	}
 
 	public function getInvitationResponseServer(): InvitationResponseServer {

apps/dav/lib/CalDAV/Schedule/Plugin.php

@@ -132,7 +132,7 @@ public function propFind(PropFind $propFind, INode $node) {
 	 * @param string $principal
 	 * @return array
 	 */
-	protected function getAddressesForPrincipal($principal) {
+	public function getAddressesForPrincipal($principal) {
 		$result = parent::getAddressesForPrincipal($principal);
 
 		if ($result === null) {