Improvement to access control

2025-12-14 08:12:24 +00:00 · 2024-10-31 21:18:41 +01:00
parent c484a17911
commit 0c14f8ba90
24 changed files with 394 additions and 215 deletions
--- a/crates/carddav/src/address_object/resource.rs
+++ b/crates/carddav/src/address_object/resource.rs
@@ -1,8 +1,12 @@
-use crate::Error;
+use crate::{principal::PrincipalResource, Error};
 use actix_web::{dev::ResourceMap, web::Data, HttpRequest};
 use async_trait::async_trait;
 use derive_more::derive::{From, Into};
-use rustical_dav::resource::{InvalidProperty, Resource, ResourceService};
+use rustical_dav::{
+    privileges::UserPrivilegeSet,
+    resource::{InvalidProperty, Resource, ResourceService},
+    xml::HrefElement,
+};
 use rustical_store::{auth::User, AddressObject, AddressbookStore};
 use serde::{Deserialize, Serialize};
 use std::sync::Arc;
@@ -24,6 +28,9 @@ pub enum AddressObjectPropName {
    Getetag,
    AddressData,
    Getcontenttype,
+    CurrentUserPrincipal,
+    Owner,
+    CurrentUserPrivilegeSet,
 }

 #[derive(Deserialize, Serialize, Debug, Clone)]
@@ -33,6 +40,13 @@ pub enum AddressObjectProp {
    Getetag(String),
    Getcontenttype(String),

+    // WebDAV Current Principal Extension (RFC 5397)
+    CurrentUserPrincipal(HrefElement),
+
+    // WebDAV Access Control (RFC 3744)
+    Owner(HrefElement),
+    CurrentUserPrivilegeSet(UserPrivilegeSet),
+
    // CalDAV (RFC 4791)
    #[serde(rename = "CARD:address-data")]
    AddressData(String),
@@ -47,7 +61,10 @@ impl InvalidProperty for AddressObjectProp {
 }

 #[derive(Clone, From, Into)]
-pub struct AddressObjectResource(AddressObject);
+pub struct AddressObjectResource {
+    pub object: AddressObject,
+    pub principal: String,
+}

 impl Resource for AddressObjectResource {
    type PropName = AddressObjectPropName;
@@ -56,17 +73,27 @@ impl Resource for AddressObjectResource {

    fn get_prop(
        &self,
-        _rmap: &ResourceMap,
+        rmap: &ResourceMap,
+        user: &User,
        prop: Self::PropName,
    ) -> Result<Self::Prop, Self::Error> {
        Ok(match prop {
-            AddressObjectPropName::Getetag => AddressObjectProp::Getetag(self.0.get_etag()),
+            AddressObjectPropName::Getetag => AddressObjectProp::Getetag(self.object.get_etag()),
            AddressObjectPropName::AddressData => {
-                AddressObjectProp::AddressData(self.0.get_vcf().to_owned())
+                AddressObjectProp::AddressData(self.object.get_vcf().to_owned())
            }
            AddressObjectPropName::Getcontenttype => {
                AddressObjectProp::Getcontenttype("text/vcard;charset=utf-8".to_owned())
            }
+            AddressObjectPropName::CurrentUserPrincipal => AddressObjectProp::CurrentUserPrincipal(
+                HrefElement::new(PrincipalResource::get_principal_url(rmap, &user.id)),
+            ),
+            AddressObjectPropName::Owner => AddressObjectProp::Owner(
+                PrincipalResource::get_principal_url(rmap, &self.principal).into(),
+            ),
+            AddressObjectPropName::CurrentUserPrivilegeSet => {
+                AddressObjectProp::CurrentUserPrivilegeSet(UserPrivilegeSet::all())
+            }
        })
    }

@@ -74,6 +101,10 @@ impl Resource for AddressObjectResource {
    fn resource_name() -> &'static str {
        "carddav_address_object"
    }
+
+    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+        Ok(UserPrivilegeSet::owner_only(self.principal == user.id))
+    }
 }

 #[derive(Debug, Clone)]
@@ -133,15 +164,15 @@ impl<AS: AddressbookStore + ?Sized> ResourceService for AddressObjectResourceSer
        })
    }

-    async fn get_resource(&self, user: User) -> Result<Self::Resource, Self::Error> {
-        if self.principal != user.id {
-            return Err(Error::Unauthorized);
-        }
-        let event = self
+    async fn get_resource(&self) -> Result<Self::Resource, Self::Error> {
+        let object = self
            .addr_store
            .get_object(&self.principal, &self.cal_id, &self.object_id)
            .await?;
-        Ok(event.into())
+        Ok(AddressObjectResource {
+            object,
+            principal: self.principal.to_owned(),
+        })
    }

    async fn save_resource(&self, _file: Self::Resource) -> Result<(), Self::Error> {
--- a/crates/carddav/src/addressbook/methods/report/addressbook_multiget.rs
+++ b/crates/carddav/src/addressbook/methods/report/addressbook_multiget.rs
@@ -16,7 +16,7 @@ use rustical_dav::{
        MultistatusElement,
    },
 };
-use rustical_store::{AddressObject, AddressbookStore};
+use rustical_store::{auth::User, AddressObject, AddressbookStore};
 use serde::Deserialize;

 #[derive(Deserialize, Clone, Debug)]
@@ -64,6 +64,7 @@ pub async fn get_objects_addressbook_multiget<AS: AddressbookStore + ?Sized>(
 pub async fn handle_addressbook_multiget<AS: AddressbookStore + ?Sized>(
    addr_multiget: AddressbookMultigetRequest,
    req: HttpRequest,
+    user: &User,
    principal: &str,
    cal_id: &str,
    addr_store: &AS,
@@ -92,11 +93,13 @@ pub async fn handle_addressbook_multiget<AS: AddressbookStore + ?Sized>(
    let mut responses = Vec::new();
    for object in objects {
        let path = format!("{}/{}", req.path(), object.get_id());
-        responses.push(AddressObjectResource::from(object).propfind(
-            &path,
-            props.clone(),
-            req.resource_map(),
-        )?);
+        responses.push(
+            AddressObjectResource {
+                object,
+                principal: principal.to_owned(),
+            }
+            .propfind(&path, props.clone(), user, req.resource_map())?,
+        );
    }

    let not_found_responses = not_found
--- a/crates/carddav/src/addressbook/methods/report/mod.rs
+++ b/crates/carddav/src/addressbook/methods/report/mod.rs
@@ -47,6 +47,7 @@ pub async fn route_report_addressbook<AS: AddressbookStore + ?Sized>(
            handle_addressbook_multiget(
                addr_multiget,
                req,
+                &user,
                &principal,
                &addressbook_id,
                addr_store.as_ref(),
@@ -57,6 +58,7 @@ pub async fn route_report_addressbook<AS: AddressbookStore + ?Sized>(
            handle_sync_collection(
                sync_collection,
                req,
+                &user,
                &principal,
                &addressbook_id,
                addr_store.as_ref(),
--- a/crates/carddav/src/addressbook/methods/report/sync_collection.rs
+++ b/crates/carddav/src/addressbook/methods/report/sync_collection.rs
@@ -12,6 +12,7 @@ use rustical_dav::{
    },
 };
 use rustical_store::{
+    auth::User,
    synctoken::{format_synctoken, parse_synctoken},
    AddressbookStore,
 };
@@ -42,6 +43,7 @@ pub struct SyncCollectionRequest {
 pub async fn handle_sync_collection<AS: AddressbookStore + ?Sized>(
    sync_collection: SyncCollectionRequest,
    req: HttpRequest,
+    user: &User,
    principal: &str,
    addressbook_id: &str,
    addr_store: &AS,
@@ -69,11 +71,13 @@ pub async fn handle_sync_collection<AS: AddressbookStore + ?Sized>(
            vec![principal, addressbook_id, &object.get_id()],
        )
        .unwrap();
-        responses.push(AddressObjectResource::from(object).propfind(
-            &path,
-            props.clone(),
-            req.resource_map(),
-        )?);
+        responses.push(
+            AddressObjectResource {
+                object,
+                principal: principal.to_owned(),
+            }
+            .propfind(&path, props.clone(), user, req.resource_map())?,
+        );
    }

    for object_id in deleted_objects {
--- a/crates/carddav/src/addressbook/prop.rs
+++ b/crates/carddav/src/addressbook/prop.rs
@@ -41,55 +41,6 @@ pub struct Resourcetype {
    collection: (),
 }

-#[derive(Debug, Clone, Deserialize, Serialize)]
-#[serde(rename_all = "kebab-case")]
-pub enum UserPrivilege {
-    Read,
-    ReadAcl,
-    Write,
-    WriteAcl,
-    WriteContent,
-    ReadCurrentUserPrivilegeSet,
-    Bind,
-    Unbind,
-}
-
-#[derive(Debug, Clone, Deserialize, Serialize)]
-#[serde(rename_all = "kebab-case")]
-pub struct UserPrivilegeWrapper {
-    #[serde(rename = "$value")]
-    privilege: UserPrivilege,
-}
-
-impl From<UserPrivilege> for UserPrivilegeWrapper {
-    fn from(value: UserPrivilege) -> Self {
-        Self { privilege: value }
-    }
-}
-
-#[derive(Debug, Clone, Deserialize, Serialize)]
-#[serde(rename_all = "kebab-case")]
-pub struct UserPrivilegeSet {
-    privilege: Vec<UserPrivilegeWrapper>,
-}
-
-impl Default for UserPrivilegeSet {
-    fn default() -> Self {
-        Self {
-            privilege: vec![
-                UserPrivilege::Read.into(),
-                UserPrivilege::ReadAcl.into(),
-                UserPrivilege::Write.into(),
-                UserPrivilege::WriteAcl.into(),
-                UserPrivilege::WriteContent.into(),
-                UserPrivilege::ReadCurrentUserPrivilegeSet.into(),
-                UserPrivilege::Bind.into(),
-                UserPrivilege::Unbind.into(),
-            ],
-        }
-    }
-}
-
 #[derive(Debug, Clone, Deserialize, Serialize)]
 #[serde(rename_all = "kebab-case")]
 pub enum ReportMethod {
--- a/crates/carddav/src/addressbook/resource.rs
+++ b/crates/carddav/src/addressbook/resource.rs
@@ -1,6 +1,6 @@
 use super::methods::mkcol::route_mkcol;
 use super::methods::report::route_report_addressbook;
-use super::prop::{Resourcetype, SupportedAddressData, SupportedReportSet, UserPrivilegeSet};
+use super::prop::{Resourcetype, SupportedAddressData, SupportedReportSet};
 use crate::address_object::resource::AddressObjectResource;
 use crate::principal::PrincipalResource;
 use crate::Error;
@@ -10,6 +10,7 @@ use actix_web::web;
 use actix_web::{web::Data, HttpRequest};
 use async_trait::async_trait;
 use derive_more::derive::{From, Into};
+use rustical_dav::privileges::UserPrivilegeSet;
 use rustical_dav::resource::{InvalidProperty, Resource, ResourceService};
 use rustical_dav::xml::HrefElement;
 use rustical_store::auth::User;
@@ -99,6 +100,7 @@ impl Resource for AddressbookResource {
    fn get_prop(
        &self,
        rmap: &ResourceMap,
+        user: &User,
        prop: Self::PropName,
    ) -> Result<Self::Prop, Self::Error> {
        Ok(match prop {
@@ -107,12 +109,15 @@ impl Resource for AddressbookResource {
            }
            AddressbookPropName::CurrentUserPrincipal => {
                AddressbookProp::CurrentUserPrincipal(HrefElement::new(
-                    PrincipalResource::get_url(rmap, vec![&self.0.principal]).unwrap(),
+                    PrincipalResource::get_principal_url(rmap, &self.0.principal),
                ))
            }
-            AddressbookPropName::Owner => AddressbookProp::Owner(HrefElement::new(
-                PrincipalResource::get_url(rmap, vec![&self.0.principal]).unwrap(),
-            )),
+            AddressbookPropName::Owner => AddressbookProp::Owner(
+                PrincipalResource::get_principal_url(rmap, &self.0.principal).into(),
+            ),
+            AddressbookPropName::CurrentUserPrivilegeSet => {
+                AddressbookProp::CurrentUserPrivilegeSet(UserPrivilegeSet::all())
+            }
            AddressbookPropName::Displayname => {
                AddressbookProp::Displayname(self.0.displayname.clone())
            }
@@ -120,9 +125,6 @@ impl Resource for AddressbookResource {
                AddressbookProp::Getcontenttype("text/vcard;charset=utf-8".to_owned())
            }
            AddressbookPropName::MaxResourceSize => AddressbookProp::MaxResourceSize(10000000),
-            AddressbookPropName::CurrentUserPrivilegeSet => {
-                AddressbookProp::CurrentUserPrivilegeSet(UserPrivilegeSet::default())
-            }
            AddressbookPropName::SupportedReportSet => {
                AddressbookProp::SupportedReportSet(SupportedReportSet::default())
            }
@@ -188,6 +190,10 @@ impl Resource for AddressbookResource {
    fn resource_name() -> &'static str {
        "carddav_addressbook"
    }
+
+    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+        Ok(UserPrivilegeSet::owner_only(self.0.principal == user.id))
+    }
 }

 #[async_trait(?Send)]
@@ -197,10 +203,7 @@ impl<AS: AddressbookStore + ?Sized> ResourceService for AddressbookResourceServi
    type Resource = AddressbookResource;
    type Error = Error;

-    async fn get_resource(&self, user: User) -> Result<Self::Resource, Error> {
-        if self.principal != user.id {
-            return Err(Error::Unauthorized);
-        }
+    async fn get_resource(&self) -> Result<Self::Resource, Error> {
        let addressbook = self
            .addr_store
            .get_addressbook(&self.principal, &self.addressbook_id)
@@ -225,7 +228,10 @@ impl<AS: AddressbookStore + ?Sized> ResourceService for AddressbookResourceServi
                        vec![&self.principal, &self.addressbook_id, object.get_id()],
                    )
                    .unwrap(),
-                    object.into(),
+                    AddressObjectResource {
+                        object,
+                        principal: self.principal.to_owned(),
+                    },
                )
            })
            .collect())
--- a/crates/carddav/src/principal/mod.rs
+++ b/crates/carddav/src/principal/mod.rs
@@ -4,6 +4,7 @@ use actix_web::dev::ResourceMap;
 use actix_web::web::Data;
 use actix_web::HttpRequest;
 use async_trait::async_trait;
+use rustical_dav::privileges::UserPrivilegeSet;
 use rustical_dav::resource::{InvalidProperty, Resource, ResourceService};
 use rustical_dav::xml::HrefElement;
 use rustical_store::auth::User;
@@ -68,6 +69,12 @@ pub enum PrincipalPropName {
    PrincipalAddress,
 }

+impl PrincipalResource {
+    pub fn get_principal_url(rmap: &ResourceMap, principal: &str) -> String {
+        Self::get_url(rmap, vec![principal]).unwrap()
+    }
+}
+
 impl Resource for PrincipalResource {
    type PropName = PrincipalPropName;
    type Prop = PrincipalProp;
@@ -76,9 +83,10 @@ impl Resource for PrincipalResource {
    fn get_prop(
        &self,
        rmap: &ResourceMap,
+        user: &User,
        prop: Self::PropName,
    ) -> Result<Self::Prop, Self::Error> {
-        let principal_href = HrefElement::new(Self::get_url(rmap, vec![&self.principal]).unwrap());
+        let principal_href = HrefElement::new(Self::get_principal_url(rmap, &self.principal));

        Ok(match prop {
            PrincipalPropName::Resourcetype => PrincipalProp::Resourcetype(Resourcetype::default()),
@@ -97,6 +105,10 @@ impl Resource for PrincipalResource {
    fn resource_name() -> &'static str {
        "carddav_principal"
    }
+
+    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+        Ok(UserPrivilegeSet::owner_only(self.principal == user.id))
+    }
 }

 #[async_trait(?Send)]
@@ -122,10 +134,7 @@ impl<A: AddressbookStore + ?Sized> ResourceService for PrincipalResourceService<
        })
    }

-    async fn get_resource(&self, user: User) -> Result<Self::Resource, Self::Error> {
-        if self.principal != user.id {
-            return Err(Error::Unauthorized);
-        }
+    async fn get_resource(&self) -> Result<Self::Resource, Self::Error> {
        Ok(PrincipalResource {
            principal: self.principal.to_owned(),
        })
--- a/crates/carddav/src/root/mod.rs
+++ b/crates/carddav/src/root/mod.rs
@@ -3,6 +3,7 @@ use crate::Error;
 use actix_web::dev::ResourceMap;
 use actix_web::HttpRequest;
 use async_trait::async_trait;
+use rustical_dav::privileges::UserPrivilegeSet;
 use rustical_dav::resource::{InvalidProperty, Resource, ResourceService};
 use rustical_dav::xml::HrefElement;
 use rustical_store::auth::User;
@@ -13,8 +14,8 @@ use strum::{EnumString, VariantNames};
 #[strum(serialize_all = "kebab-case")]
 pub enum RootPropName {
    Resourcetype,
-    // Defined by RFC 5397
    CurrentUserPrincipal,
+    CurrentUserPrivilegeSet,
 }

 #[derive(Deserialize, Serialize, Default, Debug)]
@@ -31,7 +32,11 @@ pub enum RootProp {

    // WebDAV Current Principal Extension (RFC 5397)
    CurrentUserPrincipal(HrefElement),
-    #[serde(other)]
+
+    // WebDAV Access Control Protocol (RFC 3477)
+    CurrentUserPrivilegeSet(UserPrivilegeSet),
+
+    #[serde(untagged)]
    Invalid,
 }

@@ -42,9 +47,7 @@ impl InvalidProperty for RootProp {
 }

 #[derive(Clone)]
-pub struct RootResource {
-    principal: String,
-}
+pub struct RootResource;

 impl Resource for RootResource {
    type PropName = RootPropName;
@@ -54,13 +57,17 @@ impl Resource for RootResource {
    fn get_prop(
        &self,
        rmap: &ResourceMap,
+        user: &User,
        prop: Self::PropName,
    ) -> Result<Self::Prop, Self::Error> {
        Ok(match prop {
            RootPropName::Resourcetype => RootProp::Resourcetype(Resourcetype::default()),
-            RootPropName::CurrentUserPrincipal => RootProp::CurrentUserPrincipal(HrefElement::new(
-                PrincipalResource::get_url(rmap, vec![&self.principal]).unwrap(),
-            )),
+            RootPropName::CurrentUserPrincipal => RootProp::CurrentUserPrincipal(
+                PrincipalResource::get_principal_url(rmap, &user.id).into(),
+            ),
+            RootPropName::CurrentUserPrivilegeSet => {
+                RootProp::CurrentUserPrivilegeSet(self.get_user_privileges(user)?)
+            }
        })
    }

@@ -68,6 +75,10 @@ impl Resource for RootResource {
    fn resource_name() -> &'static str {
        "carddav_root"
    }
+
+    fn get_user_privileges(&self, _user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+        Ok(UserPrivilegeSet::all())
+    }
 }

 pub struct RootResourceService;
@@ -86,8 +97,8 @@ impl ResourceService for RootResourceService {
        Ok(Self)
    }

-    async fn get_resource(&self, user: User) -> Result<Self::Resource, Self::Error> {
-        Ok(RootResource { principal: user.id })
+    async fn get_resource(&self) -> Result<Self::Resource, Self::Error> {
+        Ok(RootResource)
    }

    async fn save_resource(&self, _file: Self::Resource) -> Result<(), Self::Error> {