Version 3.4.5

Fixes #82

.gitattributes

@@ -1,2 +1,3 @@
 # Otherwise GitHub thinks this is an HTML project
 crates/frontend/public/assets/licenses.html linguist-detectable=false
+crates/frontend/public/assets/js/* linguist-detectable=false

.gitignore

@@ -12,3 +12,7 @@ principals.toml
 .env
 
 site
+
+# Frontend
+**/node_modules
+**/.vite

.sqlx/query-246ec675667992c1297c29348d46496a884c59adb8b64b569d36f4ce10f88f47.json

@@ -1,6 +1,6 @@
 {
   "db_name": "SQLite",
-  "query": "SELECT id, vcf FROM addressobjects WHERE (principal, addressbook_id, id) = (?, ?, ?) AND ((deleted_at IS NULL) or ?)",
+  "query": "SELECT id, vcf FROM addressobjects WHERE (principal, addressbook_id, id) = (?, ?, ?) AND ((deleted_at IS NULL) OR ?)",
   "describe": {
     "columns": [
       {
@@ -22,5 +22,5 @@
       false
     ]
   },
-  "hash": "395e40a7b3333b79bc2ad50a123d99f74bc2712a16257ee2119dd211fdb61f7e"
+  "hash": "246ec675667992c1297c29348d46496a884c59adb8b64b569d36f4ce10f88f47"
 }

.sqlx/query-543838c030550cb09d1af08adfeade8b7ce3575d92fddbc6e9582d141bc9e49d.json

@@ -1,6 +1,6 @@
 {
   "db_name": "SQLite",
-  "query": "SELECT id, ics FROM calendarobjects WHERE (principal, cal_id, id) = (?, ?, ?)",
+  "query": "SELECT id, ics FROM calendarobjects WHERE (principal, cal_id, id) = (?, ?, ?) AND ((deleted_at IS NULL) OR ?)",
   "describe": {
     "columns": [
       {
@@ -15,12 +15,12 @@
       }
     ],
     "parameters": {
-      "Right": 3
+      "Right": 4
     },
     "nullable": [
       false,
       false
     ]
   },
-  "hash": "d2f7423e2e8f97607f6664200990dcadb927445880ec6edffba3b5aedf4e199b"
+  "hash": "543838c030550cb09d1af08adfeade8b7ce3575d92fddbc6e9582d141bc9e49d"
 }

Cargo.lock

@@ -759,6 +759,23 @@ dependencies = [
  "spki",
 ]
 
+[[package]]
+name = "ece"
+version = "2.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c2ea1d2f2cc974957a4e2575d8e5bb494549bab66338d6320c2789abcfff5746"
+dependencies = [
+ "base64 0.21.7",
+ "byteorder",
+ "hex",
+ "hkdf",
+ "lazy_static",
+ "once_cell",
+ "openssl",
+ "sha2",
+ "thiserror 1.0.69",
+]
+
 [[package]]
 name = "ed25519"
 version = "2.2.3"
@@ -903,6 +920,21 @@ version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
 
+[[package]]
+name = "foreign-types"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
+dependencies = [
+ "foreign-types-shared",
+]
+
+[[package]]
+name = "foreign-types-shared"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
+
 [[package]]
 name = "form_urlencoded"
 version = "1.2.1"
@@ -1222,6 +1254,12 @@ dependencies = [
  "pin-project-lite",
 ]
 
+[[package]]
+name = "http-range-header"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9171a2ea8a68358193d15dd5d70c1c10a2afc3e7e4c5bc92bc9f025cebd7359c"
+
 [[package]]
 name = "httparse"
 version = "1.10.1"
@@ -1616,6 +1654,18 @@ version = "0.8.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "47e1ffaa40ddd1f3ed91f717a33c8c0ee23fff369e3aa8772b9605cc1d22f4c3"
 
+[[package]]
+name = "matchit-serde"
+version = "0.1.0"
+source = "git+https://github.com/lennart-k/matchit-serde?rev=f0591d13#f0591d139ea1c88fa4ee397f3fcb4225fad4c6dc"
+dependencies = [
+ "derive_more",
+ "matchit",
+ "percent-encoding",
+ "serde",
+ "thiserror 2.0.12",
+]
+
 [[package]]
 name = "md-5"
 version = "0.10.6"
@@ -1803,6 +1853,54 @@ dependencies = [
  "url",
 ]
 
+[[package]]
+name = "openssl"
+version = "0.10.73"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8505734d46c8ab1e19a1dce3aef597ad87dcb4c37e7188231769bd6bd51cebf8"
+dependencies = [
+ "bitflags",
+ "cfg-if",
+ "foreign-types",
+ "libc",
+ "once_cell",
+ "openssl-macros",
+ "openssl-sys",
+]
+
+[[package]]
+name = "openssl-macros"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "openssl-src"
+version = "300.5.0+3.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e8ce546f549326b0e6052b649198487d91320875da901e7bd11a06d1ee3f9c2f"
+dependencies = [
+ "cc",
+]
+
+[[package]]
+name = "openssl-sys"
+version = "0.9.109"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "90096e2e47630d78b7d1c20952dc621f957103f8bc2c8359ec81290d75238571"
+dependencies = [
+ "cc",
+ "libc",
+ "openssl-src",
+ "pkg-config",
+ "vcpkg",
+]
+
 [[package]]
 name = "opentelemetry"
 version = "0.30.0"
@@ -2638,7 +2736,7 @@ dependencies = [
 
 [[package]]
 name = "rustical"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "anyhow",
  "argon2",
@@ -2681,7 +2779,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_caldav"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "async-trait",
  "axum",
@@ -2716,7 +2814,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_carddav"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "async-trait",
  "axum",
@@ -2748,7 +2846,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_dav"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "async-trait",
  "axum",
@@ -2759,6 +2857,8 @@ dependencies = [
  "http",
  "itertools 0.14.0",
  "log",
+ "matchit",
+ "matchit-serde",
  "quick-xml",
  "rustical_xml",
  "serde",
@@ -2771,15 +2871,20 @@ dependencies = [
 
 [[package]]
 name = "rustical_dav_push"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "async-trait",
+ "axum",
+ "base64 0.22.1",
  "derive_more",
+ "ece",
  "futures-util",
  "http",
  "itertools 0.14.0",
  "log",
+ "openssl",
  "quick-xml",
+ "rand 0.9.1",
  "reqwest",
  "rustical_dav",
  "rustical_store",
@@ -2792,7 +2897,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_frontend"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "askama",
  "askama_web",
@@ -2816,6 +2921,7 @@ dependencies = [
  "thiserror 2.0.12",
  "tokio",
  "tower",
+ "tower-http",
  "tower-sessions",
  "tracing",
  "url",
@@ -2824,7 +2930,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_ical"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "axum",
  "chrono",
@@ -2842,7 +2948,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_oidc"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "async-trait",
  "axum",
@@ -2857,7 +2963,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_store"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "anyhow",
  "async-trait",
@@ -2891,7 +2997,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_store_sqlite"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "async-trait",
  "chrono",
@@ -2911,7 +3017,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_xml"
-version = "0.1.0"
+version = "0.3.5"
 dependencies = [
  "quick-xml",
  "thiserror 2.0.12",
@@ -3776,12 +3882,20 @@ checksum = "adc82fd73de2a9722ac5da747f12383d2bfdb93591ee6c58486e0097890f05f2"
 dependencies = [
  "bitflags",
  "bytes",
+ "futures-core",
  "futures-util",
  "http",
  "http-body",
  "http-body-util",
+ "http-range-header",
+ "httpdate",
  "iri-string",
+ "mime",
+ "mime_guess",
+ "percent-encoding",
  "pin-project-lite",
+ "tokio",
+ "tokio-util",
  "tower",
  "tower-layer",
  "tower-service",

Cargo.toml

@@ -2,7 +2,7 @@
 members = ["crates/*"]
 
 [workspace.package]
-version = "0.1.0"
+version = "0.3.5"
 edition = "2024"
 description = "A CalDAV server"
 repository = "https://github.com/lennart-k/rustical"
@@ -20,6 +20,7 @@ publish = false
 
 [features]
 debug = ["opentelemetry"]
+frontend-dev = ["rustical_frontend/dev"]
 opentelemetry = [
   "dep:opentelemetry",
   "dep:opentelemetry-otlp",
@@ -33,6 +34,7 @@ opentelemetry = [
 debug = 0
 
 [workspace.dependencies]
+matchit = "0.8"
 uuid = { version = "1.11", features = ["v4", "fast-rng"] }
 async-trait = "0.1"
 axum = "0.8"
@@ -132,6 +134,11 @@ reqwest = { version = "0.12", features = [
 ], default-features = false }
 openidconnect = "4.0"
 clap = { version = "4.5", features = ["derive", "env"] }
+matchit-serde = { git = "https://github.com/lennart-k/matchit-serde", rev = "f0591d13" }
+ece = { version = "2.3", default-features = false, features = [
+  "backend-openssl",
+] }
+openssl = { version = "0.10", features = ["vendored"] }
 
 [dependencies]
 rustical_store = { workspace = true }

Dockerfile

@@ -16,7 +16,7 @@ RUN case $TARGETPLATFORM in \
   *) echo "Unsupported platform ${TARGETPLATFORM}"; exit 1;;  \
   esac
 
-RUN apk add --no-cache musl-dev llvm19 clang \
+RUN apk add --no-cache musl-dev llvm19 clang perl pkgconf make \
   && rustup target add "$(cat /tmp/rust_target)" \
   && cargo install cargo-chef --locked \
   && rm -rf "$CARGO_HOME/registry"

README.md

@@ -4,15 +4,15 @@ a CalDAV/CardDAV server
 
 > [!WARNING]
   RustiCal is **not production-ready!**
-  While I've started migrating to RustiCal and becoming more confident,
+  I've been using RustiCal for the last few weeks and I'm slowly becoming more confident,
-  please know that bugs and rough edges will still occur.
+  however you'd be one of the first testers so expect bugs and rough edges.
-  Concretely, if you are using Apple Calendar you will want to stay away from assigning groups to users.
   If you still want to play around with it in its current state, absolutely feel free to do so and to open up an issue if something is not working. :)
 
 ## Features
 
 - easy to backup, everything saved in one SQLite database
-- ~~[WebDAV Push](https://github.com/bitfireAT/webdav-push/) support, so near-instant synchronisation to DAVx5~~ (currently broken)
+  - also export feature in the frontend
+- [WebDAV Push](https://github.com/bitfireAT/webdav-push/) support, so near-instant synchronisation to DAVx5
 - lightweight (the container image contains only one binary)
 - adequately fast (I'd love to say blazingly fast™ :fire: but I don't have any benchmarks)
 - deleted calendars are recoverable
@@ -30,3 +30,4 @@ a CalDAV/CardDAV server
 - GNOME Accounts, GNOME Calendar, GNOME Contacts
 - Evolution
 - Apple Calendar
+- Home Assistant integration

about.toml

@@ -7,5 +7,6 @@ accepted = [
   "CDLA-Permissive-2.0",
   "Zlib",
   "AGPL-3.0",
+  "MPL-2.0",
 ]
 workarounds = ["ring", "chrono", "rustls"]

crates/caldav/src/calendar/methods/get.rs

@@ -9,7 +9,7 @@ use ical::generator::{Emitter, IcalCalendarBuilder};
 use ical::property::Property;
 use percent_encoding::{CONTROLS, utf8_percent_encode};
 use rustical_ical::{CalendarObjectComponent, EventObject, JournalObject, TodoObject};
-use rustical_store::{CalendarStore, SubscriptionStore, auth::User};
+use rustical_store::{CalendarStore, SubscriptionStore, auth::Principal};
 use std::collections::HashMap;
 use std::str::FromStr;
 use tracing::instrument;
@@ -18,7 +18,7 @@ use tracing::instrument;
 pub async fn route_get<C: CalendarStore, S: SubscriptionStore>(
     Path((principal, calendar_id)): Path<(String, String)>,
     State(CalendarResourceService { cal_store, .. }): State<CalendarResourceService<C, S>>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, Error> {
     if !user.is_principal(&principal) {
         return Err(crate::Error::Unauthorized);

crates/caldav/src/calendar/methods/mkcalendar.rs

@@ -4,8 +4,9 @@ use crate::calendar::prop::SupportedCalendarComponentSet;
 use axum::extract::{Path, State};
 use axum::response::{IntoResponse, Response};
 use http::{Method, StatusCode};
+use rustical_dav::xml::HrefElement;
 use rustical_ical::CalendarObjectType;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use rustical_store::{Calendar, CalendarStore, SubscriptionStore};
 use rustical_xml::{Unparsed, XmlDeserialize, XmlDocument, XmlRootTag};
 use tracing::instrument;
@@ -29,6 +30,8 @@ pub struct MkcolCalendarProp {
     resourcetype: Option<Unparsed>,
     #[xml(ns = "rustical_dav::namespace::NS_CALDAV")]
     supported_calendar_component_set: Option<SupportedCalendarComponentSet>,
+    #[xml(ns = "rustical_dav::namespace::NS_CALENDARSERVER")]
+    source: Option<HrefElement>,
     // Ignore that property, we don't support it but also don't want to throw an error
     #[xml(ns = "rustical_dav::namespace::NS_CALDAV")]
     #[allow(dead_code)]
@@ -60,7 +63,7 @@ struct MkcolRequest {
 #[instrument(skip(cal_store))]
 pub async fn route_mkcalendar<C: CalendarStore, S: SubscriptionStore>(
     Path((principal, cal_id)): Path<(String, String)>,
-    user: User,
+    user: Principal,
     State(CalendarResourceService { cal_store, .. }): State<CalendarResourceService<C, S>>,
     method: Method,
     body: String,
@@ -69,12 +72,16 @@ pub async fn route_mkcalendar<C: CalendarStore, S: SubscriptionStore>(
         return Err(Error::Unauthorized);
     }
 
-    let request = match method.as_str() {
+    let mut request = match method.as_str() {
         "MKCALENDAR" => MkcalendarRequest::parse_str(&body)?.set.prop,
         "MKCOL" => MkcolRequest::parse_str(&body)?.set.prop,
         _ => unreachable!("We never call with another method"),
     };
 
+    if let Some("") = request.displayname.as_deref() {
+        request.displayname = None
+    }
+
     let calendar = Calendar {
         id: cal_id.to_owned(),
         principal: principal.to_owned(),
@@ -86,7 +93,7 @@ pub async fn route_mkcalendar<C: CalendarStore, S: SubscriptionStore>(
         description: request.calendar_description,
         deleted_at: None,
         synctoken: 0,
-        subscription_url: None,
+        subscription_url: request.source.map(|href| href.href),
         push_topic: uuid::Uuid::new_v4().to_string(),
         components: request
             .supported_calendar_component_set

crates/caldav/src/calendar/methods/mod.rs

@@ -1,4 +1,4 @@
-pub mod mkcalendar;
-// pub mod post;
 pub mod get;
+pub mod mkcalendar;
+pub mod post;
 pub mod report;

crates/caldav/src/calendar/methods/post.rs

@@ -1,12 +1,13 @@
 use crate::Error;
-use crate::calendar::resource::{CalendarResource, CalendarResourceService};
+use crate::calendar::CalendarResourceService;
+use crate::calendar::resource::CalendarResource;
 use axum::extract::{Path, State};
 use axum::response::{IntoResponse, Response};
-use http::{HeaderMap, StatusCode, header};
+use http::{HeaderMap, HeaderValue, StatusCode, header};
 use rustical_dav::privileges::UserPrivilege;
 use rustical_dav::resource::Resource;
 use rustical_dav_push::register::PushRegister;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use rustical_store::{CalendarStore, Subscription, SubscriptionStore};
 use rustical_xml::XmlDocument;
 use tracing::instrument;
@@ -14,7 +15,7 @@ use tracing::instrument;
 #[instrument(skip(resource_service))]
 pub async fn route_post<C: CalendarStore, S: SubscriptionStore>(
     Path((principal, cal_id)): Path<(String, String)>,
-    user: User,
+    user: Principal,
     State(resource_service): State<CalendarResourceService<C, S>>,
     body: String,
 ) -> Result<Response, Error> {
@@ -73,20 +74,17 @@ pub async fn route_post<C: CalendarStore, S: SubscriptionStore>(
         .upsert_subscription(subscription)
         .await?;
 
-    // let location = req
+    // TODO: make nicer
-    //     .resource_map()
+    let location = format!("/push_subscription/{sub_id}");
-    //     .url_for(&req, "subscription", &[sub_id])
-    //     .unwrap();
-    //
-    let location = "asd";
     Ok((
         StatusCode::CREATED,
-        HeaderMap::from_iter([(header::LOCATION, location)]),
+        HeaderMap::from_iter([
+            (header::LOCATION, HeaderValue::from_str(&location).unwrap()),
+            (
+                header::EXPIRES,
+                HeaderValue::from_str(&expires.to_rfc2822()).unwrap(),
+            ),
+        ]),
     )
-        .into_response());
+        .into_response())
-
-    Ok(HttpResponse::Created()
-        .append_header((header::LOCATION, location.to_string()))
-        .append_header((header::EXPIRES, expires.to_rfc2822()))
-        .finish())
 }

crates/caldav/src/calendar/methods/report/calendar_multiget.rs

@@ -29,7 +29,7 @@ pub async fn get_objects_calendar_multiget<C: CalendarStore>(
         if let Some(filename) = href.strip_prefix(path) {
             let filename = filename.trim_start_matches("/");
             if let Some(object_id) = filename.strip_suffix(".ics") {
-                match store.get_object(principal, cal_id, object_id).await {
+                match store.get_object(principal, cal_id, object_id, false).await {
                     Ok(object) => result.push(object),
                     Err(rustical_store::Error::NotFound) => not_found.push(href.to_owned()),
                     Err(err) => return Err(err.into()),

crates/caldav/src/calendar/methods/report/mod.rs

@@ -21,7 +21,7 @@ use rustical_dav::{
     },
 };
 use rustical_ical::CalendarObject;
-use rustical_store::{CalendarStore, SubscriptionStore, auth::User};
+use rustical_store::{CalendarStore, SubscriptionStore, auth::Principal};
 use rustical_xml::{XmlDeserialize, XmlDocument};
 use sync_collection::handle_sync_collection;
 use tracing::instrument;
@@ -56,7 +56,7 @@ fn objects_response(
     path: &str,
     principal: &str,
     puri: &impl PrincipalUri,
-    user: &User,
+    user: &Principal,
     prop: &PropfindType<CalendarObjectPropWrapperName>,
 ) -> Result<MultistatusElement<CalendarObjectPropWrapper, String>, Error> {
     let mut responses = Vec::new();
@@ -90,7 +90,7 @@ fn objects_response(
 #[instrument(skip(cal_store))]
 pub async fn route_report_calendar<C: CalendarStore, S: SubscriptionStore>(
     Path((principal, cal_id)): Path<(String, String)>,
-    user: User,
+    user: Principal,
     Extension(puri): Extension<CalDavPrincipalUri>,
     State(CalendarResourceService { cal_store, .. }): State<CalendarResourceService<C, S>>,
     OriginalUri(uri): OriginalUri,

crates/caldav/src/calendar/methods/report/sync_collection.rs

@@ -13,7 +13,7 @@ use rustical_dav::{
 };
 use rustical_store::{
     CalendarStore,
-    auth::User,
+    auth::Principal,
     synctoken::{format_synctoken, parse_synctoken},
 };
 
@@ -21,7 +21,7 @@ pub async fn handle_sync_collection<C: CalendarStore>(
     sync_collection: &SyncCollectionRequest<CalendarObjectPropWrapperName>,
     path: &str,
     puri: &impl PrincipalUri,
-    user: &User,
+    user: &Principal,
     principal: &str,
     cal_id: &str,
     cal_store: &C,

crates/caldav/src/calendar/resource.rs

@@ -9,10 +9,10 @@ use rustical_dav::extensions::{
 use rustical_dav::privileges::UserPrivilegeSet;
 use rustical_dav::resource::{PrincipalUri, Resource, ResourceName};
 use rustical_dav::xml::{HrefElement, Resourcetype, ResourcetypeInner, SupportedReportSet};
-use rustical_dav_push::DavPushExtension;
+use rustical_dav_push::{DavPushExtension, DavPushExtensionProp};
 use rustical_ical::CalDateTime;
 use rustical_store::Calendar;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use rustical_xml::{EnumVariants, PropName};
 use rustical_xml::{XmlDeserialize, XmlSerialize};
 use std::str::FromStr;
@@ -58,7 +58,7 @@ pub enum CalendarProp {
 pub enum CalendarPropWrapper {
     Calendar(CalendarProp),
     SyncToken(SyncTokenExtensionProp),
-    // DavPush(DavPushExtensionProp),
+    DavPush(DavPushExtensionProp),
     Common(CommonPropertiesProp),
 }
 
@@ -95,9 +95,11 @@ impl DavPushExtension for CalendarResource {
 impl Resource for CalendarResource {
     type Prop = CalendarPropWrapper;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
 
-    const IS_COLLECTION: bool = true;
+    fn is_collection(&self) -> bool {
+        true
+    }
 
     fn get_resourcetype(&self) -> Resourcetype {
         if self.cal.subscription_url.is_none() {
@@ -119,7 +121,7 @@ impl Resource for CalendarResource {
     fn get_prop(
         &self,
         puri: &impl PrincipalUri,
-        user: &User,
+        user: &Principal,
         prop: &CalendarPropWrapperName,
     ) -> Result<Self::Prop, Self::Error> {
         Ok(match prop {
@@ -166,9 +168,9 @@ impl Resource for CalendarResource {
             CalendarPropWrapperName::SyncToken(prop) => {
                 CalendarPropWrapper::SyncToken(SyncTokenExtension::get_prop(self, prop)?)
             }
-            // CalendarPropWrapperName::DavPush(prop) => {
+            CalendarPropWrapperName::DavPush(prop) => {
-            //     CalendarPropWrapper::DavPush(DavPushExtension::get_prop(self, prop)?)
+                CalendarPropWrapper::DavPush(DavPushExtension::get_prop(self, prop)?)
-            // }
+            }
             CalendarPropWrapperName::Common(prop) => CalendarPropWrapper::Common(
                 CommonPropertiesExtension::get_prop(self, puri, user, prop)?,
             ),
@@ -226,7 +228,7 @@ impl Resource for CalendarResource {
                 CalendarProp::MaxDateTime(_) => Err(rustical_dav::Error::PropReadOnly),
             },
             CalendarPropWrapper::SyncToken(prop) => SyncTokenExtension::set_prop(self, prop),
-            // CalendarPropWrapper::DavPush(prop) => DavPushExtension::set_prop(self, prop),
+            CalendarPropWrapper::DavPush(prop) => DavPushExtension::set_prop(self, prop),
             CalendarPropWrapper::Common(prop) => CommonPropertiesExtension::set_prop(self, prop),
         }
     }
@@ -270,7 +272,7 @@ impl Resource for CalendarResource {
                 CalendarPropName::MaxDateTime => Err(rustical_dav::Error::PropReadOnly),
             },
             CalendarPropWrapperName::SyncToken(prop) => SyncTokenExtension::remove_prop(self, prop),
-            // CalendarPropWrapperName::DavPush(prop) => DavPushExtension::remove_prop(self, prop),
+            CalendarPropWrapperName::DavPush(prop) => DavPushExtension::remove_prop(self, prop),
             CalendarPropWrapperName::Common(prop) => {
                 CommonPropertiesExtension::remove_prop(self, prop)
             }
@@ -289,7 +291,7 @@ impl Resource for CalendarResource {
         Some(&self.cal.principal)
     }
 
-    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+    fn get_user_privileges(&self, user: &Principal) -> Result<UserPrivilegeSet, Self::Error> {
         if self.cal.subscription_url.is_some() || self.read_only {
             return Ok(UserPrivilegeSet::owner_read(
                 user.is_principal(&self.cal.principal),

crates/caldav/src/calendar/service.rs

@@ -1,5 +1,6 @@
 use crate::calendar::methods::get::route_get;
 use crate::calendar::methods::mkcalendar::route_mkcalendar;
+use crate::calendar::methods::post::route_post;
 use crate::calendar::methods::report::route_report_calendar;
 use crate::calendar::resource::CalendarResource;
 use crate::calendar_object::CalendarObjectResourceService;
@@ -12,7 +13,7 @@ use axum::handler::Handler;
 use axum::response::Response;
 use futures_util::future::BoxFuture;
 use rustical_dav::resource::{AxumMethods, ResourceService};
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use rustical_store::{CalendarStore, SubscriptionStore};
 use std::convert::Infallible;
 use std::sync::Arc;
@@ -47,10 +48,10 @@ impl<C: CalendarStore, S: SubscriptionStore> ResourceService for CalendarResourc
     type PathComponents = (String, String); // principal, calendar_id
     type Resource = CalendarResource;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
     type PrincipalUri = CalDavPrincipalUri;
 
-    const DAV_HEADER: &str = "1, 3, access-control, calendar-access, calendar-proxy";
+    const DAV_HEADER: &str = "1, 3, access-control, calendar-access, calendar-proxy, webdav-push";
 
     async fn get_resource(
         &self,
@@ -126,6 +127,13 @@ impl<C: CalendarStore, S: SubscriptionStore> AxumMethods for CalendarResourceSer
         })
     }
 
+    fn post() -> Option<fn(Self, Request) -> BoxFuture<'static, Result<Response, Infallible>>> {
+        Some(|state, req| {
+            let mut service = Handler::with_state(route_post::<C, S>, state);
+            Box::pin(Service::call(&mut service, req))
+        })
+    }
+
     fn mkcalendar() -> Option<fn(Self, Request) -> BoxFuture<'static, Result<Response, Infallible>>>
     {
         Some(|state, req| {

crates/caldav/src/calendar_object/methods.rs

@@ -9,7 +9,7 @@ use headers::{ContentType, ETag, HeaderMapExt, IfNoneMatch};
 use http::{HeaderMap, StatusCode};
 use rustical_ical::CalendarObject;
 use rustical_store::CalendarStore;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use std::str::FromStr;
 use tracing::instrument;
 
@@ -21,7 +21,7 @@ pub async fn get_event<C: CalendarStore>(
         object_id,
     }): Path<CalendarObjectPathComponents>,
     State(CalendarObjectResourceService { cal_store }): State<CalendarObjectResourceService<C>>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, Error> {
     if !user.is_principal(&principal) {
         return Err(crate::Error::Unauthorized);
@@ -33,7 +33,7 @@ pub async fn get_event<C: CalendarStore>(
     }
 
     let event = cal_store
-        .get_object(&principal, &calendar_id, &object_id)
+        .get_object(&principal, &calendar_id, &object_id, false)
         .await?;
 
     let mut resp = Response::builder().status(StatusCode::OK);
@@ -51,7 +51,7 @@ pub async fn put_event<C: CalendarStore>(
         object_id,
     }): Path<CalendarObjectPathComponents>,
     State(CalendarObjectResourceService { cal_store }): State<CalendarObjectResourceService<C>>,
-    user: User,
+    user: Principal,
     mut if_none_match: Option<TypedHeader<IfNoneMatch>>,
     header_map: HeaderMap,
     body: String,

crates/caldav/src/calendar_object/resource.rs

@@ -8,7 +8,7 @@ use rustical_dav::{
     xml::Resourcetype,
 };
 use rustical_ical::CalendarObject;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 
 #[derive(Clone, From, Into)]
 pub struct CalendarObjectResource {
@@ -25,9 +25,11 @@ impl ResourceName for CalendarObjectResource {
 impl Resource for CalendarObjectResource {
     type Prop = CalendarObjectPropWrapper;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
 
-    const IS_COLLECTION: bool = false;
+    fn is_collection(&self) -> bool {
+        false
+    }
 
     fn get_resourcetype(&self) -> Resourcetype {
         Resourcetype(&[])
@@ -36,7 +38,7 @@ impl Resource for CalendarObjectResource {
     fn get_prop(
         &self,
         puri: &impl PrincipalUri,
-        user: &User,
+        user: &Principal,
         prop: &CalendarObjectPropWrapperName,
     ) -> Result<Self::Prop, Self::Error> {
         Ok(match prop {
@@ -79,7 +81,7 @@ impl Resource for CalendarObjectResource {
         Some(self.object.get_etag())
     }
 
-    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+    fn get_user_privileges(&self, user: &Principal) -> Result<UserPrivilegeSet, Self::Error> {
         Ok(UserPrivilegeSet::owner_only(
             user.is_principal(&self.principal),
         ))

crates/caldav/src/calendar_object/service.rs

@@ -9,7 +9,7 @@ use async_trait::async_trait;
 use axum::{extract::Request, handler::Handler, response::Response};
 use futures_util::future::BoxFuture;
 use rustical_dav::resource::{AxumMethods, ResourceService};
-use rustical_store::{CalendarStore, auth::User};
+use rustical_store::{CalendarStore, auth::Principal};
 use serde::{Deserialize, Deserializer};
 use std::{convert::Infallible, sync::Arc};
 use tower::Service;
@@ -46,7 +46,7 @@ impl<C: CalendarStore> ResourceService for CalendarObjectResourceService<C> {
     type Resource = CalendarObjectResource;
     type MemberType = CalendarObjectResource;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
     type PrincipalUri = CalDavPrincipalUri;
 
     const DAV_HEADER: &str = "1, 3, access-control, calendar-access";
@@ -61,7 +61,7 @@ impl<C: CalendarStore> ResourceService for CalendarObjectResourceService<C> {
     ) -> Result<Self::Resource, Self::Error> {
         let object = self
             .cal_store
-            .get_object(principal, calendar_id, object_id)
+            .get_object(principal, calendar_id, object_id, false)
             .await?;
         Ok(CalendarObjectResource {
             object,

crates/caldav/src/lib.rs

@@ -6,7 +6,7 @@ use principal::PrincipalResourceService;
 use rustical_dav::resource::{PrincipalUri, ResourceService};
 use rustical_dav::resources::RootResourceService;
 use rustical_store::auth::middleware::AuthenticationLayer;
-use rustical_store::auth::{AuthenticationProvider, User};
+use rustical_store::auth::{AuthenticationProvider, Principal};
 use rustical_store::{CalendarStore, SubscriptionStore};
 use std::sync::Arc;
 
@@ -14,7 +14,6 @@ pub mod calendar;
 pub mod calendar_object;
 pub mod error;
 pub mod principal;
-// mod subscription;
 
 pub use error::Error;
 
@@ -45,7 +44,7 @@ pub fn caldav_router<AP: AuthenticationProvider, C: CalendarStore, S: Subscripti
     Router::new()
         .nest(
             prefix,
-            RootResourceService::<_, User, CalDavPrincipalUri>::new(principal_service.clone())
+            RootResourceService::<_, Principal, CalDavPrincipalUri>::new(principal_service.clone())
                 .axum_router()
                 .layer(AuthenticationLayer::new(auth_provider))
                 .layer(Extension(CalDavPrincipalUri(prefix))),

crates/caldav/src/principal/mod.rs

@@ -5,7 +5,7 @@ use rustical_dav::resource::{PrincipalUri, Resource, ResourceName};
 use rustical_dav::xml::{
     GroupMemberSet, GroupMembership, Resourcetype, ResourcetypeInner, SupportedReportSet,
 };
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 
 mod service;
 pub use service::*;
@@ -14,7 +14,7 @@ pub use prop::*;
 
 #[derive(Clone)]
 pub struct PrincipalResource {
-    principal: User,
+    principal: Principal,
     members: Vec<String>,
 }
 
@@ -27,26 +27,28 @@ impl ResourceName for PrincipalResource {
 impl Resource for PrincipalResource {
     type Prop = PrincipalPropWrapper;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
 
-    const IS_COLLECTION: bool = true;
+    fn is_collection(&self) -> bool {
+        true
+    }
 
     fn get_resourcetype(&self) -> Resourcetype {
         Resourcetype(&[
             ResourcetypeInner(Some(rustical_dav::namespace::NS_DAV), "collection"),
             ResourcetypeInner(Some(rustical_dav::namespace::NS_DAV), "principal"),
             // https://github.com/apple/ccs-calendarserver/blob/13c706b985fb728b9aab42dc0fef85aae21921c3/doc/Extensions/caldav-proxy.txt
-            ResourcetypeInner(
+            // ResourcetypeInner(
-                Some(rustical_dav::namespace::NS_CALENDARSERVER),
+            //     Some(rustical_dav::namespace::NS_CALENDARSERVER),
-                "calendar-proxy-write",
+            //     "calendar-proxy-write",
-            ),
+            // ),
         ])
     }
 
     fn get_prop(
         &self,
         puri: &impl PrincipalUri,
-        user: &User,
+        user: &Principal,
         prop: &PrincipalPropWrapperName,
     ) -> Result<Self::Prop, Self::Error> {
         let principal_url = puri.principal_uri(&self.principal.id);
@@ -111,7 +113,7 @@ impl Resource for PrincipalResource {
         Some(&self.principal.id)
     }
 
-    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+    fn get_user_privileges(&self, user: &Principal) -> Result<UserPrivilegeSet, Self::Error> {
         Ok(UserPrivilegeSet::owner_read(
             user.is_principal(&self.principal.id),
         ))

crates/caldav/src/principal/prop.rs

@@ -2,7 +2,7 @@ use rustical_dav::{
     extensions::CommonPropertiesProp,
     xml::{GroupMemberSet, GroupMembership, HrefElement, SupportedReportSet},
 };
-use rustical_store::auth::user::PrincipalType;
+use rustical_store::auth::PrincipalType;
 use rustical_xml::{EnumVariants, PropName, XmlDeserialize, XmlSerialize};
 use strum_macros::VariantArray;
 

crates/caldav/src/principal/service.rs

@@ -5,7 +5,7 @@ use crate::{CalDavPrincipalUri, Error};
 use async_trait::async_trait;
 use axum::Router;
 use rustical_dav::resource::{AxumMethods, ResourceService};
-use rustical_store::auth::{AuthenticationProvider, User};
+use rustical_store::auth::{AuthenticationProvider, Principal};
 use rustical_store::{CalendarStore, SubscriptionStore};
 use std::sync::Arc;
 
@@ -40,7 +40,7 @@ impl<AP: AuthenticationProvider, S: SubscriptionStore, CS: CalendarStore> Resour
     type MemberType = CalendarResource;
     type Resource = PrincipalResource;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
     type PrincipalUri = CalDavPrincipalUri;
 
     const DAV_HEADER: &str = "1, 3, access-control, calendar-access, calendar-proxy";

crates/caldav/src/subscription.rs

@@ -1,33 +0,0 @@
-use std::sync::Arc;
-
-use actix_web::{
-    HttpResponse,
-    web::{self, Data, Path},
-};
-use rustical_dav::xml::multistatus::PropstatElement;
-use rustical_store::SubscriptionStore;
-use rustical_xml::{XmlRootTag, XmlSerialize};
-
-use crate::calendar::resource::CalendarProp;
-
-async fn handle_delete<S: SubscriptionStore>(
-    store: Data<S>,
-    path: Path<String>,
-) -> Result<HttpResponse, rustical_store::Error> {
-    let id = path.into_inner();
-    store.delete_subscription(&id).await?;
-    Ok(HttpResponse::NoContent().body("Unregistered"))
-}
-
-pub fn subscription_resource<S: SubscriptionStore>(sub_store: Arc<S>) -> actix_web::Resource {
-    web::resource("/subscription/{id}")
-        .app_data(Data::from(sub_store))
-        .name("subscription")
-        .delete(handle_delete::<S>)
-}
-
-#[derive(XmlSerialize, XmlRootTag)]
-#[xml(root = b"push-message", ns = "rustical_dav::namespace::NS_DAVPUSH")]
-pub struct PushMessage {
-    propstat: PropstatElement<CalendarProp>,
-}

crates/carddav/src/address_object/methods.rs

@@ -12,7 +12,7 @@ use rustical_dav::privileges::UserPrivilege;
 use rustical_dav::resource::Resource;
 use rustical_ical::AddressObject;
 use rustical_store::AddressbookStore;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use std::str::FromStr;
 use tracing::instrument;
 
@@ -24,7 +24,7 @@ pub async fn get_object<AS: AddressbookStore>(
         object_id,
     }): Path<AddressObjectPathComponents>,
     State(AddressObjectResourceService { addr_store }): State<AddressObjectResourceService<AS>>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, Error> {
     if !user.is_principal(&principal) {
         return Err(Error::Unauthorized);
@@ -60,7 +60,7 @@ pub async fn put_object<AS: AddressbookStore>(
         object_id,
     }): Path<AddressObjectPathComponents>,
     State(AddressObjectResourceService { addr_store }): State<AddressObjectResourceService<AS>>,
-    user: User,
+    user: Principal,
     mut if_none_match: Option<TypedHeader<IfNoneMatch>>,
     header_map: HeaderMap,
     body: String,

crates/carddav/src/address_object/resource.rs

@@ -13,7 +13,7 @@ use rustical_dav::{
     xml::Resourcetype,
 };
 use rustical_ical::AddressObject;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 
 #[derive(Clone, From, Into)]
 pub struct AddressObjectResource {
@@ -30,9 +30,11 @@ impl ResourceName for AddressObjectResource {
 impl Resource for AddressObjectResource {
     type Prop = AddressObjectPropWrapper;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
 
-    const IS_COLLECTION: bool = false;
+    fn is_collection(&self) -> bool {
+        false
+    }
 
     fn get_resourcetype(&self) -> Resourcetype {
         Resourcetype(&[])
@@ -41,7 +43,7 @@ impl Resource for AddressObjectResource {
     fn get_prop(
         &self,
         puri: &impl PrincipalUri,
-        user: &User,
+        user: &Principal,
         prop: &AddressObjectPropWrapperName,
     ) -> Result<Self::Prop, Self::Error> {
         Ok(match prop {
@@ -76,7 +78,7 @@ impl Resource for AddressObjectResource {
         Some(self.object.get_etag())
     }
 
-    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+    fn get_user_privileges(&self, user: &Principal) -> Result<UserPrivilegeSet, Self::Error> {
         Ok(UserPrivilegeSet::owner_only(
             user.is_principal(&self.principal),
         ))

crates/carddav/src/address_object/service.rs

@@ -5,7 +5,7 @@ use axum::{extract::Request, handler::Handler, response::Response};
 use derive_more::derive::Constructor;
 use futures_util::future::BoxFuture;
 use rustical_dav::resource::{AxumMethods, ResourceService};
-use rustical_store::{AddressbookStore, auth::User};
+use rustical_store::{AddressbookStore, auth::Principal};
 use serde::{Deserialize, Deserializer};
 use std::{convert::Infallible, sync::Arc};
 use tower::Service;
@@ -37,7 +37,7 @@ impl<AS: AddressbookStore> ResourceService for AddressObjectResourceService<AS>
     type Resource = AddressObjectResource;
     type MemberType = AddressObjectResource;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
     type PrincipalUri = CardDavPrincipalUri;
 
     const DAV_HEADER: &str = "1, 3, access-control, addressbook";

crates/carddav/src/addressbook/methods/get.rs

@@ -10,7 +10,7 @@ use percent_encoding::{CONTROLS, utf8_percent_encode};
 use rustical_dav::privileges::UserPrivilege;
 use rustical_dav::resource::Resource;
 use rustical_ical::AddressObject;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use rustical_store::{AddressbookStore, SubscriptionStore};
 use std::str::FromStr;
 use tracing::instrument;
@@ -19,7 +19,7 @@ use tracing::instrument;
 pub async fn route_get<AS: AddressbookStore, S: SubscriptionStore>(
     Path((principal, addressbook_id)): Path<(String, String)>,
     State(AddressbookResourceService { addr_store, .. }): State<AddressbookResourceService<AS, S>>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, Error> {
     if !user.is_principal(&principal) {
         return Err(Error::Unauthorized);

crates/carddav/src/addressbook/methods/mkcol.rs

@@ -4,7 +4,7 @@ use axum::{
     response::{IntoResponse, Response},
 };
 use http::StatusCode;
-use rustical_store::{Addressbook, AddressbookStore, SubscriptionStore, auth::User};
+use rustical_store::{Addressbook, AddressbookStore, SubscriptionStore, auth::Principal};
 use rustical_xml::{XmlDeserialize, XmlDocument, XmlRootTag};
 use tracing::instrument;
 
@@ -44,7 +44,7 @@ struct MkcolRequest {
 #[instrument(skip(addr_store))]
 pub async fn route_mkcol<AS: AddressbookStore, S: SubscriptionStore>(
     Path((principal, addressbook_id)): Path<(String, String)>,
-    user: User,
+    user: Principal,
     State(AddressbookResourceService { addr_store, .. }): State<AddressbookResourceService<AS, S>>,
     body: String,
 ) -> Result<Response, Error> {
@@ -52,8 +52,10 @@ pub async fn route_mkcol<AS: AddressbookStore, S: SubscriptionStore>(
         return Err(Error::Unauthorized);
     }
 
-    let request = MkcolRequest::parse_str(&body)?;
+    let mut request = MkcolRequest::parse_str(&body)?.set.prop;
-    let request = request.set.prop;
+    if let Some("") = request.displayname.as_deref() {
+        request.displayname = None
+    }
 
     let addressbook = Addressbook {
         id: addressbook_id.to_owned(),

crates/carddav/src/addressbook/methods/mod.rs

@@ -1,5 +1,5 @@
-pub mod mkcol;
-// pub mod post;
 pub mod get;
+pub mod mkcol;
+pub mod post;
 pub mod put;
 pub mod report;

crates/carddav/src/addressbook/methods/post.rs

@@ -1,33 +1,40 @@
 use crate::Error;
-use crate::addressbook::resource::AddressbookResourceService;
+use crate::addressbook::AddressbookResourceService;
-use actix_web::http::header;
+use crate::addressbook::resource::AddressbookResource;
-use actix_web::web::{Data, Path};
+use axum::extract::{Path, State};
-use actix_web::{HttpRequest, HttpResponse};
+use axum::response::{IntoResponse, Response};
+use http::{HeaderMap, HeaderValue, StatusCode, header};
+use rustical_dav::privileges::UserPrivilege;
+use rustical_dav::resource::Resource;
 use rustical_dav_push::register::PushRegister;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use rustical_store::{AddressbookStore, Subscription, SubscriptionStore};
 use rustical_xml::XmlDocument;
 use tracing::instrument;
-use tracing_actix_web::RootSpan;
 
-#[instrument(parent = root_span.id(), skip(resource_service, root_span, req))]
+#[instrument(skip(resource_service))]
-pub async fn route_post<A: AddressbookStore, S: SubscriptionStore>(
+pub async fn route_post<AS: AddressbookStore, S: SubscriptionStore>(
-    path: Path<(String, String)>,
+    Path((principal, addr_id)): Path<(String, String)>,
+    user: Principal,
+    State(resource_service): State<AddressbookResourceService<AS, S>>,
     body: String,
-    user: User,
+) -> Result<Response, Error> {
-    resource_service: Data<AddressbookResourceService<A, S>>,
-    root_span: RootSpan,
-    req: HttpRequest,
-) -> Result<HttpResponse, Error> {
-    let (principal, addressbook_id) = path.into_inner();
     if !user.is_principal(&principal) {
         return Err(Error::Unauthorized);
     }
 
     let addressbook = resource_service
         .addr_store
-        .get_addressbook(&principal, &addressbook_id, false)
+        .get_addressbook(&principal, &addr_id, false)
         .await?;
+    let addressbook_resource = AddressbookResource(addressbook);
+    if !addressbook_resource
+        .get_user_privileges(&user)?
+        .has(&UserPrivilege::Read)
+    {
+        return Err(Error::Unauthorized);
+    }
+
     let request = PushRegister::parse_str(&body)?;
     let sub_id = uuid::Uuid::new_v4().to_string();
 
@@ -44,7 +51,7 @@ pub async fn route_post<A: AddressbookStore, S: SubscriptionStore>(
             .web_push_subscription
             .push_resource
             .to_owned(),
-        topic: addressbook.push_topic,
+        topic: addressbook_resource.0.push_topic,
         expiration: expires.naive_local(),
         public_key: request
             .subscription
@@ -63,13 +70,17 @@ pub async fn route_post<A: AddressbookStore, S: SubscriptionStore>(
         .upsert_subscription(subscription)
         .await?;
 
-    let location = req
+    // TODO: make nicer
-        .resource_map()
+    let location = format!("/push_subscription/{sub_id}");
-        .url_for(&req, "subscription", &[sub_id])
+    Ok((
-        .unwrap();
+        StatusCode::CREATED,
-
+        HeaderMap::from_iter([
-    Ok(HttpResponse::Created()
+            (header::LOCATION, HeaderValue::from_str(&location).unwrap()),
-        .append_header((header::LOCATION, location.to_string()))
+            (
-        .append_header((header::EXPIRES, expires.to_rfc2822()))
+                header::EXPIRES,
-        .finish())
+                HeaderValue::from_str(&expires.to_rfc2822()).unwrap(),
+            ),
+        ]),
+    )
+        .into_response())
 }

crates/carddav/src/addressbook/methods/put.rs

@@ -9,14 +9,14 @@ use http::StatusCode;
 use ical::VcardParser;
 use rustical_ical::AddressObject;
 use rustical_store::Addressbook;
-use rustical_store::{AddressbookStore, SubscriptionStore, auth::User};
+use rustical_store::{AddressbookStore, SubscriptionStore, auth::Principal};
 use tracing::instrument;
 
 #[instrument(skip(addr_store))]
 pub async fn route_put<AS: AddressbookStore, S: SubscriptionStore>(
     Path((principal, addressbook_id)): Path<(String, String)>,
     State(AddressbookResourceService { addr_store, .. }): State<AddressbookResourceService<AS, S>>,
-    user: User,
+    user: Principal,
     body: String,
 ) -> Result<Response, Error> {
     if !user.is_principal(&principal) {

crates/carddav/src/addressbook/methods/report/addressbook_multiget.rs

@@ -10,7 +10,7 @@ use rustical_dav::{
     xml::{MultistatusElement, PropfindType, multistatus::ResponseElement},
 };
 use rustical_ical::AddressObject;
-use rustical_store::{AddressbookStore, auth::User};
+use rustical_store::{AddressbookStore, auth::Principal};
 use rustical_xml::XmlDeserialize;
 
 #[derive(XmlDeserialize, Clone, Debug, PartialEq)]
@@ -63,7 +63,7 @@ pub async fn handle_addressbook_multiget<AS: AddressbookStore>(
     prop: &PropfindType<AddressObjectPropWrapperName>,
     path: &str,
     puri: &impl PrincipalUri,
-    user: &User,
+    user: &Principal,
     principal: &str,
     cal_id: &str,
     addr_store: &AS,

crates/carddav/src/addressbook/methods/report/mod.rs

@@ -9,7 +9,7 @@ use axum::{
     response::IntoResponse,
 };
 use rustical_dav::xml::{PropfindType, sync_collection::SyncCollectionRequest};
-use rustical_store::{AddressbookStore, SubscriptionStore, auth::User};
+use rustical_store::{AddressbookStore, SubscriptionStore, auth::Principal};
 use rustical_xml::{XmlDeserialize, XmlDocument};
 use sync_collection::handle_sync_collection;
 use tracing::instrument;
@@ -37,7 +37,7 @@ impl ReportRequest {
 #[instrument(skip(addr_store))]
 pub async fn route_report_addressbook<AS: AddressbookStore, S: SubscriptionStore>(
     Path((principal, addressbook_id)): Path<(String, String)>,
-    user: User,
+    user: Principal,
     OriginalUri(uri): OriginalUri,
     Extension(puri): Extension<CardDavPrincipalUri>,
     State(AddressbookResourceService { addr_store, .. }): State<AddressbookResourceService<AS, S>>,

crates/carddav/src/addressbook/methods/report/sync_collection.rs

@@ -13,7 +13,7 @@ use rustical_dav::{
 };
 use rustical_store::{
     AddressbookStore,
-    auth::User,
+    auth::Principal,
     synctoken::{format_synctoken, parse_synctoken},
 };
 
@@ -21,7 +21,7 @@ pub async fn handle_sync_collection<AS: AddressbookStore>(
     sync_collection: &SyncCollectionRequest<AddressObjectPropWrapperName>,
     path: &str,
     puri: &impl PrincipalUri,
-    user: &User,
+    user: &Principal,
     principal: &str,
     addressbook_id: &str,
     addr_store: &AS,

crates/carddav/src/addressbook/resource.rs

@@ -10,7 +10,7 @@ use rustical_dav::resource::{PrincipalUri, Resource, ResourceName};
 use rustical_dav::xml::{Resourcetype, ResourcetypeInner, SupportedReportSet};
 use rustical_dav_push::DavPushExtension;
 use rustical_store::Addressbook;
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 
 #[derive(Clone, Debug, From, Into)]
 pub struct AddressbookResource(pub(crate) Addressbook);
@@ -36,9 +36,11 @@ impl DavPushExtension for AddressbookResource {
 impl Resource for AddressbookResource {
     type Prop = AddressbookPropWrapper;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
 
-    const IS_COLLECTION: bool = true;
+    fn is_collection(&self) -> bool {
+        true
+    }
 
     fn get_resourcetype(&self) -> Resourcetype {
         Resourcetype(&[
@@ -50,7 +52,7 @@ impl Resource for AddressbookResource {
     fn get_prop(
         &self,
         puri: &impl PrincipalUri,
-        user: &User,
+        user: &Principal,
         prop: &AddressbookPropWrapperName,
     ) -> Result<Self::Prop, Self::Error> {
         Ok(match prop {
@@ -136,7 +138,7 @@ impl Resource for AddressbookResource {
         Some(&self.0.principal)
     }
 
-    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+    fn get_user_privileges(&self, user: &Principal) -> Result<UserPrivilegeSet, Self::Error> {
         Ok(UserPrivilegeSet::owner_only(
             user.is_principal(&self.0.principal),
         ))

crates/carddav/src/addressbook/service.rs

@@ -3,6 +3,7 @@ use super::methods::report::route_report_addressbook;
 use crate::address_object::AddressObjectResourceService;
 use crate::address_object::resource::AddressObjectResource;
 use crate::addressbook::methods::get::route_get;
+use crate::addressbook::methods::post::route_post;
 use crate::addressbook::methods::put::route_put;
 use crate::addressbook::resource::AddressbookResource;
 use crate::{CardDavPrincipalUri, Error};
@@ -13,7 +14,7 @@ use axum::handler::Handler;
 use axum::response::Response;
 use futures_util::future::BoxFuture;
 use rustical_dav::resource::{AxumMethods, ResourceService};
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 use rustical_store::{AddressbookStore, SubscriptionStore};
 use std::convert::Infallible;
 use std::sync::Arc;
@@ -50,10 +51,10 @@ impl<AS: AddressbookStore, S: SubscriptionStore> ResourceService
     type PathComponents = (String, String); // principal, addressbook_id
     type Resource = AddressbookResource;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
     type PrincipalUri = CardDavPrincipalUri;
 
-    const DAV_HEADER: &str = "1, 3, access-control, addressbook";
+    const DAV_HEADER: &str = "1, 3, access-control, addressbook, webdav-push";
 
     async fn get_resource(
         &self,
@@ -130,6 +131,13 @@ impl<AS: AddressbookStore, S: SubscriptionStore> AxumMethods for AddressbookReso
         })
     }
 
+    fn post() -> Option<fn(Self, Request) -> BoxFuture<'static, Result<Response, Infallible>>> {
+        Some(|state, req| {
+            let mut service = Handler::with_state(route_post::<AS, S>, state);
+            Box::pin(Service::call(&mut service, req))
+        })
+    }
+
     fn put() -> Option<fn(Self, Request) -> BoxFuture<'static, Result<Response, Infallible>>> {
         Some(|state, req| {
             let mut service = Handler::with_state(route_put::<AS, S>, state);

crates/carddav/src/lib.rs

@@ -9,7 +9,7 @@ use rustical_dav::resources::RootResourceService;
 use rustical_store::auth::middleware::AuthenticationLayer;
 use rustical_store::{
     AddressbookStore, SubscriptionStore,
-    auth::{AuthenticationProvider, User},
+    auth::{AuthenticationProvider, Principal},
 };
 use std::sync::Arc;
 
@@ -44,7 +44,9 @@ pub fn carddav_router<AP: AuthenticationProvider, A: AddressbookStore, S: Subscr
     Router::new()
         .nest(
             prefix,
-            RootResourceService::<_, User, CardDavPrincipalUri>::new(principal_service.clone())
+            RootResourceService::<_, Principal, CardDavPrincipalUri>::new(
+                principal_service.clone(),
+            )
             .axum_router()
             .layer(AuthenticationLayer::new(auth_provider))
             .layer(Extension(CardDavPrincipalUri(prefix))),

crates/carddav/src/principal/mod.rs

@@ -5,7 +5,7 @@ use rustical_dav::resource::{PrincipalUri, Resource, ResourceName};
 use rustical_dav::xml::{
     GroupMemberSet, GroupMembership, HrefElement, Resourcetype, ResourcetypeInner,
 };
-use rustical_store::auth::User;
+use rustical_store::auth::Principal;
 
 mod service;
 pub use service::*;
@@ -14,7 +14,7 @@ pub use prop::*;
 
 #[derive(Debug, Clone)]
 pub struct PrincipalResource {
-    principal: User,
+    principal: Principal,
     members: Vec<String>,
 }
 
@@ -27,9 +27,11 @@ impl ResourceName for PrincipalResource {
 impl Resource for PrincipalResource {
     type Prop = PrincipalPropWrapper;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
 
-    const IS_COLLECTION: bool = true;
+    fn is_collection(&self) -> bool {
+        true
+    }
 
     fn get_resourcetype(&self) -> Resourcetype {
         Resourcetype(&[
@@ -41,7 +43,7 @@ impl Resource for PrincipalResource {
     fn get_prop(
         &self,
         puri: &impl PrincipalUri,
-        user: &User,
+        user: &Principal,
         prop: &PrincipalPropWrapperName,
     ) -> Result<Self::Prop, Self::Error> {
         let principal_href = HrefElement::new(puri.principal_uri(&self.principal.id));
@@ -97,7 +99,7 @@ impl Resource for PrincipalResource {
         Some(&self.principal.id)
     }
 
-    fn get_user_privileges(&self, user: &User) -> Result<UserPrivilegeSet, Self::Error> {
+    fn get_user_privileges(&self, user: &Principal) -> Result<UserPrivilegeSet, Self::Error> {
         Ok(UserPrivilegeSet::owner_only(
             user.is_principal(&self.principal.id),
         ))

crates/carddav/src/principal/service.rs

@@ -5,7 +5,7 @@ use crate::{CardDavPrincipalUri, Error};
 use async_trait::async_trait;
 use axum::Router;
 use rustical_dav::resource::{AxumMethods, ResourceService};
-use rustical_store::auth::{AuthenticationProvider, User};
+use rustical_store::auth::{AuthenticationProvider, Principal};
 use rustical_store::{AddressbookStore, SubscriptionStore};
 use std::sync::Arc;
 
@@ -51,7 +51,7 @@ impl<A: AddressbookStore, AP: AuthenticationProvider, S: SubscriptionStore> Reso
     type MemberType = AddressbookResource;
     type Resource = PrincipalResource;
     type Error = Error;
-    type Principal = User;
+    type Principal = Principal;
     type PrincipalUri = CardDavPrincipalUri;
 
     const DAV_HEADER: &str = "1, 3, access-control, addressbook";

crates/dav/Cargo.toml

@@ -26,3 +26,5 @@ tokio.workspace = true
 http.workspace = true
 headers.workspace = true
 strum.workspace = true
+matchit.workspace = true
+matchit-serde.workspace = true

crates/dav/src/error.rs

@@ -28,6 +28,9 @@ pub enum Error {
 
     #[error("Precondition Failed")]
     PreconditionFailed,
+
+    #[error("Forbidden")]
+    Forbidden,
 }
 
 impl Error {
@@ -49,6 +52,7 @@ impl Error {
             Error::PropReadOnly => StatusCode::CONFLICT,
             Error::PreconditionFailed => StatusCode::PRECONDITION_FAILED,
             Self::IOError(_) => StatusCode::INTERNAL_SERVER_ERROR,
+            Self::Forbidden => StatusCode::FORBIDDEN,
         }
     }
 }

crates/dav/src/resource/methods/copy.rs

@@ -1,25 +1,54 @@
-use axum::{
-    extract::{Path, State},
-    response::{IntoResponse, Response},
-};
-use http::StatusCode;
-use tracing::instrument;
-
 use crate::{
     header::{Depth, Overwrite},
     resource::ResourceService,
 };
+use axum::{
+    extract::{MatchedPath, Path, State},
+    response::{IntoResponse, Response},
+};
+use http::{HeaderMap, StatusCode, Uri};
+use matchit_serde::ParamsDeserializer;
+use serde::Deserialize;
+use tracing::instrument;
 
-#[instrument(skip(_path, _resource_service,))]
+#[instrument(skip(path, resource_service,))]
 pub(crate) async fn axum_route_copy<R: ResourceService>(
-    Path(_path): Path<R::PathComponents>,
+    Path(path): Path<R::PathComponents>,
-    State(_resource_service): State<R>,
+    State(resource_service): State<R>,
     depth: Option<Depth>,
     principal: R::Principal,
     overwrite: Overwrite,
+    matched_path: MatchedPath,
+    header_map: HeaderMap,
 ) -> Result<Response, R::Error> {
-    // TODO: Actually implement, but to be WebDAV-compliant we must at least support this route but
+    let destination = header_map
-    // can return a 403 error
+        .get("Destination")
-    let _depth = depth.unwrap_or(Depth::Infinity);
+        .ok_or(crate::Error::Forbidden)?
+        .to_str()
+        .map_err(|_| crate::Error::Forbidden)?;
+    let destination_uri: Uri = destination.parse().map_err(|_| crate::Error::Forbidden)?;
+    // TODO: Check that host also matches
+    let destination = destination_uri.path();
+
+    let mut router = matchit::Router::new();
+    router.insert(matched_path.as_str(), ()).unwrap();
+    if let Ok(matchit::Match { params, .. }) = router.at(destination) {
+        let params =
+            matchit_serde::Params::try_from(&params).map_err(|_| crate::Error::Forbidden)?;
+        let dest_path = R::PathComponents::deserialize(&ParamsDeserializer::new(params))
+            .map_err(|_| crate::Error::Forbidden)?;
+
+        if resource_service
+            .copy_resource(&path, &dest_path, &principal, overwrite.is_true())
+            .await?
+        {
+            // Overwritten
+            Ok(StatusCode::NO_CONTENT.into_response())
+        } else {
+            // Not overwritten
+            Ok(StatusCode::CREATED.into_response())
+        }
+    } else {
         Ok(StatusCode::FORBIDDEN.into_response())
+    }
 }

crates/dav/src/resource/methods/mv.rs

@@ -1,25 +1,54 @@
-use axum::{
-    extract::{Path, State},
-    response::{IntoResponse, Response},
-};
-use http::StatusCode;
-use tracing::instrument;
-
 use crate::{
     header::{Depth, Overwrite},
     resource::ResourceService,
 };
+use axum::{
+    extract::{MatchedPath, Path, State},
+    response::{IntoResponse, Response},
+};
+use http::{HeaderMap, StatusCode, Uri};
+use matchit_serde::ParamsDeserializer;
+use serde::Deserialize;
+use tracing::instrument;
 
-#[instrument(skip(_path, _resource_service,))]
+#[instrument(skip(path, resource_service,))]
 pub(crate) async fn axum_route_move<R: ResourceService>(
-    Path(_path): Path<R::PathComponents>,
+    Path(path): Path<R::PathComponents>,
-    State(_resource_service): State<R>,
+    State(resource_service): State<R>,
     depth: Option<Depth>,
     principal: R::Principal,
     overwrite: Overwrite,
+    matched_path: MatchedPath,
+    header_map: HeaderMap,
 ) -> Result<Response, R::Error> {
-    // TODO: Actually implement, but to be WebDAV-compliant we must at least support this route but
+    let destination = header_map
-    // can return a 403 error
+        .get("Destination")
-    let _depth = depth.unwrap_or(Depth::Infinity);
+        .ok_or(crate::Error::Forbidden)?
+        .to_str()
+        .map_err(|_| crate::Error::Forbidden)?;
+    let destination_uri: Uri = destination.parse().map_err(|_| crate::Error::Forbidden)?;
+    // TODO: Check that host also matches
+    let destination = destination_uri.path();
+
+    let mut router = matchit::Router::new();
+    router.insert(matched_path.as_str(), ()).unwrap();
+    if let Ok(matchit::Match { params, .. }) = router.at(destination) {
+        let params =
+            matchit_serde::Params::try_from(&params).map_err(|_| crate::Error::Forbidden)?;
+        let dest_path = R::PathComponents::deserialize(&ParamsDeserializer::new(params))
+            .map_err(|_| crate::Error::Forbidden)?;
+
+        if resource_service
+            .copy_resource(&path, &dest_path, &principal, overwrite.is_true())
+            .await?
+        {
+            // Overwritten
+            Ok(StatusCode::NO_CONTENT.into_response())
+        } else {
+            // Not overwritten
+            Ok(StatusCode::CREATED.into_response())
+        }
+    } else {
         Ok(StatusCode::FORBIDDEN.into_response())
+    }
 }

crates/dav/src/resource/mod.rs

@@ -18,7 +18,7 @@ mod methods;
 mod principal_uri;
 mod resource_service;
 
-pub use axum_methods::AxumMethods;
+pub use axum_methods::{AxumMethods, MethodFunction};
 pub use axum_service::AxumService;
 pub use principal_uri::PrincipalUri;
 
@@ -37,7 +37,7 @@ pub trait Resource: Clone + Send + 'static {
     type Error: From<crate::Error>;
     type Principal: Principal;
 
-    const IS_COLLECTION: bool;
+    fn is_collection(&self) -> bool;
 
     fn get_resourcetype(&self) -> Resourcetype;
 
@@ -111,7 +111,7 @@ pub trait Resource: Clone + Send + 'static {
     ) -> Result<ResponseElement<Self::Prop>, Self::Error> {
         // Collections have a trailing slash
         let mut path = path.to_string();
-        if Self::IS_COLLECTION && !path.ends_with('/') {
+        if self.is_collection() && !path.ends_with('/') {
             path.push('/');
         }
 

crates/dav/src/resource/resource_service.rs

@@ -9,7 +9,13 @@ use serde::Deserialize;
 
 #[async_trait]
 pub trait ResourceService: Clone + Sized + Send + Sync + AxumMethods + 'static {
-    type PathComponents: for<'de> Deserialize<'de> + Sized + Send + Sync + Clone + 'static; // defines how the resource URI maps to parameters, i.e. /{principal}/{calendar} -> (String, String)
+    type PathComponents: std::fmt::Debug
+        + for<'de> Deserialize<'de>
+        + Sized
+        + Send
+        + Sync
+        + Clone
+        + 'static; // defines how the resource URI maps to parameters, i.e. /{principal}/{calendar} -> (String, String)
     type MemberType: Resource<Error = Self::Error, Principal = Self::Principal>
         + super::ResourceName;
     type Resource: Resource<Error = Self::Error, Principal = Self::Principal>;
@@ -47,6 +53,28 @@ pub trait ResourceService: Clone + Sized + Send + Sync + AxumMethods + 'static {
         Err(crate::Error::Unauthorized.into())
     }
 
+    // Returns whether an existing resource was overwritten
+    async fn copy_resource(
+        &self,
+        _path: &Self::PathComponents,
+        _destination: &Self::PathComponents,
+        _user: &Self::Principal,
+        _overwrite: bool,
+    ) -> Result<bool, Self::Error> {
+        Err(crate::Error::Forbidden.into())
+    }
+
+    // Returns whether an existing resource was overwritten
+    async fn move_resource(
+        &self,
+        _path: &Self::PathComponents,
+        _destination: &Self::PathComponents,
+        _user: &Self::Principal,
+        _overwrite: bool,
+    ) -> Result<bool, Self::Error> {
+        Err(crate::Error::Forbidden.into())
+    }
+
     fn axum_service(self) -> AxumService<Self>
     where
         Self: AxumMethods,

crates/dav/src/resources/root.rs

@@ -24,7 +24,9 @@ impl<PR: Resource, P: Principal> Resource for RootResource<PR, P> {
     type Error = PR::Error;
     type Principal = P;
 
-    const IS_COLLECTION: bool = true;
+    fn is_collection(&self) -> bool {
+        true
+    }
 
     fn get_resourcetype(&self) -> Resourcetype {
         Resourcetype(&[ResourcetypeInner(

crates/dav/src/xml/multistatus.rs

@@ -1,4 +1,5 @@
 use crate::xml::TagList;
+use headers::{CacheControl, ContentType, HeaderMapExt};
 use http::StatusCode;
 use quick_xml::name::Namespace;
 use rustical_xml::{XmlRootTag, XmlSerialize, XmlSerializeRoot};
@@ -109,7 +110,6 @@ impl<T1: XmlSerialize, T2: XmlSerialize> axum::response::IntoResponse
 {
     fn into_response(self) -> axum::response::Response {
         use axum::body::Body;
-        use http::header;
 
         let mut output: Vec<_> = b"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n".into();
         let mut writer = quick_xml::Writer::new_with_indent(&mut output, b' ', 4);
@@ -118,9 +118,9 @@ impl<T1: XmlSerialize, T2: XmlSerialize> axum::response::IntoResponse
         }
 
         let mut resp = axum::response::Response::builder().status(StatusCode::MULTI_STATUS);
-        resp.headers_mut()
+        let hdrs = resp.headers_mut().unwrap();
-            .unwrap()
+        hdrs.typed_insert(ContentType::xml());
-            .insert(header::CONTENT_TYPE, "application/xml".try_into().unwrap());
+        hdrs.typed_insert(CacheControl::new().with_no_cache());
         resp.body(Body::from(output)).unwrap()
     }
 }

crates/dav_push/Cargo.toml

@@ -23,3 +23,8 @@ tokio.workspace = true
 rustical_dav.workspace = true
 rustical_store.workspace = true
 http.workspace = true
+base64.workspace = true
+rand.workspace = true
+ece.workspace = true
+axum.workspace = true
+openssl.workspace = true

crates/dav_push/src/endpoints.rs

@@ -0,0 +1,23 @@
+use axum::{
+    Router,
+    extract::{Path, State},
+    response::{IntoResponse, Response},
+    routing::delete,
+};
+use http::StatusCode;
+use rustical_store::SubscriptionStore;
+use std::sync::Arc;
+
+async fn handle_delete<S: SubscriptionStore>(
+    State(store): State<Arc<S>>,
+    Path(id): Path<String>,
+) -> Result<Response, rustical_store::Error> {
+    store.delete_subscription(&id).await?;
+    Ok((StatusCode::NO_CONTENT, "Unregistered").into_response())
+}
+
+pub fn subscription_service<S: SubscriptionStore>(sub_store: Arc<S>) -> Router {
+    Router::new()
+        .route("/push_subscription/{id}", delete(handle_delete::<S>))
+        .with_state(sub_store)
+}

crates/dav_push/src/lib.rs

@@ -1,14 +1,41 @@
 mod extension;
-pub mod notifier;
 mod prop;
 pub mod register;
+use base64::Engine;
 use derive_more::Constructor;
 pub use extension::*;
+use http::{HeaderValue, Method, header};
 pub use prop::*;
-use rustical_store::{CollectionOperation, SubscriptionStore};
+use reqwest::{Body, Url};
-use std::sync::Arc;
+use rustical_store::{
+    CollectionOperation, CollectionOperationInfo, Subscription, SubscriptionStore,
+};
+use rustical_xml::{XmlRootTag, XmlSerialize, XmlSerializeRoot};
+use std::{collections::HashMap, sync::Arc, time::Duration};
 use tokio::sync::mpsc::Receiver;
-use tracing::error;
+use tracing::{error, warn};
+
+mod endpoints;
+pub use endpoints::subscription_service;
+
+#[derive(XmlSerialize, Debug)]
+pub struct ContentUpdate {
+    #[xml(ns = "rustical_dav::namespace::NS_DAV")]
+    sync_token: Option<String>,
+}
+
+#[derive(XmlSerialize, XmlRootTag, Debug)]
+#[xml(root = b"push-message", ns = "rustical_dav::namespace::NS_DAVPUSH")]
+#[xml(ns_prefix(
+    rustical_dav::namespace::NS_DAVPUSH = b"",
+    rustical_dav::namespace::NS_DAV = b"D",
+))]
+struct PushMessage {
+    #[xml(ns = "rustical_dav::namespace::NS_DAVPUSH")]
+    topic: String,
+    #[xml(ns = "rustical_dav::namespace::NS_DAVPUSH")]
+    content_update: Option<ContentUpdate>,
+}
 
 #[derive(Debug, Constructor)]
 pub struct DavPushController<S: SubscriptionStore> {
@@ -18,14 +45,176 @@ pub struct DavPushController<S: SubscriptionStore> {
 
 impl<S: SubscriptionStore> DavPushController<S> {
     pub async fn notifier(&self, mut recv: Receiver<CollectionOperation>) {
-        while let Some(message) = recv.recv().await {
+        loop {
-            let subscribers = match self.sub_store.get_subscriptions(&message.topic).await {
+            // Make sure we don't flood the subscribers
+            tokio::time::sleep(Duration::from_secs(10)).await;
+            let mut messages = vec![];
+            recv.recv_many(&mut messages, 100).await;
+
+            // Right now we just have to show the latest content update by topic
+            // This might become more complicated in the future depending on what kind of updates
+            // we add
+            let mut latest_messages = HashMap::new();
+            for message in messages {
+                if matches!(message.data, CollectionOperationInfo::Content { .. }) {
+                    latest_messages.insert(message.topic.to_string(), message);
+                }
+            }
+            let messages = latest_messages.into_values();
+
+            for message in messages {
+                self.send_message(message).await;
+            }
+        }
+    }
+
+    async fn send_message(&self, message: CollectionOperation) {
+        let subscriptions = match self.sub_store.get_subscriptions(&message.topic).await {
             Ok(subs) => subs,
             Err(err) => {
                 error!("{err}");
-                    continue;
+                return;
             }
         };
+
+        if subscriptions.is_empty() {
+            return;
+        }
+
+        if matches!(message.data, CollectionOperationInfo::Delete) {
+            // Collection has been deleted, but we cannot handle that
+            return;
+        }
+
+        let content_update = if let CollectionOperationInfo::Content { sync_token } = message.data {
+            Some(ContentUpdate {
+                sync_token: Some(sync_token),
+            })
+        } else {
+            None
+        };
+
+        let push_message = PushMessage {
+            topic: message.topic,
+            content_update,
+        };
+
+        let mut output: Vec<_> = b"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n".into();
+        let mut writer = quick_xml::Writer::new_with_indent(&mut output, b' ', 4);
+        if let Err(err) = push_message.serialize_root(&mut writer) {
+            error!("Could not serialize push message: {}", err);
+            return;
+        }
+        let payload = String::from_utf8(output).unwrap();
+
+        for subsciption in subscriptions {
+            if let Some(allowed_push_servers) = &self.allowed_push_servers {
+                if let Ok(url) = Url::parse(&subsciption.push_resource) {
+                    let origin = url.origin().unicode_serialization();
+                    if !allowed_push_servers.contains(&origin) {
+                        warn!(
+                            "Deleting subscription {} on topic {} because the endpoint is not in the list of allowed push servers",
+                            subsciption.id, subsciption.topic
+                        );
+                        self.try_delete_subscription(&subsciption.id).await;
+                    }
+                } else {
+                    warn!(
+                        "Deleting subscription {} on topic {} because of invalid URL",
+                        subsciption.id, subsciption.topic
+                    );
+                    self.try_delete_subscription(&subsciption.id).await;
+                };
+            }
+
+            if let Err(err) = self.send_payload(&payload, &subsciption).await {
+                error!("An error occured sending out a push notification: {err}");
+                if err.is_permament_error() {
+                    warn!(
+                        "Deleting subscription {} on topic {}",
+                        subsciption.id, subsciption.topic
+                    );
+                    self.try_delete_subscription(&subsciption.id).await;
+                }
+            }
+        }
+    }
+
+    async fn try_delete_subscription(&self, sub_id: &str) {
+        if let Err(err) = self.sub_store.delete_subscription(sub_id).await {
+            error!("Error deleting subsciption: {err}");
+        }
+    }
+
+    async fn send_payload(
+        &self,
+        payload: &str,
+        subsciption: &Subscription,
+    ) -> Result<(), NotifierError> {
+        if subsciption.public_key_type != "p256dh" {
+            return Err(NotifierError::InvalidPublicKeyType(
+                subsciption.public_key_type.to_string(),
+            ));
+        }
+        let endpoint = subsciption.push_resource.parse().map_err(|_| {
+            NotifierError::InvalidEndpointUrl(subsciption.push_resource.to_string())
+        })?;
+        let ua_public = base64::engine::general_purpose::URL_SAFE_NO_PAD
+            .decode(&subsciption.public_key)
+            .map_err(|_| NotifierError::InvalidKeyEncoding)?;
+        let auth_secret = base64::engine::general_purpose::URL_SAFE_NO_PAD
+            .decode(&subsciption.auth_secret)
+            .map_err(|_| NotifierError::InvalidKeyEncoding)?;
+
+        let client = reqwest::ClientBuilder::new()
+            .build()
+            .map_err(NotifierError::from)?;
+
+        let payload = ece::encrypt(&ua_public, &auth_secret, payload.as_bytes())?;
+
+        let mut request = reqwest::Request::new(Method::POST, endpoint);
+        *request.body_mut() = Some(Body::from(payload));
+        let hdrs = request.headers_mut();
+        hdrs.insert(
+            header::CONTENT_ENCODING,
+            HeaderValue::from_static("aes128gcm"),
+        );
+        hdrs.insert(
+            header::CONTENT_TYPE,
+            HeaderValue::from_static("application/octet-stream"),
+        );
+        client.execute(request).await?;
+
+        Ok(())
+    }
+}
+
+#[derive(Debug, thiserror::Error)]
+enum NotifierError {
+    #[error("Invalid public key type: {0}")]
+    InvalidPublicKeyType(String),
+    #[error("Invalid endpoint URL: {0}")]
+    InvalidEndpointUrl(String),
+    #[error("Invalid key encoding")]
+    InvalidKeyEncoding,
+    #[error(transparent)]
+    EceError(#[from] ece::Error),
+    #[error(transparent)]
+    ReqwestError(#[from] reqwest::Error),
+}
+
+impl NotifierError {
+    // Decide whether the error should cause the subscription to be removed
+    pub fn is_permament_error(&self) -> bool {
+        match self {
+            Self::InvalidPublicKeyType(_)
+            | Self::InvalidEndpointUrl(_)
+            | Self::InvalidKeyEncoding => true,
+            Self::EceError(err) => matches!(
+                err,
+                ece::Error::InvalidAuthSecret | ece::Error::InvalidKeyLength
+            ),
+            Self::ReqwestError(_) => false,
         }
     }
 }

crates/dav_push/src/notifier.rs

@@ -1,147 +0,0 @@
-use http::StatusCode;
-use reqwest::{
-    Method, Request,
-    header::{self, HeaderName, HeaderValue},
-};
-use rustical_dav::xml::multistatus::PropstatElement;
-use rustical_store::{CollectionOperation, CollectionOperationType, SubscriptionStore};
-use rustical_xml::{XmlRootTag, XmlSerialize, XmlSerializeRoot};
-use std::{str::FromStr, sync::Arc};
-use tokio::sync::mpsc::Receiver;
-use tracing::{error, info, warn};
-// use web_push::{SubscriptionInfo, WebPushMessage, WebPushMessageBuilder};
-
-#[derive(XmlSerialize, Debug)]
-struct PushMessageProp {
-    #[xml(ns = "rustical_dav::namespace::NS_DAV")]
-    topic: String,
-    #[xml(ns = "rustical_dav::namespace::NS_DAV")]
-    sync_token: Option<String>,
-}
-
-#[derive(XmlSerialize, XmlRootTag, Debug)]
-#[xml(root = b"push-message", ns = "rustical_dav::namespace::NS_DAVPUSH")]
-#[xml(ns_prefix(
-    rustical_dav::namespace::NS_DAVPUSH = b"",
-    rustical_dav::namespace::NS_DAV = b"D",
-))]
-struct PushMessage {
-    #[xml(ns = "rustical_dav::namespace::NS_DAV")]
-    propstat: PropstatElement<PushMessageProp>,
-}
-
-// pub fn build_request(message: WebPushMessage) -> Request {
-//     // A little janky :)
-//     let url = reqwest::Url::from_str(&message.endpoint.to_string()).unwrap();
-//     let mut builder = Request::new(Method::POST, url);
-//
-//     if let Some(topic) = message.topic {
-//         builder
-//             .headers_mut()
-//             .insert("Topic", HeaderValue::from_str(topic.as_str()).unwrap());
-//     }
-//
-//     if let Some(payload) = message.payload {
-//         builder.headers_mut().insert(
-//             header::CONTENT_ENCODING,
-//             HeaderValue::from_static(payload.content_encoding.to_str()),
-//         );
-//         builder.headers_mut().insert(
-//             header::CONTENT_TYPE,
-//             HeaderValue::from_static("application/octet-stream"),
-//         );
-//
-//         for (k, v) in payload.crypto_headers.into_iter() {
-//             let v: &str = v.as_ref();
-//             builder.headers_mut().insert(
-//                 HeaderName::from_static(k),
-//                 HeaderValue::from_str(&v).unwrap(),
-//             );
-//         }
-//
-//         *builder.body_mut() = Some(reqwest::Body::from(payload.content));
-//     }
-//     builder
-// }
-
-pub async fn push_notifier(
-    allowed_push_servers: Option<Vec<String>>,
-    mut recv: Receiver<CollectionOperation>,
-    sub_store: Arc<impl SubscriptionStore>,
-) {
-    let client = reqwest::Client::new();
-
-    while let Some(message) = recv.recv().await {
-        let subscribers = match sub_store.get_subscriptions(&message.topic).await {
-            Ok(subs) => subs,
-            Err(err) => {
-                error!("{err}");
-                continue;
-            }
-        };
-
-        let status = match message.r#type {
-            CollectionOperationType::Object => StatusCode::OK,
-            CollectionOperationType::Delete => StatusCode::NOT_FOUND,
-        };
-
-        let push_message = PushMessage {
-            propstat: PropstatElement {
-                prop: PushMessageProp {
-                    topic: message.topic,
-                    sync_token: message.sync_token,
-                },
-                status,
-            },
-        };
-
-        let mut output: Vec<_> = b"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n".into();
-        let mut writer = quick_xml::Writer::new_with_indent(&mut output, b' ', 4);
-        if let Err(err) = push_message.serialize_root(&mut writer) {
-            error!("Could not serialize push message: {}", err);
-            continue;
-        }
-        let payload = String::from_utf8(output).unwrap();
-        // for subscriber in subscribers {
-        //     let push_resource = subscriber.push_resource;
-        //
-        //     let sub_info = SubscriptionInfo {
-        //         endpoint: push_resource.to_owned(),
-        //         keys: web_push::SubscriptionKeys {
-        //             p256dh: subscriber.public_key,
-        //             auth: subscriber.auth_secret,
-        //         },
-        //     };
-        //     let mut builder = WebPushMessageBuilder::new(&sub_info);
-        //     builder.set_payload(web_push::ContentEncoding::Aes128Gcm, payload.as_bytes());
-        //     let push_message = builder.build().unwrap();
-        //     let request = build_request(push_message);
-        //
-        //     let allowed = if let Some(allowed_push_servers) = &allowed_push_servers {
-        //         if let Ok(resource_url) = reqwest::Url::parse(&push_resource) {
-        //             let origin = resource_url.origin().ascii_serialization();
-        //             allowed_push_servers
-        //                 .iter()
-        //                 .any(|allowed_push_server| allowed_push_server == &origin)
-        //         } else {
-        //             warn!("Invalid push url: {push_resource}");
-        //             false
-        //         }
-        //     } else {
-        //         true
-        //     };
-        //
-        //     if allowed {
-        //         info!("Sending a push message to {}: {}", push_resource, payload);
-        //         if let Err(err) = client.execute(request).await {
-        //             error!("{err}");
-        //         }
-        //     } else {
-        //         warn!(
-        //             "Not sending a push notification to {} since it's not allowed in dav_push::allowed_push_servers",
-        //             push_resource
-        //         );
-        //     }
-        // }
-    }
-}

crates/frontend/Cargo.toml

@@ -7,6 +7,10 @@ repository.workspace = true
 license.workspace = true
 publish = false
 
+[features]
+default = []
+dev = ["tower-http/fs"]
+
 [dependencies]
 tower.workspace = true
 http.workspace = true
@@ -34,3 +38,4 @@ axum-extra.workspace = true
 headers.workspace = true
 tower-sessions.workspace = true
 percent-encoding.workspace = true
+tower-http = { workspace = true, optional = true }

crates/frontend/js-components/deno.json

@@ -0,0 +1,19 @@
+{
+  "tasks": {
+    "dev": "deno run -A --node-modules-dir npm:vite build --emptyOutDir --watch",
+    "build": "deno run -A --node-modules-dir npm:vite build --emptyOutDir"
+  },
+  "compilerOptions": {
+    "lib": [
+      "ES2024",
+      "DOM",
+      "DOM.Iterable"
+    ]
+  },
+  "imports": {
+    "@deno/vite-plugin": "npm:@deno/vite-plugin@^1.0.4",
+    "lit": "npm:lit@^3.2.1",
+    "vite": "npm:vite@^6.1.1",
+    "webdav": "npm:webdav@^5.8.0"
+  }
+}

crates/frontend/js-components/deno.lock

@@ -0,0 +1,436 @@
+{
+  "version": "4",
+  "specifiers": {
+    "npm:@deno/vite-plugin@^1.0.4": "1.0.4_vite@6.3.5__picomatch@4.0.2",
+    "npm:lit@^3.2.1": "3.3.0",
+    "npm:vite@*": "6.3.5_picomatch@4.0.2",
+    "npm:vite@^6.1.1": "6.3.5_picomatch@4.0.2",
+    "npm:webdav@^5.8.0": "5.8.0"
+  },
+  "npm": {
+    "@buttercup/fetch@0.2.1": {
+      "integrity": "sha512-sCgECOx8wiqY8NN1xN22BqqKzXYIG2AicNLlakOAI4f0WgyLVUbAigMf8CZhBtJxdudTcB1gD5lciqi44jwJvg==",
+      "dependencies": [
+        "node-fetch"
+      ]
+    },
+    "@deno/vite-plugin@1.0.4_vite@6.3.5__picomatch@4.0.2": {
+      "integrity": "sha512-xg8YT8Wn2sGXSnJgiGTpBGX1Dov0c6fd1rAp8VsfrCUtyBRRWzwVMAnd3fQ4yq8h7LSVvJUxEFN4U421k/DQLA==",
+      "dependencies": [
+        "vite"
+      ]
+    },
+    "@esbuild/aix-ppc64@0.25.5": {
+      "integrity": "sha512-9o3TMmpmftaCMepOdA5k/yDw8SfInyzWWTjYTFCX3kPSDJMROQTb8jg+h9Cnwnmm1vOzvxN7gIfB5V2ewpjtGA=="
+    },
+    "@esbuild/android-arm64@0.25.5": {
+      "integrity": "sha512-VGzGhj4lJO+TVGV1v8ntCZWJktV7SGCs3Pn1GRWI1SBFtRALoomm8k5E9Pmwg3HOAal2VDc2F9+PM/rEY6oIDg=="
+    },
+    "@esbuild/android-arm@0.25.5": {
+      "integrity": "sha512-AdJKSPeEHgi7/ZhuIPtcQKr5RQdo6OO2IL87JkianiMYMPbCtot9fxPbrMiBADOWWm3T2si9stAiVsGbTQFkbA=="
+    },
+    "@esbuild/android-x64@0.25.5": {
+      "integrity": "sha512-D2GyJT1kjvO//drbRT3Hib9XPwQeWd9vZoBJn+bu/lVsOZ13cqNdDeqIF/xQ5/VmWvMduP6AmXvylO/PIc2isw=="
+    },
+    "@esbuild/darwin-arm64@0.25.5": {
+      "integrity": "sha512-GtaBgammVvdF7aPIgH2jxMDdivezgFu6iKpmT+48+F8Hhg5J/sfnDieg0aeG/jfSvkYQU2/pceFPDKlqZzwnfQ=="
+    },
+    "@esbuild/darwin-x64@0.25.5": {
+      "integrity": "sha512-1iT4FVL0dJ76/q1wd7XDsXrSW+oLoquptvh4CLR4kITDtqi2e/xwXwdCVH8hVHU43wgJdsq7Gxuzcs6Iq/7bxQ=="
+    },
+    "@esbuild/freebsd-arm64@0.25.5": {
+      "integrity": "sha512-nk4tGP3JThz4La38Uy/gzyXtpkPW8zSAmoUhK9xKKXdBCzKODMc2adkB2+8om9BDYugz+uGV7sLmpTYzvmz6Sw=="
+    },
+    "@esbuild/freebsd-x64@0.25.5": {
+      "integrity": "sha512-PrikaNjiXdR2laW6OIjlbeuCPrPaAl0IwPIaRv+SMV8CiM8i2LqVUHFC1+8eORgWyY7yhQY+2U2fA55mBzReaw=="
+    },
+    "@esbuild/linux-arm64@0.25.5": {
+      "integrity": "sha512-Z9kfb1v6ZlGbWj8EJk9T6czVEjjq2ntSYLY2cw6pAZl4oKtfgQuS4HOq41M/BcoLPzrUbNd+R4BXFyH//nHxVg=="
+    },
+    "@esbuild/linux-arm@0.25.5": {
+      "integrity": "sha512-cPzojwW2okgh7ZlRpcBEtsX7WBuqbLrNXqLU89GxWbNt6uIg78ET82qifUy3W6OVww6ZWobWub5oqZOVtwolfw=="
+    },
+    "@esbuild/linux-ia32@0.25.5": {
+      "integrity": "sha512-sQ7l00M8bSv36GLV95BVAdhJ2QsIbCuCjh/uYrWiMQSUuV+LpXwIqhgJDcvMTj+VsQmqAHL2yYaasENvJ7CDKA=="
+    },
+    "@esbuild/linux-loong64@0.25.5": {
+      "integrity": "sha512-0ur7ae16hDUC4OL5iEnDb0tZHDxYmuQyhKhsPBV8f99f6Z9KQM02g33f93rNH5A30agMS46u2HP6qTdEt6Q1kg=="
+    },
+    "@esbuild/linux-mips64el@0.25.5": {
+      "integrity": "sha512-kB/66P1OsHO5zLz0i6X0RxlQ+3cu0mkxS3TKFvkb5lin6uwZ/ttOkP3Z8lfR9mJOBk14ZwZ9182SIIWFGNmqmg=="
+    },
+    "@esbuild/linux-ppc64@0.25.5": {
+      "integrity": "sha512-UZCmJ7r9X2fe2D6jBmkLBMQetXPXIsZjQJCjgwpVDz+YMcS6oFR27alkgGv3Oqkv07bxdvw7fyB71/olceJhkQ=="
+    },
+    "@esbuild/linux-riscv64@0.25.5": {
+      "integrity": "sha512-kTxwu4mLyeOlsVIFPfQo+fQJAV9mh24xL+y+Bm6ej067sYANjyEw1dNHmvoqxJUCMnkBdKpvOn0Ahql6+4VyeA=="
+    },
+    "@esbuild/linux-s390x@0.25.5": {
+      "integrity": "sha512-K2dSKTKfmdh78uJ3NcWFiqyRrimfdinS5ErLSn3vluHNeHVnBAFWC8a4X5N+7FgVE1EjXS1QDZbpqZBjfrqMTQ=="
+    },
+    "@esbuild/linux-x64@0.25.5": {
+      "integrity": "sha512-uhj8N2obKTE6pSZ+aMUbqq+1nXxNjZIIjCjGLfsWvVpy7gKCOL6rsY1MhRh9zLtUtAI7vpgLMK6DxjO8Qm9lJw=="
+    },
+    "@esbuild/netbsd-arm64@0.25.5": {
+      "integrity": "sha512-pwHtMP9viAy1oHPvgxtOv+OkduK5ugofNTVDilIzBLpoWAM16r7b/mxBvfpuQDpRQFMfuVr5aLcn4yveGvBZvw=="
+    },
+    "@esbuild/netbsd-x64@0.25.5": {
+      "integrity": "sha512-WOb5fKrvVTRMfWFNCroYWWklbnXH0Q5rZppjq0vQIdlsQKuw6mdSihwSo4RV/YdQ5UCKKvBy7/0ZZYLBZKIbwQ=="
+    },
+    "@esbuild/openbsd-arm64@0.25.5": {
+      "integrity": "sha512-7A208+uQKgTxHd0G0uqZO8UjK2R0DDb4fDmERtARjSHWxqMTye4Erz4zZafx7Di9Cv+lNHYuncAkiGFySoD+Mw=="
+    },
+    "@esbuild/openbsd-x64@0.25.5": {
+      "integrity": "sha512-G4hE405ErTWraiZ8UiSoesH8DaCsMm0Cay4fsFWOOUcz8b8rC6uCvnagr+gnioEjWn0wC+o1/TAHt+It+MpIMg=="
+    },
+    "@esbuild/sunos-x64@0.25.5": {
+      "integrity": "sha512-l+azKShMy7FxzY0Rj4RCt5VD/q8mG/e+mDivgspo+yL8zW7qEwctQ6YqKX34DTEleFAvCIUviCFX1SDZRSyMQA=="
+    },
+    "@esbuild/win32-arm64@0.25.5": {
+      "integrity": "sha512-O2S7SNZzdcFG7eFKgvwUEZ2VG9D/sn/eIiz8XRZ1Q/DO5a3s76Xv0mdBzVM5j5R639lXQmPmSo0iRpHqUUrsxw=="
+    },
+    "@esbuild/win32-ia32@0.25.5": {
+      "integrity": "sha512-onOJ02pqs9h1iMJ1PQphR+VZv8qBMQ77Klcsqv9CNW2w6yLqoURLcgERAIurY6QE63bbLuqgP9ATqajFLK5AMQ=="
+    },
+    "@esbuild/win32-x64@0.25.5": {
+      "integrity": "sha512-TXv6YnJ8ZMVdX+SXWVBo/0p8LTcrUYngpWjvm91TMjjBQii7Oz11Lw5lbDV5Y0TzuhSJHwiH4hEtC1I42mMS0g=="
+    },
+    "@lit-labs/ssr-dom-shim@1.3.0": {
+      "integrity": "sha512-nQIWonJ6eFAvUUrSlwyHDm/aE8PBDu5kRpL0vHMg6K8fK3Diq1xdPjTnsJSwxABhaZ+5eBi1btQB5ShUTKo4nQ=="
+    },
+    "@lit/reactive-element@2.1.0": {
+      "integrity": "sha512-L2qyoZSQClcBmq0qajBVbhYEcG6iK0XfLn66ifLe/RfC0/ihpc+pl0Wdn8bJ8o+hj38cG0fGXRgSS20MuXn7qA==",
+      "dependencies": [
+        "@lit-labs/ssr-dom-shim"
+      ]
+    },
+    "@rollup/rollup-android-arm-eabi@4.43.0": {
+      "integrity": "sha512-Krjy9awJl6rKbruhQDgivNbD1WuLb8xAclM4IR4cN5pHGAs2oIMMQJEiC3IC/9TZJ+QZkmZhlMO/6MBGxPidpw=="
+    },
+    "@rollup/rollup-android-arm64@4.43.0": {
+      "integrity": "sha512-ss4YJwRt5I63454Rpj+mXCXicakdFmKnUNxr1dLK+5rv5FJgAxnN7s31a5VchRYxCFWdmnDWKd0wbAdTr0J5EA=="
+    },
+    "@rollup/rollup-darwin-arm64@4.43.0": {
+      "integrity": "sha512-eKoL8ykZ7zz8MjgBenEF2OoTNFAPFz1/lyJ5UmmFSz5jW+7XbH1+MAgCVHy72aG59rbuQLcJeiMrP8qP5d/N0A=="
+    },
+    "@rollup/rollup-darwin-x64@4.43.0": {
+      "integrity": "sha512-SYwXJgaBYW33Wi/q4ubN+ldWC4DzQY62S4Ll2dgfr/dbPoF50dlQwEaEHSKrQdSjC6oIe1WgzosoaNoHCdNuMg=="
+    },
+    "@rollup/rollup-freebsd-arm64@4.43.0": {
+      "integrity": "sha512-SV+U5sSo0yujrjzBF7/YidieK2iF6E7MdF6EbYxNz94lA+R0wKl3SiixGyG/9Klab6uNBIqsN7j4Y/Fya7wAjQ=="
+    },
+    "@rollup/rollup-freebsd-x64@4.43.0": {
+      "integrity": "sha512-J7uCsiV13L/VOeHJBo5SjasKiGxJ0g+nQTrBkAsmQBIdil3KhPnSE9GnRon4ejX1XDdsmK/l30IYLiAaQEO0Cg=="
+    },
+    "@rollup/rollup-linux-arm-gnueabihf@4.43.0": {
+      "integrity": "sha512-gTJ/JnnjCMc15uwB10TTATBEhK9meBIY+gXP4s0sHD1zHOaIh4Dmy1X9wup18IiY9tTNk5gJc4yx9ctj/fjrIw=="
+    },
+    "@rollup/rollup-linux-arm-musleabihf@4.43.0": {
+      "integrity": "sha512-ZJ3gZynL1LDSIvRfz0qXtTNs56n5DI2Mq+WACWZ7yGHFUEirHBRt7fyIk0NsCKhmRhn7WAcjgSkSVVxKlPNFFw=="
+    },
+    "@rollup/rollup-linux-arm64-gnu@4.43.0": {
+      "integrity": "sha512-8FnkipasmOOSSlfucGYEu58U8cxEdhziKjPD2FIa0ONVMxvl/hmONtX/7y4vGjdUhjcTHlKlDhw3H9t98fPvyA=="
+    },
+    "@rollup/rollup-linux-arm64-musl@4.43.0": {
+      "integrity": "sha512-KPPyAdlcIZ6S9C3S2cndXDkV0Bb1OSMsX0Eelr2Bay4EsF9yi9u9uzc9RniK3mcUGCLhWY9oLr6er80P5DE6XA=="
+    },
+    "@rollup/rollup-linux-loongarch64-gnu@4.43.0": {
+      "integrity": "sha512-HPGDIH0/ZzAZjvtlXj6g+KDQ9ZMHfSP553za7o2Odegb/BEfwJcR0Sw0RLNpQ9nC6Gy8s+3mSS9xjZ0n3rhcYg=="
+    },
+    "@rollup/rollup-linux-powerpc64le-gnu@4.43.0": {
+      "integrity": "sha512-gEmwbOws4U4GLAJDhhtSPWPXUzDfMRedT3hFMyRAvM9Mrnj+dJIFIeL7otsv2WF3D7GrV0GIewW0y28dOYWkmw=="
+    },
+    "@rollup/rollup-linux-riscv64-gnu@4.43.0": {
+      "integrity": "sha512-XXKvo2e+wFtXZF/9xoWohHg+MuRnvO29TI5Hqe9xwN5uN8NKUYy7tXUG3EZAlfchufNCTHNGjEx7uN78KsBo0g=="
+    },
+    "@rollup/rollup-linux-riscv64-musl@4.43.0": {
+      "integrity": "sha512-ruf3hPWhjw6uDFsOAzmbNIvlXFXlBQ4nk57Sec8E8rUxs/AI4HD6xmiiasOOx/3QxS2f5eQMKTAwk7KHwpzr/Q=="
+    },
+    "@rollup/rollup-linux-s390x-gnu@4.43.0": {
+      "integrity": "sha512-QmNIAqDiEMEvFV15rsSnjoSmO0+eJLoKRD9EAa9rrYNwO/XRCtOGM3A5A0X+wmG+XRrw9Fxdsw+LnyYiZWWcVw=="
+    },
+    "@rollup/rollup-linux-x64-gnu@4.43.0": {
+      "integrity": "sha512-jAHr/S0iiBtFyzjhOkAics/2SrXE092qyqEg96e90L3t9Op8OTzS6+IX0Fy5wCt2+KqeHAkti+eitV0wvblEoQ=="
+    },
+    "@rollup/rollup-linux-x64-musl@4.43.0": {
+      "integrity": "sha512-3yATWgdeXyuHtBhrLt98w+5fKurdqvs8B53LaoKD7P7H7FKOONLsBVMNl9ghPQZQuYcceV5CDyPfyfGpMWD9mQ=="
+    },
+    "@rollup/rollup-win32-arm64-msvc@4.43.0": {
+      "integrity": "sha512-wVzXp2qDSCOpcBCT5WRWLmpJRIzv23valvcTwMHEobkjippNf+C3ys/+wf07poPkeNix0paTNemB2XrHr2TnGw=="
+    },
+    "@rollup/rollup-win32-ia32-msvc@4.43.0": {
+      "integrity": "sha512-fYCTEyzf8d+7diCw8b+asvWDCLMjsCEA8alvtAutqJOJp/wL5hs1rWSqJ1vkjgW0L2NB4bsYJrpKkiIPRR9dvw=="
+    },
+    "@rollup/rollup-win32-x64-msvc@4.43.0": {
+      "integrity": "sha512-SnGhLiE5rlK0ofq8kzuDkM0g7FN1s5VYY+YSMTibP7CqShxCQvqtNxTARS4xX4PFJfHjG0ZQYX9iGzI3FQh5Aw=="
+    },
+    "@types/estree@1.0.7": {
+      "integrity": "sha512-w28IoSUCJpidD/TGviZwwMJckNESJZXFu7NBZ5YJ4mEUnNraUn9Pm8HSZm/jDF1pDWYKspWE7oVphigUPRakIQ=="
+    },
+    "@types/trusted-types@2.0.7": {
+      "integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw=="
+    },
+    "balanced-match@1.0.2": {
+      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="
+    },
+    "base-64@1.0.0": {
+      "integrity": "sha512-kwDPIFCGx0NZHog36dj+tHiwP4QMzsZ3AgMViUBKI0+V5n4U0ufTCUMhnQ04diaRI8EX/QcPfql7zlhZ7j4zgg=="
+    },
+    "brace-expansion@2.0.2": {
+      "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+      "dependencies": [
+        "balanced-match"
+      ]
+    },
+    "byte-length@1.0.2": {
+      "integrity": "sha512-ovBpjmsgd/teRmgcPh23d4gJvxDoXtAzEL9xTfMU8Yc2kqCDb7L9jAG0XHl1nzuGl+h3ebCIF1i62UFyA9V/2Q=="
+    },
+    "charenc@0.0.2": {
+      "integrity": "sha512-yrLQ/yVUFXkzg7EDQsPieE/53+0RlaWTs+wBrvW36cyilJ2SaDWfl4Yj7MtLTXleV9uEKefbAGUPv2/iWSooRA=="
+    },
+    "crypt@0.0.2": {
+      "integrity": "sha512-mCxBlsHFYh9C+HVpiEacem8FEBnMXgU9gy4zmNC+SXAZNB/1idgp/aulFJ4FgCi7GPEVbfyng092GqL2k2rmow=="
+    },
+    "data-uri-to-buffer@4.0.1": {
+      "integrity": "sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A=="
+    },
+    "entities@6.0.1": {
+      "integrity": "sha512-aN97NXWF6AWBTahfVOIrB/NShkzi5H7F9r1s9mD3cDj4Ko5f2qhhVoYMibXF7GlLveb/D2ioWay8lxI97Ven3g=="
+    },
+    "esbuild@0.25.5": {
+      "integrity": "sha512-P8OtKZRv/5J5hhz0cUAdu/cLuPIKXpQl1R9pZtvmHWQvrAUVd0UNIPT4IB4W3rNOqVO0rlqHmCIbSwxh/c9yUQ==",
+      "dependencies": [
+        "@esbuild/aix-ppc64",
+        "@esbuild/android-arm",
+        "@esbuild/android-arm64",
+        "@esbuild/android-x64",
+        "@esbuild/darwin-arm64",
+        "@esbuild/darwin-x64",
+        "@esbuild/freebsd-arm64",
+        "@esbuild/freebsd-x64",
+        "@esbuild/linux-arm",
+        "@esbuild/linux-arm64",
+        "@esbuild/linux-ia32",
+        "@esbuild/linux-loong64",
+        "@esbuild/linux-mips64el",
+        "@esbuild/linux-ppc64",
+        "@esbuild/linux-riscv64",
+        "@esbuild/linux-s390x",
+        "@esbuild/linux-x64",
+        "@esbuild/netbsd-arm64",
+        "@esbuild/netbsd-x64",
+        "@esbuild/openbsd-arm64",
+        "@esbuild/openbsd-x64",
+        "@esbuild/sunos-x64",
+        "@esbuild/win32-arm64",
+        "@esbuild/win32-ia32",
+        "@esbuild/win32-x64"
+      ]
+    },
+    "fast-xml-parser@4.5.3": {
+      "integrity": "sha512-RKihhV+SHsIUGXObeVy9AXiBbFwkVk7Syp8XgwN5U3JV416+Gwp/GO9i0JYKmikykgz/UHRrrV4ROuZEo/T0ig==",
+      "dependencies": [
+        "strnum"
+      ]
+    },
+    "fdir@6.4.6_picomatch@4.0.2": {
+      "integrity": "sha512-hiFoqpyZcfNm1yc4u8oWCf9A2c4D3QjCrks3zmoVKVxpQRzmPNar1hUJcBG2RQHvEVGDN+Jm81ZheVLAQMK6+w==",
+      "dependencies": [
+        "picomatch"
+      ]
+    },
+    "fetch-blob@3.2.0": {
+      "integrity": "sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==",
+      "dependencies": [
+        "node-domexception",
+        "web-streams-polyfill"
+      ]
+    },
+    "formdata-polyfill@4.0.10": {
+      "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==",
+      "dependencies": [
+        "fetch-blob"
+      ]
+    },
+    "fsevents@2.3.3": {
+      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw=="
+    },
+    "hot-patcher@2.0.1": {
+      "integrity": "sha512-ECg1JFG0YzehicQaogenlcs2qg6WsXQsxtnbr1i696u5tLUjtJdQAh0u2g0Q5YV45f263Ta1GnUJsc8WIfJf4Q=="
+    },
+    "is-buffer@1.1.6": {
+      "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w=="
+    },
+    "layerr@3.0.0": {
+      "integrity": "sha512-tv754Ki2dXpPVApOrjTyRo4/QegVb9eVFq4mjqp4+NM5NaX7syQvN5BBNfV/ZpAHCEHV24XdUVrBAoka4jt3pA=="
+    },
+    "lit-element@4.2.0": {
+      "integrity": "sha512-MGrXJVAI5x+Bfth/pU9Kst1iWID6GHDLEzFEnyULB/sFiRLgkd8NPK/PeeXxktA3T6EIIaq8U3KcbTU5XFcP2Q==",
+      "dependencies": [
+        "@lit-labs/ssr-dom-shim",
+        "@lit/reactive-element",
+        "lit-html"
+      ]
+    },
+    "lit-html@3.3.0": {
+      "integrity": "sha512-RHoswrFAxY2d8Cf2mm4OZ1DgzCoBKUKSPvA1fhtSELxUERq2aQQ2h05pO9j81gS1o7RIRJ+CePLogfyahwmynw==",
+      "dependencies": [
+        "@types/trusted-types"
+      ]
+    },
+    "lit@3.3.0": {
+      "integrity": "sha512-DGVsqsOIHBww2DqnuZzW7QsuCdahp50ojuDaBPC7jUDRpYoH0z7kHBBYZewRzer75FwtrkmkKk7iOAwSaWdBmw==",
+      "dependencies": [
+        "@lit/reactive-element",
+        "lit-element",
+        "lit-html"
+      ]
+    },
+    "md5@2.3.0": {
+      "integrity": "sha512-T1GITYmFaKuO91vxyoQMFETst+O71VUPEU3ze5GNzDm0OWdP8v1ziTaAEPUr/3kLsY3Sftgz242A1SetQiDL7g==",
+      "dependencies": [
+        "charenc",
+        "crypt",
+        "is-buffer"
+      ]
+    },
+    "minimatch@9.0.5": {
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+      "dependencies": [
+        "brace-expansion"
+      ]
+    },
+    "nanoid@3.3.11": {
+      "integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w=="
+    },
+    "nested-property@4.0.0": {
+      "integrity": "sha512-yFehXNWRs4cM0+dz7QxCd06hTbWbSkV0ISsqBfkntU6TOY4Qm3Q88fRRLOddkGh2Qq6dZvnKVAahfhjcUvLnyA=="
+    },
+    "node-domexception@1.0.0": {
+      "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ=="
+    },
+    "node-fetch@3.3.2": {
+      "integrity": "sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==",
+      "dependencies": [
+        "data-uri-to-buffer",
+        "fetch-blob",
+        "formdata-polyfill"
+      ]
+    },
+    "path-posix@1.0.0": {
+      "integrity": "sha512-1gJ0WpNIiYcQydgg3Ed8KzvIqTsDpNwq+cjBCssvBtuTWjEqY1AW+i+OepiEMqDCzyro9B2sLAe4RBPajMYFiA=="
+    },
+    "picocolors@1.1.1": {
+      "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA=="
+    },
+    "picomatch@4.0.2": {
+      "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg=="
+    },
+    "postcss@8.5.5": {
+      "integrity": "sha512-d/jtm+rdNT8tpXuHY5MMtcbJFBkhXE6593XVR9UoGCH8jSFGci7jGvMGH5RYd5PBJW+00NZQt6gf7CbagJCrhg==",
+      "dependencies": [
+        "nanoid",
+        "picocolors",
+        "source-map-js"
+      ]
+    },
+    "querystringify@2.2.0": {
+      "integrity": "sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ=="
+    },
+    "requires-port@1.0.0": {
+      "integrity": "sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ=="
+    },
+    "rollup@4.43.0": {
+      "integrity": "sha512-wdN2Kd3Twh8MAEOEJZsuxuLKCsBEo4PVNLK6tQWAn10VhsVewQLzcucMgLolRlhFybGxfclbPeEYBaP6RvUFGg==",
+      "dependencies": [
+        "@rollup/rollup-android-arm-eabi",
+        "@rollup/rollup-android-arm64",
+        "@rollup/rollup-darwin-arm64",
+        "@rollup/rollup-darwin-x64",
+        "@rollup/rollup-freebsd-arm64",
+        "@rollup/rollup-freebsd-x64",
+        "@rollup/rollup-linux-arm-gnueabihf",
+        "@rollup/rollup-linux-arm-musleabihf",
+        "@rollup/rollup-linux-arm64-gnu",
+        "@rollup/rollup-linux-arm64-musl",
+        "@rollup/rollup-linux-loongarch64-gnu",
+        "@rollup/rollup-linux-powerpc64le-gnu",
+        "@rollup/rollup-linux-riscv64-gnu",
+        "@rollup/rollup-linux-riscv64-musl",
+        "@rollup/rollup-linux-s390x-gnu",
+        "@rollup/rollup-linux-x64-gnu",
+        "@rollup/rollup-linux-x64-musl",
+        "@rollup/rollup-win32-arm64-msvc",
+        "@rollup/rollup-win32-ia32-msvc",
+        "@rollup/rollup-win32-x64-msvc",
+        "@types/estree",
+        "fsevents"
+      ]
+    },
+    "source-map-js@1.2.1": {
+      "integrity": "sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA=="
+    },
+    "strnum@1.1.2": {
+      "integrity": "sha512-vrN+B7DBIoTTZjnPNewwhx6cBA/H+IS7rfW68n7XxC1y7uoiGQBxaKzqucGUgavX15dJgiGztLJ8vxuEzwqBdA=="
+    },
+    "tinyglobby@0.2.14_picomatch@4.0.2": {
+      "integrity": "sha512-tX5e7OM1HnYr2+a2C/4V0htOcSQcoSTH9KgJnVvNm5zm/cyEWKJ7j7YutsH9CxMdtOkkLFy2AHrMci9IM8IPZQ==",
+      "dependencies": [
+        "fdir",
+        "picomatch"
+      ]
+    },
+    "url-join@5.0.0": {
+      "integrity": "sha512-n2huDr9h9yzd6exQVnH/jU5mr+Pfx08LRXXZhkLLetAMESRj+anQsTAh940iMrIetKAmry9coFuZQ2jY8/p3WA=="
+    },
+    "url-parse@1.5.10": {
+      "integrity": "sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==",
+      "dependencies": [
+        "querystringify",
+        "requires-port"
+      ]
+    },
+    "vite@6.3.5_picomatch@4.0.2": {
+      "integrity": "sha512-cZn6NDFE7wdTpINgs++ZJ4N49W2vRp8LCKrn3Ob1kYNtOo21vfDoaV5GzBfLU4MovSAB8uNRm4jgzVQZ+mBzPQ==",
+      "dependencies": [
+        "esbuild",
+        "fdir",
+        "fsevents",
+        "picomatch",
+        "postcss",
+        "rollup",
+        "tinyglobby"
+      ]
+    },
+    "web-streams-polyfill@3.3.3": {
+      "integrity": "sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw=="
+    },
+    "webdav@5.8.0": {
+      "integrity": "sha512-iuFG7NamJ41Oshg4930iQgfIpRrUiatPWIekeznYgEf2EOraTRcDPTjy7gIOMtkdpKTaqPk1E68NO5PAGtJahA==",
+      "dependencies": [
+        "@buttercup/fetch",
+        "base-64",
+        "byte-length",
+        "entities",
+        "fast-xml-parser",
+        "hot-patcher",
+        "layerr",
+        "md5",
+        "minimatch",
+        "nested-property",
+        "node-fetch",
+        "path-posix",
+        "url-join",
+        "url-parse"
+      ]
+    }
+  },
+  "workspace": {
+    "dependencies": [
+      "npm:@deno/vite-plugin@^1.0.4",
+      "npm:lit@^3.2.1",
+      "npm:vite@^6.1.1",
+      "npm:webdav@^5.8.0"
+    ]
+  }
+}

crates/frontend/js-components/index.html

@@ -0,0 +1,16 @@
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <link rel="icon" type="image/svg+xml" href="/vite.svg" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Vite + Lit</title>
+    <link rel="stylesheet" href="./src/index.css" />
+    <script type="module" src="/src/my-element.ts"></script>
+  </head>
+  <body>
+    <my-element>
+      <h1>Vite + Lit</h1>
+    </my-element>
+  </body>
+</html>

crates/frontend/js-components/lib/create-addressbook-form.ts

@@ -0,0 +1,92 @@
+import { html, LitElement } from "lit";
+import { customElement, property } from "lit/decorators.js";
+import { Ref, createRef, ref } from 'lit/directives/ref.js';
+import { createClient } from "webdav";
+
+@customElement("create-addressbook-form")
+export class CreateAddressbookForm extends LitElement {
+  constructor() {
+    super()
+
+  }
+
+  protected override createRenderRoot() {
+    return this
+  }
+
+  client = createClient("/carddav")
+
+  @property()
+  user: String = ''
+  @property()
+  id: String = ''
+  @property()
+  displayname: String = ''
+  @property()
+  description: String = ''
+
+  dialog: Ref<HTMLDialogElement> = createRef()
+  form: Ref<HTMLFormElement> = createRef()
+
+  override render() {
+    return html`
+      <button @click=${() => this.dialog.value.showModal()}>Create addressbook</button>
+      <dialog ${ref(this.dialog)}>
+        <h3>Create addressbook</h3>
+        <form @submit=${this.submit} ${ref(this.form)}>
+          <label>
+            id
+            <input type="text" name="id" @change=${e => this.id = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Displayname
+            <input type="text" name="displayname" value=${this.displayname} @change=${e => this.displayname = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Description
+            <input type="text" name="description" @change=${e => this.description = e.target.value} />
+          </label>
+          <br>
+          <button type="submit">Create</button>
+          <button type="submit" @click=${event => { event.preventDefault(); this.dialog.value.close(); this.form.value.reset() }}> Cancel </button>
+        </form>
+      </dialog>
+    `
+  }
+
+  async submit(e: SubmitEvent) {
+    console.log(this.displayname)
+    e.preventDefault()
+    if (!this.id) {
+      alert("Empty id")
+      return
+    }
+    if (!this.displayname) {
+      alert("Empty displayname")
+      return
+    }
+    // TODO: Escape user input: There's not really a security risk here but would be nicer
+    await this.client.createDirectory(`/principal/${this.user}/${this.id}`, {
+      data: `
+      <mkcol xmlns="DAV:" xmlns:CARD="urn:ietf:params:xml:ns:carddav">
+        <set>
+          <prop>
+            <displayname>${this.displayname}</displayname>
+            ${this.description ? `<CARD:addressbook-description>${this.description}</CARD:addressbook-description>` : ''}
+          </prop>
+        </set>
+      </mkcol>
+      `
+    })
+    window.location.reload()
+    return null
+  }
+}
+
+declare global {
+  interface HTMLElementTagNameMap {
+    'create-addressbook-form': CreateAddressbookForm
+  }
+}

crates/frontend/js-components/lib/create-calendar-form.ts

@@ -0,0 +1,124 @@
+import { html, LitElement } from "lit";
+import { customElement, property } from "lit/decorators.js";
+import { Ref, createRef, ref } from 'lit/directives/ref.js';
+import { createClient } from "webdav";
+
+@customElement("create-calendar-form")
+export class CreateCalendarForm extends LitElement {
+  constructor() {
+    super()
+
+  }
+
+  protected override createRenderRoot() {
+    return this
+  }
+
+  client = createClient("/caldav")
+
+  @property()
+  user: String = ''
+  @property()
+  id: String = ''
+  @property()
+  displayname: String = ''
+  @property()
+  description: String = ''
+  @property()
+  color: String = ''
+  @property()
+  subscriptionUrl: String = ''
+  @property()
+  components: Set<"VEVENT" | "VTODO" | "VJOURNAL"> = new Set()
+
+  dialog: Ref<HTMLDialogElement> = createRef()
+  form: Ref<HTMLFormElement> = createRef()
+
+
+  override render() {
+    return html`
+      <button @click=${() => this.dialog.value.showModal()}>Create calendar</button>
+      <dialog ${ref(this.dialog)}>
+        <h3>Create calendar</h3>
+        <form @submit=${this.submit} ${ref(this.form)}>
+          <label>
+            id
+            <input type="text" name="id" @change=${e => this.id = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Displayname
+            <input type="text" name="displayname" value=${this.displayname} @change=${e => this.displayname = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Description
+            <input type="text" name="description" @change=${e => this.description = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Color
+            <input type="color" name="color"  @change=${e => this.color = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Subscription URL
+            <input type="text" name="subscription_url" @change=${e => this.subscriptionUrl = e.target.value}  />
+          </label>
+          <br>
+          ${["VEVENT", "VTODO", "VJOURNAL"].map(comp => html`
+            <label>
+              Support ${comp}
+              <input type="checkbox" value=${comp} @change=${e => e.target.checked ? this.components.add(e.target.value) : this.components.delete(e.target.value)} />
+            </label>
+          `)}
+          <br>
+          <button type="submit">Create</button>
+          <button type="submit" @click=${event => { event.preventDefault(); this.dialog.value.close(); this.form.value.reset() }}> Cancel </button>
+      </form>
+      </dialog>
+        `
+  }
+
+  async submit(e: SubmitEvent) {
+    console.log(this.displayname)
+    e.preventDefault()
+    if (!this.id) {
+      alert("Empty id")
+      return
+    }
+    if (!this.displayname) {
+      alert("Empty displayname")
+      return
+    }
+    if (!this.components.size) {
+      alert("No calendar components selected")
+      return
+    }
+    await this.client.createDirectory(`/principal/${this.user}/${this.id}`, {
+      data: `
+      <mkcol xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CS="http://calendarserver.org/ns/" xmlns:ICAL="http://apple.com/ns/ical/">
+        <set>
+          <prop>
+            <displayname>${this.displayname}</displayname>
+            ${this.description ? `<CAL:calendar-description>${this.description}</CAL:calendar-description>` : ''}
+            ${this.color ? `<ICAL:calendar-color>${this.color}</ICAL:calendar-color>` : ''}
+            ${this.subscriptionUrl ? `<CS:source>${this.subscriptionUrl}</CS:source>` : ''}
+            <CAL:supported-calendar-component-set>
+              ${Array.from(this.components.keys()).map(comp => `<CAL:comp name="${comp}" />`).join('\n')}
+            </CAL:supported-calendar-component-set>
+          </prop>
+        </set>
+      </mkcol>
+      `
+    })
+    window.location.reload()
+    return null
+  }
+}
+
+declare global {
+  interface HTMLElementTagNameMap {
+    'create-calendar-form': CreateCalendarForm
+  }
+}

crates/frontend/js-components/lib/vite-env.d.ts

@@ -0,0 +1 @@
+/// <reference types="vite/client" />

crates/frontend/js-components/tsconfig.json

@@ -0,0 +1,15 @@
+{
+  "module": "nodenext",
+  "compilerOptions": {
+    "target": "es2024",
+    "experimentalDecorators": true,
+    "useDefineForClassFields": false,
+    "lib": [
+      "dom",
+      "es2024"
+    ]
+  },
+  "include": [
+    "lib/**/*.ts"
+  ]
+}

crates/frontend/js-components/vite.config.ts

@@ -0,0 +1,29 @@
+import { defineConfig } from 'vite'
+
+export default defineConfig({
+  optimizeDeps: {
+    // include: ["lit"]
+  },
+  build: {
+    copyPublicDir: false,
+    lib: {
+      entry: 'lib/index.ts',
+      formats: ['es'],
+    },
+
+    rollupOptions: {
+      input: [
+        "lib/create-calendar-form.ts",
+        "lib/create-addressbook-form.ts",
+      ],
+      output: {
+        dir: "../public/assets/js/",
+        format: "es",
+        manualChunks: {
+          lit: ["lit"],
+          webdav: ["webdav"],
+        }
+      }
+    },
+  },
+})

crates/frontend/public/assets/js/create-addressbook-form.mjs

@@ -0,0 +1,85 @@
+import { i as c, x as u } from "./lit-CWlWuEHk.mjs";
+import { e as d, n as m, a as o, t as h } from "./ref-DuYNkSJ_.mjs";
+import { a as b } from "./webdav-Bz4I5vNH.mjs";
+var y = Object.defineProperty, f = Object.getOwnPropertyDescriptor, a = (t, s, l, r) => {
+  for (var e = r > 1 ? void 0 : r ? f(s, l) : s, n = t.length - 1, p; n >= 0; n--)
+    (p = t[n]) && (e = (r ? p(s, l, e) : p(e)) || e);
+  return r && e && y(s, l, e), e;
+};
+let i = class extends c {
+  constructor() {
+    super(), this.client = b("/carddav"), this.user = "", this.id = "", this.displayname = "", this.description = "", this.dialog = d(), this.form = d();
+  }
+  createRenderRoot() {
+    return this;
+  }
+  render() {
+    return u`
+      <button @click=${() => this.dialog.value.showModal()}>Create addressbook</button>
+      <dialog ${m(this.dialog)}>
+        <h3>Create addressbook</h3>
+        <form @submit=${this.submit} ${m(this.form)}>
+          <label>
+            id
+            <input type="text" name="id" @change=${(t) => this.id = t.target.value} />
+          </label>
+          <br>
+          <label>
+            Displayname
+            <input type="text" name="displayname" value=${this.displayname} @change=${(t) => this.displayname = t.target.value} />
+          </label>
+          <br>
+          <label>
+            Description
+            <input type="text" name="description" @change=${(t) => this.description = t.target.value} />
+          </label>
+          <br>
+          <button type="submit">Create</button>
+          <button type="submit" @click=${(t) => {
+      t.preventDefault(), this.dialog.value.close(), this.form.value.reset();
+    }}> Cancel </button>
+        </form>
+      </dialog>
+    `;
+  }
+  async submit(t) {
+    if (console.log(this.displayname), t.preventDefault(), !this.id) {
+      alert("Empty id");
+      return;
+    }
+    if (!this.displayname) {
+      alert("Empty displayname");
+      return;
+    }
+    return await this.client.createDirectory(`/principal/${this.user}/${this.id}`, {
+      data: `
+      <mkcol xmlns="DAV:" xmlns:CARD="urn:ietf:params:xml:ns:carddav">
+        <set>
+          <prop>
+            <displayname>${this.displayname}</displayname>
+            ${this.description ? `<CARD:addressbook-description>${this.description}</CARD:addressbook-description>` : ""}
+          </prop>
+        </set>
+      </mkcol>
+      `
+    }), window.location.reload(), null;
+  }
+};
+a([
+  o()
+], i.prototype, "user", 2);
+a([
+  o()
+], i.prototype, "id", 2);
+a([
+  o()
+], i.prototype, "displayname", 2);
+a([
+  o()
+], i.prototype, "description", 2);
+i = a([
+  h("create-addressbook-form")
+], i);
+export {
+  i as CreateAddressbookForm
+};

crates/frontend/public/assets/js/create-calendar-form.mjs

@@ -0,0 +1,121 @@
+import { i as u, x as c } from "./lit-CWlWuEHk.mjs";
+import { e as d, n as m, a as o, t as h } from "./ref-DuYNkSJ_.mjs";
+import { a as b } from "./webdav-Bz4I5vNH.mjs";
+var y = Object.defineProperty, $ = Object.getOwnPropertyDescriptor, a = (t, e, l, s) => {
+  for (var i = s > 1 ? void 0 : s ? $(e, l) : e, n = t.length - 1, p; n >= 0; n--)
+    (p = t[n]) && (i = (s ? p(e, l, i) : p(i)) || i);
+  return s && i && y(e, l, i), i;
+};
+let r = class extends u {
+  constructor() {
+    super(), this.client = b("/caldav"), this.user = "", this.id = "", this.displayname = "", this.description = "", this.color = "", this.subscriptionUrl = "", this.components = /* @__PURE__ */ new Set(), this.dialog = d(), this.form = d();
+  }
+  createRenderRoot() {
+    return this;
+  }
+  render() {
+    return c`
+      <button @click=${() => this.dialog.value.showModal()}>Create calendar</button>
+      <dialog ${m(this.dialog)}>
+        <h3>Create calendar</h3>
+        <form @submit=${this.submit} ${m(this.form)}>
+          <label>
+            id
+            <input type="text" name="id" @change=${(t) => this.id = t.target.value} />
+          </label>
+          <br>
+          <label>
+            Displayname
+            <input type="text" name="displayname" value=${this.displayname} @change=${(t) => this.displayname = t.target.value} />
+          </label>
+          <br>
+          <label>
+            Description
+            <input type="text" name="description" @change=${(t) => this.description = t.target.value} />
+          </label>
+          <br>
+          <label>
+            Color
+            <input type="color" name="color"  @change=${(t) => this.color = t.target.value} />
+          </label>
+          <br>
+          <label>
+            Subscription URL
+            <input type="text" name="subscription_url" @change=${(t) => this.subscriptionUrl = t.target.value}  />
+          </label>
+          <br>
+          ${["VEVENT", "VTODO", "VJOURNAL"].map((t) => c`
+            <label>
+              Support ${t}
+              <input type="checkbox" value=${t} @change=${(e) => e.target.checked ? this.components.add(e.target.value) : this.components.delete(e.target.value)} />
+            </label>
+          `)}
+          <br>
+          <button type="submit">Create</button>
+          <button type="submit" @click=${(t) => {
+      t.preventDefault(), this.dialog.value.close(), this.form.value.reset();
+    }}> Cancel </button>
+      </form>
+      </dialog>
+        `;
+  }
+  async submit(t) {
+    if (console.log(this.displayname), t.preventDefault(), !this.id) {
+      alert("Empty id");
+      return;
+    }
+    if (!this.displayname) {
+      alert("Empty displayname");
+      return;
+    }
+    if (!this.components.size) {
+      alert("No calendar components selected");
+      return;
+    }
+    return await this.client.createDirectory(`/principal/${this.user}/${this.id}`, {
+      data: `
+      <mkcol xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CS="http://calendarserver.org/ns/" xmlns:ICAL="http://apple.com/ns/ical/">
+        <set>
+          <prop>
+            <displayname>${this.displayname}</displayname>
+            ${this.description ? `<CAL:calendar-description>${this.description}</CAL:calendar-description>` : ""}
+            ${this.color ? `<ICAL:calendar-color>${this.color}</ICAL:calendar-color>` : ""}
+            ${this.subscriptionUrl ? `<CS:source>${this.subscriptionUrl}</CS:source>` : ""}
+            <CAL:supported-calendar-component-set>
+              ${Array.from(this.components.keys()).map((e) => `<CAL:comp name="${e}" />`).join(`
+`)}
+            </CAL:supported-calendar-component-set>
+          </prop>
+        </set>
+      </mkcol>
+      `
+    }), window.location.reload(), null;
+  }
+};
+a([
+  o()
+], r.prototype, "user", 2);
+a([
+  o()
+], r.prototype, "id", 2);
+a([
+  o()
+], r.prototype, "displayname", 2);
+a([
+  o()
+], r.prototype, "description", 2);
+a([
+  o()
+], r.prototype, "color", 2);
+a([
+  o()
+], r.prototype, "subscriptionUrl", 2);
+a([
+  o()
+], r.prototype, "components", 2);
+r = a([
+  h("create-calendar-form")
+], r);
+export {
+  r as CreateCalendarForm
+};

crates/frontend/public/assets/js/lit-CWlWuEHk.mjs

@@ -0,0 +1,551 @@
+/**
+ * @license
+ * Copyright 2019 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const M = globalThis, B = M.ShadowRoot && (M.ShadyCSS === void 0 || M.ShadyCSS.nativeShadow) && "adoptedStyleSheets" in Document.prototype && "replace" in CSSStyleSheet.prototype, tt = Symbol(), W = /* @__PURE__ */ new WeakMap();
+let ot = class {
+  constructor(t, e, s) {
+    if (this._$cssResult$ = !0, s !== tt) throw Error("CSSResult is not constructable. Use `unsafeCSS` or `css` instead.");
+    this.cssText = t, this.t = e;
+  }
+  get styleSheet() {
+    let t = this.o;
+    const e = this.t;
+    if (B && t === void 0) {
+      const s = e !== void 0 && e.length === 1;
+      s && (t = W.get(e)), t === void 0 && ((this.o = t = new CSSStyleSheet()).replaceSync(this.cssText), s && W.set(e, t));
+    }
+    return t;
+  }
+  toString() {
+    return this.cssText;
+  }
+};
+const ht = (r) => new ot(typeof r == "string" ? r : r + "", void 0, tt), at = (r, t) => {
+  if (B) r.adoptedStyleSheets = t.map((e) => e instanceof CSSStyleSheet ? e : e.styleSheet);
+  else for (const e of t) {
+    const s = document.createElement("style"), i = M.litNonce;
+    i !== void 0 && s.setAttribute("nonce", i), s.textContent = e.cssText, r.appendChild(s);
+  }
+}, V = B ? (r) => r : (r) => r instanceof CSSStyleSheet ? ((t) => {
+  let e = "";
+  for (const s of t.cssRules) e += s.cssText;
+  return ht(e);
+})(r) : r;
+/**
+ * @license
+ * Copyright 2017 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const { is: lt, defineProperty: ct, getOwnPropertyDescriptor: dt, getOwnPropertyNames: pt, getOwnPropertySymbols: ut, getPrototypeOf: $t } = Object, f = globalThis, q = f.trustedTypes, _t = q ? q.emptyScript : "", k = f.reactiveElementPolyfillSupport, w = (r, t) => r, j = { toAttribute(r, t) {
+  switch (t) {
+    case Boolean:
+      r = r ? _t : null;
+      break;
+    case Object:
+    case Array:
+      r = r == null ? r : JSON.stringify(r);
+  }
+  return r;
+}, fromAttribute(r, t) {
+  let e = r;
+  switch (t) {
+    case Boolean:
+      e = r !== null;
+      break;
+    case Number:
+      e = r === null ? null : Number(r);
+      break;
+    case Object:
+    case Array:
+      try {
+        e = JSON.parse(r);
+      } catch {
+        e = null;
+      }
+  }
+  return e;
+} }, et = (r, t) => !lt(r, t), J = { attribute: !0, type: String, converter: j, reflect: !1, useDefault: !1, hasChanged: et };
+Symbol.metadata ?? (Symbol.metadata = Symbol("metadata")), f.litPropertyMetadata ?? (f.litPropertyMetadata = /* @__PURE__ */ new WeakMap());
+let v = class extends HTMLElement {
+  static addInitializer(t) {
+    this._$Ei(), (this.l ?? (this.l = [])).push(t);
+  }
+  static get observedAttributes() {
+    return this.finalize(), this._$Eh && [...this._$Eh.keys()];
+  }
+  static createProperty(t, e = J) {
+    if (e.state && (e.attribute = !1), this._$Ei(), this.prototype.hasOwnProperty(t) && ((e = Object.create(e)).wrapped = !0), this.elementProperties.set(t, e), !e.noAccessor) {
+      const s = Symbol(), i = this.getPropertyDescriptor(t, s, e);
+      i !== void 0 && ct(this.prototype, t, i);
+    }
+  }
+  static getPropertyDescriptor(t, e, s) {
+    const { get: i, set: n } = dt(this.prototype, t) ?? { get() {
+      return this[e];
+    }, set(o) {
+      this[e] = o;
+    } };
+    return { get: i, set(o) {
+      const a = i == null ? void 0 : i.call(this);
+      n == null || n.call(this, o), this.requestUpdate(t, a, s);
+    }, configurable: !0, enumerable: !0 };
+  }
+  static getPropertyOptions(t) {
+    return this.elementProperties.get(t) ?? J;
+  }
+  static _$Ei() {
+    if (this.hasOwnProperty(w("elementProperties"))) return;
+    const t = $t(this);
+    t.finalize(), t.l !== void 0 && (this.l = [...t.l]), this.elementProperties = new Map(t.elementProperties);
+  }
+  static finalize() {
+    if (this.hasOwnProperty(w("finalized"))) return;
+    if (this.finalized = !0, this._$Ei(), this.hasOwnProperty(w("properties"))) {
+      const e = this.properties, s = [...pt(e), ...ut(e)];
+      for (const i of s) this.createProperty(i, e[i]);
+    }
+    const t = this[Symbol.metadata];
+    if (t !== null) {
+      const e = litPropertyMetadata.get(t);
+      if (e !== void 0) for (const [s, i] of e) this.elementProperties.set(s, i);
+    }
+    this._$Eh = /* @__PURE__ */ new Map();
+    for (const [e, s] of this.elementProperties) {
+      const i = this._$Eu(e, s);
+      i !== void 0 && this._$Eh.set(i, e);
+    }
+    this.elementStyles = this.finalizeStyles(this.styles);
+  }
+  static finalizeStyles(t) {
+    const e = [];
+    if (Array.isArray(t)) {
+      const s = new Set(t.flat(1 / 0).reverse());
+      for (const i of s) e.unshift(V(i));
+    } else t !== void 0 && e.push(V(t));
+    return e;
+  }
+  static _$Eu(t, e) {
+    const s = e.attribute;
+    return s === !1 ? void 0 : typeof s == "string" ? s : typeof t == "string" ? t.toLowerCase() : void 0;
+  }
+  constructor() {
+    super(), this._$Ep = void 0, this.isUpdatePending = !1, this.hasUpdated = !1, this._$Em = null, this._$Ev();
+  }
+  _$Ev() {
+    var t;
+    this._$ES = new Promise((e) => this.enableUpdating = e), this._$AL = /* @__PURE__ */ new Map(), this._$E_(), this.requestUpdate(), (t = this.constructor.l) == null || t.forEach((e) => e(this));
+  }
+  addController(t) {
+    var e;
+    (this._$EO ?? (this._$EO = /* @__PURE__ */ new Set())).add(t), this.renderRoot !== void 0 && this.isConnected && ((e = t.hostConnected) == null || e.call(t));
+  }
+  removeController(t) {
+    var e;
+    (e = this._$EO) == null || e.delete(t);
+  }
+  _$E_() {
+    const t = /* @__PURE__ */ new Map(), e = this.constructor.elementProperties;
+    for (const s of e.keys()) this.hasOwnProperty(s) && (t.set(s, this[s]), delete this[s]);
+    t.size > 0 && (this._$Ep = t);
+  }
+  createRenderRoot() {
+    const t = this.shadowRoot ?? this.attachShadow(this.constructor.shadowRootOptions);
+    return at(t, this.constructor.elementStyles), t;
+  }
+  connectedCallback() {
+    var t;
+    this.renderRoot ?? (this.renderRoot = this.createRenderRoot()), this.enableUpdating(!0), (t = this._$EO) == null || t.forEach((e) => {
+      var s;
+      return (s = e.hostConnected) == null ? void 0 : s.call(e);
+    });
+  }
+  enableUpdating(t) {
+  }
+  disconnectedCallback() {
+    var t;
+    (t = this._$EO) == null || t.forEach((e) => {
+      var s;
+      return (s = e.hostDisconnected) == null ? void 0 : s.call(e);
+    });
+  }
+  attributeChangedCallback(t, e, s) {
+    this._$AK(t, s);
+  }
+  _$ET(t, e) {
+    var n;
+    const s = this.constructor.elementProperties.get(t), i = this.constructor._$Eu(t, s);
+    if (i !== void 0 && s.reflect === !0) {
+      const o = (((n = s.converter) == null ? void 0 : n.toAttribute) !== void 0 ? s.converter : j).toAttribute(e, s.type);
+      this._$Em = t, o == null ? this.removeAttribute(i) : this.setAttribute(i, o), this._$Em = null;
+    }
+  }
+  _$AK(t, e) {
+    var n, o;
+    const s = this.constructor, i = s._$Eh.get(t);
+    if (i !== void 0 && this._$Em !== i) {
+      const a = s.getPropertyOptions(i), h = typeof a.converter == "function" ? { fromAttribute: a.converter } : ((n = a.converter) == null ? void 0 : n.fromAttribute) !== void 0 ? a.converter : j;
+      this._$Em = i, this[i] = h.fromAttribute(e, a.type) ?? ((o = this._$Ej) == null ? void 0 : o.get(i)) ?? null, this._$Em = null;
+    }
+  }
+  requestUpdate(t, e, s) {
+    var i;
+    if (t !== void 0) {
+      const n = this.constructor, o = this[t];
+      if (s ?? (s = n.getPropertyOptions(t)), !((s.hasChanged ?? et)(o, e) || s.useDefault && s.reflect && o === ((i = this._$Ej) == null ? void 0 : i.get(t)) && !this.hasAttribute(n._$Eu(t, s)))) return;
+      this.C(t, e, s);
+    }
+    this.isUpdatePending === !1 && (this._$ES = this._$EP());
+  }
+  C(t, e, { useDefault: s, reflect: i, wrapped: n }, o) {
+    s && !(this._$Ej ?? (this._$Ej = /* @__PURE__ */ new Map())).has(t) && (this._$Ej.set(t, o ?? e ?? this[t]), n !== !0 || o !== void 0) || (this._$AL.has(t) || (this.hasUpdated || s || (e = void 0), this._$AL.set(t, e)), i === !0 && this._$Em !== t && (this._$Eq ?? (this._$Eq = /* @__PURE__ */ new Set())).add(t));
+  }
+  async _$EP() {
+    this.isUpdatePending = !0;
+    try {
+      await this._$ES;
+    } catch (e) {
+      Promise.reject(e);
+    }
+    const t = this.scheduleUpdate();
+    return t != null && await t, !this.isUpdatePending;
+  }
+  scheduleUpdate() {
+    return this.performUpdate();
+  }
+  performUpdate() {
+    var s;
+    if (!this.isUpdatePending) return;
+    if (!this.hasUpdated) {
+      if (this.renderRoot ?? (this.renderRoot = this.createRenderRoot()), this._$Ep) {
+        for (const [n, o] of this._$Ep) this[n] = o;
+        this._$Ep = void 0;
+      }
+      const i = this.constructor.elementProperties;
+      if (i.size > 0) for (const [n, o] of i) {
+        const { wrapped: a } = o, h = this[n];
+        a !== !0 || this._$AL.has(n) || h === void 0 || this.C(n, void 0, o, h);
+      }
+    }
+    let t = !1;
+    const e = this._$AL;
+    try {
+      t = this.shouldUpdate(e), t ? (this.willUpdate(e), (s = this._$EO) == null || s.forEach((i) => {
+        var n;
+        return (n = i.hostUpdate) == null ? void 0 : n.call(i);
+      }), this.update(e)) : this._$EM();
+    } catch (i) {
+      throw t = !1, this._$EM(), i;
+    }
+    t && this._$AE(e);
+  }
+  willUpdate(t) {
+  }
+  _$AE(t) {
+    var e;
+    (e = this._$EO) == null || e.forEach((s) => {
+      var i;
+      return (i = s.hostUpdated) == null ? void 0 : i.call(s);
+    }), this.hasUpdated || (this.hasUpdated = !0, this.firstUpdated(t)), this.updated(t);
+  }
+  _$EM() {
+    this._$AL = /* @__PURE__ */ new Map(), this.isUpdatePending = !1;
+  }
+  get updateComplete() {
+    return this.getUpdateComplete();
+  }
+  getUpdateComplete() {
+    return this._$ES;
+  }
+  shouldUpdate(t) {
+    return !0;
+  }
+  update(t) {
+    this._$Eq && (this._$Eq = this._$Eq.forEach((e) => this._$ET(e, this[e]))), this._$EM();
+  }
+  updated(t) {
+  }
+  firstUpdated(t) {
+  }
+};
+v.elementStyles = [], v.shadowRootOptions = { mode: "open" }, v[w("elementProperties")] = /* @__PURE__ */ new Map(), v[w("finalized")] = /* @__PURE__ */ new Map(), k == null || k({ ReactiveElement: v }), (f.reactiveElementVersions ?? (f.reactiveElementVersions = [])).push("2.1.0");
+/**
+ * @license
+ * Copyright 2017 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const C = globalThis, N = C.trustedTypes, K = N ? N.createPolicy("lit-html", { createHTML: (r) => r }) : void 0, st = "$lit$", _ = `lit$${Math.random().toFixed(9).slice(2)}$`, it = "?" + _, ft = `<${it}>`, g = document, P = () => g.createComment(""), x = (r) => r === null || typeof r != "object" && typeof r != "function", I = Array.isArray, At = (r) => I(r) || typeof (r == null ? void 0 : r[Symbol.iterator]) == "function", D = `[ 	
+\f\r]`, b = /<(?:(!--|\/[^a-zA-Z])|(\/?[a-zA-Z][^>\s]*)|(\/?$))/g, Z = /-->/g, F = />/g, A = RegExp(`>|${D}(?:([^\\s"'>=/]+)(${D}*=${D}*(?:[^ 	
+\f\r"'\`<>=]|("|')|))|$)`, "g"), G = /'/g, Q = /"/g, rt = /^(?:script|style|textarea|title)$/i, mt = (r) => (t, ...e) => ({ _$litType$: r, strings: t, values: e }), xt = mt(1), E = Symbol.for("lit-noChange"), d = Symbol.for("lit-nothing"), X = /* @__PURE__ */ new WeakMap(), m = g.createTreeWalker(g, 129);
+function nt(r, t) {
+  if (!I(r) || !r.hasOwnProperty("raw")) throw Error("invalid template strings array");
+  return K !== void 0 ? K.createHTML(t) : t;
+}
+const yt = (r, t) => {
+  const e = r.length - 1, s = [];
+  let i, n = t === 2 ? "<svg>" : t === 3 ? "<math>" : "", o = b;
+  for (let a = 0; a < e; a++) {
+    const h = r[a];
+    let c, p, l = -1, u = 0;
+    for (; u < h.length && (o.lastIndex = u, p = o.exec(h), p !== null); ) u = o.lastIndex, o === b ? p[1] === "!--" ? o = Z : p[1] !== void 0 ? o = F : p[2] !== void 0 ? (rt.test(p[2]) && (i = RegExp("</" + p[2], "g")), o = A) : p[3] !== void 0 && (o = A) : o === A ? p[0] === ">" ? (o = i ?? b, l = -1) : p[1] === void 0 ? l = -2 : (l = o.lastIndex - p[2].length, c = p[1], o = p[3] === void 0 ? A : p[3] === '"' ? Q : G) : o === Q || o === G ? o = A : o === Z || o === F ? o = b : (o = A, i = void 0);
+    const $ = o === A && r[a + 1].startsWith("/>") ? " " : "";
+    n += o === b ? h + ft : l >= 0 ? (s.push(c), h.slice(0, l) + st + h.slice(l) + _ + $) : h + _ + (l === -2 ? a : $);
+  }
+  return [nt(r, n + (r[e] || "<?>") + (t === 2 ? "</svg>" : t === 3 ? "</math>" : "")), s];
+};
+class U {
+  constructor({ strings: t, _$litType$: e }, s) {
+    let i;
+    this.parts = [];
+    let n = 0, o = 0;
+    const a = t.length - 1, h = this.parts, [c, p] = yt(t, e);
+    if (this.el = U.createElement(c, s), m.currentNode = this.el.content, e === 2 || e === 3) {
+      const l = this.el.content.firstChild;
+      l.replaceWith(...l.childNodes);
+    }
+    for (; (i = m.nextNode()) !== null && h.length < a; ) {
+      if (i.nodeType === 1) {
+        if (i.hasAttributes()) for (const l of i.getAttributeNames()) if (l.endsWith(st)) {
+          const u = p[o++], $ = i.getAttribute(l).split(_), H = /([.?@])?(.*)/.exec(u);
+          h.push({ type: 1, index: n, name: H[2], strings: $, ctor: H[1] === "." ? vt : H[1] === "?" ? Et : H[1] === "@" ? St : R }), i.removeAttribute(l);
+        } else l.startsWith(_) && (h.push({ type: 6, index: n }), i.removeAttribute(l));
+        if (rt.test(i.tagName)) {
+          const l = i.textContent.split(_), u = l.length - 1;
+          if (u > 0) {
+            i.textContent = N ? N.emptyScript : "";
+            for (let $ = 0; $ < u; $++) i.append(l[$], P()), m.nextNode(), h.push({ type: 2, index: ++n });
+            i.append(l[u], P());
+          }
+        }
+      } else if (i.nodeType === 8) if (i.data === it) h.push({ type: 2, index: n });
+      else {
+        let l = -1;
+        for (; (l = i.data.indexOf(_, l + 1)) !== -1; ) h.push({ type: 7, index: n }), l += _.length - 1;
+      }
+      n++;
+    }
+  }
+  static createElement(t, e) {
+    const s = g.createElement("template");
+    return s.innerHTML = t, s;
+  }
+}
+function S(r, t, e = r, s) {
+  var o, a;
+  if (t === E) return t;
+  let i = s !== void 0 ? (o = e._$Co) == null ? void 0 : o[s] : e._$Cl;
+  const n = x(t) ? void 0 : t._$litDirective$;
+  return (i == null ? void 0 : i.constructor) !== n && ((a = i == null ? void 0 : i._$AO) == null || a.call(i, !1), n === void 0 ? i = void 0 : (i = new n(r), i._$AT(r, e, s)), s !== void 0 ? (e._$Co ?? (e._$Co = []))[s] = i : e._$Cl = i), i !== void 0 && (t = S(r, i._$AS(r, t.values), i, s)), t;
+}
+class gt {
+  constructor(t, e) {
+    this._$AV = [], this._$AN = void 0, this._$AD = t, this._$AM = e;
+  }
+  get parentNode() {
+    return this._$AM.parentNode;
+  }
+  get _$AU() {
+    return this._$AM._$AU;
+  }
+  u(t) {
+    const { el: { content: e }, parts: s } = this._$AD, i = ((t == null ? void 0 : t.creationScope) ?? g).importNode(e, !0);
+    m.currentNode = i;
+    let n = m.nextNode(), o = 0, a = 0, h = s[0];
+    for (; h !== void 0; ) {
+      if (o === h.index) {
+        let c;
+        h.type === 2 ? c = new O(n, n.nextSibling, this, t) : h.type === 1 ? c = new h.ctor(n, h.name, h.strings, this, t) : h.type === 6 && (c = new bt(n, this, t)), this._$AV.push(c), h = s[++a];
+      }
+      o !== (h == null ? void 0 : h.index) && (n = m.nextNode(), o++);
+    }
+    return m.currentNode = g, i;
+  }
+  p(t) {
+    let e = 0;
+    for (const s of this._$AV) s !== void 0 && (s.strings !== void 0 ? (s._$AI(t, s, e), e += s.strings.length - 2) : s._$AI(t[e])), e++;
+  }
+}
+class O {
+  get _$AU() {
+    var t;
+    return ((t = this._$AM) == null ? void 0 : t._$AU) ?? this._$Cv;
+  }
+  constructor(t, e, s, i) {
+    this.type = 2, this._$AH = d, this._$AN = void 0, this._$AA = t, this._$AB = e, this._$AM = s, this.options = i, this._$Cv = (i == null ? void 0 : i.isConnected) ?? !0;
+  }
+  get parentNode() {
+    let t = this._$AA.parentNode;
+    const e = this._$AM;
+    return e !== void 0 && (t == null ? void 0 : t.nodeType) === 11 && (t = e.parentNode), t;
+  }
+  get startNode() {
+    return this._$AA;
+  }
+  get endNode() {
+    return this._$AB;
+  }
+  _$AI(t, e = this) {
+    t = S(this, t, e), x(t) ? t === d || t == null || t === "" ? (this._$AH !== d && this._$AR(), this._$AH = d) : t !== this._$AH && t !== E && this._(t) : t._$litType$ !== void 0 ? this.$(t) : t.nodeType !== void 0 ? this.T(t) : At(t) ? this.k(t) : this._(t);
+  }
+  O(t) {
+    return this._$AA.parentNode.insertBefore(t, this._$AB);
+  }
+  T(t) {
+    this._$AH !== t && (this._$AR(), this._$AH = this.O(t));
+  }
+  _(t) {
+    this._$AH !== d && x(this._$AH) ? this._$AA.nextSibling.data = t : this.T(g.createTextNode(t)), this._$AH = t;
+  }
+  $(t) {
+    var n;
+    const { values: e, _$litType$: s } = t, i = typeof s == "number" ? this._$AC(t) : (s.el === void 0 && (s.el = U.createElement(nt(s.h, s.h[0]), this.options)), s);
+    if (((n = this._$AH) == null ? void 0 : n._$AD) === i) this._$AH.p(e);
+    else {
+      const o = new gt(i, this), a = o.u(this.options);
+      o.p(e), this.T(a), this._$AH = o;
+    }
+  }
+  _$AC(t) {
+    let e = X.get(t.strings);
+    return e === void 0 && X.set(t.strings, e = new U(t)), e;
+  }
+  k(t) {
+    I(this._$AH) || (this._$AH = [], this._$AR());
+    const e = this._$AH;
+    let s, i = 0;
+    for (const n of t) i === e.length ? e.push(s = new O(this.O(P()), this.O(P()), this, this.options)) : s = e[i], s._$AI(n), i++;
+    i < e.length && (this._$AR(s && s._$AB.nextSibling, i), e.length = i);
+  }
+  _$AR(t = this._$AA.nextSibling, e) {
+    var s;
+    for ((s = this._$AP) == null ? void 0 : s.call(this, !1, !0, e); t && t !== this._$AB; ) {
+      const i = t.nextSibling;
+      t.remove(), t = i;
+    }
+  }
+  setConnected(t) {
+    var e;
+    this._$AM === void 0 && (this._$Cv = t, (e = this._$AP) == null || e.call(this, t));
+  }
+}
+class R {
+  get tagName() {
+    return this.element.tagName;
+  }
+  get _$AU() {
+    return this._$AM._$AU;
+  }
+  constructor(t, e, s, i, n) {
+    this.type = 1, this._$AH = d, this._$AN = void 0, this.element = t, this.name = e, this._$AM = i, this.options = n, s.length > 2 || s[0] !== "" || s[1] !== "" ? (this._$AH = Array(s.length - 1).fill(new String()), this.strings = s) : this._$AH = d;
+  }
+  _$AI(t, e = this, s, i) {
+    const n = this.strings;
+    let o = !1;
+    if (n === void 0) t = S(this, t, e, 0), o = !x(t) || t !== this._$AH && t !== E, o && (this._$AH = t);
+    else {
+      const a = t;
+      let h, c;
+      for (t = n[0], h = 0; h < n.length - 1; h++) c = S(this, a[s + h], e, h), c === E && (c = this._$AH[h]), o || (o = !x(c) || c !== this._$AH[h]), c === d ? t = d : t !== d && (t += (c ?? "") + n[h + 1]), this._$AH[h] = c;
+    }
+    o && !i && this.j(t);
+  }
+  j(t) {
+    t === d ? this.element.removeAttribute(this.name) : this.element.setAttribute(this.name, t ?? "");
+  }
+}
+class vt extends R {
+  constructor() {
+    super(...arguments), this.type = 3;
+  }
+  j(t) {
+    this.element[this.name] = t === d ? void 0 : t;
+  }
+}
+class Et extends R {
+  constructor() {
+    super(...arguments), this.type = 4;
+  }
+  j(t) {
+    this.element.toggleAttribute(this.name, !!t && t !== d);
+  }
+}
+class St extends R {
+  constructor(t, e, s, i, n) {
+    super(t, e, s, i, n), this.type = 5;
+  }
+  _$AI(t, e = this) {
+    if ((t = S(this, t, e, 0) ?? d) === E) return;
+    const s = this._$AH, i = t === d && s !== d || t.capture !== s.capture || t.once !== s.once || t.passive !== s.passive, n = t !== d && (s === d || i);
+    i && this.element.removeEventListener(this.name, this, s), n && this.element.addEventListener(this.name, this, t), this._$AH = t;
+  }
+  handleEvent(t) {
+    var e;
+    typeof this._$AH == "function" ? this._$AH.call(((e = this.options) == null ? void 0 : e.host) ?? this.element, t) : this._$AH.handleEvent(t);
+  }
+}
+class bt {
+  constructor(t, e, s) {
+    this.element = t, this.type = 6, this._$AN = void 0, this._$AM = e, this.options = s;
+  }
+  get _$AU() {
+    return this._$AM._$AU;
+  }
+  _$AI(t) {
+    S(this, t);
+  }
+}
+const L = C.litHtmlPolyfillSupport;
+L == null || L(U, O), (C.litHtmlVersions ?? (C.litHtmlVersions = [])).push("3.3.0");
+const wt = (r, t, e) => {
+  const s = (e == null ? void 0 : e.renderBefore) ?? t;
+  let i = s._$litPart$;
+  if (i === void 0) {
+    const n = (e == null ? void 0 : e.renderBefore) ?? null;
+    s._$litPart$ = i = new O(t.insertBefore(P(), n), n, void 0, e ?? {});
+  }
+  return i._$AI(r), i;
+};
+/**
+ * @license
+ * Copyright 2017 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const y = globalThis;
+class T extends v {
+  constructor() {
+    super(...arguments), this.renderOptions = { host: this }, this._$Do = void 0;
+  }
+  createRenderRoot() {
+    var e;
+    const t = super.createRenderRoot();
+    return (e = this.renderOptions).renderBefore ?? (e.renderBefore = t.firstChild), t;
+  }
+  update(t) {
+    const e = this.render();
+    this.hasUpdated || (this.renderOptions.isConnected = this.isConnected), super.update(t), this._$Do = wt(e, this.renderRoot, this.renderOptions);
+  }
+  connectedCallback() {
+    var t;
+    super.connectedCallback(), (t = this._$Do) == null || t.setConnected(!0);
+  }
+  disconnectedCallback() {
+    var t;
+    super.disconnectedCallback(), (t = this._$Do) == null || t.setConnected(!1);
+  }
+  render() {
+    return E;
+  }
+}
+var Y;
+T._$litElement$ = !0, T.finalized = !0, (Y = y.litElementHydrateSupport) == null || Y.call(y, { LitElement: T });
+const z = y.litElementPolyfillSupport;
+z == null || z({ LitElement: T });
+(y.litElementVersions ?? (y.litElementVersions = [])).push("4.2.0");
+export {
+  d as E,
+  et as f,
+  T as i,
+  j as u,
+  xt as x
+};

crates/frontend/public/assets/js/ref-DuYNkSJ_.mjs

@@ -0,0 +1,172 @@
+import { f, u as _, E as $ } from "./lit-CWlWuEHk.mjs";
+/**
+ * @license
+ * Copyright 2017 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const T = (t) => (e, s) => {
+  s !== void 0 ? s.addInitializer(() => {
+    customElements.define(t, e);
+  }) : customElements.define(t, e);
+};
+/**
+ * @license
+ * Copyright 2017 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const A = { attribute: !0, type: String, converter: _, reflect: !1, hasChanged: f }, p = (t = A, e, s) => {
+  const { kind: i, metadata: n } = s;
+  let r = globalThis.litPropertyMetadata.get(n);
+  if (r === void 0 && globalThis.litPropertyMetadata.set(n, r = /* @__PURE__ */ new Map()), i === "setter" && ((t = Object.create(t)).wrapped = !0), r.set(s.name, t), i === "accessor") {
+    const { name: o } = s;
+    return { set(h) {
+      const l = e.get.call(this);
+      e.set.call(this, h), this.requestUpdate(o, l, t);
+    }, init(h) {
+      return h !== void 0 && this.C(o, void 0, t, h), h;
+    } };
+  }
+  if (i === "setter") {
+    const { name: o } = s;
+    return function(h) {
+      const l = this[o];
+      e.call(this, h), this.requestUpdate(o, l, t);
+    };
+  }
+  throw Error("Unsupported decorator location: " + i);
+};
+function O(t) {
+  return (e, s) => typeof s == "object" ? p(t, e, s) : ((i, n, r) => {
+    const o = n.hasOwnProperty(r);
+    return n.constructor.createProperty(r, i), o ? Object.getOwnPropertyDescriptor(n, r) : void 0;
+  })(t, e, s);
+}
+/**
+ * @license
+ * Copyright 2020 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const v = (t) => t.strings === void 0;
+/**
+ * @license
+ * Copyright 2017 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const g = { CHILD: 2 }, C = (t) => (...e) => ({ _$litDirective$: t, values: e });
+class m {
+  constructor(e) {
+  }
+  get _$AU() {
+    return this._$AM._$AU;
+  }
+  _$AT(e, s, i) {
+    this._$Ct = e, this._$AM = s, this._$Ci = i;
+  }
+  _$AS(e, s) {
+    return this.update(e, s);
+  }
+  update(e, s) {
+    return this.render(...s);
+  }
+}
+/**
+ * @license
+ * Copyright 2017 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const c = (t, e) => {
+  var i;
+  const s = t._$AN;
+  if (s === void 0) return !1;
+  for (const n of s) (i = n._$AO) == null || i.call(n, e, !1), c(n, e);
+  return !0;
+}, a = (t) => {
+  let e, s;
+  do {
+    if ((e = t._$AM) === void 0) break;
+    s = e._$AN, s.delete(t), t = e;
+  } while ((s == null ? void 0 : s.size) === 0);
+}, u = (t) => {
+  for (let e; e = t._$AM; t = e) {
+    let s = e._$AN;
+    if (s === void 0) e._$AN = s = /* @__PURE__ */ new Set();
+    else if (s.has(t)) break;
+    s.add(t), M(e);
+  }
+};
+function y(t) {
+  this._$AN !== void 0 ? (a(this), this._$AM = t, u(this)) : this._$AM = t;
+}
+function G(t, e = !1, s = 0) {
+  const i = this._$AH, n = this._$AN;
+  if (n !== void 0 && n.size !== 0) if (e) if (Array.isArray(i)) for (let r = s; r < i.length; r++) c(i[r], !1), a(i[r]);
+  else i != null && (c(i, !1), a(i));
+  else c(this, t);
+}
+const M = (t) => {
+  t.type == g.CHILD && (t._$AP ?? (t._$AP = G), t._$AQ ?? (t._$AQ = y));
+};
+class b extends m {
+  constructor() {
+    super(...arguments), this._$AN = void 0;
+  }
+  _$AT(e, s, i) {
+    super._$AT(e, s, i), u(this), this.isConnected = e._$AU;
+  }
+  _$AO(e, s = !0) {
+    var i, n;
+    e !== this.isConnected && (this.isConnected = e, e ? (i = this.reconnected) == null || i.call(this) : (n = this.disconnected) == null || n.call(this)), s && (c(this, e), a(this));
+  }
+  setValue(e) {
+    if (v(this._$Ct)) this._$Ct._$AI(e, this);
+    else {
+      const s = [...this._$Ct._$AH];
+      s[this._$Ci] = e, this._$Ct._$AI(s, this, 0);
+    }
+  }
+  disconnected() {
+  }
+  reconnected() {
+  }
+}
+/**
+ * @license
+ * Copyright 2020 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const P = () => new w();
+class w {
+}
+const d = /* @__PURE__ */ new WeakMap(), U = C(class extends b {
+  render(t) {
+    return $;
+  }
+  update(t, [e]) {
+    var i;
+    const s = e !== this.G;
+    return s && this.G !== void 0 && this.rt(void 0), (s || this.lt !== this.ct) && (this.G = e, this.ht = (i = t.options) == null ? void 0 : i.host, this.rt(this.ct = t.element)), $;
+  }
+  rt(t) {
+    if (this.isConnected || (t = void 0), typeof this.G == "function") {
+      const e = this.ht ?? globalThis;
+      let s = d.get(e);
+      s === void 0 && (s = /* @__PURE__ */ new WeakMap(), d.set(e, s)), s.get(this.G) !== void 0 && this.G.call(this.ht, void 0), s.set(this.G, t), t !== void 0 && this.G.call(this.ht, t);
+    } else this.G.value = t;
+  }
+  get lt() {
+    var t, e;
+    return typeof this.G == "function" ? (t = d.get(this.ht ?? globalThis)) == null ? void 0 : t.get(this.G) : (e = this.G) == null ? void 0 : e.value;
+  }
+  disconnected() {
+    this.lt === this.ct && this.rt(void 0);
+  }
+  reconnected() {
+    this.rt(this.ct);
+  }
+});
+export {
+  O as a,
+  P as e,
+  U as n,
+  T as t
+};

crates/frontend/public/assets/licenses.html

@@ -44,13 +44,14 @@
     
         <h2>Overview of licenses:</h2>
         <ul class="licenses-overview">
-            <li><a href="#Apache-2.0">Apache License 2.0</a> (273)</li>
+            <li><a href="#Apache-2.0">Apache License 2.0</a> (278)</li>
-            <li><a href="#MIT">MIT License</a> (80)</li>
+            <li><a href="#MIT">MIT License</a> (83)</li>
             <li><a href="#Unicode-3.0">Unicode License v3</a> (19)</li>
             <li><a href="#AGPL-3.0">GNU Affero General Public License v3.0</a> (12)</li>
             <li><a href="#BSD-3-Clause">BSD 3-Clause &quot;New&quot; or &quot;Revised&quot; License</a> (5)</li>
             <li><a href="#ISC">ISC License</a> (3)</li>
             <li><a href="#CDLA-Permissive-2.0">Community Data License Agreement Permissive 2.0</a> (1)</li>
+            <li><a href="#MPL-2.0">Mozilla Public License 2.0</a> (1)</li>
             <li><a href="#Zlib">zlib License</a> (1)</li>
         </ul>
 
@@ -60,7 +61,7 @@
                 <h3 id="AGPL-3.0">GNU Affero General Public License v3.0</h3>
                 <h4>Used by:</h4>
                 <ul class="license-used-by">
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical 0.2.2</a></li>
                 </ul>
                 <pre class="license-text">                    GNU AFFERO GENERAL PUBLIC LICENSE
                        Version 3, 19 November 2007
@@ -729,16 +730,16 @@ For more information on this, and how to apply and follow the GNU AGPL, see
                 <h3 id="AGPL-3.0">GNU Affero General Public License v3.0</h3>
                 <h4>Used by:</h4>
                 <ul class="license-used-by">
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_caldav 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_caldav 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_carddav 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_carddav 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_dav 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_dav 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_dav_push 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_dav_push 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_frontend 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_frontend 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_ical 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_ical 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_oidc 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_oidc 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_store 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_store 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_store_sqlite 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_store_sqlite 0.2.2</a></li>
-                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_xml 0.1.0</a></li>
+                    <li><a href=" https://github.com/lennart-k/rustical ">rustical_xml 0.2.2</a></li>
                     <li><a href=" https://crates.io/crates/xml_derive ">xml_derive 0.1.0</a></li>
                 </ul>
                 <pre class="license-text">GNU AFFERO GENERAL PUBLIC LICENSE
@@ -4342,9 +4343,13 @@ Software.
                     <li><a href=" https://github.com/rust-cli/anstyle.git ">anstyle 1.0.10</a></li>
                     <li><a href=" https://github.com/clap-rs/clap ">clap 4.5.39</a></li>
                     <li><a href=" https://github.com/rust-cli/anstyle.git ">colorchoice 1.0.3</a></li>
+                    <li><a href=" https://github.com/sfackler/foreign-types ">foreign-types-shared 0.1.1</a></li>
+                    <li><a href=" https://github.com/sfackler/foreign-types ">foreign-types 0.3.2</a></li>
                     <li><a href=" https://github.com/KokaKiwi/rust-hex ">hex 0.4.3</a></li>
                     <li><a href=" https://github.com/polyfill-rs/is_terminal_polyfill ">is_terminal_polyfill 1.70.1</a></li>
                     <li><a href=" https://github.com/polyfill-rs/once_cell_polyfill ">once_cell_polyfill 1.70.1</a></li>
+                    <li><a href=" https://crates.io/crates/openssl-macros ">openssl-macros 0.1.1</a></li>
+                    <li><a href=" https://github.com/sfackler/rust-openssl ">openssl 0.10.73</a></li>
                     <li><a href=" https://github.com/toml-rs/toml ">serde_spanned 0.6.8</a></li>
                     <li><a href=" https://github.com/toml-rs/toml ">toml 0.8.22</a></li>
                     <li><a href=" https://github.com/toml-rs/toml ">toml_datetime 0.6.9</a></li>
@@ -11662,6 +11667,29 @@ You may obtain a copy of the License at
 
 http://www.apache.org/licenses/LICENSE-2.0
 
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+</pre>
+            </li>
+            <li class="license">
+                <h3 id="Apache-2.0">Apache License 2.0</h3>
+                <h4>Used by:</h4>
+                <ul class="license-used-by">
+                    <li><a href=" https://github.com/sfackler/rust-openssl ">openssl 0.10.73</a></li>
+                </ul>
+                <pre class="license-text">Copyright 2011-2017 Google Inc.
+          2013 Jack Lloyd
+          2013-2014 Steven Fackler
+
+Licensed under the Apache License, Version 2.0 (the &quot;License&quot;);
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an &quot;AS IS&quot; BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -12128,6 +12156,39 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.</pre>
+            </li>
+            <li class="license">
+                <h3 id="MIT">MIT License</h3>
+                <h4>Used by:</h4>
+                <ul class="license-used-by">
+                    <li><a href=" https://github.com/sfackler/rust-openssl ">openssl-sys 0.9.109</a></li>
+                </ul>
+                <pre class="license-text">Copyright (c) 2014 Alex Crichton
+
+Permission is hereby granted, free of charge, to any
+person obtaining a copy of this software and associated
+documentation files (the &quot;Software&quot;), to deal in the
+Software without restriction, including without
+limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software
+is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice
+shall be included in all copies or substantial portions
+of the Software.
+
+THE SOFTWARE IS PROVIDED &quot;AS IS&quot;, WITHOUT WARRANTY OF
+ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
+TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
+SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+</pre>
             </li>
             <li class="license">
                 <h3 id="MIT">MIT License</h3>
@@ -12908,6 +12969,36 @@ furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 
+THE SOFTWARE IS PROVIDED &quot;AS IS&quot;, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+</pre>
+            </li>
+            <li class="license">
+                <h3 id="MIT">MIT License</h3>
+                <h4>Used by:</h4>
+                <ul class="license-used-by">
+                    <li><a href=" https://github.com/Peternator7/strum ">strum 0.27.1</a></li>
+                    <li><a href=" https://github.com/Peternator7/strum ">strum_macros 0.27.1</a></li>
+                </ul>
+                <pre class="license-text">MIT License
+
+Copyright (c) 2019 Peter Glotfelty
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the &quot;Software&quot;), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
 THE SOFTWARE IS PROVIDED &quot;AS IS&quot;, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -13526,6 +13617,387 @@ THE SOFTWARE.
                 <pre class="license-text">This project is dual-licensed under the Unlicense and MIT licenses.
 
 You may use this code under the terms of either license.
+</pre>
+            </li>
+            <li class="license">
+                <h3 id="MPL-2.0">Mozilla Public License 2.0</h3>
+                <h4>Used by:</h4>
+                <ul class="license-used-by">
+                    <li><a href=" https://github.com/mozilla/rust-ece ">ece 2.3.1</a></li>
+                </ul>
+                <pre class="license-text">Mozilla Public License Version 2.0
+&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;&#x3D;
+
+1. Definitions
+--------------
+
+1.1. &quot;Contributor&quot;
+    means each individual or legal entity that creates, contributes to
+    the creation of, or owns Covered Software.
+
+1.2. &quot;Contributor Version&quot;
+    means the combination of the Contributions of others (if any) used
+    by a Contributor and that particular Contributor&#x27;s Contribution.
+
+1.3. &quot;Contribution&quot;
+    means Covered Software of a particular Contributor.
+
+1.4. &quot;Covered Software&quot;
+    means Source Code Form to which the initial Contributor has attached
+    the notice in Exhibit A, the Executable Form of such Source Code
+    Form, and Modifications of such Source Code Form, in each case
+    including portions thereof.
+
+1.5. &quot;Incompatible With Secondary Licenses&quot;
+    means
+
+    (a) that the initial Contributor has attached the notice described
+        in Exhibit B to the Covered Software; or
+
+    (b) that the Covered Software was made available under the terms of
+        version 1.1 or earlier of the License, but not also under the
+        terms of a Secondary License.
+
+1.6. &quot;Executable Form&quot;
+    means any form of the work other than Source Code Form.
+
+1.7. &quot;Larger Work&quot;
+    means a work that combines Covered Software with other material, in
+    a separate file or files, that is not Covered Software.
+
+1.8. &quot;License&quot;
+    means this document.
+
+1.9. &quot;Licensable&quot;
+    means having the right to grant, to the maximum extent possible,
+    whether at the time of the initial grant or subsequently, any and
+    all of the rights conveyed by this License.
+
+1.10. &quot;Modifications&quot;
+    means any of the following:
+
+    (a) any file in Source Code Form that results from an addition to,
+        deletion from, or modification of the contents of Covered
+        Software; or
+
+    (b) any new file in Source Code Form that contains any Covered
+        Software.
+
+1.11. &quot;Patent Claims&quot; of a Contributor
+    means any patent claim(s), including without limitation, method,
+    process, and apparatus claims, in any patent Licensable by such
+    Contributor that would be infringed, but for the grant of the
+    License, by the making, using, selling, offering for sale, having
+    made, import, or transfer of either its Contributions or its
+    Contributor Version.
+
+1.12. &quot;Secondary License&quot;
+    means either the GNU General Public License, Version 2.0, the GNU
+    Lesser General Public License, Version 2.1, the GNU Affero General
+    Public License, Version 3.0, or any later versions of those
+    licenses.
+
+1.13. &quot;Source Code Form&quot;
+    means the form of the work preferred for making modifications.
+
+1.14. &quot;You&quot; (or &quot;Your&quot;)
+    means an individual or a legal entity exercising rights under this
+    License. For legal entities, &quot;You&quot; includes any entity that
+    controls, is controlled by, or is under common control with You. For
+    purposes of this definition, &quot;control&quot; means (a) the power, direct
+    or indirect, to cause the direction or management of such entity,
+    whether by contract or otherwise, or (b) ownership of more than
+    fifty percent (50%) of the outstanding shares or beneficial
+    ownership of such entity.
+
+2. License Grants and Conditions
+--------------------------------
+
+2.1. Grants
+
+Each Contributor hereby grants You a world-wide, royalty-free,
+non-exclusive license:
+
+(a) under intellectual property rights (other than patent or trademark)
+    Licensable by such Contributor to use, reproduce, make available,
+    modify, display, perform, distribute, and otherwise exploit its
+    Contributions, either on an unmodified basis, with Modifications, or
+    as part of a Larger Work; and
+
+(b) under Patent Claims of such Contributor to make, use, sell, offer
+    for sale, have made, import, and otherwise transfer either its
+    Contributions or its Contributor Version.
+
+2.2. Effective Date
+
+The licenses granted in Section 2.1 with respect to any Contribution
+become effective for each Contribution on the date the Contributor first
+distributes such Contribution.
+
+2.3. Limitations on Grant Scope
+
+The licenses granted in this Section 2 are the only rights granted under
+this License. No additional rights or licenses will be implied from the
+distribution or licensing of Covered Software under this License.
+Notwithstanding Section 2.1(b) above, no patent license is granted by a
+Contributor:
+
+(a) for any code that a Contributor has removed from Covered Software;
+    or
+
+(b) for infringements caused by: (i) Your and any other third party&#x27;s
+    modifications of Covered Software, or (ii) the combination of its
+    Contributions with other software (except as part of its Contributor
+    Version); or
+
+(c) under Patent Claims infringed by Covered Software in the absence of
+    its Contributions.
+
+This License does not grant any rights in the trademarks, service marks,
+or logos of any Contributor (except as may be necessary to comply with
+the notice requirements in Section 3.4).
+
+2.4. Subsequent Licenses
+
+No Contributor makes additional grants as a result of Your choice to
+distribute the Covered Software under a subsequent version of this
+License (see Section 10.2) or under the terms of a Secondary License (if
+permitted under the terms of Section 3.3).
+
+2.5. Representation
+
+Each Contributor represents that the Contributor believes its
+Contributions are its original creation(s) or it has sufficient rights
+to grant the rights to its Contributions conveyed by this License.
+
+2.6. Fair Use
+
+This License is not intended to limit any rights You have under
+applicable copyright doctrines of fair use, fair dealing, or other
+equivalents.
+
+2.7. Conditions
+
+Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
+in Section 2.1.
+
+3. Responsibilities
+-------------------
+
+3.1. Distribution of Source Form
+
+All distribution of Covered Software in Source Code Form, including any
+Modifications that You create or to which You contribute, must be under
+the terms of this License. You must inform recipients that the Source
+Code Form of the Covered Software is governed by the terms of this
+License, and how they can obtain a copy of this License. You may not
+attempt to alter or restrict the recipients&#x27; rights in the Source Code
+Form.
+
+3.2. Distribution of Executable Form
+
+If You distribute Covered Software in Executable Form then:
+
+(a) such Covered Software must also be made available in Source Code
+    Form, as described in Section 3.1, and You must inform recipients of
+    the Executable Form how they can obtain a copy of such Source Code
+    Form by reasonable means in a timely manner, at a charge no more
+    than the cost of distribution to the recipient; and
+
+(b) You may distribute such Executable Form under the terms of this
+    License, or sublicense it under different terms, provided that the
+    license for the Executable Form does not attempt to limit or alter
+    the recipients&#x27; rights in the Source Code Form under this License.
+
+3.3. Distribution of a Larger Work
+
+You may create and distribute a Larger Work under terms of Your choice,
+provided that You also comply with the requirements of this License for
+the Covered Software. If the Larger Work is a combination of Covered
+Software with a work governed by one or more Secondary Licenses, and the
+Covered Software is not Incompatible With Secondary Licenses, this
+License permits You to additionally distribute such Covered Software
+under the terms of such Secondary License(s), so that the recipient of
+the Larger Work may, at their option, further distribute the Covered
+Software under the terms of either this License or such Secondary
+License(s).
+
+3.4. Notices
+
+You may not remove or alter the substance of any license notices
+(including copyright notices, patent notices, disclaimers of warranty,
+or limitations of liability) contained within the Source Code Form of
+the Covered Software, except that You may alter any license notices to
+the extent required to remedy known factual inaccuracies.
+
+3.5. Application of Additional Terms
+
+You may choose to offer, and to charge a fee for, warranty, support,
+indemnity or liability obligations to one or more recipients of Covered
+Software. However, You may do so only on Your own behalf, and not on
+behalf of any Contributor. You must make it absolutely clear that any
+such warranty, support, indemnity, or liability obligation is offered by
+You alone, and You hereby agree to indemnify every Contributor for any
+liability incurred by such Contributor as a result of warranty, support,
+indemnity or liability terms You offer. You may include additional
+disclaimers of warranty and limitations of liability specific to any
+jurisdiction.
+
+4. Inability to Comply Due to Statute or Regulation
+---------------------------------------------------
+
+If it is impossible for You to comply with any of the terms of this
+License with respect to some or all of the Covered Software due to
+statute, judicial order, or regulation then You must: (a) comply with
+the terms of this License to the maximum extent possible; and (b)
+describe the limitations and the code they affect. Such description must
+be placed in a text file included with all distributions of the Covered
+Software under this License. Except to the extent prohibited by statute
+or regulation, such description must be sufficiently detailed for a
+recipient of ordinary skill to be able to understand it.
+
+5. Termination
+--------------
+
+5.1. The rights granted under this License will terminate automatically
+if You fail to comply with any of its terms. However, if You become
+compliant, then the rights granted under this License from a particular
+Contributor are reinstated (a) provisionally, unless and until such
+Contributor explicitly and finally terminates Your grants, and (b) on an
+ongoing basis, if such Contributor fails to notify You of the
+non-compliance by some reasonable means prior to 60 days after You have
+come back into compliance. Moreover, Your grants from a particular
+Contributor are reinstated on an ongoing basis if such Contributor
+notifies You of the non-compliance by some reasonable means, this is the
+first time You have received notice of non-compliance with this License
+from such Contributor, and You become compliant prior to 30 days after
+Your receipt of the notice.
+
+5.2. If You initiate litigation against any entity by asserting a patent
+infringement claim (excluding declaratory judgment actions,
+counter-claims, and cross-claims) alleging that a Contributor Version
+directly or indirectly infringes any patent, then the rights granted to
+You by any and all Contributors for the Covered Software under Section
+2.1 of this License shall terminate.
+
+5.3. In the event of termination under Sections 5.1 or 5.2 above, all
+end user license agreements (excluding distributors and resellers) which
+have been validly granted by You or Your distributors under this License
+prior to termination shall survive termination.
+
+************************************************************************
+*                                                                      *
+*  6. Disclaimer of Warranty                                           *
+*  -------------------------                                           *
+*                                                                      *
+*  Covered Software is provided under this License on an &quot;as is&quot;       *
+*  basis, without warranty of any kind, either expressed, implied, or  *
+*  statutory, including, without limitation, warranties that the       *
+*  Covered Software is free of defects, merchantable, fit for a        *
+*  particular purpose or non-infringing. The entire risk as to the     *
+*  quality and performance of the Covered Software is with You.        *
+*  Should any Covered Software prove defective in any respect, You     *
+*  (not any Contributor) assume the cost of any necessary servicing,   *
+*  repair, or correction. This disclaimer of warranty constitutes an   *
+*  essential part of this License. No use of any Covered Software is   *
+*  authorized under this License except under this disclaimer.         *
+*                                                                      *
+************************************************************************
+
+************************************************************************
+*                                                                      *
+*  7. Limitation of Liability                                          *
+*  --------------------------                                          *
+*                                                                      *
+*  Under no circumstances and under no legal theory, whether tort      *
+*  (including negligence), contract, or otherwise, shall any           *
+*  Contributor, or anyone who distributes Covered Software as          *
+*  permitted above, be liable to You for any direct, indirect,         *
+*  special, incidental, or consequential damages of any character      *
+*  including, without limitation, damages for lost profits, loss of    *
+*  goodwill, work stoppage, computer failure or malfunction, or any    *
+*  and all other commercial damages or losses, even if such party      *
+*  shall have been informed of the possibility of such damages. This   *
+*  limitation of liability shall not apply to liability for death or   *
+*  personal injury resulting from such party&#x27;s negligence to the       *
+*  extent applicable law prohibits such limitation. Some               *
+*  jurisdictions do not allow the exclusion or limitation of           *
+*  incidental or consequential damages, so this exclusion and          *
+*  limitation may not apply to You.                                    *
+*                                                                      *
+************************************************************************
+
+8. Litigation
+-------------
+
+Any litigation relating to this License may be brought only in the
+courts of a jurisdiction where the defendant maintains its principal
+place of business and such litigation shall be governed by laws of that
+jurisdiction, without reference to its conflict-of-law provisions.
+Nothing in this Section shall prevent a party&#x27;s ability to bring
+cross-claims or counter-claims.
+
+9. Miscellaneous
+----------------
+
+This License represents the complete agreement concerning the subject
+matter hereof. If any provision of this License is held to be
+unenforceable, such provision shall be reformed only to the extent
+necessary to make it enforceable. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+shall not be used to construe this License against a Contributor.
+
+10. Versions of the License
+---------------------------
+
+10.1. New Versions
+
+Mozilla Foundation is the license steward. Except as provided in Section
+10.3, no one other than the license steward has the right to modify or
+publish new versions of this License. Each version will be given a
+distinguishing version number.
+
+10.2. Effect of New Versions
+
+You may distribute the Covered Software under the terms of the version
+of the License under which You originally received the Covered Software,
+or under the terms of any subsequent version published by the license
+steward.
+
+10.3. Modified Versions
+
+If you create software not governed by this License, and you want to
+create a new license for such software, you may create and use a
+modified version of this License if you rename the license and remove
+any references to the name of the license steward (except to note that
+such modified license differs from this License).
+
+10.4. Distributing Source Code Form that is Incompatible With Secondary
+Licenses
+
+If You choose to distribute Source Code Form that is Incompatible With
+Secondary Licenses under the terms of this version of the License, the
+notice described in Exhibit B of this License must be attached.
+
+Exhibit A - Source Code Form License Notice
+-------------------------------------------
+
+  This Source Code Form is subject to the terms of the Mozilla Public
+  License, v. 2.0. If a copy of the MPL was not distributed with this
+  file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+If it is not possible or desirable to put the notice in a particular
+file, then You may include the notice in a location (such as a LICENSE
+file in a relevant directory) where a recipient would be likely to look
+for such a notice.
+
+You may add additional accurate notices of copyright ownership.
+
+Exhibit B - &quot;Incompatible With Secondary Licenses&quot; Notice
+---------------------------------------------------------
+
+  This Source Code Form is &quot;Incompatible With Secondary Licenses&quot;, as
+  defined by the Mozilla Public License, v. 2.0.
 </pre>
             </li>
             <li class="license">

crates/frontend/public/templates/pages/user.html

@@ -1,5 +1,10 @@
 {% extends "layouts/default.html" %}
 
+{% block imports %}
+<script type="module" src="/frontend/assets/js/create-calendar-form.mjs" async></script>
+<script type="module" src="/frontend/assets/js/create-addressbook-form.mjs" async></script>
+{% endblock %}
+
 {% block content %}
 <div id="page-user">
 
@@ -9,7 +14,6 @@
   <h2>Profile</h2>
 
   <h3>Groups</h3>
-
   <ul>
     {% for group in user.memberships() %}
       <li>{{ group }}</li>
@@ -117,51 +121,7 @@
   {% endfor %}
 </ul>
 {% endif %}
-
+<create-calendar-form user="{{ user.id }}"></create-calendar-form>
-<section>
-  <h3>Create calendar</h3>
-  <form action="/frontend/user/{{ user.id }}/calendar" method="POST">
-    <label>
-      href
-      <input type="text" name="id" />
-    </label>
-    <br>
-    <label>
-      Displayname
-      <input type="text" name="displayname" />
-    </label>
-    <br>
-    <label>
-      Description
-      <input type="text" name="description" />
-    </label>
-    <br>
-    <label>
-      Color
-      <input type="color" name="color" />
-    </label>
-    <br>
-    <label>
-      Subscription URL
-      <input type="text" name="subscription_url" />
-    </label>
-    <br>
-    <label>
-      Support VEVENT
-      <input type="checkbox" name="comp_event" checked />
-    </label>
-    <label>
-      Support VTODO
-      <input type="checkbox" name="comp_todo" checked />
-    </label>
-    <label>
-      Support VJOURNAL
-      <input type="checkbox" name="comp_journal" />
-    </label>
-    <br>
-    <button type="submit">Create</button>
-  </form>
-</section>
 
 </section>
 
@@ -207,27 +167,7 @@
 </ul>
 {% endif %}
 
-<section>
+<create-addressbook-form user="{{ user.id }}"></create-addressbook-form>
-  <h3>Create addressbook</h3>
-  <form action="/frontend/user/{{ user.id }}/addressbook" method="POST">
-    <label>
-      href
-      <input type="text" name="id" />
-    </label>
-    <br>
-    <label>
-      Displayname
-      <input type="text" name="displayname" />
-    </label>
-    <br>
-    <label>
-      Description
-      <input type="text" name="description" />
-    </label>
-    <br>
-    <button type="submit">Create</button>
-  </form>
-</section>
 
 </section>
 {% endblock %}

crates/frontend/src/assets.rs

@@ -11,11 +11,11 @@ use rust_embed::RustEmbed;
 use std::{convert::Infallible, marker::PhantomData, str::FromStr};
 use tower::Service;
 
-#[derive(Clone, RustEmbed)]
+#[derive(Clone, RustEmbed, Default)]
 #[folder = "public/assets"]
 pub struct Assets;
 
-#[derive(Clone)]
+#[derive(Clone, Default)]
 pub struct EmbedService<E>
 where
     E: 'static + RustEmbed,
@@ -23,17 +23,6 @@ where
     _embed: PhantomData<E>,
 }
 
-impl<E> EmbedService<E>
-where
-    E: 'static + RustEmbed,
-{
-    pub fn new() -> Self {
-        Self {
-            _embed: PhantomData,
-        }
-    }
-}
-
 impl<E> Service<Request> for EmbedService<E>
 where
     E: 'static + RustEmbed,

crates/frontend/src/lib.rs

@@ -25,21 +25,15 @@ mod routes;
 pub use config::FrontendConfig;
 use oidc_user_store::OidcUserStore;
 
-use crate::{
+use crate::routes::{
-    assets::{Assets, EmbedService},
+    addressbook::{route_addressbook, route_addressbook_restore, route_delete_addressbook},
-    routes::{
-        addressbook::{
-            route_addressbook, route_addressbook_restore, route_create_addressbook,
-            route_delete_addressbook,
-        },
     app_token::{route_delete_app_token, route_post_app_token},
-        calendar::{
+    calendar::{route_calendar, route_calendar_restore, route_delete_calendar},
-            route_calendar, route_calendar_restore, route_create_calendar, route_delete_calendar,
-        },
     login::{route_get_login, route_post_login, route_post_logout},
     user::{route_get_home, route_root, route_user_named},
-    },
 };
+#[cfg(not(feature = "dev"))]
+use assets::{Assets, EmbedService};
 
 pub fn frontend_router<AP: AuthenticationProvider, CS: CalendarStore, AS: AddressbookStore>(
     prefix: &'static str,
@@ -62,7 +56,6 @@ pub fn frontend_router<AP: AuthenticationProvider, CS: CalendarStore, AS: Addres
             post(route_delete_app_token::<AP>),
         )
         // Calendar
-        .route("/user/{user}/calendar", post(route_create_calendar::<CS>))
         .route(
             "/user/{user}/calendar/{calendar}",
             get(route_calendar::<CS>),
@@ -76,10 +69,6 @@ pub fn frontend_router<AP: AuthenticationProvider, CS: CalendarStore, AS: Addres
             post(route_calendar_restore::<CS>),
         )
         // Addressbook
-        .route(
-            "/user/{user}/addressbook",
-            post(route_create_addressbook::<AS>),
-        )
         .route(
             "/user/{user}/addressbook/{addressbook}",
             get(route_addressbook::<AS>),
@@ -93,8 +82,15 @@ pub fn frontend_router<AP: AuthenticationProvider, CS: CalendarStore, AS: Addres
             post(route_addressbook_restore::<AS>),
         )
         .route("/login", get(route_get_login).post(route_post_login::<AP>))
-        .route("/logout", post(route_post_logout))
+        .route("/logout", post(route_post_logout));
-        .route_service("/assets/{*file}", EmbedService::<Assets>::new());
+
+    #[cfg(not(feature = "dev"))]
+    let mut router = router.route_service("/assets/{*file}", EmbedService::<Assets>::default());
+    #[cfg(feature = "dev")]
+    let mut router = router.nest_service(
+        "/assets",
+        tower_http::services::ServeDir::new(concat!(env!("CARGO_MANIFEST_DIR"), "/public/assets")),
+    );
 
     if let Some(oidc_config) = oidc_config.clone() {
         router = router

crates/frontend/src/nextcloud_login/routes.rs

@@ -13,7 +13,7 @@ use axum_extra::{TypedHeader, extract::Host};
 use chrono::{Duration, Utc};
 use headers::UserAgent;
 use http::StatusCode;
-use rustical_store::auth::{AuthenticationProvider, User};
+use rustical_store::auth::{AuthenticationProvider, Principal};
 use serde::{Deserialize, Serialize};
 use std::sync::Arc;
 use tracing::instrument;
@@ -101,7 +101,7 @@ struct NextcloudLoginPage {
 pub(crate) async fn get_nextcloud_flow(
     Extension(state): Extension<Arc<NextcloudFlows>>,
     Path(flow_id): Path<String>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, rustical_store::Error> {
     if let Some(flow) = state.flows.read().await.get(&flow_id) {
         Ok(Html(
@@ -131,7 +131,7 @@ struct NextcloudLoginSuccessPage {
 
 #[instrument(skip(state))]
 pub(crate) async fn post_nextcloud_flow(
-    user: User,
+    user: Principal,
     Extension(state): Extension<Arc<NextcloudFlows>>,
     Path(flow_id): Path<String>,
     Host(host): Host,

crates/frontend/src/oidc_user_store.rs

@@ -2,7 +2,7 @@ use std::sync::Arc;
 
 use async_trait::async_trait;
 use rustical_oidc::UserStore;
-use rustical_store::auth::{AuthenticationProvider, User};
+use rustical_store::auth::{AuthenticationProvider, Principal};
 
 pub struct OidcUserStore<AP: AuthenticationProvider>(pub Arc<AP>);
 
@@ -23,7 +23,7 @@ impl<AP: AuthenticationProvider> UserStore for OidcUserStore<AP> {
     async fn insert_user(&self, id: &str) -> Result<(), Self::Error> {
         self.0
             .insert_principal(
-                User {
+                Principal {
                     id: id.to_owned(),
                     displayname: None,
                     principal_type: Default::default(),

crates/frontend/src/routes/addressbook.rs

@@ -3,15 +3,14 @@ use std::sync::Arc;
 use askama::Template;
 use askama_web::WebTemplate;
 use axum::{
-    Extension, Form,
+    Extension,
     extract::Path,
     response::{IntoResponse, Redirect, Response},
 };
 use axum_extra::TypedHeader;
 use headers::Referer;
 use http::StatusCode;
-use rustical_store::{Addressbook, AddressbookStore, auth::User};
+use rustical_store::{Addressbook, AddressbookStore, auth::Principal};
-use serde::{Deserialize, Deserializer};
 
 #[derive(Template, WebTemplate)]
 #[template(path = "pages/addressbook.html")]
@@ -22,7 +21,7 @@ struct AddressbookPage {
 pub async fn route_addressbook<AS: AddressbookStore>(
     Path((owner, addrbook_id)): Path<(String, String)>,
     Extension(store): Extension<Arc<AS>>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, rustical_store::Error> {
     if !user.is_principal(&owner) {
         return Ok(StatusCode::UNAUTHORIZED.into_response());
@@ -33,57 +32,10 @@ pub async fn route_addressbook<AS: AddressbookStore>(
     .into_response())
 }
 
-fn empty_to_none<'de, D>(deserializer: D) -> Result<Option<String>, D::Error>
-where
-    D: Deserializer<'de>,
-{
-    let val: Option<String> = Deserialize::deserialize(deserializer)?;
-    Ok(val.filter(|val| !val.is_empty()))
-}
-
-#[derive(Deserialize, Clone)]
-pub struct PutAddressbookForm {
-    id: String,
-    #[serde(deserialize_with = "empty_to_none")]
-    displayname: Option<String>,
-    #[serde(deserialize_with = "empty_to_none")]
-    description: Option<String>,
-}
-
-pub async fn route_create_addressbook<AS: AddressbookStore>(
-    Path(owner): Path<String>,
-    Extension(store): Extension<Arc<AS>>,
-    user: User,
-    Form(PutAddressbookForm {
-        id,
-        displayname,
-        description,
-    }): Form<PutAddressbookForm>,
-) -> Result<Response, rustical_store::Error> {
-    if !user.is_principal(&owner) {
-        return Ok(StatusCode::UNAUTHORIZED.into_response());
-    }
-
-    assert!(!id.is_empty());
-
-    let addressbook = Addressbook {
-        id: id.to_owned(),
-        displayname,
-        description,
-        principal: user.id.to_owned(),
-        synctoken: 0,
-        deleted_at: None,
-        push_topic: uuid::Uuid::new_v4().to_string(),
-    };
-
-    store.insert_addressbook(addressbook).await?;
-    Ok(Redirect::to(&format!("/frontend/user/{}/addressbook/{}", user.id, id)).into_response())
-}
-
 pub async fn route_addressbook_restore<AS: AddressbookStore>(
     Path((owner, addressbook_id)): Path<(String, String)>,
     Extension(store): Extension<Arc<AS>>,
-    user: User,
+    user: Principal,
     referer: Option<TypedHeader<Referer>>,
 ) -> Result<Response, rustical_store::Error> {
     if !user.is_principal(&owner) {
@@ -99,7 +51,7 @@ pub async fn route_addressbook_restore<AS: AddressbookStore>(
 pub async fn route_delete_addressbook<AS: AddressbookStore>(
     Path((owner, addressbook_id)): Path<(String, String)>,
     Extension(store): Extension<Arc<AS>>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, rustical_store::Error> {
     if !user.is_principal(&owner) {
         return Ok(StatusCode::UNAUTHORIZED.into_response());

crates/frontend/src/routes/app_token.rs

@@ -12,7 +12,7 @@ use headers::{ContentType, HeaderMapExt};
 use http::{HeaderValue, StatusCode, header};
 use percent_encoding::{CONTROLS, utf8_percent_encode};
 use rand::{Rng, distr::Alphanumeric};
-use rustical_store::auth::{AuthenticationProvider, User};
+use rustical_store::auth::{AuthenticationProvider, Principal};
 use serde::Deserialize;
 use uuid::Uuid;
 
@@ -47,7 +47,7 @@ pub(crate) struct PostAppTokenForm {
 }
 
 pub async fn route_post_app_token<AP: AuthenticationProvider>(
-    user: User,
+    user: Principal,
     Extension(auth_provider): Extension<Arc<AP>>,
     Path(user_id): Path<String>,
     Host(hostname): Host,
@@ -96,7 +96,7 @@ pub async fn route_post_app_token<AP: AuthenticationProvider>(
 }
 
 pub async fn route_delete_app_token<AP: AuthenticationProvider>(
-    user: User,
+    user: Principal,
     Extension(auth_provider): Extension<Arc<AP>>,
     Path((user_id, token_id)): Path<(String, String)>,
 ) -> Result<Redirect, rustical_store::Error> {

crates/frontend/src/routes/calendar.rs

@@ -3,16 +3,14 @@ use std::sync::Arc;
 use askama::Template;
 use askama_web::WebTemplate;
 use axum::{
-    Extension, Form,
+    Extension,
     extract::Path,
     response::{IntoResponse, Redirect, Response},
 };
 use axum_extra::TypedHeader;
 use headers::Referer;
 use http::StatusCode;
-use rustical_ical::CalendarObjectType;
+use rustical_store::{Calendar, CalendarStore, auth::Principal};
-use rustical_store::{Calendar, CalendarStore, auth::User};
-use serde::{Deserialize, Deserializer};
 
 #[derive(Template, WebTemplate)]
 #[template(path = "pages/calendar.html")]
@@ -23,7 +21,7 @@ struct CalendarPage {
 pub async fn route_calendar<C: CalendarStore>(
     Path((owner, cal_id)): Path<(String, String)>,
     Extension(store): Extension<Arc<C>>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, rustical_store::Error> {
     if !user.is_principal(&owner) {
         return Ok(StatusCode::UNAUTHORIZED.into_response());
@@ -34,86 +32,10 @@ pub async fn route_calendar<C: CalendarStore>(
     .into_response())
 }
 
-fn empty_to_none<'de, D>(deserializer: D) -> Result<Option<String>, D::Error>
-where
-    D: Deserializer<'de>,
-{
-    let val: Option<String> = Deserialize::deserialize(deserializer)?;
-    Ok(val.filter(|val| !val.is_empty()))
-}
-
-#[derive(Deserialize, Clone)]
-pub struct PutCalendarForm {
-    id: String,
-    #[serde(deserialize_with = "empty_to_none")]
-    displayname: Option<String>,
-    #[serde(deserialize_with = "empty_to_none")]
-    description: Option<String>,
-    #[serde(deserialize_with = "empty_to_none")]
-    color: Option<String>,
-    #[serde(deserialize_with = "empty_to_none")]
-    subscription_url: Option<String>,
-    comp_event: Option<String>,
-    comp_todo: Option<String>,
-    comp_journal: Option<String>,
-}
-
-pub async fn route_create_calendar<C: CalendarStore>(
-    Path(owner): Path<String>,
-    Extension(store): Extension<Arc<C>>,
-    user: User,
-    Form(PutCalendarForm {
-        id,
-        displayname,
-        description,
-        color,
-        subscription_url,
-        comp_event,
-        comp_todo,
-        comp_journal,
-    }): Form<PutCalendarForm>,
-) -> Result<Response, rustical_store::Error> {
-    if !user.is_principal(&owner) {
-        return Ok(StatusCode::UNAUTHORIZED.into_response());
-    }
-
-    assert!(!id.is_empty());
-
-    let mut comps = vec![];
-    if comp_event.is_some() {
-        comps.push(CalendarObjectType::Event);
-    }
-    if comp_todo.is_some() {
-        comps.push(CalendarObjectType::Todo);
-    }
-    if comp_journal.is_some() {
-        comps.push(CalendarObjectType::Journal);
-    }
-
-    let cal = Calendar {
-        id: id.to_owned(),
-        displayname,
-        description,
-        color,
-        subscription_url,
-        principal: user.id.to_owned(),
-        components: comps,
-        order: 0,
-        timezone_id: None,
-        timezone: None,
-        synctoken: 0,
-        deleted_at: None,
-        push_topic: uuid::Uuid::new_v4().to_string(),
-    };
-
-    store.insert_calendar(cal).await?;
-    Ok(Redirect::to(&format!("/frontend/user/{}/calendar/{}", user.id, id)).into_response())
-}
-
 pub async fn route_calendar_restore<CS: CalendarStore>(
     Path((owner, cal_id)): Path<(String, String)>,
     Extension(store): Extension<Arc<CS>>,
-    user: User,
+    user: Principal,
     referer: Option<TypedHeader<Referer>>,
 ) -> Result<Response, rustical_store::Error> {
     if !user.is_principal(&owner) {
@@ -129,7 +51,7 @@ pub async fn route_calendar_restore<CS: CalendarStore>(
 pub async fn route_delete_calendar<C: CalendarStore>(
     Path((owner, cal_id)): Path<(String, String)>,
     Extension(store): Extension<Arc<C>>,
-    user: User,
+    user: Principal,
 ) -> Result<Response, rustical_store::Error> {
     if !user.is_principal(&owner) {
         return Ok(StatusCode::UNAUTHORIZED.into_response());

crates/frontend/src/routes/user.rs

@@ -12,13 +12,13 @@ use headers::UserAgent;
 use http::StatusCode;
 use rustical_store::{
     Addressbook, AddressbookStore, Calendar, CalendarStore,
-    auth::{AuthenticationProvider, User, user::AppToken},
+    auth::{AppToken, AuthenticationProvider, Principal},
 };
 
 #[derive(Template, WebTemplate)]
 #[template(path = "pages/user.html")]
 pub struct UserPage {
-    pub user: User,
+    pub user: Principal,
     pub app_tokens: Vec<AppToken>,
     pub calendars: Vec<Calendar>,
     pub deleted_calendars: Vec<Calendar>,
@@ -39,7 +39,7 @@ pub async fn route_user_named<
     Extension(auth_provider): Extension<Arc<AP>>,
     TypedHeader(user_agent): TypedHeader<UserAgent>,
     Host(host): Host,
-    user: User,
+    user: Principal,
 ) -> impl IntoResponse {
     if user_id != user.id {
         return StatusCode::UNAUTHORIZED.into_response();
@@ -81,11 +81,11 @@ pub async fn route_user_named<
     .into_response()
 }
 
-pub async fn route_get_home(user: User) -> Redirect {
+pub async fn route_get_home(user: Principal) -> Redirect {
     Redirect::to(&format!("/frontend/user/{}", user.id))
 }
 
-pub async fn route_root(user: Option<User>) -> Redirect {
+pub async fn route_root(user: Option<Principal>) -> Redirect {
     match user {
         Some(user) => route_get_home(user).await,
         None => Redirect::to("/frontend/login"),

crates/oidc/src/lib.rs

@@ -138,7 +138,8 @@ pub async fn route_post_oidc(
 #[derive(Debug, Clone, Deserialize)]
 pub struct AuthCallbackQuery {
     code: AuthorizationCode,
-    iss: IssuerUrl,
+    // RFC 9207
+    iss: Option<IssuerUrl>,
     state: String,
 }
 
@@ -153,7 +154,9 @@ pub async fn route_get_oidc_callback<US: UserStore + Clone>(
 ) -> Result<Response, OidcError> {
     let callback_uri = format!("https://{host}/frontend/login/oidc/callback");
 
+    if let Some(iss) = iss {
         assert_eq!(iss, oidc_config.issuer);
+    }
     let oidc_state = session
         .remove::<OidcState>(SESSION_KEY_OIDC_STATE)
         .await?

crates/store/src/auth/mod.rs

@@ -1,17 +1,26 @@
 pub mod middleware;
-pub mod user;
+mod principal;
 use crate::error::Error;
 use async_trait::async_trait;
 
+pub use principal::{AppToken, Principal, PrincipalType};
+
 #[async_trait]
 pub trait AuthenticationProvider: Send + Sync + 'static {
-    async fn get_principals(&self) -> Result<Vec<User>, crate::Error>;
+    async fn get_principals(&self) -> Result<Vec<Principal>, crate::Error>;
-    async fn get_principal(&self, id: &str) -> Result<Option<User>, crate::Error>;
+    async fn get_principal(&self, id: &str) -> Result<Option<Principal>, crate::Error>;
     async fn remove_principal(&self, id: &str) -> Result<(), crate::Error>;
-    async fn insert_principal(&self, user: User, overwrite: bool) -> Result<(), crate::Error>;
+    async fn insert_principal(&self, user: Principal, overwrite: bool) -> Result<(), crate::Error>;
-    async fn validate_password(&self, user_id: &str, password: &str)
+    async fn validate_password(
-    -> Result<Option<User>, Error>;
+        &self,
-    async fn validate_app_token(&self, user_id: &str, token: &str) -> Result<Option<User>, Error>;
+        user_id: &str,
+        password: &str,
+    ) -> Result<Option<Principal>, Error>;
+    async fn validate_app_token(
+        &self,
+        user_id: &str,
+        token: &str,
+    ) -> Result<Option<Principal>, Error>;
     /// Returns a token identifier
     async fn add_app_token(
         &self,
@@ -28,5 +37,3 @@ pub trait AuthenticationProvider: Send + Sync + 'static {
 }
 
 pub use middleware::AuthenticationMiddleware;
-use user::AppToken;
-pub use user::User;

crates/store/src/auth/principal.rs

@@ -78,8 +78,7 @@ pub struct AppToken {
 
 #[derive(Debug, Clone, Deserialize, Serialize)]
 #[serde(deny_unknown_fields)]
-// TODO: Rename this to Principal
+pub struct Principal {
-pub struct User {
     pub id: String,
     pub displayname: Option<String>,
     #[serde(default)]
@@ -89,7 +88,7 @@ pub struct User {
     pub memberships: Vec<String>,
 }
 
-impl User {
+impl Principal {
     /// Returns true if the user is either
     /// - the principal itself
     /// - has full access to the prinicpal (is member)
@@ -114,7 +113,7 @@ impl User {
     }
 }
 
-impl rustical_dav::Principal for User {
+impl rustical_dav::Principal for Principal {
     fn get_id(&self) -> &str {
         &self.id
     }
@@ -134,7 +133,7 @@ impl IntoResponse for UnauthorizedError {
     }
 }
 
-impl<S: Send + Sync + Clone> FromRequestParts<S> for User {
+impl<S: Send + Sync + Clone> FromRequestParts<S> for Principal {
     type Rejection = UnauthorizedError;
 
     async fn from_request_parts(
@@ -149,7 +148,7 @@ impl<S: Send + Sync + Clone> FromRequestParts<S> for User {
     }
 }
 
-impl<S: Send + Sync + Clone> OptionalFromRequestParts<S> for User {
+impl<S: Send + Sync + Clone> OptionalFromRequestParts<S> for Principal {
     type Rejection = Infallible;
 
     async fn from_request_parts(

crates/store/src/calendar_store.rs

@@ -58,6 +58,7 @@ pub trait CalendarStore: Send + Sync + 'static {
         principal: &str,
         cal_id: &str,
         object_id: &str,
+        show_deleted: bool,
     ) -> Result<CalendarObject, Error>;
     async fn put_object(
         &self,

crates/store/src/combined_calendar_store.rs

@@ -80,11 +80,13 @@ impl<CS: CalendarStore, BS: CalendarStore> CalendarStore for CombinedCalendarSto
         use_trashbin: bool,
     ) -> Result<(), Error> {
         if cal_id.starts_with(BIRTHDAYS_PREFIX) {
-            Err(Error::ReadOnly)
-        } else {
             self.birthday_store
                 .delete_object(principal, cal_id, object_id, use_trashbin)
                 .await
+        } else {
+            self.cal_store
+                .delete_object(principal, cal_id, object_id, use_trashbin)
+                .await
         }
     }
 
@@ -94,14 +96,15 @@ impl<CS: CalendarStore, BS: CalendarStore> CalendarStore for CombinedCalendarSto
         principal: &str,
         cal_id: &str,
         object_id: &str,
+        show_deleted: bool,
     ) -> Result<CalendarObject, Error> {
         if cal_id.starts_with(BIRTHDAYS_PREFIX) {
             self.birthday_store
-                .get_object(principal, cal_id, object_id)
+                .get_object(principal, cal_id, object_id, show_deleted)
                 .await
         } else {
             self.cal_store
-                .get_object(principal, cal_id, object_id)
+                .get_object(principal, cal_id, object_id, show_deleted)
                 .await
         }
     }
@@ -237,4 +240,3 @@ impl<CS: CalendarStore, BS: CalendarStore> CalendarStore for CombinedCalendarSto
         }
     }
 }
-

crates/store/src/contact_birthday_store.rs

@@ -126,13 +126,14 @@ impl<AS: AddressbookStore> CalendarStore for ContactBirthdayStore<AS> {
         principal: &str,
         cal_id: &str,
         object_id: &str,
+        show_deleted: bool,
     ) -> Result<CalendarObject, Error> {
         let cal_id = cal_id
             .strip_prefix(BIRTHDAYS_PREFIX)
             .ok_or(Error::NotFound)?;
         let (addressobject_id, date_type) = object_id.rsplit_once("-").ok_or(Error::NotFound)?;
         self.0
-            .get_object(principal, cal_id, addressobject_id, false)
+            .get_object(principal, cal_id, addressobject_id, show_deleted)
             .await?
             .get_significant_dates()?
             .remove(date_type)

crates/store/src/lib.rs

@@ -22,22 +22,15 @@ pub use addressbook::Addressbook;
 pub use calendar::Calendar;
 
 #[derive(Debug, Clone)]
-pub enum CollectionOperationType {
+pub enum CollectionOperationInfo {
     // Sync-Token increased
-    Object,
+    Content { sync_token: String },
+    // Collection deleted
     Delete,
 }
 
-#[derive(Debug, Clone)]
-pub enum CollectionOperationDomain {
-    Calendar,
-    Addressbook,
-}
-
 #[derive(Debug, Clone)]
 pub struct CollectionOperation {
-    pub r#type: CollectionOperationType,
-    pub domain: CollectionOperationDomain,
     pub topic: String,
-    pub sync_token: Option<String>,
+    pub data: CollectionOperationInfo,
 }

crates/store_sqlite/src/addressbook_store.rs

@@ -3,8 +3,8 @@ use async_trait::async_trait;
 use derive_more::derive::Constructor;
 use rustical_ical::AddressObject;
 use rustical_store::{
-    Addressbook, AddressbookStore, CollectionOperation, CollectionOperationDomain,
+    Addressbook, AddressbookStore, CollectionOperation, CollectionOperationInfo, Error,
-    CollectionOperationType, Error, synctoken::format_synctoken,
+    synctoken::format_synctoken,
 };
 use sqlx::{Acquire, Executor, Sqlite, SqlitePool, Transaction};
 use tokio::sync::mpsc::Sender;
@@ -250,7 +250,7 @@ impl SqliteAddressbookStore {
     ) -> Result<AddressObject, rustical_store::Error> {
         Ok(sqlx::query_as!(
             AddressObjectRow,
-            "SELECT id, vcf FROM addressobjects WHERE (principal, addressbook_id, id) = (?, ?, ?) AND ((deleted_at IS NULL) or ?)",
+            "SELECT id, vcf FROM addressobjects WHERE (principal, addressbook_id, id) = (?, ?, ?) AND ((deleted_at IS NULL) OR ?)",
             principal,
             addressbook_id,
             object_id,
@@ -413,10 +413,8 @@ impl AddressbookStore for SqliteAddressbookStore {
 
         if let Some(addressbook) = addressbook {
             if let Err(err) = self.sender.try_send(CollectionOperation {
-                r#type: CollectionOperationType::Delete,
+                data: CollectionOperationInfo::Delete,
-                domain: CollectionOperationDomain::Addressbook,
                 topic: addressbook.push_topic,
-                sync_token: None,
             }) {
                 error!("Push notification about deleted addressbook failed: {err}");
             };
@@ -485,7 +483,7 @@ impl AddressbookStore for SqliteAddressbookStore {
         )
         .await?;
 
-        let synctoken = log_object_operation(
+        let sync_token = log_object_operation(
             &mut tx,
             &principal,
             &addressbook_id,
@@ -498,13 +496,11 @@ impl AddressbookStore for SqliteAddressbookStore {
         tx.commit().await.map_err(crate::Error::from)?;
 
         if let Err(err) = self.sender.try_send(CollectionOperation {
-            r#type: CollectionOperationType::Object,
+            data: CollectionOperationInfo::Content { sync_token },
-            domain: CollectionOperationDomain::Addressbook,
             topic: self
                 .get_addressbook(&principal, &addressbook_id, false)
                 .await?
                 .push_topic,
-            sync_token: Some(synctoken),
         }) {
             error!("Push notification about deleted addressbook failed: {err}");
         };
@@ -524,7 +520,7 @@ impl AddressbookStore for SqliteAddressbookStore {
 
         Self::_delete_object(&mut *tx, principal, addressbook_id, object_id, use_trashbin).await?;
 
-        let synctoken = log_object_operation(
+        let sync_token = log_object_operation(
             &mut tx,
             principal,
             addressbook_id,
@@ -536,16 +532,15 @@ impl AddressbookStore for SqliteAddressbookStore {
 
         tx.commit().await.map_err(crate::Error::from)?;
 
-        // TODO: Watch for errors here?
+        if let Err(err) = self.sender.try_send(CollectionOperation {
-        let _ = self.sender.try_send(CollectionOperation {
+            data: CollectionOperationInfo::Content { sync_token },
-            r#type: CollectionOperationType::Object,
-            domain: CollectionOperationDomain::Addressbook,
             topic: self
                 .get_addressbook(principal, addressbook_id, false)
                 .await?
                 .push_topic,
-            sync_token: Some(synctoken),
+        }) {
-        });
+            error!("Push notification about deleted addressbook failed: {err}");
+        };
         Ok(())
     }
 
@@ -560,7 +555,7 @@ impl AddressbookStore for SqliteAddressbookStore {
 
         Self::_restore_object(&mut *tx, principal, addressbook_id, object_id).await?;
 
-        let synctoken = log_object_operation(
+        let sync_token = log_object_operation(
             &mut tx,
             principal,
             addressbook_id,
@@ -571,16 +566,15 @@ impl AddressbookStore for SqliteAddressbookStore {
         .map_err(crate::Error::from)?;
         tx.commit().await.map_err(crate::Error::from)?;
 
-        // TODO: Watch for errors here?
+        if let Err(err) = self.sender.try_send(CollectionOperation {
-        let _ = self.sender.try_send(CollectionOperation {
+            data: CollectionOperationInfo::Content { sync_token },
-            r#type: CollectionOperationType::Object,
-            domain: CollectionOperationDomain::Addressbook,
             topic: self
                 .get_addressbook(principal, addressbook_id, false)
                 .await?
                 .push_topic,
-            sync_token: Some(synctoken),
+        }) {
-        });
+            error!("Push notification about deleted addressbook failed: {err}");
+        };
 
         Ok(())
     }

crates/store_sqlite/src/calendar_store.rs

@@ -6,7 +6,7 @@ use rustical_ical::{CalDateTime, CalendarObject, CalendarObjectType};
 use rustical_store::calendar_store::CalendarQuery;
 use rustical_store::synctoken::format_synctoken;
 use rustical_store::{Calendar, CalendarStore, Error};
-use rustical_store::{CollectionOperation, CollectionOperationType};
+use rustical_store::{CollectionOperation, CollectionOperationInfo};
 use sqlx::types::chrono::NaiveDateTime;
 use sqlx::{Acquire, Executor, Sqlite, SqlitePool, Transaction};
 use tokio::sync::mpsc::Sender;
@@ -296,13 +296,15 @@ impl SqliteCalendarStore {
         principal: &str,
         cal_id: &str,
         object_id: &str,
+        show_deleted: bool,
     ) -> Result<CalendarObject, Error> {
         sqlx::query_as!(
             CalendarObjectRow,
-            "SELECT id, ics FROM calendarobjects WHERE (principal, cal_id, id) = (?, ?, ?)",
+            "SELECT id, ics FROM calendarobjects WHERE (principal, cal_id, id) = (?, ?, ?) AND ((deleted_at IS NULL) OR ?)",
             principal,
             cal_id,
-            object_id
+            object_id,
+            show_deleted
         )
         .fetch_one(executor)
         .await
@@ -454,7 +456,7 @@ impl SqliteCalendarStore {
             .unwrap_or(0);
 
         for Row { object_id, .. } in changes {
-            match Self::_get_object(&mut *conn, principal, cal_id, &object_id).await {
+            match Self::_get_object(&mut *conn, principal, cal_id, &object_id, false).await {
                 Ok(object) => objects.push(object),
                 Err(rustical_store::Error::NotFound) => deleted_objects.push(object_id),
                 Err(err) => return Err(err),
@@ -518,10 +520,8 @@ impl CalendarStore for SqliteCalendarStore {
 
         if let Some(cal) = cal {
             if let Err(err) = self.sender.try_send(CollectionOperation {
-                r#type: CollectionOperationType::Delete,
+                data: CollectionOperationInfo::Delete,
-                domain: rustical_store::CollectionOperationDomain::Calendar,
                 topic: cal.push_topic,
-                sync_token: None,
             }) {
                 error!("Push notification about deleted calendar failed: {err}");
             };
@@ -559,8 +559,9 @@ impl CalendarStore for SqliteCalendarStore {
         principal: &str,
         cal_id: &str,
         object_id: &str,
+        show_deleted: bool,
     ) -> Result<CalendarObject, Error> {
-        Self::_get_object(&self.db, principal, cal_id, object_id).await
+        Self::_get_object(&self.db, principal, cal_id, object_id, show_deleted).await
     }
 
     #[instrument]
@@ -585,7 +586,7 @@ impl CalendarStore for SqliteCalendarStore {
         )
         .await?;
 
-        let synctoken = log_object_operation(
+        let sync_token = log_object_operation(
             &mut tx,
             &principal,
             &cal_id,
@@ -597,10 +598,8 @@ impl CalendarStore for SqliteCalendarStore {
         tx.commit().await.map_err(crate::Error::from)?;
 
         if let Err(err) = self.sender.try_send(CollectionOperation {
-            r#type: CollectionOperationType::Object,
+            data: CollectionOperationInfo::Content { sync_token },
-            domain: rustical_store::CollectionOperationDomain::Calendar,
             topic: self.get_calendar(&principal, &cal_id).await?.push_topic,
-            sync_token: Some(synctoken),
         }) {
             error!("Push notification about deleted calendar failed: {err}");
         };
@@ -619,15 +618,13 @@ impl CalendarStore for SqliteCalendarStore {
 
         Self::_delete_object(&mut *tx, principal, cal_id, id, use_trashbin).await?;
 
-        let synctoken =
+        let sync_token =
             log_object_operation(&mut tx, principal, cal_id, id, ChangeOperation::Delete).await?;
         tx.commit().await.map_err(crate::Error::from)?;
 
         if let Err(err) = self.sender.try_send(CollectionOperation {
-            r#type: CollectionOperationType::Object,
+            data: CollectionOperationInfo::Content { sync_token },
-            domain: rustical_store::CollectionOperationDomain::Calendar,
             topic: self.get_calendar(principal, cal_id).await?.push_topic,
-            sync_token: Some(synctoken),
         }) {
             error!("Push notification about deleted calendar failed: {err}");
         };
@@ -645,16 +642,14 @@ impl CalendarStore for SqliteCalendarStore {
 
         Self::_restore_object(&mut *tx, principal, cal_id, object_id).await?;
 
-        let synctoken =
+        let sync_token =
             log_object_operation(&mut tx, principal, cal_id, object_id, ChangeOperation::Add)
                 .await?;
         tx.commit().await.map_err(crate::Error::from)?;
 
         if let Err(err) = self.sender.try_send(CollectionOperation {
-            r#type: CollectionOperationType::Object,
+            data: CollectionOperationInfo::Content { sync_token },
-            domain: rustical_store::CollectionOperationDomain::Calendar,
             topic: self.get_calendar(principal, cal_id).await?.push_topic,
-            sync_token: Some(synctoken),
         }) {
             error!("Push notification about deleted calendar failed: {err}");
         };

crates/store_sqlite/src/principal_store.rs

@@ -7,7 +7,7 @@ use pbkdf2::{
 };
 use rustical_store::{
     Error, Secret,
-    auth::{AuthenticationProvider, User, user::AppToken},
+    auth::{AppToken, AuthenticationProvider, Principal},
 };
 use sqlx::{SqlitePool, types::Json};
 use tracing::instrument;
@@ -21,11 +21,11 @@ struct PrincipalRow {
     memberships: Option<Json<Vec<Option<String>>>>,
 }
 
-impl TryFrom<PrincipalRow> for User {
+impl TryFrom<PrincipalRow> for Principal {
     type Error = Error;
 
     fn try_from(value: PrincipalRow) -> Result<Self, Self::Error> {
-        Ok(User {
+        Ok(Principal {
             id: value.id,
             displayname: value.displayname,
             password: value.password_hash.map(Secret::from),
@@ -49,8 +49,8 @@ pub struct SqlitePrincipalStore {
 #[async_trait]
 impl AuthenticationProvider for SqlitePrincipalStore {
     #[instrument]
-    async fn get_principals(&self) -> Result<Vec<User>, Error> {
+    async fn get_principals(&self) -> Result<Vec<Principal>, Error> {
-        let result: Result<Vec<User>, Error> = sqlx::query_as!(
+        let result: Result<Vec<Principal>, Error> = sqlx::query_as!(
             PrincipalRow,
             r#"
             SELECT id, displayname, principal_type, password_hash, json_group_array(member_of) AS "memberships: Json<Vec<Option<String>>>"
@@ -63,13 +63,13 @@ impl AuthenticationProvider for SqlitePrincipalStore {
         .await
         .map_err(crate::Error::from)?
         .into_iter()
-        .map(User::try_from)
+        .map(Principal::try_from)
         .collect();
         Ok(result?)
     }
 
     #[instrument]
-    async fn get_principal(&self, id: &str) -> Result<Option<User>, Error> {
+    async fn get_principal(&self, id: &str) -> Result<Option<Principal>, Error> {
         let row= sqlx::query_as!(
             PrincipalRow,
             r#"
@@ -83,7 +83,7 @@ impl AuthenticationProvider for SqlitePrincipalStore {
             .fetch_optional(&self.db)
             .await
             .map_err(crate::Error::from)?
-            .map(User::try_from);
+            .map(Principal::try_from);
         if let Some(row) = row {
             Ok(Some(row?))
         } else {
@@ -103,7 +103,7 @@ impl AuthenticationProvider for SqlitePrincipalStore {
     #[instrument]
     async fn insert_principal(
         &self,
-        user: User,
+        user: Principal,
         overwrite: bool,
     ) -> Result<(), rustical_store::Error> {
         // Would be cleaner to put this into a transaction but for now it will be fine
@@ -142,7 +142,11 @@ impl AuthenticationProvider for SqlitePrincipalStore {
     }
 
     #[instrument(skip(token))]
-    async fn validate_app_token(&self, user_id: &str, token: &str) -> Result<Option<User>, Error> {
+    async fn validate_app_token(
+        &self,
+        user_id: &str,
+        token: &str,
+    ) -> Result<Option<Principal>, Error> {
         for app_token in &self.get_app_tokens(user_id).await? {
             if password_auth::verify_password(token, app_token.token.as_ref()).is_ok() {
                 return self.get_principal(user_id).await;
@@ -169,8 +173,8 @@ impl AuthenticationProvider for SqlitePrincipalStore {
         &self,
         user_id: &str,
         password_input: &str,
-    ) -> Result<Option<User>, Error> {
+    ) -> Result<Option<Principal>, Error> {
-        let user: User = match self.get_principal(user_id).await? {
+        let user: Principal = match self.get_principal(user_id).await? {
             Some(user) => user,
             None => return Ok(None),
         };

docs/index.md

@@ -4,15 +4,15 @@ a CalDAV/CardDAV server
 
 !!! warning
 RustiCal is **not production-ready!**
-While I've started migrating to RustiCal and becoming more confident,
+I've been using it for the last few weeks and I'm slowly becoming more confident,
-please know that bugs and rough edges will still occur.
+however you'd be one of the first testers so expect bugs and rough edges.
-Concretely, if you are using Apple Calendar you will want to stay away from assigning groups to users.
 If you still want to play around with it in its current state, absolutely feel free to do so and to open up an issue if something is not working. :)
 
 ## Features
 
 - easy to backup, everything saved in one SQLite database
   - also export feature in the frontend
+- [WebDAV Push](https://github.com/bitfireAT/webdav-push/) support, so near-instant synchronisation to DAVx5
 - lightweight (the container image contains only one binary)
 - adequately fast (I'd love to say blazingly fast™ :fire: but I don't have any benchmarks)
 - deleted calendars are recoverable
@@ -26,3 +26,4 @@ If you still want to play around with it in its current state, absolutely feel f
 - GNOME Accounts, GNOME Calendar, GNOME Contacts
 - Evolution
 - Apple Calendar
+- Home Assistant integration

src/app.rs

@@ -34,6 +34,7 @@ pub fn make_app<AS: AddressbookStore, CS: CalendarStore, S: SubscriptionStore>(
     frontend_config: FrontendConfig,
     oidc_config: Option<OidcConfig>,
     nextcloud_login_config: NextcloudLoginConfig,
+    dav_push_enabled: bool,
 ) -> Router<()> {
     let combined_cal_store = Arc::new(CombinedCalendarStore::new(
         cal_store.clone(),
@@ -90,6 +91,13 @@ pub fn make_app<AS: AddressbookStore, CS: CalendarStore, S: SubscriptionStore>(
             nextcloud_login_router(auth_provider.clone()),
         );
     }
+
+    if dav_push_enabled {
+        router = router.merge(rustical_dav_push::subscription_service(
+            subscription_store.clone(),
+        ));
+    }
+
     router
         .layer(
             SessionManagerLayer::new(session_store)
@@ -126,13 +134,19 @@ pub fn make_app<AS: AddressbookStore, CS: CalendarStore, S: SubscriptionStore>(
                     if response.status().is_server_error() {
                         tracing::error!("server error");
                     } else if response.status().is_client_error() {
-                        if response.status() == StatusCode::UNAUTHORIZED {
+                        match response.status() {
+                            StatusCode::UNAUTHORIZED => {
                                 // The iOS client always tries an unauthenticated request first so
                                 // logging 401's as errors would clog up our logs
                                 tracing::debug!("unauthorized");
-                        } else {
+                            }
+                            StatusCode::NOT_FOUND => {
+                                tracing::warn!("client error");
+                            }
+                            _ => {
                                 tracing::error!("client error");
                             }
+                        }
                     };
                 })
                 .on_failure(

src/commands/principals.rs

@@ -6,7 +6,7 @@ use figment::{
     providers::{Env, Format, Toml},
 };
 use password_hash::{PasswordHasher, SaltString, rand_core::OsRng};
-use rustical_store::auth::{AuthenticationProvider, User, user::PrincipalType};
+use rustical_store::auth::{AuthenticationProvider, Principal, PrincipalType};
 
 #[derive(Parser, Debug)]
 pub struct PrincipalsArgs {
@@ -99,7 +99,7 @@ pub async fn cmd_principals(args: PrincipalsArgs) -> anyhow::Result<()> {
             };
             principal_store
                 .insert_principal(
-                    User {
+                    Principal {
                         id,
                         displayname: name,
                         principal_type: principal_type.unwrap_or_default(),

src/config.rs

@@ -37,9 +37,14 @@ pub struct TracingConfig {
     pub opentelemetry: bool,
 }
 
+fn default_true() -> bool {
+    true
+}
+
 #[derive(Debug, Deserialize, Serialize)]
 #[serde(deny_unknown_fields, default)]
 pub struct DavPushConfig {
+    #[serde(default = "default_true")]
     pub enabled: bool,
     #[serde(default)]
     // Allowed Push servers, accepts any by default

src/main.rs

@@ -117,6 +117,7 @@ async fn main() -> Result<()> {
                 config.frontend.clone(),
                 config.oidc.clone(),
                 config.nextcloud_login.clone(),
+                config.dav_push.enabled,
             );
             let app = ServiceExt::<Request>::into_make_service(
                 NormalizePathLayer::trim_trailing_slash().layer(app),