version 0.8.0

hopefully fixes #77

.sqlx/query-27ac68a4eea40c1cac663cad034028cf6c373354b29e3a5290c18f58101913cd.json

@@ -1,6 +1,6 @@
 {
   "db_name": "SQLite",
-  "query": "SELECT *\n                FROM calendars\n                WHERE principal = ? AND deleted_at IS NOT NULL",
+  "query": "SELECT principal, id, displayname, \"order\", description, color, timezone_id, deleted_at, synctoken, subscription_url, push_topic, comp_event, comp_todo, comp_journal\n                FROM calendars\n                WHERE principal = ? AND deleted_at IS NOT NULL",
   "describe": {
     "columns": [
       {
@@ -14,68 +14,63 @@
         "type_info": "Text"
       },
       {
-        "name": "synctoken",
+        "name": "displayname",
         "ordinal": 2,
-        "type_info": "Integer"
+        "type_info": "Text"
       },
       {
-        "name": "displayname",
+        "name": "order",
         "ordinal": 3,
-        "type_info": "Text"
+        "type_info": "Integer"
       },
       {
         "name": "description",
         "ordinal": 4,
         "type_info": "Text"
       },
-      {
-        "name": "order",
-        "ordinal": 5,
-        "type_info": "Integer"
-      },
       {
         "name": "color",
-        "ordinal": 6,
-        "type_info": "Text"
-      },
-      {
-        "name": "timezone",
-        "ordinal": 7,
+        "ordinal": 5,
         "type_info": "Text"
       },
       {
         "name": "timezone_id",
-        "ordinal": 8,
+        "ordinal": 6,
         "type_info": "Text"
       },
       {
         "name": "deleted_at",
-        "ordinal": 9,
+        "ordinal": 7,
         "type_info": "Datetime"
       },
+      {
+        "name": "synctoken",
+        "ordinal": 8,
+        "type_info": "Integer"
+      },
       {
         "name": "subscription_url",
-        "ordinal": 10,
+        "ordinal": 9,
         "type_info": "Text"
       },
       {
         "name": "push_topic",
-        "ordinal": 11,
+        "ordinal": 10,
         "type_info": "Text"
       },
       {
         "name": "comp_event",
-        "ordinal": 12,
+        "ordinal": 11,
         "type_info": "Bool"
       },
       {
         "name": "comp_todo",
-        "ordinal": 13,
+        "ordinal": 12,
         "type_info": "Bool"
       },
       {
         "name": "comp_journal",
-        "ordinal": 14,
+        "ordinal": 13,
         "type_info": "Bool"
       }
     ],
@@ -85,14 +80,13 @@
     "nullable": [
       false,
       false,
-      false,
-      true,
       true,
       false,
       true,
       true,
       true,
       true,
+      false,
       true,
       false,
       false,
@@ -100,5 +94,5 @@
       false
     ]
   },
-  "hash": "cce62f7829bd688cd8c7928b587bc31f0e50865c214b1df113350bea2c254237"
+  "hash": "27ac68a4eea40c1cac663cad034028cf6c373354b29e3a5290c18f58101913cd"
 }

.sqlx/query-46ae176a06e314492f661c28436d6370883052c854da43475d7ced60cf8326e3.json

@@ -0,0 +1,12 @@
+{
+  "db_name": "SQLite",
+  "query": "UPDATE calendars SET principal = ?, id = ?, displayname = ?, description = ?, \"order\" = ?, color = ?, timezone_id = ?, push_topic = ?, comp_event = ?, comp_todo = ?, comp_journal = ?\n                WHERE (principal, id) = (?, ?)",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Right": 13
+    },
+    "nullable": []
+  },
+  "hash": "46ae176a06e314492f661c28436d6370883052c854da43475d7ced60cf8326e3"
+}

.sqlx/query-5132ee8198f155242aa332a10019c48ec334884bcf7841c8aa03fd5eb11351d9.json

@@ -1,12 +0,0 @@
-{
-  "db_name": "SQLite",
-  "query": "INSERT INTO calendars (principal, id, displayname, description, \"order\", color, subscription_url, timezone, timezone_id, push_topic, comp_event, comp_todo, comp_journal)\n                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Right": 13
-    },
-    "nullable": []
-  },
-  "hash": "5132ee8198f155242aa332a10019c48ec334884bcf7841c8aa03fd5eb11351d9"
-}

.sqlx/query-60b940ff493e7c0fcb2ffe8ae97172c6444525ffeec21b194bd7443d11d06113.json

@@ -0,0 +1,12 @@
+{
+  "db_name": "SQLite",
+  "query": "INSERT INTO calendars (principal, id, displayname, description, \"order\", color, subscription_url, timezone_id, push_topic, comp_event, comp_todo, comp_journal)\n                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Right": 12
+    },
+    "nullable": []
+  },
+  "hash": "60b940ff493e7c0fcb2ffe8ae97172c6444525ffeec21b194bd7443d11d06113"
+}

.sqlx/query-bb2fa030f2e7c7afdb38c5c54cb31de5293be332d86cf643977d479999542553.json

@@ -39,43 +39,38 @@
         "type_info": "Text"
       },
       {
-        "name": "timezone",
+        "name": "timezone_id",
         "ordinal": 7,
         "type_info": "Text"
       },
-      {
-        "name": "timezone_id",
-        "ordinal": 8,
-        "type_info": "Text"
-      },
       {
         "name": "deleted_at",
-        "ordinal": 9,
+        "ordinal": 8,
         "type_info": "Datetime"
       },
       {
         "name": "subscription_url",
-        "ordinal": 10,
+        "ordinal": 9,
         "type_info": "Text"
       },
       {
         "name": "push_topic",
-        "ordinal": 11,
+        "ordinal": 10,
         "type_info": "Text"
       },
       {
         "name": "comp_event",
-        "ordinal": 12,
+        "ordinal": 11,
         "type_info": "Bool"
       },
       {
         "name": "comp_todo",
-        "ordinal": 13,
+        "ordinal": 12,
         "type_info": "Bool"
       },
       {
         "name": "comp_journal",
-        "ordinal": 14,
+        "ordinal": 13,
         "type_info": "Bool"
       }
     ],
@@ -93,7 +88,6 @@
       true,
       true,
       true,
-      true,
       false,
       false,
       false,

.sqlx/query-cedfb82b38fdd0c7681b9873b1008abee4a2f4ca16abad1b837f256d0bf416b1.json

@@ -39,43 +39,38 @@
         "type_info": "Text"
       },
       {
-        "name": "timezone",
+        "name": "timezone_id",
         "ordinal": 7,
         "type_info": "Text"
       },
-      {
-        "name": "timezone_id",
-        "ordinal": 8,
-        "type_info": "Text"
-      },
       {
         "name": "deleted_at",
-        "ordinal": 9,
+        "ordinal": 8,
         "type_info": "Datetime"
       },
       {
         "name": "subscription_url",
-        "ordinal": 10,
+        "ordinal": 9,
         "type_info": "Text"
       },
       {
         "name": "push_topic",
-        "ordinal": 11,
+        "ordinal": 10,
         "type_info": "Text"
       },
       {
         "name": "comp_event",
-        "ordinal": 12,
+        "ordinal": 11,
         "type_info": "Bool"
       },
       {
         "name": "comp_todo",
-        "ordinal": 13,
+        "ordinal": 12,
         "type_info": "Bool"
       },
       {
         "name": "comp_journal",
-        "ordinal": 14,
+        "ordinal": 13,
         "type_info": "Bool"
       }
     ],
@@ -93,7 +88,6 @@
       true,
       true,
       true,
-      true,
       false,
       false,
       false,

.sqlx/query-d65c9c40606e59dd816a51b9b9ac60fd2ff81aaa358fcc038134e9a68ba45ad7.json

@@ -1,12 +0,0 @@
-{
-  "db_name": "SQLite",
-  "query": "UPDATE calendars SET principal = ?, id = ?, displayname = ?, description = ?, \"order\" = ?, color = ?, timezone = ?, timezone_id = ?, push_topic = ?, comp_event = ?, comp_todo = ?, comp_journal = ?\n                WHERE (principal, id) = (?, ?)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Right": 14
-    },
-    "nullable": []
-  },
-  "hash": "d65c9c40606e59dd816a51b9b9ac60fd2ff81aaa358fcc038134e9a68ba45ad7"
-}

Cargo.toml

@@ -2,7 +2,7 @@
 members = ["crates/*"]
 
 [workspace.package]
-version = "0.4.10"
+version = "0.8.0"
 edition = "2024"
 description = "A CalDAV server"
 repository = "https://github.com/lennart-k/rustical"
@@ -95,8 +95,12 @@ strum = "0.27"
 strum_macros = "0.27"
 serde_json = { version = "1.0", features = ["raw_value"] }
 sqlx-sqlite = { version = "0.8", features = ["bundled"] }
-ical = { version = "0.11", features = ["generator", "serde"] }
-toml = "0.8"
+ical = { git = "https://github.com/lennart-k/ical-rs", features = [
+  "generator",
+  "serde",
+  "chrono-tz",
+] }
+toml = "0.9"
 tower = "0.5"
 tower-http = { version = "0.6", features = [
   "trace",
@@ -126,7 +130,7 @@ syn = { version = "2.0", features = ["full"] }
 quote = "1.0"
 proc-macro2 = "1.0"
 heck = "0.5"
-darling = "0.20"
+darling = "0.21"
 reqwest = { version = "0.12", features = [
   "rustls-tls",
   "charset",
@@ -135,6 +139,7 @@ reqwest = { version = "0.12", features = [
 openidconnect = "4.0"
 clap = { version = "4.5", features = ["derive", "env"] }
 matchit-serde = { git = "https://github.com/lennart-k/matchit-serde", rev = "f0591d13" }
+vtimezones-rs = "0.2"
 ece = { version = "2.3", default-features = false, features = [
   "backend-openssl",
 ] }

README.md

@@ -12,13 +12,14 @@ a CalDAV/CardDAV server
 
 - easy to backup, everything saved in one SQLite database
   - also export feature in the frontend
-- [WebDAV Push](https://github.com/bitfireAT/webdav-push/) support, so near-instant synchronisation to DAVx5
+- **[WebDAV Push](https://github.com/bitfireAT/webdav-push/)** support, so near-instant synchronisation to DAVx5
 - lightweight (the container image contains only one binary)
 - adequately fast (I'd love to say blazingly fast™ :fire: but I don't have any benchmarks)
 - deleted calendars are recoverable
 - Nextcloud login flow (In DAVx5 you can login through the Nextcloud flow and automatically generate an app token)
 - Apple configuration profiles (skip copy-pasting passwords and instead generate the configuration in the frontend)
-- OpenID Connect support (with option to disable password login)
+- **OpenID Connect** support (with option to disable password login)
+- Group-based **sharing**
 
 ## Getting Started
 

compose.oidc.yml

@@ -0,0 +1,22 @@
+services:
+  rustical:
+    image: ghcr.io/lennart-k/rustical:latest
+    restart: unless-stopped
+    environment:
+      RUSTICAL_FRONTEND__ALLOW_PASSWORD_LOGIN: "false"
+      RUSTICAL_OIDC__NAME: "Authelia"
+      RUSTICAL_OIDC__ISSUER: "https://auth.example.com"
+      RUSTICAL_OIDC__CLIENT_ID: "{{ rustical_oidc_client_id }}"
+      RUSTICAL_OIDC__CLIENT_SECRET: "{{ rustical_oidc_client_secret }}"
+      RUSTICAL_OIDC__CLAIM_USERID: "preferred_username"
+      RUSTICAL_OIDC__SCOPES: '["openid", "profile", "groups"]'
+      RUSTICAL_OIDC__REQUIRE_GROUP: "app:rustical" # optional
+      RUSTICAL_OIDC__ALLOW_SIGN_UP: "true"
+    volumes:
+      - data:/var/lib/rustical
+    # Here you probably want to you expose instead
+    ports:
+      - 4000:4000
+
+volumes:
+  data:

crates/caldav/Cargo.toml

@@ -42,3 +42,4 @@ headers.workspace = true
 tower-http.workspace = true
 strum.workspace = true
 strum_macros.workspace = true
+vtimezones-rs.workspace = true

crates/caldav/src/calendar/methods/get.rs

@@ -63,7 +63,6 @@ pub async fn route_get<C: CalendarStore, S: SubscriptionStore>(
             params: None,
         });
     }
-    let mut ical_calendar = ical_calendar_builder.build();
 
     for object in &objects {
         match object.get_data() {
@@ -73,17 +72,21 @@ pub async fn route_get<C: CalendarStore, S: SubscriptionStore>(
                 ..
             }) => {
                 timezones.extend(object_timezones);
-                ical_calendar.events.push(event.clone());
+                ical_calendar_builder = ical_calendar_builder.add_event(event.clone());
             }
-            CalendarObjectComponent::Todo(TodoObject { todo, .. }) => {
-                ical_calendar.todos.push(todo.clone());
+            CalendarObjectComponent::Todo(TodoObject(todo)) => {
+                ical_calendar_builder = ical_calendar_builder.add_todo(todo.clone());
             }
-            CalendarObjectComponent::Journal(JournalObject { journal, .. }) => {
-                ical_calendar.journals.push(journal.clone());
+            CalendarObjectComponent::Journal(JournalObject(journal)) => {
+                ical_calendar_builder = ical_calendar_builder.add_journal(journal.clone());
             }
         }
     }
 
+    let ical_calendar = ical_calendar_builder
+        .build()
+        .map_err(|parser_error| Error::IcalError(parser_error.into()))?;
+
     let mut resp = Response::builder().status(StatusCode::OK);
     let hdrs = resp.headers_mut().unwrap();
     hdrs.typed_insert(ContentType::from_str("text/calendar").unwrap());

crates/caldav/src/calendar/methods/mkcalendar.rs

@@ -4,6 +4,7 @@ use crate::calendar::prop::SupportedCalendarComponentSet;
 use axum::extract::{Path, State};
 use axum::response::{IntoResponse, Response};
 use http::{Method, StatusCode};
+use ical::IcalParser;
 use rustical_dav::xml::HrefElement;
 use rustical_ical::CalendarObjectType;
 use rustical_store::auth::Principal;
@@ -82,13 +83,38 @@ pub async fn route_mkcalendar<C: CalendarStore, S: SubscriptionStore>(
         request.displayname = None
     }
 
+    let timezone_id = if let Some(tzid) = request.calendar_timezone_id {
+        Some(tzid)
+    } else if let Some(tz) = request.calendar_timezone {
+        // TODO: Proper error (calendar-timezone precondition)
+        let calendar = IcalParser::new(tz.as_bytes())
+            .next()
+            .ok_or(rustical_dav::Error::BadRequest(
+                "No timezone data provided".to_owned(),
+            ))?
+            .map_err(|_| rustical_dav::Error::BadRequest("No timezone data provided".to_owned()))?;
+
+        let timezone = calendar
+            .timezones
+            .first()
+            .ok_or(rustical_dav::Error::BadRequest(
+                "No timezone data provided".to_owned(),
+            ))?;
+        let timezone: chrono_tz::Tz = timezone
+            .try_into()
+            .map_err(|_| rustical_dav::Error::BadRequest("No timezone data provided".to_owned()))?;
+
+        Some(timezone.name().to_owned())
+    } else {
+        None
+    };
+
     let calendar = Calendar {
         id: cal_id.to_owned(),
         principal: principal.to_owned(),
         order: request.calendar_order.unwrap_or(0),
         displayname: request.displayname,
-        timezone: request.calendar_timezone,
-        timezone_id: request.calendar_timezone_id,
+        timezone_id,
         color: request.calendar_color,
         description: request.calendar_description,
         deleted_at: None,

crates/caldav/src/calendar/methods/report/calendar_query.rs

@@ -16,6 +16,7 @@ pub(crate) struct TimeRangeElement {
 
 #[derive(XmlDeserialize, Clone, Debug, PartialEq)]
 #[allow(dead_code)]
+// https://www.rfc-editor.org/rfc/rfc4791#section-9.7.3
 struct ParamFilterElement {
     #[xml(ns = "rustical_dav::namespace::NS_CALDAV")]
     is_not_defined: Option<()>,
@@ -32,11 +33,13 @@ struct TextMatchElement {
     #[xml(ty = "attr")]
     collation: String,
     #[xml(ty = "attr")]
-    negate_collation: String,
+    // "yes" or "no", default: "no"
+    negate_condition: Option<String>,
 }
 
 #[derive(XmlDeserialize, Clone, Debug, PartialEq)]
 #[allow(dead_code)]
+// https://www.rfc-editor.org/rfc/rfc4791#section-9.7.2
 pub(crate) struct PropFilterElement {
     #[xml(ns = "rustical_dav::namespace::NS_CALDAV")]
     is_not_defined: Option<()>,
@@ -46,6 +49,9 @@ pub(crate) struct PropFilterElement {
     text_match: Option<TextMatchElement>,
     #[xml(ns = "rustical_dav::namespace::NS_CALDAV", flatten)]
     param_filter: Vec<ParamFilterElement>,
+
+    #[xml(ty = "attr")]
+    name: String,
 }
 
 #[derive(XmlDeserialize, Clone, Debug, PartialEq)]
@@ -61,7 +67,7 @@ pub(crate) struct CompFilterElement {
     #[xml(ns = "rustical_dav::namespace::NS_CALDAV", flatten)]
     pub(crate) comp_filter: Vec<CompFilterElement>,
 
-    #[xml(ns = "rustical_dav::namespace::NS_CALDAV", ty = "attr")]
+    #[xml(ty = "attr")]
     pub(crate) name: String,
 }
 
@@ -203,3 +209,102 @@ pub async fn get_objects_calendar_query<C: CalendarStore>(
     }
     Ok(objects)
 }
+
+#[cfg(test)]
+mod tests {
+    use rustical_dav::xml::PropElement;
+    use rustical_xml::XmlDocument;
+
+    use crate::{
+        calendar::methods::report::{
+            ReportRequest,
+            calendar_query::{
+                CalendarQueryRequest, CompFilterElement, FilterElement, ParamFilterElement,
+                PropFilterElement, TextMatchElement,
+            },
+        },
+        calendar_object::{CalendarObjectPropName, CalendarObjectPropWrapperName},
+    };
+
+    #[test]
+    fn calendar_query_7_8_7() {
+        const INPUT: &str = r#"
+            <?xml version="1.0" encoding="utf-8" ?>
+            <C:calendar-query xmlns:C="urn:ietf:params:xml:ns:caldav">
+                <D:prop xmlns:D="DAV:">
+                    <D:getetag/>
+                    <C:calendar-data/>
+                </D:prop>
+                <C:filter>
+                <C:comp-filter name="VCALENDAR">
+                    <C:comp-filter name="VEVENT">
+                        <C:prop-filter name="ATTENDEE">
+                            <C:text-match collation="i;ascii-casemap">mailto:lisa@example.com</C:text-match>
+                            <C:param-filter name="PARTSTAT">
+                                <C:text-match collation="i;ascii-casemap">NEEDS-ACTION</C:text-match>
+                            </C:param-filter>
+                        </C:prop-filter>
+                    </C:comp-filter>
+                </C:comp-filter>
+                </C:filter>
+            </C:calendar-query>
+        "#;
+
+        let report = ReportRequest::parse_str(INPUT).unwrap();
+        let calendar_query: CalendarQueryRequest =
+            if let ReportRequest::CalendarQuery(query) = report {
+                query
+            } else {
+                panic!()
+            };
+        assert_eq!(
+            calendar_query,
+            CalendarQueryRequest {
+                prop: rustical_dav::xml::PropfindType::Prop(PropElement(
+                    vec![
+                        CalendarObjectPropWrapperName::CalendarObject(
+                            CalendarObjectPropName::Getetag,
+                        ),
+                        CalendarObjectPropWrapperName::CalendarObject(
+                            CalendarObjectPropName::CalendarData(Default::default())
+                        ),
+                    ],
+                    vec![]
+                )),
+                filter: Some(FilterElement {
+                    comp_filter: CompFilterElement {
+                        is_not_defined: None,
+                        time_range: None,
+                        prop_filter: vec![],
+                        comp_filter: vec![CompFilterElement {
+                            prop_filter: vec![PropFilterElement {
+                                name: "ATTENDEE".to_owned(),
+                                text_match: Some(TextMatchElement {
+                                    collation: "i;ascii-casemap".to_owned(),
+                                    negate_condition: None
+                                }),
+                                is_not_defined: None,
+                                param_filter: vec![ParamFilterElement {
+                                    is_not_defined: None,
+                                    name: "PARTSTAT".to_owned(),
+                                    text_match: Some(TextMatchElement {
+                                        collation: "i;ascii-casemap".to_owned(),
+                                        negate_condition: None
+                                    }),
+                                }],
+                                time_range: None
+                            }],
+                            comp_filter: vec![],
+                            is_not_defined: None,
+                            name: "VEVENT".to_owned(),
+                            time_range: None
+                        }],
+                        name: "VCALENDAR".to_owned()
+                    }
+                }),
+                timezone: None,
+                timezone_id: None
+            }
+        )
+    }
+}

crates/caldav/src/calendar/methods/report/mod.rs

@@ -67,7 +67,7 @@ fn objects_response(
                 object,
                 principal: principal.to_owned(),
             }
-            .propfind(&path, prop, puri, user)?,
+            .propfind(&path, prop, None, puri, user)?,
         );
     }
 

crates/caldav/src/calendar/methods/report/sync_collection.rs

@@ -39,7 +39,7 @@ pub async fn handle_sync_collection<C: CalendarStore>(
                 object,
                 principal: principal.to_owned(),
             }
-            .propfind(&path, &sync_collection.prop, puri, user)?,
+            .propfind(&path, &sync_collection.prop, None, puri, user)?,
         );
     }
 

crates/caldav/src/calendar/resource.rs

@@ -3,6 +3,7 @@ use crate::Error;
 use crate::calendar::prop::ReportMethod;
 use chrono::{DateTime, Utc};
 use derive_more::derive::{From, Into};
+use ical::IcalParser;
 use rustical_dav::extensions::{
     CommonPropertiesExtension, CommonPropertiesProp, SyncTokenExtension, SyncTokenExtensionProp,
 };
@@ -15,7 +16,6 @@ use rustical_store::Calendar;
 use rustical_store::auth::Principal;
 use rustical_xml::{EnumVariants, PropName};
 use rustical_xml::{XmlDeserialize, XmlSerialize};
-use std::str::FromStr;
 
 #[derive(XmlDeserialize, XmlSerialize, PartialEq, Clone, EnumVariants, PropName)]
 #[xml(unit_variants_ident = "CalendarPropName")]
@@ -34,7 +34,7 @@ pub enum CalendarProp {
     CalendarTimezoneId(Option<String>),
     #[xml(ns = "rustical_dav::namespace::NS_ICAL")]
     CalendarOrder(Option<i64>),
-    #[xml(ns = "rustical_dav::namespace::NS_CALDAV", skip_deserializing)]
+    #[xml(ns = "rustical_dav::namespace::NS_CALDAV")]
     SupportedCalendarComponentSet(SupportedCalendarComponentSet),
     #[xml(ns = "rustical_dav::namespace::NS_CALDAV", skip_deserializing)]
     SupportedCalendarData(SupportedCalendarData),
@@ -133,7 +133,9 @@ impl Resource for CalendarResource {
                     CalendarProp::CalendarDescription(self.cal.description.clone())
                 }
                 CalendarPropName::CalendarTimezone => {
-                    CalendarProp::CalendarTimezone(self.cal.timezone.clone())
+                    CalendarProp::CalendarTimezone(self.cal.timezone_id.as_ref().and_then(|tzid| {
+                        vtimezones_rs::VTIMEZONES.get(tzid).map(|tz| tz.to_string())
+                    }))
                 }
                 // chrono_tz uses the IANA database
                 CalendarPropName::TimezoneServiceSet => CalendarProp::TimezoneServiceSet(
@@ -192,21 +194,42 @@ impl Resource for CalendarResource {
                     Ok(())
                 }
                 CalendarProp::CalendarTimezone(timezone) => {
-                    // TODO: Ensure that timezone-id is also updated
-                    self.cal.timezone = timezone;
+                    if let Some(tz) = timezone {
+                        // TODO: Proper error (calendar-timezone precondition)
+                        let calendar = IcalParser::new(tz.as_bytes())
+                            .next()
+                            .ok_or(rustical_dav::Error::BadRequest(
+                                "No timezone data provided".to_owned(),
+                            ))?
+                            .map_err(|_| {
+                                rustical_dav::Error::BadRequest(
+                                    "No timezone data provided".to_owned(),
+                                )
+                            })?;
+
+                        let timezone =
+                            calendar
+                                .timezones
+                                .first()
+                                .ok_or(rustical_dav::Error::BadRequest(
+                                    "No timezone data provided".to_owned(),
+                                ))?;
+                        let timezone: chrono_tz::Tz = timezone.try_into().map_err(|_| {
+                            rustical_dav::Error::BadRequest("No timezone data provided".to_owned())
+                        })?;
+
+                        self.cal.timezone_id = Some(timezone.name().to_owned());
+                    }
                     Ok(())
                 }
                 CalendarProp::TimezoneServiceSet(_) => Err(rustical_dav::Error::PropReadOnly),
                 CalendarProp::CalendarTimezoneId(timezone_id) => {
                     if let Some(tzid) = &timezone_id {
-                        // Validate timezone id
-                        chrono_tz::Tz::from_str(tzid).map_err(|_| {
-                            rustical_dav::Error::BadRequest(format!(
-                                "Invalid timezone-id: {}",
-                                tzid
-                            ))
-                        })?;
-                        // TODO: Ensure that timezone is also updated (For now hope that clients play nice)
+                        if !vtimezones_rs::VTIMEZONES.contains_key(tzid) {
+                            return Err(rustical_dav::Error::BadRequest(format!(
+                                "Invalid timezone-id: {tzid}"
+                            )));
+                        }
                     }
                     self.cal.timezone_id = timezone_id;
                     Ok(())
@@ -247,15 +270,11 @@ impl Resource for CalendarResource {
                     self.cal.description = None;
                     Ok(())
                 }
-                CalendarPropName::CalendarTimezone => {
-                    self.cal.timezone = None;
-                    Ok(())
-                }
-                CalendarPropName::TimezoneServiceSet => Err(rustical_dav::Error::PropReadOnly),
-                CalendarPropName::CalendarTimezoneId => {
+                CalendarPropName::CalendarTimezone | CalendarPropName::CalendarTimezoneId => {
                     self.cal.timezone_id = None;
                     Ok(())
                 }
+                CalendarPropName::TimezoneServiceSet => Err(rustical_dav::Error::PropReadOnly),
                 CalendarPropName::CalendarOrder => {
                     self.cal.order = 0;
                     Ok(())
@@ -308,3 +327,15 @@ impl Resource for CalendarResource {
         ))
     }
 }
+
+#[cfg(test)]
+mod tests {
+    #[test]
+    fn test_tzdb_version() {
+        // Ensure that both chrono_tz and vzic_rs use the same tzdb version
+        assert_eq!(
+            chrono_tz::IANA_TZDB_VERSION,
+            vtimezones_rs::IANA_TZDB_VERSION
+        );
+    }
+}

crates/caldav/src/calendar/service.rs

@@ -51,7 +51,7 @@ impl<C: CalendarStore, S: SubscriptionStore> ResourceService for CalendarResourc
     type Principal = Principal;
     type PrincipalUri = CalDavPrincipalUri;
 
-    const DAV_HEADER: &str = "1, 3, access-control, calendar-access, calendar-proxy, webdav-push";
+    const DAV_HEADER: &str = "1, 3, access-control, calendar-access, webdav-push";
 
     async fn get_resource(
         &self,

crates/caldav/src/calendar_object/methods.rs

@@ -78,12 +78,13 @@ pub async fn put_event<C: CalendarStore>(
         true
     };
 
-    let object = match CalendarObject::from_ics(object_id, body) {
+    let object = match CalendarObject::from_ics(body) {
         Ok(obj) => obj,
         Err(_) => {
             return Err(Error::PreconditionFailed(Precondition::ValidCalendarData));
         }
     };
+    assert_eq!(object.get_id(), object_id);
     cal_store
         .put_object(principal, calendar_id, object, overwrite)
         .await?;

crates/caldav/src/calendar_object/resource.rs

@@ -69,7 +69,6 @@ impl Resource for CalendarObjectResource {
     }
 
     fn get_displayname(&self) -> Option<&str> {
-        // TODO: Extract summary from object
         None
     }
 

crates/caldav/src/lib.rs

@@ -1,5 +1,3 @@
-use axum::response::Redirect;
-use axum::routing::any;
 use axum::{Extension, Router};
 use derive_more::Constructor;
 use principal::PrincipalResourceService;
@@ -14,7 +12,6 @@ pub mod calendar;
 pub mod calendar_object;
 pub mod error;
 pub mod principal;
-
 pub use error::Error;
 
 #[derive(Debug, Clone, Constructor)]
@@ -34,23 +31,18 @@ pub fn caldav_router<AP: AuthenticationProvider, C: CalendarStore, S: Subscripti
     auth_provider: Arc<AP>,
     store: Arc<C>,
     subscription_store: Arc<S>,
+    simplified_home_set: bool,
 ) -> Router {
-    let principal_service = PrincipalResourceService {
-        auth_provider: auth_provider.clone(),
-        sub_store: subscription_store.clone(),
-        cal_store: store.clone(),
-    };
-
-    Router::new()
-        .nest(
-            prefix,
-            RootResourceService::<_, Principal, CalDavPrincipalUri>::new(principal_service.clone())
-                .axum_router()
-                .layer(AuthenticationLayer::new(auth_provider))
-                .layer(Extension(CalDavPrincipalUri(prefix))),
-        )
-        .route(
-            "/.well-known/caldav",
-            any(async || Redirect::permanent(prefix)),
-        )
+    Router::new().nest(
+        prefix,
+        RootResourceService::<_, Principal, CalDavPrincipalUri>::new(PrincipalResourceService {
+            auth_provider: auth_provider.clone(),
+            sub_store: subscription_store.clone(),
+            cal_store: store.clone(),
+            simplified_home_set,
+        })
+        .axum_router()
+        .layer(AuthenticationLayer::new(auth_provider))
+        .layer(Extension(CalDavPrincipalUri(prefix))),
+    )
 }

crates/caldav/src/principal/mod.rs

@@ -18,6 +18,8 @@ pub mod tests;
 pub struct PrincipalResource {
     principal: Principal,
     members: Vec<String>,
+    // If true only return the principal as the calendar home set, otherwise also groups
+    simplified_home_set: bool,
 }
 
 impl ResourceName for PrincipalResource {
@@ -39,11 +41,6 @@ impl Resource for PrincipalResource {
         Resourcetype(&[
             ResourcetypeInner(Some(rustical_dav::namespace::NS_DAV), "collection"),
             ResourcetypeInner(Some(rustical_dav::namespace::NS_DAV), "principal"),
-            // https://github.com/apple/ccs-calendarserver/blob/13c706b985fb728b9aab42dc0fef85aae21921c3/doc/Extensions/caldav-proxy.txt
-            // ResourcetypeInner(
-            //     Some(rustical_dav::namespace::NS_CALENDARSERVER),
-            //     "calendar-proxy-write",
-            // ),
         ])
     }
 
@@ -64,9 +61,17 @@ impl Resource for PrincipalResource {
                     PrincipalPropName::PrincipalUrl => {
                         PrincipalProp::PrincipalUrl(principal_url.into())
                     }
-                    PrincipalPropName::CalendarHomeSet => {
-                        PrincipalProp::CalendarHomeSet(principal_url.into())
-                    }
+                    PrincipalPropName::CalendarHomeSet => PrincipalProp::CalendarHomeSet(
+                        CalendarHomeSet(if self.simplified_home_set {
+                            vec![principal_url.into()]
+                        } else {
+                            self.principal
+                                .memberships()
+                                .iter()
+                                .map(|principal| puri.principal_uri(principal).into())
+                                .collect()
+                        }),
+                    ),
                     PrincipalPropName::CalendarUserAddressSet => {
                         PrincipalProp::CalendarUserAddressSet(principal_url.into())
                     }
@@ -116,7 +121,7 @@ impl Resource for PrincipalResource {
     }
 
     fn get_user_privileges(&self, user: &Principal) -> Result<UserPrivilegeSet, Self::Error> {
-        Ok(UserPrivilegeSet::owner_read(
+        Ok(UserPrivilegeSet::owner_only(
             user.is_principal(&self.principal.id),
         ))
     }

crates/caldav/src/principal/prop.rs

@@ -31,9 +31,12 @@ pub enum PrincipalProp {
 
     // CalDAV (RFC 4791)
     #[xml(ns = "rustical_dav::namespace::NS_CALDAV")]
-    CalendarHomeSet(HrefElement),
+    CalendarHomeSet(CalendarHomeSet),
 }
 
+#[derive(XmlDeserialize, XmlSerialize, PartialEq, Clone)]
+pub struct CalendarHomeSet(#[xml(ty = "untagged", flatten)] pub Vec<HrefElement>);
+
 #[derive(XmlDeserialize, XmlSerialize, PartialEq, Clone, EnumVariants, PropName)]
 #[xml(unit_variants_ident = "PrincipalPropWrapperName", untagged)]
 pub enum PrincipalPropWrapper {

crates/caldav/src/principal/service.rs

@@ -18,6 +18,8 @@ pub struct PrincipalResourceService<
     pub(crate) auth_provider: Arc<AP>,
     pub(crate) sub_store: Arc<S>,
     pub(crate) cal_store: Arc<CS>,
+    // If true only return the principal as the calendar home set, otherwise also groups
+    pub(crate) simplified_home_set: bool,
 }
 
 impl<AP: AuthenticationProvider, S: SubscriptionStore, CS: CalendarStore> Clone
@@ -28,6 +30,7 @@ impl<AP: AuthenticationProvider, S: SubscriptionStore, CS: CalendarStore> Clone
             auth_provider: self.auth_provider.clone(),
             sub_store: self.sub_store.clone(),
             cal_store: self.cal_store.clone(),
+            simplified_home_set: self.simplified_home_set,
         }
     }
 }
@@ -43,7 +46,7 @@ impl<AP: AuthenticationProvider, S: SubscriptionStore, CS: CalendarStore> Resour
     type Principal = Principal;
     type PrincipalUri = CalDavPrincipalUri;
 
-    const DAV_HEADER: &str = "1, 3, access-control, calendar-access, calendar-proxy";
+    const DAV_HEADER: &str = "1, 3, access-control, calendar-access";
 
     async fn get_resource(
         &self,
@@ -58,6 +61,7 @@ impl<AP: AuthenticationProvider, S: SubscriptionStore, CS: CalendarStore> Resour
         Ok(PrincipalResource {
             members: self.auth_provider.list_members(&user.id).await?,
             principal: user,
+            simplified_home_set: self.simplified_home_set,
         })
     }
 

crates/caldav/src/principal/tests.rs

@@ -27,6 +27,7 @@ async fn test_principal_resource(
         cal_store: Arc::new(cal_store.await),
         sub_store: Arc::new(sub_store.await),
         auth_provider: Arc::new(auth_provider.await),
+        simplified_home_set: false,
     };
 
     assert!(matches!(

crates/carddav/src/addressbook/methods/get.rs

@@ -47,7 +47,7 @@ pub async fn route_get<AS: AddressbookStore, S: SubscriptionStore>(
     let mut resp = Response::builder().status(StatusCode::OK);
     let hdrs = resp.headers_mut().unwrap();
     hdrs.typed_insert(ContentType::from_str("text/vcard").unwrap());
-    let filename = format!("{}_{}.vcf", principal, addressbook_id);
+    let filename = format!("{principal}_{addressbook_id}.vcf");
     let filename = utf8_percent_encode(&filename, CONTROLS);
     hdrs.insert(
         header::CONTENT_DISPOSITION,

crates/carddav/src/addressbook/methods/mkcol.rs

@@ -88,15 +88,8 @@ pub async fn route_mkcol<AS: AddressbookStore, S: SubscriptionStore>(
         }
     }
 
-    match addr_store.insert_addressbook(addressbook).await {
-        // TODO: The spec says we should return a mkcol-response.
-        // However, it works without one but breaks on iPadOS when using an empty one :)
-        Ok(()) => Ok(StatusCode::CREATED.into_response()),
-        Err(err) => {
-            dbg!(err.to_string());
-            Err(err.into())
-        }
-    }
+    addr_store.insert_addressbook(addressbook).await?;
+    Ok(StatusCode::CREATED.into_response())
 }
 
 #[cfg(test)]

crates/carddav/src/addressbook/methods/report/addressbook_multiget.rs

@@ -81,7 +81,7 @@ pub async fn handle_addressbook_multiget<AS: AddressbookStore>(
                 object,
                 principal: principal.to_owned(),
             }
-            .propfind(&path, prop, puri, user)?,
+            .propfind(&path, prop, None, puri, user)?,
         );
     }
 

crates/carddav/src/addressbook/methods/report/sync_collection.rs

@@ -39,7 +39,7 @@ pub async fn handle_sync_collection<AS: AddressbookStore>(
                 object,
                 principal: principal.to_owned(),
             }
-            .propfind(&path, &sync_collection.prop, puri, user)?,
+            .propfind(&path, &sync_collection.prop, None, puri, user)?,
         );
     }
 

crates/carddav/src/principal/mod.rs

@@ -53,7 +53,13 @@ impl Resource for PrincipalResource {
                 PrincipalPropWrapper::Principal(match prop {
                     PrincipalPropName::PrincipalUrl => PrincipalProp::PrincipalUrl(principal_href),
                     PrincipalPropName::AddressbookHomeSet => {
-                        PrincipalProp::AddressbookHomeSet(principal_href)
+                        PrincipalProp::AddressbookHomeSet(AddressbookHomeSet(
+                            self.principal
+                                .memberships()
+                                .iter()
+                                .map(|principal| puri.principal_uri(principal).into())
+                                .collect(),
+                        ))
                     }
                     PrincipalPropName::PrincipalAddress => PrincipalProp::PrincipalAddress(None),
                     PrincipalPropName::GroupMembership => {

crates/carddav/src/principal/prop.rs

@@ -22,11 +22,14 @@ pub enum PrincipalProp {
 
     // CardDAV (RFC 6352)
     #[xml(ns = "rustical_dav::namespace::NS_CARDDAV")]
-    AddressbookHomeSet(HrefElement),
+    AddressbookHomeSet(AddressbookHomeSet),
     #[xml(ns = "rustical_dav::namespace::NS_CARDDAV")]
     PrincipalAddress(Option<HrefElement>),
 }
 
+#[derive(XmlDeserialize, XmlSerialize, PartialEq, Clone)]
+pub struct AddressbookHomeSet(#[xml(ty = "untagged", flatten)] pub Vec<HrefElement>);
+
 #[derive(XmlDeserialize, XmlSerialize, PartialEq, Clone, EnumVariants, PropName)]
 #[xml(unit_variants_ident = "PrincipalPropWrapperName", untagged)]
 pub enum PrincipalPropWrapper {

crates/dav/src/resource/methods/propfind.rs

@@ -64,6 +64,7 @@ pub(crate) async fn route_propfind<R: ResourceService>(
         } else {
             PropfindElement {
                 prop: PropfindType::Allprop,
+                include: None,
             }
         };
     let propfind_member: PropfindElement<<<R::MemberType as Resource>::Prop as PropName>::Names> =
@@ -72,6 +73,7 @@ pub(crate) async fn route_propfind<R: ResourceService>(
         } else {
             PropfindElement {
                 prop: PropfindType::Allprop,
+                include: None,
             }
         };
 
@@ -82,13 +84,20 @@ pub(crate) async fn route_propfind<R: ResourceService>(
             member_responses.push(member.propfind(
                 &format!("{}/{}", path.trim_end_matches('/'), member.get_name()),
                 &propfind_member.prop,
+                propfind_member.include.as_ref(),
                 puri,
                 principal,
             )?);
         }
     }
 
-    let response = resource.propfind(path, &propfind_self.prop, puri, principal)?;
+    let response = resource.propfind(
+        path,
+        &propfind_self.prop,
+        propfind_self.include.as_ref(),
+        puri,
+        principal,
+    )?;
 
     Ok(MultistatusElement {
         responses: vec![response],

crates/dav/src/resource/methods/proppatch.rs

@@ -26,21 +26,21 @@ enum SetPropertyPropWrapper<T: XmlDeserialize> {
 // We are <prop>
 #[derive(XmlDeserialize, Clone, Debug)]
 struct SetPropertyPropWrapperWrapper<T: XmlDeserialize>(
-    #[xml(ty = "untagged")] SetPropertyPropWrapper<T>,
+    #[xml(ty = "untagged", flatten)] Vec<SetPropertyPropWrapper<T>>,
 );
 
 // We are <set>
 #[derive(XmlDeserialize, Clone, Debug)]
 struct SetPropertyElement<T: XmlDeserialize> {
     #[xml(ns = "crate::namespace::NS_DAV")]
-    prop: T,
+    prop: SetPropertyPropWrapperWrapper<T>,
 }
 
 #[derive(XmlDeserialize, Clone, Debug)]
 struct TagName(#[xml(ty = "tag_name")] String);
 
 #[derive(XmlDeserialize, Clone, Debug)]
-struct PropertyElement(#[xml(ty = "untagged")] TagName);
+struct PropertyElement(#[xml(ty = "untagged", flatten)] Vec<TagName>);
 
 #[derive(XmlDeserialize, Clone, Debug)]
 struct RemovePropertyElement {
@@ -81,9 +81,8 @@ pub(crate) async fn route_proppatch<R: ResourceService>(
     let href = path.to_owned();
 
     // Extract operations
-    let PropertyupdateElement::<SetPropertyPropWrapperWrapper<<R::Resource as Resource>::Prop>>(
-        operations,
-    ) = XmlDocument::parse_str(body).map_err(Error::XmlError)?;
+    let PropertyupdateElement::<<R::Resource as Resource>::Prop>(operations) =
+        XmlDocument::parse_str(body).map_err(Error::XmlError)?;
 
     let mut resource = resource_service
         .get_resource(path_components, false)
@@ -100,59 +99,63 @@ pub(crate) async fn route_proppatch<R: ResourceService>(
     for operation in operations.into_iter() {
         match operation {
             Operation::Set(SetPropertyElement {
-                prop: SetPropertyPropWrapperWrapper(property),
+                prop: SetPropertyPropWrapperWrapper(properties),
             }) => {
-                match property {
-                    SetPropertyPropWrapper::Valid(prop) => {
-                        let propname: <<R::Resource as Resource>::Prop as PropName>::Names =
-                            prop.clone().into();
-                        let (ns, propname): (Option<Namespace>, &str) = propname.into();
-                        match resource.set_prop(prop) {
-                            Ok(()) => {
-                                props_ok.push((ns.map(NamespaceOwned::from), propname.to_owned()))
-                            }
-                            Err(Error::PropReadOnly) => props_conflict
-                                .push((ns.map(NamespaceOwned::from), propname.to_owned())),
-                            Err(err) => return Err(err.into()),
-                        };
-                    }
-                    SetPropertyPropWrapper::Invalid(invalid) => {
-                        let propname = invalid.tag_name();
+                for property in properties {
+                    match property {
+                        SetPropertyPropWrapper::Valid(prop) => {
+                            let propname: <<R::Resource as Resource>::Prop as PropName>::Names =
+                                prop.clone().into();
+                            let (ns, propname): (Option<Namespace>, &str) = propname.into();
+                            match resource.set_prop(prop) {
+                                Ok(()) => props_ok
+                                    .push((ns.map(NamespaceOwned::from), propname.to_owned())),
+                                Err(Error::PropReadOnly) => props_conflict
+                                    .push((ns.map(NamespaceOwned::from), propname.to_owned())),
+                                Err(err) => return Err(err.into()),
+                            };
+                        }
+                        SetPropertyPropWrapper::Invalid(invalid) => {
+                            let propname = invalid.tag_name();
 
-                        if let Some(full_propname) = <R::Resource as Resource>::list_props()
-                            .into_iter()
-                            .find_map(|(ns, tag)| {
-                                if tag == propname.as_str() {
-                                    Some((ns.map(NamespaceOwned::from), tag.to_owned()))
-                                } else {
-                                    None
-                                }
-                            })
-                        {
-                            // This happens in following cases:
-                            // - read-only properties with #[serde(skip_deserializing)]
-                            // - internal properties
-                            props_conflict.push(full_propname)
-                        } else {
-                            props_not_found.push((None, propname));
+                            if let Some(full_propname) = <R::Resource as Resource>::list_props()
+                                .into_iter()
+                                .find_map(|(ns, tag)| {
+                                    if tag == propname.as_str() {
+                                        Some((ns.map(NamespaceOwned::from), tag.to_owned()))
+                                    } else {
+                                        None
+                                    }
+                                })
+                            {
+                                // This happens in following cases:
+                                // - read-only properties with #[serde(skip_deserializing)]
+                                // - internal properties
+                                props_conflict.push(full_propname)
+                            } else {
+                                props_not_found.push((None, propname));
+                            }
                         }
                     }
                 }
             }
             Operation::Remove(remove_el) => {
-                let propname = remove_el.prop.0.0;
-                match <<R::Resource as Resource>::Prop as PropName>::Names::from_str(&propname) {
-                    Ok(prop) => match resource.remove_prop(&prop) {
-                        Ok(()) => props_ok.push((None, propname)),
-                        Err(Error::PropReadOnly) => props_conflict.push({
-                            let (ns, tag) = prop.into();
-                            (ns.map(NamespaceOwned::from), tag.to_owned())
-                        }),
-                        Err(err) => return Err(err.into()),
-                    },
-                    // I guess removing a nonexisting property should be successful :)
-                    Err(_) => props_ok.push((None, propname)),
-                };
+                for tagname in remove_el.prop.0 {
+                    let propname = tagname.0;
+                    match <<R::Resource as Resource>::Prop as PropName>::Names::from_str(&propname)
+                    {
+                        Ok(prop) => match resource.remove_prop(&prop) {
+                            Ok(()) => props_ok.push((None, propname)),
+                            Err(Error::PropReadOnly) => props_conflict.push({
+                                let (ns, tag) = prop.into();
+                                (ns.map(NamespaceOwned::from), tag.to_owned())
+                            }),
+                            Err(err) => return Err(err.into()),
+                        },
+                        // I guess removing a nonexisting property should be successful :)
+                        Err(_) => props_ok.push((None, propname)),
+                    };
+                }
             }
         }
     }

crates/dav/src/resource/mod.rs

@@ -106,6 +106,7 @@ pub trait Resource: Clone + Send + 'static {
         &self,
         path: &str,
         prop: &PropfindType<<Self::Prop as PropName>::Names>,
+        include: Option<&PropElement<<Self::Prop as PropName>::Names>>,
         principal_uri: &impl PrincipalUri,
         principal: &Self::Principal,
     ) -> Result<ResponseElement<Self::Prop>, Self::Error> {
@@ -115,36 +116,40 @@ pub trait Resource: Clone + Send + 'static {
             path.push('/');
         }
 
-        // TODO: Support include element
-        let (props, invalid_props): (HashSet<<Self::Prop as PropName>::Names>, Vec<_>) = match prop
-        {
-            PropfindType::Propname => {
-                let props = Self::list_props()
-                    .into_iter()
-                    .map(|(ns, tag)| (ns.map(NamespaceOwned::from), tag.to_string()))
-                    .collect_vec();
+        let (mut props, mut invalid_props): (HashSet<<Self::Prop as PropName>::Names>, Vec<_>) =
+            match prop {
+                PropfindType::Propname => {
+                    let props = Self::list_props()
+                        .into_iter()
+                        .map(|(ns, tag)| (ns.map(NamespaceOwned::from), tag.to_string()))
+                        .collect_vec();
 
-                return Ok(ResponseElement {
-                    href: path.to_owned(),
-                    propstat: vec![PropstatWrapper::TagList(PropstatElement {
-                        prop: TagList::from(props),
-                        status: StatusCode::OK,
-                    })],
-                    ..Default::default()
-                });
-            }
-            PropfindType::Allprop => (
-                Self::list_props()
-                    .iter()
-                    .map(|(_ns, name)| <Self::Prop as PropName>::Names::from_str(name).unwrap())
-                    .collect(),
-                vec![],
-            ),
-            PropfindType::Prop(PropElement(valid_tags, invalid_tags)) => (
-                valid_tags.iter().cloned().collect(),
-                invalid_tags.to_owned(),
-            ),
-        };
+                    return Ok(ResponseElement {
+                        href: path.to_owned(),
+                        propstat: vec![PropstatWrapper::TagList(PropstatElement {
+                            prop: TagList::from(props),
+                            status: StatusCode::OK,
+                        })],
+                        ..Default::default()
+                    });
+                }
+                PropfindType::Allprop => (
+                    Self::list_props()
+                        .iter()
+                        .map(|(_ns, name)| <Self::Prop as PropName>::Names::from_str(name).unwrap())
+                        .collect(),
+                    vec![],
+                ),
+                PropfindType::Prop(PropElement(valid_tags, invalid_tags)) => (
+                    valid_tags.iter().cloned().collect(),
+                    invalid_tags.to_owned(),
+                ),
+            };
+
+        if let Some(PropElement(valid_tags, invalid_tags)) = include {
+            props.extend(valid_tags.clone());
+            invalid_props.extend(invalid_tags.to_owned());
+        }
 
         let prop_responses = props
             .into_iter()

crates/dav/src/xml/propfind.rs

@@ -11,10 +11,11 @@ use rustical_xml::XmlRootTag;
 pub struct PropfindElement<PN: XmlDeserialize> {
     #[xml(ty = "untagged")]
     pub prop: PropfindType<PN>,
+    #[xml(ns = "crate::namespace::NS_DAV")]
+    pub include: Option<PropElement<PN>>,
 }
 
 #[derive(Debug, Clone, PartialEq)]
-// pub struct PropElement<PN: XmlDeserialize = Propname>(#[xml(ty = "untagged", flatten)] pub Vec<PN>);
 pub struct PropElement<PN: XmlDeserialize>(
     // valid
     pub Vec<PN>,

crates/dav/src/xml/resourcetype.rs

@@ -33,7 +33,13 @@ mod tests {
         .unwrap();
         assert_eq!(
             out,
-            "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<document><resourcetype><displayname xmlns=\"DAV:\"/><calendar-color xmlns=\"http://calendarserver.org/ns/\"/></resourcetype></document>"
+            r#"<?xml version="1.0" encoding="utf-8"?>
+<document>
+    <resourcetype>
+        <displayname xmlns="DAV:"/>
+        <calendar-color xmlns="http://calendarserver.org/ns/"/>
+    </resourcetype>
+</document>"#
         )
     }
 }

crates/dav_push/Cargo.toml

@@ -24,7 +24,6 @@ rustical_dav.workspace = true
 rustical_store.workspace = true
 http.workspace = true
 base64.workspace = true
-rand.workspace = true
 ece.workspace = true
 axum.workspace = true
 openssl.workspace = true

crates/frontend/js-components/lib/create-addressbook-form.ts

@@ -1,7 +1,7 @@
 import { html, LitElement } from "lit";
 import { customElement, property } from "lit/decorators.js";
 import { Ref, createRef, ref } from 'lit/directives/ref.js';
-import { createClient } from "webdav";
+import { escapeXml } from ".";
 
 @customElement("create-addressbook-form")
 export class CreateAddressbookForm extends LitElement {
@@ -14,18 +14,16 @@ export class CreateAddressbookForm extends LitElement {
     return this
   }
 
-  client = createClient("/carddav")
-
   @property()
-  user: String = ''
+  user: string = ''
   @property()
-  principal: String = ''
+  principal: string = ''
   @property()
-  addr_id: String = ''
+  addr_id: string = self.crypto.randomUUID()
   @property()
-  displayname: String = ''
+  displayname: string = ''
   @property()
-  description: String = ''
+  description: string = ''
 
   dialog: Ref<HTMLDialogElement> = createRef()
   form: Ref<HTMLFormElement> = createRef()
@@ -38,12 +36,17 @@ export class CreateAddressbookForm extends LitElement {
         <form @submit=${this.submit} ${ref(this.form)}>
           <label>
             principal (for group addressbooks)
-            <input type="text" name="principal" value=${this.user} @change=${e => this.principal = e.target.value} />
+            <select name="principal" value=${this.user} @change=${e => this.principal = e.target.value}>
+              <option value=${this.user}>${this.user}</option>
+              ${window.rusticalUser.memberships.map(membership => html`
+                <option value=${membership}>${membership}</option>
+              `)}
+            </select>
           </label>
           <br>
           <label>
             id
-            <input type="text" name="id" @change=${e => this.addr_id = e.target.value} />
+            <input type="text" name="id" value=${this.addr_id} @change=${e => this.addr_id = e.target.value} />
           </label>
           <br>
           <label>
@@ -74,19 +77,29 @@ export class CreateAddressbookForm extends LitElement {
       alert("Empty displayname")
       return
     }
-    // TODO: Escape user input: There's not really a security risk here but would be nicer
-    await this.client.createDirectory(`/principal/${this.principal || this.user}/${this.addr_id}`, {
-      data: `
+    let response = await fetch(`/carddav/principal/${this.principal || this.user}/${this.addr_id}`, {
+      method: 'MKCOL',
+      headers: {
+        'Content-Type': 'application/xml'
+      },
+      body: `
       <mkcol xmlns="DAV:" xmlns:CARD="urn:ietf:params:xml:ns:carddav">
         <set>
           <prop>
-            <displayname>${this.displayname}</displayname>
-            ${this.description ? `<CARD:addressbook-description>${this.description}</CARD:addressbook-description>` : ''}
+            <displayname>${escapeXml(this.displayname)}</displayname>
+            ${this.description ? `<CARD:addressbook-description>${escapeXml(this.description)}</CARD:addressbook-description>` : ''}
           </prop>
         </set>
       </mkcol>
       `
+
     })
+
+    if (response.status >= 400) {
+      alert(`Error ${response.status}: ${await response.text()}`)
+      return null
+    }
+
     window.location.reload()
     return null
   }

crates/frontend/js-components/lib/create-calendar-form.ts

@@ -1,7 +1,7 @@
 import { html, LitElement } from "lit";
 import { customElement, property } from "lit/decorators.js";
 import { Ref, createRef, ref } from 'lit/directives/ref.js';
-import { createClient } from "webdav";
+import { escapeXml } from ".";
 
 @customElement("create-calendar-form")
 export class CreateCalendarForm extends LitElement {
@@ -13,29 +13,30 @@ export class CreateCalendarForm extends LitElement {
     return this
   }
 
-  client = createClient("/caldav")
-
   @property()
-  user: String = ''
+  user: string = ''
   @property()
-  principal: String = ''
+  principal: string = ''
   @property()
-  cal_id: String = ''
+  cal_id: string = self.crypto.randomUUID()
   @property()
-  displayname: String = ''
+  displayname: string = ''
   @property()
-  description: String = ''
+  description: string = ''
   @property()
-  color: String = ''
+  timezone_id: string = ''
   @property()
-  subscriptionUrl: String = ''
+  color: string = ''
+  @property()
+  isSubscription: boolean = false
+  @property()
+  subscriptionUrl: string = ''
   @property()
   components: Set<"VEVENT" | "VTODO" | "VJOURNAL"> = new Set()
 
   dialog: Ref<HTMLDialogElement> = createRef()
   form: Ref<HTMLFormElement> = createRef()
 
-
   override render() {
     return html`
       <button @click=${() => this.dialog.value.showModal()}>Create calendar</button>
@@ -43,13 +44,18 @@ export class CreateCalendarForm extends LitElement {
         <h3>Create calendar</h3>
         <form @submit=${this.submit} ${ref(this.form)}>
           <label>
-            principal (for group calendar)
-            <input type="text" name="principal" value=${this.user} @change=${e => this.principal = e.target.value} />
+            principal (for group calendars)
+            <select name="principal" value=${this.user} @change=${e => this.principal = e.target.value}>
+              <option value=${this.user}>${this.user}</option>
+              ${window.rusticalUser.memberships.map(membership => html`
+                <option value=${membership}>${membership}</option>
+              `)}
+            </select>
           </label>
           <br>
           <label>
             id
-            <input type="text" name="id" @change=${e => this.cal_id = e.target.value} />
+            <input type="text" name="id" value=${this.cal_id} @change=${e => this.cal_id = e.target.value} />
           </label>
           <br>
           <label>
@@ -57,6 +63,11 @@ export class CreateCalendarForm extends LitElement {
             <input type="text" name="displayname" value=${this.displayname} @change=${e => this.displayname = e.target.value} />
           </label>
           <br>
+          <label>
+            Timezone (optional)
+            <input type="text" name="timezone" .value=${this.timezone_id} @change=${e => this.timezone_id = e.target.value} />
+          </label>
+          <br>
           <label>
             Description
             <input type="text" name="description" @change=${e => this.description = e.target.value} />
@@ -67,11 +78,20 @@ export class CreateCalendarForm extends LitElement {
             <input type="color" name="color"  @change=${e => this.color = e.target.value} />
           </label>
           <br>
+          <br>
           <label>
-            Subscription URL
-            <input type="text" name="subscription_url" @change=${e => this.subscriptionUrl = e.target.value}  />
+            Calendar is subscription to external calendar
+            <input type="checkbox" name="is_subscription" @change=${e => this.isSubscription = e.target.checked}  />
           </label>
           <br>
+          ${this.isSubscription ? html`
+            <label>
+              Subscription URL
+              <input type="text" name="subscription_url" @change=${e => this.subscriptionUrl = e.target.value}  />
+            </label>
+            <br>
+          `: html``}
+          <br>
           ${["VEVENT", "VTODO", "VJOURNAL"].map(comp => html`
             <label>
               Support ${comp}
@@ -102,23 +122,34 @@ export class CreateCalendarForm extends LitElement {
       alert("No calendar components selected")
       return
     }
-    await this.client.createDirectory(`/principal/${this.principal || this.user}/${this.cal_id}`, {
-      data: `
+
+    let response = await fetch(`/caldav/principal/${this.principal || this.user}/${this.cal_id}`, {
+      method: 'MKCOL',
+      headers: {
+        'Content-Type': 'application/xml'
+      },
+      body: `
       <mkcol xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CS="http://calendarserver.org/ns/" xmlns:ICAL="http://apple.com/ns/ical/">
         <set>
           <prop>
-            <displayname>${this.displayname}</displayname>
-            ${this.description ? `<CAL:calendar-description>${this.description}</CAL:calendar-description>` : ''}
-            ${this.color ? `<ICAL:calendar-color>${this.color}</ICAL:calendar-color>` : ''}
-            ${this.subscriptionUrl ? `<CS:source><href>${this.subscriptionUrl}</href></CS:source>` : ''}
+            <displayname>${escapeXml(this.displayname)}</displayname>
+            ${this.timezone_id ? `<CAL:calendar-timezone-id>${escapeXml(this.timezone_id)}</CAL:calendar-timezone-id>` : ''}
+            ${this.description ? `<CAL:calendar-description>${escapeXml(this.description)}</CAL:calendar-description>` : ''}
+            ${this.color ? `<ICAL:calendar-color>${escapeXml(this.color)}</ICAL:calendar-color>` : ''}
+            ${(this.isSubscription && this.subscriptionUrl) ? `<CS:source><href>${escapeXml(this.subscriptionUrl)}</href></CS:source>` : ''}
             <CAL:supported-calendar-component-set>
-              ${Array.from(this.components.keys()).map(comp => `<CAL:comp name="${comp}" />`).join('\n')}
+              ${Array.from(this.components.keys()).map(comp => `<CAL:comp name="${escapeXml(comp)}" />`).join('\n')}
             </CAL:supported-calendar-component-set>
           </prop>
         </set>
       </mkcol>
       `
     })
+
+    if (response.status >= 400) {
+      alert(`Error ${response.status}: ${await response.text()}`)
+      return null
+    }
     window.location.reload()
     return null
   }

crates/frontend/js-components/lib/delete-button.ts

@@ -1,6 +1,5 @@
 import { html, LitElement } from "lit";
 import { customElement, property } from "lit/decorators.js";
-import { createClient } from "webdav";
 
 @customElement("delete-button")
 export class DeleteButton extends LitElement {

crates/frontend/js-components/lib/edit-addressbook-form.ts

@@ -0,0 +1,103 @@
+import { html, LitElement } from "lit";
+import { customElement, property } from "lit/decorators.js";
+import { Ref, createRef, ref } from 'lit/directives/ref.js';
+import { escapeXml } from ".";
+
+@customElement("edit-addressbook-form")
+export class EditAddressbookForm extends LitElement {
+  constructor() {
+    super()
+
+  }
+
+  protected override createRenderRoot() {
+    return this
+  }
+
+  @property()
+  principal: string = ''
+  @property()
+  addr_id: string = ''
+  @property()
+  displayname: string = ''
+  @property()
+  description: string = ''
+
+  dialog: Ref<HTMLDialogElement> = createRef()
+  form: Ref<HTMLFormElement> = createRef()
+
+  override render() {
+    return html`
+      <button @click=${() => this.dialog.value.showModal()}>Edit addressbook</button>
+      <dialog ${ref(this.dialog)}>
+        <h3>Create addressbook</h3>
+        <form @submit=${this.submit} ${ref(this.form)}>
+          <label>
+            Displayname
+            <input type="text" name="displayname" .value=${this.displayname} @change=${e => this.displayname = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Description
+            <input type="text" name="description" .value=${this.description} @change=${e => this.description = e.target.value} />
+          </label>
+          <br>
+          <button type="submit">Submit</button>
+          <button type="submit" @click=${event => { event.preventDefault(); this.dialog.value.close(); this.form.value.reset() }} class="cancel">Cancel</button>
+        </form>
+      </dialog>
+    `
+  }
+
+  async submit(e: SubmitEvent) {
+    e.preventDefault()
+    if (!this.principal) {
+      alert("Empty principal")
+      return
+    }
+    if (!this.addr_id) {
+      alert("Empty id")
+      return
+    }
+    if (!this.displayname) {
+      alert("Empty displayname")
+      return
+    }
+    let response = await fetch(`/carddav/principal/${this.principal}/${this.addr_id}`, {
+      method: 'PROPPATCH',
+      headers: {
+        'Content-Type': 'application/xml'
+      },
+      body: `
+      <propertyupdate xmlns="DAV:" xmlns:CARD="urn:ietf:params:xml:ns:carddav">
+        <set>
+          <prop>
+            <displayname>${escapeXml(this.displayname)}</displayname>
+            ${this.description ? `<CARD:addressbook-description>${escapeXml(this.description)}</CARD:addressbook-description>` : ''}
+          </prop>
+        </set>
+        <remove>
+          <prop>
+            ${!this.description ? '<CARD:calendar-description />' : ''}
+          </prop>
+        </remove>
+      </propertyupdate>
+      `
+
+    })
+
+    if (response.status >= 400) {
+      alert(`Error ${response.status}: ${await response.text()}`)
+      return null
+    }
+
+    window.location.reload()
+    return null
+  }
+}
+
+declare global {
+  interface HTMLElementTagNameMap {
+    'edit-addressbook-form': EditAddressbookForm
+  }
+}

crates/frontend/js-components/lib/edit-calendar-form.ts

@@ -0,0 +1,143 @@
+import { html, LitElement } from "lit";
+import { customElement, property } from "lit/decorators.js";
+import { Ref, createRef, ref } from 'lit/directives/ref.js';
+import { escapeXml } from ".";
+
+@customElement("edit-calendar-form")
+export class EditCalendarForm extends LitElement {
+  constructor() {
+    super()
+  }
+
+  protected override createRenderRoot() {
+    return this
+  }
+
+  @property()
+  principal: string
+  @property()
+  cal_id: string
+
+  @property()
+  displayname: string = ''
+  @property()
+  description: string = ''
+  @property()
+  timezone_id: string = ''
+  @property()
+  color: string = ''
+  @property({
+    converter: {
+      fromAttribute: (value, _type) => new Set(value ? JSON.parse(value) : []),
+      toAttribute: (value, _type) => JSON.stringify(value)
+    }
+  })
+  components: Set<"VEVENT" | "VTODO" | "VJOURNAL"> = new Set()
+
+  dialog: Ref<HTMLDialogElement> = createRef()
+  form: Ref<HTMLFormElement> = createRef()
+
+
+  override render() {
+    return html`
+      <button @click=${() => this.dialog.value.showModal()}>Edit calendar</button>
+      <dialog ${ref(this.dialog)}>
+        <h3>Create calendar</h3>
+        <form @submit=${this.submit} ${ref(this.form)}>
+          <label>
+            Displayname
+            <input type="text" name="displayname" .value=${this.displayname} @change=${e => this.displayname = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Timezone (optional)
+            <input type="text" name="timezone" .value=${this.timezone_id} @change=${e => this.timezone_id = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Description
+            <input type="text" name="description" .value=${this.description} @change=${e => this.description = e.target.value} />
+          </label>
+          <br>
+          <label>
+            Color
+            <input type="color" name="color" .value=${this.color} @change=${e => this.color = e.target.value} />
+          </label>
+          <br>
+          ${["VEVENT", "VTODO", "VJOURNAL"].map(comp => html`
+            <label>
+              Support ${comp}
+              <input type="checkbox" value=${comp} ?checked=${this.components.has(comp)} @change=${e => e.target.checked ? this.components.add(e.target.value) : this.components.delete(e.target.value)} />
+            </label>
+            <br>
+          `)}
+          <br>
+          <button type="submit">Submit</button>
+          <button type="submit" @click=${event => { event.preventDefault(); this.dialog.value.close(); this.form.value.reset() }} class="cancel">Cancel</button>
+      </form>
+      </dialog>
+        `
+  }
+
+  async submit(e: SubmitEvent) {
+    e.preventDefault()
+    if (!this.principal) {
+      alert("Empty principal")
+      return
+    }
+    if (!this.cal_id) {
+      alert("Empty id")
+      return
+    }
+    if (!this.displayname) {
+      alert("Empty displayname")
+      return
+    }
+    if (!this.components.size) {
+      alert("No calendar components selected")
+      return
+    }
+    let response = await fetch(`/caldav/principal/${this.principal}/${this.cal_id}`, {
+      method: 'PROPPATCH',
+      headers: {
+        'Content-Type': 'application/xml'
+      },
+      body: `
+      <propertyupdate xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CS="http://calendarserver.org/ns/" xmlns:ICAL="http://apple.com/ns/ical/">
+        <set>
+          <prop>
+            <displayname>${escapeXml(this.displayname)}</displayname>
+            ${this.timezone_id ? `<CAL:calendar-timezone-id>${escapeXml(this.timezone_id)}</CAL:calendar-timezone-id>` : ''}
+            ${this.description ? `<CAL:calendar-description>${escapeXml(this.description)}</CAL:calendar-description>` : ''}
+            ${this.color ? `<ICAL:calendar-color>${escapeXml(this.color)}</ICAL:calendar-color>` : ''}
+            <CAL:supported-calendar-component-set>
+              ${Array.from(this.components.keys()).map(comp => `<CAL:comp name="${escapeXml(comp)}" />`).join('\n')}
+            </CAL:supported-calendar-component-set>
+          </prop>
+        </set>
+        <remove>
+          <prop>
+            ${!this.timezone_id ? `<CAL:calendar-timezone-id />` : ''}
+            ${!this.description ? '<CAL:calendar-description />' : ''}
+            ${!this.color ? '<ICAL:calendar-color />' : ''}
+          </prop>
+        </remove>
+      </propertyupdate>
+      `
+    })
+
+    if (response.status >= 400) {
+      alert(`Error ${response.status}: ${await response.text()}`)
+      return null
+    }
+
+    window.location.reload()
+    return null
+  }
+}
+
+declare global {
+  interface HTMLElementTagNameMap {
+    'edit-calendar-form': EditCalendarForm
+  }
+}

crates/frontend/js-components/lib/global.d.ts

@@ -0,0 +1,9 @@
+interface Window {
+  rusticalUser: {
+    id: String,
+    displayname: String | null,
+    memberships: Array<String>,
+    principal_type: "individual" | "group" | "room" | String
+  }
+}
+

crates/frontend/js-components/lib/index.ts

@@ -0,0 +1,7 @@
+export function escapeXml(unsafe: string): string {
+  return unsafe.replace(/&/g, '&')
+    .replace(/</g, '&lt;')
+    .replace(/>/g, '&gt;')
+    .replace(/"/g, '&quot;')
+    .replace(/'/g, '&apos;')
+}

crates/frontend/js-components/vite.config.ts

@@ -15,7 +15,9 @@ export default defineConfig({
     rollupOptions: {
       input: [
         "lib/create-calendar-form.ts",
+        "lib/edit-calendar-form.ts",
         "lib/create-addressbook-form.ts",
+        "lib/edit-addressbook-form.ts",
         "lib/delete-button.ts",
       ],
       output: {
@@ -23,7 +25,7 @@ export default defineConfig({
         format: "es",
         manualChunks: {
           lit: ["lit"],
-          webdav: ["webdav"],
+          // webdav: ["webdav"],
         }
       }
     },

crates/frontend/public/assets/js/create-addressbook-form.mjs

@@ -1,7 +1,6 @@
 import { i, x } from "./lit-z6_uA4GX.mjs";
 import { n as n$1, t } from "./property-D0NJdseG.mjs";
-import { e, n } from "./ref-CPp9J0V5.mjs";
-import { a as an } from "./webdav-D0R7xCzX.mjs";
+import { e, n, a as escapeXml } from "./index-b86iLJlP.mjs";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __decorateClass = (decorators, target, key, kind) => {
@@ -15,10 +14,9 @@ var __decorateClass = (decorators, target, key, kind) => {
 let CreateAddressbookForm = class extends i {
   constructor() {
     super();
-    this.client = an("/carddav");
     this.user = "";
     this.principal = "";
-    this.addr_id = "";
+    this.addr_id = self.crypto.randomUUID();
     this.displayname = "";
     this.description = "";
     this.dialog = e();
@@ -35,12 +33,17 @@ let CreateAddressbookForm = class extends i {
         <form @submit=${this.submit} ${n(this.form)}>
           <label>
             principal (for group addressbooks)
-            <input type="text" name="principal" value=${this.user} @change=${(e2) => this.principal = e2.target.value} />
+            <select name="principal" value=${this.user} @change=${(e2) => this.principal = e2.target.value}>
+              <option value=${this.user}>${this.user}</option>
+              ${window.rusticalUser.memberships.map((membership) => x`
+                <option value=${membership}>${membership}</option>
+              `)}
+            </select>
           </label>
           <br>
           <label>
             id
-            <input type="text" name="id" @change=${(e2) => this.addr_id = e2.target.value} />
+            <input type="text" name="id" value=${this.addr_id} @change=${(e2) => this.addr_id = e2.target.value} />
           </label>
           <br>
           <label>
@@ -74,18 +77,26 @@ let CreateAddressbookForm = class extends i {
       alert("Empty displayname");
       return;
     }
-    await this.client.createDirectory(`/principal/${this.principal || this.user}/${this.addr_id}`, {
-      data: `
+    let response = await fetch(`/carddav/principal/${this.principal || this.user}/${this.addr_id}`, {
+      method: "MKCOL",
+      headers: {
+        "Content-Type": "application/xml"
+      },
+      body: `
       <mkcol xmlns="DAV:" xmlns:CARD="urn:ietf:params:xml:ns:carddav">
         <set>
           <prop>
-            <displayname>${this.displayname}</displayname>
-            ${this.description ? `<CARD:addressbook-description>${this.description}</CARD:addressbook-description>` : ""}
+            <displayname>${escapeXml(this.displayname)}</displayname>
+            ${this.description ? `<CARD:addressbook-description>${escapeXml(this.description)}</CARD:addressbook-description>` : ""}
           </prop>
         </set>
       </mkcol>
       `
     });
+    if (response.status >= 400) {
+      alert(`Error ${response.status}: ${await response.text()}`);
+      return null;
+    }
     window.location.reload();
     return null;
   }

crates/frontend/public/assets/js/create-calendar-form.mjs

@@ -1,7 +1,6 @@
 import { i, x } from "./lit-z6_uA4GX.mjs";
 import { n as n$1, t } from "./property-D0NJdseG.mjs";
-import { e, n } from "./ref-CPp9J0V5.mjs";
-import { a as an } from "./webdav-D0R7xCzX.mjs";
+import { e, n, a as escapeXml } from "./index-b86iLJlP.mjs";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __decorateClass = (decorators, target, key, kind) => {
@@ -15,13 +14,14 @@ var __decorateClass = (decorators, target, key, kind) => {
 let CreateCalendarForm = class extends i {
   constructor() {
     super();
-    this.client = an("/caldav");
     this.user = "";
     this.principal = "";
-    this.cal_id = "";
+    this.cal_id = self.crypto.randomUUID();
     this.displayname = "";
     this.description = "";
+    this.timezone_id = "";
     this.color = "";
+    this.isSubscription = false;
     this.subscriptionUrl = "";
     this.components = /* @__PURE__ */ new Set();
     this.dialog = e();
@@ -37,13 +37,18 @@ let CreateCalendarForm = class extends i {
         <h3>Create calendar</h3>
         <form @submit=${this.submit} ${n(this.form)}>
           <label>
-            principal (for group calendar)
-            <input type="text" name="principal" value=${this.user} @change=${(e2) => this.principal = e2.target.value} />
+            principal (for group calendars)
+            <select name="principal" value=${this.user} @change=${(e2) => this.principal = e2.target.value}>
+              <option value=${this.user}>${this.user}</option>
+              ${window.rusticalUser.memberships.map((membership) => x`
+                <option value=${membership}>${membership}</option>
+              `)}
+            </select>
           </label>
           <br>
           <label>
             id
-            <input type="text" name="id" @change=${(e2) => this.cal_id = e2.target.value} />
+            <input type="text" name="id" value=${this.cal_id} @change=${(e2) => this.cal_id = e2.target.value} />
           </label>
           <br>
           <label>
@@ -51,6 +56,11 @@ let CreateCalendarForm = class extends i {
             <input type="text" name="displayname" value=${this.displayname} @change=${(e2) => this.displayname = e2.target.value} />
           </label>
           <br>
+          <label>
+            Timezone (optional)
+            <input type="text" name="timezone" .value=${this.timezone_id} @change=${(e2) => this.timezone_id = e2.target.value} />
+          </label>
+          <br>
           <label>
             Description
             <input type="text" name="description" @change=${(e2) => this.description = e2.target.value} />
@@ -61,11 +71,20 @@ let CreateCalendarForm = class extends i {
             <input type="color" name="color"  @change=${(e2) => this.color = e2.target.value} />
           </label>
           <br>
+          <br>
           <label>
-            Subscription URL
-            <input type="text" name="subscription_url" @change=${(e2) => this.subscriptionUrl = e2.target.value}  />
+            Calendar is subscription to external calendar
+            <input type="checkbox" name="is_subscription" @change=${(e2) => this.isSubscription = e2.target.checked}  />
           </label>
           <br>
+          ${this.isSubscription ? x`
+            <label>
+              Subscription URL
+              <input type="text" name="subscription_url" @change=${(e2) => this.subscriptionUrl = e2.target.value}  />
+            </label>
+            <br>
+          ` : x``}
+          <br>
           ${["VEVENT", "VTODO", "VJOURNAL"].map((comp) => x`
             <label>
               Support ${comp}
@@ -99,23 +118,32 @@ let CreateCalendarForm = class extends i {
       alert("No calendar components selected");
       return;
     }
-    await this.client.createDirectory(`/principal/${this.principal || this.user}/${this.cal_id}`, {
-      data: `
+    let response = await fetch(`/caldav/principal/${this.principal || this.user}/${this.cal_id}`, {
+      method: "MKCOL",
+      headers: {
+        "Content-Type": "application/xml"
+      },
+      body: `
       <mkcol xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CS="http://calendarserver.org/ns/" xmlns:ICAL="http://apple.com/ns/ical/">
         <set>
           <prop>
-            <displayname>${this.displayname}</displayname>
-            ${this.description ? `<CAL:calendar-description>${this.description}</CAL:calendar-description>` : ""}
-            ${this.color ? `<ICAL:calendar-color>${this.color}</ICAL:calendar-color>` : ""}
-            ${this.subscriptionUrl ? `<CS:source><href>${this.subscriptionUrl}</href></CS:source>` : ""}
+            <displayname>${escapeXml(this.displayname)}</displayname>
+            ${this.timezone_id ? `<CAL:calendar-timezone-id>${escapeXml(this.timezone_id)}</CAL:calendar-timezone-id>` : ""}
+            ${this.description ? `<CAL:calendar-description>${escapeXml(this.description)}</CAL:calendar-description>` : ""}
+            ${this.color ? `<ICAL:calendar-color>${escapeXml(this.color)}</ICAL:calendar-color>` : ""}
+            ${this.isSubscription && this.subscriptionUrl ? `<CS:source><href>${escapeXml(this.subscriptionUrl)}</href></CS:source>` : ""}
             <CAL:supported-calendar-component-set>
-              ${Array.from(this.components.keys()).map((comp) => `<CAL:comp name="${comp}" />`).join("\n")}
+              ${Array.from(this.components.keys()).map((comp) => `<CAL:comp name="${escapeXml(comp)}" />`).join("\n")}
             </CAL:supported-calendar-component-set>
           </prop>
         </set>
       </mkcol>
       `
     });
+    if (response.status >= 400) {
+      alert(`Error ${response.status}: ${await response.text()}`);
+      return null;
+    }
     window.location.reload();
     return null;
   }
@@ -135,9 +163,15 @@ __decorateClass([
 __decorateClass([
   n$1()
 ], CreateCalendarForm.prototype, "description", 2);
+__decorateClass([
+  n$1()
+], CreateCalendarForm.prototype, "timezone_id", 2);
 __decorateClass([
   n$1()
 ], CreateCalendarForm.prototype, "color", 2);
+__decorateClass([
+  n$1()
+], CreateCalendarForm.prototype, "isSubscription", 2);
 __decorateClass([
   n$1()
 ], CreateCalendarForm.prototype, "subscriptionUrl", 2);

crates/frontend/public/assets/js/edit-addressbook-form.mjs

@@ -0,0 +1,113 @@
+import { i, x } from "./lit-z6_uA4GX.mjs";
+import { n as n$1, t } from "./property-D0NJdseG.mjs";
+import { e, n, a as escapeXml } from "./index-b86iLJlP.mjs";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i2 = decorators.length - 1, decorator; i2 >= 0; i2--)
+    if (decorator = decorators[i2])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+let EditAddressbookForm = class extends i {
+  constructor() {
+    super();
+    this.principal = "";
+    this.addr_id = "";
+    this.displayname = "";
+    this.description = "";
+    this.dialog = e();
+    this.form = e();
+  }
+  createRenderRoot() {
+    return this;
+  }
+  render() {
+    return x`
+      <button @click=${() => this.dialog.value.showModal()}>Edit addressbook</button>
+      <dialog ${n(this.dialog)}>
+        <h3>Create addressbook</h3>
+        <form @submit=${this.submit} ${n(this.form)}>
+          <label>
+            Displayname
+            <input type="text" name="displayname" .value=${this.displayname} @change=${(e2) => this.displayname = e2.target.value} />
+          </label>
+          <br>
+          <label>
+            Description
+            <input type="text" name="description" .value=${this.description} @change=${(e2) => this.description = e2.target.value} />
+          </label>
+          <br>
+          <button type="submit">Submit</button>
+          <button type="submit" @click=${(event) => {
+      event.preventDefault();
+      this.dialog.value.close();
+      this.form.value.reset();
+    }} class="cancel">Cancel</button>
+        </form>
+      </dialog>
+    `;
+  }
+  async submit(e2) {
+    e2.preventDefault();
+    if (!this.principal) {
+      alert("Empty principal");
+      return;
+    }
+    if (!this.addr_id) {
+      alert("Empty id");
+      return;
+    }
+    if (!this.displayname) {
+      alert("Empty displayname");
+      return;
+    }
+    let response = await fetch(`/carddav/principal/${this.principal}/${this.addr_id}`, {
+      method: "PROPPATCH",
+      headers: {
+        "Content-Type": "application/xml"
+      },
+      body: `
+      <propertyupdate xmlns="DAV:" xmlns:CARD="urn:ietf:params:xml:ns:carddav">
+        <set>
+          <prop>
+            <displayname>${escapeXml(this.displayname)}</displayname>
+            ${this.description ? `<CARD:addressbook-description>${escapeXml(this.description)}</CARD:addressbook-description>` : ""}
+          </prop>
+        </set>
+        <remove>
+          <prop>
+            ${!this.description ? "<CARD:calendar-description />" : ""}
+          </prop>
+        </remove>
+      </propertyupdate>
+      `
+    });
+    if (response.status >= 400) {
+      alert(`Error ${response.status}: ${await response.text()}`);
+      return null;
+    }
+    window.location.reload();
+    return null;
+  }
+};
+__decorateClass([
+  n$1()
+], EditAddressbookForm.prototype, "principal", 2);
+__decorateClass([
+  n$1()
+], EditAddressbookForm.prototype, "addr_id", 2);
+__decorateClass([
+  n$1()
+], EditAddressbookForm.prototype, "displayname", 2);
+__decorateClass([
+  n$1()
+], EditAddressbookForm.prototype, "description", 2);
+EditAddressbookForm = __decorateClass([
+  t("edit-addressbook-form")
+], EditAddressbookForm);
+export {
+  EditAddressbookForm
+};

crates/frontend/public/assets/js/edit-calendar-form.mjs

@@ -0,0 +1,157 @@
+import { i, x } from "./lit-z6_uA4GX.mjs";
+import { n as n$1, t } from "./property-D0NJdseG.mjs";
+import { e, n, a as escapeXml } from "./index-b86iLJlP.mjs";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i2 = decorators.length - 1, decorator; i2 >= 0; i2--)
+    if (decorator = decorators[i2])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+let EditCalendarForm = class extends i {
+  constructor() {
+    super();
+    this.displayname = "";
+    this.description = "";
+    this.timezone_id = "";
+    this.color = "";
+    this.components = /* @__PURE__ */ new Set();
+    this.dialog = e();
+    this.form = e();
+  }
+  createRenderRoot() {
+    return this;
+  }
+  render() {
+    return x`
+      <button @click=${() => this.dialog.value.showModal()}>Edit calendar</button>
+      <dialog ${n(this.dialog)}>
+        <h3>Create calendar</h3>
+        <form @submit=${this.submit} ${n(this.form)}>
+          <label>
+            Displayname
+            <input type="text" name="displayname" .value=${this.displayname} @change=${(e2) => this.displayname = e2.target.value} />
+          </label>
+          <br>
+          <label>
+            Timezone (optional)
+            <input type="text" name="timezone" .value=${this.timezone_id} @change=${(e2) => this.timezone_id = e2.target.value} />
+          </label>
+          <br>
+          <label>
+            Description
+            <input type="text" name="description" .value=${this.description} @change=${(e2) => this.description = e2.target.value} />
+          </label>
+          <br>
+          <label>
+            Color
+            <input type="color" name="color" .value=${this.color} @change=${(e2) => this.color = e2.target.value} />
+          </label>
+          <br>
+          ${["VEVENT", "VTODO", "VJOURNAL"].map((comp) => x`
+            <label>
+              Support ${comp}
+              <input type="checkbox" value=${comp} ?checked=${this.components.has(comp)} @change=${(e2) => e2.target.checked ? this.components.add(e2.target.value) : this.components.delete(e2.target.value)} />
+            </label>
+            <br>
+          `)}
+          <br>
+          <button type="submit">Submit</button>
+          <button type="submit" @click=${(event) => {
+      event.preventDefault();
+      this.dialog.value.close();
+      this.form.value.reset();
+    }} class="cancel">Cancel</button>
+      </form>
+      </dialog>
+        `;
+  }
+  async submit(e2) {
+    e2.preventDefault();
+    if (!this.principal) {
+      alert("Empty principal");
+      return;
+    }
+    if (!this.cal_id) {
+      alert("Empty id");
+      return;
+    }
+    if (!this.displayname) {
+      alert("Empty displayname");
+      return;
+    }
+    if (!this.components.size) {
+      alert("No calendar components selected");
+      return;
+    }
+    let response = await fetch(`/caldav/principal/${this.principal}/${this.cal_id}`, {
+      method: "PROPPATCH",
+      headers: {
+        "Content-Type": "application/xml"
+      },
+      body: `
+      <propertyupdate xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CS="http://calendarserver.org/ns/" xmlns:ICAL="http://apple.com/ns/ical/">
+        <set>
+          <prop>
+            <displayname>${escapeXml(this.displayname)}</displayname>
+            ${this.timezone_id ? `<CAL:calendar-timezone-id>${escapeXml(this.timezone_id)}</CAL:calendar-timezone-id>` : ""}
+            ${this.description ? `<CAL:calendar-description>${escapeXml(this.description)}</CAL:calendar-description>` : ""}
+            ${this.color ? `<ICAL:calendar-color>${escapeXml(this.color)}</ICAL:calendar-color>` : ""}
+            <CAL:supported-calendar-component-set>
+              ${Array.from(this.components.keys()).map((comp) => `<CAL:comp name="${escapeXml(comp)}" />`).join("\n")}
+            </CAL:supported-calendar-component-set>
+          </prop>
+        </set>
+        <remove>
+          <prop>
+            ${!this.timezone_id ? `<CAL:calendar-timezone-id />` : ""}
+            ${!this.description ? "<CAL:calendar-description />" : ""}
+            ${!this.color ? "<ICAL:calendar-color />" : ""}
+          </prop>
+        </remove>
+      </propertyupdate>
+      `
+    });
+    if (response.status >= 400) {
+      alert(`Error ${response.status}: ${await response.text()}`);
+      return null;
+    }
+    window.location.reload();
+    return null;
+  }
+};
+__decorateClass([
+  n$1()
+], EditCalendarForm.prototype, "principal", 2);
+__decorateClass([
+  n$1()
+], EditCalendarForm.prototype, "cal_id", 2);
+__decorateClass([
+  n$1()
+], EditCalendarForm.prototype, "displayname", 2);
+__decorateClass([
+  n$1()
+], EditCalendarForm.prototype, "description", 2);
+__decorateClass([
+  n$1()
+], EditCalendarForm.prototype, "timezone_id", 2);
+__decorateClass([
+  n$1()
+], EditCalendarForm.prototype, "color", 2);
+__decorateClass([
+  n$1({
+    converter: {
+      fromAttribute: (value, _type) => new Set(value ? JSON.parse(value) : []),
+      toAttribute: (value, _type) => JSON.stringify(value)
+    }
+  })
+], EditCalendarForm.prototype, "components", 2);
+EditCalendarForm = __decorateClass([
+  t("edit-calendar-form")
+], EditCalendarForm);
+export {
+  EditCalendarForm
+};

crates/frontend/public/assets/js/index-b86iLJlP.mjs

@@ -122,7 +122,11 @@ const o = /* @__PURE__ */ new WeakMap(), n = e$1(class extends f {
     this.rt(this.ct);
   }
 });
+function escapeXml(unsafe) {
+  return unsafe.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
+}
 export {
+  escapeXml as a,
   e,
   n
 };

crates/frontend/public/assets/style.css

@@ -205,33 +205,48 @@ ul.collection-list {
 
   li.collection-list-item {
     list-style: none;
-    display: contents;
+    display: block;
+    position: relative;
+    background: color-mix(in srgb, var(--background-color), var(--dilute-color) 5%);
+    border: 2px solid var(--border-color);
+    border-radius: 12px;
+    margin: 12px 0;
+    box-shadow: 4px 2px 12px -6px black;
+    overflow: hidden;
 
     a {
-      background: color-mix(in srgb, var(--background-color), var(--dilute-color) 5%);
+      position: absolute;
+      inset: 2px;
+    }
+
+    .inner {
       display: grid;
       min-height: 80px;
       height: fit-content;
       grid-template-areas:
-        ".                .                 color-chip"
-        "title            comps             color-chip"
-        "description      description       color-chip"
-        "subscription-url subscription-url  color-chip"
-        "metadata         metadata          color-chip"
-        "actions          actions           color-chip"
-        ".                .                 color-chip";
+        ".                color-chip"
+        "title            color-chip"
+        "description      color-chip"
+        "subscription-url color-chip"
+        "metadata         color-chip"
+        "actions          color-chip"
+        ".                color-chip";
       grid-template-rows: 12px auto auto auto auto auto 12px;
-      grid-template-columns: min-content auto 80px;
+      grid-template-columns: auto 80px;
       row-gap: 4px;
       color: inherit;
       text-decoration: none;
       padding-left: 12px;
 
-      border: 2px solid var(--border-color);
-      border-radius: 12px;
-      margin: 12px 0;
-      box-shadow: 4px 2px 12px -6px black;
-      overflow: hidden;
+      position: relative;
+      z-index: 1;
+      pointer-events: none;
+
+      a,
+      button {
+        pointer-events: all;
+        cursor: pointer;
+      }
 
       .title {
         font-weight: bold;
@@ -245,7 +260,7 @@ ul.collection-list {
       }
 
       .comps {
-        grid-area: comps;
+        display: inline;
 
         span {
           margin: 0 2px;
@@ -278,15 +293,16 @@ ul.collection-list {
       }
 
       .actions {
+        pointer-events: all;
         grid-area: actions;
         width: fit-content;
         display: flex;
         gap: 12px;
       }
+    }
 
-      &:hover {
-        background: color-mix(in srgb, var(--background-color), var(--dilute-color) 10%);
-      }
+    &:hover {
+      background: color-mix(in srgb, var(--background-color), var(--dilute-color) 10%);
     }
   }
 }
@@ -310,12 +326,20 @@ footer {
 }
 
 input[type="text"],
-input[type="password"] {
+input[type="password"],
+input[type="color"],
+select {
   background: color-mix(in srgb, var(--background-color), var(--dilute-color) 10%);
   border: 2px solid var(--border-color);
   padding: 6px 6px;
   color: var(--text-on-background-color);
   margin: 2px;
+  border-radius: 8px;
+
+  &:hover,
+  &:focus {
+    background: color-mix(in srgb, var(--background-color), var(--dilute-color) 20%);
+  }
 }
 
 svg.icon {

crates/frontend/public/templates/components/sections/addressbooks_section.html

@@ -2,7 +2,8 @@
 <ul class="collection-list">
   {% for (meta, addressbook) in addressbooks %}
   <li class="collection-list-item">
-    <a href="/frontend/user/{{ addressbook.principal }}/addressbook/{{ addressbook.id}}">
+    <a href="/frontend/user/{{ addressbook.principal }}/addressbook/{{ addressbook.id}}"></a>
+    <div class="inner">
       <span class="title">
         {%- if addressbook.principal != user.id -%}{{ addressbook.principal }}/{%- endif -%}
         {{ addressbook.displayname.to_owned().unwrap_or(addressbook.id.to_owned()) }}
@@ -15,13 +16,19 @@
           method="GET">
           <button type="submit">Download</button>
         </form>
+        <edit-addressbook-form
+          principal="{{ addressbook.principal }}"
+          addr_id="{{ addressbook.id }}"
+          displayname="{{ addressbook.displayname.as_deref().unwrap_or_default() }}"
+          description="{{ addressbook.description.as_deref().unwrap_or_default() }}"
+        ></edit-addressbook-form>
         <delete-button trash
           href="/carddav/principal/{{ addressbook.principal }}/{{ addressbook.id }}"></delete-button>
       </div>
       <div class="metadata">
         {{ meta.len }} ({{ meta.size | filesizeformat }}) objects, {{ meta.deleted_len }} ({{ meta.deleted_size | filesizeformat }}) deleted objects
       </div>
-    </a>
+    </div>
   </li>
   {% else %}
   You do not have any addressbooks yet
@@ -32,7 +39,8 @@
 <ul class="collection-list">
   {% for (meta, addressbook) in deleted_addressbooks %}
   <li class="collection-list-item">
-    <a href="/frontend/user/{{ addressbook.principal }}/addressbook/{{ addressbook.id}}">
+    <a href="/frontend/user/{{ addressbook.principal }}/addressbook/{{ addressbook.id}}"></a>
+    <div class="inner">
       <span class="title">
         {%- if addressbook.principal != user.id -%}{{ addressbook.principal }}/{%- endif -%}
         {{ addressbook.displayname.to_owned().unwrap_or(addressbook.id.to_owned()) }}
@@ -50,7 +58,7 @@
       <div class="metadata">
         {{ meta.len }} ({{ meta.size | filesizeformat }}) objects, {{ meta.deleted_len }} ({{ meta.deleted_size | filesizeformat }}) deleted objects
       </div>
-    </a>
+    </div>
   </li>
   {% endfor %}
 </ul>

crates/frontend/public/templates/components/sections/calendars_section.html

@@ -3,16 +3,17 @@
   {% for (meta, calendar) in calendars %}
   {% let color = calendar.color.to_owned().unwrap_or("transparent".to_owned()) %}
   <li class="collection-list-item" style="--color: {{ color }}">
-    <a href="/frontend/user/{{ calendar.principal }}/calendar/{{ calendar.id }}">
+    <a href="/frontend/user/{{ calendar.principal }}/calendar/{{ calendar.id }}"></a>
+    <div class="inner">
       <span class="title">
         {%- if calendar.principal != user.id -%}{{ calendar.principal }}/{%- endif -%}
         {{ calendar.displayname.to_owned().unwrap_or(calendar.id.to_owned()) }}
+        <div class="comps">
+          {% for comp in calendar.components %}
+          <span>{{ comp }}</span>
+          {% endfor %}
+        </div>
       </span>
-      <div class="comps">
-        {% for comp in calendar.components %}
-        <span>{{ comp }}</span>
-        {% endfor %}
-      </div>
       <span class="description">
         {% if let Some(description) = calendar.description %}{{ description }}{% endif %}
       </span>
@@ -24,6 +25,15 @@
           <button type="submit">Download</button>
         </form>
         {% if !calendar.id.starts_with("_birthdays_") %}
+        <edit-calendar-form
+          principal="{{ calendar.principal }}"
+          cal_id="{{ calendar.id }}"
+          timezone_id="{{ calendar.timezone_id.as_deref().unwrap_or_default() }}"
+          displayname="{{ calendar.displayname.as_deref().unwrap_or_default() }}"
+          description="{{ calendar.description.as_deref().unwrap_or_default() }}"
+          color="{{ calendar.color.as_deref().unwrap_or_default() }}"
+          components="{{ calendar.components | json }}"
+        ></edit-calendar-form>
         <delete-button trash href="/caldav/principal/{{ calendar.principal }}/{{ calendar.id }}"></delete-button>
         {% endif %}
       </div>
@@ -31,7 +41,7 @@
         {{ meta.len }} ({{ meta.size | filesizeformat }}) objects, {{ meta.deleted_len }} ({{ meta.deleted_size | filesizeformat }}) deleted objects
       </div>
       <div class="color-chip"></div>
-    </a>
+    </div>
   </li>
   {% else %}
   You do not have any calendars yet
@@ -43,16 +53,17 @@
   {% for (meta, calendar) in deleted_calendars %}
   {% let color = calendar.color.to_owned().unwrap_or("transparent".to_owned()) %}
   <li class="collection-list-item" style="--color: {{ color }}">
-    <a href="/frontend/user/{{ calendar.principal }}/calendar/{{ calendar.id}}">
+    <a href="/frontend/user/{{ calendar.principal }}/calendar/{{ calendar.id}}"></a>
+    <div class="inner">
       <span class="title">
         {%- if calendar.principal != user.id -%}{{ calendar.principal }}/{%- endif -%}
         {{ calendar.displayname.to_owned().unwrap_or(calendar.id.to_owned()) }}
+        <div class="comps">
+          {% for comp in calendar.components %}
+          <span>{{ comp }}</span>
+          {% endfor %}
+        </div>
       </span>
-      <div class="comps">
-        {% for comp in calendar.components %}
-        <span>{{ comp }}</span>
-        {% endfor %}
-      </div>
       <span class="description">
         {% if let Some(description) = calendar.description %}{{ description }}{% endif %}
       </span>
@@ -67,7 +78,7 @@
         {{ meta.len }} ({{ meta.size | filesizeformat }}) objects, {{ meta.deleted_len }} ({{ meta.deleted_size | filesizeformat }}) deleted objects
       </div>
       <div class="color-chip"></div>
-    </a>
+    </div>
   </li>
   {% endfor %}
 </ul>

crates/frontend/public/templates/icons/calendar.svg

@@ -1,5 +1,4 @@
 <!-- Adapted from https://iconoir.com/ -->
-<?xml version="1.0" encoding="UTF-8"?>
 <svg width="24px" height="24px" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" class="icon">
   <path d="M15 4V2M15 4V6M15 4H10.5M3 10V19C3 20.1046 3.89543 21 5 21H19C20.1046 21 21 20.1046 21 19V10H3Z" stroke-linecap="round" stroke-linejoin="round"></path>
   <path d="M3 10V6C3 4.89543 3.89543 4 5 4H7" stroke-linecap="round" stroke-linejoin="round"></path>

crates/frontend/public/templates/icons/group.svg

@@ -1,5 +1,4 @@
 <!-- Adapted from https://iconoir.com/ -->
-<?xml version="1.0" encoding="UTF-8"?>
 <svg width="24px" height="24px" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" class="icon">
   <path d="M1 20V19C1 15.134 4.13401 12 8 12V12C11.866 12 15 15.134 15 19V20" stroke-linecap="round"></path>
   <path d="M13 14V14C13 11.2386 15.2386 9 18 9V9C20.7614 9 23 11.2386 23 14V14.5" stroke-linecap="round"></path>

crates/frontend/public/templates/icons/user.svg

@@ -1,5 +1,4 @@
 <!-- Adapted from https://iconoir.com/ -->
-<?xml version="1.0" encoding="UTF-8"?>
 <svg width="24px" height="24px" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" class="icon">
   <path d="M5 20V19C5 15.134 8.13401 12 12 12V12C15.866 12 19 15.134 19 19V20" stroke-linecap="round" stroke-linejoin="round"></path>
   <path d="M12 12C14.2091 12 16 10.2091 16 8C16 5.79086 14.2091 4 12 4C9.79086 4 8 5.79086 8 8C8 10.2091 9.79086 12 12 12Z" stroke-linecap="round" stroke-linejoin="round"></path>

crates/frontend/public/templates/layouts/default.html

@@ -22,9 +22,9 @@
   <div id="app">
     {% block content %}<p>Placeholder</p>{% endblock %}
   </div>
+  <footer>
+      <a href="{{ env!("CARGO_PKG_REPOSITORY") }}" target="_blank">RustiCal {{ env!("CARGO_PKG_VERSION") }}</a>
+      <a href="/frontend/assets/licenses.html" target="_blank">Open Source Licenses</a>
+  </footer>
 </body>
-<footer>
-    <a href="{{ env!("CARGO_PKG_REPOSITORY") }}" target="_blank">RustiCal {{ env!("CARGO_PKG_VERSION") }}</a>
-    <a href="/frontend/assets/licenses.html" target="_blank">Open Source Licenses</a>
-</footer>
 </html>

crates/frontend/public/templates/pages/calendar.html

@@ -25,7 +25,7 @@
 {% if let Some(timezone_id) = calendar.timezone_id %}
 <p>{{ timezone_id }}</p>
 {% endif %}
-{% if let Some(timezone) = calendar.timezone %}
+{% if let Some(timezone) = calendar.get_vtimezone() %}
 <textarea rows="16" readonly>{{ timezone }}</textarea>
 {% endif %}
 

crates/frontend/public/templates/pages/user.html

@@ -1,8 +1,14 @@
 {% extends "layouts/default.html" %}
 
 {% block imports %}
+<template id="data-rustical-user">{{ user|json }}</template>
+<script>
+window.rusticalUser = JSON.parse(document.querySelector('#data-rustical-user').innerHTML)
+</script>
 <script type="module" src="/frontend/assets/js/create-calendar-form.mjs" async></script>
+<script type="module" src="/frontend/assets/js/edit-calendar-form.mjs" async></script>
 <script type="module" src="/frontend/assets/js/create-addressbook-form.mjs" async></script>
+<script type="module" src="/frontend/assets/js/edit-addressbook-form.mjs" async></script>
 <script type="module" src="/frontend/assets/js/delete-button.mjs" async></script>
 {% endblock %}
 {% block header_center %}

crates/frontend/src/lib.rs

@@ -141,15 +141,14 @@ async fn unauthorized_handler(mut request: Request, next: Next) -> Response {
         return resp
             .body(Body::new(format!(
                 r#"<!Doctype html>
-                <html>
-                    <head>
-                        <meta http-equiv="refresh" content="1; url={login_url}" />
-                    </head>
-                    <body>
-                        Unauthorized, redirecting to <a href="{login_url}">login page</a>
-                    </body>
-                <html>
-            "#,
+<html>
+    <head>
+        <meta http-equiv="refresh" content="1; url={login_url}" />
+    </head>
+    <body>
+        Unauthorized, redirecting to <a href="{login_url}">login page</a>
+    </body>
+</html>"#,
             )))
             .unwrap();
     }

crates/frontend/src/routes/app_token.rs

@@ -56,15 +56,19 @@ pub async fn route_post_app_token<AP: AuthenticationProvider>(
     assert!(!name.is_empty());
     assert_eq!(user_id, user.id);
     let token = generate_app_token();
-    auth_provider
+    let mut token_id = auth_provider
         .add_app_token(&user.id, name.to_owned(), token.clone())
         .await?;
+    // Get first 4 characters of token identifier
+    token_id.truncate(4);
+    // This will be a hint for the token validator which app token hash to verify against
+    let token = format!("{token_id}_{token}");
     if apple {
         let profile = AppleConfig {
             token_name: name,
             account_description: format!("{}@{}", &user.id, &hostname),
             hostname: hostname.clone(),
-            caldav_principal_url: format!("https://{hostname}/caldav/principal/{user_id}"),
+            caldav_principal_url: format!("https://{hostname}/caldav-compat/principal/{user_id}"),
             carddav_principal_url: format!("https://{hostname}/carddav/principal/{user_id}"),
             user: user.id.to_owned(),
             token,
@@ -79,13 +83,12 @@ pub async fn route_post_app_token<AP: AuthenticationProvider>(
         hdrs.typed_insert(
             ContentType::from_str("application/x-apple-aspen-config; charset=utf-8").unwrap(),
         );
-        let filename = format!("rustical-{}.mobileconfig", user_id);
+        let filename = format!("rustical-{user_id}.mobileconfig");
         let filename = utf8_percent_encode(&filename, CONTROLS);
         hdrs.insert(
             header::CONTENT_DISPOSITION,
             HeaderValue::from_str(&format!(
-                "attachement; filename*=UTF-8''{} filename={}",
-                filename, filename
+                "attachement; filename*=UTF-8''{filename} filename={filename}",
             ))
             .unwrap(),
         );

crates/ical/src/address_object.rs

@@ -95,10 +95,8 @@ impl AddressObject {
                 let uid = format!("{}-anniversary", self.get_id());
 
                 let year_suffix = year.map(|year| format!(" ({year})")).unwrap_or_default();
-                Some(CalendarObject::from_ics(
-                    uid.clone(),
-                    format!(
-                        r#"BEGIN:VCALENDAR
+                Some(CalendarObject::from_ics(format!(
+                    r#"BEGIN:VCALENDAR
 VERSION:2.0
 CALSCALE:GREGORIAN
 PRODID:-//github.com/lennart-k/rustical birthday calendar//EN
@@ -116,8 +114,7 @@ DESCRIPTION:💍 {fullname}{year_suffix}
 END:VALARM
 END:VEVENT
 END:VCALENDAR"#,
-                    ),
-                )?)
+                ))?)
             } else {
                 None
             },
@@ -139,10 +136,8 @@ END:VCALENDAR"#,
                 let uid = format!("{}-birthday", self.get_id());
 
                 let year_suffix = year.map(|year| format!(" ({year})")).unwrap_or_default();
-                Some(CalendarObject::from_ics(
-                    uid.clone(),
-                    format!(
-                        r#"BEGIN:VCALENDAR
+                Some(CalendarObject::from_ics(format!(
+                    r#"BEGIN:VCALENDAR
 VERSION:2.0
 CALSCALE:GREGORIAN
 PRODID:-//github.com/lennart-k/rustical birthday calendar//EN
@@ -160,8 +155,7 @@ DESCRIPTION:🎂 {fullname}{year_suffix}
 END:VALARM
 END:VEVENT
 END:VCALENDAR"#,
-                    ),
-                )?)
+                ))?)
             } else {
                 None
             },

crates/ical/src/icalendar/event.rs

@@ -1,19 +1,17 @@
 use crate::Error;
-use crate::{CalDateTime, ComponentMut, parse_duration};
+use crate::{CalDateTime, parse_duration};
 use chrono::{DateTime, Duration, Utc};
-use ical::{
-    generator::IcalEvent,
-    parser::{Component, ical::component::IcalTimeZone},
-    property::Property,
-};
+use ical::parser::ComponentMut;
+use ical::{generator::IcalEvent, parser::Component, property::Property};
 use rrule::{RRule, RRuleSet};
 use std::{collections::HashMap, str::FromStr};
 
-#[derive(Debug, Clone)]
+#[derive(Debug, Clone, Default)]
 pub struct EventObject {
     pub event: IcalEvent,
-    pub timezones: HashMap<String, IcalTimeZone>,
-    pub(crate) ics: String,
+    // If a timezone is None that means that in the VCALENDAR object there's a timezone defined
+    // with that name but its not from the Olson DB
+    pub timezones: HashMap<String, Option<chrono_tz::Tz>>,
 }
 
 impl EventObject {
@@ -128,7 +126,7 @@ impl EventObject {
                 } else {
                     date.format()
                 };
-                let mut ev = self.event.clone();
+                let mut ev = self.event.clone().mutable();
                 ev.remove_property("RRULE");
                 ev.remove_property("RDATE");
                 ev.remove_property("EXDATE");
@@ -163,7 +161,7 @@ impl EventObject {
                         params: dtstart_prop.params,
                     });
                 }
-                events.push(ev);
+                events.push(ev.verify()?);
             }
             Ok(events)
         } else {
@@ -242,11 +240,7 @@ END:VEVENT\r\n",
 
     #[test]
     fn test_expand_recurrence() {
-        let event = CalendarObject::from_ics(
-            "318ec6503573d9576818daf93dac07317058d95c".to_string(),
-            ICS.to_string(),
-        )
-        .unwrap();
+        let event = CalendarObject::from_ics(ICS.to_string()).unwrap();
         let event = event.event().unwrap();
 
         let events: Vec<String> = event

crates/ical/src/icalendar/journal.rs

@@ -1,7 +1,5 @@
+use derive_more::From;
 use ical::parser::ical::component::IcalJournal;
 
-#[derive(Debug, Clone)]
-pub struct JournalObject {
-    pub journal: IcalJournal,
-    pub(crate) ics: String,
-}
+#[derive(Debug, Clone, From)]
+pub struct JournalObject(pub IcalJournal);

crates/ical/src/icalendar/object.rs

@@ -4,10 +4,8 @@ use crate::Error;
 use chrono::DateTime;
 use chrono::Utc;
 use derive_more::Display;
-use ical::{
-    generator::{Emitter, IcalCalendar},
-    parser::{Component, ical::component::IcalTimeZone},
-};
+use ical::generator::{Emitter, IcalCalendar};
+use ical::property::Property;
 use serde::Serialize;
 use sha2::{Digest, Sha256};
 use std::{collections::HashMap, io::BufReader};
@@ -15,8 +13,11 @@ use std::{collections::HashMap, io::BufReader};
 #[derive(Debug, Clone, Serialize, PartialEq, Eq, Display)]
 // specified in https://datatracker.ietf.org/doc/html/rfc5545#section-3.6
 pub enum CalendarObjectType {
+    #[serde(rename = "VEVENT")]
     Event = 0,
+    #[serde(rename = "VTODO")]
     Todo = 1,
+    #[serde(rename = "VJOURNAL")]
     Journal = 2,
 }
 
@@ -44,8 +45,7 @@ impl rustical_xml::ValueDeserialize for CalendarObjectType {
             "VJOURNAL" => Ok(Self::Journal),
             _ => Err(rustical_xml::XmlError::InvalidValue(
                 rustical_xml::ParseValueError::Other(format!(
-                    "Invalid value '{}', must be VEVENT, VTODO, or VJOURNAL",
-                    val
+                    "Invalid value '{val}', must be VEVENT, VTODO, or VJOURNAL"
                 )),
             )),
         }
@@ -59,15 +59,21 @@ pub enum CalendarObjectComponent {
     Journal(JournalObject),
 }
 
-#[derive(Debug, Clone)]
-pub struct CalendarObject {
-    id: String,
+impl Default for CalendarObjectComponent {
+    fn default() -> Self {
+        Self::Event(EventObject::default())
+    }
+}
+
+#[derive(Debug, Clone, Default)]
+pub struct CalendarObject<const VERIFIED: bool = true> {
     data: CalendarObjectComponent,
-    cal: IcalCalendar,
+    properties: Vec<Property>,
+    ics: String,
 }
 
 impl CalendarObject {
-    pub fn from_ics(object_id: String, ics: String) -> Result<Self, Error> {
+    pub fn from_ics(ics: String) -> Result<Self, Error> {
         let mut parser = ical::IcalParser::new(BufReader::new(ics.as_bytes()));
         let cal = parser.next().ok_or(Error::MissingCalendar)??;
         if parser.next().is_some() {
@@ -88,52 +94,30 @@ impl CalendarObject {
             ));
         }
 
-        let timezones: HashMap<String, IcalTimeZone> = cal
+        let timezones: HashMap<String, Option<chrono_tz::Tz>> = cal
             .timezones
             .clone()
             .into_iter()
-            .filter_map(|timezone| {
-                let timezone_prop = timezone.get_property("TZID")?.to_owned();
-                let tzid = timezone_prop.value?;
-                Some((tzid, timezone))
-            })
+            .map(|timezone| (timezone.get_tzid().to_owned(), (&timezone).try_into().ok()))
             .collect();
 
-        if let Some(event) = cal.events.first() {
-            return Ok(CalendarObject {
-                id: object_id,
-                cal: cal.clone(),
-                data: CalendarObjectComponent::Event(EventObject {
-                    event: event.clone(),
-                    timezones,
-                    ics,
-                }),
-            });
-        }
-        if let Some(todo) = cal.todos.first() {
-            return Ok(CalendarObject {
-                id: object_id,
-                cal: cal.clone(),
-                data: CalendarObjectComponent::Todo(TodoObject {
-                    todo: todo.clone(),
-                    ics,
-                }),
-            });
-        }
-        if let Some(journal) = cal.journals.first() {
-            return Ok(CalendarObject {
-                id: object_id,
-                cal: cal.clone(),
-                data: CalendarObjectComponent::Journal(JournalObject {
-                    journal: journal.clone(),
-                    ics,
-                }),
-            });
-        }
+        let data = if let Some(event) = cal.events.into_iter().next() {
+            CalendarObjectComponent::Event(EventObject { event, timezones })
+        } else if let Some(todo) = cal.todos.into_iter().next() {
+            CalendarObjectComponent::Todo(todo.into())
+        } else if let Some(journal) = cal.journals.into_iter().next() {
+            CalendarObjectComponent::Journal(journal.into())
+        } else {
+            return Err(Error::InvalidData(
+                "iCalendar component type not supported :(".to_owned(),
+            ));
+        };
 
-        Err(Error::InvalidData(
-            "iCalendar component type not supported :(".to_owned(),
-        ))
+        Ok(Self {
+            data,
+            properties: cal.properties,
+            ics,
+        })
     }
 
     pub fn get_data(&self) -> &CalendarObjectComponent {
@@ -141,29 +125,26 @@ impl CalendarObject {
     }
 
     pub fn get_id(&self) -> &str {
-        &self.id
+        match &self.data {
+            CalendarObjectComponent::Todo(todo) => todo.0.get_uid(),
+            CalendarObjectComponent::Event(event) => event.event.get_uid(),
+            CalendarObjectComponent::Journal(journal) => journal.0.get_uid(),
+        }
     }
+
     pub fn get_etag(&self) -> String {
         let mut hasher = Sha256::new();
-        hasher.update(&self.id);
+        hasher.update(self.get_id());
         hasher.update(self.get_ics());
         format!("\"{:x}\"", hasher.finalize())
     }
 
     pub fn get_ics(&self) -> &str {
-        match &self.data {
-            CalendarObjectComponent::Todo(todo) => &todo.ics,
-            CalendarObjectComponent::Event(event) => &event.ics,
-            CalendarObjectComponent::Journal(journal) => &journal.ics,
-        }
+        &self.ics
     }
 
     pub fn get_component_name(&self) -> &str {
-        match self.data {
-            CalendarObjectComponent::Todo(_) => "VTODO",
-            CalendarObjectComponent::Event(_) => "VEVENT",
-            CalendarObjectComponent::Journal(_) => "VJOURNAL",
-        }
+        self.get_object_type().as_str()
     }
 
     pub fn get_object_type(&self) -> CalendarObjectType {
@@ -203,8 +184,11 @@ impl CalendarObject {
         // Only events can be expanded
         match &self.data {
             CalendarObjectComponent::Event(event) => {
-                let mut cal = self.cal.clone();
-                cal.events = event.expand_recurrence(start, end)?;
+                let cal = IcalCalendar {
+                    properties: self.properties.clone(),
+                    events: event.expand_recurrence(start, end)?,
+                    ..Default::default()
+                };
                 Ok(cal.generate())
             }
             _ => Ok(self.get_ics().to_string()),

crates/ical/src/icalendar/todo.rs

@@ -1,7 +1,5 @@
+use derive_more::From;
 use ical::parser::ical::component::IcalTodo;
 
-#[derive(Debug, Clone)]
-pub struct TodoObject {
-    pub todo: IcalTodo,
-    pub(crate) ics: String,
-}
+#[derive(Debug, Clone, From)]
+pub struct TodoObject(pub IcalTodo);

crates/ical/src/lib.rs

@@ -1,6 +1,3 @@
-mod property_ext;
-pub use property_ext::*;
-
 mod timestamp;
 mod timezone;
 pub use timestamp::*;

crates/ical/src/property_ext.rs

@@ -1,46 +0,0 @@
-use ical::{generator::IcalEvent, property::Property};
-
-pub trait IcalProperty {
-    fn get_param(&self, name: &str) -> Option<Vec<&str>>;
-    fn get_value_type(&self) -> Option<&str>;
-    fn get_tzid(&self) -> Option<&str>;
-}
-
-impl IcalProperty for ical::property::Property {
-    fn get_param(&self, name: &str) -> Option<Vec<&str>> {
-        self.params
-            .as_ref()?
-            .iter()
-            .find(|(key, _)| name == key)
-            .map(|(_, value)| value.iter().map(String::as_str).collect())
-    }
-
-    fn get_value_type(&self) -> Option<&str> {
-        self.get_param("VALUE")
-            .and_then(|params| params.into_iter().next())
-    }
-
-    fn get_tzid(&self) -> Option<&str> {
-        self.get_param("TZID")
-            .and_then(|params| params.into_iter().next())
-    }
-}
-
-pub trait ComponentMut {
-    fn remove_property(&mut self, name: &str);
-    fn set_property(&mut self, prop: Property);
-    fn push_property(&mut self, prop: Property);
-}
-
-impl ComponentMut for IcalEvent {
-    fn remove_property(&mut self, name: &str) {
-        self.properties.retain(|prop| prop.name != name);
-    }
-    fn set_property(&mut self, prop: Property) {
-        self.remove_property(&prop.name);
-        self.push_property(prop);
-    }
-    fn push_property(&mut self, prop: Property) {
-        self.properties.push(prop);
-    }
-}

crates/ical/src/timestamp.rs

@@ -1,12 +1,8 @@
 use super::timezone::CalTimezone;
-use crate::IcalProperty;
 use chrono::{DateTime, Datelike, Duration, Local, NaiveDate, NaiveDateTime, NaiveTime, Utc};
 use chrono_tz::Tz;
 use derive_more::derive::Deref;
-use ical::{
-    parser::{Component, ical::component::IcalTimeZone},
-    property::Property,
-};
+use ical::property::Property;
 use lazy_static::lazy_static;
 use rustical_xml::{ValueDeserialize, ValueSerialize};
 use std::{borrow::Cow, collections::HashMap, ops::Add};
@@ -112,7 +108,7 @@ impl From<DateTime<Local>> for CalDateTime {
 
 impl From<DateTime<Utc>> for CalDateTime {
     fn from(value: DateTime<Utc>) -> Self {
-        CalDateTime::DateTime(value.with_timezone(&CalTimezone::Utc))
+        CalDateTime::DateTime(value.with_timezone(&CalTimezone::Olson(chrono_tz::UTC)))
     }
 }
 
@@ -136,7 +132,7 @@ impl Add<Duration> for CalDateTime {
 impl CalDateTime {
     pub fn parse_prop(
         prop: &Property,
-        timezones: &HashMap<String, IcalTimeZone>,
+        timezones: &HashMap<String, Option<chrono_tz::Tz>>,
     ) -> Result<Self, CalDateTimeError> {
         let prop_value = prop
             .value
@@ -145,28 +141,9 @@ impl CalDateTime {
                 "empty property".to_owned(),
             ))?;
 
-        // Use the TZID parameter from the property
-        let timezone = if let Some(tzid) = prop.get_tzid() {
+        let timezone = if let Some(tzid) = prop.get_param("TZID") {
             if let Some(timezone) = timezones.get(tzid) {
-                // X-LIC-LOCATION is often used to refer to a standardised timezone from the Olson
-                // database
-                if let Some(olson_name) = timezone
-                    .get_property("X-LIC-LOCATION")
-                    .map(|prop| prop.value.to_owned())
-                    .unwrap_or_default()
-                {
-                    if let Ok(tz) = olson_name.parse::<Tz>() {
-                        Some(tz)
-                    } else {
-                        return Err(CalDateTimeError::InvalidOlson(olson_name));
-                    }
-                } else {
-                    // If the TZID matches a name from the Olson database (e.g. Europe/Berlin) we
-                    // guess that we can just use it
-                    tzid.parse::<Tz>().ok()
-                    // TODO: If None: Too bad, we need to manually parse it
-                    // For now it's just treated as localtime
-                }
+                timezone.to_owned()
             } else {
                 // TZID refers to timezone that does not exist
                 return Err(CalDateTimeError::InvalidTZID(tzid.to_string()));
@@ -183,7 +160,7 @@ impl CalDateTime {
     pub fn format(&self) -> String {
         match self {
             Self::DateTime(datetime) => match datetime.timezone() {
-                CalTimezone::Utc => datetime.format(UTC_DATE_TIME).to_string(),
+                CalTimezone::Olson(chrono_tz::UTC) => datetime.format(UTC_DATE_TIME).to_string(),
                 _ => datetime.format(LOCAL_DATE_TIME).to_string(),
             },
             Self::Date(date, _) => date.format(LOCAL_DATE).to_string(),
@@ -208,7 +185,7 @@ impl CalDateTime {
         matches!(&self, Self::Date(_, _))
     }
 
-    pub fn as_datetime(&self) -> Cow<DateTime<CalTimezone>> {
+    pub fn as_datetime(&self) -> Cow<'_, DateTime<CalTimezone>> {
         match self {
             Self::DateTime(datetime) => Cow::Borrowed(datetime),
             Self::Date(date, tz) => Cow::Owned(

crates/ical/src/timezone.rs

@@ -1,11 +1,10 @@
-use chrono::{Local, NaiveDate, NaiveDateTime, TimeZone, Utc};
+use chrono::{Local, NaiveDate, NaiveDateTime, TimeZone};
 use chrono_tz::Tz;
 use derive_more::{Display, From};
 
 #[derive(Debug, Clone, From, PartialEq, Eq)]
 pub enum CalTimezone {
     Local,
-    Utc,
     Olson(Tz),
 }
 
@@ -13,7 +12,6 @@ impl From<CalTimezone> for rrule::Tz {
     fn from(value: CalTimezone) -> Self {
         match value {
             CalTimezone::Local => Self::LOCAL,
-            CalTimezone::Utc => Self::UTC,
             CalTimezone::Olson(tz) => Self::Tz(tz),
         }
     }
@@ -23,7 +21,6 @@ impl From<rrule::Tz> for CalTimezone {
     fn from(value: rrule::Tz) -> Self {
         match value {
             rrule::Tz::Local(_) => Self::Local,
-            rrule::Tz::Tz(chrono_tz::UTC) => Self::Utc,
             rrule::Tz::Tz(tz) => Self::Olson(tz),
         }
     }
@@ -32,7 +29,6 @@ impl From<rrule::Tz> for CalTimezone {
 #[derive(Debug, Clone, PartialEq, Display)]
 pub enum CalTimezoneOffset {
     Local(chrono::FixedOffset),
-    Utc(chrono::Utc),
     Olson(chrono_tz::TzOffset),
 }
 
@@ -40,7 +36,6 @@ impl chrono::Offset for CalTimezoneOffset {
     fn fix(&self) -> chrono::FixedOffset {
         match self {
             Self::Local(local) => local.fix(),
-            Self::Utc(utc) => utc.fix(),
             Self::Olson(olson) => olson.fix(),
         }
     }
@@ -52,7 +47,6 @@ impl TimeZone for CalTimezone {
     fn from_offset(offset: &Self::Offset) -> Self {
         match offset {
             CalTimezoneOffset::Local(_) => Self::Local,
-            CalTimezoneOffset::Utc(_) => Self::Utc,
             CalTimezoneOffset::Olson(offset) => Self::Olson(Tz::from_offset(offset)),
         }
     }
@@ -62,9 +56,6 @@ impl TimeZone for CalTimezone {
             Self::Local => Local
                 .offset_from_local_date(local)
                 .map(CalTimezoneOffset::Local),
-            Self::Utc => Utc
-                .offset_from_local_date(local)
-                .map(CalTimezoneOffset::Utc),
             Self::Olson(tz) => tz
                 .offset_from_local_date(local)
                 .map(CalTimezoneOffset::Olson),
@@ -79,9 +70,6 @@ impl TimeZone for CalTimezone {
             Self::Local => Local
                 .offset_from_local_datetime(local)
                 .map(CalTimezoneOffset::Local),
-            Self::Utc => Utc
-                .offset_from_local_datetime(local)
-                .map(CalTimezoneOffset::Utc),
             Self::Olson(tz) => tz
                 .offset_from_local_datetime(local)
                 .map(CalTimezoneOffset::Olson),
@@ -91,7 +79,6 @@ impl TimeZone for CalTimezone {
     fn offset_from_utc_datetime(&self, utc: &NaiveDateTime) -> Self::Offset {
         match self {
             Self::Local => CalTimezoneOffset::Local(Local.offset_from_utc_datetime(utc)),
-            Self::Utc => CalTimezoneOffset::Utc(Utc.offset_from_utc_datetime(utc)),
             Self::Olson(tz) => CalTimezoneOffset::Olson(tz.offset_from_utc_datetime(utc)),
         }
     }
@@ -99,7 +86,6 @@ impl TimeZone for CalTimezone {
     fn offset_from_utc_date(&self, utc: &NaiveDate) -> Self::Offset {
         match self {
             Self::Local => CalTimezoneOffset::Local(Local.offset_from_utc_date(utc)),
-            Self::Utc => CalTimezoneOffset::Utc(Utc.offset_from_utc_date(utc)),
             Self::Olson(tz) => CalTimezoneOffset::Olson(tz.offset_from_utc_date(utc)),
         }
     }

crates/store/Cargo.toml

@@ -22,7 +22,6 @@ chrono-tz = { workspace = true }
 derive_more = { workspace = true, features = ["as_ref"] }
 rustical_xml.workspace = true
 tokio.workspace = true
-rand.workspace = true
 clap.workspace = true
 rustical_dav.workspace = true
 rustical_ical.workspace = true
@@ -33,6 +32,7 @@ headers.workspace = true
 tower.workspace = true
 futures-core.workspace = true
 tower-sessions.workspace = true
+vtimezones-rs.workspace = true
 
 [dev-dependencies]
 rstest = { workspace = true }

crates/store/src/auth/principal.rs

@@ -25,6 +25,7 @@ pub struct Principal {
     pub displayname: Option<String>,
     #[serde(default)]
     pub principal_type: PrincipalType,
+    #[serde(skip_serializing)]
     pub password: Option<Secret<String>>,
     #[serde(default)]
     pub memberships: Vec<String>,

crates/store/src/auth/principal_type.rs

@@ -13,7 +13,7 @@ pub enum PrincipalType {
     Resource,
     Room,
     Unknown,
-    // TODO: X-Name, IANA-token
+    // X-Name, IANA-token
 }
 
 impl TryFrom<&str> for PrincipalType {

crates/store/src/calendar.rs

@@ -1,3 +1,5 @@
+use std::str::FromStr;
+
 use crate::synctoken::format_synctoken;
 use chrono::NaiveDateTime;
 use rustical_ical::CalendarObjectType;
@@ -11,7 +13,6 @@ pub struct Calendar {
     pub order: i64,
     pub description: Option<String>,
     pub color: Option<String>,
-    pub timezone: Option<String>,
     pub timezone_id: Option<String>,
     pub deleted_at: Option<NaiveDateTime>,
     pub synctoken: i64,
@@ -24,4 +25,16 @@ impl Calendar {
     pub fn format_synctoken(&self) -> String {
         format_synctoken(self.synctoken)
     }
+
+    pub fn get_timezone(&self) -> Option<chrono_tz::Tz> {
+        self.timezone_id
+            .as_ref()
+            .and_then(|tzid| chrono_tz::Tz::from_str(tzid).ok())
+    }
+
+    pub fn get_vtimezone(&self) -> Option<&'static str> {
+        self.timezone_id
+            .as_ref()
+            .and_then(|tzid| vtimezones_rs::VTIMEZONES.get(tzid).cloned())
+    }
 }

crates/store/src/contact_birthday_store.rs

@@ -20,7 +20,6 @@ fn birthday_calendar(addressbook: Addressbook) -> Calendar {
         order: 0,
         description: None,
         color: None,
-        timezone: None,
         timezone_id: None,
         deleted_at: addressbook.deleted_at,
         synctoken: addressbook.synctoken,

crates/store_sqlite/migrations/20250725225640_drop_calendar_timezone.down.sql

@@ -0,0 +1 @@
+ALTER TABLE calendars ADD COLUMN timezone TEXT;

crates/store_sqlite/migrations/20250725225640_drop_calendar_timezone.up.sql

@@ -0,0 +1,3 @@
+-- We don't want to save timezones as ics anymore
+-- but instead just rely on the TZDB identifier
+ALTER TABLE calendars DROP COLUMN timezone;

crates/store_sqlite/src/calendar_store.rs

@@ -22,7 +22,17 @@ impl TryFrom<CalendarObjectRow> for CalendarObject {
     type Error = rustical_store::Error;
 
     fn try_from(value: CalendarObjectRow) -> Result<Self, Self::Error> {
-        Ok(CalendarObject::from_ics(value.id, value.ics)?)
+        let object = CalendarObject::from_ics(value.ics)?;
+        if object.get_id() != value.id {
+            return Err(rustical_store::Error::IcalError(
+                rustical_ical::Error::InvalidData(format!(
+                    "object_id={} and UID={} don't match",
+                    object.get_id(),
+                    value.id
+                )),
+            ));
+        }
+        Ok(object)
     }
 }
 
@@ -34,7 +44,6 @@ struct CalendarRow {
     order: i64,
     description: Option<String>,
     color: Option<String>,
-    timezone: Option<String>,
     timezone_id: Option<String>,
     deleted_at: Option<NaiveDateTime>,
     synctoken: i64,
@@ -64,7 +73,6 @@ impl From<CalendarRow> for Calendar {
             order: value.order,
             description: value.description,
             color: value.color,
-            timezone: value.timezone,
             timezone_id: value.timezone_id,
             deleted_at: value.deleted_at,
             synctoken: value.synctoken,
@@ -127,7 +135,7 @@ impl SqliteCalendarStore {
     ) -> Result<Vec<Calendar>, Error> {
         let cals = sqlx::query_as!(
             CalendarRow,
-            r#"SELECT *
+            r#"SELECT principal, id, displayname, "order", description, color, timezone_id, deleted_at, synctoken, subscription_url, push_topic, comp_event, comp_todo, comp_journal
                 FROM calendars
                 WHERE principal = ? AND deleted_at IS NOT NULL"#,
             principal
@@ -147,8 +155,8 @@ impl SqliteCalendarStore {
         let comp_journal = calendar.components.contains(&CalendarObjectType::Journal);
 
         sqlx::query!(
-            r#"INSERT INTO calendars (principal, id, displayname, description, "order", color, subscription_url, timezone, timezone_id, push_topic, comp_event, comp_todo, comp_journal)
-                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"#,
+            r#"INSERT INTO calendars (principal, id, displayname, description, "order", color, subscription_url, timezone_id, push_topic, comp_event, comp_todo, comp_journal)
+                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"#,
             calendar.principal,
             calendar.id,
             calendar.displayname,
@@ -156,7 +164,6 @@ impl SqliteCalendarStore {
             calendar.order,
             calendar.color,
             calendar.subscription_url,
-            calendar.timezone,
             calendar.timezone_id,
             calendar.push_topic,
             comp_event, comp_todo, comp_journal
@@ -178,7 +185,7 @@ impl SqliteCalendarStore {
         let comp_journal = calendar.components.contains(&CalendarObjectType::Journal);
 
         let result = sqlx::query!(
-            r#"UPDATE calendars SET principal = ?, id = ?, displayname = ?, description = ?, "order" = ?, color = ?, timezone = ?, timezone_id = ?, push_topic = ?, comp_event = ?, comp_todo = ?, comp_journal = ?
+            r#"UPDATE calendars SET principal = ?, id = ?, displayname = ?, description = ?, "order" = ?, color = ?, timezone_id = ?, push_topic = ?, comp_event = ?, comp_todo = ?, comp_journal = ?
                 WHERE (principal, id) = (?, ?)"#,
             calendar.principal,
             calendar.id,
@@ -186,7 +193,6 @@ impl SqliteCalendarStore {
             calendar.description,
             calendar.order,
             calendar.color,
-            calendar.timezone,
             calendar.timezone_id,
             calendar.push_topic,
             comp_event, comp_todo, comp_journal,

crates/store_sqlite/src/principal_store.rs

@@ -149,8 +149,23 @@ impl AuthenticationProvider for SqlitePrincipalStore {
         user_id: &str,
         token: &str,
     ) -> Result<Option<Principal>, Error> {
+        #[instrument(skip(password))]
+        fn verify_password(password: &str, hash: &str) -> Result<(), password_auth::VerifyError> {
+            password_auth::verify_password(password, hash)
+        }
+
+        // Allow to specify the token id to use to make validation faster
+        // Doesn't match the whole length of the token id to keep the length in bounds
+        // Example: asd_selgkh
+        // where the app token id starts with asd and its value is selgkh
+        let (token_id_prefix, token) = token.split_once('_').unwrap_or(("", token));
+
         for app_token in &self.get_app_tokens(user_id).await? {
-            if password_auth::verify_password(token, app_token.token.as_ref()).is_ok() {
+            // Wrong token id
+            if !app_token.id.starts_with(token_id_prefix) {
+                continue;
+            }
+            if verify_password(token, app_token.token.as_ref()).is_ok() {
                 return self.get_principal(user_id).await;
             }
         }
@@ -206,7 +221,10 @@ impl AuthenticationProvider for SqlitePrincipalStore {
                 None,
                 None,
                 Params {
-                    rounds: 100,
+                    // The app token has a high entropy so we are quite safe from quessing attacks
+                    // Also if an attacker got access to the hashes they'd have already gotten
+                    // access to the whole database.
+                    rounds: 2,
                     ..Default::default()
                 },
                 &salt,

crates/store_sqlite/src/subscription_store.rs

@@ -31,6 +31,11 @@ impl SubscriptionStore for SqliteStore {
     }
 
     async fn upsert_subscription(&self, sub: Subscription) -> Result<bool, Error> {
+        let already_exists = match self.get_subscription(&sub.id).await {
+            Ok(_) => true,
+            Err(Error::NotFound) => false,
+            Err(err) => return Err(err),
+        };
         sqlx::query!(
             r#"INSERT OR REPLACE INTO davpush_subscriptions (id, topic, expiration, push_resource, public_key, public_key_type, auth_secret) VALUES (?, ?, ?, ?, ?, ?, ?)"#,
             sub.id,
@@ -41,8 +46,7 @@ impl SubscriptionStore for SqliteStore {
             sub.public_key_type,
             sub.auth_secret
         ).execute(&self.db).await.map_err(crate::Error::from)?;
-        // TODO: Correctly return whether a subscription already existed
-        Ok(false)
+        Ok(already_exists)
     }
     async fn delete_subscription(&self, id: &str) -> Result<(), Error> {
         sqlx::query!(r#"DELETE FROM davpush_subscriptions WHERE id = ? "#, id)

crates/xml/derive/src/xml_enum/impl_de.rs

@@ -16,8 +16,8 @@ impl Enum {
         quote! {
             impl #impl_generics ::rustical_xml::XmlDeserialize for #name #type_generics #where_clause {
                 fn deserialize<R: ::std::io::BufRead>(
-                    reader: &mut quick_xml::NsReader<R>,
-                    start: &quick_xml::events::BytesStart,
+                    reader: &mut ::quick_xml::NsReader<R>,
+                    start: &::quick_xml::events::BytesStart,
                     empty: bool
                 ) -> Result<Self, rustical_xml::XmlError> {
                     #(#variant_branches);*
@@ -37,8 +37,8 @@ impl Enum {
         quote! {
             impl #impl_generics ::rustical_xml::XmlDeserialize for #name #type_generics #where_clause {
                 fn deserialize<R: std::io::BufRead>(
-                    reader: &mut quick_xml::NsReader<R>,
-                    start: &quick_xml::events::BytesStart,
+                    reader: &mut ::quick_xml::NsReader<R>,
+                    start: &::quick_xml::events::BytesStart,
                     empty: bool
                 ) -> Result<Self, rustical_xml::XmlError> {
                     let (_ns, name) = reader.resolve_element(start.name());

crates/xml/derive/src/xml_struct/mod.rs

@@ -118,8 +118,8 @@ impl NamedStruct {
         quote! {
             impl #impl_generics ::rustical_xml::XmlDeserialize for #ident #type_generics #where_clause {
                 fn deserialize<R: ::std::io::BufRead>(
-                    reader: &mut quick_xml::NsReader<R>,
-                    start: &quick_xml::events::BytesStart,
+                    reader: &mut ::quick_xml::NsReader<R>,
+                    start: &::quick_xml::events::BytesStart,
                     empty: bool
                 ) -> Result<Self, rustical_xml::XmlError> {
                     use quick_xml::events::Event;

crates/xml/src/se.rs

@@ -43,7 +43,7 @@ pub trait XmlSerializeRoot {
 
     fn serialize_to_string(&self) -> std::io::Result<String> {
         let mut buf: Vec<_> = b"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n".into();
-        let mut writer = quick_xml::Writer::new(&mut buf);
+        let mut writer = quick_xml::Writer::new_with_indent(&mut buf, b' ', 4);
         self.serialize_root(&mut writer)?;
         Ok(String::from_utf8_lossy(&buf).to_string())
     }

crates/xml/tests/se_enum.rs

@@ -22,6 +22,11 @@ fn test_struct_value_tagged() {
     .unwrap();
     assert_eq!(
         out,
-        "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<propfind><prop><test>asd</test></prop></propfind>"
+        r#"<?xml version="1.0" encoding="utf-8"?>
+<propfind>
+    <prop>
+        <test>asd</test>
+    </prop>
+</propfind>"#
     );
 }

crates/xml/tests/se_struct.rs

@@ -71,7 +71,11 @@ fn test_struct_value_tagged() {
     .unwrap();
     assert_eq!(
         out,
-        "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<document><href>okay</href><num>123</num></document>"
+        r#"<?xml version="1.0" encoding="utf-8"?>
+<document>
+    <href>okay</href>
+    <num>123</num>
+</document>"#
     );
 }
 
@@ -91,7 +95,8 @@ fn test_struct_value_untagged() {
     .unwrap();
     assert_eq!(
         out,
-        "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<document>okays</document>"
+        r#"<?xml version="1.0" encoding="utf-8"?>
+<document>okays</document>"#
     );
 }
 
@@ -111,7 +116,11 @@ fn test_struct_vec() {
     .unwrap();
     assert_eq!(
         out,
-        "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<document><href>okay</href><href>wow</href></document>"
+        r#"<?xml version="1.0" encoding="utf-8"?>
+<document>
+    <href>okay</href>
+    <href>wow</href>
+</document>"#
     );
 }
 
@@ -141,7 +150,10 @@ fn test_struct_serialize_with() {
     .unwrap();
     assert_eq!(
         out,
-        "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<document><href>OKAY</href></document>"
+        r#"<?xml version="1.0" encoding="utf-8"?>
+<document>
+    <href>OKAY</href>
+</document>"#
     );
 }
 

docs/index.md

@@ -8,17 +8,20 @@ a CalDAV/CardDAV server
     you'd still be one of the first testers so expect bugs and rough edges.
     If you still want to play around with it in its current state, absolutely feel free to do so and to open up an issue if something is not working. :)
 
+[Installation](installation/index.md){ .md-button }
+
 ## Features
 
 - easy to backup, everything saved in one SQLite database
   - also export feature in the frontend
-- [WebDAV Push](https://github.com/bitfireAT/webdav-push/) support, so near-instant synchronisation to DAVx5
+- **[WebDAV Push](https://github.com/bitfireAT/webdav-push/)** support, so near-instant synchronisation to DAVx5
 - lightweight (the container image contains only one binary)
 - adequately fast (I'd love to say blazingly fast™ :fire: but I don't have any benchmarks)
 - deleted calendars are recoverable
 - Nextcloud login flow (In DAVx5 you can login through the Nextcloud flow and automatically generate an app token)
 - Apple configuration profiles (skip copy-pasting passwords and instead generate the configuration in the frontend)
-- [OpenID Connect](setup/oidc.md) support (with option to disable password login)
+- **[OpenID Connect](setup/oidc.md)** support (with option to disable password login)
+- Group-based **sharing**
 
 ## Tested Clients
 

docs/installation/index.md

@@ -16,6 +16,9 @@ docker run \
 1. Mount config file
 2. Alternatively specify configuration using environment variables
 
+!!! info
+    Note that you are expected to run RustiCal behind a reverse proxy with HTTPS. (The frontend will only work on non-localhost addresses with https) and clients like Apple Calendar also expect HTTPS.
+
 ## User management
 
 In case you already have an OIDC server set up, see [here](setup/oidc.md) how to set up OIDC login and maybe skip this section.

docs/setup/client.md

@@ -0,0 +1,80 @@
+# Client Setup
+
+## Common
+
+Following resources are available.
+
+```
+/.well-known/caldav
+# CalDAV root
+/caldav
+# Principal home
+/caldav/principal/<user_id>
+# Calendar home
+/caldav/principal/<user_id>/<calendar_id>
+/caldav/principal/<user_id>/_birthdays_<addressbook_id>
+
+# CalDAV root
+/caldav-compat
+/caldav-compat/principal...
+```
+
+```
+/.well-known/carddav
+# CardDAV root
+/carddav
+# Principal home
+/carddav/principal/<user_id>
+# Addressbook home
+/carddav/principal/<user_id>/<addressbook_id>
+```
+
+### Authentication
+
+Authenticate with HTTP Basic authentication using your user id and a generated app token.
+
+## `/caldav` vs `/caldav-compat` (relevant for group sharing)
+
+To discover shared calendars the `calendar-home-set` property is used to list all principals the user has access to.
+However, some clients don't support `calendar-home-set` containing multiple paths (e.g. Apple Calendar).
+
+As a workaround `/caldav-compat` offers the same endpoints as `/caldav` with the only difference being that it does not return all calendar homes in `calendar-home-set`.
+This means that clients under this path will probably not auto-discover group calendars so you can instead add them one-by-one using the principal path `/caldav-compat/principal/<principal_id>`.
+
+## DAVx5
+
+You can set up DAVx5 through the Nextcloud login flow. Collections including group collections will automatically be discovered.
+
+## Apple Calendar
+
+You can download a configuration profile from the frontend in the app token section.
+
+**Note**: Since Apple Calendar does not properly support the `calendar-home-set` property the `/caldav-compat` endpoints should be used.
+That also means that Apple Calendar is not able to automatically discover group collections so in that case you'll have to manually add all principals with `/caldav-compat/principal/<principal_id>`.
+
+## Evolution
+
+Set up a collection account in the account settings.
+Evolution correctly uses all calendar homes so group collections work properly.
+
+## Home Assistant CalDAV integration
+
+The underlying library `python-caldav` does not support multiple calendar homes so you should use the `/caldav-compat` endpoints.
+
+As URL specify
+
+```
+https://<your-host>/caldav-compat
+```
+
+For group collections explicitly specify
+
+```
+https://<your-host>/caldav-compat/principal/<principal>
+```
+
+## Thunderbird
+
+- Go to `New Account -> Calendar -> On The Network`
+- Specify the root path of RustiCal
+- Thunderbird will properly discover group calendars

mkdocs.yml

@@ -68,6 +68,7 @@ nav:
   - Installation:
       - installation/index.md
       - Configuration: installation/configuration.md
+  - Client Setup: setup/client.md
   - OpenID Connect: setup/oidc.md
   - Developers:
       - developers/index.md

src/app.rs

@@ -1,10 +1,13 @@
 use crate::config::NextcloudLoginConfig;
 use axum::Router;
-use axum::body::Body;
+use axum::body::{Body, HttpBody};
 use axum::extract::Request;
-use axum::response::Response;
-use axum::routing::options;
+use axum::middleware::Next;
+use axum::response::{Redirect, Response};
+use axum::routing::{any, options};
+use axum_extra::TypedHeader;
 use headers::{HeaderMapExt, UserAgent};
+use http::header::CONNECTION;
 use http::{HeaderValue, StatusCode};
 use rustical_caldav::caldav_router;
 use rustical_carddav::carddav_router;
@@ -47,7 +50,29 @@ pub fn make_app<AS: AddressbookStore, CS: CalendarStore, S: SubscriptionStore>(
             auth_provider.clone(),
             combined_cal_store.clone(),
             subscription_store.clone(),
+            false,
         ))
+        .merge(caldav_router(
+            "/caldav-compat",
+            auth_provider.clone(),
+            combined_cal_store.clone(),
+            subscription_store.clone(),
+            true,
+        ))
+        .route(
+            "/.well-known/caldav",
+            any(async |TypedHeader(ua): TypedHeader<UserAgent>| {
+                if ua.as_str().contains("remindd") || ua.as_str().contains("dataaccessd") {
+                    // remindd is an Apple Calendar User Agent
+                    // Even when explicitly configuring a principal URL in Apple Calendar Apple
+                    // will not respect that configuration but call /.well-known/caldav,
+                    // so sadly we have to do this user-agent filtering. :(
+                    // (I should have never gotten an Apple device)
+                    return Redirect::permanent("/caldav-compat");
+                }
+                Redirect::permanent("/caldav")
+            }),
+        )
         .merge(carddav_router(
             "/carddav",
             auth_provider.clone(),
@@ -155,4 +180,21 @@ pub fn make_app<AS: AddressbookStore, CS: CalendarStore, S: SubscriptionStore>(
                     },
                 ),
         )
+        .layer(axum::middleware::from_fn(
+            async |req: Request, next: Next| {
+                // Closes the connection if the request body might've not been fully consumed
+                // Otherwise subsequent requests reusing the connection might fail.
+                // See https://github.com/lennart-k/rustical/issues/77
+                let body_empty = req.body().is_end_stream();
+                let mut response = next.run(req).await;
+                if !body_empty
+                    && (response.status().is_server_error() || response.status().is_client_error())
+                {
+                    response
+                        .headers_mut()
+                        .insert(CONNECTION, HeaderValue::from_static("close"));
+                }
+                response
+            },
+        ))
 }