mail
mail copied to clipboard
nextcloud
Update calendar event attendee status from email response with attached ics
Is your feature request related to a problem? Please describe.
When I invite users who do not have an account at my Nextcloud to calendar events, they receive an email with the event's ICS attached. If the user uses GMail and Google Calendar, most of the time they do not use the buttons in the email which lead to my Nextcloud to update their attendance status but use the ones that GMail provides for them. This generates an email sent to my email address with an updated ICS attached. Nextcloud Mail does show that the other user has accepted/declined/… my event nicely, but the user's attendance status in my agenda is not updated.
Describe the solution you'd like
It would be very nice if the attendance status were updated in my calendar from these emails automatically. Nextcloud Mail was already able to tell me that my invitation has been accepted, so why not directly update this event's status?
Describe alternatives you've considered
A manual update would be a first nice step, but I think it is quite annoying if you have to do that for a lot of events. But it would be a nice method to test if updating the event works.
Additional context
I don't know if this issue fits here or rather in nextcloud/server or nextcloud/calendar. Please feel free to move it in case it is not applicable here. Possibly related issues or issues that might complement this one (and vice versa): https://github.com/nextcloud/mail/issues/8458, https://github.com/nextcloud/mail/issues/8881, https://github.com/nextcloud/mail/issues/8335, https://github.com/nextcloud/mail/issues/9470
@miaulalala should this be covered by https://github.com/nextcloud/mail/pull/6812?
I didn't find anything specific in the RFC, but some parts of the "Authentication" and "Security Considerations" chapters indicate that yes, when we receive a REPLY from an external user, we should process this from Mail into the calendar. But only for the ORGANIZER.
We don't have this at the moment.
Theoretically, we should only accept messages that are S/MIME signed if we want to process them automatically. @PatrickJosh are such replies from external users signed for you?
If they're not, we should offer the ORGANIZER a choice - would they like to process the message or would they like to ignore it?
I didn't find anything specific in the RFC, but some parts of the "Authentication" and "Security Considerations" chapters indicate that yes, when we receive a REPLY from an external user, we should process this from Mail into the calendar. But only for the ORGANIZER.
Is the RFC you are referencing this one?
We don't have this at the moment.
Theoretically, we should only accept messages that are S/MIME signed if we want to process them automatically. @PatrickJosh are such replies from external users signed for you?
No, they are not. I can provide you one of these emails if you want, but since they contain quite a lot of personal information, preferably privately (e.g. via email). But you can also easily generate one yourself if you have a GMail address; just invite this address and accept the invitation using GMail's UI, i.e. not by clicking the link that leads to the organiser's Nextcloud.
If they're not, we should offer the ORGANIZER a choice - would they like to process the message or would they like to ignore it?
That sounds sensible from a security point of view.
I have the same issue with outlook.com invitations. People will always click on the "yes" or "no" at the top and this handled correct by all email clients I used so far.
