dav icon indicating copy to clipboard operation
dav copied to clipboard

Published 20 hours ago verified publisher icon sabre-io

Create Carddav user with read only access?

Open x3LPh0r opened this issue 6 years ago • 7 comments

I've been building up a sabredav server and have it nearly completed. The last piece is/would be to create a user account with access to another address book as read only (or it's own). I want to share this user account between users to access a company directory basically that only admins can edit as necessary.

I tried creating another user and giving that user group membership to the main/admin users read (calendar) principal. (I found this after doing it that states this SHOULD work https://github.com/sabre-io/dav/issues/844). Basically I have the user I want to be able to access the other users address book as the member_id (it's principal) and the users address book (read only) I want to share's principal entered as the principal_id. (Just not working.) I tried to set the principal_id to the write principal as well as a test with the same result(s).

sqlite> select * from groupmembers; 1|5|10

sqlite> select * from principals; 5|principals/UserA/calendar-proxy-read|| 10|principals/UserB||UserB

However in doing so, I see the group membership in the browser GUI but when selected I get:

<d:error><s:sabredav-version>3.2.2</s:sabredav-version><s:exception>Sabre\DAV\Exception\NotFound</s:exception><s:message>Could not find node at path: principals/UserA/calendar-proxy-read</s:message></d:error>

Also when I log in with our address book I don't see any contacts. Is there a way for me to effectively achieve this with sabredav? I was hoping it was as easy as removing the write principal for a user or something, a switch etc, but that did not seem to work in my testing either. Thank you.

x3LPh0r avatar Mar 15 '18 17:03 x3LPh0r

I am looking for a solution to the exact same problem - I want a read-only address book shared by multiple people.

AndrewArmstrong avatar May 25 '18 23:05 AndrewArmstrong

Did you ever figure it out?

kidk avatar Jun 15 '18 19:06 kidk

I needed exactly the same. CardDAV service from our system, but read only. So i implemented the Sabre\DAV\Auth\Backend\AbstractBasic for authentication from our system, Sabre\DAVACL\PrincipalBackend\AbstractBackend for virtual principals (it's from our own users and ACL database) and Sabre\CardDAV\Backend\AbstractBackend as a datasource for address books (one virtual for all) and cards provider (from our own contacts DB). I know, that it's not the 100% proper solution, but i simply left empty (for now), the methods in the class, that are responsible for updating/changing the data.

As i told, maybe not a 100% correct solution, but it works for now.

risototh avatar Jan 22 '19 09:01 risototh

I needed exactly the same. CardDAV service from our system, but read only. So i implemented the Sabre\DAV\Auth\Backend\AbstractBasic for authentication from our system, Sabre\DAVACL\PrincipalBackend\AbstractBackend for virtual principals (it's from our own users and ACL database) and Sabre\CardDAV\Backend\AbstractBackend as a datasource for address books (one virtual for all) and cards provider (from our own contacts DB). I know, that it's not the 100% proper solution, but i simply left empty (for now), the methods in the class, that are responsible for updating/changing the data.

As i told, maybe not a 100% correct solution, but it works for now.

Hello Richard,

Your workaround is very interesting, could you please post the file (or contain) here because i'm not a specialist and it's a little bit complex for me. I think it's server.php file to update but i don't know how to do.

Thanks a million by advance Christophe (Charity Association in Paris)

BRUCH05 avatar Nov 02 '19 10:11 BRUCH05

Hi Christophe, I have removed most of our company code, so maybe it will not be working out of the box, but as an example, it will be fine. Our server.php is called dav.php here...

dav.zip

risototh avatar Nov 07 '19 06:11 risototh

I needed exactly the same. CardDAV service from our system, but read only. So i implemented the Sabre\DAV\Auth\Backend\AbstractBasic for authentication from our system, Sabre\DAVACL\PrincipalBackend\AbstractBackend for virtual principals (it's from our own users and ACL database) and Sabre\CardDAV\Backend\AbstractBackend as a datasource for address books (one virtual for all) and cards provider (from our own contacts DB). I know, that it's not the 100% proper solution, but i simply left empty (for now), the methods in the class, that are responsible for updating/changing the data.

As i told, maybe not a 100% correct solution, but it works for now.

If you throw a Sabre\DAV\Exception\Forbidden exception in the backend method, changes made in, for example macOS AddressBook, wil be reverted after the PUT. This is a very workable mechanism for our situation.

pbruining avatar May 04 '21 04:05 pbruining

Hi @pbruining thanks for this comment, it sounds like a "simple" Workaround for the exact problem i also have. In my case im using the Sabre DAV Baikal Docker Image to share addressbooks.

Is it possible to get the same mechanism for this Image? And could you please be so kind and explain your doings a bit more? Im really new to this at all.

thanks in advance Paul

Guenni99 avatar Nov 28 '22 15:11 Guenni99