shahondin1624/Mitgliederverwaltung
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 16 Wiki Activity

security: enforce access control on CalendarSync and ContactsSync (Closes #170) #188

Merged
shahondin1624 merged 1 commits from feature/issue-170-calendar-contacts-sync-api into main 2026-04-10 18:56:16 +02:00
Conversation 0 Commits 1 Files Changed 4
+454 -4
shahondin1624 commented 2026-04-10 18:56:10 +02:00
Owner
Copy Link
Copy Source

Summary

  • Added PermissionService and IUserSession to CalendarSyncService and ContactsSyncService to enforce write-level access control
  • All public mutation methods (syncMember, fullSync, deleteEvent/deleteContact) now check permissions before proceeding
  • Background job context (no user session) is trusted and bypasses the check -- this is intentional since cron jobs are system-level operations
  • ContactsSyncService now integrates with OCP\Contacts\IManager::createOrUpdate() for native Nextcloud contacts, falling back to the staging table when the Contacts app is not available
  • CalendarSyncService retains the staging table because OCP\Calendar\IManager does not provide write methods in Nextcloud 28

Test plan

  • Permission check added to all public mutation methods in both services
  • Tests verify that users without write permission are denied
  • Tests verify that users with write permission are allowed
  • Tests verify that background context (null user) is allowed
  • Updated CalendarSyncServiceTest with new constructor dependencies
  • Updated ContactsSyncServiceTest with new constructor dependencies + IContactsManager mock

Closes #170

## Summary - Added `PermissionService` and `IUserSession` to `CalendarSyncService` and `ContactsSyncService` to enforce write-level access control - All public mutation methods (`syncMember`, `fullSync`, `deleteEvent`/`deleteContact`) now check permissions before proceeding - Background job context (no user session) is trusted and bypasses the check -- this is intentional since cron jobs are system-level operations - `ContactsSyncService` now integrates with `OCP\Contacts\IManager::createOrUpdate()` for native Nextcloud contacts, falling back to the staging table when the Contacts app is not available - `CalendarSyncService` retains the staging table because `OCP\Calendar\IManager` does not provide write methods in Nextcloud 28 ## Test plan - [x] Permission check added to all public mutation methods in both services - [x] Tests verify that users without write permission are denied - [x] Tests verify that users with write permission are allowed - [x] Tests verify that background context (null user) is allowed - [x] Updated `CalendarSyncServiceTest` with new constructor dependencies - [x] Updated `ContactsSyncServiceTest` with new constructor dependencies + IContactsManager mock Closes #170
shahondin1624 added 1 commit 2026-04-10 18:56:10 +02:00
security: enforce access control on CalendarSync and ContactsSync (Closes #170) bd5c63c2a9 
Add PermissionService and IUserSession to both sync services to enforce
write-level permission checks before any data modification. When called
from background jobs (no user session), operations proceed as trusted
system-level actions. When called in user context, write permission is
required.

ContactsSyncService now also integrates with OCP\Contacts\IManager for
native Nextcloud contacts management, falling back to the staging table
(mv_contact_cards) when the Contacts app is not available.

CalendarSyncService retains the staging table approach because
OCP\Calendar\IManager does not provide write methods.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
shahondin1624 merged commit b6a7854a1b into main 2026-04-10 18:56:16 +02:00
shahondin1624 deleted branch feature/issue-170-calendar-contacts-sync-api 2026-04-10 18:56:16 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
backend
Backend / PHP work
 bug
Bug report
 database
Database migrations and schema
 documentation
Documentation
 enhancement
Enhancement or improvement
 epic
Epic / feature-group issues
 frontend
Frontend / Vue.js work
 integration
Nextcloud integrations (Calendar, Contacts, Files)
 priority:high
High priority
 priority:low
Low priority
 priority:medium
Medium priority
 security
Security-related work
 testing
Tests and test infrastructure
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
shahondin1624
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: shahondin1624/Mitgliederverwaltung#188
Delete Branch "feature/issue-170-calendar-contacts-sync-api"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?