git: 4f1f781e6787 - main - www/davical: add bugfixes
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 28 Aug 2025 16:05:47 UTC
The branch main has been updated by dinoex:
URL: https://cgit.FreeBSD.org/ports/commit/?id=4f1f781e6787c8f6ea56600e0a10246196db301d
commit 4f1f781e6787c8f6ea56600e0a10246196db301d
Author: Dirk Meyer <dinoex@FreeBSD.org>
AuthorDate: 2025-08-28 16:05:31 +0000
Commit: Dirk Meyer <dinoex@FreeBSD.org>
CommitDate: 2025-08-28 16:05:31 +0000
www/davical: add bugfixes
take maintainership
Obtained from: Debian
---
www/davical/Makefile | 3 +-
www/davical/files/patch-caldav-ACL.php | 85 ++++++++++++++++++++++++++++++
www/davical/files/patch-principal-edit.php | 27 ++++++++++
3 files changed, 114 insertions(+), 1 deletion(-)
diff --git a/www/davical/Makefile b/www/davical/Makefile
index 148a9b6d5b41..43d48acda575 100644
--- a/www/davical/Makefile
+++ b/www/davical/Makefile
@@ -1,10 +1,11 @@
PORTNAME= davical
DISTVERSIONPREFIX= r
DISTVERSION= 1.1.12
+PORTREVISION= 1
CATEGORIES?= www
PKGNAMESUFFIX= ${PHP_PKGNAMESUFFIX}
-MAINTAINER= ports@FreeBSD.org
+MAINTAINER= dinoex@FreeBSD.org
COMMENT= Simple CalDAV server using a postgres backend
WWW= https://www.davical.org/
diff --git a/www/davical/files/patch-caldav-ACL.php b/www/davical/files/patch-caldav-ACL.php
new file mode 100644
index 000000000000..1f4ae0bf13e4
--- /dev/null
+++ b/www/davical/files/patch-caldav-ACL.php
@@ -0,0 +1,85 @@
+commit effc00474111bf5dff1297dd3c6811c1fdf6b6ca
+Author: Florian Schlichting <fsfs@debian.org>
+Date: Thu Mar 23 22:14:41 2023 +0100
+
+ use "." to concatenate strings, not "+" (fixes #288)
+
+ Unsupported operand types: string + string at /usr/share/davical/inc/caldav-ACL.php:146
+
+diff --git a/inc/caldav-ACL.php b/inc/caldav-ACL.php
+index 861d4389..cb0fa213 100644
+--- inc/caldav-ACL.php.orig
++++ inc/caldav-ACL.php
+@@ -143,7 +143,7 @@ function process_ace( $grantor, $by_principal, $by_collection, $ace ) {
+ $grantee = new DAVResource( DeconstructURL($principal_content->GetContent()) );
+ $grantee_id = $grantee->getProperty('principal_id');
+ if ( !$grantee->Exists() || !$grantee->IsPrincipal() )
+- $request->PreconditionFailed(403,'recognized-principal', 'Principal "' + $principal_content->GetContent() + '" not found.');
++ $request->PreconditionFailed(403,'recognized-principal', 'Principal "' . $principal_content->GetContent() . '" not found.');
+ $sqlparms = array( ':to_principal' => $grantee_id);
+ $where = 'WHERE to_principal=:to_principal AND ';
+ if ( isset($by_principal) ) {
+diff --git a/testing/tests/regression-suite/0946-ACL-err.result b/testing/tests/regression-suite/0946-ACL-err.result
+new file mode 100644
+index 00000000..c0ad5ef7
+--- /dev/null
++++ testing/tests/regression-suite/0946-ACL-err.result
+@@ -0,0 +1,11 @@
++HTTP/1.1 403 Forbidden
++Date: Dow, 01 Jan 2000 00:00:00 GMT
++DAV: 1, 2, 3, access-control, calendar-access, calendar-schedule
++DAV: extended-mkcol, bind, addressbook, calendar-auto-schedule, calendar-proxy
++Content-Length: 137
++Content-Type: text/xml; charset="utf-8"
++
++<?xml version="1.0" encoding="utf-8" ?>
++<error xmlns="DAV:">
++ <recognized-principal/>Principal "/caldav.php/user40/" not found.
++</error>
+diff --git a/testing/tests/regression-suite/0946-ACL-err.test b/testing/tests/regression-suite/0946-ACL-err.test
+new file mode 100644
+index 00000000..945f3a13
+--- /dev/null
++++ testing/tests/regression-suite/0946-ACL-err.test
+@@ -0,0 +1,41 @@
++#
++# ACL setting default privileges on a collection to nothing, and
++# specific privileges to include read-acl.
++#
++TYPE=ACL
++URL=http://regression.host/caldav.php/user1/home/
++HEADER=User-Agent: RFC3744 Spec Tests
++HEADER=Content-Type: text/xml; charset="UTF-8"
++HEAD
++
++
++BEGINDATA
++<?xml version="1.0" encoding="utf-8" ?>
++<acl xmlns="DAV:" xmlns:CalDAV="urn:ietf:params:xml:ns:caldav">
++ <ace>
++ <principal>
++ <href>/caldav.php/user40/</href>
++ </principal>
++ <grant>
++ <privilege><read/></privilege>
++ <privilege><read-acl/></privilege>
++ <privilege><read-current-user-privilege-set/></privilege>
++ <privilege><CalDAV:read-free-busy/></privilege>
++ </grant>
++ </ace>
++ <ace>
++ <principal><authenticated/></principal>
++ <grant>
++ <privilege/>
++ </grant>
++ </ace>
++</acl>
++ENDDATA
++
++QUERY
++SELECT by_principal, by_collection, privileges, p_to.displayname, to_principal
++ FROM grants JOIN dav_principal p_to ON (to_principal=principal_id)
++ LEFT JOIN collection ON (by_collection=collection.collection_id)
++ WHERE collection.dav_name = '/user1/home/'
++ENDQUERY
++
diff --git a/www/davical/files/patch-principal-edit.php b/www/davical/files/patch-principal-edit.php
new file mode 100644
index 000000000000..361be905cb0e
--- /dev/null
+++ b/www/davical/files/patch-principal-edit.php
@@ -0,0 +1,27 @@
+commit e8f3a3e6f2c27e78c2778e0040b385b430dfc9fc
+Author: Andrew Ruthven <puck@catalystcloud.nz>
+Date: Sun Apr 30 12:13:37 2023 +1200
+
+ Add a missing space to a SQL statement to fix adding groups.
+
+ It looks to me like this bug has been present since 2011.
+
+ Closes: #294
+
+diff --git a/inc/ui/principal-edit.php b/inc/ui/principal-edit.php
+index 603fd1e1..df975e22 100644
+--- inc/ui/principal-edit.php.orig
++++ inc/ui/principal-edit.php
+@@ -495,9 +495,9 @@ function group_memberships_browser() {
+ function group_row_editor() {
+ global $c, $id, $editor, $can_write_principal;
+ $grouprow = new Editor("Group Members", "group_member");
+- $sql = 'SELECT principal_id, coalesce(displayname,fullname,username) FROM dav_principal ';
+- $sql .= 'WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = '.$id.') ';
+- $sql .= 'AND principal_id != '.$id;
++ $sql = 'SELECT principal_id, coalesce(displayname, fullname, username) FROM dav_principal ';
++ $sql .= 'WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = ' . $id . ') ';
++ $sql .= 'AND principal_id != ' . $id . ' ';
+ $sql .= 'ORDER BY 2';
+ $grouprow->SetLookup( 'member_id', $sql);
+ $grouprow->SetSubmitName( 'savegrouprow' );