fix user-hooks

owncloud-archive · Sep 12, 2014 · e68e549 · e68e549 · wanno-drijfhout · Oct 3, 2014
1 parent b804dac
commit e68e549
Showing 1 changed file with 23 additions and 1 deletion.
diff --git a/lib/calendar.php b/lib/calendar.php
@@ -254,7 +254,7 @@ public static function touchCalendar($id) {
 	 */
 	public static function deleteCalendar($id) {
 		$calendar = self::find($id);
-		if ($calendar['userid'] != OCP\User::getUser() && !OC_Group::inGroup(OCP\User::getUser(), 'admin')) {
+		if (!self::isAllowedToDeleteCalendar($calendar)) {
 			$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $id);
 			if (!$sharedCalendar || !($sharedCalendar['permissions'] & OCP\PERMISSION_DELETE)) {
 				throw new Exception(
@@ -408,4 +408,26 @@ public static function generateTextColor($calendarcolor) {
 	public static function getUsersEmails($names) {
 		return \OCP\Config::getUserValue(\OCP\User::getUser(), 'settings', 'email');
 	}
+
+
+	/**
+	 * @param array $calendar
+	 * @param string $userId
+	 * @return boolean
+	 */
+	private static function isAllowedToDeleteCalendar($calendar) {
+		$userId = OCP\User::getUser();
+
+		if ($calendar['userid'] === $userId) {
+			return true;
+		}
+		if (OC_User::isAdminUser($userId)) {
+			return true;
+		}
+		if (OC_SubAdmin::isUserAccessible($userId, $calendar['userid'])) {
+			return true;
+		}
+
+		return false;
+	}
 }