Shared calendar doesn't care about privacy settings

exaveal · August 31, 2016, 6:59pm

Hello,
I am running ownCloud 9.1.0 (stable) and have problems with the calendar privacy settings - not only in the new version.

If a user shares his calendar to other users, owncloud doesn’t care about the privacy settings. So although a calendar entry which is marked as “privat” is also visible to me.
I get also notifications for calendar entries from other users. For example another user shares his calendar and set up notifications for some of his events. I will also get those notifications.

Will this ever be fixed? I think privacy is an important topic when sharings calendars to other people.

anon30676603 · August 31, 2016, 7:30pm

According to:

github.com/owncloud/core

Calendars from other Users show private appointments

opened 02:57PM - 16 Mar 16 UTC

closed 05:52AM - 23 Mar 16 UTC

melo1

Type:Bug

Steps to reproduce 1.Share calendar to another user without write permission 2.A…s the other user Access your calendars via caldav Expected behaviour Private appointments of others should not be shown. Confidential appointments of others should be shown without Details. Actual behaviour All appointments of read only calendars are shown with full Details. Server configuration Operating system: Debian 8.3 Web server: Nginx 1.9.5 Database: MariaDB 5.5.44 PHP version: 5.5.31 ownCloud version: (see ownCloud admin page) 9.0.0 Calendar version: (see ownCloud apps page) 1.0 Updated from an older ownCloud or fresh install: updated Signing status (ownCloud 9.0 and above): No errors have been found. Login as admin user into your ownCloud and access http://example.com/index.php/settings/integrity/failed paste the results here. List of activated apps: Enabled: •calendar: 1.0 •contacts: 1.0.0.0 •dav: 0.1.5 •federatedfilesharing: 0.1.0 •files: 1.4.4 •files_sharing: 0.9.1 •files_trashbin: 0.8.0 •files_versions: 1.2.0 •notifications: 0.2.3 •ownnote: 1.07 •updatenotification: 0.1.0 Disabled: •activity •comments •encryption •external •federation •files_external •files_pdfviewer •files_texteditor •files_videoplayer •firstrunwizard •gallery •provisioning_api •systemtags •templateeditor •user_external •user_ldap If you have access to your command line run e.g.: sudo -u www-data php occ app:list from within your ownCloud installation folder The content of config/config.php: "system": { "instanceid": "5190d5dc535b7", "passwordsalt": "**_REMOVED SENSITIVE VALUE**_", "datadirectory": "**_REMOVED SENSITIVE VALUE**_", "overwritehost": "**_REMOVED SENSITIVE VALUE**_", "overwritewebroot": "\/owncloud", "overwrite.cli.url": "**_REMOVED SENSITIVE VALUE**_", "skeletondirectory": "", "appstoreenabled": true, "appstoreurl": "https:\/\/api.owncloud.com\/v1", "apps_paths": [ { "path": "**_REMOVED SENSITIVE VALUE**_", "url": "\/apps", "writable": true } ], "appcodechecker": false, "dbtype": "mysql", "dbname": "owncloud", "dbuser": "**_REMOVED SENSITIVE VALUE**_", "dbpassword": "**_REMOVED SENSITIVE VALUE**_", "dbhost": "**_REMOVED SENSITIVE VALUE**_", "dbtableprefix": "oc_", "version": "9.0.0.19", "installed": true, "forcessl": true, "theme": "", "maintenance": false, "memcache.local": "\OC\Memcache\APCu", "loglevel": "3", "mail_smtpmode": "smtp", "mail_smtphost": "sslout.df.eu", "mail_smtpport": "465", "trusted_domains": [ "**_REMOVED SENSITIVE VALUE**_" ], "mail_from_address": "owncloud", "mail_domain": "**_REMOVED SENSITIVE VALUE**_", "mail_smtpsecure": "ssl", "mail_smtpauth": 1, "mail_smtpname": "**_REMOVED SENSITIVE VALUE**_", "mail_smtppassword": "**_REMOVED SENSITIVE VALUE**_", "secret": "**_REMOVED SENSITIVE VALUE**_", "forceSSLforSubdomains": true, "hashingCost": 10, "defaultapp": "files", "knowledgebaseenabled": false, "enable_avatars": true, "allow_user_to_change_display_name": true, "remember_login_cookie_lifetime": 1296000, "session_lifetime": 86400, "session_keepalive": true, "trashbin_retention_obligation": "30, auto, auto", "updatechecker": true, "has_internet_connection": true, "check_for_working_webdav": true, "check_for_working_htaccess": false, "config_is_read_only": false, "log_type": "owncloud", "logfile": "**_REMOVED SENSITIVE VALUE**_", "logdateformat": "F d, Y H:i:s", "log_query": false, "cron_log": false, "log_rotate_size": false, "enable_previews": true, "preview_max_scale_factor": 10, "preview_max_filesize_image": 50, "enabledPreviewProviders": [ "OC\Preview\Image", "OC\Preview\MP3", "OC\Preview\TXT", "OC\Preview\MarkDown" ], "xframe_restriction": true, "cipher": "AES-256-CFB", "filesystem_check_changes": 1, "asset-pipeline.enabled": false, "assetdirectory": "**_REMOVED SENSITIVE VALUE**_", "mount_file": "data\/mount.json", "filesystem_cache_readonly": false, "custom_csp_policy": "default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src *; font-src 'self' data:; media-src *; connect-src *", "forwarded_for_headers": [ "HTTP_X_FORWARDED", "HTTP_FORWARDED_FOR" ], "max_filesize_animated_gifs_public_sharing": 10, "appstore.experimental.enabled": false }, "apps": { "activity": { "enabled": "no", "installed_version": "1.2.2", "types": "filesystem" }, "backgroundjob": { "lastjob": "12" }, "calendar": { "enabled": "yes", "installed_version": "1.0", "ocsid": "168707", "types": "" }, "comments": { "enabled": "no", "installed_version": "0.2", "types": "logging" }, "contacts": { "enabled": "yes", "installed_version": "1.0.0.0", "ocsid": "168708", "types": "" }, "core": { "global_cache_gc_lastrun": "1458025731", "incoming_server2server_share_enabled": "no", "installedat": "1446039273.7023", "lastupdateResult": "{\"version\":{},\"versionstring\":{},\"url\":{},\"web\":{}}", "lastupdatedat": "1458139021", "oc.integritycheck.checker": "[]", "outgoing_server2server_share_enabled": "no", "public_caldav": "calendar\/share.php", "public_calendar": "calendar\/share.php", "public_files": "files_sharing\/public.php", "public_gallery": "gallery\/public.php", "public_webdav": "dav\/appinfo\/v1\/publicwebdav.php", "remote_caldav": "dav\/appinfo\/v1\/caldav.php", "remote_calendar": "dav\/appinfo\/v1\/caldav.php", "remote_carddav": "dav\/appinfo\/v1\/carddav.php", "remote_contacts": "dav\/appinfo\/v1\/carddav.php", "remote_dav": "dav\/appinfo\/v2\/remote.php", "remote_files": "dav\/appinfo\/v1\/webdav.php", "remote_webdav": "dav\/appinfo\/v1\/webdav.php", "repairlegacystoragesdone": "yes", "shareapi_allow_mail_notification": "yes", "shareapi_allow_public_notification": "yes", "shareapi_allow_public_upload": "no", "shareapi_allow_resharing": "no", "shareapi_exclude_groups": "no", "shareapi_exclude_groups_list": "" }, "dav": { "enabled": "yes", "installed_version": "0.1.5", "types": "filesystem" }, "federatedfilesharing": { "enabled": "yes", "installed_version": "0.1.0", "types": "" }, "federation": { "enabled": "no", "installed_version": "0.0.4", "types": "authentication" }, "files": { "cronjob_scan_files": "500", "default_quota": "5 GB", "enabled": "yes", "installed_version": "1.4.4", "types": "filesystem" }, "files_locking": { "enabled": "no", "installed_version": "", "types": "filesystem" }, "files_pdfviewer": { "enabled": "no", "installed_version": "0.7", "ocsid": "166049", "types": "" }, "files_sharing": { "enabled": "yes", "incoming_server2server_share_enabled": "no", "installed_version": "0.9.1", "outgoing_server2server_share_enabled": "no", "types": "filesystem" }, "files_texteditor": { "enabled": "no", "installed_version": "0.4", "ocsid": "166051", "types": "" }, "files_trashbin": { "enabled": "yes", "installed_version": "0.8.0", "types": "filesystem" }, "files_versions": { "enabled": "yes", "installed_version": "1.2.0", "types": "filesystem" }, "files_videoplayer": { "enabled": "no", "installed_version": "0.9.8", "types": "" }, "files_videoviewer": { "enabled": "no", "installed_version": "0.1.3", "ocsid": "166054", "types": "" }, "firstrunwizard": { "enabled": "no", "installed_version": "1.1", "ocsid": "166055", "types": "" }, "gallery": { "enabled": "no", "installed_version": "0.6.1", "types": "" }, "notifications": { "enabled": "yes", "installed_version": "0.2.3", "types": "logging" }, "ownnote": { "enabled": "yes", "installed_version": "1.07", "types": "" }, "provisioning_api": { "enabled": "no", "installed_version": "0.2", "types": "filesystem" }, "systemtags": { "enabled": "no", "installed_version": "0.2", "types": "logging" }, "templateeditor": { "enabled": "no", "installed_version": "0.1", "types": "" }, "updatenotification": { "enabled": "yes", "installed_version": "0.1.0", "types": "" }, "updater": { "enabled": "no", "installed_version": "0.4.1", "types": "" } } If you have access to your command line run e.g.: sudo -u www-data php occ config:list system from within your ownCloud installation folder or Insert your config.php content here (Without the database password, passwordsalt and secret) Are you using external storage, if yes which one: local/smb/sftp/... Are you using encryption: yes/no no Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/... no Client configuration CalDAV-clients: Android with CalDav-Sync or DAVdroid - doesn't matter Logs ownCloud log (data/owncloud.log) Insert your ownCloud log here no entries

this should be fixed with oC 9.1.0. If not → Sign in to GitHub · GitHub