Determine access rights for CalDAV calendars

Question

I'm creating a PHP application that will write events to a CalDAV calendar (Kolab groupware). For this I ask for the calendar-home-set of the respective user. After that, I only want to use calendars that I have write permissions for. It may well be that I received shared calendars that I'm only allowed to read. So how can I determine the access rights to a calendar before I register an event and receive an error message?

Thanks in advance.

Answer 1

To get CalDAV(/*DAV) resource/collection privileges you can query the {DAV:}current-user-privilege-set property while retrieving the calendar list.

This is part of RFC 3744 (WebDAV ACL). Sample from the RFC:

   PROPFIND /papers/ HTTP/1.1
   Host: www.example.com
   Content-type: text/xml; charset="utf-8"
   Content-Length: xxx
   Depth: 0
   Authorization: Digest username="khare",
     realm="users@example.com", nonce="...",
     uri="/papers/", response="...", opaque="..."

   <?xml version="1.0" encoding="utf-8" ?>
   <D:propfind xmlns:D="DAV:">
     <D:prop>
       <D:current-user-privilege-set/>
     </D:prop>
   </D:propfind>

   HTTP/1.1 207 Multi-Status
   Content-Type: text/xml; charset="utf-8"
   Content-Length: xxx

   <?xml version="1.0" encoding="utf-8" ?>
   <D:multistatus xmlns:D="DAV:">
     <D:response>
     <D:href>http://www.example.com/papers/</D:href>
     <D:propstat>
       <D:prop>
         <D:current-user-privilege-set>
           <D:privilege><D:read/></D:privilege>
         </D:current-user-privilege-set>
       </D:prop>
       <D:status>HTTP/1.1 200 OK</D:status>
     </D:propstat>
     </D:response>
   </D:multistatus>