|Anonymous | Login | Signup for a new account||2017-08-19 03:23 EDT|
|My View | View Issues | Change Log | Roadmap | Repositories|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0004216||SOGo||Backend Calendar||public||2017-07-05 11:10||2017-08-07 09:49|
|Platform||[Server] Linux||OS||Debian||OS Version||8 (Jessie)|
|Target Version||Fixed in Version|
|Summary||0004216: Modification of event using admin account is impossible|
|Description||It seems that modification of event with invited person by CalDAV is impossible using SOGoSuperUsernames accounts. One can delete event, but cannot modify it. |
The error returned by server is "HTTP/1.1 409 Conflict" :
Not allowed to perform this action. Wrong SENT-BY being used regarding access rights on organizer's calendar.
|Steps To Reproduce||1. Create an event in a user's calendar, invite at least one person (not administrator).|
2. Configure an CalDAV client (Thunderbird/Lightning) to access the calendar, using an account of administrator (mentioned in SOGoSuperUsernames).
3. Try to modify the event (change the date, for example) - the server returns status 409 ("Wrong SENT-BY...")
4. Try to delete the event - no problem, the server returns status 204 as expected.
|Additional Information||Normally, one don't need additional ACLs in case of SOGoSuperUsernames account to manipulate the events of other users. It seems to be the case for all operations but modification of events with at least one invited person. |
It seems to be a bug in ACLs verification - during the verification of roles (on PUT of modified event) the membership of SOGoSuperUsernames is not checked.
BTW, adding permissions using SOGo Web interface does not change the behavior.
|Tags||No tags attached.|
edited on: 2017-08-07 09:49
same here with latest SOGo, Outlook 2013 and caldavsynchronizer 2.22.2.
I belive the affected Calendar events are previously made by an android CALDav client. caldavsynchronizer shows the mentioned error on every sync.
|2017-07-05 11:10||Peter2121||New Issue|
|2017-07-05 11:14||ludovic||Severity||major => minor|
|2017-08-07 09:48||ste||Note Added: 0012153|
|2017-08-07 09:49||ste||Note Edited: 0012153||View Revisions|
|Copyright © 2000 - 2017 MantisBT Team|