2.5 imap/http_caldav.c:caldav_put() ensure ORGANIZER is consistent

[dilyanpalauzov]

If the first element of a caldav object has no ORGANIZER, make sure that no other element of the same caldav object has an ORGANIZER (RFC 6638 Section 3.2.4.2 CALDAV:same-organizer-in-all-components Precondition)

diff --git a/imap/http_caldav.c b/imap/http_caldav.c
index 5a2a62b30..302822f6e 100644
--- a/imap/http_caldav.c
+++ b/imap/http_caldav.c
@@ -2705,18 +2705,17 @@ static int caldav_put(struct transaction_t *txn,
            goto done;
        }
 
-       if (organizer) {
-           const char *nextorg = NULL;
+       const char *nextorg = NULL;
 
-           prop = icalcomponent_get_first_property(nextcomp,
-                                                   ICAL_ORGANIZER_PROPERTY);
-           if (prop) nextorg = icalproperty_get_organizer(prop);
-           if (!nextorg || strcmp(organizer, nextorg)) {
+       prop = icalcomponent_get_first_property(nextcomp,
+                                               ICAL_ORGANIZER_PROPERTY);
+       if (prop) nextorg = icalproperty_get_organizer(prop);
+       if ((!organizer && nextorg)
+           || (organizer && (!nextorg || strcmp(organizer, nextorg)))) {
                txn->error.precond = CALDAV_SAME_ORGANIZER;
                ret = HTTP_FORBIDDEN;
                goto done;
            }
-       }
     }
 
     switch (kind) {

[elliefm]

@ksmurchison - what do you think of this?

The patch is against 2.5 but it looks like it might apply to 3.0 too (with some finessing). I'm happy to do the wrangling if you're happy for it to be merged?

[ksmurchison]

If this is compliant with RFCs 5545, 5546, and 6638 then let's apply it to both 2.5 and 3.0

[elliefm]

https://tools.ietf.org/html/rfc5545#section-3.8.4.3:

Conformance: This property MUST be specified in an iCalendar object
that specifies a group-scheduled calendar entity. This property
MUST be specified in an iCalendar object that specifies the
publication of a calendar user's busy time. This property MUST
NOT be specified in an iCalendar object that specifies only a time
zone definition or that defines calendar components that are not
group-scheduled components, but are components only on a single
user's calendar.

That's kind of ... unenlightening? Seems like this behaviour is neither explicitly verboten nor explicitly allowed

I don't see anything in the other two RFCs regarding when organizer is/isn't appropriate (but I might have missed something, I'm not familiar with these in any depth)

[dilyanpalauzov]

https://tools.ietf.org/html/rfc6638#section-3.2.4.2

3.2.4.2. CALDAV:same-organizer-in-all-components Precondition

Apply to: PUT, COPY, and MOVE

Use with: 403 Forbidden

Purpose: (precondition) -- All the calendar components in a
scheduling object resource MUST contain the same "ORGANIZER"
property value when present.

[ksmurchison]

Yes. That's the correct reference. The patch looks sane to me.

[elliefm]

Patch applied, thanks :)

I copied your author line from one of your other commits, hope that's okay