Set version to 8.2.9 RC1

Merge pull request #26409 from owncloud/stable9-36d6f3ba8b7b7db8f4d8b2a70504fd184a30cc50
[stable9] Escape special characters (#25429)
2016-10-19 20:06:09 +02:00 · 2016-10-19 15:47:08 +02:00 · 2016-10-19 15:45:12 +02:00 · 2016-10-19 13:15:03 +02:00 · 2016-10-19 12:48:42 +02:00 · 2016-10-19 10:09:25 +02:00
1247 changed files with 31572 additions and 3567 deletions
@@ -37,6 +37,17 @@
    SetEnv htaccessWorking true
  </IfModule>
 </IfModule>
+<IfModule mod_php7.c>
+  php_value upload_max_filesize 513M
+  php_value post_max_size 513M
+  php_value memory_limit 512M
+  php_value mbstring.func_overload 0
+  php_value default_charset 'UTF-8'
+  php_value output_buffering 0
+  <IfModule mod_env.c>
+    SetEnv htaccessWorking true
+  </IfModule>
+</IfModule>
 <IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
@@ -48,24 +59,6 @@
  RewriteRule ^(build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule ^(\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
-
-  # Rewrite rules for `front_controller_active`
-  Options -MultiViews
-  RewriteRule ^core/js/oc.js$ index.php/core/js/oc.js [PT,E=PATH_INFO:$1]
-  RewriteRule ^core/preview.png$ index.php/core/preview.png [PT,E=PATH_INFO:$1]
-  RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico)$
-  RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
-  RewriteCond %{REQUEST_FILENAME} !/remote.php
-  RewriteCond %{REQUEST_FILENAME} !/public.php
-  RewriteCond %{REQUEST_FILENAME} !/cron.php
-  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
-  RewriteCond %{REQUEST_FILENAME} !/status.php
-  RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
-  RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
-  RewriteCond %{REQUEST_FILENAME} !/updater/
-  RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
-  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
-  RewriteRule .* index.php [PT,E=PATH_INFO:$1]
 </IfModule>
 <IfModule mod_mime.c>
  AddType image/svg+xml svg svgz
@@ -13,7 +13,7 @@ env:
 branches:
  only:
    - master
-#    - /^stable\d+(\.\d+)?$/
+    - /^stable\d+(\.\d+)?$/

 addons:
  apt:
@@ -29,6 +29,7 @@ install:


 script:
+  - sh -c "if [ '$TC' = 'syntax' ]; then composer install && vendor/bin/parallel-lint --exclude vendor/jakub-onderka/ --exclude 3rdparty/symfony/polyfill-php70/Resources/stubs/ --exclude 3rdparty/patchwork/utf8/src/Patchwork/Utf8/Bootup/ --exclude 3rdparty/paragonie/random_compat/lib/ --exclude vendor/composer/autoload_static.php --exclude 3rdparty/composer/autoload_static.php .; fi"
  - sh -c "if [ '$TEST_DAV' != '1' ]; then echo \"Not testing DAV\"; fi"
  - sh -c "if [ '$TEST_DAV' = '1' ]; then echo \"Testing DAV\"; fi"

@@ -42,5 +43,13 @@ matrix:
      env: DB=sqlite;TC=carddav
    - php: 5.4
      env: DB=sqlite;TC=caldav
+    - php: 5.4
+      env: DB=sqlite;TC=syntax;TEST_DAV=0
+    - php: 5.5
+      env: DB=sqlite;TC=syntax;TEST_DAV=0
+    - php: 5.6
+      env: DB=sqlite;TC=syntax;TEST_DAV=0
+    - php: 7.0
+      env: DB=sqlite;TC=syntax;TEST_DAV=0

  fast_finish: true
@@ -26,7 +26,7 @@ Help us to maximize the effort we can spend fixing issues and adding new feature

 [template]: https://raw.github.com/owncloud/core/master/issue_template.md
 [mailinglist]: https://mailman.owncloud.org/mailman/listinfo/owncloud
-[forum]: https://forum.owncloud.org/
+[forum]: https://central.owncloud.org/
 [irc]: https://webchat.freenode.net/?channels=owncloud&uio=d4

 ## Contributing to Source Code
@@ -0,0 +1,144 @@
+#!groovy
+/*
+ * This Jenkinsfile is intended to run on https://ci.owncloud.org and may fail anywhere else.
+ * It makes assumptions about plugins being installed, labels mapping to nodes that can build what is needed, etc.
+ */
+
+timestampedNode('SLAVE') {
+    stage 'Checkout'
+        checkout scm
+        sh '''git submodule update --init'''
+
+    stage 'JavaScript Testing'
+        executeAndReport('tests/autotest-results-js.xml') {
+            sh '''./autotest-js.sh'''
+        }
+
+    stage 'PHPUnit'
+        executeAndReport('tests/autotest-results-sqlite.xml') {
+            sh '''
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            phpenv local 7.0
+            ./autotest.sh sqlite
+            '''
+        }
+        executeAndReport('tests/autotest-results-mysql.xml') {
+            sh '''
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            phpenv local 5.4
+            ./autotest.sh mysql
+            '''
+        }
+        executeAndReport('tests/autotest-results-pgsql.xml') {
+            sh '''
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            phpenv local 5.6
+            ./autotest.sh pgsql
+            '''
+        }
+        executeAndReport('tests/autotest-results-oci.xml') {
+            sh '''
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            phpenv local 5.5
+            ./autotest.sh oci
+            '''
+        }
+
+    stage 'Files External Testing'
+        executeAndReport('tests/autotest-external-results-sqlite-webdav-ownCloud.xml') {
+            sh '''phpenv local 7.0
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            ./autotest-external.sh sqlite webdav-ownCloud
+            '''
+        }
+        executeAndReport('tests/autotest-external-results-sqlite-smb-silvershell.xml') {
+            sh '''phpenv local 7.0
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            ./autotest-external.sh sqlite smb-silvershell
+            '''
+        }
+        executeAndReport('tests/autotest-external-results-sqlite-swift-ceph.xml') {
+            sh '''phpenv local 7.0
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            ./autotest-external.sh sqlite swift-ceph
+            '''
+        }
+        executeAndReport('tests/autotest-external-results-sqlite-smb-windows.xml') {
+            sh '''phpenv local 7.0
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            ./autotest-external.sh sqlite smb-windows
+            '''
+        }
+
+        step([$class: 'JUnitResultArchiver', testResults: 'tests/autotest-external-results-sqlite.xml'])
+
+    stage 'Primary Objectstore Test - Swift'
+        executeAndReport('tests/autotest-results-mysql.xml') {
+            sh '''phpenv local 7.0
+
+            export NOCOVERAGE=1
+            export RUN_OBJECTSTORE_TESTS=1
+            export PRIMARY_STORAGE_CONFIG="swift"
+            unset USEDOCKER
+
+            rm tests/autotest-results-*.xml
+            ./autotest.sh mysql
+            '''
+        }
+
+    stage 'Integration Testing'
+        executeAndReport('build/integration/output/*.xml') {
+            sh '''phpenv local 7.0
+            rm -rf config/config.php
+            ./occ maintenance:install --admin-pass=admin
+            rm -rf build/integration/output
+            rm -rf build/integration/vendor
+            rm -rf build/integration/composer.lock
+            cd build/integration
+            ./run.sh
+           '''
+        }
+}
+
+void executeAndReport(String testResultLocation, def body) {
+    def failed = false
+    // We're wrapping this in a timeout - if it takes longer, kill it.
+    try {
+        timeout(time: 120, unit: 'MINUTES') {
+            body.call()
+        }
+    } catch (Exception e) {
+        failed = true
+        echo "Test execution failed: ${e}"
+    } finally {
+        step([$class: 'JUnitResultArchiver', testResults: testResultLocation])
+    }
+
+    if (failed) {
+
+        if (env.BRANCH_NAME == 'master' || env.BRANCH_NAME == 'stable9.1' || env.BRANCH_NAME == 'stable9' || env.BRANCH_NAME == 'stable8.2') {
+            mail body: "project build error is here: ${env.BUILD_URL}" ,
+                subject: "Build on release branch failed: ${env.BRANCH_NAME}",
+                to: 'jenkins@owncloud.com'
+        }
+
+        error "Test execution failed. Terminating the build"
+    }
+}
+
+// Runs the given body within a Timestamper wrapper on the given label.
+def timestampedNode(String label, Closure body) {
+    node(label) {
+        wrap([$class: 'TimestamperBuildWrapper']) {
+            body.call()
+        }
+    }
+}
@@ -31,7 +31,7 @@ https://owncloud.org/contribute/
 Learn about the different ways you can get support for ownCloud: https://owncloud.org/support/

 ## Get in touch
-* :clipboard: [Forum](https://forum.owncloud.org)
+* :clipboard: [Forum](https://central.owncloud.org)
 * :envelope: [Mailing list](https://mailman.owncloud.org/mailman/listinfo)
 * :hash: [IRC channel](https://webchat.freenode.net/?channels=owncloud)
 * :busts_in_silhouette: [Facebook] (https://facebook.com/ownclouders)
@@ -105,7 +105,7 @@ class Extension implements IExtension {
 	public function getTypeIcon($type) {
 		switch ($type) {
 			case self::APP_NAME:
-				return false;
+				return 'icon-comment';
 		}

 		return false;
@@ -150,6 +150,9 @@ class Extension implements IExtension {

 		switch ($text) {
 			case self::ADD_COMMENT_SUBJECT:
+				if ($this->authorIsCurrentUser($params[0])) {
+					return (string) $l->t('You commented');
+				}
 				return (string) $l->t('%1$s commented', $params);
 			case self::ADD_COMMENT_MESSAGE:
 				return $this->convertParameterToComment($params[0], 120);
@@ -168,6 +171,9 @@ class Extension implements IExtension {

 		switch ($text) {
 			case self::ADD_COMMENT_SUBJECT:
+				if ($this->authorIsCurrentUser($params[0])) {
+					return (string) $l->t('You commented on %2$s', $params);
+				}
 				return (string) $l->t('%1$s commented on %2$s', $params);
 			case self::ADD_COMMENT_MESSAGE:
 				return $this->convertParameterToComment($params[0]);
@@ -176,6 +182,21 @@ class Extension implements IExtension {
 		return false;
 	}

+	/**
+	 * Check if the author is the current user
+	 *
+	 * @param string $user Parameter e.g. `<user display-name="admin">admin</user>`
+	 * @return bool
+	 */
+	protected function authorIsCurrentUser($user) {
+		try {
+			return strip_tags($user) === $this->activityManager->getCurrentUserId();
+		} catch (\UnexpectedValueException $e) {
+			// FIXME this is awkward, but we have no access to the current user in emails
+			return false;
+		}
+	}
+
 	/**
 	 * The extension can define the type of parameters for translation
 	 *
@@ -31,7 +31,7 @@
 		'{{/if}}' +
 		'    </div>' +
 		'    <form class="newCommentForm">' +
-		'        <textarea class="message" placeholder="{{newMessagePlaceholder}}">{{{message}}}</textarea>' +
+		'        <textarea class="message" placeholder="{{newMessagePlaceholder}}">{{message}}</textarea>' +
 		'        <input class="submit" type="submit" value="{{submitText}}" />' +
 		'{{#if isEditMode}}' +
 		'        <input class="cancel" type="button" value="{{cancelText}}" />' +
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Uložit",
    "Allowed characters {count} of {max}" : "Povolených znaků {count} z {max}",
    "{count} unread comments" : "{count} nepřečtených komentářů",
-    "Comment" : "Komentář"
+    "Comment" : "Komentář",
+    "<strong>Comments</strong> for files" : "<strong>Komentáře</strong> souborů"
 },
 "nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;");
@@ -14,6 +14,7 @@
    "Save" : "Uložit",
    "Allowed characters {count} of {max}" : "Povolených znaků {count} z {max}",
    "{count} unread comments" : "{count} nepřečtených komentářů",
-    "Comment" : "Komentář"
+    "Comment" : "Komentář",
+    "<strong>Comments</strong> for files" : "<strong>Komentáře</strong> souborů"
 },"pluralForm" :"nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Speichern",
    "Allowed characters {count} of {max}" : "Erlaubte Zeichen {count} von {max}",
    "{count} unread comments" : "{count} ungelesene Kommentare",
-    "Comment" : "Kommentar"
+    "Comment" : "Kommentar",
+    "<strong>Comments</strong> for files" : "<strong>Kommentare</strong> für Dateien"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Speichern",
    "Allowed characters {count} of {max}" : "Erlaubte Zeichen {count} von {max}",
    "{count} unread comments" : "{count} ungelesene Kommentare",
-    "Comment" : "Kommentar"
+    "Comment" : "Kommentar",
+    "<strong>Comments</strong> for files" : "<strong>Kommentare</strong> für Dateien"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Speichern",
    "Allowed characters {count} of {max}" : "{count} von {max} Zeichen benutzt",
    "{count} unread comments" : "[count] ungelesene Kommentare",
-    "Comment" : "Kommentar"
+    "Comment" : "Kommentar",
+    "<strong>Comments</strong> for files" : "<strong>Kommentare</strong> für Dateien"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Speichern",
    "Allowed characters {count} of {max}" : "{count} von {max} Zeichen benutzt",
    "{count} unread comments" : "[count] ungelesene Kommentare",
-    "Comment" : "Kommentar"
+    "Comment" : "Kommentar",
+    "<strong>Comments</strong> for files" : "<strong>Kommentare</strong> für Dateien"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Save",
    "Allowed characters {count} of {max}" : "Allowed characters {count} of {max}",
    "{count} unread comments" : "{count} unread comments",
-    "Comment" : "Comment"
+    "Comment" : "Comment",
+    "<strong>Comments</strong> for files" : "<strong>Comments</strong> for files"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Save",
    "Allowed characters {count} of {max}" : "Allowed characters {count} of {max}",
    "{count} unread comments" : "{count} unread comments",
-    "Comment" : "Comment"
+    "Comment" : "Comment",
+    "<strong>Comments</strong> for files" : "<strong>Comments</strong> for files"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Konservi",
    "Allowed characters {count} of {max}" : "Permesataj karakteroj: {count} el {max}",
    "{count} unread comments" : "{count} nelegitaj komentoj",
-    "Comment" : "Komento"
+    "Comment" : "Komento",
+    "<strong>Comments</strong> for files" : "<strong>Komentoj</strong> por dosieroj"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Konservi",
    "Allowed characters {count} of {max}" : "Permesataj karakteroj: {count} el {max}",
    "{count} unread comments" : "{count} nelegitaj komentoj",
-    "Comment" : "Komento"
+    "Comment" : "Komento",
+    "<strong>Comments</strong> for files" : "<strong>Komentoj</strong> por dosieroj"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Guardar",
    "Allowed characters {count} of {max}" : "Caracteres permitidos {count} de {max}",
    "{count} unread comments" : "{count} comentarios no leídos",
-    "Comment" : "Comentario"
+    "Comment" : "Comentario",
+    "<strong>Comments</strong> for files" : "<strong>Comentarios</strong> en archivos"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Guardar",
    "Allowed characters {count} of {max}" : "Caracteres permitidos {count} de {max}",
    "{count} unread comments" : "{count} comentarios no leídos",
-    "Comment" : "Comentario"
+    "Comment" : "Comentario",
+    "<strong>Comments</strong> for files" : "<strong>Comentarios</strong> en archivos"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Tallenna",
    "Allowed characters {count} of {max}" : "Sallittujen merkkien määrä {count}/{max}",
    "{count} unread comments" : "{count} lukematonta kommenttia",
-    "Comment" : "Kommentti"
+    "Comment" : "Kommentti",
+    "<strong>Comments</strong> for files" : "<strong>Kommentit</strong> tiedostoille"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Tallenna",
    "Allowed characters {count} of {max}" : "Sallittujen merkkien määrä {count}/{max}",
    "{count} unread comments" : "{count} lukematonta kommenttia",
-    "Comment" : "Kommentti"
+    "Comment" : "Kommentti",
+    "<strong>Comments</strong> for files" : "<strong>Kommentit</strong> tiedostoille"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Enregistrer",
    "Allowed characters {count} of {max}" : "{count} sur {max} caractères autorisés",
    "{count} unread comments" : "{count} commentaires non lus",
-    "Comment" : "Commenter"
+    "Comment" : "Commenter",
+    "<strong>Comments</strong> for files" : "<strong>Commentaires</strong> pour les fichiers"
 },
 "nplurals=2; plural=(n > 1);");
@@ -14,6 +14,7 @@
    "Save" : "Enregistrer",
    "Allowed characters {count} of {max}" : "{count} sur {max} caractères autorisés",
    "{count} unread comments" : "{count} commentaires non lus",
-    "Comment" : "Commenter"
+    "Comment" : "Commenter",
+    "<strong>Comments</strong> for files" : "<strong>Commentaires</strong> pour les fichiers"
 },"pluralForm" :"nplurals=2; plural=(n > 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "שמירה",
    "Allowed characters {count} of {max}" : "תווים מותרים {count} מתוך {max}",
    "{count} unread comments" : "{count} תגובות שלא נקראו",
-    "Comment" : "תגובה"
+    "Comment" : "תגובה",
+    "<strong>Comments</strong> for files" : "<strong>תגובות</strong> לקבצים"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "שמירה",
    "Allowed characters {count} of {max}" : "תווים מותרים {count} מתוך {max}",
    "{count} unread comments" : "{count} תגובות שלא נקראו",
-    "Comment" : "תגובה"
+    "Comment" : "תגובה",
+    "<strong>Comments</strong> for files" : "<strong>תגובות</strong> לקבצים"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -3,6 +3,11 @@ OC.L10N.register(
    {
    "Cancel" : "Mégsem",
    "Save" : "Mentés",
-    "Comment" : "Komment"
+    "Comment" : "Komment",
+    "<strong>Comments</strong> for files" : "<strong>Hozzászólások</strong> a fájlokhoz",
+    "Delete comment" : "Hozzászólás törlése",
+    "Edit comment" : "Hozzászólás szerkesztése",
+    "No other comments available" : "Nincs több hozzászólás.",
+    "Post" : "Küldés"
 },
 "nplurals=2; plural=(n != 1);");
@@ -1,6 +1,11 @@
 { "translations": {
    "Cancel" : "Mégsem",
    "Save" : "Mentés",
-    "Comment" : "Komment"
+    "Comment" : "Komment",
+    "<strong>Comments</strong> for files" : "<strong>Hozzászólások</strong> a fájlokhoz",
+    "Delete comment" : "Hozzászólás törlése",
+    "Edit comment" : "Hozzászólás szerkesztése",
+    "No other comments available" : "Nincs több hozzászólás.",
+    "Post" : "Küldés"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Simpan",
    "Allowed characters {count} of {max}" : "Karakter yang diizinkan {count} dari {max}",
    "{count} unread comments" : "{count} komentar belum dibaca",
-    "Comment" : "Komentar"
+    "Comment" : "Komentar",
+    "<strong>Comments</strong> for files" : "<strong>Komentar</strong> untuk berkas"
 },
 "nplurals=1; plural=0;");
@@ -14,6 +14,7 @@
    "Save" : "Simpan",
    "Allowed characters {count} of {max}" : "Karakter yang diizinkan {count} dari {max}",
    "{count} unread comments" : "{count} komentar belum dibaca",
-    "Comment" : "Komentar"
+    "Comment" : "Komentar",
+    "<strong>Comments</strong> for files" : "<strong>Komentar</strong> untuk berkas"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -3,6 +3,11 @@ OC.L10N.register(
    {
    "Cancel" : "Hætta við",
    "Save" : "Vista",
-    "Comment" : "Athugasemd"
+    "Comment" : "Athugasemd",
+    "<strong>Comments</strong> for files" : "<strong>Athugasemdir</strong> við skrár",
+    "Delete comment" : "Eyða athugasemd",
+    "Edit comment" : "Breyta athugasemd",
+    "No other comments available" : "Engar aðrar athugasemdir eru tiltækar",
+    "Post" : "Senda"
 },
 "nplurals=2; plural=(n % 10 != 1 || n % 100 == 11);");
@@ -1,6 +1,11 @@
 { "translations": {
    "Cancel" : "Hætta við",
    "Save" : "Vista",
-    "Comment" : "Athugasemd"
+    "Comment" : "Athugasemd",
+    "<strong>Comments</strong> for files" : "<strong>Athugasemdir</strong> við skrár",
+    "Delete comment" : "Eyða athugasemd",
+    "Edit comment" : "Breyta athugasemd",
+    "No other comments available" : "Engar aðrar athugasemdir eru tiltækar",
+    "Post" : "Senda"
 },"pluralForm" :"nplurals=2; plural=(n % 10 != 1 || n % 100 == 11);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Salva",
    "Allowed characters {count} of {max}" : "Caratteri consentiti {count} di {max}",
    "{count} unread comments" : "{count} commenti non letti",
-    "Comment" : "Commento"
+    "Comment" : "Commento",
+    "<strong>Comments</strong> for files" : "<strong>Commenti</strong> sui file"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Salva",
    "Allowed characters {count} of {max}" : "Caratteri consentiti {count} di {max}",
    "{count} unread comments" : "{count} commenti non letti",
-    "Comment" : "Commento"
+    "Comment" : "Commento",
+    "<strong>Comments</strong> for files" : "<strong>Commenti</strong> sui file"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "保存",
    "Allowed characters {count} of {max}" : "入力文字数  {count} / {max}",
    "{count} unread comments" : "未読コメント数 {count}",
-    "Comment" : "コメント"
+    "Comment" : "コメント",
+    "<strong>Comments</strong> for files" : "ファイルについての<strong>コメント</strong>"
 },
 "nplurals=1; plural=0;");
@@ -14,6 +14,7 @@
    "Save" : "保存",
    "Allowed characters {count} of {max}" : "入力文字数  {count} / {max}",
    "{count} unread comments" : "未読コメント数 {count}",
-    "Comment" : "コメント"
+    "Comment" : "コメント",
+    "<strong>Comments</strong> for files" : "ファイルについての<strong>コメント</strong>"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -3,6 +3,11 @@ OC.L10N.register(
    {
    "Cancel" : "취소",
    "Save" : "저장",
-    "Comment" : "설명"
+    "Comment" : "설명",
+    "<strong>Comments</strong> for files" : "파일에 <strong>댓글</strong> 남기기",
+    "Delete comment" : "댓글 삭제",
+    "Edit comment" : "댓글 편집",
+    "No other comments available" : "더 이상 댓글 없음",
+    "Post" : "게시"
 },
 "nplurals=1; plural=0;");
@@ -1,6 +1,11 @@
 { "translations": {
    "Cancel" : "취소",
    "Save" : "저장",
-    "Comment" : "설명"
+    "Comment" : "설명",
+    "<strong>Comments</strong> for files" : "파일에 <strong>댓글</strong> 남기기",
+    "Delete comment" : "댓글 삭제",
+    "Edit comment" : "댓글 편집",
+    "No other comments available" : "더 이상 댓글 없음",
+    "Post" : "게시"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Lagre",
    "Allowed characters {count} of {max}" : "Antall tegn tillatt {count} av {max}",
    "{count} unread comments" : "{count} uleste kommentarer",
-    "Comment" : "Kommentar"
+    "Comment" : "Kommentar",
+    "<strong>Comments</strong> for files" : "<strong>Kommentarer</strong> for filer"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Lagre",
    "Allowed characters {count} of {max}" : "Antall tegn tillatt {count} av {max}",
    "{count} unread comments" : "{count} uleste kommentarer",
-    "Comment" : "Kommentar"
+    "Comment" : "Kommentar",
+    "<strong>Comments</strong> for files" : "<strong>Kommentarer</strong> for filer"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Bewaren",
    "Allowed characters {count} of {max}" : "{count} van de {max} toegestane tekens",
    "{count} unread comments" : "{count} ongelezen reacties",
-    "Comment" : "Reactie"
+    "Comment" : "Reactie",
+    "<strong>Comments</strong> for files" : "<strong>Reacties</strong> voor bestanden"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Bewaren",
    "Allowed characters {count} of {max}" : "{count} van de {max} toegestane tekens",
    "{count} unread comments" : "{count} ongelezen reacties",
-    "Comment" : "Reactie"
+    "Comment" : "Reactie",
+    "<strong>Comments</strong> for files" : "<strong>Reacties</strong> voor bestanden"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -3,6 +3,11 @@ OC.L10N.register(
    {
    "Cancel" : "Anuluj",
    "Save" : "Zapisz",
-    "Comment" : "Komentarz"
+    "Comment" : "Komentarz",
+    "<strong>Comments</strong> for files" : "<strong>Komentarze</strong> dla plików",
+    "Delete comment" : "Skasuj komentarz",
+    "Edit comment" : "Edytuj komentarz",
+    "No other comments available" : "Nie ma więcej komentarzy",
+    "Post" : "Zapisz"
 },
 "nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);");
@@ -1,6 +1,11 @@
 { "translations": {
    "Cancel" : "Anuluj",
    "Save" : "Zapisz",
-    "Comment" : "Komentarz"
+    "Comment" : "Komentarz",
+    "<strong>Comments</strong> for files" : "<strong>Komentarze</strong> dla plików",
+    "Delete comment" : "Skasuj komentarz",
+    "Edit comment" : "Edytuj komentarz",
+    "No other comments available" : "Nie ma więcej komentarzy",
+    "Post" : "Zapisz"
 },"pluralForm" :"nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Salvar",
    "Allowed characters {count} of {max}" : "Caracteres permitidos  {count} de {max}",
    "{count} unread comments" : "{count} comentários não lidos",
-    "Comment" : "Comentário"
+    "Comment" : "Comentário",
+    "<strong>Comments</strong> for files" : "<strong>Comentários</strong> por arquivos"
 },
 "nplurals=2; plural=(n > 1);");
@@ -14,6 +14,7 @@
    "Save" : "Salvar",
    "Allowed characters {count} of {max}" : "Caracteres permitidos  {count} de {max}",
    "{count} unread comments" : "{count} comentários não lidos",
-    "Comment" : "Comentário"
+    "Comment" : "Comentário",
+    "<strong>Comments</strong> for files" : "<strong>Comentários</strong> por arquivos"
 },"pluralForm" :"nplurals=2; plural=(n > 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Guardar",
    "Allowed characters {count} of {max}" : "{count} de {max} caracteres restantes",
    "{count} unread comments" : "{count} comentários não lidos",
-    "Comment" : "Comentário"
+    "Comment" : "Comentário",
+    "<strong>Comments</strong> for files" : "<strong>Comentários</strong> para ficheiros"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Guardar",
    "Allowed characters {count} of {max}" : "{count} de {max} caracteres restantes",
    "{count} unread comments" : "{count} comentários não lidos",
-    "Comment" : "Comentário"
+    "Comment" : "Comentário",
+    "<strong>Comments</strong> for files" : "<strong>Comentários</strong> para ficheiros"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Сохранить",
    "Allowed characters {count} of {max}" : "Допустимых символов {count} из {max}",
    "{count} unread comments" : "{count} непрочитанных комментариев",
-    "Comment" : "Коментарий"
+    "Comment" : "Коментарий",
+    "<strong>Comments</strong> for files" : "<strong>Комментарии</strong> к файлам"
 },
 "nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || (n%100>=11 && n%100<=14)? 2 : 3);");
@@ -14,6 +14,7 @@
    "Save" : "Сохранить",
    "Allowed characters {count} of {max}" : "Допустимых символов {count} из {max}",
    "{count} unread comments" : "{count} непрочитанных комментариев",
-    "Comment" : "Коментарий"
+    "Comment" : "Коментарий",
+    "<strong>Comments</strong> for files" : "<strong>Комментарии</strong> к файлам"
 },"pluralForm" :"nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || (n%100>=11 && n%100<=14)? 2 : 3);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Shrani",
    "Allowed characters {count} of {max}" : "Dovoljeni znaki: {count} od {max}",
    "{count} unread comments" : "{count} neprebranih opomb",
-    "Comment" : "Opomba"
+    "Comment" : "Opomba",
+    "<strong>Comments</strong> for files" : "<strong>Opombe</strong> datotek"
 },
 "nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);");
@@ -14,6 +14,7 @@
    "Save" : "Shrani",
    "Allowed characters {count} of {max}" : "Dovoljeni znaki: {count} od {max}",
    "{count} unread comments" : "{count} neprebranih opomb",
-    "Comment" : "Opomba"
+    "Comment" : "Opomba",
+    "<strong>Comments</strong> for files" : "<strong>Opombe</strong> datotek"
 },"pluralForm" :"nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Ruaje",
    "Allowed characters {count} of {max}" : "Shenja të lejuara {count} nga {max}",
    "{count} unread comments" : "{count} komente të palexuar",
-    "Comment" : "Koment"
+    "Comment" : "Koment",
+    "<strong>Comments</strong> for files" : "<strong>Komente</strong> për kartela"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Ruaje",
    "Allowed characters {count} of {max}" : "Shenja të lejuara {count} nga {max}",
    "{count} unread comments" : "{count} komente të palexuar",
-    "Comment" : "Koment"
+    "Comment" : "Koment",
+    "<strong>Comments</strong> for files" : "<strong>Komente</strong> për kartela"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -3,6 +3,11 @@ OC.L10N.register(
    {
    "Cancel" : "Одустани",
    "Save" : "Сачувај",
-    "Comment" : "Коментар"
+    "Comment" : "Коментар",
+    "<strong>Comments</strong> for files" : "<strong>Коментари</strong> фајлова",
+    "Delete comment" : "Обриши коментар",
+    "Edit comment" : "Уреди коментар",
+    "No other comments available" : "Нема других коментара",
+    "Post" : "Објави"
 },
 "nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);");
@@ -1,6 +1,11 @@
 { "translations": {
    "Cancel" : "Одустани",
    "Save" : "Сачувај",
-    "Comment" : "Коментар"
+    "Comment" : "Коментар",
+    "<strong>Comments</strong> for files" : "<strong>Коментари</strong> фајлова",
+    "Delete comment" : "Обриши коментар",
+    "Edit comment" : "Уреди коментар",
+    "No other comments available" : "Нема других коментара",
+    "Post" : "Објави"
 },"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Spara",
    "Allowed characters {count} of {max}" : "Tillåtet antal tecken {count} av {max}",
    "{count} unread comments" : "{count} olästa kommentarer",
-    "Comment" : "Kommentar"
+    "Comment" : "Kommentar",
+    "<strong>Comments</strong> for files" : "<strong>Kommentarer</strong> till filer"
 },
 "nplurals=2; plural=(n != 1);");
@@ -14,6 +14,7 @@
    "Save" : "Spara",
    "Allowed characters {count} of {max}" : "Tillåtet antal tecken {count} av {max}",
    "{count} unread comments" : "{count} olästa kommentarer",
-    "Comment" : "Kommentar"
+    "Comment" : "Kommentar",
+    "<strong>Comments</strong> for files" : "<strong>Kommentarer</strong> till filer"
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -12,6 +12,7 @@ OC.L10N.register(
    "Edit comment" : "แก้ไขความคิดเห็น",
    "[Deleted user]" : "[ผู้ใช้ถูกลบไปแล้ว]",
    "Save" : "บันทึก",
-    "Comment" : "แสดงความคิดเห็น"
+    "Comment" : "แสดงความคิดเห็น",
+    "<strong>Comments</strong> for files" : "<strong>แสดงความคิดเห็น</strong> สำหรับไฟล์"
 },
 "nplurals=1; plural=0;");
@@ -10,6 +10,7 @@
    "Edit comment" : "แก้ไขความคิดเห็น",
    "[Deleted user]" : "[ผู้ใช้ถูกลบไปแล้ว]",
    "Save" : "บันทึก",
-    "Comment" : "แสดงความคิดเห็น"
+    "Comment" : "แสดงความคิดเห็น",
+    "<strong>Comments</strong> for files" : "<strong>แสดงความคิดเห็น</strong> สำหรับไฟล์"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Kaydet",
    "Allowed characters {count} of {max}" : "İzin verilen karakterler {count} {max}",
    "{count} unread comments" : "{count} okunmamış yorumlar",
-    "Comment" : "Yorum"
+    "Comment" : "Yorum",
+    "<strong>Comments</strong> for files" : "Dosyalar için <strong>Yorumlar</strong>"
 },
 "nplurals=2; plural=(n > 1);");
@@ -14,6 +14,7 @@
    "Save" : "Kaydet",
    "Allowed characters {count} of {max}" : "İzin verilen karakterler {count} {max}",
    "{count} unread comments" : "{count} okunmamış yorumlar",
-    "Comment" : "Yorum"
+    "Comment" : "Yorum",
+    "<strong>Comments</strong> for files" : "Dosyalar için <strong>Yorumlar</strong>"
 },"pluralForm" :"nplurals=2; plural=(n > 1);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "Зберегти",
    "Allowed characters {count} of {max}" : "Доступно символів {count} з {max}",
    "{count} unread comments" : "{count} непрочитаних коментарів",
-    "Comment" : "Коментар"
+    "Comment" : "Коментар",
+    "<strong>Comments</strong> for files" : "<strong>Коментарі</strong> до файлів"
 },
 "nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);");
@@ -14,6 +14,7 @@
    "Save" : "Зберегти",
    "Allowed characters {count} of {max}" : "Доступно символів {count} з {max}",
    "{count} unread comments" : "{count} непрочитаних коментарів",
-    "Comment" : "Коментар"
+    "Comment" : "Коментар",
+    "<strong>Comments</strong> for files" : "<strong>Коментарі</strong> до файлів"
 },"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"
 }
@@ -16,6 +16,7 @@ OC.L10N.register(
    "Save" : "保存",
    "Allowed characters {count} of {max}" : "当前字数： {count}，最大允许：{max}",
    "{count} unread comments" : "{count} 条未读评论",
-    "Comment" : "评论"
+    "Comment" : "评论",
+    "<strong>Comments</strong> for files" : "<strong>评论文件</strong>"
 },
 "nplurals=1; plural=0;");
@@ -14,6 +14,7 @@
    "Save" : "保存",
    "Allowed characters {count} of {max}" : "当前字数： {count}，最大允许：{max}",
    "{count} unread comments" : "{count} 条未读评论",
-    "Comment" : "评论"
+    "Comment" : "评论",
+    "<strong>Comments</strong> for files" : "<strong>评论文件</strong>"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -46,6 +46,8 @@ $eventDispatcher->addListener('OCP\Federation\TrustedServerEvent::remove',

 $cm = \OC::$server->getContactsManager();
 $cm->register(function() use ($cm, $app) {
-	$userId = \OC::$server->getUserSession()->getUser()->getUID();
-	$app->setupContactsProvider($cm, $userId);
+	$user = \OC::$server->getUserSession()->getUser();
+	if (!is_null($user)) {
+		$app->setupContactsProvider($cm, $user->getUID());
+	}
 });
@@ -32,6 +32,7 @@ use OCA\Dav\Migration\AddressBookAdapter;
 use OCA\Dav\Migration\CalendarAdapter;
 use OCA\Dav\Migration\MigrateAddressbooks;
 use OCA\Dav\Migration\MigrateCalendars;
+use OCA\Dav\Migration\NothingToDoException;
 use \OCP\AppFramework\App;
 use OCP\AppFramework\IAppContainer;
 use OCP\Contacts\IManager;
@@ -99,18 +100,24 @@ class Application extends App {
 		$container->registerService('MigrateAddressbooks', function($c) {
 			/** @var IAppContainer $c */
 			$db = $c->getServer()->getDatabaseConnection();
+			$logger = $c->getServer()->getLogger();
 			return new MigrateAddressbooks(
 				new AddressBookAdapter($db),
-				$c->query('CardDavBackend')
+				$c->query('CardDavBackend'),
+				$logger,
+				null
 			);
 		});

 		$container->registerService('MigrateCalendars', function($c) {
 			/** @var IAppContainer $c */
 			$db = $c->getServer()->getDatabaseConnection();
+			$logger = $c->getServer()->getLogger();
 			return new MigrateCalendars(
 				new CalendarAdapter($db),
-				$c->query('CalDavBackend')
+				$c->query('CalDavBackend'),
+				$logger,
+				null
 			);
 		});

@@ -131,7 +138,8 @@ class Application extends App {
 	public function setupContactsProvider(IManager $contactsManager, $userID) {
 		/** @var ContactsManager $cm */
 		$cm = $this->getContainer()->query('ContactsManager');
-		$cm->setupContactsProvider($contactsManager, $userID);
+		$urlGenerator = $this->getContainer()->getServer()->getURLGenerator();
+		$cm->setupContactsProvider($contactsManager, $userID, $urlGenerator);
 	}

 	public function registerHooks() {
@@ -184,6 +192,8 @@ class Application extends App {
 				/** @var IUser $user */
 				$migration->migrateForUser($user->getUID());
 			});
+		} catch (NothingToDoException $ex) {
+			// nothing to do, yay!
 		} catch (\Exception $ex) {
 			$this->getContainer()->getServer()->getLogger()->logException($ex);
 		}
@@ -200,6 +210,23 @@ class Application extends App {
 				/** @var IUser $user */
 				$migration->migrateForUser($user->getUID());
 			});
+		} catch (NothingToDoException $ex) {
+			// nothing to do, yay!
+		} catch (\Exception $ex) {
+			$this->getContainer()->getServer()->getLogger()->logException($ex);
+		}
+	}
+
+	public function generateBirthdays() {
+		try {
+			/** @var BirthdayService $migration */
+			$migration = $this->getContainer()->query('BirthdayService');
+			$userManager = $this->getContainer()->getServer()->getUserManager();
+
+			$userManager->callForAllUsers(function($user) use($migration) {
+				/** @var IUser $user */
+				$migration->syncUser($user->getUID());
+			});
 		} catch (\Exception $ex) {
 			$this->getContainer()->getServer()->getLogger()->logException($ex);
 		}
@@ -283,7 +283,7 @@ CREATE TABLE calendarobjects (
 		description TEXT,
 		calendarorder INT(11) UNSIGNED NOT NULL DEFAULT '0',
 		calendarcolor VARBINARY(10),
-		timezone TEXT,
+		timezone CLOB,
 		components VARBINARY(20),
 		transparent TINYINT(1) NOT NULL DEFAULT '0',
 		UNIQUE(principaluri, uri)
@@ -337,7 +337,7 @@ CREATE TABLE calendarobjects (
 		</field>
 		<field>
 			<name>timezone</name>
-			<type>text</type>
+			<type>clob</type>
 		</field>
 		<field>
 			<name>components</name>
@@ -5,7 +5,7 @@
 	<description>ownCloud WebDAV endpoint</description>
 	<licence>AGPL</licence>
 	<author>owncloud.org</author>
-	<version>0.1.4</version>
+	<version>0.1.6</version>
 	<default_enable/>
 	<types>
 		<filesystem/>
@@ -25,3 +25,4 @@ $app = new Application();
 $app->setupCron();
 $app->migrateAddressbooks();
 $app->migrateCalendars();
+$app->generateBirthdays();
@@ -29,7 +29,6 @@ use OCA\DAV\Command\SyncSystemAddressBook;
 $dbConnection = \OC::$server->getDatabaseConnection();
 $userManager = OC::$server->getUserManager();
 $groupManager = OC::$server->getGroupManager();
-$config = \OC::$server->getConfig();

 $app = new Application();

@@ -38,12 +37,5 @@ $application->add(new CreateCalendar($userManager, $groupManager, $dbConnection)
 $application->add(new CreateAddressBook($userManager, $app->getContainer()->query('CardDavBackend')));
 $application->add(new SyncSystemAddressBook($app->getSyncService()));
 $application->add(new SyncBirthdayCalendar($userManager, $app->getContainer()->query('BirthdayService')));
-
-// the occ tool is *for now* only available in debug mode for developers to test
-if ($config->getSystemValue('debug', false)){
-	$app = new \OCA\Dav\AppInfo\Application();
-	$migration = $app->getContainer()->query('MigrateAddressbooks');
-	$application->add(new MigrateAddressbooks($userManager, $migration));
-	$migration = $app->getContainer()->query('MigrateCalendars');
-	$application->add(new MigrateCalendars($userManager, $migration));
-}
+$application->add(new MigrateAddressbooks($userManager, $app->getContainer()->query('MigrateAddressbooks')));
+$application->add(new MigrateCalendars($userManager, $app->getContainer()->query('MigrateCalendars')));
@@ -23,3 +23,4 @@ use OCA\Dav\AppInfo\Application;

 $app = new Application();
 $app->setupCron();
+$app->generateBirthdays();
@@ -23,11 +23,12 @@

 // Backends
 use OCA\DAV\CalDAV\CalDavBackend;
+use OCA\DAV\Connector\LegacyDAVACL;
+use OCA\DAV\CalDAV\CalendarRoot;
 use OCA\DAV\Connector\Sabre\Auth;
 use OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin;
 use OCA\DAV\Connector\Sabre\MaintenancePlugin;
 use OCA\DAV\Connector\Sabre\Principal;
-use Sabre\CalDAV\CalendarRoot;

 $authBackend = new Auth(
 	\OC::$server->getSession(),
@@ -65,7 +66,7 @@ $server->addPlugin(new MaintenancePlugin());
 $server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend, 'ownCloud'));
 $server->addPlugin(new \Sabre\CalDAV\Plugin());

-$acl = new \OCA\DAV\Connector\LegacyDAVACL();
+$acl = new LegacyDAVACL();
 $server->addPlugin($acl);

 $server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin());
@@ -69,6 +69,7 @@ $acl = new \OCA\DAV\Connector\LegacyDAVACL();
 $server->addPlugin($acl);

 $server->addPlugin(new \Sabre\CardDAV\VCFExportPlugin());
+$server->addPlugin(new \OCA\DAV\CardDAV\ImageExportPlugin(\OC::$server->getLogger()));
 $server->addPlugin(new ExceptionLoggerPlugin('carddav', \OC::$server->getLogger()));

 // And off we go!
@@ -61,8 +61,8 @@ class MigrateCalendars extends Command {
 	protected function execute(InputInterface $input, OutputInterface $output) {
 		$this->service->setup();

-		if ($input->hasArgument('user')) {
-			$user = $input->getArgument('user');
+		$user = $input->getArgument('user');
+		if (!is_null($user)) {
 			if (!$this->userManager->userExists($user)) {
 				throw new \InvalidArgumentException("User <$user> in unknown.");
 			}
@@ -61,8 +61,8 @@ class SyncBirthdayCalendar extends Command {
 	 * @param OutputInterface $output
 	 */
 	protected function execute(InputInterface $input, OutputInterface $output) {
-		if ($input->hasArgument('user')) {
-			$user = $input->getArgument('user');
+		$user = $input->getArgument('user');
+		if (!is_null($user)) {
 			if (!$this->userManager->userExists($user)) {
 				throw new \InvalidArgumentException("User <$user> in unknown.");
 			}
@@ -50,8 +50,7 @@ class BirthdayService {

 		$book = $this->cardDavBackEnd->getAddressBookById($addressBookId);
 		$principalUri = $book['principaluri'];
-		$calendarUri = self::BIRTHDAY_CALENDAR_URI;
-		$calendar = $this->ensureCalendarExists($principalUri, $calendarUri, []);
+		$calendar = $this->ensureCalendarExists($principalUri);
 		$objectUri = $book['uri'] . '-' . $cardUri. '.ics';
 		$calendarData = $this->buildBirthdayFromContact($cardData);
 		$existing = $this->calDavBackEnd->getCalendarObject($calendar['id'], $objectUri);
@@ -77,27 +76,27 @@ class BirthdayService {
 	public function onCardDeleted($addressBookId, $cardUri) {
 		$book = $this->cardDavBackEnd->getAddressBookById($addressBookId);
 		$principalUri = $book['principaluri'];
-		$calendarUri = self::BIRTHDAY_CALENDAR_URI;
-		$calendar = $this->ensureCalendarExists($principalUri, $calendarUri, []);
+		$calendar = $this->ensureCalendarExists($principalUri);
 		$objectUri = $book['uri'] . '-' . $cardUri. '.ics';
 		$this->calDavBackEnd->deleteCalendarObject($calendar['id'], $objectUri);
 	}

 	/**
 	 * @param string $principal
-	 * @param string $id
-	 * @param array $properties
 	 * @return array|null
 	 * @throws \Sabre\DAV\Exception\BadRequest
 	 */
-	public function ensureCalendarExists($principal, $id, $properties) {
-		$book = $this->calDavBackEnd->getCalendarByUri($principal, $id);
+	public function ensureCalendarExists($principal) {
+		$book = $this->calDavBackEnd->getCalendarByUri($principal, self::BIRTHDAY_CALENDAR_URI);
 		if (!is_null($book)) {
 			return $book;
 		}
-		$this->calDavBackEnd->createCalendar($principal, $id, $properties);
+		$this->calDavBackEnd->createCalendar($principal, self::BIRTHDAY_CALENDAR_URI, [
+			'{DAV:}displayname' => 'Contact birthdays',
+			'{http://apple.com/ns/ical/}calendar-color' => '#FFFFCA',
+		]);

-		return $this->calDavBackEnd->getCalendarByUri($principal, $id);
+		return $this->calDavBackEnd->getCalendarByUri($principal, self::BIRTHDAY_CALENDAR_URI);
 	}

 	/**
@@ -156,7 +155,9 @@ class BirthdayService {
 	 * @param string $user
 	 */
 	public function syncUser($user) {
-		$books = $this->cardDavBackEnd->getAddressBooksForUser('principals/users/'.$user);
+		$principal = 'principals/users/'.$user;
+		$this->ensureCalendarExists($principal);
+		$books = $this->cardDavBackEnd->getAddressBooksForUser($principal);
 		foreach($books as $book) {
 			$cards = $this->cardDavBackEnd->getCards($book['id']);
 			foreach($cards as $card) {
@@ -138,6 +138,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
 	 * @return array
 	 */
 	function getCalendarsForUser($principalUri) {
+		$principalUriOriginal = $principalUri;
 		$principalUri = $this->convertPrincipal($principalUri, true);
 		$fields = array_values($this->propertyMap);
 		$fields[] = 'id';
@@ -184,7 +185,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
 		$stmt->closeCursor();

 		// query for shared calendars
-		$principals = $this->principalBackend->getGroupMembership($principalUri);
+		$principals = $this->principalBackend->getGroupMembership($principalUriOriginal, true);
 		$principals[]= $principalUri;

 		$fields = array_values($this->propertyMap);
@@ -194,6 +195,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
 		$fields[] = 'a.components';
 		$fields[] = 'a.principaluri';
 		$fields[] = 'a.transparent';
+		$fields[] = 's.access';
 		$query = $this->db->getQueryBuilder();
 		$result = $query->select($fields)
 			->from('dav_shares', 's')
@@ -221,6 +223,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
 				'{' . Plugin::NS_CALDAV . '}supported-calendar-component-set' => new SupportedCalendarComponentSet($components),
 				'{' . Plugin::NS_CALDAV . '}schedule-calendar-transp' => new ScheduleCalendarTransp($row['transparent']?'transparent':'opaque'),
 				'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $row['principaluri'],
+				'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only' => (int)$row['access'] === Backend::ACCESS_READ,
 			];

 			foreach($this->propertyMap as $xmlName=>$dbName) {
@@ -815,9 +818,9 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
 	function getCalendarObjectByUID($principalUri, $uid) {

 		$query = $this->db->getQueryBuilder();
-		$query->select([$query->createFunction('c.`uri` AS `calendaruri`'), $query->createFunction('co.`uri` AS `objecturi`')])
+		$query->selectAlias('c.uri', 'calendaruri')->selectAlias('co.uri', 'objecturi')
 			->from('calendarobjects', 'co')
-			->leftJoin('co', 'calendars', 'c', 'co.`calendarid` = c.`id`')
+			->leftJoin('co', 'calendars', 'c', $query->expr()->eq('co.calendarid', 'c.id'))
 			->where($query->expr()->eq('c.principaluri', $query->createNamedParameter($principalUri)))
 			->andWhere($query->expr()->eq('co.uid', $query->createNamedParameter($uid)));

@@ -1294,7 +1297,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
 		if (!$componentType) {
 			throw new \Sabre\DAV\Exception\BadRequest('Calendar objects must have a VJOURNAL, VEVENT or VTODO component');
 		}
-		if ($componentType === 'VEVENT') {
+		if ($componentType === 'VEVENT' && $component->DTSTART) {
 			$firstOccurence = $component->DTSTART->getDateTime()->getTimeStamp();
 			// Finding the last occurence is a bit harder
 			if (!isset($component->RRULE)) {
@@ -1333,7 +1336,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
 				'etag' => md5($calendarData),
 				'size' => strlen($calendarData),
 				'componentType' => $componentType,
-				'firstOccurence' => $firstOccurence,
+				'firstOccurence' => is_null($firstOccurence) ? null : max(0, $firstOccurence),
 				'lastOccurence'  => $lastOccurence,
 				'uid' => $uid,
 		];
@@ -22,7 +22,9 @@
 namespace OCA\DAV\CalDAV;

 use OCA\DAV\DAV\Sharing\IShareable;
+use Sabre\CalDAV\Backend\BackendInterface;
 use Sabre\DAV\Exception\Forbidden;
+use Sabre\DAV\PropPatch;

 class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {

@@ -76,7 +78,33 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 	}

 	function getACL() {
-		$acl = parent::getACL();
+		$acl =  [
+			[
+				'privilege' => '{DAV:}read',
+				'principal' => $this->getOwner(),
+				'protected' => true,
+			]];
+		if ($this->getName() !== BirthdayService::BIRTHDAY_CALENDAR_URI) {
+			$acl[] = [
+				'privilege' => '{DAV:}write',
+				'principal' => $this->getOwner(),
+				'protected' => true,
+			];
+		}
+		if ($this->getOwner() !== parent::getOwner()) {
+			$acl[] =  [
+					'privilege' => '{DAV:}read',
+					'principal' => parent::getOwner(),
+					'protected' => true,
+				];
+			if ($this->canWrite()) {
+				$acl[] = [
+					'privilege' => '{DAV:}write',
+					'principal' => parent::getOwner(),
+					'protected' => true,
+				];
+			}
+		}

 		/** @var CalDavBackend $calDavBackend */
 		$calDavBackend = $this->caldavBackend;
@@ -84,11 +112,7 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 	}

 	function getChildACL() {
-		$acl = parent::getChildACL();
-
-		/** @var CalDavBackend $calDavBackend */
-		$calDavBackend = $this->caldavBackend;
-		return $calDavBackend->applyShareAcl($this->getResourceId(), $acl);
+		return $this->getACL();
 	}

 	function getOwner() {
@@ -99,10 +123,6 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 	}

 	function delete() {
-		if ($this->getName() === BirthdayService::BIRTHDAY_CALENDAR_URI) {
-			throw new Forbidden();
-		}
-
 		if (isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal'])) {
 			$principal = 'principal:' . parent::getOwner();
 			$shares = $this->getShares();
@@ -122,4 +142,21 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 		}
 		parent::delete();
 	}
+
+	function propPatch(PropPatch $propPatch) {
+		$mutations = $propPatch->getMutations();
+		// If this is a shared calendar, the user can only change the enabled property, to hide it.
+		if (isset($this->calendarInfo['{http://owncloud.org/ns}owner-principal']) && (sizeof($mutations) !== 1 || !isset($mutations['{http://owncloud.org/ns}calendar-enabled']))) {
+			throw new Forbidden();
+		}
+		parent::propPatch($propPatch);
+	}
+
+	private function canWrite() {
+		if (isset($this->calendarInfo['{http://owncloud.org/ns}read-only'])) {
+			return !$this->calendarInfo['{http://owncloud.org/ns}read-only'];
+		}
+		return true;
+	}
+
 }
@@ -21,15 +21,13 @@
 namespace OCA\DAV\CardDAV;

 use OCA\DAV\DAV\Sharing\IShareable;
+use Sabre\CardDAV\Card;
 use Sabre\DAV\Exception\Forbidden;
 use Sabre\DAV\Exception\NotFound;
+use Sabre\DAV\PropPatch;

 class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable {

-	public function __construct(CardDavBackend $carddavBackend, array $addressBookInfo) {
-		parent::__construct($carddavBackend, $addressBookInfo);
-	}
-
 	/**
 	 * Updates the list of shares.
 	 *
@@ -73,7 +71,31 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable {
 	}

 	function getACL() {
-		$acl = parent::getACL();
+		$acl =  [
+			[
+				'privilege' => '{DAV:}read',
+				'principal' => $this->getOwner(),
+				'protected' => true,
+			]];
+		$acl[] = [
+				'privilege' => '{DAV:}write',
+				'principal' => $this->getOwner(),
+				'protected' => true,
+			];
+		if ($this->getOwner() !== parent::getOwner()) {
+			$acl[] =  [
+					'privilege' => '{DAV:}read',
+					'principal' => parent::getOwner(),
+					'protected' => true,
+				];
+			if ($this->canWrite()) {
+				$acl[] = [
+					'privilege' => '{DAV:}write',
+					'principal' => parent::getOwner(),
+					'protected' => true,
+				];
+			}
+		}
 		if ($this->getOwner() === 'principals/system/system') {
 			$acl[] = [
 					'privilege' => '{DAV:}read',
@@ -82,49 +104,24 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable {
 			];
 		}

-		// add the current user
-		if (isset($this->addressBookInfo['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal'])) {
-			$owner = $this->addressBookInfo['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal'];
-			$acl[] = [
-					'privilege' => '{DAV:}read',
-					'principal' => $owner,
-					'protected' => true,
-				];
-			if ($this->addressBookInfo['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only']) {
-				$acl[] = [
-					'privilege' => '{DAV:}write',
-					'principal' => $owner,
-					'protected' => true,
-				];
-			}
-		}
-
 		/** @var CardDavBackend $carddavBackend */
 		$carddavBackend = $this->carddavBackend;
 		return $carddavBackend->applyShareAcl($this->getResourceId(), $acl);
 	}

 	function getChildACL() {
-		$acl = parent::getChildACL();
-		if ($this->getOwner() === 'principals/system/system') {
-			$acl[] = [
-					'privilege' => '{DAV:}read',
-					'principal' => '{DAV:}authenticated',
-					'protected' => true,
-			];
-		}
-
-		/** @var CardDavBackend $carddavBackend */
-		$carddavBackend = $this->carddavBackend;
-		return $carddavBackend->applyShareAcl($this->getResourceId(), $acl);
+		return $this->getACL();
 	}

 	function getChild($name) {
-		$obj = $this->carddavBackend->getCard($this->getResourceId(), $name);
+
+		$obj = $this->carddavBackend->getCard($this->addressBookInfo['id'], $name);
 		if (!$obj) {
 			throw new NotFound('Card not found');
 		}
+		$obj['acl'] = $this->getChildACL();
 		return new Card($this->carddavBackend, $this->addressBookInfo, $obj);
+
 	}

 	/**
@@ -162,10 +159,24 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable {
 		parent::delete();
 	}

+	function propPatch(PropPatch $propPatch) {
+		if (isset($this->addressBookInfo['{http://owncloud.org/ns}owner-principal'])) {
+			throw new Forbidden();
+		}
+		parent::propPatch($propPatch);
+	}
+
 	public function getContactsGroups() {
 		/** @var CardDavBackend $cardDavBackend */
 		$cardDavBackend = $this->carddavBackend;

 		return $cardDavBackend->collectCardProperties($this->getResourceId(), 'CATEGORIES');
 	}
+
+	private function canWrite() {
+		if (isset($this->addressBookInfo['{http://owncloud.org/ns}read-only'])) {
+			return !$this->addressBookInfo['{http://owncloud.org/ns}read-only'];
+		}
+		return true;
+	}
 }
@@ -24,6 +24,7 @@ namespace OCA\DAV\CardDAV;

 use OCP\Constants;
 use OCP\IAddressBook;
+use OCP\IURLGenerator;
 use Sabre\VObject\Component\VCard;
 use Sabre\VObject\Property\Text;
 use Sabre\VObject\Reader;
@@ -40,21 +41,27 @@ class AddressBookImpl implements IAddressBook {
 	/** @var AddressBook */
 	private $addressBook;

+	/** @var IURLGenerator */
+	private $urlGenerator;
+
 	/**
 	 * AddressBookImpl constructor.
 	 *
 	 * @param AddressBook $addressBook
 	 * @param array $addressBookInfo
 	 * @param CardDavBackend $backend
+	 * @param IUrlGenerator $urlGenerator
 	 */
 	public function __construct(
 			AddressBook $addressBook,
 			array $addressBookInfo,
-			CardDavBackend $backend) {
+			CardDavBackend $backend,
+			IURLGenerator $urlGenerator) {

 		$this->addressBook = $addressBook;
 		$this->addressBookInfo = $addressBookInfo;
 		$this->backend = $backend;
+		$this->urlGenerator = $urlGenerator;
 	}

 	/**
@@ -83,11 +90,11 @@ class AddressBookImpl implements IAddressBook {
 	 * @since 5.0.0
 	 */
 	public function search($pattern, $searchProperties, $options) {
-		$result = $this->backend->search($this->getKey(), $pattern, $searchProperties);
+		$results = $this->backend->search($this->getKey(), $pattern, $searchProperties);

 		$vCards = [];
-		foreach ($result as $cardData) {
-			$vCards[] = $this->vCard2Array($this->readCard($cardData));
+		foreach ($results as $result) {
+			$vCards[] = $this->vCard2Array($result['uri'], $this->readCard($result['carddata']));
 		}

 		return $vCards;
@@ -100,13 +107,12 @@ class AddressBookImpl implements IAddressBook {
 	 */
 	public function createOrUpdate($properties) {
 		$update = false;
-		if (!isset($properties['UID'])) { // create a new contact
+		if (!isset($properties['URI'])) { // create a new contact
 			$uid = $this->createUid();
 			$uri = $uid . '.vcf';
 			$vCard = $this->createEmptyVCard($uid);
 		} else { // update existing contact
-			$uid = $properties['UID'];
-			$uri = $uid . '.vcf';
+			$uri = $properties['URI'];
 			$vCardData = $this->backend->getCard($this->getKey(), $uri);
 			$vCard = $this->readCard($vCardData['carddata']);
 			$update = true;
@@ -122,7 +128,7 @@ class AddressBookImpl implements IAddressBook {
 			$this->backend->createCard($this->getKey(), $uri, $vCard->serialize());
 		}

-		return $this->vCard2Array($vCard);
+		return $this->vCard2Array($uri, $vCard);

 	}

@@ -207,13 +213,31 @@ class AddressBookImpl implements IAddressBook {
 	/**
 	 * create array with all vCard properties
 	 *
+	 * @param string $uri
 	 * @param VCard $vCard
 	 * @return array
 	 */
-	protected function vCard2Array(VCard $vCard) {
-		$result = [];
+	protected function vCard2Array($uri, VCard $vCard) {
+		$result = [
+			'URI' => $uri,
+		];
+
 		foreach ($vCard->children as $property) {
 			$result[$property->name] = $property->getValue();
+			if ($property->name === 'PHOTO' && $property->getValueType() === 'BINARY') {
+				$url = $this->urlGenerator->getAbsoluteURL(
+					$this->urlGenerator->linkTo('', 'remote.php') . '/dav/');
+				$url .= implode('/', [
+					'addressbooks',
+					substr($this->addressBookInfo['principaluri'], 11), //cut off 'principals/'
+					$this->addressBookInfo['uri'],
+					$uri
+				]) . '?photo';
+
+				$result['PHOTO'] = 'VALUE=uri:' . $url;
+			} else {
+				$result[$property->name] = $property->getValue();
+			}
 		}
 		if ($this->addressBookInfo['principaluri'] === 'principals/system/system' &&
 			$this->addressBookInfo['uri'] === 'system') {
@@ -62,10 +62,6 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 			'BDAY', 'UID', 'N', 'FN', 'TITLE', 'ROLE', 'NOTE', 'NICKNAME',
 			'ORG', 'CATEGORIES', 'EMAIL', 'TEL', 'IMPP', 'ADR', 'URL', 'GEO', 'CLOUD');

-	const ACCESS_OWNER = 1;
-	const ACCESS_READ_WRITE = 2;
-	const ACCESS_READ = 3;
-
 	/** @var EventDispatcherInterface */
 	private $dispatcher;

@@ -78,7 +74,7 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 	 */
 	public function __construct(IDBConnection $db,
 								Principal $principalBackend,
-								$dispatcher ) {
+								EventDispatcherInterface $dispatcher = null) {
 		$this->db = $db;
 		$this->principalBackend = $principalBackend;
 		$this->dispatcher = $dispatcher;
@@ -103,6 +99,7 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 	 * @return array
 	 */
 	function getAddressBooksForUser($principalUri) {
+		$principalUriOriginal = $principalUri;
 		$principalUri = $this->convertPrincipal($principalUri, true);
 		$query = $this->db->getQueryBuilder();
 		$query->select(['id', 'uri', 'displayname', 'principaluri', 'description', 'synctoken'])
@@ -126,7 +123,7 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 		$result->closeCursor();

 		// query for shared calendars
-		$principals = $this->principalBackend->getGroupMembership($principalUri);
+		$principals = $this->principalBackend->getGroupMembership($principalUriOriginal, true);
 		$principals[]= $principalUri;

 		$query = $this->db->getQueryBuilder();
@@ -153,7 +150,7 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 					'{http://calendarserver.org/ns/}getctag' => $row['synctoken'],
 					'{http://sabredav.org/ns}sync-token' => $row['synctoken']?$row['synctoken']:'0',
 					'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}owner-principal' => $row['principaluri'],
-					'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only' => $row['access'] === self::ACCESS_READ,
+					'{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}read-only' => (int)$row['access'] === Backend::ACCESS_READ,
 				];
 			}
 		}
@@ -782,7 +779,7 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 		}
 		$query2->andWhere($query2->expr()->eq('cp.addressbookid', $query->createNamedParameter($addressBookId)));

-		$query->select('c.carddata')->from($this->dbCardsTable, 'c')
+		$query->select('c.carddata', 'c.uri')->from($this->dbCardsTable, 'c')
 			->where($query->expr()->in('c.id', $query->createFunction($query2->getSQL())));

 		$result = $query->execute();
@@ -790,8 +787,10 @@ class CardDavBackend implements BackendInterface, SyncSupport {

 		$result->closeCursor();

-		return array_map(function($array) {return $this->readBlob($array['carddata']);}, $cards);
-
+		return array_map(function($array) {
+			$array['carddata'] = $this->readBlob($array['carddata']);
+			return $array;
+		}, $cards);
 	}

 	/**
@@ -848,7 +847,7 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 		$query = $this->db->getQueryBuilder();
 		$query->select('*')->from($this->dbCardsTable)
 				->where($query->expr()->eq('uri', $query->createNamedParameter($uri)))
-				->where($query->expr()->eq('addressbookid', $query->createNamedParameter($addressBookId)));
+				->andWhere($query->expr()->eq('addressbookid', $query->createNamedParameter($addressBookId)));
 		$queryResult = $query->execute();
 		$contact = $queryResult->fetch();
 		$queryResult->closeCursor();
@@ -22,6 +22,7 @@
 namespace OCA\DAV\CardDAV;

 use OCP\Contacts\IManager;
+use OCP\IURLGenerator;

 class ContactsManager {

@@ -37,26 +38,29 @@ class ContactsManager {
 	/**
 	 * @param IManager $cm
 	 * @param string $userId
+	 * @param IURLGenerator $urlGenerator
 	 */
-	public function setupContactsProvider(IManager $cm, $userId) {
+	public function setupContactsProvider(IManager $cm, $userId, IURLGenerator $urlGenerator) {
 		$addressBooks = $this->backend->getAddressBooksForUser("principals/users/$userId");
-		$this->register($cm, $addressBooks);
+		$this->register($cm, $addressBooks, $urlGenerator);
 		$addressBooks = $this->backend->getAddressBooksForUser("principals/system/system");
-		$this->register($cm, $addressBooks);
+		$this->register($cm, $addressBooks, $urlGenerator);
 	}

 	/**
 	 * @param IManager $cm
 	 * @param $addressBooks
+	 * @param IURLGenerator $urlGenerator
 	 */
-	private function register(IManager $cm, $addressBooks) {
+	private function register(IManager $cm, $addressBooks, $urlGenerator) {
 		foreach ($addressBooks as $addressBookInfo) {
 			$addressBook = new \OCA\DAV\CardDAV\AddressBook($this->backend, $addressBookInfo);
 			$cm->registerAddressBook(
 				new AddressBookImpl(
 					$addressBook,
 					$addressBookInfo,
-					$this->backend
+					$this->backend,
+					$urlGenerator
 				)
 			);
 		}
@@ -54,6 +54,7 @@ class Converter {
 			$vCard->add(new Text($vCard, 'CLOUD', $cloudId));
 		}
 		if ($image) {
+			unset($vCard->PHOTO);
 			$vCard->add('PHOTO', $image->data(), ['ENCODING' => 'b', 'TYPE' => $image->mimeType()]);
 		}
 		$vCard->validate();
@@ -161,7 +162,7 @@ class Converter {
 	 */
 	private function getAvatarImage(IUser $user) {
 		try {
-			$image = $user->getAvatarImage(-1);
+			$image = $user->getAvatarImage(96);
 			return $image;
 		} catch (\Exception $ex) {
 			return null;
@@ -0,0 +1,156 @@
+<?php
+/**
+ * @author Thomas Müller <thomas.mueller@tmit.eu>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\DAV\CardDAV;
+
+use OCP\ILogger;
+use Sabre\CardDAV\Card;
+use Sabre\DAV\Server;
+use Sabre\DAV\ServerPlugin;
+use Sabre\HTTP\RequestInterface;
+use Sabre\HTTP\ResponseInterface;
+use Sabre\VObject\Parameter;
+use Sabre\VObject\Property\Binary;
+use Sabre\VObject\Reader;
+
+class ImageExportPlugin extends ServerPlugin {
+
+	/** @var Server */
+	protected $server;
+	/** @var ILogger */
+	private $logger;
+
+	public function __construct(ILogger $logger) {
+		$this->logger = $logger;
+	}
+
+	/**
+	 * Initializes the plugin and registers event handlers
+	 *
+	 * @param Server $server
+	 * @return void
+	 */
+	function initialize(Server $server) {
+
+		$this->server = $server;
+		$this->server->on('method:GET', [$this, 'httpGet'], 90);
+	}
+
+	/**
+	 * Intercepts GET requests on addressbook urls ending with ?photo.
+	 *
+	 * @param RequestInterface $request
+	 * @param ResponseInterface $response
+	 * @return bool|void
+	 */
+	function httpGet(RequestInterface $request, ResponseInterface $response) {
+
+		$queryParams = $request->getQueryParameters();
+		// TODO: in addition to photo we should also add logo some point in time
+		if (!array_key_exists('photo', $queryParams)) {
+			return true;
+		}
+
+		$path = $request->getPath();
+		$node = $this->server->tree->getNodeForPath($path);
+
+		if (!($node instanceof Card)) {
+			return true;
+		}
+
+		$this->server->transactionType = 'carddav-image-export';
+
+		// Checking ACL, if available.
+		if ($aclPlugin = $this->server->getPlugin('acl')) {
+			/** @var \Sabre\DAVACL\Plugin $aclPlugin */
+			$aclPlugin->checkPrivileges($path, '{DAV:}read');
+		}
+
+		if ($result = $this->getPhoto($node)) {
+			$response->setHeader('Content-Type', $result['Content-Type']);
+			$response->setStatus(200);
+
+			$response->setBody($result['body']);
+
+			// Returning false to break the event chain
+			return false;
+		}
+		return true;
+	}
+
+	function getPhoto(Card $node) {
+		// TODO: this is kind of expensive - load carddav data from database and parse it
+		//       we might want to build up a cache one day
+		try {
+			$vObject = $this->readCard($node->get());
+			if (!$vObject->PHOTO) {
+				return false;
+			}
+
+			$photo = $vObject->PHOTO;
+			$type = $this->getType($photo);
+
+			$val = $photo->getValue();
+			if ($photo->getValueType() === 'URI') {
+				$parsed = \Sabre\URI\parse($val);
+				//only allow data://
+				if ($parsed['scheme'] !== 'data') {
+					return false;
+				}
+				if (substr_count($parsed['path'], ';') === 1) {
+					list($type,) = explode(';', $parsed['path']);
+				}
+				$val = file_get_contents($val);
+			}
+			return [
+				'Content-Type' => $type,
+				'body' => $val
+			];
+		} catch(\Exception $ex) {
+			$this->logger->logException($ex);
+		}
+		return false;
+	}
+
+	private function readCard($cardData) {
+		return Reader::read($cardData);
+	}
+
+	/**
+	 * @param Binary $photo
+	 * @return Parameter
+	 */
+	private function getType($photo) {
+		$params = $photo->parameters();
+		if (isset($params['TYPE']) || isset($params['MEDIATYPE'])) {
+			/** @var Parameter $typeParam */
+			$typeParam = isset($params['TYPE']) ? $params['TYPE'] : $params['MEDIATYPE'];
+			$type = $typeParam->getValue();
+
+			if (strpos($type, 'image/') === 0) {
+				return $type;
+			} else {
+				return 'image/' . strtolower($type);
+			}
+		}
+		return '';
+	}
+}
@@ -263,6 +263,8 @@ class SyncService {
 		$systemAddressBook = $this->getLocalSystemAddressBook();
 		$this->userManager->callForAllUsers(function($user) use ($systemAddressBook, $progressCallback) {
 			$this->updateUser($user);
+			// avatar fetching sets up FS, need to clear again
+			\OC_Util::tearDownFS();
 			if (!is_null($progressCallback)) {
 				$progressCallback();
 			}
@@ -23,7 +23,10 @@
 namespace OCA\DAV\Connector;

 use OCA\DAV\Connector\Sabre\DavAclPlugin;
+use Sabre\DAV\INode;
+use Sabre\DAV\PropFind;
 use Sabre\HTTP\URLUtil;
+use Sabre\DAVACL\Xml\Property\Principal;

 class LegacyDAVACL extends DavAclPlugin {

@@ -67,4 +70,16 @@ class LegacyDAVACL extends DavAclPlugin {
 		}
 		return "principals/$name";
 	}
+
+	function propFind(PropFind $propFind, INode $node) {
+		/* Overload current-user-principal */
+		$propFind->handle('{DAV:}current-user-principal', function () {
+			if ($url = parent::getCurrentUserPrincipal()) {
+				return new Principal(Principal::HREF, $url . '/');
+			} else {
+				return new Principal(Principal::UNAUTHENTICATED);
+			}
+		});
+		parent::propFind($propFind, $node);
+	}
 }
@@ -61,6 +61,11 @@ class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
 			return false;
 		}

+		if ((int)$linkItem['share_type'] === \OCP\Share::SHARE_TYPE_LINK &&
+			$this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes') !== 'yes') {
+			$this->share['permissions'] &= ~(\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE);
+		}
+
 		// check if the share is password protected
 		if (isset($linkItem['share_with'])) {
 			if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {
@@ -84,7 +89,7 @@ class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
 					}
 					return true;
 				} else if (\OC::$server->getSession()->exists('public_link_authenticated')
-					&& \OC::$server->getSession()->get('public_link_authenticated') === $linkItem['id']) {
+					&& \OC::$server->getSession()->get('public_link_authenticated') === (string)$linkItem['id']) {
 					return true;
 				} else {
 					return false;
@@ -30,6 +30,7 @@
 namespace OCA\DAV\Connector\Sabre;

 use Exception;
+use OC\AppFramework\Http\Request;
 use OCP\IRequest;
 use OCP\ISession;
 use OCP\IUserSession;
@@ -48,6 +49,8 @@ class Auth extends AbstractBasic {
 	private $userSession;
 	/** @var IRequest */
 	private $request;
+	/** @var string */
+	private $currentUser;

 	/**
 	 * @param ISession $session
@@ -130,7 +133,46 @@ class Auth extends AbstractBasic {
 			$msg = $e->getMessage();
 			throw new ServiceUnavailable("$class: $msg");
 		}
-    }
+	}
+
+	/**
+	 * Checks whether a CSRF check is required on the request
+	 *
+	 * @return bool
+	 */
+	private function requiresCSRFCheck() {
+		// GET requires no check at all
+		if($this->request->getMethod() === 'GET') {
+			return false;
+		}
+
+		// Official ownCloud clients require no checks
+		if($this->request->isUserAgent([
+			Request::USER_AGENT_OWNCLOUD_DESKTOP,
+			Request::USER_AGENT_OWNCLOUD_ANDROID,
+			Request::USER_AGENT_OWNCLOUD_IOS,
+		])) {
+			return false;
+		}
+
+		// If not logged-in no check is required
+		if(!$this->userSession->isLoggedIn()) {
+			return false;
+		}
+
+		// POST always requires a check
+		if($this->request->getMethod() === 'POST') {
+			return true;
+		}
+
+		// If logged-in AND DAV authenticated no check is required
+		if($this->userSession->isLoggedIn() &&
+			$this->isDavAuthenticated($this->userSession->getUser()->getUID())) {
+			return false;
+		}
+
+		return true;
+	}

 	/**
 	 * @param RequestInterface $request
@@ -139,27 +181,33 @@ class Auth extends AbstractBasic {
 	 * @throws NotAuthenticated
 	 */
 	private function auth(RequestInterface $request, ResponseInterface $response) {
-		// If request is not GET and not authenticated via WebDAV a requesttoken is required
-		if($this->userSession->isLoggedIn() &&
-			$this->request->getMethod() !== 'GET' &&
-			!$this->isDavAuthenticated($this->userSession->getUser()->getUID())) {
-			if(!$this->request->passesCSRFCheck()) {
+		$forcedLogout = false;
+		if(!$this->request->passesCSRFCheck() &&
+			$this->requiresCSRFCheck()) {
+			// In case of a fail with POST we need to recheck the credentials
+			if($this->request->getMethod() === 'POST') {
+				$forcedLogout = true;
+			} else {
 				$response->setStatus(401);
 				throw new \Sabre\DAV\Exception\NotAuthenticated('CSRF check not passed.');
 			}
 		}

-		if (\OC_User::handleApacheAuth() ||
-			//Fix for broken webdav clients
-			($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
-			//Well behaved clients that only send the cookie are allowed
-			($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
-		) {
-			$user = $this->userSession->getUser()->getUID();
-			\OC_Util::setupFS($user);
-			$this->currentUser = $user;
-			$this->session->close();
-			return [true, $this->principalPrefix . $user];
+		if($forcedLogout) {
+			$this->userSession->logout();
+		} else {
+			if (\OC_User::handleApacheAuth() ||
+				//Fix for broken webdav clients
+				($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
+				//Well behaved clients that only send the cookie are allowed
+				($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
+			) {
+				$user = $this->userSession->getUser()->getUID();
+				\OC_Util::setupFS($user);
+				$this->currentUser = $user;
+				$this->session->close();
+				return [true, $this->principalPrefix . $user];
+			}
 		}

 		if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
@@ -169,6 +217,12 @@ class Auth extends AbstractBasic {
 			throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
 		}

-		return parent::check($request, $response);
+		$data = parent::check($request, $response);
+		if($data[0] === true) {
+			$startPos = strrpos($data[1], '/') + 1;
+			$user = $this->userSession->getUser()->getUID();
+			$data[1] = substr_replace($data[1], $user, $startPos);
+		}
+		return $data;
 	}
 }
@@ -327,7 +327,7 @@ class CustomPropertiesBackend implements BackendInterface {

 		$result = $this->connection->executeQuery(
 			$sql,
-			array($this->user, rtrim($path, '/') . '/%', $requestedProperties),
+			array($this->user, $this->connection->escapeLikeParameter(rtrim($path, '/')) . '/%', $requestedProperties),
 			array(null, null, \Doctrine\DBAL\Connection::PARAM_STR_ARRAY)
 		);

@@ -27,6 +27,7 @@

 namespace OCA\DAV\Connector\Sabre;

+use OCP\Files\ForbiddenException;
 use Sabre\DAV\Exception\NotFound;
 use Sabre\DAV\IFile;
 use \Sabre\DAV\PropFind;
@@ -75,16 +76,26 @@ class FilesPlugin extends \Sabre\DAV\ServerPlugin {
 	 */
 	private $fileView;

+	/**
+	* @var IRequest
+	*/
+	private $request;
+
 	/**
 	 * @param \Sabre\DAV\Tree $tree
 	 * @param \OC\Files\View $view
+	 * @param \OCP\IRequest $request
 	 * @param bool $isPublic
 	 */
-	public function __construct(\Sabre\DAV\Tree $tree,
-	                            \OC\Files\View $view,
-	                            $isPublic = false) {
+	public function __construct(
+			\Sabre\DAV\Tree $tree,
+			\OC\Files\View $view,
+			\OCP\IRequest $request,
+			$isPublic = false
+	) {
 		$this->tree = $tree;
 		$this->fileView = $view;
+		$this->request = $request;
 		$this->isPublic = $isPublic;
 	}

@@ -192,7 +203,18 @@ class FilesPlugin extends \Sabre\DAV\ServerPlugin {
 		if (!($node instanceof IFile)) return;

 		// adds a 'Content-Disposition: attachment' header
-		$response->addHeader('Content-Disposition', 'attachment');
+		$filename = $node->getName();
+		if ($this->request->isUserAgent(
+			[
+				\OC\AppFramework\Http\Request::USER_AGENT_IE,
+				\OC\AppFramework\Http\Request::USER_AGENT_ANDROID_MOBILE_CHROME,
+				\OC\AppFramework\Http\Request::USER_AGENT_FREEBOX,
+			])) {
+			$response->addHeader('Content-Disposition', 'attachment; filename="' . rawurlencode($filename) . '"');
+		} else {
+			$response->addHeader('Content-Disposition', 'attachment; filename*=UTF-8\'\'' . rawurlencode($filename)
+												 . '; filename="' . rawurlencode($filename) . '"');
+		}

 		if ($node instanceof \OCA\DAV\Connector\Sabre\File) {
 			//Add OC-Checksum header
@@ -235,6 +257,16 @@ class FilesPlugin extends \Sabre\DAV\ServerPlugin {
 			$propFind->handle(self::GETETAG_PROPERTYNAME, function() use ($node) {
 				return $node->getEtag();
 			});
+
+			$propFind->handle(self::OWNER_ID_PROPERTYNAME, function() use ($node) {
+				$owner = $node->getOwner();
+				return $owner->getUID();
+			});
+			$propFind->handle(self::OWNER_DISPLAY_NAME_PROPERTYNAME, function() use ($node) {
+				$owner = $node->getOwner();
+				$displayName = $owner->getDisplayName();
+				return $displayName;
+			});
 		}

 		if ($node instanceof \OCA\DAV\Connector\Sabre\File) {
@@ -247,6 +279,8 @@ class FilesPlugin extends \Sabre\DAV\ServerPlugin {
 					}
 				} catch (StorageNotAvailableException $e) {
 					return false;
+				} catch (ForbiddenException $e) {
+					return false;
 				}
 				return false;
 			});
@@ -267,16 +301,6 @@ class FilesPlugin extends \Sabre\DAV\ServerPlugin {
 				return $node->getSize();
 			});
 		}
-
-		$propFind->handle(self::OWNER_ID_PROPERTYNAME, function() use ($node) {
-			$owner = $node->getOwner();
-			return $owner->getUID();
-		});
-		$propFind->handle(self::OWNER_DISPLAY_NAME_PROPERTYNAME, function() use ($node) {
-			$owner = $node->getOwner();
-			$displayName = $owner->getDisplayName();
-			return $displayName;
-		});
 	}

 	/**
@@ -230,7 +230,7 @@ abstract class Node implements \Sabre\DAV\INode {
 		if ($this->info->isDeletable()) {
 			$p .= 'D';
 		}
-		if ($this->info->isDeletable()) {
+		if ($this->info->isUpdateable()) {
 			$p .= 'NV'; // Renameable, Moveable
 		}
 		if ($this->info->getType() === \OCP\Files\FileInfo::TYPE_FILE) {
@@ -102,9 +102,11 @@ class ObjectTree extends \Sabre\DAV\Tree {
 	 * Returns the INode object for the requested path
 	 *
 	 * @param string $path
-	 * @throws \Sabre\DAV\Exception\ServiceUnavailable
-	 * @throws \Sabre\DAV\Exception\NotFound
 	 * @return \Sabre\DAV\INode
+	 * @throws InvalidPath
+	 * @throws \Sabre\DAV\Exception\Locked
+	 * @throws \Sabre\DAV\Exception\NotFound
+	 * @throws \Sabre\DAV\Exception\ServiceUnavailable
 	 */
 	public function getNodeForPath($path) {
 		if (!$this->fileView) {
@@ -279,6 +281,11 @@ class ObjectTree extends \Sabre\DAV\Tree {
 			throw new InvalidPath($ex->getMessage());
 		}

+		// Webdav's copy will implicitly do a delete+create, so only create+delete permissions are required
+		if (!$this->fileView->isCreatable($destinationDir)) {
+			throw new \Sabre\DAV\Exception\Forbidden();
+		}
+
 		try {
 			$this->fileView->copy($source, $destination);
 		} catch (StorageNotAvailableException $e) {
@@ -132,10 +132,11 @@ class Principal implements BackendInterface {
 	 * Returns the list of groups a principal is a member of
 	 *
 	 * @param string $principal
+	 * @param bool $needGroups
 	 * @return array
 	 * @throws Exception
 	 */
-	public function getGroupMembership($principal) {
+	public function getGroupMembership($principal, $needGroups = false) {
 		list($prefix, $name) = URLUtil::splitPath($principal);

 		if ($prefix === $this->principalPrefix) {
@@ -144,7 +145,7 @@ class Principal implements BackendInterface {
 				throw new Exception('Principal not found');
 			}

-			if ($this->hasGroups) {
+			if ($this->hasGroups || $needGroups) {
 				$groups = $this->groupManager->getUserGroups($user);
 				$groups = array_map(function($group) {
 					/** @var IGroup $group */
@@ -26,6 +26,7 @@

 namespace OCA\DAV\Connector\Sabre;

+use OCA\DAV\Files\BrowserErrorPagePlugin;
 use OCP\Files\Mount\IMountManager;
 use OCP\IConfig;
 use OCP\IDBConnection;
@@ -110,10 +111,15 @@ class ServerFactory {
 		if($this->request->isUserAgent([
 				'/WebDAVFS/',
 				'/Microsoft Office OneNote 2013/',
+				'/Microsoft-WebDAV-MiniRedir/',
 		])) {
 			$server->addPlugin(new \OCA\DAV\Connector\Sabre\FakeLockerPlugin());
 		}

+		if (BrowserErrorPagePlugin::isBrowserRequest($this->request)) {
+			$server->addPlugin(new BrowserErrorPagePlugin());
+		}
+
 		// wait with registering these until auth is handled and the filesystem is setup
 		$server->on('beforeMethod', function () use ($server, $objectTree, $viewCallBack) {
 			// ensure the skeleton is copied
@@ -131,11 +137,21 @@ class ServerFactory {
 			}
 			$objectTree->init($root, $view, $this->mountManager);

-			$server->addPlugin(new \OCA\DAV\Connector\Sabre\FilesPlugin($objectTree, $view));
+			$server->addPlugin(new \OCA\DAV\Connector\Sabre\FilesPlugin(
+				$objectTree,
+				$view,
+				$this->request
+			));
 			$server->addPlugin(new \OCA\DAV\Connector\Sabre\QuotaPlugin($view));

 			if($this->userSession->isLoggedIn()) {
 				$server->addPlugin(new \OCA\DAV\Connector\Sabre\TagsPlugin($objectTree, $this->tagManager));
+				$server->addPlugin(new \OCA\DAV\Connector\Sabre\SharesPlugin(
+					$objectTree,
+					$this->userSession,
+					$userFolder,
+					\OC::$server->getShareManager()
+				));
 				$server->addPlugin(new \OCA\DAV\Connector\Sabre\CommentPropertiesPlugin(\OC::$server->getCommentsManager(), $this->userSession));
 				$server->addPlugin(new \OCA\DAV\Connector\Sabre\FilesReportPlugin(
 					$objectTree,
@@ -0,0 +1,177 @@
+<?php
+/**
+ * @author Vincent Petry <pvince81@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+namespace OCA\DAV\Connector\Sabre;
+
+use \Sabre\DAV\PropFind;
+use \Sabre\DAV\PropPatch;
+use OCP\IUserSession;
+use OCP\Share\IShare;
+use OCA\DAV\Connector\Sabre\ShareTypeList;
+
+/**
+ * Sabre Plugin to provide share-related properties
+ */
+class SharesPlugin extends \Sabre\DAV\ServerPlugin {
+
+	const NS_OWNCLOUD = 'http://owncloud.org/ns';
+	const SHARETYPES_PROPERTYNAME = '{http://owncloud.org/ns}share-types';
+
+	/**
+	 * Reference to main server object
+	 *
+	 * @var \Sabre\DAV\Server
+	 */
+	private $server;
+
+	/**
+	 * @var \OCP\Share\IManager
+	 */
+	private $shareManager;
+
+	/**
+	 * @var \Sabre\DAV\Tree
+	 */
+	private $tree;
+
+	/**
+	 * @var string
+	 */
+	private $userId;
+
+	/**
+	 * @var \OCP\Files\Folder
+	 */
+	private $userFolder;
+
+	/**
+	 * @var IShare[]
+	 */
+	private $cachedShareTypes;
+
+	/**
+	 * @param \Sabre\DAV\Tree $tree tree
+	 * @param IUserSession $userSession user session
+	 * @param \OCP\Files\Folder $userFolder user home folder
+	 * @param \OCP\Share\IManager $shareManager share manager
+	 */
+	public function __construct(
+		\Sabre\DAV\Tree $tree,
+		IUserSession $userSession,
+		\OCP\Files\Folder $userFolder,
+		\OCP\Share\IManager $shareManager
+	) {
+		$this->tree = $tree;
+		$this->shareManager = $shareManager;
+		$this->userFolder = $userFolder;
+		$this->userId = $userSession->getUser()->getUID();
+		$this->cachedShareTypes = [];
+	}
+
+	/**
+	 * This initializes the plugin.
+	 *
+	 * This function is called by \Sabre\DAV\Server, after
+	 * addPlugin is called.
+	 *
+	 * This method should set up the required event subscriptions.
+	 *
+	 * @param \Sabre\DAV\Server $server
+	 */
+	public function initialize(\Sabre\DAV\Server $server) {
+		$server->xml->namespacesMap[self::NS_OWNCLOUD] = 'oc';
+		$server->xml->elementMap[self::SHARETYPES_PROPERTYNAME] = 'OCA\\DAV\\Connector\\Sabre\\ShareTypeList';
+		$server->protectedProperties[] = self::SHARETYPES_PROPERTYNAME;
+
+		$this->server = $server;
+		$this->server->on('propFind', array($this, 'handleGetProperties'));
+	}
+
+	/**
+	 * Return a list of share types for outgoing shares
+	 *
+	 * @param \OCP\Files\Node $node file node
+	 *
+	 * @return int[] array of share types
+	 */
+	private function getShareTypes(\OCP\Files\Node $node) {
+		$shareTypes = [];
+		$requestedShareTypes = [
+			\OCP\Share::SHARE_TYPE_USER,
+			\OCP\Share::SHARE_TYPE_GROUP,
+			\OCP\Share::SHARE_TYPE_LINK,
+			\OCP\Share::SHARE_TYPE_REMOTE
+		];
+		foreach ($requestedShareTypes as $requestedShareType) {
+			// one of each type is enough to find out about the types
+			$shares = $this->shareManager->getSharesBy(
+				$this->userId,
+				$requestedShareType,
+				$node,
+				false,
+				1
+			);
+			if (!empty($shares)) {
+				$shareTypes[] = $requestedShareType;
+			}
+		}
+		return $shareTypes;
+	}
+
+	/**
+	 * Adds shares to propfind response
+	 *
+	 * @param PropFind $propFind propfind object
+	 * @param \Sabre\DAV\INode $sabreNode sabre node
+	 */
+	public function handleGetProperties(
+		PropFind $propFind,
+		\Sabre\DAV\INode $sabreNode
+	) {
+		if (!($sabreNode instanceof \OCA\DAV\Connector\Sabre\Node)) {
+			return;
+		}
+
+		// need prefetch ?
+		if ($sabreNode instanceof \OCA\DAV\Connector\Sabre\Directory
+			&& $propFind->getDepth() !== 0
+			&& !is_null($propFind->getStatus(self::SHARETYPES_PROPERTYNAME))
+		) {
+			$folderNode = $this->userFolder->get($propFind->getPath());
+			$children = $folderNode->getDirectoryListing();
+
+			$this->cachedShareTypes[$folderNode->getId()] = $this->getShareTypes($folderNode);
+			foreach ($children as $childNode) {
+				$this->cachedShareTypes[$childNode->getId()] = $this->getShareTypes($childNode);
+			}
+		}
+
+		$propFind->handle(self::SHARETYPES_PROPERTYNAME, function() use ($sabreNode) {
+			if (isset($this->cachedShareTypes[$sabreNode->getId()])) {
+				$shareTypes = $this->cachedShareTypes[$sabreNode->getId()];
+			} else {
+				$node = $this->userFolder->get($sabreNode->getPath());
+				$shareTypes = $this->getShareTypes($node);
+			}
+
+			return new ShareTypeList($shareTypes);
+		});
+	}
+}
@@ -0,0 +1,87 @@
+<?php
+/**
+ * @author Vincent Petry <pvince81@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\DAV\Connector\Sabre;
+
+use Sabre\Xml\Element;
+use Sabre\Xml\Reader;
+use Sabre\Xml\Writer;
+
+/**
+ * ShareTypeList property
+ *
+ * This property contains multiple "share-type" elements, each containing a share type.
+ */
+class ShareTypeList implements Element {
+	const NS_OWNCLOUD = 'http://owncloud.org/ns';
+
+	/**
+	 * Share types
+	 *
+	 * @var int[]
+	 */
+	private $shareTypes;
+
+	/**
+	 * @param int[] $shareTypes
+	 */
+	public function __construct($shareTypes) {
+		$this->shareTypes = $shareTypes;
+	}
+
+	/**
+	 * Returns the share types
+	 *
+	 * @return int[]
+	 */
+	public function getShareTypes() {
+		return $this->shareTypes;
+	}
+
+	/**
+	 * The deserialize method is called during xml parsing.
+	 *
+	 * @param Reader $reader
+	 * @return mixed
+	 */
+	static function xmlDeserialize(Reader $reader) {
+		$shareTypes = [];
+
+		foreach ($reader->parseInnerTree() as $elem) {
+			if ($elem['name'] === '{' . self::NS_OWNCLOUD . '}share-type') {
+				$shareTypes[] = (int)$elem['value'];
+			}
+		}
+		return new self($shareTypes);
+	}
+
+	/**
+	 * The xmlSerialize metod is called during xml writing.
+	 *
+	 * @param Writer $writer
+	 * @return void
+	 */
+	function xmlSerialize(Writer $writer) {
+		foreach ($this->shareTypes as $shareType) {
+			$writer->writeElement('{' . self::NS_OWNCLOUD . '}share-type', $shareType);
+		}
+	}
+}
@@ -190,6 +190,14 @@ class Backend {
 					'principal' => $share['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}principal'],
 					'protected' => true,
 				];
+			} else if ($this->resourceType === 'calendar') {
+				// Allow changing the properties of read only calendars,
+				// so users can change the visibility.
+				$acl[] = [
+					'privilege' => '{DAV:}write-properties',
+					'principal' => $share['{' . \OCA\DAV\DAV\Sharing\Plugin::NS_OWNCLOUD . '}principal'],
+					'protected' => true,
+				];
 			}
 		}
 		return $acl;
@@ -0,0 +1,116 @@
+<?php
+/**
+ * @author Thomas Müller <thomas.mueller@tmit.eu>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\DAV\Files;
+
+use OC\AppFramework\Http\Request;
+use OC_Template;
+use OCP\IRequest;
+use Sabre\DAV\Exception;
+use Sabre\DAV\Server;
+use Sabre\DAV\ServerPlugin;
+
+class BrowserErrorPagePlugin extends ServerPlugin {
+
+	/** @var Server */
+	private $server;
+
+	/**
+	 * This initializes the plugin.
+	 *
+	 * This function is called by Sabre\DAV\Server, after
+	 * addPlugin is called.
+	 *
+	 * This method should set up the required event subscriptions.
+	 *
+	 * @param Server $server
+	 * @return void
+	 */
+	function initialize(Server $server) {
+		$this->server = $server;
+		$server->on('exception', array($this, 'logException'), 1000);
+	}
+
+	/**
+	 * @param IRequest $request
+	 * @return bool
+	 */
+	public static function isBrowserRequest(IRequest $request) {
+		if ($request->getMethod() !== 'GET') {
+			return false;
+		}
+		return $request->isUserAgent([
+			Request::USER_AGENT_IE,
+			Request::USER_AGENT_MS_EDGE,
+			Request::USER_AGENT_CHROME,
+			Request::USER_AGENT_FIREFOX,
+			Request::USER_AGENT_SAFARI,
+		]);
+	}
+
+	/**
+	 * @param \Exception $ex
+	 */
+	public function logException(\Exception $ex) {
+		if ($ex instanceof Exception) {
+			$httpCode = $ex->getHTTPCode();
+			$headers = $ex->getHTTPHeaders($this->server);
+		} else {
+			$httpCode = 500;
+			$headers = [];
+		}
+		$this->server->httpResponse->addHeaders($headers);
+		$this->server->httpResponse->setStatus($httpCode);
+		$body = $this->generateBody($ex);
+		$this->server->httpResponse->setBody($body);
+		$this->sendResponse();
+	}
+
+	/**
+	 * @codeCoverageIgnore
+	 * @param \Exception $ex
+	 * @param int $httpCode
+	 * @return bool|string
+	 */
+	public function generateBody(\Exception $exception) {
+		$request = \OC::$server->getRequest();
+		$content = new OC_Template('dav', 'exception', 'guest');
+		$content->assign('title', $this->server->httpResponse->getStatusText());
+		$content->assign('message', $exception->getMessage());
+		$content->assign('errorClass', get_class($exception));
+		$content->assign('errorMsg', $exception->getMessage());
+		$content->assign('errorCode', $exception->getCode());
+		$content->assign('file', $exception->getFile());
+		$content->assign('line', $exception->getLine());
+		$content->assign('trace', $exception->getTraceAsString());
+		$content->assign('debugMode', \OC::$server->getSystemConfig()->getValue('debug', false));
+		$content->assign('remoteAddr', $request->getRemoteAddress());
+		$content->assign('requestID', $request->getId());
+		return $content->fetchPage();
+	}
+
+	/*
+	 * @codeCoverageIgnore
+	 */
+	public function sendResponse() {
+		$this->server->sapi->sendResponse($this->server->httpResponse);
+	}
+}
--- a/Show More
+++ b/Show More