From ae01ed077dcca8d3c3778cde6645075dada9b92d Mon Sep 17 00:00:00 2001
From: smizrahi <seb.mizrahi@gmail.com>
Date: Wed, 3 Apr 2024 10:48:39 +0200
Subject: [PATCH] fix(calendar): Fix issue where a calendar's subscribed user
 can give acl to another user

---
 SoObjects/SOGo/SOGoObject.m | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/SoObjects/SOGo/SOGoObject.m b/SoObjects/SOGo/SOGoObject.m
index 020d8e850..d95ea89f4 100644
--- a/SoObjects/SOGo/SOGoObject.m
+++ b/SoObjects/SOGo/SOGoObject.m
@@ -1400,7 +1400,7 @@
       else if ([nodeName isEqualToString: @"set-roles"])
 	{
     // Disable Acl modifications if this is not the owner
-    if (![[[context activeUser] login] isEqualToString: owner])
+    if (![self ignoreRights])
       return nil;
 
 	  // We support two ways of setting roles. The first one is, for example:
@@ -1451,7 +1451,7 @@
       else if ([nodeName isEqualToString: @"add-user"])
 	{
     // Disable Acl modifications if this is not the owner
-    if (![[[context activeUser] login] isEqualToString: owner])
+    if (![self ignoreRights])
       return nil;
 	  attrs = [node attributes];
 	  userAttr = [attrs namedItem: @"user"];
@@ -1462,7 +1462,7 @@
       else if ([nodeName isEqualToString: @"add-users"])
 	{
     // Disable Acl modifications if this is not the owner
-    if (![[[context activeUser] login] isEqualToString: owner])
+    if (![self ignoreRights])
       return nil;
 	  attrs = [node attributes];
 	  userAttr = [attrs namedItem: @"users"];
@@ -1485,7 +1485,7 @@
       else if ([nodeName isEqualToString: @"remove-user"])
 	{
     // Disable Acl modifications if this is not the owner
-    if (![[[context activeUser] login] isEqualToString: owner])
+    if (![self ignoreRights])
       return nil;
 	  attrs = [node attributes];
 	  userAttr = [attrs namedItem: @"user"];