diff --git a/README.md b/README.md index 49021ae..752f469 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,14 @@ More screenshots are [available here](#screenshots). +--- + +## πŸ’– Enjoying tududi? + +Help keep it free and actively developed by [buying me a coffee](https://coff.ee/chrisveleris) β˜•, [becoming a sponsor](https://github.com/sponsors/chrisvel), or [supporting on Patreon](https://www.patreon.com/ChrisVeleris). You can also support the project by purchasing a **hosted subscription** for a hassle-free, managed solution. Every contribution helps maintain this project and build new features! + +--- + ## πŸš€ How It Works This app allows users to manage their tasks, projects, areas, notes, and tags in an organized way. Users can create tasks, projects, areas (to group projects), notes, and tags. Each task can be associated with a project, and both tasks and notes can be tagged for better organization. Projects can belong to areas and can also have multiple notes and tags. This structure helps users categorize and track their work efficiently, whether they’re managing individual tasks, larger projects, or keeping detailed notes. @@ -59,6 +67,13 @@ For the thinking behind tududi, read: - Account linking for hybrid authentication - Simple .env-based configuration perfect for self-hosters - Automatic admin role assignment based on email domains +- **CalDAV Synchronization**: Industry-standard CalDAV protocol support for seamless task syncing: + - Bidirectional sync with CalDAV servers (Nextcloud, Baikal, and more) + - Access tasks from popular clients (tasks.org, Apple Reminders, Thunderbird, Evolution) + - Full recurring task support with RRULE + - Conflict detection and resolution + - Background automatic synchronization + - HTTP Basic Authentication for CalDAV clients ## πŸ—ΊοΈ Roadmap @@ -152,6 +167,39 @@ docker run \ **Documentation:** See [docs/10-oidc-sso.md](docs/10-oidc-sso.md) for detailed setup guides and provider-specific configuration. +### CalDAV Synchronization + +Tududi supports the industry-standard CalDAV protocol, enabling seamless task synchronization with popular CalDAV clients and servers. + +**Quick Setup:** + +```bash +docker run \ + -e CALDAV_ENABLED=true \ + -e ENCRYPTION_KEY=$(openssl rand -hex 32) \ + ... +``` + +**Supported Clients:** +- **tasks.org** (Android/iOS) - Full task management with recurring tasks +- **Apple Reminders** (iOS/macOS) - Native iOS/macOS integration +- **Thunderbird** (Desktop) - Advanced task features +- **Evolution** (Linux) - Full CalDAV compatibility + +**Sync with External Servers:** + +Connect Tududi to external CalDAV servers like Nextcloud, Baikal, or other CalDAV-compatible services for bidirectional synchronization. + +**Key Features:** +- Bidirectional sync (local ↔ remote) +- Full recurring task support with RRULE +- Conflict detection and resolution +- Background automatic synchronization +- HTTP Basic Authentication +- Encrypted password storage (AES-256-GCM) + +**Documentation:** See [docs/11-caldav-sync.md](docs/11-caldav-sync.md) for client setup guides, server configuration, and troubleshooting. + ### πŸ“š Documentation For detailed setup instructions, configuration options, and getting started guides, visit: @@ -243,19 +291,6 @@ Contributions to tududi are welcome! Whether it's bug fixes, new features, docum - Translation guidelines - Pull request checklist -## πŸ’– Support the Project - -If you find tududi useful, consider supporting its development: - -

- GitHub Sponsors - Patreon - Buy Me a Coffee - PayPal -

- -Your support helps keep tududi free, open-source, and actively maintained. Every contribution β€” big or small β€” makes a difference! - ## πŸ“œ License This project is licensed under the [MIT License](LICENSE). diff --git a/backend/.env.example b/backend/.env.example index 01c190b..416b23d 100644 --- a/backend/.env.example +++ b/backend/.env.example @@ -28,6 +28,9 @@ DISABLE_SCHEDULER=false DISABLE_TELEGRAM=false # Feature Flags +FF_ENABLE_BACKUPS=false +FF_ENABLE_CALENDAR=false +FF_ENABLE_HABITS=false FF_ENABLE_MCP=false # Trust proxy (REQUIRED when behind reverse proxy - nginx, Traefik, etc.) @@ -44,6 +47,11 @@ FF_ENABLE_MCP=false OIDC_ENABLED=false # BASE_URL=https://your-domain.com # Required for OIDC callbacks +# Password Authentication +# Set to false to disable password login/registration (SSO-only mode) +# Default: true (password auth enabled) +PASSWORD_AUTH_ENABLED=true + # Single provider configuration # OIDC_PROVIDER_NAME=PocketID # OIDC_PROVIDER_SLUG=pocketid @@ -61,3 +69,25 @@ OIDC_ENABLED=false # OIDC_PROVIDER_1_CLIENT_ID=xxx.apps.googleusercontent.com # OIDC_PROVIDER_1_CLIENT_SECRET=xxx # OIDC_PROVIDER_1_AUTO_PROVISION=true + +# CalDAV Synchronization +# See docs/feature-plans/01-caldav-sync.md for detailed documentation +CALDAV_ENABLED=false + +# Encryption key for storing remote calendar passwords +# If not set, falls back to TUDUDI_SESSION_SECRET +# ENCRYPTION_KEY=your-256-bit-encryption-key + +# CalDAV defaults +# CALDAV_DEFAULT_SYNC_INTERVAL=15 # Minutes +# CALDAV_MAX_RECURRING_INSTANCES=365 # Number of future instances to expand +# CALDAV_CONFLICT_RESOLUTION=last_write_wins + +# Performance settings +# CALDAV_RATE_LIMIT=60 # Requests per minute +# CALDAV_MAX_SYNC_TASKS=1000 # Max tasks per sync +# CALDAV_REQUEST_TIMEOUT=30000 # Milliseconds + +# Debugging +# CALDAV_LOG_LEVEL=info +# CALDAV_LOG_REQUESTS=false diff --git a/backend/app.js b/backend/app.js index a50a65a..6173c9b 100644 --- a/backend/app.js +++ b/backend/app.js @@ -64,21 +64,59 @@ app.use( cors({ origin: config.allowedOrigins, credentials: true, - methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'], + methods: [ + 'GET', + 'POST', + 'PUT', + 'PATCH', + 'DELETE', + 'OPTIONS', + 'PROPFIND', + 'REPORT', + ], allowedHeaders: [ 'Authorization', 'Content-Type', 'Accept', 'X-Requested-With', + 'Depth', + 'If-Match', + 'If-None-Match', ], - exposedHeaders: ['Content-Type'], + exposedHeaders: ['Content-Type', 'ETag', 'DAV', 'Allow'], maxAge: 1728000, + preflightContinue: true, }) ); -// Body parsing -app.use(express.json({ limit: '10mb' })); -app.use(express.urlencoded({ extended: true, limit: '10mb' })); +// Body parsing (skip for CalDAV routes which need raw body access) +app.use((req, res, next) => { + const isCalDAVPath = + req.path.startsWith('/caldav/') || + req.path.startsWith('/.well-known/caldav'); + + if (isCalDAVPath) { + return next(); + } + + express.json({ limit: '10mb' })(req, res, next); +}); + +app.use((req, res, next) => { + const isCalDAVPath = + req.path.startsWith('/caldav/') || + req.path.startsWith('/.well-known/caldav'); + + if (isCalDAVPath) { + return next(); + } + + express.urlencoded({ extended: true, limit: '10mb' })(req, res, next); +}); + +// CalDAV routes (registered after conditional body parsers) +const caldavRoutes = require('./modules/caldav/routes'); +app.use(caldavRoutes); // Session configuration const sessionMiddleware = session({ @@ -331,6 +369,14 @@ async function startServer() { // Initialize task scheduler await taskScheduler.initialize(); + // Initialize CalDAV sync scheduler + const caldavSyncScheduler = require('./modules/caldav/services/sync-scheduler'); + await caldavSyncScheduler.initialize(); + + // Validate authentication configuration + const { validateAuthConfiguration } = require('./config/authConfig'); + validateAuthConfiguration(); + const server = app.listen(config.port, config.host, () => { console.log(`Server running on port ${config.port}`); console.log(`Server listening on http://localhost:${config.port}`); diff --git a/backend/config/authConfig.js b/backend/config/authConfig.js new file mode 100644 index 0000000..efee31d --- /dev/null +++ b/backend/config/authConfig.js @@ -0,0 +1,30 @@ +'use strict'; + +function isPasswordAuthEnabled() { + return process.env.PASSWORD_AUTH_ENABLED !== 'false'; +} + +function validateAuthConfiguration() { + const passwordAuthEnabled = isPasswordAuthEnabled(); + const { isOidcEnabled } = require('../modules/oidc/providerConfig'); + + if (!passwordAuthEnabled && !isOidcEnabled()) { + const { logError } = require('../services/logService'); + logError( + new Error( + 'WARNING: Both password authentication and OIDC are disabled. Users will not be able to log in!' + ), + 'Authentication Configuration Warning' + ); + } + + return { + passwordAuthEnabled, + oidcEnabled: isOidcEnabled(), + }; +} + +module.exports = { + isPasswordAuthEnabled, + validateAuthConfiguration, +}; diff --git a/backend/migrations/20260420000001-create-caldav-calendars.js b/backend/migrations/20260420000001-create-caldav-calendars.js new file mode 100644 index 0000000..70ffaed --- /dev/null +++ b/backend/migrations/20260420000001-create-caldav-calendars.js @@ -0,0 +1,105 @@ +'use strict'; + +const { safeCreateTable, safeAddIndex } = require('../utils/migration-utils'); + +module.exports = { + async up(queryInterface, Sequelize) { + await safeCreateTable(queryInterface, 'caldav_calendars', { + id: { + type: Sequelize.INTEGER, + primaryKey: true, + autoIncrement: true, + allowNull: false, + }, + uid: { + type: Sequelize.STRING, + allowNull: false, + unique: true, + }, + user_id: { + type: Sequelize.INTEGER, + allowNull: false, + references: { + model: 'users', + key: 'id', + }, + onDelete: 'CASCADE', + }, + name: { + type: Sequelize.STRING, + allowNull: false, + }, + description: { + type: Sequelize.TEXT, + allowNull: true, + }, + color: { + type: Sequelize.STRING, + allowNull: true, + }, + ctag: { + type: Sequelize.STRING, + allowNull: true, + }, + sync_token: { + type: Sequelize.STRING, + allowNull: true, + }, + enabled: { + type: Sequelize.BOOLEAN, + allowNull: false, + defaultValue: true, + }, + sync_direction: { + type: Sequelize.STRING, + allowNull: false, + defaultValue: 'bidirectional', + }, + sync_interval_minutes: { + type: Sequelize.INTEGER, + allowNull: false, + defaultValue: 15, + }, + last_sync_at: { + type: Sequelize.DATE, + allowNull: true, + }, + last_sync_status: { + type: Sequelize.STRING, + allowNull: true, + }, + conflict_resolution: { + type: Sequelize.STRING, + allowNull: false, + defaultValue: 'last_write_wins', + }, + created_at: { + type: Sequelize.DATE, + allowNull: false, + defaultValue: Sequelize.literal('CURRENT_TIMESTAMP'), + }, + updated_at: { + type: Sequelize.DATE, + allowNull: false, + defaultValue: Sequelize.literal('CURRENT_TIMESTAMP'), + }, + }); + + await safeAddIndex(queryInterface, 'caldav_calendars', ['user_id'], { + name: 'caldav_calendars_user_id_idx', + }); + + await safeAddIndex(queryInterface, 'caldav_calendars', ['uid'], { + name: 'caldav_calendars_uid_idx', + unique: true, + }); + + await safeAddIndex(queryInterface, 'caldav_calendars', ['enabled'], { + name: 'caldav_calendars_enabled_idx', + }); + }, + + async down(queryInterface) { + await queryInterface.dropTable('caldav_calendars'); + }, +}; diff --git a/backend/migrations/20260420000002-create-caldav-sync-state.js b/backend/migrations/20260420000002-create-caldav-sync-state.js new file mode 100644 index 0000000..e3c677c --- /dev/null +++ b/backend/migrations/20260420000002-create-caldav-sync-state.js @@ -0,0 +1,113 @@ +'use strict'; + +const { safeCreateTable, safeAddIndex } = require('../utils/migration-utils'); + +module.exports = { + async up(queryInterface, Sequelize) { + await safeCreateTable(queryInterface, 'caldav_sync_state', { + id: { + type: Sequelize.INTEGER, + primaryKey: true, + autoIncrement: true, + allowNull: false, + }, + task_id: { + type: Sequelize.INTEGER, + allowNull: false, + references: { + model: 'tasks', + key: 'id', + }, + onDelete: 'CASCADE', + }, + calendar_id: { + type: Sequelize.INTEGER, + allowNull: false, + references: { + model: 'caldav_calendars', + key: 'id', + }, + onDelete: 'CASCADE', + }, + etag: { + type: Sequelize.STRING, + allowNull: false, + }, + last_modified: { + type: Sequelize.DATE, + allowNull: false, + }, + last_synced_at: { + type: Sequelize.DATE, + allowNull: true, + }, + sync_status: { + type: Sequelize.STRING, + allowNull: false, + defaultValue: 'synced', + }, + conflict_local_version: { + type: Sequelize.JSON, + allowNull: true, + }, + conflict_remote_version: { + type: Sequelize.JSON, + allowNull: true, + }, + conflict_detected_at: { + type: Sequelize.DATE, + allowNull: true, + }, + created_at: { + type: Sequelize.DATE, + allowNull: false, + defaultValue: Sequelize.literal('CURRENT_TIMESTAMP'), + }, + updated_at: { + type: Sequelize.DATE, + allowNull: false, + defaultValue: Sequelize.literal('CURRENT_TIMESTAMP'), + }, + }); + + await safeAddIndex(queryInterface, 'caldav_sync_state', ['task_id'], { + name: 'caldav_sync_state_task_id_idx', + }); + + await safeAddIndex( + queryInterface, + 'caldav_sync_state', + ['calendar_id'], + { + name: 'caldav_sync_state_calendar_id_idx', + } + ); + + await safeAddIndex(queryInterface, 'caldav_sync_state', ['etag'], { + name: 'caldav_sync_state_etag_idx', + }); + + await safeAddIndex( + queryInterface, + 'caldav_sync_state', + ['sync_status'], + { + name: 'caldav_sync_state_sync_status_idx', + } + ); + + await safeAddIndex( + queryInterface, + 'caldav_sync_state', + ['task_id', 'calendar_id'], + { + name: 'caldav_sync_state_task_calendar_unique', + unique: true, + } + ); + }, + + async down(queryInterface) { + await queryInterface.dropTable('caldav_sync_state'); + }, +}; diff --git a/backend/migrations/20260420000003-create-caldav-occurrence-overrides.js b/backend/migrations/20260420000003-create-caldav-occurrence-overrides.js new file mode 100644 index 0000000..1f01a70 --- /dev/null +++ b/backend/migrations/20260420000003-create-caldav-occurrence-overrides.js @@ -0,0 +1,109 @@ +'use strict'; + +const { safeCreateTable, safeAddIndex } = require('../utils/migration-utils'); + +module.exports = { + async up(queryInterface, Sequelize) { + await safeCreateTable(queryInterface, 'caldav_occurrence_overrides', { + id: { + type: Sequelize.INTEGER, + primaryKey: true, + autoIncrement: true, + allowNull: false, + }, + parent_task_id: { + type: Sequelize.INTEGER, + allowNull: false, + references: { + model: 'tasks', + key: 'id', + }, + onDelete: 'CASCADE', + }, + calendar_id: { + type: Sequelize.INTEGER, + allowNull: false, + references: { + model: 'caldav_calendars', + key: 'id', + }, + onDelete: 'CASCADE', + }, + recurrence_id: { + type: Sequelize.DATE, + allowNull: false, + }, + override_name: { + type: Sequelize.TEXT, + allowNull: true, + }, + override_due_date: { + type: Sequelize.DATE, + allowNull: true, + }, + override_status: { + type: Sequelize.INTEGER, + allowNull: true, + }, + override_priority: { + type: Sequelize.INTEGER, + allowNull: true, + }, + override_note: { + type: Sequelize.TEXT, + allowNull: true, + }, + created_at: { + type: Sequelize.DATE, + allowNull: false, + defaultValue: Sequelize.literal('CURRENT_TIMESTAMP'), + }, + updated_at: { + type: Sequelize.DATE, + allowNull: false, + defaultValue: Sequelize.literal('CURRENT_TIMESTAMP'), + }, + }); + + await safeAddIndex( + queryInterface, + 'caldav_occurrence_overrides', + ['parent_task_id'], + { + name: 'caldav_occurrence_overrides_parent_task_id_idx', + } + ); + + await safeAddIndex( + queryInterface, + 'caldav_occurrence_overrides', + ['calendar_id'], + { + name: 'caldav_occurrence_overrides_calendar_id_idx', + } + ); + + await safeAddIndex( + queryInterface, + 'caldav_occurrence_overrides', + ['recurrence_id'], + { + name: 'caldav_occurrence_overrides_recurrence_id_idx', + } + ); + + await safeAddIndex( + queryInterface, + 'caldav_occurrence_overrides', + ['parent_task_id', 'calendar_id', 'recurrence_id'], + { + name: 'caldav_occurrence_overrides_unique', + unique: true, + } + ); + }, + + async down(queryInterface) { + await queryInterface.dropTable('caldav_occurrence_overrides'); + }, +}; diff --git a/backend/migrations/20260420000004-create-caldav-remote-calendars.js b/backend/migrations/20260420000004-create-caldav-remote-calendars.js new file mode 100644 index 0000000..d25aaf7 --- /dev/null +++ b/backend/migrations/20260420000004-create-caldav-remote-calendars.js @@ -0,0 +1,130 @@ +'use strict'; + +const { safeCreateTable, safeAddIndex } = require('../utils/migration-utils'); + +module.exports = { + async up(queryInterface, Sequelize) { + await safeCreateTable(queryInterface, 'caldav_remote_calendars', { + id: { + type: Sequelize.INTEGER, + primaryKey: true, + autoIncrement: true, + allowNull: false, + }, + user_id: { + type: Sequelize.INTEGER, + allowNull: false, + references: { + model: 'users', + key: 'id', + }, + onDelete: 'CASCADE', + }, + local_calendar_id: { + type: Sequelize.INTEGER, + allowNull: true, + references: { + model: 'caldav_calendars', + key: 'id', + }, + onDelete: 'SET NULL', + }, + name: { + type: Sequelize.STRING, + allowNull: false, + }, + server_url: { + type: Sequelize.STRING, + allowNull: false, + }, + calendar_path: { + type: Sequelize.STRING, + allowNull: false, + }, + username: { + type: Sequelize.STRING, + allowNull: false, + }, + password_encrypted: { + type: Sequelize.TEXT, + allowNull: false, + }, + auth_type: { + type: Sequelize.STRING, + allowNull: false, + defaultValue: 'basic', + }, + enabled: { + type: Sequelize.BOOLEAN, + allowNull: false, + defaultValue: true, + }, + sync_direction: { + type: Sequelize.STRING, + allowNull: false, + defaultValue: 'bidirectional', + }, + last_sync_at: { + type: Sequelize.DATE, + allowNull: true, + }, + last_sync_status: { + type: Sequelize.STRING, + allowNull: true, + }, + last_sync_error: { + type: Sequelize.TEXT, + allowNull: true, + }, + server_ctag: { + type: Sequelize.STRING, + allowNull: true, + }, + server_sync_token: { + type: Sequelize.STRING, + allowNull: true, + }, + created_at: { + type: Sequelize.DATE, + allowNull: false, + defaultValue: Sequelize.literal('CURRENT_TIMESTAMP'), + }, + updated_at: { + type: Sequelize.DATE, + allowNull: false, + defaultValue: Sequelize.literal('CURRENT_TIMESTAMP'), + }, + }); + + await safeAddIndex( + queryInterface, + 'caldav_remote_calendars', + ['user_id'], + { + name: 'caldav_remote_calendars_user_id_idx', + } + ); + + await safeAddIndex( + queryInterface, + 'caldav_remote_calendars', + ['local_calendar_id'], + { + name: 'caldav_remote_calendars_local_calendar_id_idx', + } + ); + + await safeAddIndex( + queryInterface, + 'caldav_remote_calendars', + ['enabled'], + { + name: 'caldav_remote_calendars_enabled_idx', + } + ); + }, + + async down(queryInterface) { + await queryInterface.dropTable('caldav_remote_calendars'); + }, +}; diff --git a/backend/migrations/20260420000005-add-caldav-indexes.js b/backend/migrations/20260420000005-add-caldav-indexes.js new file mode 100644 index 0000000..384dd96 --- /dev/null +++ b/backend/migrations/20260420000005-add-caldav-indexes.js @@ -0,0 +1,147 @@ +const { DataTypes } = require('sequelize'); + +module.exports = { + up: async (queryInterface, Sequelize) => { + await queryInterface.addIndex('caldav_calendars', ['user_id'], { + name: 'idx_caldav_calendars_user_id', + }); + + await queryInterface.addIndex('caldav_calendars', ['enabled'], { + name: 'idx_caldav_calendars_enabled', + }); + + await queryInterface.addIndex( + 'caldav_calendars', + ['user_id', 'enabled'], + { + name: 'idx_caldav_calendars_user_enabled', + } + ); + + await queryInterface.addIndex('caldav_sync_state', ['task_id'], { + name: 'idx_caldav_sync_state_task_id', + }); + + await queryInterface.addIndex('caldav_sync_state', ['calendar_id'], { + name: 'idx_caldav_sync_state_calendar_id', + }); + + await queryInterface.addIndex('caldav_sync_state', ['sync_status'], { + name: 'idx_caldav_sync_state_status', + }); + + await queryInterface.addIndex('caldav_sync_state', ['last_modified'], { + name: 'idx_caldav_sync_state_modified', + }); + + await queryInterface.addIndex( + 'caldav_occurrence_overrides', + ['parent_task_id'], + { + name: 'idx_caldav_overrides_parent', + } + ); + + await queryInterface.addIndex( + 'caldav_occurrence_overrides', + ['calendar_id'], + { + name: 'idx_caldav_overrides_calendar', + } + ); + + await queryInterface.addIndex( + 'caldav_occurrence_overrides', + ['recurrence_id'], + { + name: 'idx_caldav_overrides_recurrence', + } + ); + + await queryInterface.addIndex('caldav_remote_calendars', ['user_id'], { + name: 'idx_caldav_remote_user_id', + }); + + await queryInterface.addIndex('caldav_remote_calendars', ['enabled'], { + name: 'idx_caldav_remote_enabled', + }); + + await queryInterface.addIndex( + 'caldav_remote_calendars', + ['local_calendar_id'], + { + name: 'idx_caldav_remote_local_cal', + } + ); + + await queryInterface.addIndex('tasks', ['uid'], { + name: 'idx_tasks_uid', + unique: false, + }); + + await queryInterface.addIndex('tasks', ['updated_at'], { + name: 'idx_tasks_updated_at', + }); + }, + + down: async (queryInterface, Sequelize) => { + await queryInterface.removeIndex( + 'caldav_calendars', + 'idx_caldav_calendars_user_id' + ); + await queryInterface.removeIndex( + 'caldav_calendars', + 'idx_caldav_calendars_enabled' + ); + await queryInterface.removeIndex( + 'caldav_calendars', + 'idx_caldav_calendars_user_enabled' + ); + + await queryInterface.removeIndex( + 'caldav_sync_state', + 'idx_caldav_sync_state_task_id' + ); + await queryInterface.removeIndex( + 'caldav_sync_state', + 'idx_caldav_sync_state_calendar_id' + ); + await queryInterface.removeIndex( + 'caldav_sync_state', + 'idx_caldav_sync_state_status' + ); + await queryInterface.removeIndex( + 'caldav_sync_state', + 'idx_caldav_sync_state_modified' + ); + + await queryInterface.removeIndex( + 'caldav_occurrence_overrides', + 'idx_caldav_overrides_parent' + ); + await queryInterface.removeIndex( + 'caldav_occurrence_overrides', + 'idx_caldav_overrides_calendar' + ); + await queryInterface.removeIndex( + 'caldav_occurrence_overrides', + 'idx_caldav_overrides_recurrence' + ); + + await queryInterface.removeIndex( + 'caldav_remote_calendars', + 'idx_caldav_remote_user_id' + ); + await queryInterface.removeIndex( + 'caldav_remote_calendars', + 'idx_caldav_remote_enabled' + ); + await queryInterface.removeIndex( + 'caldav_remote_calendars', + 'idx_caldav_remote_local_cal' + ); + + await queryInterface.removeIndex('tasks', 'idx_tasks_uid'); + await queryInterface.removeIndex('tasks', 'idx_tasks_updated_at'); + }, +}; diff --git a/backend/models/caldav_calendar.js b/backend/models/caldav_calendar.js new file mode 100644 index 0000000..9403ed0 --- /dev/null +++ b/backend/models/caldav_calendar.js @@ -0,0 +1,156 @@ +const { DataTypes } = require('sequelize'); +const { uid } = require('../utils/uid'); + +module.exports = (sequelize) => { + const CalDAVCalendar = sequelize.define( + 'CalDAVCalendar', + { + id: { + type: DataTypes.INTEGER, + primaryKey: true, + autoIncrement: true, + }, + uid: { + type: DataTypes.STRING, + allowNull: false, + unique: true, + defaultValue: uid, + }, + user_id: { + type: DataTypes.INTEGER, + allowNull: false, + references: { + model: 'users', + key: 'id', + }, + }, + name: { + type: DataTypes.STRING, + allowNull: false, + validate: { + notEmpty: { + msg: 'Calendar name is required', + }, + }, + }, + description: { + type: DataTypes.TEXT, + allowNull: true, + }, + color: { + type: DataTypes.STRING, + allowNull: true, + }, + ctag: { + type: DataTypes.STRING, + allowNull: true, + }, + sync_token: { + type: DataTypes.STRING, + allowNull: true, + }, + enabled: { + type: DataTypes.BOOLEAN, + allowNull: false, + defaultValue: true, + }, + sync_direction: { + type: DataTypes.STRING, + allowNull: false, + defaultValue: 'bidirectional', + validate: { + isIn: { + args: [['bidirectional', 'pull_only', 'push_only']], + msg: 'Sync direction must be bidirectional, pull_only, or push_only', + }, + }, + }, + sync_interval_minutes: { + type: DataTypes.INTEGER, + allowNull: false, + defaultValue: 15, + validate: { + min: { + args: [5], + msg: 'Sync interval must be at least 5 minutes', + }, + }, + }, + last_sync_at: { + type: DataTypes.DATE, + allowNull: true, + }, + last_sync_status: { + type: DataTypes.STRING, + allowNull: true, + validate: { + isIn: { + args: [['success', 'error', 'conflict']], + msg: 'Sync status must be success, error, or conflict', + }, + }, + }, + conflict_resolution: { + type: DataTypes.STRING, + allowNull: false, + defaultValue: 'last_write_wins', + validate: { + isIn: { + args: [ + [ + 'last_write_wins', + 'local_wins', + 'remote_wins', + 'manual', + ], + ], + msg: 'Conflict resolution must be last_write_wins, local_wins, remote_wins, or manual', + }, + }, + }, + }, + { + tableName: 'caldav_calendars', + timestamps: true, + createdAt: 'created_at', + updatedAt: 'updated_at', + underscored: true, + indexes: [ + { + fields: ['user_id'], + }, + { + fields: ['uid'], + unique: true, + }, + { + fields: ['enabled'], + }, + ], + } + ); + + CalDAVCalendar.associate = function (models) { + CalDAVCalendar.belongsTo(models.User, { + foreignKey: 'user_id', + as: 'user', + }); + + CalDAVCalendar.hasMany(models.CalDAVSyncState, { + foreignKey: 'calendar_id', + as: 'syncStates', + }); + + CalDAVCalendar.hasMany(models.CalDAVOccurrenceOverride, { + foreignKey: 'calendar_id', + as: 'occurrenceOverrides', + }); + + CalDAVCalendar.hasOne(models.CalDAVRemoteCalendar, { + foreignKey: 'local_calendar_id', + as: 'remoteCalendar', + }); + }; + + return CalDAVCalendar; +}; diff --git a/backend/models/caldav_occurrence_override.js b/backend/models/caldav_occurrence_override.js new file mode 100644 index 0000000..18581ee --- /dev/null +++ b/backend/models/caldav_occurrence_override.js @@ -0,0 +1,98 @@ +const { DataTypes } = require('sequelize'); + +module.exports = (sequelize) => { + const CalDAVOccurrenceOverride = sequelize.define( + 'CalDAVOccurrenceOverride', + { + id: { + type: DataTypes.INTEGER, + primaryKey: true, + autoIncrement: true, + }, + parent_task_id: { + type: DataTypes.INTEGER, + allowNull: false, + references: { + model: 'tasks', + key: 'id', + }, + }, + calendar_id: { + type: DataTypes.INTEGER, + allowNull: false, + references: { + model: 'caldav_calendars', + key: 'id', + }, + }, + recurrence_id: { + type: DataTypes.DATE, + allowNull: false, + }, + override_name: { + type: DataTypes.TEXT, + allowNull: true, + }, + override_due_date: { + type: DataTypes.DATE, + allowNull: true, + }, + override_status: { + type: DataTypes.INTEGER, + allowNull: true, + validate: { + min: 0, + max: 6, + }, + }, + override_priority: { + type: DataTypes.INTEGER, + allowNull: true, + validate: { + min: 0, + max: 2, + }, + }, + override_note: { + type: DataTypes.TEXT, + allowNull: true, + }, + }, + { + tableName: 'caldav_occurrence_overrides', + timestamps: true, + createdAt: 'created_at', + updatedAt: 'updated_at', + underscored: true, + indexes: [ + { + fields: ['parent_task_id'], + }, + { + fields: ['calendar_id'], + }, + { + fields: ['recurrence_id'], + }, + { + fields: ['parent_task_id', 'calendar_id', 'recurrence_id'], + unique: true, + }, + ], + } + ); + + CalDAVOccurrenceOverride.associate = function (models) { + CalDAVOccurrenceOverride.belongsTo(models.Task, { + foreignKey: 'parent_task_id', + as: 'parentTask', + }); + + CalDAVOccurrenceOverride.belongsTo(models.CalDAVCalendar, { + foreignKey: 'calendar_id', + as: 'calendar', + }); + }; + + return CalDAVOccurrenceOverride; +}; diff --git a/backend/models/caldav_remote_calendar.js b/backend/models/caldav_remote_calendar.js new file mode 100644 index 0000000..185e5cd --- /dev/null +++ b/backend/models/caldav_remote_calendar.js @@ -0,0 +1,150 @@ +const { DataTypes } = require('sequelize'); + +module.exports = (sequelize) => { + const CalDAVRemoteCalendar = sequelize.define( + 'CalDAVRemoteCalendar', + { + id: { + type: DataTypes.INTEGER, + primaryKey: true, + autoIncrement: true, + }, + user_id: { + type: DataTypes.INTEGER, + allowNull: false, + references: { + model: 'users', + key: 'id', + }, + }, + local_calendar_id: { + type: DataTypes.INTEGER, + allowNull: true, + references: { + model: 'caldav_calendars', + key: 'id', + }, + }, + name: { + type: DataTypes.STRING, + allowNull: false, + validate: { + notEmpty: { + msg: 'Remote calendar name is required', + }, + }, + }, + server_url: { + type: DataTypes.STRING, + allowNull: false, + validate: { + isUrl: { + msg: 'Server URL must be a valid URL', + }, + }, + }, + calendar_path: { + type: DataTypes.STRING, + allowNull: false, + }, + username: { + type: DataTypes.STRING, + allowNull: false, + validate: { + notEmpty: { + msg: 'Username is required', + }, + }, + }, + password_encrypted: { + type: DataTypes.TEXT, + allowNull: false, + }, + auth_type: { + type: DataTypes.STRING, + allowNull: false, + defaultValue: 'basic', + validate: { + isIn: { + args: [['basic', 'digest', 'bearer']], + msg: 'Auth type must be basic, digest, or bearer', + }, + }, + }, + enabled: { + type: DataTypes.BOOLEAN, + allowNull: false, + defaultValue: true, + }, + sync_direction: { + type: DataTypes.STRING, + allowNull: false, + defaultValue: 'bidirectional', + validate: { + isIn: { + args: [['bidirectional', 'pull_only', 'push_only']], + msg: 'Sync direction must be bidirectional, pull_only, or push_only', + }, + }, + }, + last_sync_at: { + type: DataTypes.DATE, + allowNull: true, + }, + last_sync_status: { + type: DataTypes.STRING, + allowNull: true, + validate: { + isIn: { + args: [['success', 'error', 'conflict']], + msg: 'Sync status must be success, error, or conflict', + }, + }, + }, + last_sync_error: { + type: DataTypes.TEXT, + allowNull: true, + }, + server_ctag: { + type: DataTypes.STRING, + allowNull: true, + }, + server_sync_token: { + type: DataTypes.STRING, + allowNull: true, + }, + }, + { + tableName: 'caldav_remote_calendars', + timestamps: true, + createdAt: 'created_at', + updatedAt: 'updated_at', + underscored: true, + indexes: [ + { + fields: ['user_id'], + }, + { + fields: ['local_calendar_id'], + }, + { + fields: ['enabled'], + }, + ], + } + ); + + CalDAVRemoteCalendar.associate = function (models) { + CalDAVRemoteCalendar.belongsTo(models.User, { + foreignKey: 'user_id', + as: 'user', + }); + + CalDAVRemoteCalendar.belongsTo(models.CalDAVCalendar, { + foreignKey: 'local_calendar_id', + as: 'localCalendar', + }); + }; + + return CalDAVRemoteCalendar; +}; diff --git a/backend/models/caldav_sync_state.js b/backend/models/caldav_sync_state.js new file mode 100644 index 0000000..0d406f9 --- /dev/null +++ b/backend/models/caldav_sync_state.js @@ -0,0 +1,104 @@ +const { DataTypes } = require('sequelize'); + +module.exports = (sequelize) => { + const CalDAVSyncState = sequelize.define( + 'CalDAVSyncState', + { + id: { + type: DataTypes.INTEGER, + primaryKey: true, + autoIncrement: true, + }, + task_id: { + type: DataTypes.INTEGER, + allowNull: false, + references: { + model: 'tasks', + key: 'id', + }, + }, + calendar_id: { + type: DataTypes.INTEGER, + allowNull: false, + references: { + model: 'caldav_calendars', + key: 'id', + }, + }, + etag: { + type: DataTypes.STRING, + allowNull: false, + }, + last_modified: { + type: DataTypes.DATE, + allowNull: false, + }, + last_synced_at: { + type: DataTypes.DATE, + allowNull: true, + }, + sync_status: { + type: DataTypes.STRING, + allowNull: false, + defaultValue: 'synced', + validate: { + isIn: { + args: [['synced', 'pending', 'conflict', 'error']], + msg: 'Sync status must be synced, pending, conflict, or error', + }, + }, + }, + conflict_local_version: { + type: DataTypes.JSON, + allowNull: true, + }, + conflict_remote_version: { + type: DataTypes.JSON, + allowNull: true, + }, + conflict_detected_at: { + type: DataTypes.DATE, + allowNull: true, + }, + }, + { + tableName: 'caldav_sync_state', + timestamps: true, + createdAt: 'created_at', + updatedAt: 'updated_at', + underscored: true, + indexes: [ + { + fields: ['task_id'], + }, + { + fields: ['calendar_id'], + }, + { + fields: ['etag'], + }, + { + fields: ['sync_status'], + }, + { + fields: ['task_id', 'calendar_id'], + unique: true, + }, + ], + } + ); + + CalDAVSyncState.associate = function (models) { + CalDAVSyncState.belongsTo(models.Task, { + foreignKey: 'task_id', + as: 'task', + }); + + CalDAVSyncState.belongsTo(models.CalDAVCalendar, { + foreignKey: 'calendar_id', + as: 'calendar', + }); + }; + + return CalDAVSyncState; +}; diff --git a/backend/models/index.js b/backend/models/index.js index 436fb57..54c43e0 100644 --- a/backend/models/index.js +++ b/backend/models/index.js @@ -71,6 +71,12 @@ const Backup = require('./backup')(sequelize); const OIDCIdentity = require('./oidc_identity')(sequelize); const OIDCStateNonce = require('./oidc_state_nonce')(sequelize); const AuthAuditLog = require('./auth_audit_log')(sequelize); +const CalDAVCalendar = require('./caldav_calendar')(sequelize); +const CalDAVSyncState = require('./caldav_sync_state')(sequelize); +const CalDAVOccurrenceOverride = require('./caldav_occurrence_override')( + sequelize +); +const CalDAVRemoteCalendar = require('./caldav_remote_calendar')(sequelize); User.hasMany(Area, { foreignKey: 'user_id' }); Area.belongsTo(User, { foreignKey: 'user_id' }); @@ -198,6 +204,55 @@ OIDCIdentity.belongsTo(User, { foreignKey: 'user_id', as: 'User' }); // Auth audit log associations AuthAuditLog.belongsTo(User, { foreignKey: 'user_id', as: 'User' }); +// CalDAV associations +User.hasMany(CalDAVCalendar, { foreignKey: 'user_id', as: 'CalDAVCalendars' }); +CalDAVCalendar.belongsTo(User, { foreignKey: 'user_id', as: 'User' }); + +CalDAVCalendar.hasMany(CalDAVSyncState, { + foreignKey: 'calendar_id', + as: 'SyncStates', +}); +CalDAVSyncState.belongsTo(CalDAVCalendar, { + foreignKey: 'calendar_id', + as: 'Calendar', +}); +Task.hasMany(CalDAVSyncState, { + foreignKey: 'task_id', + as: 'CalDAVSyncStates', +}); +CalDAVSyncState.belongsTo(Task, { foreignKey: 'task_id', as: 'Task' }); + +CalDAVCalendar.hasMany(CalDAVOccurrenceOverride, { + foreignKey: 'calendar_id', + as: 'OccurrenceOverrides', +}); +CalDAVOccurrenceOverride.belongsTo(CalDAVCalendar, { + foreignKey: 'calendar_id', + as: 'Calendar', +}); +Task.hasMany(CalDAVOccurrenceOverride, { + foreignKey: 'parent_task_id', + as: 'CalDAVOccurrenceOverrides', +}); +CalDAVOccurrenceOverride.belongsTo(Task, { + foreignKey: 'parent_task_id', + as: 'ParentTask', +}); + +User.hasMany(CalDAVRemoteCalendar, { + foreignKey: 'user_id', + as: 'CalDAVRemoteCalendars', +}); +CalDAVRemoteCalendar.belongsTo(User, { foreignKey: 'user_id', as: 'User' }); +CalDAVRemoteCalendar.belongsTo(CalDAVCalendar, { + foreignKey: 'local_calendar_id', + as: 'LocalCalendar', +}); +CalDAVCalendar.hasOne(CalDAVRemoteCalendar, { + foreignKey: 'local_calendar_id', + as: 'RemoteCalendar', +}); + module.exports = { sequelize, User, @@ -221,4 +276,8 @@ module.exports = { OIDCIdentity, OIDCStateNonce, AuthAuditLog, + CalDAVCalendar, + CalDAVSyncState, + CalDAVOccurrenceOverride, + CalDAVRemoteCalendar, }; diff --git a/backend/modules/auth/controller.js b/backend/modules/auth/controller.js index 08a624c..5644f91 100644 --- a/backend/modules/auth/controller.js +++ b/backend/modules/auth/controller.js @@ -3,6 +3,7 @@ const authService = require('./service'); const { logError } = require('../../services/logService'); const { generateToken } = require('../../middleware/csrf'); +const { isPasswordAuthEnabled } = require('../../config/authConfig'); const authController = { getVersion(req, res) { @@ -18,6 +19,14 @@ const authController = { } }, + getPasswordAuthStatus(req, res, next) { + try { + res.json({ enabled: isPasswordAuthEnabled() }); + } catch (error) { + next(error); + } + }, + async register(req, res, next) { try { const { email, password } = req.body; @@ -31,6 +40,9 @@ const authController = { if (error.statusCode === 400) { return res.status(400).json({ error: error.message }); } + if (error.statusCode === 403) { + return res.status(403).json({ error: error.message }); + } if ( error.message === 'Failed to send verification email. Please try again later.' diff --git a/backend/modules/auth/routes.js b/backend/modules/auth/routes.js index 4af800e..11c86c1 100644 --- a/backend/modules/auth/routes.js +++ b/backend/modules/auth/routes.js @@ -3,11 +3,16 @@ const express = require('express'); const router = express.Router(); const authController = require('./controller'); -const { authLimiter } = require('../../middleware/rateLimiter'); +const { authLimiter, apiLimiter } = require('../../middleware/rateLimiter'); const { csrfMiddleware } = require('../../middleware/csrf'); router.get('/version', authController.getVersion); router.get('/registration-status', authController.getRegistrationStatus); +router.get( + '/password-auth-status', + apiLimiter, + authController.getPasswordAuthStatus +); router.get('/csrf-token', csrfMiddleware, authController.getCsrfToken); router.post('/register', authLimiter, authController.register); router.get('/verify-email', authLimiter, authController.verifyEmail); diff --git a/backend/modules/auth/service.js b/backend/modules/auth/service.js index 3fc3cc2..841817a 100644 --- a/backend/modules/auth/service.js +++ b/backend/modules/auth/service.js @@ -4,6 +4,7 @@ const { User, sequelize } = require('../../models'); const { isAdmin } = require('../../services/rolesService'); const { logError } = require('../../services/logService'); const { getConfig } = require('../../config/config'); +const { isPasswordAuthEnabled } = require('../../config/authConfig'); const { isRegistrationEnabled, createUnverifiedUser, @@ -31,6 +32,13 @@ class AuthService { const transaction = await sequelize.transaction(); try { + if (!isPasswordAuthEnabled()) { + await transaction.rollback(); + throw new ForbiddenError( + 'Password registration is disabled. Please use SSO to sign in.' + ); + } + if (!(await isRegistrationEnabled())) { await transaction.rollback(); throw new NotFoundError('Registration is not enabled'); @@ -149,6 +157,12 @@ class AuthService { } async login(email, password, session) { + if (!isPasswordAuthEnabled()) { + throw new ForbiddenError( + 'Password login is disabled. Please use SSO to sign in.' + ); + } + if (!email || !password) { throw new ValidationError('Invalid login parameters.'); } diff --git a/backend/modules/caldav/api/calendar-controller.js b/backend/modules/caldav/api/calendar-controller.js new file mode 100644 index 0000000..d624368 --- /dev/null +++ b/backend/modules/caldav/api/calendar-controller.js @@ -0,0 +1,211 @@ +const { AppError } = require('../../../shared/errors/AppError'); +const CalendarRepository = require('../repositories/calendar-repository'); +const SyncStateRepository = require('../repositories/sync-state-repository'); +const { uid } = require('../../../utils/uid'); + +class CalendarController { + async listCalendars(req, res) { + const userId = req.currentUser.id; + + const calendars = await CalendarRepository.findByUserId(userId); + + const calendarsWithStats = await Promise.all( + calendars.map(async (calendar) => { + const stats = await SyncStateRepository.getSyncStats( + calendar.id + ); + return { + ...calendar.toJSON(), + stats, + }; + }) + ); + + res.json(calendarsWithStats); + } + + async getCalendar(req, res) { + const { id } = req.params; + const userId = req.currentUser.id; + + const calendar = await CalendarRepository.findById(id); + + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + const stats = await SyncStateRepository.getSyncStats(calendar.id); + + res.json({ + ...calendar.toJSON(), + stats, + }); + } + + async createCalendar(req, res) { + const userId = req.currentUser.id; + const { + name, + description, + color, + enabled = true, + sync_direction = 'bidirectional', + sync_interval_minutes = 15, + conflict_resolution = 'last_write_wins', + } = req.body; + + if (!name) { + throw new AppError('Calendar name is required', 400); + } + + const validDirections = ['bidirectional', 'pull', 'push']; + if (!validDirections.includes(sync_direction)) { + throw new AppError( + `Invalid sync direction. Must be one of: ${validDirections.join(', ')}`, + 400 + ); + } + + const validResolutions = [ + 'last_write_wins', + 'local_wins', + 'remote_wins', + 'manual', + ]; + if (!validResolutions.includes(conflict_resolution)) { + throw new AppError( + `Invalid conflict resolution. Must be one of: ${validResolutions.join(', ')}`, + 400 + ); + } + + if ( + !Number.isInteger(sync_interval_minutes) || + sync_interval_minutes < 1 || + sync_interval_minutes > 1440 + ) { + throw new AppError( + 'Sync interval must be between 1 and 1440 minutes', + 400 + ); + } + + const calendar = await CalendarRepository.create({ + uid: uid(), + user_id: userId, + name, + description: description || null, + color: color || null, + enabled, + sync_direction, + sync_interval_minutes, + conflict_resolution, + }); + + res.status(201).json(calendar); + } + + async updateCalendar(req, res) { + const { id } = req.params; + const userId = req.currentUser.id; + + const calendar = await CalendarRepository.findById(id); + + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + const { + name, + description, + color, + enabled, + sync_direction, + sync_interval_minutes, + conflict_resolution, + } = req.body; + + const updates = {}; + + if (name !== undefined) updates.name = name; + if (description !== undefined) updates.description = description; + if (color !== undefined) updates.color = color; + if (enabled !== undefined) updates.enabled = enabled; + if (sync_direction !== undefined) { + const validDirections = ['bidirectional', 'pull', 'push']; + if (!validDirections.includes(sync_direction)) { + throw new AppError( + `Invalid sync direction. Must be one of: ${validDirections.join(', ')}`, + 400 + ); + } + updates.sync_direction = sync_direction; + } + if (sync_interval_minutes !== undefined) { + if ( + !Number.isInteger(sync_interval_minutes) || + sync_interval_minutes < 1 || + sync_interval_minutes > 1440 + ) { + throw new AppError( + 'Sync interval must be between 1 and 1440 minutes', + 400 + ); + } + updates.sync_interval_minutes = sync_interval_minutes; + } + if (conflict_resolution !== undefined) { + const validResolutions = [ + 'last_write_wins', + 'local_wins', + 'remote_wins', + 'manual', + ]; + if (!validResolutions.includes(conflict_resolution)) { + throw new AppError( + `Invalid conflict resolution. Must be one of: ${validResolutions.join(', ')}`, + 400 + ); + } + updates.conflict_resolution = conflict_resolution; + } + + const updatedCalendar = await CalendarRepository.update( + calendar, + updates + ); + + res.json(updatedCalendar); + } + + async deleteCalendar(req, res) { + const { id } = req.params; + const userId = req.currentUser.id; + + const calendar = await CalendarRepository.findById(id); + + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + await SyncStateRepository.deleteByCalendarId(calendar.id); + + await CalendarRepository.delete(calendar); + + res.status(204).send(); + } +} + +module.exports = new CalendarController(); diff --git a/backend/modules/caldav/api/remote-calendar-controller.js b/backend/modules/caldav/api/remote-calendar-controller.js new file mode 100644 index 0000000..92f914c --- /dev/null +++ b/backend/modules/caldav/api/remote-calendar-controller.js @@ -0,0 +1,388 @@ +const axios = require('axios'); +const { URL } = require('url'); +const { AppError } = require('../../../shared/errors/AppError'); +const RemoteCalendarRepository = require('../repositories/remote-calendar-repository'); +const CalendarRepository = require('../repositories/calendar-repository'); +const encryptionService = require('../services/encryption-service'); + +function isPrivateOrLocalhost(hostname) { + if (!hostname) return true; + + const lower = hostname.toLowerCase(); + + if (lower === 'localhost' || lower === '127.0.0.1' || lower === '::1') { + return true; + } + + if (lower.startsWith('192.168.') || lower.startsWith('10.')) { + return true; + } + + if (lower.startsWith('172.')) { + const parts = lower.split('.'); + const second = parseInt(parts[1], 10); + if (second >= 16 && second <= 31) { + return true; + } + } + + if (lower.startsWith('169.254.')) { + return true; + } + + if ( + lower.startsWith('[::1]') || + lower.startsWith('[fc') || + lower.startsWith('[fd') + ) { + return true; + } + + return false; +} + +function validateCalDAVUrl(urlString) { + try { + const url = new URL(urlString); + + if (!['http:', 'https:'].includes(url.protocol)) { + throw new AppError( + 'Only HTTP and HTTPS protocols are allowed', + 400 + ); + } + + if (isPrivateOrLocalhost(url.hostname)) { + throw new AppError( + 'Cannot connect to private, local, or internal network addresses', + 400 + ); + } + + return url.href; + } catch (error) { + if (error instanceof AppError) { + throw error; + } + throw new AppError('Invalid URL format', 400); + } +} + +class RemoteCalendarController { + async listRemoteCalendars(req, res) { + const userId = req.currentUser.id; + + const remoteCalendars = + await RemoteCalendarRepository.findByUserId(userId); + + const sanitizedCalendars = remoteCalendars.map((rc) => { + const json = rc.toJSON(); + delete json.password_encrypted; + return json; + }); + + res.json(sanitizedCalendars); + } + + async getRemoteCalendar(req, res) { + const { id } = req.params; + const userId = req.currentUser.id; + + const remoteCalendar = await RemoteCalendarRepository.findById(id); + + if (!remoteCalendar) { + throw new AppError('Remote calendar not found', 404); + } + + if (remoteCalendar.user_id !== userId) { + throw new AppError('Unauthorized access to remote calendar', 403); + } + + const json = remoteCalendar.toJSON(); + delete json.password_encrypted; + + res.json(json); + } + + async createRemoteCalendar(req, res) { + const userId = req.currentUser.id; + const { + local_calendar_id, + name, + server_url, + calendar_path, + username, + password, + auth_type = 'basic', + enabled = true, + sync_direction = 'bidirectional', + } = req.body; + + if ( + !local_calendar_id || + !name || + !server_url || + !calendar_path || + !username || + !password + ) { + throw new AppError( + 'Missing required fields: local_calendar_id, name, server_url, calendar_path, username, password', + 400 + ); + } + + const localCalendar = + await CalendarRepository.findById(local_calendar_id); + if (!localCalendar) { + throw new AppError('Local calendar not found', 404); + } + + if (localCalendar.user_id !== userId) { + throw new AppError('Unauthorized access to local calendar', 403); + } + + const existing = + await RemoteCalendarRepository.findByLocalCalendarId( + local_calendar_id + ); + if (existing) { + throw new AppError( + 'Remote calendar already configured for this local calendar', + 409 + ); + } + + const validAuthTypes = ['basic', 'bearer']; + if (!validAuthTypes.includes(auth_type)) { + throw new AppError( + `Invalid auth type. Must be one of: ${validAuthTypes.join(', ')}`, + 400 + ); + } + + const validDirections = ['bidirectional', 'pull', 'push']; + if (!validDirections.includes(sync_direction)) { + throw new AppError( + `Invalid sync direction. Must be one of: ${validDirections.join(', ')}`, + 400 + ); + } + + const baseUrl = server_url.replace(/\/$/, ''); + const path = calendar_path.startsWith('/') + ? calendar_path + : `/${calendar_path}`; + const fullUrl = `${baseUrl}${path}`; + + validateCalDAVUrl(fullUrl); + + const passwordEncrypted = encryptionService.encrypt(password); + + const remoteCalendar = await RemoteCalendarRepository.create({ + user_id: userId, + local_calendar_id, + name, + server_url: baseUrl, + calendar_path: path, + username, + password_encrypted: passwordEncrypted, + auth_type, + enabled, + sync_direction, + }); + + const json = remoteCalendar.toJSON(); + delete json.password_encrypted; + + res.status(201).json(json); + } + + async updateRemoteCalendar(req, res) { + const { id } = req.params; + const userId = req.currentUser.id; + + const remoteCalendar = await RemoteCalendarRepository.findById(id); + + if (!remoteCalendar) { + throw new AppError('Remote calendar not found', 404); + } + + if (remoteCalendar.user_id !== userId) { + throw new AppError('Unauthorized access to remote calendar', 403); + } + + const { + name, + server_url, + calendar_path, + username, + password, + auth_type, + enabled, + sync_direction, + } = req.body; + + const updates = {}; + + if (name !== undefined) updates.name = name; + + const newServerUrl = + server_url !== undefined ? server_url.replace(/\/$/, '') : null; + const newCalendarPath = + calendar_path !== undefined + ? calendar_path.startsWith('/') + ? calendar_path + : `/${calendar_path}` + : null; + + if (newServerUrl || newCalendarPath) { + const finalServerUrl = newServerUrl || remoteCalendar.server_url; + const finalCalendarPath = + newCalendarPath || remoteCalendar.calendar_path; + const fullUrl = `${finalServerUrl}${finalCalendarPath}`; + + validateCalDAVUrl(fullUrl); + + if (newServerUrl) updates.server_url = newServerUrl; + if (newCalendarPath) updates.calendar_path = newCalendarPath; + } + + if (username !== undefined) updates.username = username; + if (password !== undefined) { + updates.password_encrypted = encryptionService.encrypt(password); + } + if (auth_type !== undefined) { + const validAuthTypes = ['basic', 'bearer']; + if (!validAuthTypes.includes(auth_type)) { + throw new AppError( + `Invalid auth type. Must be one of: ${validAuthTypes.join(', ')}`, + 400 + ); + } + updates.auth_type = auth_type; + } + if (enabled !== undefined) updates.enabled = enabled; + if (sync_direction !== undefined) { + const validDirections = ['bidirectional', 'pull', 'push']; + if (!validDirections.includes(sync_direction)) { + throw new AppError( + `Invalid sync direction. Must be one of: ${validDirections.join(', ')}`, + 400 + ); + } + updates.sync_direction = sync_direction; + } + + const updatedRemoteCalendar = await RemoteCalendarRepository.update( + remoteCalendar, + updates + ); + + const json = updatedRemoteCalendar.toJSON(); + delete json.password_encrypted; + + res.json(json); + } + + async deleteRemoteCalendar(req, res) { + const { id } = req.params; + const userId = req.currentUser.id; + + const remoteCalendar = await RemoteCalendarRepository.findById(id); + + if (!remoteCalendar) { + throw new AppError('Remote calendar not found', 404); + } + + if (remoteCalendar.user_id !== userId) { + throw new AppError('Unauthorized access to remote calendar', 403); + } + + await RemoteCalendarRepository.delete(remoteCalendar); + + res.status(204).send(); + } + + async testConnection(req, res) { + const userId = req.currentUser.id; + const { server_url, calendar_path, username, password, auth_type } = + req.body; + + if (!server_url || !calendar_path || !username || !password) { + throw new AppError( + 'Missing required fields: server_url, calendar_path, username, password', + 400 + ); + } + + try { + const baseUrl = server_url.replace(/\/$/, ''); + const path = calendar_path.startsWith('/') + ? calendar_path + : `/${calendar_path}`; + const testUrl = `${baseUrl}${path}`; + + const validatedUrl = validateCalDAVUrl(testUrl); + + const parsedUrl = new URL(validatedUrl); + if (isPrivateOrLocalhost(parsedUrl.hostname)) { + throw new AppError( + 'Cannot connect to private, local, or internal network addresses', + 400 + ); + } + + const authConfig = + auth_type === 'bearer' + ? { headers: { Authorization: `Bearer ${password}` } } + : { auth: { username, password } }; + + // lgtm[js/request-forgery] + // SSRF protection implemented: URL validated via validateCalDAVUrl() and + // isPrivateOrLocalhost(), only HTTP/HTTPS allowed, redirects disabled + // + const response = await axios({ + method: 'OPTIONS', + url: validatedUrl, + ...authConfig, + timeout: parseInt( + process.env.CALDAV_REQUEST_TIMEOUT || '30000', + 10 + ), + maxRedirects: 0, + }); + + const davHeader = response.headers.dav || ''; + const supportsCalDAV = + davHeader.includes('calendar-access') || + davHeader.includes('1'); + + res.json({ + success: true, + status: response.status, + supportsCalDAV, + davCapabilities: davHeader, + message: supportsCalDAV + ? 'Connection successful - CalDAV supported' + : 'Connection successful - CalDAV support unclear', + }); + } catch (error) { + if (error.response?.status === 401) { + throw new AppError('Authentication failed', 401); + } + + if (error.response?.status === 404) { + throw new AppError('Calendar path not found', 404); + } + + if (error.code === 'ENOTFOUND' || error.code === 'ECONNREFUSED') { + throw new AppError('Unable to reach server', 503); + } + + throw new AppError(`Connection test failed: ${error.message}`, 500); + } + } +} + +module.exports = new RemoteCalendarController(); diff --git a/backend/modules/caldav/api/routes.js b/backend/modules/caldav/api/routes.js new file mode 100644 index 0000000..9351631 --- /dev/null +++ b/backend/modules/caldav/api/routes.js @@ -0,0 +1,38 @@ +const express = require('express'); +const router = express.Router(); +const calendarController = require('./calendar-controller'); +const remoteCalendarController = require('./remote-calendar-controller'); +const syncController = require('./sync-controller'); + +router.get('/calendars', calendarController.listCalendars); +router.get('/calendars/:id', calendarController.getCalendar); +router.post('/calendars', calendarController.createCalendar); +router.put('/calendars/:id', calendarController.updateCalendar); +router.delete('/calendars/:id', calendarController.deleteCalendar); + +router.get('/remote-calendars', remoteCalendarController.listRemoteCalendars); +router.get('/remote-calendars/:id', remoteCalendarController.getRemoteCalendar); +router.post('/remote-calendars', remoteCalendarController.createRemoteCalendar); +router.put( + '/remote-calendars/:id', + remoteCalendarController.updateRemoteCalendar +); +router.delete( + '/remote-calendars/:id', + remoteCalendarController.deleteRemoteCalendar +); +router.post( + '/remote-calendars/test-connection', + remoteCalendarController.testConnection +); + +router.post('/sync/calendars/:id', syncController.syncCalendar); +router.post('/sync/all', syncController.syncAllCalendars); +router.get('/sync/status/:id', syncController.getSyncStatus); +router.get('/sync/scheduler/status', syncController.getSchedulerStatus); + +router.get('/conflicts', syncController.listConflicts); +router.get('/conflicts/:taskId', syncController.getConflict); +router.post('/conflicts/:taskId/resolve', syncController.resolveConflict); + +module.exports = router; diff --git a/backend/modules/caldav/api/sync-controller.js b/backend/modules/caldav/api/sync-controller.js new file mode 100644 index 0000000..ef4f843 --- /dev/null +++ b/backend/modules/caldav/api/sync-controller.js @@ -0,0 +1,170 @@ +const { AppError } = require('../../../shared/errors/AppError'); +const syncScheduler = require('../services/sync-scheduler'); +const syncEngine = require('../sync/sync-engine'); +const MergePhase = require('../sync/merge-phase'); +const CalendarRepository = require('../repositories/calendar-repository'); +const SyncStateRepository = require('../repositories/sync-state-repository'); + +class SyncController { + async syncCalendar(req, res) { + const { id } = req.params; + const userId = req.currentUser.id; + const { direction = 'bidirectional', dryRun = false } = req.body; + + const calendar = await CalendarRepository.findById(id); + + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + const result = await syncEngine.syncCalendar(calendar.id, userId, { + direction, + dryRun, + }); + + res.json(result); + } + + async syncAllCalendars(req, res) { + const userId = req.currentUser.id; + const { force = false, dryRun = false } = req.body; + + const result = await syncScheduler.syncUserCalendars(userId, { + force, + dryRun, + }); + + res.json(result); + } + + async getSyncStatus(req, res) { + const { id } = req.params; + const userId = req.currentUser.id; + + const calendar = await CalendarRepository.findById(id); + + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + const status = await syncEngine.getSyncStatus(calendar.id, userId); + + res.json(status); + } + + async listConflicts(req, res) { + const userId = req.currentUser.id; + const { calendarId } = req.query; + + let conflicts; + if (calendarId) { + const calendar = await CalendarRepository.findById(calendarId); + + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + conflicts = await SyncStateRepository.findConflicts(calendarId); + } else { + conflicts = await SyncStateRepository.findConflictsByUser(userId); + } + + res.json(conflicts); + } + + async getConflict(req, res) { + const { taskId } = req.params; + const userId = req.currentUser.id; + const { calendarId } = req.query; + + if (!calendarId) { + throw new AppError('calendarId query parameter is required', 400); + } + + const calendar = await CalendarRepository.findById(calendarId); + + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + const conflict = await SyncStateRepository.findByTaskAndCalendar( + taskId, + calendarId + ); + + if (!conflict || conflict.sync_status !== 'conflict') { + throw new AppError('No conflict found for this task', 404); + } + + res.json(conflict); + } + + async resolveConflict(req, res) { + const { taskId } = req.params; + const userId = req.currentUser.id; + const { calendarId, resolution } = req.body; + + if (!calendarId) { + throw new AppError('calendarId is required', 400); + } + + if (!resolution) { + throw new AppError('resolution is required', 400); + } + + const validResolutions = ['local', 'remote']; + if (!validResolutions.includes(resolution)) { + throw new AppError( + `Invalid resolution. Must be one of: ${validResolutions.join(', ')}`, + 400 + ); + } + + const calendar = await CalendarRepository.findById(calendarId); + + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + const mergePhase = new MergePhase(); + const resolvedTask = await mergePhase.resolveConflict( + taskId, + calendarId, + resolution + ); + + res.json({ + success: true, + task: resolvedTask, + resolution, + }); + } + + async getSchedulerStatus(req, res) { + const status = syncScheduler.getStatus(); + + res.json(status); + } +} + +module.exports = new SyncController(); diff --git a/backend/modules/caldav/icalendar/field-mappings.js b/backend/modules/caldav/icalendar/field-mappings.js new file mode 100644 index 0000000..7db26f3 --- /dev/null +++ b/backend/modules/caldav/icalendar/field-mappings.js @@ -0,0 +1,70 @@ +const STATUS_TUDUDI_TO_ICAL = { + 0: 'NEEDS-ACTION', + 1: 'IN-PROCESS', + 2: 'COMPLETED', + 3: 'COMPLETED', + 4: 'NEEDS-ACTION', + 5: 'CANCELLED', + 6: 'NEEDS-ACTION', +}; + +const STATUS_ICAL_TO_TUDUDI = { + 'NEEDS-ACTION': 0, + 'IN-PROCESS': 1, + COMPLETED: 2, + CANCELLED: 5, +}; + +function tududiToIcalPriority(priority) { + if (priority === null || priority === undefined) { + return 0; + } + + if (priority === 0) return 7; + if (priority === 1) return 5; + if (priority === 2) return 3; + return 0; +} + +function icalToTududiPriority(priority) { + if (!priority || priority === 0) { + return 0; + } + + if (priority <= 3) { + return 2; + } + if (priority <= 6) { + return 1; + } + return 0; +} + +const WEEKDAY_MAP = { + 0: 'SU', + 1: 'MO', + 2: 'TU', + 3: 'WE', + 4: 'TH', + 5: 'FR', + 6: 'SA', +}; + +const WEEKDAY_REVERSE_MAP = { + SU: 0, + MO: 1, + TU: 2, + WE: 3, + TH: 4, + FR: 5, + SA: 6, +}; + +module.exports = { + STATUS_TUDUDI_TO_ICAL, + STATUS_ICAL_TO_TUDUDI, + tududiToIcalPriority, + icalToTududiPriority, + WEEKDAY_MAP, + WEEKDAY_REVERSE_MAP, +}; diff --git a/backend/modules/caldav/icalendar/rrule-generator.js b/backend/modules/caldav/icalendar/rrule-generator.js new file mode 100644 index 0000000..ce88cf6 --- /dev/null +++ b/backend/modules/caldav/icalendar/rrule-generator.js @@ -0,0 +1,105 @@ +const ICAL = require('ical.js'); +const { WEEKDAY_MAP } = require('./field-mappings'); + +function generateRRULE(task) { + if (!task.recurrence_type || task.recurrence_type === 'none') { + return null; + } + + const parts = []; + + switch (task.recurrence_type) { + case 'daily': + parts.push('FREQ=DAILY'); + if (task.recurrence_interval && task.recurrence_interval > 1) { + parts.push(`INTERVAL=${task.recurrence_interval}`); + } + break; + + case 'weekly': + parts.push('FREQ=WEEKLY'); + if (task.recurrence_interval && task.recurrence_interval > 1) { + parts.push(`INTERVAL=${task.recurrence_interval}`); + } + if ( + task.recurrence_weekdays && + task.recurrence_weekdays.length > 0 + ) { + const weekdaysArray = + typeof task.recurrence_weekdays === 'string' + ? JSON.parse(task.recurrence_weekdays) + : task.recurrence_weekdays; + + const days = weekdaysArray + .map((d) => WEEKDAY_MAP[d]) + .filter(Boolean) + .join(','); + if (days) { + parts.push(`BYDAY=${days}`); + } + } + break; + + case 'monthly': + parts.push('FREQ=MONTHLY'); + if (task.recurrence_interval && task.recurrence_interval > 1) { + parts.push(`INTERVAL=${task.recurrence_interval}`); + } + if (task.recurrence_month_day) { + parts.push(`BYMONTHDAY=${task.recurrence_month_day}`); + } + break; + + case 'monthly_weekday': + parts.push('FREQ=MONTHLY'); + if (task.recurrence_interval && task.recurrence_interval > 1) { + parts.push(`INTERVAL=${task.recurrence_interval}`); + } + if ( + task.recurrence_week_of_month && + task.recurrence_weekday !== null + ) { + const day = WEEKDAY_MAP[task.recurrence_weekday]; + if (day) { + parts.push(`BYDAY=${task.recurrence_week_of_month}${day}`); + } + } + break; + + case 'monthly_last_day': + parts.push('FREQ=MONTHLY'); + if (task.recurrence_interval && task.recurrence_interval > 1) { + parts.push(`INTERVAL=${task.recurrence_interval}`); + } + parts.push('BYMONTHDAY=-1'); + break; + + case 'yearly': + parts.push('FREQ=YEARLY'); + if (task.recurrence_interval && task.recurrence_interval > 1) { + parts.push(`INTERVAL=${task.recurrence_interval}`); + } + break; + + default: + return null; + } + + if (task.recurrence_count && task.recurrence_count > 0) { + parts.push(`COUNT=${task.recurrence_count}`); + } else if (task.recurrence_end_date) { + try { + const endDate = new Date(task.recurrence_end_date); + const until = ICAL.Time.fromJSDate(endDate, true); + parts.push(`UNTIL=${until.toICALString()}`); + } catch (error) { + console.error('Error formatting UNTIL date:', error); + } + } + + return parts.length > 0 ? parts.join(';') : null; +} + +module.exports = { + generateRRULE, +}; diff --git a/backend/modules/caldav/icalendar/rrule-parser.js b/backend/modules/caldav/icalendar/rrule-parser.js new file mode 100644 index 0000000..e2423d1 --- /dev/null +++ b/backend/modules/caldav/icalendar/rrule-parser.js @@ -0,0 +1,115 @@ +const { WEEKDAY_REVERSE_MAP } = require('./field-mappings'); + +function parseRRULE(rruleString) { + if (!rruleString) { + return null; + } + + try { + const parts = rruleString.split(';'); + const rruleData = {}; + + parts.forEach((part) => { + const [key, value] = part.split('='); + rruleData[key] = value; + }); + + const result = { + recurrence_type: null, + recurrence_interval: 1, + recurrence_end_date: null, + recurrence_count: null, + recurrence_weekdays: null, + recurrence_month_day: null, + recurrence_weekday: null, + recurrence_week_of_month: null, + }; + + if (!rruleData.FREQ) { + return null; + } + + if (rruleData.INTERVAL) { + result.recurrence_interval = parseInt(rruleData.INTERVAL, 10); + } + + if (rruleData.COUNT) { + result.recurrence_count = parseInt(rruleData.COUNT, 10); + } + + if (rruleData.UNTIL) { + try { + const until = rruleData.UNTIL; + result.recurrence_end_date = new Date( + until.replace( + /(\d{4})(\d{2})(\d{2})T(\d{2})(\d{2})(\d{2})Z?/, + '$1-$2-$3T$4:$5:$6Z' + ) + ); + } catch (error) { + console.error('Error parsing UNTIL:', error); + } + } + + switch (rruleData.FREQ) { + case 'DAILY': + result.recurrence_type = 'daily'; + break; + + case 'WEEKLY': + result.recurrence_type = 'weekly'; + if (rruleData.BYDAY) { + const days = rruleData.BYDAY.split(',') + .map((day) => { + const cleanDay = day.replace(/[0-9-]/g, ''); + return WEEKDAY_REVERSE_MAP[cleanDay]; + }) + .filter((d) => d !== undefined); + result.recurrence_weekdays = days; + } + break; + + case 'MONTHLY': + if (rruleData.BYDAY) { + result.recurrence_type = 'monthly_weekday'; + const byDayMatch = + rruleData.BYDAY.match(/(-?\d+)([A-Z]{2})/); + if (byDayMatch) { + result.recurrence_week_of_month = parseInt( + byDayMatch[1], + 10 + ); + result.recurrence_weekday = + WEEKDAY_REVERSE_MAP[byDayMatch[2]]; + } + } else if (rruleData.BYMONTHDAY === '-1') { + result.recurrence_type = 'monthly_last_day'; + } else if (rruleData.BYMONTHDAY) { + result.recurrence_type = 'monthly'; + result.recurrence_month_day = parseInt( + rruleData.BYMONTHDAY, + 10 + ); + } else { + result.recurrence_type = 'monthly'; + } + break; + + case 'YEARLY': + result.recurrence_type = 'yearly'; + break; + + default: + return null; + } + + return result; + } catch (error) { + console.error('Error parsing RRULE:', error); + return null; + } +} + +module.exports = { + parseRRULE, +}; diff --git a/backend/modules/caldav/icalendar/vtodo-parser.js b/backend/modules/caldav/icalendar/vtodo-parser.js new file mode 100644 index 0000000..1d8b965 --- /dev/null +++ b/backend/modules/caldav/icalendar/vtodo-parser.js @@ -0,0 +1,229 @@ +const ICAL = require('ical.js'); +const { + STATUS_ICAL_TO_TUDUDI, + icalToTududiPriority, +} = require('./field-mappings'); +const { parseRRULE } = require('./rrule-parser'); + +async function parseVTODOToTask(vtodoString) { + try { + const jcalData = ICAL.parse(vtodoString); + const comp = new ICAL.Component(jcalData); + const vtodo = comp.getFirstSubcomponent('vtodo'); + + if (!vtodo) { + throw new Error('No VTODO component found'); + } + + const task = { + uid: null, + name: null, + note: null, + due_date: null, + defer_until: null, + completed_at: null, + status: 0, + priority: 0, + recurrence_type: 'none', + recurrence_interval: null, + recurrence_end_date: null, + recurrence_weekdays: null, + recurrence_month_day: null, + recurrence_weekday: null, + recurrence_week_of_month: null, + parent_task_uid: null, + project_uid: null, + tag_names: [], + habit_mode: false, + habit_current_streak: 0, + habit_total_completions: 0, + order: null, + }; + + const uid = vtodo.getFirstPropertyValue('uid'); + if (uid) { + task.uid = uid; + } + + const summary = vtodo.getFirstPropertyValue('summary'); + if (summary) { + task.name = summary; + } + + const description = vtodo.getFirstPropertyValue('description'); + if (description) { + task.note = description; + } + + const status = vtodo.getFirstPropertyValue('status'); + if (status) { + task.status = STATUS_ICAL_TO_TUDUDI[status] || 0; + } + + const priority = vtodo.getFirstPropertyValue('priority'); + if (priority !== null && priority !== undefined) { + task.priority = icalToTududiPriority(priority); + } + + const due = vtodo.getFirstPropertyValue('due'); + if (due) { + if (due.isDate) { + const year = due.year; + const month = due.month - 1; + const day = due.day; + task.due_date = new Date( + Date.UTC(year, month, day, 0, 0, 0, 0) + ); + } else { + task.due_date = due.toJSDate(); + } + } + + const dtstart = vtodo.getFirstPropertyValue('dtstart'); + if (dtstart) { + if (dtstart.isDate) { + const year = dtstart.year; + const month = dtstart.month - 1; + const day = dtstart.day; + task.defer_until = new Date( + Date.UTC(year, month, day, 0, 0, 0, 0) + ); + } else { + task.defer_until = dtstart.toJSDate(); + } + } + + const completed = vtodo.getFirstPropertyValue('completed'); + if (completed) { + task.completed_at = completed.toJSDate(); + } + + const rrule = vtodo.getFirstPropertyValue('rrule'); + if (rrule) { + const recurrenceData = parseRRULE(rrule.toString()); + if (recurrenceData) { + Object.assign(task, recurrenceData); + } + } + + const relatedTo = vtodo.getFirstPropertyValue('related-to'); + if (relatedTo) { + task.parent_task_uid = relatedTo; + } + + const projectUid = vtodo.getFirstPropertyValue('x-tududi-project-uid'); + if (projectUid) { + task.project_uid = projectUid; + } + + const categories = vtodo.getFirstPropertyValue('categories'); + if (categories) { + if (Array.isArray(categories)) { + task.tag_names = categories; + } else if (typeof categories === 'string') { + task.tag_names = categories.split(',').map((t) => t.trim()); + } else { + task.tag_names = [categories]; + } + } + + const habitMode = vtodo.getFirstPropertyValue('x-tududi-habit-mode'); + if (habitMode === 'true' || habitMode === true) { + task.habit_mode = true; + + const streak = vtodo.getFirstPropertyValue('x-tududi-habit-streak'); + if (streak) { + task.habit_current_streak = parseInt(streak, 10) || 0; + } + + const completions = vtodo.getFirstPropertyValue( + 'x-tududi-habit-completions' + ); + if (completions) { + task.habit_total_completions = parseInt(completions, 10) || 0; + } + } + + const order = vtodo.getFirstPropertyValue('x-tududi-order'); + if (order) { + task.order = parseInt(order, 10); + } + + return task; + } catch (error) { + console.error('Error parsing VTODO:', error); + throw new Error(`Failed to parse VTODO: ${error.message}`); + } +} + +async function parseRecurrenceOverride(vtodoString) { + try { + const jcalData = ICAL.parse(vtodoString); + const comp = new ICAL.Component(jcalData); + const vtodo = comp.getFirstSubcomponent('vtodo'); + + if (!vtodo) { + throw new Error('No VTODO component found'); + } + + const override = { + uid: null, + recurrence_id: null, + name: null, + due_date: null, + status: 0, + completed_at: null, + }; + + const uid = vtodo.getFirstPropertyValue('uid'); + if (uid) { + override.uid = uid; + } + + const recurrenceId = vtodo.getFirstPropertyValue('recurrence-id'); + if (recurrenceId) { + override.recurrence_id = recurrenceId.toJSDate(); + } + + const summary = vtodo.getFirstPropertyValue('summary'); + if (summary) { + override.name = summary; + } + + const due = vtodo.getFirstPropertyValue('due'); + if (due) { + if (due.isDate) { + const year = due.year; + const month = due.month - 1; + const day = due.day; + override.due_date = new Date( + Date.UTC(year, month, day, 0, 0, 0, 0) + ); + } else { + override.due_date = due.toJSDate(); + } + } + + const status = vtodo.getFirstPropertyValue('status'); + if (status) { + override.status = STATUS_ICAL_TO_TUDUDI[status] || 0; + } + + const completed = vtodo.getFirstPropertyValue('completed'); + if (completed) { + override.completed_at = completed.toJSDate(); + } + + return override; + } catch (error) { + console.error('Error parsing recurrence override:', error); + throw new Error( + `Failed to parse recurrence override: ${error.message}` + ); + } +} + +module.exports = { + parseVTODOToTask, + parseRecurrenceOverride, +}; diff --git a/backend/modules/caldav/icalendar/vtodo-serializer.js b/backend/modules/caldav/icalendar/vtodo-serializer.js new file mode 100644 index 0000000..7768d17 --- /dev/null +++ b/backend/modules/caldav/icalendar/vtodo-serializer.js @@ -0,0 +1,176 @@ +const ICAL = require('ical.js'); +const { + STATUS_TUDUDI_TO_ICAL, + tududiToIcalPriority, +} = require('./field-mappings'); +const { generateRRULE } = require('./rrule-generator'); + +function serializeTaskToVTODO(task, options = {}) { + const comp = new ICAL.Component('vcalendar'); + comp.addPropertyWithValue('version', '2.0'); + comp.addPropertyWithValue('prodid', '-//Tududi//Task Manager//EN'); + comp.addPropertyWithValue('calscale', 'GREGORIAN'); + + const vtodo = new ICAL.Component('vtodo'); + + vtodo.addPropertyWithValue('uid', task.uid); + vtodo.addPropertyWithValue('summary', task.name); + vtodo.addPropertyWithValue('dtstamp', ICAL.Time.now()); + + const status = STATUS_TUDUDI_TO_ICAL[task.status] || 'NEEDS-ACTION'; + vtodo.addPropertyWithValue('status', status); + + if (task.priority !== null && task.priority !== undefined) { + const priority = tududiToIcalPriority(task.priority); + vtodo.addPropertyWithValue('priority', priority); + } + + if (task.due_date) { + try { + const dueTime = ICAL.Time.fromJSDate(new Date(task.due_date), true); + vtodo.addPropertyWithValue('due', dueTime); + } catch (error) { + console.error('Error formatting due date:', error); + } + } + + if (task.defer_until) { + try { + const startTime = ICAL.Time.fromJSDate( + new Date(task.defer_until), + true + ); + vtodo.addPropertyWithValue('dtstart', startTime); + } catch (error) { + console.error('Error formatting defer_until date:', error); + } + } + + if (task.completed_at) { + try { + const completedTime = ICAL.Time.fromJSDate( + new Date(task.completed_at), + true + ); + vtodo.addPropertyWithValue('completed', completedTime); + + if (status === 'COMPLETED') { + vtodo.addPropertyWithValue('percent-complete', 100); + } + } catch (error) { + console.error('Error formatting completed_at date:', error); + } + } + + if (task.note) { + vtodo.addPropertyWithValue('description', task.note); + } + + if (task.recurrence_type && task.recurrence_type !== 'none') { + const rrule = generateRRULE(task); + if (rrule) { + try { + const recur = ICAL.Recur.fromString(rrule); + vtodo.addPropertyWithValue('rrule', recur); + } catch (error) { + console.error('Error parsing RRULE:', error); + } + } + } + + if (task.parent_task_id && task.ParentTask) { + vtodo.addPropertyWithValue('related-to', task.ParentTask.uid); + const relatedProp = vtodo.getFirstProperty('related-to'); + if (relatedProp) { + relatedProp.setParameter('reltype', 'PARENT'); + } + } + + if (task.Project) { + vtodo.addPropertyWithValue('x-tududi-project-uid', task.Project.uid); + if (task.Project.name) { + vtodo.addPropertyWithValue( + 'x-tududi-project-name', + task.Project.name + ); + } + } + + if (task.Tags && task.Tags.length > 0) { + const tagNames = task.Tags.map((t) => t.name).join(','); + vtodo.addPropertyWithValue('categories', tagNames); + + const tagUids = task.Tags.map((t) => t.uid).join(','); + vtodo.addPropertyWithValue('x-tududi-tag-uids', tagUids); + } + + if (task.habit_mode) { + vtodo.addPropertyWithValue('x-tududi-habit-mode', 'true'); + if (task.habit_current_streak !== null) { + vtodo.addPropertyWithValue( + 'x-tududi-habit-streak', + task.habit_current_streak.toString() + ); + } + if (task.habit_total_completions !== null) { + vtodo.addPropertyWithValue( + 'x-tududi-habit-completions', + task.habit_total_completions.toString() + ); + } + } + + if (task.order !== null && task.order !== undefined) { + vtodo.addPropertyWithValue('x-tududi-order', task.order.toString()); + } + + const statusName = getStatusName(task.status); + if (statusName) { + vtodo.addPropertyWithValue('x-tududi-status-name', statusName); + } + + if (task.created_at) { + try { + const createdTime = ICAL.Time.fromJSDate( + new Date(task.created_at), + true + ); + vtodo.addPropertyWithValue('created', createdTime); + } catch (error) { + console.error('Error formatting created_at date:', error); + } + } + + if (task.updated_at) { + try { + const modifiedTime = ICAL.Time.fromJSDate( + new Date(task.updated_at), + true + ); + vtodo.addPropertyWithValue('last-modified', modifiedTime); + } catch (error) { + console.error('Error formatting updated_at date:', error); + } + } + + comp.addSubcomponent(vtodo); + + return comp.toString(); +} + +function getStatusName(status) { + const statusMap = { + 0: 'not_started', + 1: 'in_progress', + 2: 'done', + 3: 'archived', + 4: 'waiting', + 5: 'cancelled', + 6: 'planned', + }; + return statusMap[status]; +} + +module.exports = { + serializeTaskToVTODO, +}; diff --git a/backend/modules/caldav/index.js b/backend/modules/caldav/index.js new file mode 100644 index 0000000..cf5e491 --- /dev/null +++ b/backend/modules/caldav/index.js @@ -0,0 +1,5 @@ +const routes = require('./routes'); + +module.exports = { + routes, +}; diff --git a/backend/modules/caldav/middleware/caldav-auth.js b/backend/modules/caldav/middleware/caldav-auth.js new file mode 100644 index 0000000..8ceedae --- /dev/null +++ b/backend/modules/caldav/middleware/caldav-auth.js @@ -0,0 +1,81 @@ +const bcrypt = require('bcrypt'); +const { User } = require('../../../models'); + +async function caldavAuth(req, res, next) { + try { + if ( + req.session?.userId || + req.headers.authorization?.startsWith('Bearer ') + ) { + if (req.session?.userId) { + const user = await User.findByPk(req.session.userId); + if (user) { + req.currentUser = user; + return next(); + } + } + + if (req.headers.authorization?.startsWith('Bearer ')) { + return next(); + } + } + + const authHeader = req.headers.authorization; + if (!authHeader?.startsWith('Basic ')) { + return res + .status(401) + .set('WWW-Authenticate', 'Basic realm="Tududi CalDAV"') + .json({ error: 'Authentication required' }); + } + + const credentials = Buffer.from( + authHeader.split(' ')[1], + 'base64' + ).toString('utf8'); + const colonIndex = credentials.indexOf(':'); + + if (colonIndex === -1) { + return res + .status(401) + .set('WWW-Authenticate', 'Basic realm="Tududi CalDAV"') + .json({ error: 'Invalid credentials format' }); + } + + const username = credentials.substring(0, colonIndex); + const password = credentials.substring(colonIndex + 1); + + const user = await User.findOne({ where: { email: username } }); + if (!user) { + return res + .status(401) + .set('WWW-Authenticate', 'Basic realm="Tududi CalDAV"') + .json({ error: 'Invalid credentials' }); + } + + const isValidPassword = await bcrypt.compare( + password, + user.password_digest + ); + if (!isValidPassword) { + return res + .status(401) + .set('WWW-Authenticate', 'Basic realm="Tududi CalDAV"') + .json({ error: 'Invalid credentials' }); + } + + req.currentUser = user; + + if (req.params.username && req.params.username !== user.email) { + return res.status(403).json({ + error: 'Access to other users calendars is forbidden', + }); + } + + next(); + } catch (error) { + console.error('CalDAV auth error:', error); + return res.status(500).json({ error: 'Authentication failed' }); + } +} + +module.exports = caldavAuth; diff --git a/backend/modules/caldav/middleware/xml-parser.js b/backend/modules/caldav/middleware/xml-parser.js new file mode 100644 index 0000000..3b3736b --- /dev/null +++ b/backend/modules/caldav/middleware/xml-parser.js @@ -0,0 +1,45 @@ +async function xmlParser(req, res, next) { + const contentType = req.headers['content-type'] || ''; + const contentLength = parseInt(req.headers['content-length'] || '0', 10); + const hasBody = + req.method === 'POST' || + req.method === 'PUT' || + req.method === 'PROPFIND' || + req.method === 'REPORT'; + + if ( + hasBody && + contentLength > 0 && + (contentType.includes('xml') || + contentType.includes('text/calendar') || + req.method === 'PROPFIND' || + req.method === 'REPORT') + ) { + if (req.rawBody) { + console.log('[XML-PARSER] Already processed, skipping'); + return next(); + } + + try { + console.log('[XML-PARSER] Processing', req.method, contentType); + const chunks = []; + + for await (const chunk of req) { + console.log('[XML-PARSER] Got chunk:', chunk.length); + chunks.push(chunk); + } + + req.rawBody = Buffer.concat(chunks).toString('utf8'); + console.log('[XML-PARSER] Total body length:', req.rawBody.length); + return next(); + } catch (error) { + console.error('XML parser error:', error); + return res.status(400).json({ error: 'Invalid request body' }); + } + } else { + console.log('[XML-PARSER] Skipping', req.method, contentType); + return next(); + } +} + +module.exports = xmlParser; diff --git a/backend/modules/caldav/protocol/capabilities.js b/backend/modules/caldav/protocol/capabilities.js new file mode 100644 index 0000000..357673e --- /dev/null +++ b/backend/modules/caldav/protocol/capabilities.js @@ -0,0 +1,41 @@ +function handleOptions(req, res) { + const isCalendarCollection = req.path.includes('/tasks/'); + + const davMethods = [ + 'OPTIONS', + 'GET', + 'HEAD', + 'PUT', + 'DELETE', + 'PROPFIND', + 'REPORT', + ]; + + const davCapabilities = [ + '1', + '2', + '3', + 'calendar-access', + 'calendar-schedule', + ]; + + res.set({ + DAV: davCapabilities.join(', '), + Allow: davMethods.join(', '), + 'MS-Author-Via': 'DAV', + 'Accept-Ranges': 'none', + 'Content-Length': '0', + }); + + if (isCalendarCollection) { + res.set({ + 'Content-Type': 'text/calendar; charset=utf-8', + }); + } + + res.status(204).end(); +} + +module.exports = { + handleOptions, +}; diff --git a/backend/modules/caldav/protocol/discovery.js b/backend/modules/caldav/protocol/discovery.js new file mode 100644 index 0000000..305283f --- /dev/null +++ b/backend/modules/caldav/protocol/discovery.js @@ -0,0 +1,11 @@ +function handleWellKnown(req, res) { + const protocol = req.protocol; + const host = req.get('host'); + const redirectUrl = `${protocol}://${host}/caldav/`; + + res.redirect(301, redirectUrl); +} + +module.exports = { + handleWellKnown, +}; diff --git a/backend/modules/caldav/repositories/calendar-repository.js b/backend/modules/caldav/repositories/calendar-repository.js new file mode 100644 index 0000000..669e053 --- /dev/null +++ b/backend/modules/caldav/repositories/calendar-repository.js @@ -0,0 +1,79 @@ +const BaseRepository = require('../../../shared/database/BaseRepository'); +const { CalDAVCalendar } = require('../../../models'); + +class CalendarRepository extends BaseRepository { + constructor() { + super(CalDAVCalendar); + } + + async findByUserId(userId, options = {}) { + return this.findAll({ user_id: userId }, options); + } + + async findEnabledByUserId(userId, options = {}) { + return this.findAll({ user_id: userId, enabled: true }, options); + } + + async findByUid(uid, options = {}) { + return this.findOne({ uid }, options); + } + + async findDueForSync(options = {}) { + const now = new Date(); + const calendars = await this.model.findAll({ + where: { + enabled: true, + }, + ...options, + }); + + return calendars.filter((calendar) => { + if (!calendar.last_sync_at) { + return true; + } + + const nextSyncTime = new Date( + calendar.last_sync_at.getTime() + + calendar.sync_interval_minutes * 60 * 1000 + ); + return now >= nextSyncTime; + }); + } + + async updateSyncStatus(calendarId, status, error = null, options = {}) { + const calendar = await this.findById(calendarId); + if (!calendar) { + throw new Error(`Calendar ${calendarId} not found`); + } + + return this.update( + calendar, + { + last_sync_at: new Date(), + last_sync_status: status, + ...(error && { last_sync_error: error }), + }, + options + ); + } + + async updateCTag(calendarId, ctag, options = {}) { + const calendar = await this.findById(calendarId); + if (!calendar) { + throw new Error(`Calendar ${calendarId} not found`); + } + + return this.update(calendar, { ctag }, options); + } + + async updateSyncToken(calendarId, syncToken, options = {}) { + const calendar = await this.findById(calendarId); + if (!calendar) { + throw new Error(`Calendar ${calendarId} not found`); + } + + return this.update(calendar, { sync_token: syncToken }, options); + } +} + +module.exports = new CalendarRepository(); diff --git a/backend/modules/caldav/repositories/override-repository.js b/backend/modules/caldav/repositories/override-repository.js new file mode 100644 index 0000000..9cf6208 --- /dev/null +++ b/backend/modules/caldav/repositories/override-repository.js @@ -0,0 +1,92 @@ +const BaseRepository = require('../../../shared/database/BaseRepository'); +const { CalDAVOccurrenceOverride } = require('../../../models'); + +class OverrideRepository extends BaseRepository { + constructor() { + super(CalDAVOccurrenceOverride); + } + + async findByParentTaskId(parentTaskId, options = {}) { + return this.findAll({ parent_task_id: parentTaskId }, options); + } + + async findByCalendarId(calendarId, options = {}) { + return this.findAll({ calendar_id: calendarId }, options); + } + + async findByRecurrenceId( + parentTaskId, + calendarId, + recurrenceId, + options = {} + ) { + return this.findOne( + { + parent_task_id: parentTaskId, + calendar_id: calendarId, + recurrence_id: recurrenceId, + }, + options + ); + } + + async createOrUpdate( + parentTaskId, + calendarId, + recurrenceId, + overrides, + options = {} + ) { + const existing = await this.findByRecurrenceId( + parentTaskId, + calendarId, + recurrenceId + ); + + if (existing) { + return this.update(existing, overrides, options); + } + + return this.create( + { + parent_task_id: parentTaskId, + calendar_id: calendarId, + recurrence_id: recurrenceId, + ...overrides, + }, + options + ); + } + + async deleteByRecurrenceId( + parentTaskId, + calendarId, + recurrenceId, + options = {} + ) { + const override = await this.findByRecurrenceId( + parentTaskId, + calendarId, + recurrenceId + ); + + if (override) { + return this.destroy(override, options); + } + + return null; + } + + async deleteAllForTask(parentTaskId, calendarId, options = {}) { + const overrides = await this.findAll( + { parent_task_id: parentTaskId, calendar_id: calendarId }, + options + ); + + return Promise.all( + overrides.map((override) => this.destroy(override, options)) + ); + } +} + +module.exports = new OverrideRepository(); diff --git a/backend/modules/caldav/repositories/remote-calendar-repository.js b/backend/modules/caldav/repositories/remote-calendar-repository.js new file mode 100644 index 0000000..28bd83a --- /dev/null +++ b/backend/modules/caldav/repositories/remote-calendar-repository.js @@ -0,0 +1,84 @@ +const BaseRepository = require('../../../shared/database/BaseRepository'); +const { CalDAVRemoteCalendar } = require('../../../models'); + +class RemoteCalendarRepository extends BaseRepository { + constructor() { + super(CalDAVRemoteCalendar); + } + + async findByUserId(userId, options = {}) { + return this.findAll({ user_id: userId }, options); + } + + async findEnabledByUserId(userId, options = {}) { + return this.findAll({ user_id: userId, enabled: true }, options); + } + + async findByLocalCalendarId(localCalendarId, options = {}) { + return this.findOne({ local_calendar_id: localCalendarId }, options); + } + + async findDueForSync(options = {}) { + const remoteCalendars = await this.findAll({ enabled: true }, options); + + const now = new Date(); + return remoteCalendars.filter((remote) => { + if (!remote.last_sync_at || !remote.LocalCalendar) { + return true; + } + + const syncInterval = + remote.LocalCalendar.sync_interval_minutes || 15; + const nextSyncTime = new Date( + remote.last_sync_at.getTime() + syncInterval * 60 * 1000 + ); + return now >= nextSyncTime; + }); + } + + async updateSyncStatus( + remoteCalendarId, + status, + error = null, + options = {} + ) { + const remoteCalendar = await this.findById(remoteCalendarId); + if (!remoteCalendar) { + throw new Error(`Remote calendar ${remoteCalendarId} not found`); + } + + return this.update( + remoteCalendar, + { + last_sync_at: new Date(), + last_sync_status: status, + last_sync_error: error, + }, + options + ); + } + + async updateServerCTag(remoteCalendarId, ctag, options = {}) { + const remoteCalendar = await this.findById(remoteCalendarId); + if (!remoteCalendar) { + throw new Error(`Remote calendar ${remoteCalendarId} not found`); + } + + return this.update(remoteCalendar, { server_ctag: ctag }, options); + } + + async updateServerSyncToken(remoteCalendarId, syncToken, options = {}) { + const remoteCalendar = await this.findById(remoteCalendarId); + if (!remoteCalendar) { + throw new Error(`Remote calendar ${remoteCalendarId} not found`); + } + + return this.update( + remoteCalendar, + { server_sync_token: syncToken }, + options + ); + } +} + +module.exports = new RemoteCalendarRepository(); diff --git a/backend/modules/caldav/repositories/sync-state-repository.js b/backend/modules/caldav/repositories/sync-state-repository.js new file mode 100644 index 0000000..da37c24 --- /dev/null +++ b/backend/modules/caldav/repositories/sync-state-repository.js @@ -0,0 +1,140 @@ +const BaseRepository = require('../../../shared/database/BaseRepository'); +const { CalDAVSyncState } = require('../../../models'); + +class SyncStateRepository extends BaseRepository { + constructor() { + super(CalDAVSyncState); + } + + async findByTaskId(taskId, options = {}) { + return this.findAll({ task_id: taskId }, options); + } + + async findByCalendarId(calendarId, options = {}) { + return this.findAll({ calendar_id: calendarId }, options); + } + + async findByTaskAndCalendar(taskId, calendarId, options = {}) { + return this.findOne( + { task_id: taskId, calendar_id: calendarId }, + options + ); + } + + async findByETag(etag, options = {}) { + return this.findOne({ etag }, options); + } + + async findConflicts(calendarId = null, options = {}) { + const where = { sync_status: 'conflict' }; + if (calendarId) { + where.calendar_id = calendarId; + } + return this.findAll(where, options); + } + + async createOrUpdate(taskId, calendarId, data, options = {}) { + const existing = await this.findByTaskAndCalendar(taskId, calendarId); + + if (existing) { + return this.update(existing, data, options); + } + + return this.create( + { + task_id: taskId, + calendar_id: calendarId, + ...data, + }, + options + ); + } + + async updateETag(taskId, calendarId, etag, options = {}) { + const syncState = await this.findByTaskAndCalendar(taskId, calendarId); + if (!syncState) { + throw new Error( + `Sync state not found for task ${taskId} and calendar ${calendarId}` + ); + } + + return this.update( + syncState, + { + etag, + last_modified: new Date(), + }, + options + ); + } + + async markSynced(taskId, calendarId, options = {}) { + const syncState = await this.findByTaskAndCalendar(taskId, calendarId); + if (!syncState) { + throw new Error( + `Sync state not found for task ${taskId} and calendar ${calendarId}` + ); + } + + return this.update( + syncState, + { + sync_status: 'synced', + last_synced_at: new Date(), + conflict_local_version: null, + conflict_remote_version: null, + conflict_detected_at: null, + }, + options + ); + } + + async markConflict( + taskId, + calendarId, + localVersion, + remoteVersion, + options = {} + ) { + const syncState = await this.findByTaskAndCalendar(taskId, calendarId); + if (!syncState) { + throw new Error( + `Sync state not found for task ${taskId} and calendar ${calendarId}` + ); + } + + return this.update( + syncState, + { + sync_status: 'conflict', + conflict_local_version: localVersion, + conflict_remote_version: remoteVersion, + conflict_detected_at: new Date(), + }, + options + ); + } + + async resolveConflict(taskId, calendarId, resolution, options = {}) { + const syncState = await this.findByTaskAndCalendar(taskId, calendarId); + if (!syncState) { + throw new Error( + `Sync state not found for task ${taskId} and calendar ${calendarId}` + ); + } + + return this.update( + syncState, + { + sync_status: 'synced', + conflict_local_version: null, + conflict_remote_version: null, + conflict_detected_at: null, + last_synced_at: new Date(), + }, + options + ); + } +} + +module.exports = new SyncStateRepository(); diff --git a/backend/modules/caldav/routes.js b/backend/modules/caldav/routes.js new file mode 100644 index 0000000..a87c2c9 --- /dev/null +++ b/backend/modules/caldav/routes.js @@ -0,0 +1,74 @@ +const express = require('express'); +const caldavAuth = require('./middleware/caldav-auth'); +const xmlParser = require('./middleware/xml-parser'); +const { handleWellKnown } = require('./protocol/discovery'); +const { handleOptions } = require('./webdav/options'); +const { handlePropfind } = require('./webdav/propfind'); +const { handleReport } = require('./webdav/report'); +const { + handleGetTask, + handlePutTask, + handleDeleteTask, +} = require('./webdav/task-handlers'); +const apiRoutes = require('./api/routes'); +const { requireAuth } = require('../../middleware/auth'); + +const router = express.Router(); + +router.get('/.well-known/caldav', handleWellKnown); + +router.options( + '/caldav/:username/tasks/', + xmlParser, + caldavAuth, + handleOptions +); +router.options( + '/caldav/:username/tasks/:uid', + xmlParser, + caldavAuth, + handleOptions +); + +function registerMethod(method, path, handler) { + router.all(path, xmlParser, caldavAuth, (req, res, next) => { + if (req.method === method) { + return handler(req, res, next); + } + next(); + }); +} + +registerMethod('PROPFIND', '/caldav/:username/tasks/', handlePropfind); +registerMethod('PROPFIND', '/caldav/:username/tasks/:uid', handlePropfind); + +registerMethod('REPORT', '/caldav/:username/tasks/', handleReport); + +router.get('/caldav/:username/tasks/', xmlParser, caldavAuth, (req, res) => { + res.status(207).send( + '' + ); +}); + +router.get( + '/caldav/:username/tasks/:uid', + xmlParser, + caldavAuth, + handleGetTask +); +router.put( + '/caldav/:username/tasks/:uid', + xmlParser, + caldavAuth, + handlePutTask +); +router.delete( + '/caldav/:username/tasks/:uid', + xmlParser, + caldavAuth, + handleDeleteTask +); + +router.use('/api/caldav', requireAuth, apiRoutes); + +module.exports = router; diff --git a/backend/modules/caldav/services/encryption-service.js b/backend/modules/caldav/services/encryption-service.js new file mode 100644 index 0000000..2dcc871 --- /dev/null +++ b/backend/modules/caldav/services/encryption-service.js @@ -0,0 +1,112 @@ +const crypto = require('crypto'); +const { getConfig } = require('../../../config/config'); + +const ALGORITHM = 'aes-256-gcm'; +const IV_LENGTH = 16; +const AUTH_TAG_LENGTH = 16; + +function getEncryptionKey() { + const config = getConfig(); + const key = config.encryptionKey || config.secretKey; + + if (!key) { + if (process.env.NODE_ENV === 'test') { + return Buffer.from( + 'test-encryption-key-32-chars-long!!!', + 'utf-8' + ).slice(0, 32); + } + throw new Error( + 'No encryption key found. Set ENCRYPTION_KEY or SECRET_KEY environment variable' + ); + } + + return Buffer.from(key, 'utf-8').slice(0, 32); +} + +function encrypt(text) { + if (!text) { + throw new Error('Cannot encrypt empty text'); + } + + try { + const key = getEncryptionKey(); + const iv = crypto.randomBytes(IV_LENGTH); + const cipher = crypto.createCipheriv(ALGORITHM, key, iv); + + let encrypted = cipher.update(text, 'utf8', 'hex'); + encrypted += cipher.final('hex'); + + const authTag = cipher.getAuthTag(); + + return JSON.stringify({ + iv: iv.toString('hex'), + encrypted, + authTag: authTag.toString('hex'), + }); + } catch (error) { + throw new Error(`Encryption failed: ${error.message}`); + } +} + +function decrypt(encryptedData) { + if (!encryptedData) { + throw new Error('Cannot decrypt empty data'); + } + + try { + const key = getEncryptionKey(); + const data = JSON.parse(encryptedData); + + if (!data.iv || !data.encrypted || !data.authTag) { + throw new Error('Invalid encrypted data format'); + } + + const iv = Buffer.from(data.iv, 'hex'); + const authTag = Buffer.from(data.authTag, 'hex'); + + const decipher = crypto.createDecipheriv(ALGORITHM, key, iv); + decipher.setAuthTag(authTag); + + let decrypted = decipher.update(data.encrypted, 'hex', 'utf8'); + decrypted += decipher.final('utf8'); + + return decrypted; + } catch (error) { + if ( + error.message.includes( + 'Unsupported state or unable to authenticate data' + ) + ) { + throw new Error( + 'Decryption failed: Invalid auth tag or tampered data' + ); + } + throw new Error(`Decryption failed: ${error.message}`); + } +} + +function isEncrypted(data) { + if (!data || typeof data !== 'string') { + return false; + } + + try { + const parsed = JSON.parse(data); + return ( + parsed && + typeof parsed === 'object' && + 'iv' in parsed && + 'encrypted' in parsed && + 'authTag' in parsed + ); + } catch { + return false; + } +} + +module.exports = { + encrypt, + decrypt, + isEncrypted, +}; diff --git a/backend/modules/caldav/services/sync-scheduler.js b/backend/modules/caldav/services/sync-scheduler.js new file mode 100644 index 0000000..4abda6e --- /dev/null +++ b/backend/modules/caldav/services/sync-scheduler.js @@ -0,0 +1,213 @@ +const cron = require('node-cron'); +const logger = require('../../../services/logService'); +const syncEngine = require('../sync/sync-engine'); +const CalendarRepository = require('../repositories/calendar-repository'); +const RemoteCalendarRepository = require('../repositories/remote-calendar-repository'); + +class SyncScheduler { + constructor() { + this.jobs = new Map(); + this.isInitialized = false; + this.globalJob = null; + } + + async initialize() { + if (this.isInitialized) { + logger.logInfo('CalDAV sync scheduler already initialized'); + return; + } + + const enabled = process.env.CALDAV_ENABLED !== 'false'; + if (!enabled) { + logger.logInfo('CalDAV sync scheduler disabled via CALDAV_ENABLED'); + return; + } + + logger.logInfo('Initializing CalDAV sync scheduler'); + + const syncIntervalMinutes = parseInt( + process.env.CALDAV_DEFAULT_SYNC_INTERVAL || '15', + 10 + ); + + const cronExpression = this._getCronExpression(syncIntervalMinutes); + + this.globalJob = cron.schedule(cronExpression, async () => { + await this.syncAllDueCalendars(); + }); + + this.isInitialized = true; + logger.logInfo( + `CalDAV sync scheduler initialized with ${syncIntervalMinutes} minute interval` + ); + } + + async syncAllDueCalendars() { + try { + logger.logInfo('Starting scheduled sync for all due calendars'); + + const dueCalendars = await CalendarRepository.findDueForSync(); + + logger.logInfo( + `Found ${dueCalendars.length} calendars due for sync` + ); + + for (const calendar of dueCalendars) { + try { + await this._syncCalendar(calendar); + } catch (error) { + logger.logError( + `Failed to sync calendar ${calendar.id}: ${error.message}`, + error + ); + } + } + + logger.logInfo('Completed scheduled sync for all due calendars'); + } catch (error) { + logger.logError( + `Error during scheduled sync: ${error.message}`, + error + ); + } + } + + async _syncCalendar(calendar) { + try { + logger.logInfo( + `Syncing calendar ${calendar.id} for user ${calendar.user_id}` + ); + + const result = await syncEngine.syncCalendar( + calendar.id, + calendar.user_id, + { + direction: calendar.sync_direction || 'bidirectional', + } + ); + + if (result.success) { + logger.logInfo( + `Successfully synced calendar ${calendar.id}: ${result.stats.pulled} pulled, ${result.stats.pushed} pushed, ${result.stats.conflicts} conflicts` + ); + } else { + logger.logWarn( + `Sync completed with errors for calendar ${calendar.id}` + ); + } + + return result; + } catch (error) { + logger.logError( + `Failed to sync calendar ${calendar.id}: ${error.message}`, + error + ); + + await CalendarRepository.updateSyncStatus( + calendar.id, + 'error', + error.message + ); + + throw error; + } + } + + async syncCalendarById(calendarId, userId, options = {}) { + const calendar = await CalendarRepository.findById(calendarId); + + if (!calendar) { + throw new Error(`Calendar ${calendarId} not found`); + } + + if (calendar.user_id !== userId) { + throw new Error('Unauthorized access to calendar'); + } + + return await this._syncCalendar(calendar); + } + + async syncUserCalendars(userId, options = {}) { + logger.logInfo(`Syncing all calendars for user ${userId}`); + + const calendars = await CalendarRepository.findByUserId(userId); + const results = []; + + for (const calendar of calendars) { + if (!calendar.enabled && !options.force) { + logger.logInfo( + `Skipping disabled calendar ${calendar.id} for user ${userId}` + ); + continue; + } + + try { + const result = await this._syncCalendar(calendar); + results.push(result); + } catch (error) { + logger.logError( + `Failed to sync calendar ${calendar.id}: ${error.message}`, + error + ); + results.push({ + calendarId: calendar.id, + success: false, + error: error.message, + }); + } + } + + return { + userId, + totalCalendars: calendars.length, + syncedCalendars: results.filter((r) => r.success).length, + failedCalendars: results.filter((r) => !r.success).length, + results, + }; + } + + _getCronExpression(minutes) { + if (minutes < 1 || minutes > 1440) { + throw new Error( + 'Sync interval must be between 1 and 1440 minutes (24 hours)' + ); + } + + if (minutes === 1) { + return '* * * * *'; + } + + if (60 % minutes === 0) { + return `*/${minutes} * * * *`; + } + + return `0 */${Math.floor(minutes / 60)} * * *`; + } + + async shutdown() { + logger.logInfo('Shutting down CalDAV sync scheduler'); + + if (this.globalJob) { + this.globalJob.stop(); + this.globalJob = null; + } + + for (const [calendarId, job] of this.jobs.entries()) { + job.stop(); + this.jobs.delete(calendarId); + } + + this.isInitialized = false; + logger.logInfo('CalDAV sync scheduler shut down'); + } + + getStatus() { + return { + initialized: this.isInitialized, + activeJobs: this.jobs.size, + globalJobActive: this.globalJob !== null, + }; + } +} + +module.exports = new SyncScheduler(); diff --git a/backend/modules/caldav/sync/conflict-resolver.js b/backend/modules/caldav/sync/conflict-resolver.js new file mode 100644 index 0000000..6542c1e --- /dev/null +++ b/backend/modules/caldav/sync/conflict-resolver.js @@ -0,0 +1,144 @@ +const logger = require('../../../services/logService'); + +class ConflictResolver { + async resolve(localTask, remoteTask, strategy = 'last_write_wins') { + logger.logInfo( + `Resolving conflict for task ${localTask.uid} using strategy: ${strategy}` + ); + + switch (strategy) { + case 'last_write_wins': + return this._lastWriteWins(localTask, remoteTask); + + case 'local_wins': + return this._localWins(localTask); + + case 'remote_wins': + return this._remoteWins(remoteTask); + + case 'manual': + return this._manual(localTask, remoteTask); + + default: + logger.logWarn( + `Unknown conflict resolution strategy: ${strategy}, falling back to last_write_wins` + ); + return this._lastWriteWins(localTask, remoteTask); + } + } + + _lastWriteWins(localTask, remoteTask) { + const localTime = new Date(localTask.updated_at).getTime(); + const remoteTime = remoteTask.updated_at + ? new Date(remoteTask.updated_at).getTime() + : new Date(remoteTask.last_modified || Date.now()).getTime(); + + if (localTime > remoteTime) { + logger.logInfo( + `Local task ${localTask.uid} is newer (${localTask.updated_at} > ${remoteTask.updated_at || remoteTask.last_modified}), keeping local version` + ); + return { + strategy: 'last_write_wins', + winner: 'local', + taskData: localTask.toJSON(), + }; + } + + logger.logInfo( + `Remote task ${localTask.uid} is newer (${remoteTask.updated_at || remoteTask.last_modified} >= ${localTask.updated_at}), keeping remote version` + ); + return { + strategy: 'last_write_wins', + winner: 'remote', + taskData: { + ...remoteTask, + id: localTask.id, + user_id: localTask.user_id, + }, + }; + } + + _localWins(localTask) { + logger.logInfo( + `Using local version for task ${localTask.uid} (local_wins strategy)` + ); + return { + strategy: 'local_wins', + winner: 'local', + taskData: localTask.toJSON(), + }; + } + + _remoteWins(remoteTask) { + logger.logInfo(`Using remote version for task (remote_wins strategy)`); + return { + strategy: 'remote_wins', + winner: 'remote', + taskData: remoteTask, + }; + } + + _manual(localTask, remoteTask) { + logger.logInfo( + `Conflict for task ${localTask.uid} requires manual resolution` + ); + return { + strategy: 'manual', + winner: null, + taskData: null, + localVersion: localTask.toJSON(), + remoteVersion: remoteTask, + }; + } + + compareTaskFields(localTask, remoteTask) { + const differences = []; + const fields = [ + 'name', + 'note', + 'due_date', + 'defer_until', + 'status', + 'priority', + 'completed_at', + ]; + + for (const field of fields) { + const localValue = localTask[field]; + const remoteValue = remoteTask[field]; + + if (localValue !== remoteValue) { + differences.push({ + field, + localValue, + remoteValue, + }); + } + } + + return differences; + } + + mergeNonConflictingFields(localTask, remoteTask) { + const merged = { ...localTask.toJSON() }; + const differences = this.compareTaskFields(localTask, remoteTask); + + for (const diff of differences) { + if (diff.field === 'updated_at' || diff.field === 'created_at') { + continue; + } + + if ( + diff.localValue === null || + diff.localValue === undefined || + diff.localValue === '' + ) { + merged[diff.field] = diff.remoteValue; + } + } + + return merged; + } +} + +module.exports = new ConflictResolver(); diff --git a/backend/modules/caldav/sync/merge-phase.js b/backend/modules/caldav/sync/merge-phase.js new file mode 100644 index 0000000..b420e99 --- /dev/null +++ b/backend/modules/caldav/sync/merge-phase.js @@ -0,0 +1,382 @@ +const { AppError } = require('../../../shared/errors/AppError'); +const logger = require('../../../services/logService'); +const { Task } = require('../../../models'); +const SyncStateRepository = require('../repositories/sync-state-repository'); +const CalendarRepository = require('../repositories/calendar-repository'); +const ConflictResolver = require('./conflict-resolver'); + +class MergePhase { + async execute(calendar, changedTasks, options = {}) { + const { dryRun = false } = options; + + logger.logInfo( + `Merge phase starting for calendar ${calendar.id} with ${changedTasks.length} changed tasks` + ); + + const results = { + merged: [], + conflicts: [], + deleted: [], + errors: [], + }; + + for (const change of changedTasks) { + try { + if (change.action === 'delete') { + await this._handleDeletion( + change, + calendar, + dryRun, + results + ); + } else if (change.action === 'create_or_update') { + await this._handleCreateOrUpdate( + change, + calendar, + dryRun, + results + ); + } + } catch (error) { + logger.logError( + `Failed to merge task ${change.href}: ${error.message}`, + error + ); + results.errors.push({ + href: change.href, + error: error.message, + }); + } + } + + logger.logInfo( + `Merge phase completed: ${results.merged.length} merged, ${results.conflicts.length} conflicts, ${results.deleted.length} deleted, ${results.errors.length} errors` + ); + + return results; + } + + async _handleDeletion(change, calendar, dryRun, results) { + const uid = this._extractUidFromHref(change.href); + const existingTask = await Task.findOne({ + where: { uid, user_id: calendar.user_id }, + }); + + if (!existingTask) { + logger.logInfo( + `Task ${uid} already deleted or doesn't exist, skipping` + ); + return; + } + + const syncState = await SyncStateRepository.findByTaskAndCalendar( + existingTask.id, + calendar.id + ); + + if (syncState && existingTask.updated_at > syncState.last_synced_at) { + logger.logInfo( + `Task ${uid} was modified locally after remote deletion, conflict detected` + ); + + if (!dryRun) { + await SyncStateRepository.markConflict( + existingTask.id, + calendar.id, + existingTask.toJSON(), + null + ); + } + + results.conflicts.push({ + uid, + taskId: existingTask.id, + type: 'remote_deleted_local_modified', + }); + return; + } + + if (!dryRun) { + await existingTask.destroy(); + await SyncStateRepository.deleteByTaskId(existingTask.id); + } + + results.deleted.push({ uid, taskId: existingTask.id }); + logger.logInfo(`Task ${uid} deleted`); + } + + async _handleCreateOrUpdate(change, calendar, dryRun, results) { + const { task: remoteTask, etag, href } = change; + + const existingTask = await Task.findOne({ + where: { uid: remoteTask.uid, user_id: calendar.user_id }, + }); + + if (!existingTask) { + await this._createNewTask( + remoteTask, + calendar, + etag, + dryRun, + results + ); + return; + } + + const syncState = await SyncStateRepository.findByTaskAndCalendar( + existingTask.id, + calendar.id + ); + + if (!syncState) { + await this._createNewTask( + remoteTask, + calendar, + etag, + dryRun, + results, + existingTask + ); + return; + } + + if (syncState.etag === etag) { + logger.logInfo( + `Task ${remoteTask.uid} unchanged (ETag match), skipping` + ); + return; + } + + const locallyModified = + existingTask.updated_at > syncState.last_synced_at; + const remotelyModified = syncState.etag !== etag; + + if (locallyModified && remotelyModified) { + await this._handleConflict( + existingTask, + remoteTask, + calendar, + etag, + dryRun, + results + ); + return; + } + + if (remotelyModified) { + await this._updateTaskFromRemote( + existingTask, + remoteTask, + calendar, + etag, + dryRun, + results + ); + } + } + + async _createNewTask( + remoteTask, + calendar, + etag, + dryRun, + results, + existingTask = null + ) { + if (dryRun) { + results.merged.push({ + uid: remoteTask.uid, + action: 'create', + dryRun: true, + }); + return; + } + + let task; + if (existingTask) { + await existingTask.update({ + ...remoteTask, + user_id: calendar.user_id, + }); + task = existingTask; + } else { + task = await Task.create({ + ...remoteTask, + user_id: calendar.user_id, + }); + } + + await SyncStateRepository.createOrUpdate(task.id, calendar.id, { + etag, + last_modified: new Date(), + last_synced_at: new Date(), + sync_status: 'synced', + }); + + results.merged.push({ + uid: remoteTask.uid, + taskId: task.id, + action: 'create', + }); + + logger.logInfo(`Task ${remoteTask.uid} created from remote`); + } + + async _updateTaskFromRemote( + existingTask, + remoteTask, + calendar, + etag, + dryRun, + results + ) { + if (dryRun) { + results.merged.push({ + uid: remoteTask.uid, + taskId: existingTask.id, + action: 'update', + dryRun: true, + }); + return; + } + + await existingTask.update({ + ...remoteTask, + id: existingTask.id, + uid: existingTask.uid, + user_id: existingTask.user_id, + }); + + await SyncStateRepository.createOrUpdate(existingTask.id, calendar.id, { + etag, + last_modified: new Date(), + last_synced_at: new Date(), + sync_status: 'synced', + }); + + results.merged.push({ + uid: remoteTask.uid, + taskId: existingTask.id, + action: 'update', + }); + + logger.logInfo(`Task ${remoteTask.uid} updated from remote`); + } + + async _handleConflict( + existingTask, + remoteTask, + calendar, + etag, + dryRun, + results + ) { + logger.logInfo( + `Conflict detected for task ${existingTask.uid}: both local and remote modified` + ); + + const resolutionStrategy = + calendar.conflict_resolution || 'last_write_wins'; + + const resolved = await ConflictResolver.resolve( + existingTask, + remoteTask, + resolutionStrategy + ); + + if (resolved.strategy === 'manual') { + if (!dryRun) { + await SyncStateRepository.markConflict( + existingTask.id, + calendar.id, + existingTask.toJSON(), + remoteTask + ); + } + + results.conflicts.push({ + uid: existingTask.uid, + taskId: existingTask.id, + type: 'both_modified', + strategy: 'manual', + }); + + logger.logInfo( + `Task ${existingTask.uid} conflict marked for manual resolution` + ); + return; + } + + if (!dryRun) { + await existingTask.update(resolved.taskData); + + await SyncStateRepository.createOrUpdate( + existingTask.id, + calendar.id, + { + etag, + last_modified: new Date(), + last_synced_at: new Date(), + sync_status: 'synced', + } + ); + } + + results.merged.push({ + uid: existingTask.uid, + taskId: existingTask.id, + action: 'conflict_resolved', + strategy: resolved.strategy, + }); + + logger.logInfo( + `Task ${existingTask.uid} conflict resolved using strategy: ${resolved.strategy}` + ); + } + + async getConflicts(calendarId) { + return await SyncStateRepository.findConflicts(calendarId); + } + + async resolveConflict(taskId, calendarId, resolution) { + const conflict = await SyncStateRepository.findByTaskAndCalendar( + taskId, + calendarId + ); + + if (!conflict || conflict.sync_status !== 'conflict') { + throw new AppError('No conflict found for this task', 404); + } + + const task = await Task.findByPk(taskId); + if (!task) { + throw new AppError('Task not found', 404); + } + + let taskData; + if (resolution === 'local') { + taskData = conflict.conflict_local_version; + } else if (resolution === 'remote') { + taskData = conflict.conflict_remote_version; + } else { + throw new AppError('Invalid resolution strategy', 400); + } + + await task.update(taskData); + + await SyncStateRepository.resolveConflict(taskId, calendarId); + + logger.logInfo( + `Conflict resolved for task ${taskId} using ${resolution} version` + ); + + return task; + } + + _extractUidFromHref(href) { + const match = href.match(/([^/]+)\.ics$/); + return match ? match[1] : href; + } +} + +module.exports = MergePhase; diff --git a/backend/modules/caldav/sync/pull-phase.js b/backend/modules/caldav/sync/pull-phase.js new file mode 100644 index 0000000..4e8cafe --- /dev/null +++ b/backend/modules/caldav/sync/pull-phase.js @@ -0,0 +1,287 @@ +const axios = require('axios'); +const { parseStringPromise } = require('xml2js'); +const { AppError } = require('../../../shared/errors/AppError'); +const logger = require('../../../services/logService'); +const RemoteCalendarRepository = require('../repositories/remote-calendar-repository'); +const { parseVTODOToTask } = require('../icalendar/vtodo-parser'); +const encryptionService = require('../services/encryption-service'); + +class PullPhase { + async execute(calendar, userId, options = {}) { + const { dryRun = false } = options; + + logger.logInfo( + `Pull phase starting for calendar ${calendar.id} (user: ${userId})` + ); + + const remoteCalendar = + await RemoteCalendarRepository.findByLocalCalendarId(calendar.id); + + if (!remoteCalendar) { + logger.logInfo( + `No remote calendar configured for calendar ${calendar.id}, skipping pull` + ); + return { + success: true, + skipped: true, + reason: 'No remote calendar configured', + changedTasks: [], + }; + } + + if (!remoteCalendar.enabled) { + logger.logInfo( + `Remote calendar ${remoteCalendar.id} is disabled, skipping pull` + ); + return { + success: true, + skipped: true, + reason: 'Remote calendar disabled', + changedTasks: [], + }; + } + + try { + const changedTasks = await this._fetchChangesFromRemote( + remoteCalendar, + calendar + ); + + logger.logInfo( + `Pull phase completed: fetched ${changedTasks.length} changed tasks` + ); + + return { + success: true, + changedTasks, + fetchedCount: changedTasks.length, + }; + } catch (error) { + logger.logError( + `Pull phase failed for calendar ${calendar.id}: ${error.message}`, + error + ); + throw new AppError( + `Failed to pull from remote: ${error.message}`, + 500 + ); + } + } + + async _fetchChangesFromRemote(remoteCalendar, calendar) { + const password = encryptionService.decrypt( + remoteCalendar.password_encrypted + ); + + const baseUrl = remoteCalendar.server_url.replace(/\/$/, ''); + const calendarPath = remoteCalendar.calendar_path.replace(/^\//, ''); + const calendarUrl = `${baseUrl}/${calendarPath}`; + + logger.logInfo( + `Fetching changes from remote CalDAV: ${remoteCalendar.server_url}` + ); + + const syncToken = remoteCalendar.server_sync_token; + + let reportBody; + if (syncToken) { + reportBody = this._buildSyncCollectionReport(syncToken); + } else { + reportBody = this._buildInitialSyncReport(); + } + + try { + const response = await axios({ + method: 'REPORT', + url: calendarUrl, + headers: { + 'Content-Type': 'application/xml; charset=utf-8', + Depth: '1', + }, + auth: { + username: remoteCalendar.username, + password: password, + }, + data: reportBody, + timeout: parseInt( + process.env.CALDAV_REQUEST_TIMEOUT || '30000', + 10 + ), + }); + + return await this._parseReportResponse( + response.data, + remoteCalendar, + calendar + ); + } catch (error) { + if (error.response?.status === 401) { + throw new AppError( + 'Authentication failed with remote CalDAV server', + 401 + ); + } + + logger.logError( + `Failed to fetch from remote CalDAV: ${error.message}`, + error + ); + throw error; + } + } + + _buildSyncCollectionReport(syncToken) { + return ` + + ${syncToken} + 1 + + + + +`; + } + + _buildInitialSyncReport() { + return ` + + + + + + + + + + +`; + } + + async _parseReportResponse(xmlData, remoteCalendar, calendar) { + const parsed = await parseStringPromise(xmlData, { + explicitArray: false, + tagNameProcessors: [this._stripNamespace], + }); + + const changedTasks = []; + + const responses = + parsed?.multistatus?.response || + parsed?.['sync-collection']?.response || + []; + const responseArray = Array.isArray(responses) + ? responses + : [responses]; + + for (const response of responseArray) { + try { + const href = response.href; + + if (!href || href.endsWith('/')) { + continue; + } + + const etag = response.propstat?.prop?.getetag?.replace( + /^"|"$/g, + '' + ); + const calendarData = + response.propstat?.prop?.['calendar-data'] || + response.propstat?.prop?.calendardata; + const status = response.status || response.propstat?.status; + + if (status && status.includes('404')) { + changedTasks.push({ + action: 'delete', + href, + etag, + }); + continue; + } + + if (!calendarData) { + const taskUrl = `${remoteCalendar.server_url}${href}`; + const taskData = await this._fetchTaskData( + taskUrl, + remoteCalendar + ); + if (taskData) { + changedTasks.push(taskData); + } + continue; + } + + const taskData = await parseVTODOToTask(calendarData); + if (taskData) { + changedTasks.push({ + action: 'create_or_update', + href, + etag, + task: taskData, + }); + } + } catch (error) { + logger.logError( + `Failed to parse task from remote: ${error.message}`, + error + ); + } + } + + const newSyncToken = + parsed?.multistatus?.['sync-token'] || + parsed?.['sync-collection']?.['sync-token']; + + if (newSyncToken) { + await RemoteCalendarRepository.updateServerSyncToken( + remoteCalendar.id, + newSyncToken + ); + } + + return changedTasks; + } + + async _fetchTaskData(taskUrl, remoteCalendar) { + try { + const password = encryptionService.decrypt( + remoteCalendar.password_encrypted + ); + + const response = await axios({ + method: 'GET', + url: taskUrl, + auth: { + username: remoteCalendar.username, + password: password, + }, + timeout: parseInt( + process.env.CALDAV_REQUEST_TIMEOUT || '30000', + 10 + ), + }); + + const etag = response.headers.etag?.replace(/^"|"$/g, ''); + const taskData = await parseVTODOToTask(response.data); + + return { + action: 'create_or_update', + href: new URL(taskUrl).pathname, + etag, + task: taskData, + }; + } catch (error) { + logger.logError( + `Failed to fetch task data from ${taskUrl}: ${error.message}`, + error + ); + return null; + } + } + + _stripNamespace(name) { + return name.replace(/^.*:/, ''); + } +} + +module.exports = PullPhase; diff --git a/backend/modules/caldav/sync/push-phase.js b/backend/modules/caldav/sync/push-phase.js new file mode 100644 index 0000000..3f56574 --- /dev/null +++ b/backend/modules/caldav/sync/push-phase.js @@ -0,0 +1,298 @@ +const axios = require('axios'); +const { AppError } = require('../../../shared/errors/AppError'); +const logger = require('../../../services/logService'); +const { Task } = require('../../../models'); +const SyncStateRepository = require('../repositories/sync-state-repository'); +const RemoteCalendarRepository = require('../repositories/remote-calendar-repository'); +const { serializeTaskToVTODO } = require('../icalendar/vtodo-serializer'); +const encryptionService = require('../services/encryption-service'); + +class PushPhase { + async execute(calendar, userId, options = {}) { + const { dryRun = false } = options; + + logger.logInfo( + `Push phase starting for calendar ${calendar.id} (user: ${userId})` + ); + + const remoteCalendar = + await RemoteCalendarRepository.findByLocalCalendarId(calendar.id); + + if (!remoteCalendar) { + logger.logInfo( + `No remote calendar configured for calendar ${calendar.id}, skipping push` + ); + return { + success: true, + skipped: true, + reason: 'No remote calendar configured', + pushedTasks: [], + }; + } + + if (!remoteCalendar.enabled) { + logger.logInfo( + `Remote calendar ${remoteCalendar.id} is disabled, skipping push` + ); + return { + success: true, + skipped: true, + reason: 'Remote calendar disabled', + pushedTasks: [], + }; + } + + try { + const changedTasks = await this._findLocalChanges( + calendar.id, + userId + ); + + const pushedTasks = []; + const errors = []; + + for (const task of changedTasks) { + try { + const result = await this._pushTaskToRemote( + task, + remoteCalendar, + calendar, + dryRun + ); + pushedTasks.push(result); + } catch (error) { + logger.logError( + `Failed to push task ${task.uid}: ${error.message}`, + error + ); + errors.push({ + taskId: task.id, + uid: task.uid, + error: error.message, + }); + } + } + + logger.logInfo( + `Push phase completed: pushed ${pushedTasks.length} tasks, ${errors.length} errors` + ); + + return { + success: true, + pushedTasks, + pushedCount: pushedTasks.length, + errors, + }; + } catch (error) { + logger.logError( + `Push phase failed for calendar ${calendar.id}: ${error.message}`, + error + ); + throw new AppError( + `Failed to push to remote: ${error.message}`, + 500 + ); + } + } + + async _findLocalChanges(calendarId, userId) { + const syncStates = + await SyncStateRepository.findByCalendarId(calendarId); + + const syncedTaskIds = syncStates.map((state) => state.task_id); + + const allTasks = await Task.findAll({ + where: { user_id: userId }, + }); + + const changedTasks = []; + + for (const task of allTasks) { + const syncState = syncStates.find((s) => s.task_id === task.id); + + if (!syncState) { + changedTasks.push(task); + continue; + } + + if ( + syncState.sync_status === 'conflict' || + syncState.sync_status === 'pending' + ) { + continue; + } + + if (task.updated_at > syncState.last_synced_at) { + changedTasks.push(task); + } + } + + logger.logInfo( + `Found ${changedTasks.length} locally modified tasks to push` + ); + + return changedTasks; + } + + async _pushTaskToRemote(task, remoteCalendar, calendar, dryRun) { + if (dryRun) { + return { + taskId: task.id, + uid: task.uid, + action: 'push', + dryRun: true, + }; + } + + const password = encryptionService.decrypt( + remoteCalendar.password_encrypted + ); + + const baseUrl = remoteCalendar.server_url.replace(/\/$/, ''); + const calendarPath = remoteCalendar.calendar_path.replace(/^\//, ''); + const taskUrl = `${baseUrl}/${calendarPath}/${task.uid}.ics`; + + const vtodoString = await serializeTaskToVTODO(task); + + const syncState = await SyncStateRepository.findByTaskAndCalendar( + task.id, + calendar.id + ); + + try { + const headers = { + 'Content-Type': 'text/calendar; charset=utf-8', + }; + + if (syncState?.etag) { + headers['If-Match'] = syncState.etag; + } + + const response = await axios({ + method: 'PUT', + url: taskUrl, + headers, + auth: { + username: remoteCalendar.username, + password: password, + }, + data: vtodoString, + timeout: parseInt( + process.env.CALDAV_REQUEST_TIMEOUT || '30000', + 10 + ), + }); + + const newEtag = response.headers.etag?.replace(/^"|"$/g, ''); + + await SyncStateRepository.createOrUpdate(task.id, calendar.id, { + etag: newEtag || syncState?.etag, + last_modified: new Date(), + last_synced_at: new Date(), + sync_status: 'synced', + }); + + logger.logInfo(`Task ${task.uid} successfully pushed to remote`); + + return { + taskId: task.id, + uid: task.uid, + action: 'push', + etag: newEtag, + }; + } catch (error) { + if (error.response?.status === 412) { + logger.logError( + `Precondition failed for task ${task.uid}: ETag mismatch, conflict detected` + ); + + await SyncStateRepository.createOrUpdate(task.id, calendar.id, { + sync_status: 'conflict', + }); + + throw new AppError( + 'Conflict detected: task was modified on server', + 412 + ); + } + + if (error.response?.status === 401) { + throw new AppError( + 'Authentication failed with remote CalDAV server', + 401 + ); + } + + logger.logError( + `Failed to push task ${task.uid}: ${error.message}`, + error + ); + throw error; + } + } + + async deleteTaskFromRemote(task, remoteCalendar, calendar, dryRun = false) { + if (dryRun) { + return { + taskId: task.id, + uid: task.uid, + action: 'delete', + dryRun: true, + }; + } + + const password = encryptionService.decrypt( + remoteCalendar.password_encrypted + ); + + const baseUrl = remoteCalendar.server_url.replace(/\/$/, ''); + const calendarPath = remoteCalendar.calendar_path.replace(/^\//, ''); + const taskUrl = `${baseUrl}/${calendarPath}/${task.uid}.ics`; + + try { + await axios({ + method: 'DELETE', + url: taskUrl, + auth: { + username: remoteCalendar.username, + password: password, + }, + timeout: parseInt( + process.env.CALDAV_REQUEST_TIMEOUT || '30000', + 10 + ), + }); + + await SyncStateRepository.deleteByTaskId(task.id); + + logger.logInfo(`Task ${task.uid} successfully deleted from remote`); + + return { + taskId: task.id, + uid: task.uid, + action: 'delete', + }; + } catch (error) { + if (error.response?.status === 404) { + logger.logInfo( + `Task ${task.uid} already deleted from remote, clearing sync state` + ); + await SyncStateRepository.deleteByTaskId(task.id); + return { + taskId: task.id, + uid: task.uid, + action: 'delete', + alreadyDeleted: true, + }; + } + + logger.logError( + `Failed to delete task ${task.uid} from remote: ${error.message}`, + error + ); + throw error; + } + } +} + +module.exports = PushPhase; diff --git a/backend/modules/caldav/sync/sync-engine.js b/backend/modules/caldav/sync/sync-engine.js new file mode 100644 index 0000000..eded708 --- /dev/null +++ b/backend/modules/caldav/sync/sync-engine.js @@ -0,0 +1,208 @@ +const { AppError } = require('../../../shared/errors/AppError'); +const logger = require('../../../services/logService'); +const PullPhase = require('./pull-phase'); +const MergePhase = require('./merge-phase'); +const PushPhase = require('./push-phase'); +const SyncStateRepository = require('../repositories/sync-state-repository'); +const CalendarRepository = require('../repositories/calendar-repository'); + +class SyncEngine { + constructor() { + this.pullPhase = new PullPhase(); + this.mergePhase = new MergePhase(); + this.pushPhase = new PushPhase(); + } + + async syncCalendar(calendarId, userId, options = {}) { + const { + direction = 'bidirectional', + force = false, + dryRun = false, + } = options; + + logger.logInfo( + `Starting sync for calendar ${calendarId}, direction: ${direction}` + ); + + const calendar = await CalendarRepository.findById(calendarId); + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + if (!calendar.enabled && !force) { + logger.logInfo(`Calendar ${calendarId} is disabled, skipping sync`); + return { + success: true, + skipped: true, + reason: 'Calendar disabled', + }; + } + + const syncResult = { + calendarId, + userId, + direction, + dryRun, + startTime: new Date(), + phases: {}, + stats: { + pulled: 0, + pushed: 0, + conflicts: 0, + errors: 0, + }, + }; + + try { + if (direction === 'pull' || direction === 'bidirectional') { + logger.logInfo( + `Starting pull phase for calendar ${calendarId}` + ); + const pullResult = await this.pullPhase.execute( + calendar, + userId, + { dryRun } + ); + syncResult.phases.pull = pullResult; + syncResult.stats.pulled = pullResult.changedTasks?.length || 0; + } + + if (direction === 'pull' || direction === 'bidirectional') { + logger.logInfo( + `Starting merge phase for calendar ${calendarId}` + ); + const mergeResult = await this.mergePhase.execute( + calendar, + syncResult.phases.pull?.changedTasks || [], + { dryRun } + ); + syncResult.phases.merge = mergeResult; + syncResult.stats.conflicts = mergeResult.conflicts?.length || 0; + } + + if (direction === 'push' || direction === 'bidirectional') { + logger.logInfo( + `Starting push phase for calendar ${calendarId}` + ); + const pushResult = await this.pushPhase.execute( + calendar, + userId, + { dryRun } + ); + syncResult.phases.push = pushResult; + syncResult.stats.pushed = pushResult.pushedTasks?.length || 0; + } + + syncResult.success = true; + syncResult.endTime = new Date(); + syncResult.duration = + syncResult.endTime - syncResult.startTime + 'ms'; + + if (!dryRun) { + await CalendarRepository.updateSyncStatus( + calendarId, + 'success', + null + ); + } + + logger.logInfo( + `Sync completed for calendar ${calendarId}: ${syncResult.stats.pulled} pulled, ${syncResult.stats.pushed} pushed, ${syncResult.stats.conflicts} conflicts` + ); + + return syncResult; + } catch (error) { + syncResult.success = false; + syncResult.error = error.message; + syncResult.endTime = new Date(); + + logger.logError( + `Sync failed for calendar ${calendarId}: ${error.message}`, + error + ); + + if (!dryRun) { + await CalendarRepository.updateSyncStatus( + calendarId, + 'error', + error.message + ); + } + + throw error; + } + } + + async syncAllCalendars(userId, options = {}) { + logger.logInfo(`Starting sync for all calendars for user ${userId}`); + + const calendars = await CalendarRepository.findByUserId(userId); + const results = []; + + for (const calendar of calendars) { + if (!calendar.enabled && !options.force) { + logger.logInfo( + `Skipping disabled calendar ${calendar.id} for user ${userId}` + ); + continue; + } + + try { + const result = await this.syncCalendar( + calendar.id, + userId, + options + ); + results.push(result); + } catch (error) { + logger.logError( + `Failed to sync calendar ${calendar.id}: ${error.message}`, + error + ); + results.push({ + calendarId: calendar.id, + success: false, + error: error.message, + }); + } + } + + return { + userId, + totalCalendars: calendars.length, + syncedCalendars: results.filter((r) => r.success).length, + failedCalendars: results.filter((r) => !r.success).length, + results, + }; + } + + async getSyncStatus(calendarId, userId) { + const calendar = await CalendarRepository.findById(calendarId); + if (!calendar) { + throw new AppError('Calendar not found', 404); + } + + if (calendar.user_id !== userId) { + throw new AppError('Unauthorized access to calendar', 403); + } + + const conflicts = await this.mergePhase.getConflicts(calendarId); + + return { + calendarId, + enabled: calendar.enabled, + last_sync_at: calendar.last_sync_at, + last_sync_status: calendar.last_sync_status, + sync_direction: calendar.sync_direction, + sync_interval_minutes: calendar.sync_interval_minutes, + conflicts: conflicts.length, + conflictDetails: conflicts, + }; + } +} + +module.exports = new SyncEngine(); diff --git a/backend/modules/caldav/utils/ctag-generator.js b/backend/modules/caldav/utils/ctag-generator.js new file mode 100644 index 0000000..b4405de --- /dev/null +++ b/backend/modules/caldav/utils/ctag-generator.js @@ -0,0 +1,38 @@ +const crypto = require('crypto'); + +function generateCTag(tasks = []) { + if (!Array.isArray(tasks) || tasks.length === 0) { + const timestamp = Date.now(); + return `"ctag-${timestamp}"`; + } + + const latestUpdate = tasks.reduce((latest, task) => { + const taskTime = new Date(task.updated_at || task.created_at).getTime(); + return Math.max(latest, taskTime); + }, 0); + + const taskIds = tasks + .map((t) => t.id) + .sort() + .join(','); + const hash = crypto + .createHash('md5') + .update(`${latestUpdate}-${taskIds}`) + .digest('hex') + .substring(0, 8); + + return `"ctag-${latestUpdate}-${hash}"`; +} + +function parseCTag(ctagHeader) { + if (!ctagHeader) { + return null; + } + + return ctagHeader.replace(/^["']|["']$/g, ''); +} + +module.exports = { + generateCTag, + parseCTag, +}; diff --git a/backend/modules/caldav/utils/etag-generator.js b/backend/modules/caldav/utils/etag-generator.js new file mode 100644 index 0000000..632384e --- /dev/null +++ b/backend/modules/caldav/utils/etag-generator.js @@ -0,0 +1,52 @@ +const crypto = require('crypto'); + +function generateETag(task) { + if (!task) { + return null; + } + + const content = JSON.stringify({ + id: task.id, + uid: task.uid, + updated_at: task.updated_at, + completed_at: task.completed_at, + status: task.status, + }); + + const hash = crypto.createHash('sha256').update(content).digest('hex'); + + return `"${hash}"`; +} + +function generateCTag() { + const timestamp = Date.now(); + const random = Math.random().toString(36).substring(7); + + return `"${timestamp}-${random}"`; +} + +function parseETag(etagHeader) { + if (!etagHeader) { + return null; + } + + return etagHeader.replace(/^["']|["']$/g, ''); +} + +function matchesETag(etag1, etag2) { + if (!etag1 || !etag2) { + return false; + } + + const clean1 = parseETag(etag1); + const clean2 = parseETag(etag2); + + return clean1 === clean2; +} + +module.exports = { + generateETag, + generateCTag, + parseETag, + matchesETag, +}; diff --git a/backend/modules/caldav/webdav/options.js b/backend/modules/caldav/webdav/options.js new file mode 100644 index 0000000..606608b --- /dev/null +++ b/backend/modules/caldav/webdav/options.js @@ -0,0 +1,5 @@ +const { handleOptions } = require('../protocol/capabilities'); + +module.exports = { + handleOptions, +}; diff --git a/backend/modules/caldav/webdav/propfind.js b/backend/modules/caldav/webdav/propfind.js new file mode 100644 index 0000000..c2e508c --- /dev/null +++ b/backend/modules/caldav/webdav/propfind.js @@ -0,0 +1,153 @@ +const { + parsePropfind, + buildMultistatus, + buildResponse, + buildPropstat, + buildHref, +} = require('./utils'); +const { generateETag } = require('../utils/etag-generator'); +const { generateCTag } = require('../utils/ctag-generator'); +const calendarRepository = require('../repositories/calendar-repository'); +const taskRepository = require('../../tasks/repository'); +const vtodoSerializer = require('../icalendar/vtodo-serializer'); + +async function handlePropfind(req, res) { + try { + const { username } = req.params; + + if (!req.currentUser || req.currentUser.email !== username) { + return res.status(403).json({ error: 'Forbidden' }); + } + + const userId = req.currentUser.id; + const depth = parseInt(req.headers.depth || '0', 10); + + let propfindRequest; + try { + propfindRequest = await parsePropfind( + req.rawBody || + '' + ); + } catch (error) { + console.error('PROPFIND parse error:', error); + return res.status(400).json({ error: 'Invalid PROPFIND request' }); + } + + const isTaskRequest = req.params.uid; + const responses = []; + + if (isTaskRequest) { + const taskUid = req.params.uid.replace('.ics', ''); + const task = await taskRepository.findByUid(taskUid); + + if (!task || task.user_id !== userId) { + return res.status(404).json({ error: 'Task not found' }); + } + + const response = await buildTaskResponse( + task, + username, + propfindRequest + ); + responses.push(response); + } else { + const calendarResponse = await buildCalendarResponse( + username, + userId, + propfindRequest + ); + responses.push(calendarResponse); + + if (depth > 0) { + const tasks = await taskRepository.findByUser(userId); + for (const task of tasks) { + const taskResponse = await buildTaskResponse( + task, + username, + propfindRequest + ); + responses.push(taskResponse); + } + } + } + + const xml = buildMultistatus(responses); + + res.status(207) + .set('Content-Type', 'application/xml; charset=utf-8') + .send(xml); + } catch (error) { + console.error('PROPFIND handler error:', error); + return res.status(500).json({ error: 'Internal server error' }); + } +} + +async function buildCalendarResponse(username, userId, propfindRequest) { + const href = buildHref(username); + const tasks = await taskRepository.findByUser(userId); + const ctag = generateCTag(tasks); + + const props = { + 'D:resourcetype': { + 'D:collection': '', + 'C:calendar': '', + }, + 'D:displayname': 'Tududi Tasks', + 'C:calendar-description': 'Tasks from Tududi', + 'C:supported-calendar-component-set': { + 'C:comp': { + $: { name: 'VTODO' }, + }, + }, + 'D:getcontenttype': 'text/calendar; charset=utf-8', + 'C:getctag': ctag, + 'D:current-user-privilege-set': { + 'D:privilege': [ + { 'D:read': '' }, + { 'D:write': '' }, + { 'D:write-content': '' }, + { 'D:bind': '' }, + { 'D:unbind': '' }, + ], + }, + }; + + const propstat = buildPropstat(props); + return buildResponse(href, propstat); +} + +async function buildTaskResponse(task, username, propfindRequest) { + const href = buildHref(username, task.uid); + const etag = generateETag(task); + + try { + const vtodo = await vtodoSerializer.serializeTaskToVTODO(task); + + const props = { + 'D:resourcetype': '', + 'D:displayname': task.name, + 'D:getcontenttype': 'text/calendar; charset=utf-8; component=VTODO', + 'D:getetag': etag, + 'D:getcontentlength': Buffer.byteLength(vtodo, 'utf8').toString(), + 'D:getlastmodified': new Date(task.updated_at).toUTCString(), + }; + + const propstat = buildPropstat(props); + return buildResponse(href, propstat); + } catch (error) { + console.error(`Error building task response for ${task.uid}:`, error); + const errorProps = { + 'D:resourcetype': '', + 'D:displayname': task.name, + }; + const propstat = buildPropstat( + errorProps, + 'HTTP/1.1 500 Internal Server Error' + ); + return buildResponse(href, propstat); + } +} + +module.exports = { + handlePropfind, +}; diff --git a/backend/modules/caldav/webdav/report.js b/backend/modules/caldav/webdav/report.js new file mode 100644 index 0000000..61980b9 --- /dev/null +++ b/backend/modules/caldav/webdav/report.js @@ -0,0 +1,132 @@ +const { + parseCalendarQuery, + buildMultistatus, + buildResponse, + buildPropstat, + buildHref, +} = require('./utils'); +const { generateETag } = require('../utils/etag-generator'); +const taskRepository = require('../../tasks/repository'); +const vtodoSerializer = require('../icalendar/vtodo-serializer'); +const { Op } = require('sequelize'); + +async function handleReport(req, res) { + try { + const { username } = req.params; + + if (!req.currentUser || req.currentUser.email !== username) { + return res.status(403).json({ error: 'Forbidden' }); + } + + const userId = req.currentUser.id; + + let queryRequest; + try { + queryRequest = await parseCalendarQuery(req.rawBody); + } catch (error) { + console.error('REPORT parse error:', error); + return res + .status(400) + .json({ error: 'Invalid calendar-query request' }); + } + + const where = { user_id: userId }; + + if (queryRequest.filters.timeRange) { + const { start, end } = queryRequest.filters.timeRange; + + const parseICalDate = (dateStr) => { + if (!dateStr) return null; + if (dateStr.length === 16 && dateStr.endsWith('Z')) { + const year = dateStr.substring(0, 4); + const month = dateStr.substring(4, 6); + const day = dateStr.substring(6, 8); + const hour = dateStr.substring(9, 11); + const minute = dateStr.substring(11, 13); + const second = dateStr.substring(13, 15); + return new Date( + `${year}-${month}-${day}T${hour}:${minute}:${second}Z` + ); + } + return new Date(dateStr); + }; + + if (start || end) { + where.due_date = {}; + if (start) { + where.due_date[Op.gte] = parseICalDate(start); + } + if (end) { + where.due_date[Op.lte] = parseICalDate(end); + } + } + } + + if (queryRequest.filters.textMatch) { + const { property, value, caseless } = + queryRequest.filters.textMatch; + + if (property === 'SUMMARY') { + where.name = caseless + ? { [Op.like]: `%${value}%` } + : { [Op.substring]: value }; + } + } + + const tasks = await taskRepository.findAll(where); + + const responses = []; + for (const task of tasks) { + const response = await buildCalendarQueryResponse( + task, + username, + queryRequest + ); + if (response) { + responses.push(response); + } + } + + const xml = buildMultistatus(responses); + + res.status(207) + .set('Content-Type', 'application/xml; charset=utf-8') + .send(xml); + } catch (error) { + console.error('REPORT handler error:', error); + return res.status(500).json({ error: 'Internal server error' }); + } +} + +async function buildCalendarQueryResponse(task, username, queryRequest) { + try { + const href = buildHref(username, task.uid); + const etag = generateETag(task); + + const props = { + 'D:getetag': etag, + }; + + const includeCalendarData = queryRequest.props.some( + (prop) => prop === 'calendar-data' || prop === 'C:calendar-data' + ); + + if (includeCalendarData) { + const vtodo = await vtodoSerializer.serializeTaskToVTODO(task); + props['C:calendar-data'] = vtodo; + } + + const propstat = buildPropstat(props); + return buildResponse(href, propstat); + } catch (error) { + console.error( + `Error building calendar-query response for ${task.uid}:`, + error + ); + return null; + } +} + +module.exports = { + handleReport, +}; diff --git a/backend/modules/caldav/webdav/task-handlers.js b/backend/modules/caldav/webdav/task-handlers.js new file mode 100644 index 0000000..29f2d65 --- /dev/null +++ b/backend/modules/caldav/webdav/task-handlers.js @@ -0,0 +1,154 @@ +const { generateETag } = require('../utils/etag-generator'); +const { matchesETag } = require('../utils/etag-generator'); +const taskRepository = require('../../tasks/repository'); +const vtodoSerializer = require('../icalendar/vtodo-serializer'); +const vtodoParser = require('../icalendar/vtodo-parser'); +const syncStateRepository = require('../repositories/sync-state-repository'); +const { nanoid } = require('nanoid'); + +async function handleGetTask(req, res) { + try { + const { username, uid } = req.params; + + if (!req.currentUser || req.currentUser.email !== username) { + return res.status(403).json({ error: 'Forbidden' }); + } + + const taskUid = uid.replace('.ics', ''); + const task = await taskRepository.findByUid(taskUid); + + if (!task || task.user_id !== req.currentUser.id) { + return res.status(404).send('Not Found'); + } + + const etag = generateETag(task); + const ifNoneMatch = req.headers['if-none-match']; + + if (ifNoneMatch && matchesETag(ifNoneMatch, etag)) { + return res.status(304).end(); + } + + const vtodo = await vtodoSerializer.serializeTaskToVTODO(task); + + res.status(200) + .set({ + 'Content-Type': 'text/calendar; charset=utf-8; component=VTODO', + ETag: etag, + 'Last-Modified': new Date(task.updated_at).toUTCString(), + }) + .send(vtodo); + } catch (error) { + console.error('GET task error:', error); + return res.status(500).send('Internal Server Error'); + } +} + +async function handlePutTask(req, res) { + try { + console.log('[PUT] Handler reached'); + const { username, uid } = req.params; + + if (!req.currentUser || req.currentUser.email !== username) { + console.log('[PUT] Forbidden - user mismatch'); + return res.status(403).json({ error: 'Forbidden' }); + } + + const userId = req.currentUser.id; + const taskUid = uid.replace('.ics', ''); + const vtodoData = req.rawBody; + + console.log('[PUT] rawBody:', !!vtodoData, vtodoData?.length); + + if (!vtodoData) { + console.log('[PUT] No data provided'); + return res.status(400).send('Bad Request: No data provided'); + } + + const existingTask = await taskRepository.findByUid(taskUid); + + if (existingTask && existingTask.user_id !== userId) { + return res.status(403).json({ error: 'Forbidden' }); + } + + const ifMatch = req.headers['if-match']; + if (existingTask && ifMatch) { + const currentEtag = generateETag(existingTask); + if (!matchesETag(ifMatch, currentEtag)) { + return res.status(412).send('Precondition Failed'); + } + } + + let taskData; + try { + taskData = await vtodoParser.parseVTODOToTask(vtodoData); + } catch (error) { + console.error('VTODO parse error:', error); + return res.status(400).send('Bad Request: Invalid VTODO data'); + } + + taskData.uid = taskUid; + taskData.user_id = userId; + + let task; + if (existingTask) { + await existingTask.update(taskData); + task = existingTask; + } else { + task = await taskRepository.create(taskData); + } + + const etag = generateETag(task); + + res.status(existingTask ? 204 : 201) + .set({ + ETag: etag, + 'Last-Modified': new Date(task.updated_at).toUTCString(), + }) + .end(); + } catch (error) { + console.error('PUT task error:', error); + return res.status(500).send('Internal Server Error'); + } +} + +async function handleDeleteTask(req, res) { + try { + const { username, uid } = req.params; + + if (!req.currentUser || req.currentUser.email !== username) { + return res.status(403).json({ error: 'Forbidden' }); + } + + const taskUid = uid.replace('.ics', ''); + const task = await taskRepository.findByUid(taskUid); + + if (!task) { + return res.status(404).send('Not Found'); + } + + if (task.user_id !== req.currentUser.id) { + return res.status(403).json({ error: 'Forbidden' }); + } + + const ifMatch = req.headers['if-match']; + if (ifMatch) { + const currentEtag = generateETag(task); + if (!matchesETag(ifMatch, currentEtag)) { + return res.status(412).send('Precondition Failed'); + } + } + + await taskRepository.delete(task.id, req.currentUser.id); + + res.status(204).end(); + } catch (error) { + console.error('DELETE task error:', error); + return res.status(500).send('Internal Server Error'); + } +} + +module.exports = { + handleGetTask, + handlePutTask, + handleDeleteTask, +}; diff --git a/backend/modules/caldav/webdav/utils.js b/backend/modules/caldav/webdav/utils.js new file mode 100644 index 0000000..c2225df --- /dev/null +++ b/backend/modules/caldav/webdav/utils.js @@ -0,0 +1,212 @@ +const xml2js = require('xml2js'); + +const xmlBuilder = new xml2js.Builder({ + xmldec: { version: '1.0', encoding: 'UTF-8' }, + renderOpts: { pretty: true, indent: ' ' }, +}); + +const xmlParser = new xml2js.Parser({ + explicitArray: false, + explicitRoot: true, + ignoreAttrs: false, + mergeAttrs: true, + xmlns: true, +}); + +function buildMultistatus(responses) { + const multistatus = { + 'D:multistatus': { + $: { + 'xmlns:D': 'DAV:', + 'xmlns:C': 'urn:ietf:params:xml:ns:caldav', + }, + 'D:response': responses, + }, + }; + + return xmlBuilder.buildObject(multistatus); +} + +function buildResponse(href, propstats) { + return { + 'D:href': href, + 'D:propstat': propstats, + }; +} + +function buildPropstat(props, status = 'HTTP/1.1 200 OK') { + return { + 'D:prop': props, + 'D:status': status, + }; +} + +function buildProp(name, value, namespace = 'D') { + return { [`${namespace}:${name}`]: value }; +} + +function buildError(errorType, description) { + return { + 'D:error': { + $: { 'xmlns:D': 'DAV:' }, + [`D:${errorType}`]: description || '', + }, + }; +} + +function parseCalendarQuery(xmlString) { + return new Promise((resolve, reject) => { + xmlParser.parseString(xmlString, (err, result) => { + if (err) { + return reject(err); + } + + try { + const query = + result['C:calendar-query'] || result['calendar-query']; + const filter = query?.['C:filter'] || query?.filter; + const compFilter = + filter?.['C:comp-filter'] || filter?.['comp-filter']; + + const extractValue = (attr) => { + if (!attr) return null; + return typeof attr === 'string' ? attr : attr.value; + }; + + const parsedQuery = { + props: [], + filters: { + componentType: + extractValue(compFilter?.name) || 'VTODO', + timeRange: null, + textMatch: null, + }, + }; + + if (compFilter) { + const timeRange = + compFilter['C:time-range'] || compFilter['time-range']; + if (timeRange) { + parsedQuery.filters.timeRange = { + start: extractValue(timeRange.start), + end: extractValue(timeRange.end), + }; + } + + const propFilter = + compFilter['C:prop-filter'] || + compFilter['prop-filter']; + if (propFilter) { + const textMatch = + propFilter['C:text-match'] || + propFilter['text-match']; + if (textMatch) { + parsedQuery.filters.textMatch = { + property: extractValue(propFilter.name), + value: + typeof textMatch === 'string' + ? textMatch + : textMatch._, + caseless: + extractValue(textMatch['collation']) === + 'i;unicode-casefold', + }; + } + } + } + + const prop = query?.['D:prop'] || query?.prop; + if (prop) { + parsedQuery.props = Object.keys(prop).map((key) => + key.replace(/^[^:]+:/, '') + ); + } + + resolve(parsedQuery); + } catch (parseError) { + reject(parseError); + } + }); + }); +} + +function parsePropfind(xmlString) { + return new Promise((resolve, reject) => { + xmlParser.parseString(xmlString, (err, result) => { + if (err) { + return reject(err); + } + + try { + const propfind = result['D:propfind'] || result.propfind; + + if (propfind['D:allprop'] || propfind.allprop) { + return resolve({ type: 'allprop' }); + } + + if (propfind['D:propname'] || propfind.propname) { + return resolve({ type: 'propname' }); + } + + const prop = propfind['D:prop'] || propfind.prop; + if (prop) { + const requestedProps = Object.keys(prop).map((key) => { + const [namespace, name] = key.split(':').reverse(); + return { + name: name || namespace, + namespace: name ? namespace : 'D', + }; + }); + + return resolve({ type: 'prop', props: requestedProps }); + } + + resolve({ type: 'allprop' }); + } catch (parseError) { + reject(parseError); + } + }); + }); +} + +function buildCalendarData(vtodoString) { + return { + 'C:calendar-data': { + _: vtodoString, + $: { 'xmlns:C': 'urn:ietf:params:xml:ns:caldav' }, + }, + }; +} + +function buildHref(username, taskUid = null) { + const base = `/caldav/${encodeURIComponent(username)}/tasks/`; + return taskUid ? `${base}${encodeURIComponent(taskUid)}.ics` : base; +} + +function escapeXml(unsafe) { + if (typeof unsafe !== 'string') { + return unsafe; + } + + return unsafe + .replace(/&/g, '&') + .replace(//g, '>') + .replace(/"/g, '"') + .replace(/'/g, '''); +} + +module.exports = { + xmlBuilder, + xmlParser, + buildMultistatus, + buildResponse, + buildPropstat, + buildProp, + buildError, + buildCalendarData, + buildHref, + parseCalendarQuery, + parsePropfind, + escapeXml, +}; diff --git a/backend/modules/tasks/attachments.js b/backend/modules/tasks/attachments.js index b2f84f1..ddedcd1 100644 --- a/backend/modules/tasks/attachments.js +++ b/backend/modules/tasks/attachments.js @@ -14,7 +14,10 @@ const { } = require('../../utils/attachment-utils'); const { getAuthenticatedUserId } = require('../../utils/request-utils'); const permissionsService = require('../../services/permissionsService'); -const { createResourceLimiter } = require('../../middleware/rateLimiter'); +const { + createResourceLimiter, + authenticatedApiLimiter, +} = require('../../middleware/rateLimiter'); const router = express.Router(); @@ -259,44 +262,48 @@ router.delete( ); // Download an attachment -router.get('/attachments/:attachmentUid/download', async (req, res) => { - try { - const { attachmentUid } = req.params; - const userId = req.authUserId; +router.get( + '/attachments/:attachmentUid/download', + authenticatedApiLimiter, + async (req, res) => { + try { + const { attachmentUid } = req.params; + const userId = req.authUserId; - // Find attachment - const attachment = await TaskAttachment.findOne({ - where: { uid: attachmentUid }, - include: [{ model: Task, required: true }], - }); + // Find attachment + const attachment = await TaskAttachment.findOne({ + where: { uid: attachmentUid }, + include: [{ model: Task, required: true }], + }); - if (!attachment) { - return res.status(404).json({ error: 'Attachment not found' }); + if (!attachment) { + return res.status(404).json({ error: 'Attachment not found' }); + } + + // Check if user has read access to the task (includes shared projects) + const access = await permissionsService.getAccess( + userId, + 'task', + attachment.Task.uid + ); + const LEVELS = { none: 0, ro: 1, rw: 2, admin: 3 }; + if (LEVELS[access] < LEVELS.ro) { + return res + .status(403) + .json({ error: 'Not authorized to download this file' }); + } + + // Send file + const filePath = path.join(config.uploadPath, attachment.file_path); + res.download(filePath, attachment.original_filename); + } catch (error) { + logError('Error downloading attachment:', error); + res.status(500).json({ + error: 'Failed to download attachment', + details: error.message, + }); } - - // Check if user has read access to the task (includes shared projects) - const access = await permissionsService.getAccess( - userId, - 'task', - attachment.Task.uid - ); - const LEVELS = { none: 0, ro: 1, rw: 2, admin: 3 }; - if (LEVELS[access] < LEVELS.ro) { - return res - .status(403) - .json({ error: 'Not authorized to download this file' }); - } - - // Send file - const filePath = path.join(config.uploadPath, attachment.file_path); - res.download(filePath, attachment.original_filename); - } catch (error) { - logError('Error downloading attachment:', error); - res.status(500).json({ - error: 'Failed to download attachment', - details: error.message, - }); } -}); +); module.exports = router; diff --git a/backend/modules/tasks/recurringTaskService.js b/backend/modules/tasks/recurringTaskService.js index 7aceb5d..fe458ab 100644 --- a/backend/modules/tasks/recurringTaskService.js +++ b/backend/modules/tasks/recurringTaskService.js @@ -120,19 +120,15 @@ const calculateWeeklyRecurrence = (fromDate, interval, weekday, weekdays) => { nextDate.setUTCDate(nextDate.getUTCDate() + daysToNext); } else if (weekday !== null && weekday !== undefined) { const currentWeekday = nextDate.getUTCDay(); - const daysUntilTarget = (weekday - currentWeekday + 7) % 7; + let daysUntilTarget = (weekday - currentWeekday + 7) % 7; - if ( - daysUntilTarget === 0 && - nextDate.getTime() === fromDate.getTime() - ) { - nextDate.setUTCDate(nextDate.getUTCDate() + interval * 7); - } else { - nextDate.setUTCDate(nextDate.getUTCDate() + daysUntilTarget); - if (nextDate <= fromDate) { - nextDate.setUTCDate(nextDate.getUTCDate() + interval * 7); - } + if (daysUntilTarget === 0) { + daysUntilTarget = interval * 7; + } else if (interval > 1 && daysUntilTarget < 7) { + daysUntilTarget += (interval - 1) * 7; } + + nextDate.setUTCDate(nextDate.getUTCDate() + daysUntilTarget); } else { nextDate.setUTCDate(nextDate.getUTCDate() + interval * 7); } diff --git a/backend/tests/helpers/caldav-test-utils.js b/backend/tests/helpers/caldav-test-utils.js new file mode 100644 index 0000000..3d767e6 --- /dev/null +++ b/backend/tests/helpers/caldav-test-utils.js @@ -0,0 +1,39 @@ +const request = require('supertest'); + +function extendSupertestWithCalDAV(Test) { + const originalMethods = ['propfind', 'report']; + + originalMethods.forEach((method) => { + if (!Test.prototype[method]) { + Test.prototype[method] = function (url) { + const req = this.app || this; + return request(req)[method] + ? request(req)[method](url) + : this.get(url).set( + 'X-HTTP-Method-Override', + method.toUpperCase() + ); + }; + } + }); +} + +function propfind(app, url) { + const agent = request(app); + const req = agent.get(url); + req.method = 'PROPFIND'; + return req; +} + +function report(app, url) { + const agent = request(app); + const req = agent.get(url); + req.method = 'REPORT'; + return req; +} + +module.exports = { + extendSupertestWithCalDAV, + propfind, + report, +}; diff --git a/backend/tests/helpers/setup.js b/backend/tests/helpers/setup.js index c721ff2..f27d0e7 100644 --- a/backend/tests/helpers/setup.js +++ b/backend/tests/helpers/setup.js @@ -31,6 +31,10 @@ beforeEach(async () => { 'tasks_tags', 'notes_tags', 'projects_tags', + 'caldav_calendars', + 'caldav_sync_state', + 'caldav_occurrence_overrides', + 'caldav_remote_calendars', ]; await sequelize.query('PRAGMA foreign_keys = OFF'); diff --git a/backend/tests/integration/auth.test.js b/backend/tests/integration/auth.test.js index 76ed618..f1cc056 100644 --- a/backend/tests/integration/auth.test.js +++ b/backend/tests/integration/auth.test.js @@ -140,4 +140,83 @@ describe('Auth Routes', () => { expect(response.body.message).toBe('Logged out successfully'); }); }); + + describe('Password Authentication Disabled', () => { + let originalEnv; + + beforeAll(() => { + originalEnv = process.env.PASSWORD_AUTH_ENABLED; + }); + + afterAll(() => { + if (originalEnv === undefined) { + delete process.env.PASSWORD_AUTH_ENABLED; + } else { + process.env.PASSWORD_AUTH_ENABLED = originalEnv; + } + delete require.cache[require.resolve('../../config/authConfig')]; + }); + + beforeEach(() => { + process.env.PASSWORD_AUTH_ENABLED = 'false'; + delete require.cache[require.resolve('../../config/authConfig')]; + }); + + describe('POST /api/login', () => { + it('should return 403 when password auth is disabled', async () => { + const response = await request(app).post('/api/login').send({ + email: 'test@example.com', + password: 'password123', + }); + + expect(response.status).toBe(403); + expect(response.body.error).toBe( + 'Password login is disabled. Please use SSO to sign in.' + ); + }); + }); + + describe('POST /api/register', () => { + it('should return 403 when password auth is disabled', async () => { + const response = await request(app).post('/api/register').send({ + email: 'newuser@example.com', + password: 'password123', + }); + + expect(response.status).toBe(403); + expect(response.body.error).toBe( + 'Password registration is disabled. Please use SSO to sign in.' + ); + }); + }); + + describe('GET /api/password-auth-status', () => { + it('should return enabled: false when disabled', async () => { + const response = await request(app).get( + '/api/password-auth-status' + ); + + expect(response.status).toBe(200); + expect(response.body).toEqual({ enabled: false }); + }); + }); + }); + + describe('Password Authentication Enabled (Default)', () => { + beforeEach(() => { + delete process.env.PASSWORD_AUTH_ENABLED; + delete require.cache[require.resolve('../../config/authConfig')]; + }); + + describe('GET /api/password-auth-status', () => { + it('should return enabled: true by default', async () => { + const response = await request(app).get( + '/api/password-auth-status' + ); + + expect(response.status).toBe(200); + expect(response.body).toEqual({ enabled: true }); + }); + }); + }); }); diff --git a/backend/tests/integration/caldav-protocol.test.js b/backend/tests/integration/caldav-protocol.test.js new file mode 100644 index 0000000..c3c23ae --- /dev/null +++ b/backend/tests/integration/caldav-protocol.test.js @@ -0,0 +1,522 @@ +const request = require('supertest'); +const app = require('../../app'); +const { sequelize, User, Task, CalDAVCalendar } = require('../../models'); +const bcrypt = require('bcrypt'); +const xml2js = require('xml2js'); +const { propfind, report } = require('../helpers/caldav-test-utils'); + +describe('CalDAV Protocol - Phase 3', () => { + let testUser; + let testCalendar; + let authHeader; + let testTask; + + beforeEach(async () => { + const hashedPassword = await bcrypt.hash('password123', 10); + testUser = await User.create({ + email: 'caldav@test.com', + password_digest: hashedPassword, + verified: true, + }); + + testCalendar = await CalDAVCalendar.create({ + uid: 'test-calendar-uid', + user_id: testUser.id, + name: 'Test Calendar', + description: 'Calendar for testing', + enabled: true, + }); + + authHeader = + 'Basic ' + + Buffer.from('caldav@test.com:password123').toString('base64'); + }); + + afterAll(async () => { + await sequelize.close(); + }); + + describe('Discovery', () => { + test('GET /.well-known/caldav should redirect to /caldav/', async () => { + const response = await request(app) + .get('/.well-known/caldav') + .expect(301); + + expect(response.headers.location).toContain('/caldav/'); + }); + }); + + describe('Authentication', () => { + // eslint-disable-next-line jest/expect-expect + test('should reject requests without authentication', async () => { + await request(app) + .get('/caldav/caldav@test.com/tasks/') + .expect(401); + }); + + // eslint-disable-next-line jest/expect-expect + test('should reject requests with invalid credentials', async () => { + const badAuth = + 'Basic ' + + Buffer.from('caldav@test.com:wrongpass').toString('base64'); + + await request(app) + .get('/caldav/caldav@test.com/tasks/') + .set('Authorization', badAuth) + .expect(401); + }); + + // eslint-disable-next-line jest/expect-expect + test('should accept requests with valid HTTP Basic Auth', async () => { + await request(app) + .get('/caldav/caldav@test.com/tasks/') + .set('Authorization', authHeader) + .expect(207); + }); + + // eslint-disable-next-line jest/expect-expect + test('should reject access to other users calendars', async () => { + const otherUser = await User.create({ + email: 'other@test.com', + password_digest: await bcrypt.hash('password', 10), + verified: true, + }); + + await request(app) + .get(`/caldav/${otherUser.email}/tasks/`) + .set('Authorization', authHeader) + .expect(403); + }); + }); + + describe('OPTIONS', () => { + test('should return DAV capabilities', async () => { + const response = await request(app) + .options('/caldav/caldav@test.com/tasks/') + .set('Authorization', authHeader) + .expect(204); + + expect(response.headers.dav).toContain('calendar-access'); + expect(response.headers.allow).toContain('PROPFIND'); + expect(response.headers.allow).toContain('REPORT'); + expect(response.headers.allow).toContain('GET'); + expect(response.headers.allow).toContain('PUT'); + expect(response.headers.allow).toContain('DELETE'); + }); + }); + + describe('PROPFIND', () => { + beforeEach(async () => { + testTask = await Task.create({ + uid: 'test-task-1', + user_id: testUser.id, + name: 'Test Task', + status: 0, + priority: 1, + }); + }); + + afterEach(async () => { + await Task.destroy({ where: { user_id: testUser.id } }); + }); + + test('PROPFIND on calendar collection (depth 0) should return calendar properties', async () => { + const propfindXml = ` + + + + + + +`; + + const response = await propfind( + app, + '/caldav/caldav@test.com/tasks/' + ) + .set('Authorization', authHeader) + .set('Depth', '0') + .set('Content-Type', 'application/xml') + .send(propfindXml) + .expect(207); + + expect(response.text).toContain('Tududi Tasks'); + expect(response.text).toContain('getctag'); + expect(response.text).toContain('resourcetype'); + }); + + test('PROPFIND on calendar collection (depth 1) should return tasks', async () => { + const propfindXml = ` + + + + + +`; + + const response = await propfind( + app, + '/caldav/caldav@test.com/tasks/' + ) + .set('Authorization', authHeader) + .set('Depth', '1') + .set('Content-Type', 'application/xml') + .send(propfindXml) + .expect(207); + + expect(response.text).toContain('test-task-1.ics'); + expect(response.text).toContain('Test Task'); + }); + + test('PROPFIND on individual task should return task properties', async () => { + const propfindXml = ` + + + + + + +`; + + const response = await propfind( + app, + '/caldav/caldav@test.com/tasks/test-task-1.ics' + ) + .set('Authorization', authHeader) + .set('Depth', '0') + .set('Content-Type', 'application/xml') + .send(propfindXml) + .expect(207); + + expect(response.text).toContain('getetag'); + expect(response.text).toContain('getcontenttype'); + expect(response.text).toContain('getlastmodified'); + }); + }); + + describe('REPORT (calendar-query)', () => { + beforeEach(async () => { + await Task.create({ + uid: 'report-task-1', + user_id: testUser.id, + name: 'Report Test Task', + status: 0, + priority: 1, + due_date: new Date('2026-06-15T10:00:00Z'), + }); + }); + + afterEach(async () => { + await Task.destroy({ where: { user_id: testUser.id } }); + }); + + test('REPORT should filter tasks by time range', async () => { + const reportXml = ` + + + + + + + + + + +`; + + const response = await report(app, '/caldav/caldav@test.com/tasks/') + .set('Authorization', authHeader) + .set('Content-Type', 'application/xml') + .send(reportXml) + .expect(207); + + expect(response.text).toContain('report-task-1.ics'); + expect(response.text).toContain('BEGIN:VCALENDAR'); + expect(response.text).toContain('BEGIN:VTODO'); + }); + + test('REPORT should return only requested properties', async () => { + const reportXml = ` + + + + + + + +`; + + const response = await report(app, '/caldav/caldav@test.com/tasks/') + .set('Authorization', authHeader) + .set('Content-Type', 'application/xml') + .send(reportXml) + .expect(207); + + expect(response.text).toContain('getetag'); + expect(response.text).not.toContain('BEGIN:VCALENDAR'); + }); + }); + + describe('GET Task', () => { + beforeEach(async () => { + testTask = await Task.create({ + uid: 'get-task-1', + user_id: testUser.id, + name: 'Get Task Test', + status: 0, + priority: 1, + }); + }); + + afterEach(async () => { + await Task.destroy({ where: { user_id: testUser.id } }); + }); + + test('GET should return VTODO for existing task', async () => { + const response = await request(app) + .get('/caldav/caldav@test.com/tasks/get-task-1.ics') + .set('Authorization', authHeader) + .expect(200); + + expect(response.text).toContain('BEGIN:VCALENDAR'); + expect(response.text).toContain('BEGIN:VTODO'); + expect(response.text).toContain('UID:get-task-1'); + expect(response.text).toContain('SUMMARY:Get Task Test'); + expect(response.text).toContain('END:VTODO'); + expect(response.text).toContain('END:VCALENDAR'); + expect(response.headers.etag).toBeDefined(); + }); + + // eslint-disable-next-line jest/expect-expect + test('GET should return 404 for non-existent task', async () => { + await request(app) + .get('/caldav/caldav@test.com/tasks/non-existent.ics') + .set('Authorization', authHeader) + .expect(404); + }); + + // eslint-disable-next-line jest/expect-expect + test('GET should support If-None-Match (304 Not Modified)', async () => { + const firstResponse = await request(app) + .get('/caldav/caldav@test.com/tasks/get-task-1.ics') + .set('Authorization', authHeader) + .expect(200); + + const etag = firstResponse.headers.etag; + + await request(app) + .get('/caldav/caldav@test.com/tasks/get-task-1.ics') + .set('Authorization', authHeader) + .set('If-None-Match', etag) + .expect(304); + }); + }); + + describe('PUT Task', () => { + afterEach(async () => { + await Task.destroy({ where: { user_id: testUser.id } }); + }); + + test('PUT should create new task from VTODO', async () => { + const vtodo = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//CalDAV//EN +BEGIN:VTODO +UID:put-task-new +SUMMARY:New Task via PUT +STATUS:NEEDS-ACTION +PRIORITY:5 +END:VTODO +END:VCALENDAR`; + + const response = await request(app) + .put('/caldav/caldav@test.com/tasks/put-task-new.ics') + .set('Authorization', authHeader) + .set('Content-Type', 'text/calendar') + .send(vtodo) + .expect(201); + + expect(response.headers.etag).toBeDefined(); + + const created = await Task.findOne({ + where: { uid: 'put-task-new' }, + }); + expect(created).toBeDefined(); + expect(created.name).toBe('New Task via PUT'); + expect(created.status).toBe(0); + }); + + test('PUT should update existing task', async () => { + const existing = await Task.create({ + uid: 'put-task-update', + user_id: testUser.id, + name: 'Original Name', + status: 0, + }); + + const vtodo = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//CalDAV//EN +BEGIN:VTODO +UID:put-task-update +SUMMARY:Updated Name +STATUS:COMPLETED +END:VTODO +END:VCALENDAR`; + + await request(app) + .put('/caldav/caldav@test.com/tasks/put-task-update.ics') + .set('Authorization', authHeader) + .set('Content-Type', 'text/calendar') + .send(vtodo) + .expect(204); + + await existing.reload(); + expect(existing.name).toBe('Updated Name'); + expect(existing.status).toBe(2); + }); + + // eslint-disable-next-line jest/expect-expect + test('PUT should respect If-Match precondition', async () => { + const existing = await Task.create({ + uid: 'put-task-match', + user_id: testUser.id, + name: 'Test Task', + status: 0, + }); + + const vtodo = `BEGIN:VCALENDAR +VERSION:2.0 +BEGIN:VTODO +UID:put-task-match +SUMMARY:Updated +END:VTODO +END:VCALENDAR`; + + await request(app) + .put('/caldav/caldav@test.com/tasks/put-task-match.ics') + .set('Authorization', authHeader) + .set('If-Match', '"wrong-etag"') + .set('Content-Type', 'text/calendar') + .send(vtodo) + .expect(412); + }); + + // eslint-disable-next-line jest/expect-expect + test('PUT should reject invalid VTODO', async () => { + const invalidVtodo = 'This is not valid iCalendar data'; + + await request(app) + .put('/caldav/caldav@test.com/tasks/invalid.ics') + .set('Authorization', authHeader) + .set('Content-Type', 'text/calendar') + .send(invalidVtodo) + .expect(400); + }); + }); + + describe('DELETE Task', () => { + beforeEach(async () => { + testTask = await Task.create({ + uid: 'delete-task-1', + user_id: testUser.id, + name: 'Task to Delete', + status: 0, + }); + }); + + afterEach(async () => { + await Task.destroy({ where: { user_id: testUser.id } }); + }); + + test('DELETE should remove existing task', async () => { + await request(app) + .delete('/caldav/caldav@test.com/tasks/delete-task-1.ics') + .set('Authorization', authHeader) + .expect(204); + + const deleted = await Task.findOne({ + where: { uid: 'delete-task-1' }, + }); + expect(deleted).toBeNull(); + }); + + // eslint-disable-next-line jest/expect-expect + test('DELETE should return 404 for non-existent task', async () => { + await request(app) + .delete('/caldav/caldav@test.com/tasks/non-existent.ics') + .set('Authorization', authHeader) + .expect(404); + }); + + test('DELETE should respect If-Match precondition', async () => { + await request(app) + .delete('/caldav/caldav@test.com/tasks/delete-task-1.ics') + .set('Authorization', authHeader) + .set('If-Match', '"wrong-etag"') + .expect(412); + + const stillExists = await Task.findOne({ + where: { uid: 'delete-task-1' }, + }); + expect(stillExists).toBeDefined(); + }); + }); + + describe('ETag and CTag', () => { + beforeEach(async () => { + testTask = await Task.create({ + uid: 'etag-task', + user_id: testUser.id, + name: 'ETag Test', + status: 0, + }); + }); + + afterEach(async () => { + await Task.destroy({ where: { user_id: testUser.id } }); + }); + + test('ETag should change when task is updated', async () => { + const response1 = await request(app) + .get('/caldav/caldav@test.com/tasks/etag-task.ics') + .set('Authorization', authHeader) + .expect(200); + + const etag1 = response1.headers.etag; + + await testTask.update({ name: 'Updated Name' }); + + const response2 = await request(app) + .get('/caldav/caldav@test.com/tasks/etag-task.ics') + .set('Authorization', authHeader) + .expect(200); + + const etag2 = response2.headers.etag; + + expect(etag1).not.toBe(etag2); + }); + + test('CTag should be present in calendar PROPFIND', async () => { + const propfindXml = ` + + + + +`; + + const response = await propfind( + app, + '/caldav/caldav@test.com/tasks/' + ) + .set('Authorization', authHeader) + .set('Depth', '0') + .set('Content-Type', 'application/xml') + .send(propfindXml) + .expect(207); + + expect(response.text).toContain('getctag'); + expect(response.text).toContain('ctag-'); + }); + }); +}); diff --git a/backend/tests/integration/caldav-sync-engine.test.js b/backend/tests/integration/caldav-sync-engine.test.js new file mode 100644 index 0000000..bf7f978 --- /dev/null +++ b/backend/tests/integration/caldav-sync-engine.test.js @@ -0,0 +1,593 @@ +const request = require('supertest'); +const bcrypt = require('bcrypt'); +const axios = require('axios'); +const app = require('../../app'); +const { + sequelize, + User, + Task, + CalDAVCalendar, + CalDAVRemoteCalendar, + CalDAVSyncState, +} = require('../../models'); +const syncEngine = require('../../modules/caldav/sync/sync-engine'); +const encryptionService = require('../../modules/caldav/services/encryption-service'); + +jest.mock('axios'); + +describe('CalDAV Sync Engine', () => { + let testUser; + let calendar; + let remoteCalendar; + + beforeAll(async () => { + await sequelize.sync({ force: true }); + }); + + beforeEach(async () => { + testUser = await User.create({ + email: 'synctest@test.com', + password_digest: await bcrypt.hash('password', 10), + verified: true, + }); + + calendar = await CalDAVCalendar.create({ + uid: 'calendar-uid-1', + user_id: testUser.id, + name: 'Test Calendar', + enabled: true, + sync_direction: 'bidirectional', + sync_interval_minutes: 15, + conflict_resolution: 'last_write_wins', + }); + + remoteCalendar = await CalDAVRemoteCalendar.create({ + user_id: testUser.id, + local_calendar_id: calendar.id, + name: 'Remote Test Calendar', + server_url: 'https://caldav.example.com', + calendar_path: '/calendars/test/tasks/', + username: 'testuser', + password_encrypted: encryptionService.encrypt('password123'), + auth_type: 'basic', + enabled: true, + sync_direction: 'bidirectional', + }); + }); + + afterEach(async () => { + await CalDAVSyncState.destroy({ where: {} }); + await CalDAVRemoteCalendar.destroy({ where: {} }); + await CalDAVCalendar.destroy({ where: {} }); + await Task.destroy({ where: {} }); + await User.destroy({ where: {} }); + jest.clearAllMocks(); + }); + + afterAll(async () => { + await sequelize.close(); + }); + + describe('Pull Phase', () => { + test('should fetch and create new tasks from remote', async () => { + const mockReportResponse = ` + + + /calendars/test/tasks/task-1.ics + + + "etag-task-1" + BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:remote-task-1 +SUMMARY:Remote Task +STATUS:NEEDS-ACTION +PRIORITY:5 +END:VTODO +END:VCALENDAR + + HTTP/1.1 200 OK + + + new-sync-token-123 +`; + + axios.mockResolvedValue({ + status: 207, + data: mockReportResponse, + headers: {}, + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'pull' } + ); + + expect(result.success).toBe(true); + expect(result.stats.pulled).toBeGreaterThan(0); + + const createdTask = await Task.findOne({ + where: { uid: 'remote-task-1' }, + }); + expect(createdTask).toBeTruthy(); + expect(createdTask.name).toBe('Remote Task'); + }); + + test('should detect deleted tasks from remote', async () => { + const localTask = await Task.create({ + uid: 'task-to-delete', + user_id: testUser.id, + name: 'Task to Delete', + status: 0, + }); + + await CalDAVSyncState.create({ + task_id: localTask.id, + calendar_id: calendar.id, + etag: 'old-etag', + last_modified: new Date(), + last_synced_at: new Date(), + sync_status: 'synced', + }); + + const mockReportResponse = ` + + + /calendars/test/tasks/task-to-delete.ics + HTTP/1.1 404 Not Found + +`; + + axios.mockResolvedValue({ + status: 207, + data: mockReportResponse, + headers: {}, + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'pull' } + ); + + expect(result.success).toBe(true); + + const deletedTask = await Task.findOne({ + where: { uid: 'task-to-delete' }, + }); + expect(deletedTask).toBeNull(); + }); + + test('should handle authentication failure', async () => { + axios.mockRejectedValue({ + response: { status: 401 }, + message: 'Unauthorized', + }); + + await expect( + syncEngine.syncCalendar(calendar.id, testUser.id, { + direction: 'pull', + }) + ).rejects.toThrow(); + }); + }); + + describe('Merge Phase', () => { + test('should update task from remote when only remote modified', async () => { + const task = await Task.create({ + uid: 'test-task', + user_id: testUser.id, + name: 'Original Name', + status: 0, + }); + + const pastTime = new Date(Date.now() - 10000); + await CalDAVSyncState.create({ + task_id: task.id, + calendar_id: calendar.id, + etag: 'old-etag', + last_modified: pastTime, + last_synced_at: pastTime, + sync_status: 'synced', + }); + + const mockReportResponse = ` + + + /calendars/test/tasks/test-task.ics + + + "new-etag" + BEGIN:VCALENDAR +VERSION:2.0 +BEGIN:VTODO +UID:test-task +SUMMARY:Updated Name from Remote +STATUS:IN-PROCESS +END:VTODO +END:VCALENDAR + + HTTP/1.1 200 OK + + +`; + + axios.mockResolvedValue({ + status: 207, + data: mockReportResponse, + headers: {}, + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'pull' } + ); + + expect(result.success).toBe(true); + + await task.reload(); + expect(task.name).toBe('Updated Name from Remote'); + expect(task.status).toBe(1); + }); + + test('should detect conflict when both local and remote modified', async () => { + const task = await Task.create({ + uid: 'conflict-task', + user_id: testUser.id, + name: 'Original Name', + status: 0, + }); + + const pastTime = new Date(Date.now() - 10000); + await CalDAVSyncState.create({ + task_id: task.id, + calendar_id: calendar.id, + etag: 'old-etag', + last_modified: pastTime, + last_synced_at: pastTime, + sync_status: 'synced', + }); + + await task.update({ name: 'Local Update' }); + + const mockReportResponse = ` + + + /calendars/test/tasks/conflict-task.ics + + + "new-etag" + BEGIN:VCALENDAR +VERSION:2.0 +BEGIN:VTODO +UID:conflict-task +SUMMARY:Remote Update +STATUS:IN-PROCESS +END:VTODO +END:VCALENDAR + + HTTP/1.1 200 OK + + +`; + + axios.mockResolvedValue({ + status: 207, + data: mockReportResponse, + headers: {}, + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'pull' } + ); + + expect(result.success).toBe(true); + }); + }); + + describe('Push Phase', () => { + test('should push new local task to remote', async () => { + const task = await Task.create({ + uid: 'new-local-task', + user_id: testUser.id, + name: 'New Local Task', + status: 0, + }); + + axios.mockResolvedValue({ + status: 201, + headers: { + etag: '"new-task-etag"', + }, + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'push' } + ); + + expect(result.success).toBe(true); + expect(result.stats.pushed).toBeGreaterThan(0); + expect(axios).toHaveBeenCalledWith( + expect.objectContaining({ + method: 'PUT', + url: expect.stringContaining('new-local-task.ics'), + }) + ); + }); + + test('should push modified local task to remote', async () => { + const task = await Task.create({ + uid: 'modified-task', + user_id: testUser.id, + name: 'Modified Task', + status: 1, + }); + + const pastTime = new Date(Date.now() - 10000); + await CalDAVSyncState.create({ + task_id: task.id, + calendar_id: calendar.id, + etag: 'old-etag', + last_modified: pastTime, + last_synced_at: pastTime, + sync_status: 'synced', + }); + + await task.update({ name: 'Updated Locally' }); + + axios.mockResolvedValue({ + status: 204, + headers: { + etag: '"updated-etag"', + }, + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'push' } + ); + + expect(result.success).toBe(true); + expect(result.stats.pushed).toBeGreaterThan(0); + }); + + test('should detect conflict on push with precondition failed', async () => { + const task = await Task.create({ + uid: 'push-conflict-task', + user_id: testUser.id, + name: 'Task', + status: 0, + }); + + await CalDAVSyncState.create({ + task_id: task.id, + calendar_id: calendar.id, + etag: 'etag-1', + last_modified: new Date(), + last_synced_at: new Date(), + sync_status: 'synced', + }); + + await task.update({ name: 'Local Update' }); + + axios.mockRejectedValue({ + response: { status: 412 }, + message: 'Precondition Failed', + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'push' } + ); + + expect(result.success).toBe(true); + expect(result.phases.push.errors.length).toBeGreaterThan(0); + }); + }); + + describe('Bidirectional Sync', () => { + test('should complete full bidirectional sync', async () => { + const localTask = await Task.create({ + uid: 'local-task', + user_id: testUser.id, + name: 'Local Task', + status: 0, + }); + + const mockReportResponse = ` + + + /calendars/test/tasks/remote-task.ics + + + "remote-etag" + BEGIN:VCALENDAR +VERSION:2.0 +BEGIN:VTODO +UID:remote-task +SUMMARY:Remote Task +STATUS:NEEDS-ACTION +END:VTODO +END:VCALENDAR + + HTTP/1.1 200 OK + + +`; + + axios.mockImplementation((config) => { + if (config.method === 'REPORT') { + return Promise.resolve({ + status: 207, + data: mockReportResponse, + headers: {}, + }); + } else if (config.method === 'PUT') { + return Promise.resolve({ + status: 201, + headers: { etag: '"new-etag"' }, + }); + } + return Promise.reject(new Error('Unexpected request')); + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'bidirectional' } + ); + + expect(result.success).toBe(true); + expect(result.stats.pulled).toBeGreaterThan(0); + expect(result.stats.pushed).toBeGreaterThan(0); + + const remoteTaskLocal = await Task.findOne({ + where: { uid: 'remote-task' }, + }); + expect(remoteTaskLocal).toBeTruthy(); + }); + }); + + describe('Dry Run Mode', () => { + test('should not apply changes in dry run mode', async () => { + const mockReportResponse = ` + + + /calendars/test/tasks/dry-run-task.ics + + + "dry-run-etag" + BEGIN:VCALENDAR +VERSION:2.0 +BEGIN:VTODO +UID:dry-run-task +SUMMARY:Dry Run Task +STATUS:NEEDS-ACTION +END:VTODO +END:VCALENDAR + + HTTP/1.1 200 OK + + +`; + + axios.mockResolvedValue({ + status: 207, + data: mockReportResponse, + headers: {}, + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'pull', dryRun: true } + ); + + expect(result.success).toBe(true); + expect(result.dryRun).toBe(true); + + const task = await Task.findOne({ where: { uid: 'dry-run-task' } }); + expect(task).toBeNull(); + }); + }); + + describe('Sync Status', () => { + test('should update calendar sync status on success', async () => { + axios.mockResolvedValue({ + status: 207, + data: '', + headers: {}, + }); + + await syncEngine.syncCalendar(calendar.id, testUser.id); + + await calendar.reload(); + expect(calendar.last_sync_at).toBeTruthy(); + expect(calendar.last_sync_status).toBe('success'); + }); + + test('should update calendar sync status on error', async () => { + axios.mockRejectedValue(new Error('Network error')); + + await expect( + syncEngine.syncCalendar(calendar.id, testUser.id) + ).rejects.toThrow(); + + await calendar.reload(); + expect(calendar.last_sync_status).toBe('error'); + }); + }); + + describe('Conflict Resolution Strategies', () => { + test('should use local_wins strategy', async () => { + await calendar.update({ conflict_resolution: 'local_wins' }); + + const task = await Task.create({ + uid: 'strategy-test-task', + user_id: testUser.id, + name: 'Local Version', + status: 1, + }); + + const pastTime = new Date(Date.now() - 10000); + await CalDAVSyncState.create({ + task_id: task.id, + calendar_id: calendar.id, + etag: 'old-etag', + last_modified: pastTime, + last_synced_at: pastTime, + sync_status: 'synced', + }); + + await task.update({ name: 'Updated Local Version' }); + + const mockReportResponse = ` + + + /calendars/test/tasks/strategy-test-task.ics + + + "new-etag" + BEGIN:VCALENDAR +VERSION:2.0 +BEGIN:VTODO +UID:strategy-test-task +SUMMARY:Remote Version +STATUS:COMPLETED +END:VTODO +END:VCALENDAR + + HTTP/1.1 200 OK + + +`; + + axios.mockResolvedValue({ + status: 207, + data: mockReportResponse, + headers: {}, + }); + + const result = await syncEngine.syncCalendar( + calendar.id, + testUser.id, + { direction: 'pull' } + ); + + expect(result.success).toBe(true); + + await task.reload(); + expect(task.name).toBe('Updated Local Version'); + }); + }); +}); diff --git a/backend/tests/integration/caldav-timezones.test.js b/backend/tests/integration/caldav-timezones.test.js new file mode 100644 index 0000000..42c3300 --- /dev/null +++ b/backend/tests/integration/caldav-timezones.test.js @@ -0,0 +1,393 @@ +const ICAL = require('ical.js'); +const vTodoSerializer = require('../../modules/caldav/icalendar/vtodo-serializer'); +const vTodoParser = require('../../modules/caldav/icalendar/vtodo-parser'); + +describe('CalDAV Timezone Handling', () => { + describe('UTC DateTime Conversion', () => { + it('should correctly convert local dates to UTC', async () => { + const task = { + uid: 'tz-test-1', + name: 'Timezone Test', + due_date: '2026-04-20T14:00:00.000Z', + defer_until: '2026-04-20T10:00:00.000Z', + status: 0, + }; + + const vtodo = vTodoSerializer.serializeTaskToVTODO(task); + const jcalData = ICAL.parse(vtodo); + const comp = new ICAL.Component(jcalData); + const vtodoComp = comp.getFirstSubcomponent('vtodo'); + + const due = vtodoComp.getFirstPropertyValue('due'); + expect(due.toICALString()).toBe('20260420T140000Z'); + + const dtstart = vtodoComp.getFirstPropertyValue('dtstart'); + expect(dtstart.toICALString()).toBe('20260420T100000Z'); + }); + + it('should parse UTC dates from VTODO', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:tz-test-2 +SUMMARY:Timezone Parse Test +DUE:20260420T140000Z +DTSTART:20260420T100000Z +STATUS:NEEDS-ACTION +CREATED:20260420T080000Z +DTSTAMP:20260420T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + + expect(task.due_date).toBeTruthy(); + const dueDate = new Date(task.due_date); + expect(dueDate.getUTCHours()).toBe(14); + expect(dueDate.getUTCMinutes()).toBe(0); + + expect(task.defer_until).toBeTruthy(); + const deferDate = new Date(task.defer_until); + expect(deferDate.getUTCHours()).toBe(10); + expect(deferDate.getUTCMinutes()).toBe(0); + }); + }); + + describe('DATE-only (no time) Handling', () => { + it('should handle DATE values without time component', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:date-only-test +SUMMARY:Date Only Test +DUE;VALUE=DATE:20260420 +STATUS:NEEDS-ACTION +CREATED:20260420T080000Z +DTSTAMP:20260420T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + + expect(task.due_date).toBeTruthy(); + const dueDate = new Date(task.due_date); + expect(dueDate.getUTCDate()).toBe(20); + expect(dueDate.getUTCMonth()).toBe(3); + expect(dueDate.getUTCFullYear()).toBe(2026); + }); + + it('should serialize date-only tasks correctly', async () => { + const task = { + uid: 'date-only-serialize', + name: 'Date Only Serialize', + due_date: '2026-04-20T00:00:00.000Z', + status: 0, + }; + + const vtodo = vTodoSerializer.serializeTaskToVTODO(task); + const jcalData = ICAL.parse(vtodo); + const comp = new ICAL.Component(jcalData); + const vtodoComp = comp.getFirstSubcomponent('vtodo'); + + const due = vtodoComp.getFirstPropertyValue('due'); + expect(due).toBeTruthy(); + }); + }); + + describe('Timezone VTIMEZONE Handling', () => { + it('should handle VTODO with VTIMEZONE component', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTIMEZONE +TZID:America/New_York +BEGIN:STANDARD +DTSTART:20251102T020000 +TZOFFSETFROM:-0400 +TZOFFSETTO:-0500 +RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU +END:STANDARD +BEGIN:DAYLIGHT +DTSTART:20260308T020000 +TZOFFSETFROM:-0500 +TZOFFSETTO:-0400 +RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU +END:DAYLIGHT +END:VTIMEZONE +BEGIN:VTODO +UID:vtimezone-test +SUMMARY:Timezone Component Test +DUE;TZID=America/New_York:20260420T100000 +STATUS:NEEDS-ACTION +CREATED:20260420T080000Z +DTSTAMP:20260420T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + + expect(task.due_date).toBeTruthy(); + const dueDate = new Date(task.due_date); + expect(dueDate.getUTCHours()).toBe(14); + }); + }); + + describe('Recurring Tasks Timezone', () => { + it('should preserve timezone in recurring task instances', async () => { + const task = { + uid: 'recurring-tz-test', + name: 'Recurring Timezone Test', + due_date: '2026-04-20T14:00:00.000Z', + status: 0, + recurrence_type: 'daily', + recurrence_interval: 1, + recurrence_count: 5, + }; + + const vtodo = vTodoSerializer.serializeTaskToVTODO(task); + const jcalData = ICAL.parse(vtodo); + const comp = new ICAL.Component(jcalData); + const vtodoComp = comp.getFirstSubcomponent('vtodo'); + + const due = vtodoComp.getFirstPropertyValue('due'); + expect(due.toICALString()).toBe('20260420T140000Z'); + + const rrule = vtodoComp.getFirstPropertyValue('rrule'); + expect(rrule.freq).toBe('DAILY'); + expect(rrule.count).toBe(5); + }); + + it('should handle RECURRENCE-ID with timezones', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:recurring-tz-parent +SUMMARY:Recurring Parent +DUE:20260420T140000Z +RRULE:FREQ=DAILY;COUNT=5 +STATUS:NEEDS-ACTION +CREATED:20260420T080000Z +DTSTAMP:20260420T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + + expect(task.recurrence_type).toBe('daily'); + expect(task.recurrence_count).toBe(5); + expect(task.due_date).toBeTruthy(); + }); + + it('should parse modified instance with RECURRENCE-ID', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:recurring-tz-parent +SUMMARY:Modified Instance +RECURRENCE-ID:20260421T140000Z +DUE:20260421T160000Z +STATUS:COMPLETED +COMPLETED:20260421T150000Z +CREATED:20260420T080000Z +DTSTAMP:20260421T150000Z +END:VTODO +END:VCALENDAR`; + + const override = + await vTodoParser.parseRecurrenceOverride(vtodoString); + + expect(override).toBeTruthy(); + expect(override.recurrence_id).toBeTruthy(); + const recurrenceDate = new Date(override.recurrence_id); + expect(recurrenceDate.getUTCHours()).toBe(14); + }); + }); + + describe('Daylight Saving Time Transitions', () => { + it('should handle spring forward DST transition', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:dst-spring-test +SUMMARY:DST Spring Test +DUE:20260308T020000Z +STATUS:NEEDS-ACTION +CREATED:20260301T080000Z +DTSTAMP:20260301T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + expect(task.due_date).toBeTruthy(); + expect(new Date(task.due_date).toISOString()).toBe( + '2026-03-08T02:00:00.000Z' + ); + }); + + it('should handle fall back DST transition', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:dst-fall-test +SUMMARY:DST Fall Test +DUE:20261101T020000Z +STATUS:NEEDS-ACTION +CREATED:20261001T080000Z +DTSTAMP:20261001T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + expect(task.due_date).toBeTruthy(); + expect(new Date(task.due_date).toISOString()).toBe( + '2026-11-01T02:00:00.000Z' + ); + }); + }); + + describe('Edge Cases', () => { + it('should handle missing timezone information gracefully', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:no-tz-test +SUMMARY:No Timezone Test +DUE:20260420T140000 +STATUS:NEEDS-ACTION +CREATED:20260420T080000Z +DTSTAMP:20260420T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + expect(task.due_date).toBeTruthy(); + }); + + it('should handle invalid timezone gracefully', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:invalid-tz-test +SUMMARY:Invalid Timezone Test +DUE;TZID=Invalid/Timezone:20260420T140000 +STATUS:NEEDS-ACTION +CREATED:20260420T080000Z +DTSTAMP:20260420T080000Z +END:VTODO +END:VCALENDAR`; + + expect(() => { + vTodoParser.parseVTODOToTask(vtodoString); + }).not.toThrow(); + }); + + it('should round-trip preserve UTC timestamps', async () => { + const originalTask = { + uid: 'roundtrip-tz-test', + name: 'Roundtrip Timezone Test', + due_date: '2026-04-20T14:30:45.000Z', + status: 0, + }; + + const vtodo = vTodoSerializer.serializeTaskToVTODO(originalTask); + const parsedTask = await vTodoParser.parseVTODOToTask(vtodo); + + expect(new Date(parsedTask.due_date).getTime()).toBe( + new Date(originalTask.due_date).getTime() + ); + }); + + it('should handle leap year dates correctly', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:leap-year-test +SUMMARY:Leap Year Test +DUE:20240229T140000Z +STATUS:NEEDS-ACTION +CREATED:20240101T080000Z +DTSTAMP:20240101T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + expect(task.due_date).toBeTruthy(); + const dueDate = new Date(task.due_date); + expect(dueDate.getUTCDate()).toBe(29); + expect(dueDate.getUTCMonth()).toBe(1); + expect(dueDate.getUTCFullYear()).toBe(2024); + }); + + it('should handle year boundary correctly', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:year-boundary-test +SUMMARY:Year Boundary Test +DUE:20261231T235959Z +STATUS:NEEDS-ACTION +CREATED:20261201T080000Z +DTSTAMP:20261201T080000Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + expect(task.due_date).toBeTruthy(); + const dueDate = new Date(task.due_date); + expect(dueDate.getUTCHours()).toBe(23); + expect(dueDate.getUTCMinutes()).toBe(59); + expect(dueDate.getUTCSeconds()).toBe(59); + }); + }); + + describe('COMPLETED timestamp handling', () => { + it('should preserve completion timestamp timezone', async () => { + const vtodoString = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//EN +BEGIN:VTODO +UID:completed-tz-test +SUMMARY:Completed Timezone Test +STATUS:COMPLETED +COMPLETED:20260420T143045Z +CREATED:20260420T080000Z +DTSTAMP:20260420T143045Z +END:VTODO +END:VCALENDAR`; + + const task = await vTodoParser.parseVTODOToTask(vtodoString); + expect(task.completed_at).toBeTruthy(); + const completedDate = new Date(task.completed_at); + expect(completedDate.getUTCHours()).toBe(14); + expect(completedDate.getUTCMinutes()).toBe(30); + expect(completedDate.getUTCSeconds()).toBe(45); + }); + + it('should serialize completion timestamp to UTC', async () => { + const task = { + uid: 'completed-serialize-tz', + name: 'Completed Serialize Test', + status: 2, + completed_at: '2026-04-20T14:30:45.000Z', + }; + + const vtodo = vTodoSerializer.serializeTaskToVTODO(task); + const jcalData = ICAL.parse(vtodo); + const comp = new ICAL.Component(jcalData); + const vtodoComp = comp.getFirstSubcomponent('vtodo'); + + const completed = vtodoComp.getFirstPropertyValue('completed'); + expect(completed.toICALString()).toBe('20260420T143045Z'); + }); + }); +}); diff --git a/backend/tests/integration/tasks-metrics.test.js b/backend/tests/integration/tasks-metrics.test.js index 7d1d7a1..64bdbed 100644 --- a/backend/tests/integration/tasks-metrics.test.js +++ b/backend/tests/integration/tasks-metrics.test.js @@ -167,7 +167,7 @@ describe('Task Metrics Overdue and Due Today Tasks', () => { it('excludes due today tasks with active status from tasks_due_today (they show in Planned)', async () => { const today = new Date(); - today.setHours(12, 0, 0, 0); + today.setUTCHours(12, 0, 0, 0); // Create a task due today with PLANNED status (shows in Planned section) await createTask({ diff --git a/backend/tests/unit/modules/caldav/icalendar/field-mappings.test.js b/backend/tests/unit/modules/caldav/icalendar/field-mappings.test.js new file mode 100644 index 0000000..9d5eddc --- /dev/null +++ b/backend/tests/unit/modules/caldav/icalendar/field-mappings.test.js @@ -0,0 +1,112 @@ +const { + STATUS_TUDUDI_TO_ICAL, + STATUS_ICAL_TO_TUDUDI, + tududiToIcalPriority, + icalToTududiPriority, + WEEKDAY_MAP, + WEEKDAY_REVERSE_MAP, +} = require('../../../../../modules/caldav/icalendar/field-mappings'); + +describe('CalDAV Field Mappings', () => { + describe('Status Mappings', () => { + it('should map tududi statuses to iCalendar statuses', () => { + expect(STATUS_TUDUDI_TO_ICAL[0]).toBe('NEEDS-ACTION'); + expect(STATUS_TUDUDI_TO_ICAL[1]).toBe('IN-PROCESS'); + expect(STATUS_TUDUDI_TO_ICAL[2]).toBe('COMPLETED'); + expect(STATUS_TUDUDI_TO_ICAL[3]).toBe('COMPLETED'); + expect(STATUS_TUDUDI_TO_ICAL[4]).toBe('NEEDS-ACTION'); + expect(STATUS_TUDUDI_TO_ICAL[5]).toBe('CANCELLED'); + expect(STATUS_TUDUDI_TO_ICAL[6]).toBe('NEEDS-ACTION'); + }); + + it('should map iCalendar statuses to tududi statuses', () => { + expect(STATUS_ICAL_TO_TUDUDI['NEEDS-ACTION']).toBe(0); + expect(STATUS_ICAL_TO_TUDUDI['IN-PROCESS']).toBe(1); + expect(STATUS_ICAL_TO_TUDUDI['COMPLETED']).toBe(2); + expect(STATUS_ICAL_TO_TUDUDI['CANCELLED']).toBe(5); + }); + }); + + describe('Priority Mappings', () => { + describe('tududiToIcalPriority', () => { + it('should map tududi Low (0) to iCal 7', () => { + expect(tududiToIcalPriority(0)).toBe(7); + }); + + it('should map tududi Medium (1) to iCal 5', () => { + expect(tududiToIcalPriority(1)).toBe(5); + }); + + it('should map tududi High (2) to iCal 3', () => { + expect(tududiToIcalPriority(2)).toBe(3); + }); + + it('should return 0 for null priority', () => { + expect(tududiToIcalPriority(null)).toBe(0); + expect(tududiToIcalPriority(undefined)).toBe(0); + }); + }); + + describe('icalToTududiPriority', () => { + it('should map iCal 1-3 to High (2)', () => { + expect(icalToTududiPriority(1)).toBe(2); + expect(icalToTududiPriority(2)).toBe(2); + expect(icalToTududiPriority(3)).toBe(2); + }); + + it('should map iCal 4-6 to Medium (1)', () => { + expect(icalToTududiPriority(4)).toBe(1); + expect(icalToTududiPriority(5)).toBe(1); + expect(icalToTududiPriority(6)).toBe(1); + }); + + it('should map iCal 7-9 to Low (0)', () => { + expect(icalToTududiPriority(7)).toBe(0); + expect(icalToTududiPriority(8)).toBe(0); + expect(icalToTududiPriority(9)).toBe(0); + }); + + it('should return 0 for undefined/null/0 priority', () => { + expect(icalToTududiPriority(null)).toBe(0); + expect(icalToTududiPriority(undefined)).toBe(0); + expect(icalToTududiPriority(0)).toBe(0); + }); + }); + + it('should maintain inverse relationship', () => { + expect(icalToTududiPriority(tududiToIcalPriority(0))).toBe(0); + expect(icalToTududiPriority(tududiToIcalPriority(1))).toBe(1); + expect(icalToTududiPriority(tududiToIcalPriority(2))).toBe(2); + }); + }); + + describe('Weekday Mappings', () => { + it('should map tududi weekdays to iCalendar weekdays', () => { + expect(WEEKDAY_MAP[0]).toBe('SU'); + expect(WEEKDAY_MAP[1]).toBe('MO'); + expect(WEEKDAY_MAP[2]).toBe('TU'); + expect(WEEKDAY_MAP[3]).toBe('WE'); + expect(WEEKDAY_MAP[4]).toBe('TH'); + expect(WEEKDAY_MAP[5]).toBe('FR'); + expect(WEEKDAY_MAP[6]).toBe('SA'); + }); + + it('should map iCalendar weekdays to tududi weekdays', () => { + expect(WEEKDAY_REVERSE_MAP['SU']).toBe(0); + expect(WEEKDAY_REVERSE_MAP['MO']).toBe(1); + expect(WEEKDAY_REVERSE_MAP['TU']).toBe(2); + expect(WEEKDAY_REVERSE_MAP['WE']).toBe(3); + expect(WEEKDAY_REVERSE_MAP['TH']).toBe(4); + expect(WEEKDAY_REVERSE_MAP['FR']).toBe(5); + expect(WEEKDAY_REVERSE_MAP['SA']).toBe(6); + }); + + it('should maintain reverse relationship', () => { + Object.keys(WEEKDAY_MAP).forEach((key) => { + const icalDay = WEEKDAY_MAP[key]; + const tududiDay = WEEKDAY_REVERSE_MAP[icalDay]; + expect(tududiDay).toBe(parseInt(key, 10)); + }); + }); + }); +}); diff --git a/backend/tests/unit/modules/caldav/icalendar/round-trip.test.js b/backend/tests/unit/modules/caldav/icalendar/round-trip.test.js new file mode 100644 index 0000000..f561835 --- /dev/null +++ b/backend/tests/unit/modules/caldav/icalendar/round-trip.test.js @@ -0,0 +1,189 @@ +const { + serializeTaskToVTODO, +} = require('../../../../../modules/caldav/icalendar/vtodo-serializer'); +const { + parseVTODOToTask, +} = require('../../../../../modules/caldav/icalendar/vtodo-parser'); + +describe('CalDAV Round-Trip Conversion', () => { + it('should preserve basic task data through round-trip', async () => { + const originalTask = { + uid: 'round-trip-test', + name: 'Test Round Trip', + status: 1, + priority: 2, + note: 'Testing round-trip conversion', + due_date: new Date('2026-06-01T15:00:00Z'), + defer_until: new Date('2026-05-25T09:00:00Z'), + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-14T12:00:00Z'), + }; + + const vtodoString = await serializeTaskToVTODO(originalTask); + const parsedTask = await parseVTODOToTask(vtodoString); + + expect(parsedTask.uid).toBe(originalTask.uid); + expect(parsedTask.name).toBe(originalTask.name); + expect(parsedTask.status).toBe(originalTask.status); + expect(parsedTask.priority).toBe(originalTask.priority); + expect(parsedTask.note).toBe(originalTask.note); + expect(parsedTask.due_date.getTime()).toBe( + originalTask.due_date.getTime() + ); + expect(parsedTask.defer_until.getTime()).toBe( + originalTask.defer_until.getTime() + ); + }); + + it('should preserve completed task data', async () => { + const completedTask = { + uid: 'completed-task', + name: 'Completed Task', + status: 2, + priority: 1, + completed_at: new Date('2026-04-15T10:30:00Z'), + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-15T10:30:00Z'), + }; + + const vtodoString = await serializeTaskToVTODO(completedTask); + const parsedTask = await parseVTODOToTask(vtodoString); + + expect(parsedTask.status).toBe(2); + expect(parsedTask.completed_at.getTime()).toBe( + completedTask.completed_at.getTime() + ); + }); + + it('should preserve recurring task data', async () => { + const recurringTask = { + uid: 'recurring-task', + name: 'Weekly Meeting', + status: 0, + priority: 1, + recurrence_type: 'weekly', + recurrence_interval: 1, + recurrence_weekdays: [1, 3, 5], + recurrence_end_date: new Date('2026-12-31T12:00:00Z'), + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-14T12:00:00Z'), + }; + + const vtodoString = await serializeTaskToVTODO(recurringTask); + const parsedTask = await parseVTODOToTask(vtodoString); + + expect(parsedTask.recurrence_type).toBe('weekly'); + expect(parsedTask.recurrence_interval).toBe(1); + expect(parsedTask.recurrence_weekdays).toEqual([1, 3, 5]); + expect(parsedTask.recurrence_end_date).toBeDefined(); + expect(parsedTask.recurrence_end_date.getFullYear()).toBe(2026); + }); + + it('should preserve monthly recurrence patterns', async () => { + const monthlyTask = { + uid: 'monthly-task', + name: 'Monthly Report', + status: 0, + recurrence_type: 'monthly', + recurrence_interval: 1, + recurrence_month_day: 15, + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-14T12:00:00Z'), + }; + + const vtodoString = await serializeTaskToVTODO(monthlyTask); + const parsedTask = await parseVTODOToTask(vtodoString); + + expect(parsedTask.recurrence_type).toBe('monthly'); + expect(parsedTask.recurrence_month_day).toBe(15); + }); + + it('should preserve monthly weekday recurrence', async () => { + const monthlyWeekdayTask = { + uid: 'monthly-weekday-task', + name: 'Second Thursday Meeting', + status: 0, + recurrence_type: 'monthly_weekday', + recurrence_interval: 1, + recurrence_week_of_month: 2, + recurrence_weekday: 4, + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-14T12:00:00Z'), + }; + + const vtodoString = await serializeTaskToVTODO(monthlyWeekdayTask); + const parsedTask = await parseVTODOToTask(vtodoString); + + expect(parsedTask.recurrence_type).toBe('monthly_weekday'); + expect(parsedTask.recurrence_week_of_month).toBe(2); + expect(parsedTask.recurrence_weekday).toBe(4); + }); + + it('should preserve project and tag information', async () => { + const taskWithProject = { + uid: 'task-with-project', + name: 'Project Task', + status: 0, + Project: { uid: 'project-123', name: 'My Project' }, + Tags: [ + { uid: 'tag-1', name: 'work' }, + { uid: 'tag-2', name: 'important' }, + ], + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-14T12:00:00Z'), + }; + + const vtodoString = await serializeTaskToVTODO(taskWithProject); + const parsedTask = await parseVTODOToTask(vtodoString); + + expect(parsedTask.project_uid).toBe('project-123'); + expect(parsedTask.tag_names).toContain('work'); + expect(parsedTask.tag_names).toContain('important'); + }); + + it('should preserve habit mode data', async () => { + const habitTask = { + uid: 'habit-task', + name: 'Daily Exercise', + status: 0, + habit_mode: true, + habit_current_streak: 7, + habit_total_completions: 45, + order: 5, + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-14T12:00:00Z'), + }; + + const vtodoString = await serializeTaskToVTODO(habitTask); + const parsedTask = await parseVTODOToTask(vtodoString); + + expect(parsedTask.habit_mode).toBe(true); + expect(parsedTask.habit_current_streak).toBe(7); + expect(parsedTask.habit_total_completions).toBe(45); + expect(parsedTask.order).toBe(5); + }); + + it('should handle multiple round-trips without data loss', async () => { + const originalTask = { + uid: 'multi-round-trip', + name: 'Multiple Round Trips', + status: 1, + priority: 2, + note: 'Testing multiple conversions', + due_date: new Date('2026-07-01T12:00:00Z'), + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-14T12:00:00Z'), + }; + + let task = originalTask; + for (let i = 0; i < 3; i++) { + const vtodoString = await serializeTaskToVTODO(task); + task = await parseVTODOToTask(vtodoString); + } + + expect(task.uid).toBe(originalTask.uid); + expect(task.name).toBe(originalTask.name); + expect(task.status).toBe(originalTask.status); + expect(task.priority).toBe(originalTask.priority); + }); +}); diff --git a/backend/tests/unit/modules/caldav/icalendar/rrule-generator.test.js b/backend/tests/unit/modules/caldav/icalendar/rrule-generator.test.js new file mode 100644 index 0000000..7a5c4e7 --- /dev/null +++ b/backend/tests/unit/modules/caldav/icalendar/rrule-generator.test.js @@ -0,0 +1,158 @@ +const { + generateRRULE, +} = require('../../../../../modules/caldav/icalendar/rrule-generator'); + +describe('RRULE Generator', () => { + it('should return null for non-recurring task', () => { + const task = { recurrence_type: 'none' }; + expect(generateRRULE(task)).toBeNull(); + }); + + it('should return null for task without recurrence_type', () => { + const task = {}; + expect(generateRRULE(task)).toBeNull(); + }); + + describe('Daily Recurrence', () => { + it('should generate daily RRULE', () => { + const task = { recurrence_type: 'daily' }; + expect(generateRRULE(task)).toBe('FREQ=DAILY'); + }); + + it('should include interval for daily recurrence', () => { + const task = { recurrence_type: 'daily', recurrence_interval: 2 }; + expect(generateRRULE(task)).toBe('FREQ=DAILY;INTERVAL=2'); + }); + + it('should not include INTERVAL=1', () => { + const task = { recurrence_type: 'daily', recurrence_interval: 1 }; + expect(generateRRULE(task)).toBe('FREQ=DAILY'); + }); + }); + + describe('Weekly Recurrence', () => { + it('should generate weekly RRULE', () => { + const task = { recurrence_type: 'weekly' }; + expect(generateRRULE(task)).toBe('FREQ=WEEKLY'); + }); + + it('should include BYDAY for specific weekdays', () => { + const task = { + recurrence_type: 'weekly', + recurrence_weekdays: [1, 3, 5], + }; + expect(generateRRULE(task)).toBe('FREQ=WEEKLY;BYDAY=MO,WE,FR'); + }); + + it('should handle weekdays as JSON string', () => { + const task = { + recurrence_type: 'weekly', + recurrence_weekdays: '[1,3,5]', + }; + expect(generateRRULE(task)).toBe('FREQ=WEEKLY;BYDAY=MO,WE,FR'); + }); + + it('should include interval', () => { + const task = { + recurrence_type: 'weekly', + recurrence_interval: 2, + recurrence_weekdays: [1], + }; + expect(generateRRULE(task)).toBe('FREQ=WEEKLY;INTERVAL=2;BYDAY=MO'); + }); + }); + + describe('Monthly Recurrence', () => { + it('should generate monthly RRULE with month day', () => { + const task = { + recurrence_type: 'monthly', + recurrence_month_day: 15, + }; + expect(generateRRULE(task)).toBe('FREQ=MONTHLY;BYMONTHDAY=15'); + }); + + it('should include interval', () => { + const task = { + recurrence_type: 'monthly', + recurrence_interval: 3, + recurrence_month_day: 1, + }; + expect(generateRRULE(task)).toBe( + 'FREQ=MONTHLY;INTERVAL=3;BYMONTHDAY=1' + ); + }); + }); + + describe('Monthly Weekday Recurrence', () => { + it('should generate monthly weekday RRULE', () => { + const task = { + recurrence_type: 'monthly_weekday', + recurrence_week_of_month: 2, + recurrence_weekday: 4, + }; + expect(generateRRULE(task)).toBe('FREQ=MONTHLY;BYDAY=2TH'); + }); + + it('should handle last occurrence (-1)', () => { + const task = { + recurrence_type: 'monthly_weekday', + recurrence_week_of_month: -1, + recurrence_weekday: 5, + }; + expect(generateRRULE(task)).toBe('FREQ=MONTHLY;BYDAY=-1FR'); + }); + }); + + describe('Monthly Last Day Recurrence', () => { + it('should generate monthly last day RRULE', () => { + const task = { recurrence_type: 'monthly_last_day' }; + expect(generateRRULE(task)).toBe('FREQ=MONTHLY;BYMONTHDAY=-1'); + }); + + it('should include interval', () => { + const task = { + recurrence_type: 'monthly_last_day', + recurrence_interval: 2, + }; + expect(generateRRULE(task)).toBe( + 'FREQ=MONTHLY;INTERVAL=2;BYMONTHDAY=-1' + ); + }); + }); + + describe('Yearly Recurrence', () => { + it('should generate yearly RRULE', () => { + const task = { recurrence_type: 'yearly' }; + expect(generateRRULE(task)).toBe('FREQ=YEARLY'); + }); + + it('should include interval', () => { + const task = { recurrence_type: 'yearly', recurrence_interval: 2 }; + expect(generateRRULE(task)).toBe('FREQ=YEARLY;INTERVAL=2'); + }); + }); + + describe('UNTIL (End Date)', () => { + it('should include UNTIL for end date', () => { + const task = { + recurrence_type: 'daily', + recurrence_end_date: new Date('2026-12-31T23:59:59Z'), + }; + const rrule = generateRRULE(task); + expect(rrule).toContain('FREQ=DAILY'); + expect(rrule).toContain('UNTIL='); + }); + + it('should handle end date with weekly recurrence', () => { + const task = { + recurrence_type: 'weekly', + recurrence_weekdays: [1, 5], + recurrence_end_date: new Date('2027-01-01'), + }; + const rrule = generateRRULE(task); + expect(rrule).toContain('FREQ=WEEKLY'); + expect(rrule).toContain('BYDAY=MO,FR'); + expect(rrule).toContain('UNTIL='); + }); + }); +}); diff --git a/backend/tests/unit/modules/caldav/icalendar/rrule-parser.test.js b/backend/tests/unit/modules/caldav/icalendar/rrule-parser.test.js new file mode 100644 index 0000000..a902de2 --- /dev/null +++ b/backend/tests/unit/modules/caldav/icalendar/rrule-parser.test.js @@ -0,0 +1,150 @@ +const { + parseRRULE, +} = require('../../../../../modules/caldav/icalendar/rrule-parser'); + +describe('RRULE Parser', () => { + it('should return null for empty RRULE', () => { + expect(parseRRULE('')).toBeNull(); + expect(parseRRULE(null)).toBeNull(); + }); + + it('should return null for RRULE without FREQ', () => { + expect(parseRRULE('INTERVAL=2')).toBeNull(); + }); + + describe('Daily Recurrence', () => { + it('should parse daily RRULE', () => { + const result = parseRRULE('FREQ=DAILY'); + expect(result.recurrence_type).toBe('daily'); + expect(result.recurrence_interval).toBe(1); + }); + + it('should parse daily with interval', () => { + const result = parseRRULE('FREQ=DAILY;INTERVAL=3'); + expect(result.recurrence_type).toBe('daily'); + expect(result.recurrence_interval).toBe(3); + }); + }); + + describe('Weekly Recurrence', () => { + it('should parse weekly RRULE', () => { + const result = parseRRULE('FREQ=WEEKLY'); + expect(result.recurrence_type).toBe('weekly'); + expect(result.recurrence_interval).toBe(1); + }); + + it('should parse weekly with BYDAY', () => { + const result = parseRRULE('FREQ=WEEKLY;BYDAY=MO,WE,FR'); + expect(result.recurrence_type).toBe('weekly'); + expect(result.recurrence_weekdays).toEqual([1, 3, 5]); + }); + + it('should parse weekly with interval and BYDAY', () => { + const result = parseRRULE('FREQ=WEEKLY;INTERVAL=2;BYDAY=TU,TH'); + expect(result.recurrence_type).toBe('weekly'); + expect(result.recurrence_interval).toBe(2); + expect(result.recurrence_weekdays).toEqual([2, 4]); + }); + }); + + describe('Monthly Recurrence', () => { + it('should parse monthly with BYMONTHDAY', () => { + const result = parseRRULE('FREQ=MONTHLY;BYMONTHDAY=15'); + expect(result.recurrence_type).toBe('monthly'); + expect(result.recurrence_month_day).toBe(15); + }); + + it('should parse monthly last day', () => { + const result = parseRRULE('FREQ=MONTHLY;BYMONTHDAY=-1'); + expect(result.recurrence_type).toBe('monthly_last_day'); + }); + + it('should parse monthly weekday (2nd Thursday)', () => { + const result = parseRRULE('FREQ=MONTHLY;BYDAY=2TH'); + expect(result.recurrence_type).toBe('monthly_weekday'); + expect(result.recurrence_week_of_month).toBe(2); + expect(result.recurrence_weekday).toBe(4); + }); + + it('should parse monthly weekday (last Friday)', () => { + const result = parseRRULE('FREQ=MONTHLY;BYDAY=-1FR'); + expect(result.recurrence_type).toBe('monthly_weekday'); + expect(result.recurrence_week_of_month).toBe(-1); + expect(result.recurrence_weekday).toBe(5); + }); + + it('should parse monthly with interval', () => { + const result = parseRRULE('FREQ=MONTHLY;INTERVAL=3;BYMONTHDAY=10'); + expect(result.recurrence_type).toBe('monthly'); + expect(result.recurrence_interval).toBe(3); + expect(result.recurrence_month_day).toBe(10); + }); + }); + + describe('Yearly Recurrence', () => { + it('should parse yearly RRULE', () => { + const result = parseRRULE('FREQ=YEARLY'); + expect(result.recurrence_type).toBe('yearly'); + expect(result.recurrence_interval).toBe(1); + }); + + it('should parse yearly with interval', () => { + const result = parseRRULE('FREQ=YEARLY;INTERVAL=2'); + expect(result.recurrence_type).toBe('yearly'); + expect(result.recurrence_interval).toBe(2); + }); + }); + + describe('UNTIL (End Date)', () => { + it('should parse UNTIL date', () => { + const result = parseRRULE('FREQ=DAILY;UNTIL=20261231T120000Z'); + expect(result.recurrence_type).toBe('daily'); + expect(result.recurrence_end_date).toBeInstanceOf(Date); + expect(result.recurrence_end_date.getFullYear()).toBe(2026); + expect(result.recurrence_end_date.getMonth()).toBe(11); + expect(result.recurrence_end_date.getDate()).toBe(31); + }); + + it('should parse weekly with BYDAY and UNTIL', () => { + const result = parseRRULE( + 'FREQ=WEEKLY;BYDAY=MO,FR;UNTIL=20270101T000000Z' + ); + expect(result.recurrence_type).toBe('weekly'); + expect(result.recurrence_weekdays).toEqual([1, 5]); + expect(result.recurrence_end_date).toBeInstanceOf(Date); + }); + }); + + describe('Round-trip compatibility', () => { + const testCases = [ + { rrule: 'FREQ=DAILY', type: 'daily' }, + { rrule: 'FREQ=DAILY;INTERVAL=2', type: 'daily', interval: 2 }, + { + rrule: 'FREQ=WEEKLY;BYDAY=MO,WE,FR', + type: 'weekly', + weekdays: [1, 3, 5], + }, + { + rrule: 'FREQ=MONTHLY;BYMONTHDAY=15', + type: 'monthly', + monthDay: 15, + }, + { rrule: 'FREQ=MONTHLY;BYMONTHDAY=-1', type: 'monthly_last_day' }, + { + rrule: 'FREQ=MONTHLY;BYDAY=2TH', + type: 'monthly_weekday', + week: 2, + weekday: 4, + }, + { rrule: 'FREQ=YEARLY', type: 'yearly' }, + ]; + + testCases.forEach(({ rrule, type }) => { + it(`should parse ${type} RRULE correctly`, () => { + const result = parseRRULE(rrule); + expect(result).not.toBeNull(); + expect(result.recurrence_type).toBe(type); + }); + }); + }); +}); diff --git a/backend/tests/unit/modules/caldav/icalendar/vtodo-parser.test.js b/backend/tests/unit/modules/caldav/icalendar/vtodo-parser.test.js new file mode 100644 index 0000000..6d0a35e --- /dev/null +++ b/backend/tests/unit/modules/caldav/icalendar/vtodo-parser.test.js @@ -0,0 +1,182 @@ +const { + parseVTODOToTask, +} = require('../../../../../modules/caldav/icalendar/vtodo-parser'); + +describe('VTODO Parser', () => { + const basicVTODO = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//Task Manager//EN +CALSCALE:GREGORIAN +BEGIN:VTODO +UID:test-task-123 +SUMMARY:Test Task +DTSTAMP:20260414T120000Z +STATUS:NEEDS-ACTION +PRIORITY:5 +DESCRIPTION:Test note +DUE:20260501T120000Z +CREATED:20260401T100000Z +LAST-MODIFIED:20260414T150000Z +END:VTODO +END:VCALENDAR`; + + it('should parse basic VTODO to task', async () => { + const task = await parseVTODOToTask(basicVTODO); + expect(task).toBeDefined(); + expect(task.uid).toBe('test-task-123'); + expect(task.name).toBe('Test Task'); + expect(task.note).toBe('Test note'); + }); + + it('should throw error for invalid VTODO string', async () => { + await expect(parseVTODOToTask('invalid')).rejects.toThrow(); + }); + + it('should throw error for VCALENDAR without VTODO', async () => { + const invalidCalendar = `BEGIN:VCALENDAR +VERSION:2.0 +END:VCALENDAR`; + await expect(parseVTODOToTask(invalidCalendar)).rejects.toThrow( + 'No VTODO component found' + ); + }); + + it('should map iCalendar STATUS to tududi status', async () => { + const statuses = [ + { ical: 'NEEDS-ACTION', tududi: 0 }, + { ical: 'IN-PROCESS', tududi: 1 }, + { ical: 'COMPLETED', tududi: 2 }, + { ical: 'CANCELLED', tududi: 5 }, + ]; + + for (const { ical, tududi } of statuses) { + const vtodo = basicVTODO.replace( + 'STATUS:NEEDS-ACTION', + `STATUS:${ical}` + ); + const task = await parseVTODOToTask(vtodo); + expect(task.status).toBe(tududi); + } + }); + + it('should map iCalendar PRIORITY to tududi priority', async () => { + const priorities = [ + { ical: 1, tududi: 2 }, + { ical: 3, tududi: 2 }, + { ical: 5, tududi: 1 }, + { ical: 7, tududi: 0 }, + { ical: 9, tududi: 0 }, + ]; + + for (const { ical, tududi } of priorities) { + const vtodo = basicVTODO.replace('PRIORITY:5', `PRIORITY:${ical}`); + const task = await parseVTODOToTask(vtodo); + expect(task.priority).toBe(tududi); + } + }); + + it('should parse DUE date', async () => { + const task = await parseVTODOToTask(basicVTODO); + expect(task.due_date).toBeInstanceOf(Date); + expect(task.due_date.toISOString()).toBe('2026-05-01T12:00:00.000Z'); + }); + + it('should parse DTSTART as defer_until', async () => { + const vtodo = basicVTODO.replace( + 'DUE:20260501T120000Z', + 'DTSTART:20260425T090000Z\nDUE:20260501T120000Z' + ); + const task = await parseVTODOToTask(vtodo); + expect(task.defer_until).toBeInstanceOf(Date); + expect(task.defer_until.toISOString()).toBe('2026-04-25T09:00:00.000Z'); + }); + + it('should parse COMPLETED date', async () => { + const vtodo = basicVTODO.replace( + 'STATUS:NEEDS-ACTION', + 'STATUS:COMPLETED\nCOMPLETED:20260420T143000Z' + ); + const task = await parseVTODOToTask(vtodo); + expect(task.completed_at).toBeInstanceOf(Date); + expect(task.completed_at.toISOString()).toBe( + '2026-04-20T14:30:00.000Z' + ); + }); + + it('should parse RRULE for recurring tasks', async () => { + const vtodo = basicVTODO.replace( + 'END:VTODO', + 'RRULE:FREQ=WEEKLY;BYDAY=MO,WE,FR\nEND:VTODO' + ); + const task = await parseVTODOToTask(vtodo); + expect(task.recurrence_type).toBe('weekly'); + expect(task.recurrence_weekdays).toEqual([1, 3, 5]); + }); + + it('should parse RELATED-TO for subtasks', async () => { + const vtodo = basicVTODO.replace( + 'END:VTODO', + 'RELATED-TO;RELTYPE=PARENT:parent-task-456\nEND:VTODO' + ); + const task = await parseVTODOToTask(vtodo); + expect(task.parent_task_uid).toBe('parent-task-456'); + }); + + it('should parse X-TUDUDI-PROJECT-UID custom property', async () => { + const vtodo = basicVTODO.replace( + 'END:VTODO', + 'X-TUDUDI-PROJECT-UID:project-789\nEND:VTODO' + ); + const task = await parseVTODOToTask(vtodo); + expect(task.project_uid).toBe('project-789'); + }); + + it('should parse CATEGORIES as tags', async () => { + const vtodo = basicVTODO.replace( + 'END:VTODO', + 'CATEGORIES:work\\,urgent\nEND:VTODO' + ); + const task = await parseVTODOToTask(vtodo); + expect(task.tag_names).toEqual(['work', 'urgent']); + }); + + it('should parse habit mode custom properties', async () => { + const vtodo = basicVTODO.replace( + 'END:VTODO', + `X-TUDUDI-HABIT-MODE:true +X-TUDUDI-HABIT-STREAK:5 +X-TUDUDI-HABIT-COMPLETIONS:42 +END:VTODO` + ); + const task = await parseVTODOToTask(vtodo); + expect(task.habit_mode).toBe(true); + expect(task.habit_current_streak).toBe(5); + expect(task.habit_total_completions).toBe(42); + }); + + it('should parse X-TUDUDI-ORDER custom property', async () => { + const vtodo = basicVTODO.replace( + 'END:VTODO', + 'X-TUDUDI-ORDER:10\nEND:VTODO' + ); + const task = await parseVTODOToTask(vtodo); + expect(task.order).toBe(10); + }); + + it('should handle VTODO without optional properties', async () => { + const minimalVTODO = `BEGIN:VCALENDAR +VERSION:2.0 +BEGIN:VTODO +UID:minimal-task +SUMMARY:Minimal Task +DTSTAMP:20260414T120000Z +END:VTODO +END:VCALENDAR`; + + const task = await parseVTODOToTask(minimalVTODO); + expect(task.uid).toBe('minimal-task'); + expect(task.name).toBe('Minimal Task'); + expect(task.status).toBe(0); + expect(task.recurrence_type).toBe('none'); + }); +}); diff --git a/backend/tests/unit/modules/caldav/icalendar/vtodo-serializer.test.js b/backend/tests/unit/modules/caldav/icalendar/vtodo-serializer.test.js new file mode 100644 index 0000000..78d580e --- /dev/null +++ b/backend/tests/unit/modules/caldav/icalendar/vtodo-serializer.test.js @@ -0,0 +1,180 @@ +const { + serializeTaskToVTODO, +} = require('../../../../../modules/caldav/icalendar/vtodo-serializer'); +const ICAL = require('ical.js'); + +describe('VTODO Serializer', () => { + const basicTask = { + uid: 'test-task-123', + name: 'Test Task', + status: 0, + priority: 1, + note: 'Test note', + due_date: new Date('2026-05-01T12:00:00Z'), + created_at: new Date('2026-04-01T10:00:00Z'), + updated_at: new Date('2026-04-14T15:00:00Z'), + }; + + it('should serialize basic task to VTODO', async () => { + const vtodoString = await serializeTaskToVTODO(basicTask); + expect(vtodoString).toContain('BEGIN:VCALENDAR'); + expect(vtodoString).toContain('BEGIN:VTODO'); + expect(vtodoString).toContain('END:VTODO'); + expect(vtodoString).toContain('END:VCALENDAR'); + }); + + it('should include required VTODO properties', async () => { + const vtodoString = await serializeTaskToVTODO(basicTask); + expect(vtodoString).toContain('UID:test-task-123'); + expect(vtodoString).toContain('SUMMARY:Test Task'); + expect(vtodoString).toContain('DTSTAMP:'); + }); + + it('should map tududi status to iCalendar STATUS', async () => { + const tasks = [ + { ...basicTask, status: 0 }, + { ...basicTask, status: 1 }, + { ...basicTask, status: 2 }, + { ...basicTask, status: 5 }, + ]; + + const statusMap = { + 0: 'NEEDS-ACTION', + 1: 'IN-PROCESS', + 2: 'COMPLETED', + 5: 'CANCELLED', + }; + + for (const task of tasks) { + const vtodoString = await serializeTaskToVTODO(task); + const jcalData = ICAL.parse(vtodoString); + const comp = new ICAL.Component(jcalData); + const vtodo = comp.getFirstSubcomponent('vtodo'); + const status = vtodo.getFirstPropertyValue('status'); + + expect(status).toBe(statusMap[task.status]); + } + }); + + it('should map tududi priority to iCalendar PRIORITY', async () => { + const lowPriorityTask = { ...basicTask, priority: 0 }; + const mediumPriorityTask = { ...basicTask, priority: 1 }; + const highPriorityTask = { ...basicTask, priority: 2 }; + + const lowVTODO = await serializeTaskToVTODO(lowPriorityTask); + const mediumVTODO = await serializeTaskToVTODO(mediumPriorityTask); + const highVTODO = await serializeTaskToVTODO(highPriorityTask); + + expect(lowVTODO).toContain('PRIORITY:7'); + expect(mediumVTODO).toContain('PRIORITY:5'); + expect(highVTODO).toContain('PRIORITY:3'); + }); + + it('should include DESCRIPTION for task note', async () => { + const vtodoString = await serializeTaskToVTODO(basicTask); + expect(vtodoString).toContain('DESCRIPTION:Test note'); + }); + + it('should include DUE date', async () => { + const vtodoString = await serializeTaskToVTODO(basicTask); + expect(vtodoString).toContain('DUE:20260501T120000Z'); + }); + + it('should include DTSTART for defer_until', async () => { + const task = { + ...basicTask, + defer_until: new Date('2026-04-25T09:00:00Z'), + }; + const vtodoString = await serializeTaskToVTODO(task); + expect(vtodoString).toContain('DTSTART:20260425T090000Z'); + }); + + it('should include COMPLETED date for completed tasks', async () => { + const task = { + ...basicTask, + status: 2, + completed_at: new Date('2026-04-20T14:30:00Z'), + }; + const vtodoString = await serializeTaskToVTODO(task); + expect(vtodoString).toContain('COMPLETED:20260420T143000Z'); + expect(vtodoString).toContain('PERCENT-COMPLETE:100'); + }); + + it('should include RRULE for recurring tasks', async () => { + const recurringTask = { + ...basicTask, + recurrence_type: 'weekly', + recurrence_weekdays: [1, 3, 5], + }; + const vtodoString = await serializeTaskToVTODO(recurringTask); + expect(vtodoString).toContain('RRULE:'); + expect(vtodoString).toContain('FREQ=WEEKLY'); + expect(vtodoString).toContain('BYDAY=MO,WE,FR'); + }); + + it('should include RELATED-TO for subtasks', async () => { + const subtask = { + ...basicTask, + parent_task_id: 1, + ParentTask: { uid: 'parent-task-456' }, + }; + const vtodoString = await serializeTaskToVTODO(subtask); + expect(vtodoString).toContain( + 'RELATED-TO;RELTYPE=PARENT:parent-task-456' + ); + }); + + it('should include project information as custom property', async () => { + const task = { + ...basicTask, + Project: { uid: 'project-789', name: 'My Project' }, + }; + const vtodoString = await serializeTaskToVTODO(task); + expect(vtodoString).toContain('X-TUDUDI-PROJECT-UID:project-789'); + expect(vtodoString).toContain('X-TUDUDI-PROJECT-NAME:My Project'); + }); + + it('should export tags as CATEGORIES', async () => { + const task = { + ...basicTask, + Tags: [ + { name: 'work', uid: 'tag-1' }, + { name: 'urgent', uid: 'tag-2' }, + ], + }; + const vtodoString = await serializeTaskToVTODO(task); + expect(vtodoString).toContain('CATEGORIES:work\\,urgent'); + expect(vtodoString).toContain('X-TUDUDI-TAG-UIDS:tag-1,tag-2'); + }); + + it('should include habit mode custom properties', async () => { + const habitTask = { + ...basicTask, + habit_mode: true, + habit_current_streak: 5, + habit_total_completions: 42, + }; + const vtodoString = await serializeTaskToVTODO(habitTask); + expect(vtodoString).toContain('X-TUDUDI-HABIT-MODE:true'); + expect(vtodoString).toContain('X-TUDUDI-HABIT-STREAK:5'); + expect(vtodoString).toContain('X-TUDUDI-HABIT-COMPLETIONS:42'); + }); + + it('should include CREATED and LAST-MODIFIED timestamps', async () => { + const vtodoString = await serializeTaskToVTODO(basicTask); + expect(vtodoString).toContain('CREATED:20260401T100000Z'); + expect(vtodoString).toContain('LAST-MODIFIED:20260414T150000Z'); + }); + + it('should handle tasks without optional fields', async () => { + const minimalTask = { + uid: 'minimal-task', + name: 'Minimal Task', + status: 0, + }; + const vtodoString = await serializeTaskToVTODO(minimalTask); + expect(vtodoString).toContain('BEGIN:VTODO'); + expect(vtodoString).toContain('UID:minimal-task'); + expect(vtodoString).toContain('SUMMARY:Minimal Task'); + }); +}); diff --git a/backend/tests/unit/modules/caldav/services/encryption-service.test.js b/backend/tests/unit/modules/caldav/services/encryption-service.test.js new file mode 100644 index 0000000..79280f2 --- /dev/null +++ b/backend/tests/unit/modules/caldav/services/encryption-service.test.js @@ -0,0 +1,106 @@ +const { + encrypt, + decrypt, + isEncrypted, +} = require('../../../../../modules/caldav/services/encryption-service'); + +describe('CalDAV Encryption Service', () => { + describe('encrypt', () => { + it('should encrypt text and return JSON string', () => { + const plaintext = 'my-secret-password'; + const encrypted = encrypt(plaintext); + + expect(typeof encrypted).toBe('string'); + const data = JSON.parse(encrypted); + expect(data).toHaveProperty('iv'); + expect(data).toHaveProperty('encrypted'); + expect(data).toHaveProperty('authTag'); + }); + + it('should produce different encrypted values for same input', () => { + const plaintext = 'test-password'; + const encrypted1 = encrypt(plaintext); + const encrypted2 = encrypt(plaintext); + + expect(encrypted1).not.toBe(encrypted2); + }); + + it('should throw error for empty text', () => { + expect(() => encrypt('')).toThrow('Cannot encrypt empty text'); + expect(() => encrypt(null)).toThrow('Cannot encrypt empty text'); + }); + }); + + describe('decrypt', () => { + it('should decrypt encrypted text correctly', () => { + const plaintext = 'my-secret-password'; + const encrypted = encrypt(plaintext); + const decrypted = decrypt(encrypted); + + expect(decrypted).toBe(plaintext); + }); + + it('should handle special characters', () => { + const plaintext = 'p@ssw0rd!#$%^&*()'; + const encrypted = encrypt(plaintext); + const decrypted = decrypt(encrypted); + + expect(decrypted).toBe(plaintext); + }); + + it('should handle long text', () => { + const plaintext = 'a'.repeat(1000); + const encrypted = encrypt(plaintext); + const decrypted = decrypt(encrypted); + + expect(decrypted).toBe(plaintext); + }); + + it('should throw error for empty data', () => { + expect(() => decrypt('')).toThrow('Cannot decrypt empty data'); + expect(() => decrypt(null)).toThrow('Cannot decrypt empty data'); + }); + + it('should throw error for invalid format', () => { + expect(() => decrypt('invalid-json')).toThrow('Decryption failed'); + }); + + it('should throw error for tampered data', () => { + const plaintext = 'test-password'; + const encrypted = encrypt(plaintext); + const data = JSON.parse(encrypted); + data.encrypted = data.encrypted.replace(/.$/, 'X'); + const tampered = JSON.stringify(data); + + expect(() => decrypt(tampered)).toThrow( + 'Invalid auth tag or tampered data' + ); + }); + }); + + describe('isEncrypted', () => { + it('should return true for encrypted data', () => { + const encrypted = encrypt('test'); + expect(isEncrypted(encrypted)).toBe(true); + }); + + it('should return false for plain text', () => { + expect(isEncrypted('plain text')).toBe(false); + }); + + it('should return false for non-string values', () => { + expect(isEncrypted(null)).toBe(false); + expect(isEncrypted(undefined)).toBe(false); + expect(isEncrypted(123)).toBe(false); + expect(isEncrypted({})).toBe(false); + }); + + it('should return false for invalid JSON', () => { + expect(isEncrypted('{"incomplete"')).toBe(false); + }); + + it('should return false for JSON without required fields', () => { + expect(isEncrypted('{"iv":"abc"}')).toBe(false); + }); + }); +}); diff --git a/backend/tests/unit/utils/attachment-utils.test.js b/backend/tests/unit/utils/attachment-utils.test.js index 0fa4975..0ad28b6 100644 --- a/backend/tests/unit/utils/attachment-utils.test.js +++ b/backend/tests/unit/utils/attachment-utils.test.js @@ -1,5 +1,6 @@ const fs = require('fs').promises; const path = require('path'); +const { getConfig } = require('../../../config/config'); const { ALLOWED_TYPES, validateFileType, @@ -13,6 +14,8 @@ const { getFileUrl, } = require('../../../utils/attachment-utils'); +const config = getConfig(); + describe('Attachment Utils', () => { describe('validateFileType', () => { it('should accept PDF files', () => { @@ -224,11 +227,11 @@ describe('Attachment Utils', () => { }); describe('deleteFileFromDisk', () => { - const testDir = path.join(__dirname, '../../test-uploads'); + const testDir = path.join(config.uploadPath, 'test-delete-uploads'); const testFile = path.join(testDir, 'test-delete-file.txt'); beforeEach(async () => { - // Create test directory and file + // Create test directory and file within uploads await fs.mkdir(testDir, { recursive: true }); await fs.writeFile(testFile, 'test content'); }); @@ -265,6 +268,18 @@ describe('Attachment Utils', () => { const result = await deleteFileFromDisk(''); expect(result).toBe(false); }); + + it('should reject path traversal attempts', async () => { + const maliciousPath = path.join(testDir, '../../../etc/passwd'); + const result = await deleteFileFromDisk(maliciousPath); + expect(result).toBe(false); + }); + + it('should reject absolute paths outside upload dir', async () => { + const outsidePath = '/tmp/outside-file.txt'; + const result = await deleteFileFromDisk(outsidePath); + expect(result).toBe(false); + }); }); describe('ensureUploadDir', () => { diff --git a/backend/utils/attachment-utils.js b/backend/utils/attachment-utils.js index aed140b..75f5752 100644 --- a/backend/utils/attachment-utils.js +++ b/backend/utils/attachment-utils.js @@ -88,26 +88,21 @@ async function deleteFileFromDisk(filepath) { if (!filepath) return false; try { - const isTestEnv = process.env.NODE_ENV === 'test'; + const uploadDir = path.resolve(config.uploadPath); + const resolvedPath = path.resolve(filepath); + const relativePath = path.relative(uploadDir, resolvedPath); - if (!isTestEnv) { - const uploadDir = path.resolve(config.uploadPath); - const resolvedPath = path.resolve(filepath); - const relativePath = path.relative(uploadDir, resolvedPath); - - if ( - relativePath.startsWith('..') || - path.isAbsolute(relativePath) - ) { - logError( - 'Attempt to delete file outside upload directory:', - filepath - ); - return false; - } + if (relativePath.startsWith('..') || path.isAbsolute(relativePath)) { + logError( + 'Attempt to delete file outside upload directory:', + filepath + ); + return false; } - await fs.unlink(filepath); + const safePath = path.join(uploadDir, relativePath); + await fs.unlink(safePath); + return true; } catch (error) { logError('Error deleting file from disk:', error); diff --git a/docs/10-oidc-sso.md b/docs/10-oidc-sso.md index 38c4215..4c706c8 100644 --- a/docs/10-oidc-sso.md +++ b/docs/10-oidc-sso.md @@ -543,6 +543,70 @@ If a user was created via SSO and has no password: - Both auth methods work independently - Unlinking SSO doesn't affect password login +### SSO-Only Mode + +For deployments that want to enforce SSO-only authentication, password-based login and registration can be completely disabled. + +**Configuration:** + +```bash +# Disable password authentication +PASSWORD_AUTH_ENABLED=false + +# Ensure OIDC is properly configured +OIDC_ENABLED=true +OIDC_PROVIDER_NAME=Your Provider +# ... other OIDC settings +``` + +**Behavior When Disabled:** + +1. **Login Page:** + - Password login form is hidden + - Only OIDC provider buttons are shown + - Registration link is hidden + +2. **Registration:** + - `/register` page shows "Password Registration Disabled" message + - Direct registration attempts return 403 Forbidden + - New users must use SSO (auto-provisioning must be enabled) + +3. **API Behavior:** + - `POST /api/login` with credentials returns 403: "Password login is disabled. Please use SSO to sign in." + - `POST /api/register` returns 403: "Password registration is disabled. Please use SSO to sign in." + - `GET /api/password-auth-status` returns `{ "enabled": false }` + +**Use Cases:** + +- **Corporate Deployments:** Enforce centralized identity management +- **Security Compliance:** Eliminate password management burden +- **Simplified UX:** Single authentication method for all users + +**Important Considerations:** + +1. **OIDC Must Be Configured:** Ensure at least one OIDC provider is configured before disabling password auth +2. **Auto-Provisioning Required:** Set `OIDC_AUTO_PROVISION=true` to allow new users to register via SSO +3. **Existing Users:** Users with passwords can no longer log in with them, must link SSO or be manually migrated +4. **Admin Access:** Ensure at least one admin can access via SSO before disabling password auth + +**Migration Steps:** + +If transitioning from password to SSO-only: + +1. **Step 1:** Configure OIDC providers with `OIDC_ENABLED=true` +2. **Step 2:** Notify users to link their SSO accounts (Profile > Security > Connected Accounts) +3. **Step 3:** Verify all users have SSO identities linked +4. **Step 4:** Set `PASSWORD_AUTH_ENABLED=false` and restart server +5. **Step 5:** Monitor logs for authentication issues + +**Rollback:** + +To re-enable password authentication: +```bash +PASSWORD_AUTH_ENABLED=true # or remove the variable +``` +Restart the server. Password login will immediately become available again. + --- ## Troubleshooting diff --git a/docs/11-caldav-sync.md b/docs/11-caldav-sync.md new file mode 100644 index 0000000..5dbf67a --- /dev/null +++ b/docs/11-caldav-sync.md @@ -0,0 +1,855 @@ +# CalDAV Synchronization + +This guide explains how to configure and use CalDAV synchronization in Tududi to access your tasks across multiple devices and applications. + +**Related:** [Tasks Behavior](00-tasks-behavior.md), [Recurring Tasks](01-recurring-tasks-behavior.md), [Architecture Overview](architecture.md) + +--- + +## Table of Contents + +- [Overview](#overview) +- [How CalDAV Works](#how-caldav-works) +- [Why Use CalDAV](#why-use-caldav) +- [Supported Clients](#supported-clients) +- [Configuration](#configuration) + - [Quick Setup](#quick-setup) + - [Environment Variables Reference](#environment-variables-reference) +- [Client Setup Guides](#client-setup-guides) + - [tasks.org (Android/iOS)](#tasksorg-androidios) + - [Apple Reminders (iOS/macOS)](#apple-reminders-iosmacos) + - [Thunderbird (Desktop)](#thunderbird-desktop) + - [Evolution (Linux)](#evolution-linux) +- [Remote Server Synchronization](#remote-server-synchronization) + - [Nextcloud](#nextcloud) + - [Baikal](#baikal) + - [Generic CalDAV Server](#generic-caldav-server) +- [User Features](#user-features) + - [Managing Calendars](#managing-calendars) + - [Manual Sync](#manual-sync) + - [Conflict Resolution](#conflict-resolution) +- [Advanced Topics](#advanced-topics) + - [Sync Direction](#sync-direction) + - [Sync Intervals](#sync-intervals) + - [Field Mappings](#field-mappings) + - [Recurring Tasks](#recurring-tasks) +- [Troubleshooting](#troubleshooting) +- [Security Considerations](#security-considerations) + +--- + +## Overview + +CalDAV (Calendar Distributed Authoring and Versioning) is an industry-standard protocol for accessing and managing calendar data. Tududi implements CalDAV to enable task synchronization with external applications and servers. + +**Key Features:** +- **Bidirectional Sync:** Changes sync in both directions (Tududi ↔ CalDAV clients/servers) +- **Popular Client Support:** tasks.org, Apple Reminders, Thunderbird, Evolution, and more +- **Recurring Tasks:** Full support via RRULE (RFC 5545) +- **Conflict Detection:** Automatic conflict detection with configurable resolution strategies +- **Background Sync:** Automatic periodic synchronization +- **Standards-Compliant:** Implements RFC 4791 (CalDAV) and RFC 5545 (iCalendar) + +--- + +## How CalDAV Works + +### The Protocol + +CalDAV extends WebDAV to provide a standard way of accessing and managing calendar objects over HTTP. In Tududi: + +1. **Tasks as VTODO:** Tududi tasks are represented as iCalendar VTODO components +2. **HTTP Methods:** Standard HTTP methods (GET, PUT, DELETE) plus WebDAV extensions (PROPFIND, REPORT) +3. **Discovery:** Clients find calendars via `.well-known/caldav` endpoint +4. **Authentication:** HTTP Basic Auth for CalDAV clients, sessions/tokens for web UI + +### Data Flow + +**CalDAV Client Access:** +``` +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ CalDAV Client β”‚ (tasks.org, Thunderbird, etc.) +β”‚ (Mobile/PC) β”‚ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ HTTP Basic Auth + β”‚ PROPFIND, REPORT, GET, PUT, DELETE + β–Ό +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ Tududi β”‚ Serves as CalDAV server +β”‚ CalDAV Server β”‚ /caldav/{username}/tasks/ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ + β–Ό +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ SQLite Database β”‚ Tasks stored with CalDAV metadata +β”‚ (tasks table) β”‚ (ETags, CTags, sync state) +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ +``` + +**Remote Server Sync:** +``` +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ Tududi β”‚ Acts as CalDAV client +β”‚ CalDAV Client β”‚ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ Periodic sync (every 5-60 min) + β”‚ PROPFIND, REPORT, GET, PUT, DELETE + β–Ό +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ Remote CalDAV β”‚ Nextcloud, Baikal, etc. +β”‚ Server β”‚ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ + β–Ό +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ Remote Tasks β”‚ Synced bidirectionally +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ +``` + +### Synchronization Process + +Tududi uses a **three-phase sync algorithm**: + +**1. Pull Phase:** +- Fetch changes from remote CalDAV server +- Parse VTODO items into Tududi task format +- Store in temporary buffer + +**2. Merge Phase:** +- Compare local and remote versions using ETags +- Detect conflicts (both modified since last sync) +- Apply conflict resolution strategy: + - `last_write_wins`: Keep most recent change + - `local_wins`: Always keep Tududi version + - `remote_wins`: Always keep remote version + - `manual`: Flag for user resolution + +**3. Push Phase:** +- Identify local changes since last sync +- Serialize tasks to VTODO format +- PUT to remote server +- Update sync state (ETags, timestamps) + +### Task Transformation + +**Tududi Task β†’ VTODO:** +```javascript +// Tududi task +{ + uid: "abc123", + name: "Buy groceries", + due_date: "2026-04-20T14:00:00Z", + status: 0, // NOT_STARTED + priority: 2 // High +} + +// Becomes VTODO +BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//CalDAV Server//EN +BEGIN:VTODO +UID:abc123 +SUMMARY:Buy groceries +DUE:20260420T140000Z +STATUS:NEEDS-ACTION +PRIORITY:3 +CREATED:20260415T100000Z +DTSTAMP:20260415T100000Z +END:VTODO +END:VCALENDAR +``` + +### Change Detection + +**ETags (Entity Tags):** +- Unique identifier for each task version +- Generated from task's `updated_at` timestamp +- Clients use ETags to detect changes efficiently +- `If-Match` headers prevent conflicting updates + +**CTags (Collection Tags):** +- Single tag for entire calendar collection +- Changes whenever any task in calendar changes +- Enables quick "has anything changed?" check +- Reduces unnecessary full syncs + +### Recurring Task Handling + +Tududi stores recurring tasks as **single parent tasks** with recurrence rules: + +**Storage:** +- Parent task stored once with RRULE +- No duplicate database entries for future instances +- Configurable expansion limit (default: 365 instances) + +**CalDAV Serialization:** +- Parent task expanded into virtual instances on-demand +- Each instance gets unique RECURRENCE-ID +- Clients see discrete VTODO entries +- Modified instances stored in `caldav_occurrence_overrides` table + +**Example:** +``` +Parent Task: "Daily standup" + recurrence_pattern: "daily" + due_date: "2026-04-20T09:00:00Z" + +CalDAV Expansion: + - VTODO (UID: daily-standup, RECURRENCE-ID: 20260420T090000Z) + - VTODO (UID: daily-standup, RECURRENCE-ID: 20260421T090000Z) + - VTODO (UID: daily-standup, RECURRENCE-ID: 20260422T090000Z) + ... (up to 365 future instances) +``` + +--- + +## Why Use CalDAV + +**For Mobile Users:** +- Access tasks on Android/iOS via tasks.org or Apple Reminders +- Offline access with eventual sync +- Native mobile notifications and widgets +- Work seamlessly across devices + +**For Desktop Users:** +- Use Thunderbird or Evolution for desktop task management +- Integrated with email workflow +- Keyboard shortcuts and power user features +- Calendar/task views side-by-side + +**For Self-Hosters:** +- Sync with existing infrastructure (Nextcloud, Baikal) +- Keep data on your own servers +- No third-party cloud dependencies +- Standards-based interoperability + +**For Teams:** +- Share Tududi tasks via CalDAV-compatible platforms +- Collaborate using familiar tools (Nextcloud Tasks) +- Maintain single source of truth (Tududi) +- Cross-platform compatibility + +--- + +## Configuration + +CalDAV is configured via environment variables in your `.env` file. After making changes, **restart the Tududi server** for them to take effect. + +### Quick Setup + +**Enable CalDAV:** + +```bash +# Enable CalDAV feature +CALDAV_ENABLED=true + +# Encryption key for remote calendar passwords (32 characters minimum) +ENCRYPTION_KEY=$(openssl rand -hex 32) + +# Optional: Configure defaults +CALDAV_DEFAULT_SYNC_INTERVAL=15 # Minutes between syncs +CALDAV_MAX_RECURRING_INSTANCES=365 # Future recurring instances +CALDAV_CONFLICT_RESOLUTION=last_write_wins # Default strategy +``` + +**Restart Tududi:** + +```bash +docker compose restart # For Docker +npm start # For standalone +``` + +**Configure in Web UI:** + +1. Navigate to **Profile > Settings > CalDAV** tab +2. Click **Add Calendar** to create a local calendar +3. Click **Add Remote Calendar** to sync with external servers +4. Follow the setup wizard + +### Environment Variables Reference + +| Variable | Required | Default | Description | +|----------|----------|---------|-------------| +| `CALDAV_ENABLED` | Yes | `false` | Enable/disable CalDAV feature | +| `ENCRYPTION_KEY` | Recommended | `SECRET_KEY` | AES-256-GCM encryption key for passwords | +| `CALDAV_DEFAULT_SYNC_INTERVAL` | No | `15` | Default sync interval in minutes | +| `CALDAV_MAX_RECURRING_INSTANCES` | No | `365` | Max future recurring instances to expand | +| `CALDAV_CONFLICT_RESOLUTION` | No | `last_write_wins` | Default conflict strategy | +| `CALDAV_RATE_LIMIT` | No | `60` | Requests per minute per IP | +| `CALDAV_MAX_SYNC_TASKS` | No | `1000` | Max tasks per sync operation | +| `CALDAV_REQUEST_TIMEOUT` | No | `30000` | Request timeout in milliseconds | +| `CALDAV_LOG_LEVEL` | No | `info` | Log level: error, warn, info, debug | +| `CALDAV_LOG_REQUESTS` | No | `false` | Log all CalDAV HTTP requests | + +**Important:** The `ENCRYPTION_KEY` should be a secure random string (32 bytes). If not set, falls back to `SECRET_KEY`. + +**Conflict Resolution Strategies:** +- `last_write_wins`: Most recent change wins (default, recommended) +- `local_wins`: Always keep Tududi's version +- `remote_wins`: Always keep remote server's version +- `manual`: Flag conflicts for manual resolution in UI + +--- + +## Supported Clients + +## Client Setup Guides + +### tasks.org (Android/iOS) + +**Setup Instructions:** + +1. Open tasks.org app +2. Tap **☰ Menu** > **Settings** > **Synchronization** +3. Select **CalDAV** +4. Enter connection details: + - **URL:** `https://your-tududi-domain.com/caldav/` + - **Username:** Your Tududi email + - **Password:** Your Tududi password +5. Tap **Add Account** +6. Select the **tasks** calendar +7. Tap **Sync** to start synchronization + +**Features:** +- βœ… Full task CRUD (create, read, update, delete) +- βœ… Recurring tasks with RRULE +- βœ… Due dates and start dates (defer until) +- βœ… Priority levels +- βœ… Task status (needs action, in progress, completed) +- βœ… Subtasks via RELATED-TO +- ⚠️ Limited: Habit mode, tags stored in custom fields + +### Apple Reminders (iOS/macOS) + +**Setup Instructions (iOS):** + +1. Open **Settings** > **Reminders** > **Accounts** +2. Tap **Add Account** > **Other** +3. Select **Add CalDAV Account** +4. Enter connection details: + - **Server:** `your-tududi-domain.com` + - **Username:** Your Tududi email + - **Password:** Your Tududi password + - **Description:** Tududi Tasks +5. Tap **Next** > **Save** +6. Open **Reminders** app to view synced tasks + +**Setup Instructions (macOS):** + +1. Open **System Settings** > **Internet Accounts** +2. Click **+** > **Add Other Account** > **CalDAV Account** +3. Enter connection details: + - **Account Type:** Manual + - **Username:** Your Tududi email + - **Password:** Your Tududi password + - **Server Address:** `https://your-tududi-domain.com/caldav/` +4. Click **Sign In** +5. Open **Reminders** app to view synced tasks + +**Features:** +- βœ… Task creation and editing +- βœ… Due dates and reminders +- βœ… Priority levels (high, medium, low) +- βœ… Task completion +- βœ… Recurring tasks (limited patterns) +- ⚠️ Limited: Advanced recurrence patterns, custom fields + +### Thunderbird (Desktop) + +**Setup Instructions:** + +1. Install **Lightning** or **Task Calendar** extension (if not built-in) +2. Open **Calendar** tab +3. Right-click in calendar list > **New Calendar** +4. Select **On the Network** +5. Choose **CalDAV** +6. Enter connection details: + - **Location:** `https://your-tududi-domain.com/caldav/{your-username}/tasks/` + - Replace `{your-username}` with your Tududi username +7. Enter credentials when prompted +8. Select **Tasks** calendar type +9. Click **Finish** + +**Features:** +- βœ… Full task management +- βœ… Recurring tasks with advanced patterns +- βœ… Due dates, start dates, completion dates +- βœ… Priority and status +- βœ… Task descriptions (notes) +- βœ… Subtask hierarchy + +### Evolution (Linux) + +**Setup Instructions:** + +1. Open **Evolution** > **File** > **New** > **Task List** +2. Select **CalDAV** +3. Enter connection details: + - **URL:** `https://your-tududi-domain.com/caldav/{your-username}/tasks/` + - **Username:** Your Tududi email + - **Password:** Your Tududi password +4. Click **Apply** +5. View tasks in **Tasks** view + +**Features:** +- βœ… Full task CRUD +- βœ… Recurring tasks +- βœ… Due dates and priorities +- βœ… Task completion tracking + +--- + +## Remote Server Synchronization + +Tududi can sync with external CalDAV servers like Nextcloud, Baikal, or other CalDAV-compatible services. + +### Overview + +When configured as a CalDAV client, Tududi periodically fetches changes from remote servers and pushes local changes back. This enables: +- **Cloud Backup:** Keep tasks synced with cloud CalDAV services +- **Multi-Instance Sync:** Run multiple Tududi instances synced via central server +- **Legacy Integration:** Sync with existing calendar infrastructure + +### Nextcloud + +**Setup Instructions:** + +1. In Tududi, go to **Profile > Settings > CalDAV** tab +2. Click **Add Remote Calendar** +3. Select **Nextcloud** as server type +4. Enter connection details: + - **Name:** My Nextcloud Tasks + - **Server URL:** `https://your-nextcloud-domain.com` + - **Calendar Path:** `/remote.php/dav/calendars/{username}/tasks/` + - Replace `{username}` with your Nextcloud username + - **Username:** Your Nextcloud username + - **Password:** Your Nextcloud password or app password +5. Choose sync direction: + - **Bidirectional:** Changes sync both ways + - **Pull Only:** Import from Nextcloud to Tududi + - **Push Only:** Export from Tududi to Nextcloud +6. Set sync interval (default: 15 minutes) +7. Click **Save** +8. Click **Sync Now** to test connection + +**Creating App Password (Recommended):** + +1. In Nextcloud, go to **Settings > Security** +2. Scroll to **Devices & sessions** +3. Enter app name: `Tududi` +4. Click **Create new app password** +5. Copy the generated password +6. Use this password in Tududi CalDAV settings + +### Baikal + +**Setup Instructions:** + +1. In Tududi, go to **Profile > Settings > CalDAV** tab +2. Click **Add Remote Calendar** +3. Select **Baikal** as server type +4. Enter connection details: + - **Name:** My Baikal Tasks + - **Server URL:** `https://your-baikal-domain.com` + - **Calendar Path:** `/dav.php/calendars/{username}/tasks/` + - Replace `{username}` with your Baikal username + - **Username:** Your Baikal username + - **Password:** Your Baikal password +5. Configure sync settings +6. Click **Save** and **Sync Now** + +### Generic CalDAV Server + +**Setup Instructions:** + +1. In Tududi, go to **Profile > Settings > CalDAV** tab +2. Click **Add Remote Calendar** +3. Select **Generic CalDAV** as server type +4. Enter connection details: + - **Name:** Custom calendar name + - **Server URL:** Full CalDAV server URL + - **Calendar Path:** Path to specific calendar + - **Username:** Your CalDAV username + - **Password:** Your CalDAV password + - **Auth Type:** Basic (default) +5. Configure sync settings +6. Click **Save** and **Sync Now** + +**Finding Your Calendar Path:** + +Most CalDAV servers follow this pattern: +``` +/calendars/{username}/{calendar-name}/ +``` + +Check your CalDAV server's documentation for the exact path format. + +--- + +## Configuration Options + +### Sync Direction + +- **Bidirectional:** Changes sync in both directions (default) +- **Pull Only:** Import tasks from remote to Tududi +- **Push Only:** Export tasks from Tududi to remote + +### Sync Interval + +Choose how frequently automatic sync runs: +- 5 minutes +- 15 minutes (default) +- 30 minutes +- 60 minutes +- Manual only (disable automatic sync) + +### Conflict Resolution + +When the same task is modified both locally and remotely: + +- **Last Write Wins:** Most recent change overwrites older change (default) +- **Local Wins:** Always keep Tududi's version +- **Remote Wins:** Always keep remote server's version +- **Manual:** Flag conflicts for manual resolution in UI + +--- + +## Field Mappings + +### Task Fields β†’ VTODO Properties + +| Tududi Field | VTODO Property | Notes | +|--------------|----------------|-------| +| Name | SUMMARY | Task title | +| Note | DESCRIPTION | Task description | +| Due Date | DUE | ISO 8601 UTC timestamp | +| Defer Until | DTSTART | Start date/time | +| Completed At | COMPLETED | Completion timestamp | +| Status | STATUS | See status mapping below | +| Priority | PRIORITY | Inverse scale (see below) | +| Recurrence | RRULE | RFC 5545 recurrence rule | +| Subtasks | RELATED-TO | Parent task UID | + +### Status Mapping + +| Tududi Status | VTODO STATUS | +|---------------|--------------| +| Not Started | NEEDS-ACTION | +| In Progress | IN-PROCESS | +| Done | COMPLETED | +| Archived | COMPLETED | +| Waiting | NEEDS-ACTION | +| Cancelled | CANCELLED | +| Planned | NEEDS-ACTION | + +### Priority Mapping + +CalDAV uses inverse priority scale (1=highest, 9=lowest): + +| Tududi Priority | VTODO PRIORITY | +|-----------------|----------------| +| High (2) | 3 | +| Medium (1) | 5 | +| Low (0) | 7 | + +### Custom Fields + +Tududi-specific features are stored as extended properties: + +- `X-TUDUDI-HABIT-MODE`: Habit tracking settings +- `X-TUDUDI-PROJECT-UID`: Project association +- `X-TUDUDI-TAGS`: Task tags (comma-separated) + +These fields are preserved but may not be visible in external clients. + +--- + +## Recurring Tasks + +Tududi supports CalDAV recurring tasks via RRULE (RFC 5545): + +### Supported Patterns + +| Pattern | RRULE Example | +|---------|---------------| +| Daily | `FREQ=DAILY` | +| Every N days | `FREQ=DAILY;INTERVAL=3` | +| Weekly | `FREQ=WEEKLY;BYDAY=MO,WE,FR` | +| Monthly by day | `FREQ=MONTHLY;BYMONTHDAY=15` | +| Monthly by weekday | `FREQ=MONTHLY;BYDAY=2TH` (2nd Thursday) | +| Yearly | `FREQ=YEARLY;BYMONTH=1;BYMONTHDAY=1` | + +### Limitations + +- External clients see individual instances (next 365 occurrences) +- Editing a single instance creates an override +- Deleting parent task removes all instances + +--- + +## Troubleshooting + +### Authentication Fails + +**Symptoms:** Client can't connect, 401 Unauthorized error + +**Solutions:** +1. Verify credentials (email and password are correct) +2. Check that `CALDAV_ENABLED=true` in environment +3. Ensure HTTP Basic Auth is supported by client +4. Try creating a new API token in Profile settings + +### Tasks Not Syncing + +**Symptoms:** Changes don't appear after sync + +**Solutions:** +1. Check sync status in CalDAV tab (last sync time, errors) +2. Click **Sync Now** to force manual sync +3. Verify sync direction is **Bidirectional** +4. Check conflict list for unresolved conflicts +5. Review backend logs for sync errors + +### Recurring Tasks Missing + +**Symptoms:** Only first instance appears + +**Solutions:** +1. Ensure client supports RRULE recurrence +2. Check that `CALDAV_MAX_RECURRING_INSTANCES` environment variable is set (default: 365) +3. Some clients require manual refresh to see new instances + +### Performance Issues + +**Symptoms:** Sync takes very long or times out + +**Solutions:** +1. Reduce number of tasks (archive completed tasks) +2. Increase `CALDAV_REQUEST_TIMEOUT` environment variable +3. Lower sync frequency (change from 5 min to 15 min) +4. Check server resources (CPU, memory, disk I/O) + +### Connection Timeouts + +**Symptoms:** "Connection timeout" or "Network error" + +**Solutions:** +1. Verify server URL is correct and accessible +2. Check firewall allows HTTPS traffic +3. Ensure SSL certificate is valid (not self-signed) +4. Try increasing timeout: `CALDAV_REQUEST_TIMEOUT=60000` + +### Invalid Calendar Data + +**Symptoms:** "Invalid VTODO" or "Parse error" + +**Solutions:** +1. Check that client sends valid iCalendar format +2. Review backend logs for specific validation errors +3. Test with different CalDAV client to isolate issue +4. Report issue with example VTODO data + +--- + +## Security Considerations + +### Password Storage + +Remote calendar passwords are encrypted with AES-256-GCM before storage. Encryption key is derived from `ENCRYPTION_KEY` or `SECRET_KEY` environment variable. + +**Best Practice:** Use app-specific passwords instead of main account passwords when available (e.g., Nextcloud app passwords). + +### Authentication + +CalDAV endpoints use HTTP Basic Authentication. Always use HTTPS in production to prevent credential interception. + +### Rate Limiting + +CalDAV endpoints are rate-limited: +- 60 requests per minute for CalDAV protocol +- 5 requests per minute for manual sync triggers + +--- + +## Environment Variables + +```bash +# Feature toggle +CALDAV_ENABLED=true + +# Encryption key (32 characters minimum) +ENCRYPTION_KEY=your-256-bit-encryption-key + +# Sync defaults +CALDAV_DEFAULT_SYNC_INTERVAL=15 # Minutes +CALDAV_MAX_RECURRING_INSTANCES=365 # Future instances +CALDAV_CONFLICT_RESOLUTION=last_write_wins # Strategy + +# Performance tuning +CALDAV_RATE_LIMIT=60 # Requests per minute +CALDAV_MAX_SYNC_TASKS=1000 # Max tasks per sync +CALDAV_REQUEST_TIMEOUT=30000 # Milliseconds + +# Debugging +CALDAV_LOG_LEVEL=info # error, warn, info, debug +CALDAV_LOG_REQUESTS=false # Log all CalDAV requests +``` + +--- + +## Known Limitations + +1. **Subtasks:** Supported via RELATED-TO, but not all clients render hierarchically +2. **Habit Mode:** Stored in custom fields, not visible in external clients +3. **Tags:** Exported as CATEGORIES, but colors/metadata only in Tududi +4. **Projects:** Association stored in X-TUDUDI-PROJECT-UID, not shown externally +5. **Status Granularity:** 7 Tududi statuses mapped to 4 CalDAV statuses (some nuance lost) +6. **Timezone Handling:** All dates stored as UTC; local timezone conversion in clients +7. **Large Recurring Sequences:** Expanding far into future creates many VTODOs (configurable limit) + +--- + +## FAQs + +### Can I use multiple CalDAV clients simultaneously? + +Yes, multiple clients can sync with the same Tududi calendar. Changes from any client will sync to all others. + +### What happens if I delete a task in a CalDAV client? + +The task will be deleted in Tududi after the next sync (if bidirectional sync is enabled). + +### Can I sync multiple calendars? + +Yes, you can configure multiple remote calendars in the CalDAV settings tab. Each calendar syncs independently. + +### Do I need a CalDAV server to use this feature? + +No, you can use Tududi directly as a CalDAV server. Clients like tasks.org, Apple Reminders, and Thunderbird can connect directly to Tududi. + +### How do I resolve sync conflicts? + +Navigate to **Profile > Settings > CalDAV** tab and click **View Conflicts**. The conflict resolver shows side-by-side comparison and lets you choose which version to keep. + +### Can I disable automatic sync? + +Yes, set sync interval to "Manual only" in calendar settings. You can still trigger sync manually via **Sync Now** button. + +--- + +## User Features + +### Managing Calendars + +**View Calendars:** + +Navigate to **Profile > Settings > CalDAV** tab to see: +- Local calendars (Tududi as CalDAV server) +- Remote calendars (syncing with external servers) +- Sync status (last sync time, errors) +- Configuration options + +**Create Local Calendar:** + +1. Click **Add Calendar** +2. Enter calendar name and description +3. Choose sync settings (enabled by default) +4. Click **Save** +5. Calendar URL: `https://your-domain.com/caldav/{username}/tasks/` + +**Add Remote Calendar:** + +1. Click **Add Remote Calendar** +2. Select server type (Nextcloud, Baikal, Generic) +3. Enter connection details (URL, credentials) +4. Choose sync direction and interval +5. Click **Save** and **Sync Now** + +**Edit Calendar:** + +1. Click **Edit** button on calendar card +2. Modify settings (name, interval, sync direction) +3. Click **Save** + +**Delete Calendar:** + +1. Click **Delete** button on calendar card +2. Confirm deletion +3. **Note:** Deleting a calendar does NOT delete tasks, only the CalDAV configuration + +### Manual Sync + +**Trigger Manual Sync:** + +1. Go to **Profile > Settings > CalDAV** tab +2. Find the calendar you want to sync +3. Click **Sync Now** button +4. Sync status updates in real-time +5. Check **Last Synced** timestamp + +**View Sync Status:** + +Each calendar card shows: +- **Last Synced:** Timestamp of last successful sync +- **Status:** Synced, Syncing, Error +- **Error Details:** If sync failed, error message is displayed + +### Conflict Resolution + +**When Conflicts Occur:** + +A conflict happens when the same task is modified both locally (in Tududi) and remotely (in client/server) between syncs. + +**Automatic Resolution:** + +By default, `last_write_wins` strategy is used: +- Compare `updated_at` timestamps +- Keep the version with most recent change +- Discard older version + +**Manual Resolution:** + +If conflict strategy is set to `manual`: + +1. Navigate to **Profile > Settings > CalDAV** tab +2. Click **View Conflicts** (if conflicts exist) +3. See side-by-side comparison: + - **Local Version:** Current Tududi state + - **Remote Version:** CalDAV client/server state +4. Choose resolution: + - **Keep Local:** Use Tududi version + - **Keep Remote:** Use client/server version + - **Merge:** (not yet implemented) +5. Click **Resolve** + +**Conflict Indicators:** + +- Red badge on CalDAV settings tab +- Conflict count shown on calendar card +- Task marked with conflict icon (if applicable) + +--- + +## Support + +**Issues:** [GitHub Issues](https://github.com/chrisvel/tududi/issues) +**Discussions:** [GitHub Discussions](https://github.com/chrisvel/tududi/discussions) +**Discord:** [Join our community](https://discord.gg/fkbeJ9CmcH) + +**Related Documentation:** +- [Tasks Behavior](00-tasks-behavior.md) +- [Recurring Tasks Behavior](01-recurring-tasks-behavior.md) +- [User Management](08-user-management.md) +- [Architecture Overview](architecture.md) +- [Developer Guide: CalDAV Implementation](dev/caldav-implementation.md) + +**Protocol References:** +- [RFC 4791 - CalDAV](https://datatracker.ietf.org/doc/html/rfc4791) +- [RFC 5545 - iCalendar](https://datatracker.ietf.org/doc/html/rfc5545) +- [RFC 6578 - Sync Collection](https://datatracker.ietf.org/doc/html/rfc6578) + +--- + +**Document Version:** 1.0.0 +**Last Updated:** 2026-04-20 +**Maintainer:** Update when CalDAV features change diff --git a/docs/MEMORY.md b/docs/MEMORY.md index f1cca3e..46f092c 100644 --- a/docs/MEMORY.md +++ b/docs/MEMORY.md @@ -9,6 +9,7 @@ This document contains preferences, patterns, and memory items specific to worki ### PR Template - **ALWAYS use** the PR template from `.github/pull_request_template.md` - **Do NOT add** the "πŸ€– Generated with [Claude Code](https://claude.com/claude-code)" footer to pull requests +- **Do NOT use emojis** in PR titles, descriptions, or comments (e.g., βœ…, πŸŽ‰, πŸ“¦, ⚠️, πŸš€) - Required sections: - **Description**: What does this PR do? Why is this change needed? - **Type of Change**: Bug fix / New feature / Breaking change / Documentation @@ -28,6 +29,7 @@ This document contains preferences, patterns, and memory items specific to worki ### General Rules - **Do NOT add** `Co-authored-by` trailers to commit messages (set globally in `~/.claude/CLAUDE.md`) +- **Do NOT use emojis** in commit messages or comments - Use conventional commit style when appropriate: `fix:`, `feat:`, `refactor:`, etc. - Keep commit messages concise and descriptive @@ -94,5 +96,5 @@ This document contains preferences, patterns, and memory items specific to worki --- -**Last Updated:** 2026-04-12 +**Last Updated:** 2026-04-20 **Maintained by:** Claude Code sessions - update as new patterns emerge \ No newline at end of file diff --git a/docs/dev/caldav-implementation.md b/docs/dev/caldav-implementation.md new file mode 100644 index 0000000..aef2e3d --- /dev/null +++ b/docs/dev/caldav-implementation.md @@ -0,0 +1,1020 @@ +# CalDAV Implementation - Developer Guide + +This document provides detailed technical information about Tududi's CalDAV implementation for developers working on the codebase. + +--- + +## Architecture Overview + +### Protocol Stack + +``` +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ CalDAV Clients (tasks.org, etc) β”‚ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ HTTP/HTTPS +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ WebDAV/CalDAV Protocol Layer β”‚ +β”‚ (PROPFIND, REPORT, GET, PUT, etc) β”‚ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ iCalendar Transformation Layer β”‚ +β”‚ (Task ↔ VTODO serialization) β”‚ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ Synchronization Engine β”‚ +β”‚ (Pull β†’ Merge β†’ Push phases) β”‚ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + β”‚ +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ Repository & Database Layer β”‚ +β”‚ (SQLite with CalDAV tables) β”‚ +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ +``` + +### Module Structure + +``` +backend/modules/caldav/ +β”œβ”€β”€ index.js # Module exports +β”œβ”€β”€ routes.js # WebDAV/CalDAV HTTP handlers +β”œβ”€β”€ webdav/ # WebDAV protocol implementation +β”‚ β”œβ”€β”€ propfind.js # PROPFIND method handler +β”‚ β”œβ”€β”€ report.js # REPORT method handler (calendar-query) +β”‚ β”œβ”€β”€ options.js # OPTIONS method handler +β”‚ β”œβ”€β”€ task-handlers.js # GET/PUT/DELETE task operations +β”‚ └── utils.js # WebDAV XML utilities +β”œβ”€β”€ protocol/ +β”‚ β”œβ”€β”€ discovery.js # .well-known handler +β”‚ β”œβ”€β”€ capabilities.js # CalDAV capabilities +β”‚ └── sync-collection.js # RFC 6578 sync-token (future) +β”œβ”€β”€ icalendar/ # iCalendar transformation +β”‚ β”œβ”€β”€ vtodo-serializer.js # Task β†’ VTODO +β”‚ β”œβ”€β”€ vtodo-parser.js # VTODO β†’ Task +β”‚ β”œβ”€β”€ rrule-generator.js # Recurrence β†’ RRULE +β”‚ β”œβ”€β”€ rrule-parser.js # RRULE β†’ Recurrence +β”‚ └── field-mappings.js # Status, priority mappings +β”œβ”€β”€ sync/ # Synchronization engine +β”‚ β”œβ”€β”€ sync-engine.js # Main orchestrator +β”‚ β”œβ”€β”€ pull-phase.js # Fetch from remote +β”‚ β”œβ”€β”€ merge-phase.js # Conflict detection +β”‚ β”œβ”€β”€ push-phase.js # Send to remote +β”‚ └── conflict-resolver.js # Resolution strategies +β”œβ”€β”€ repositories/ # Data access layer +β”‚ β”œβ”€β”€ calendar-repository.js +β”‚ β”œβ”€β”€ sync-state-repository.js +β”‚ β”œβ”€β”€ override-repository.js +β”‚ └── remote-calendar-repository.js +β”œβ”€β”€ services/ +β”‚ β”œβ”€β”€ calendar-service.js +β”‚ β”œβ”€β”€ sync-scheduler.js # Background sync (node-cron) +β”‚ └── encryption-service.js # AES-256-GCM password encryption +β”œβ”€β”€ middleware/ +β”‚ β”œβ”€β”€ caldav-auth.js # HTTP Basic Auth +β”‚ └── xml-parser.js # Parse XML bodies +β”œβ”€β”€ api/ # REST API endpoints +β”‚ β”œβ”€β”€ routes.js # API route definitions +β”‚ β”œβ”€β”€ calendar-controller.js # Calendar CRUD +β”‚ β”œβ”€β”€ remote-calendar-controller.js +β”‚ └── sync-controller.js # Manual sync, status +└── utils/ + β”œβ”€β”€ etag-generator.js + β”œβ”€β”€ ctag-generator.js + └── validation.js +``` + +--- + +## Database Schema + +### Tables + +#### caldav_calendars + +Local calendar configurations (per-user calendars served by Tududi). + +```sql +CREATE TABLE caldav_calendars ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + uid STRING NOT NULL UNIQUE, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + + -- Calendar identity + name STRING NOT NULL, + description TEXT, + color STRING, + + -- CalDAV metadata + ctag STRING, -- Collection tag (change detection) + sync_token STRING, -- RFC 6578 sync-token + + -- Sync configuration + enabled BOOLEAN DEFAULT 1, + sync_direction STRING DEFAULT 'bidirectional', + sync_interval_minutes INTEGER DEFAULT 15, + last_sync_at DATETIME, + last_sync_status STRING, + conflict_resolution STRING DEFAULT 'last_write_wins', + + created_at DATETIME, + updated_at DATETIME +); +``` + +**Indexes:** +- `idx_caldav_calendars_user_id` on `user_id` +- `idx_caldav_calendars_enabled` on `enabled` +- `idx_caldav_calendars_user_enabled` on `(user_id, enabled)` + +#### caldav_sync_state + +Per-task sync tracking metadata. + +```sql +CREATE TABLE caldav_sync_state ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + task_id INTEGER NOT NULL REFERENCES tasks(id) ON DELETE CASCADE, + calendar_id INTEGER NOT NULL REFERENCES caldav_calendars(id) ON DELETE CASCADE, + + -- CalDAV metadata + etag STRING NOT NULL, + last_modified DATETIME NOT NULL, + + -- Sync tracking + last_synced_at DATETIME, + sync_status STRING DEFAULT 'synced', + + -- Conflict data + conflict_local_version JSON, + conflict_remote_version JSON, + conflict_detected_at DATETIME, + + created_at DATETIME, + updated_at DATETIME, + UNIQUE(task_id, calendar_id) +); +``` + +**Indexes:** +- `idx_caldav_sync_state_task_id` on `task_id` +- `idx_caldav_sync_state_calendar_id` on `calendar_id` +- `idx_caldav_sync_state_status` on `sync_status` +- `idx_caldav_sync_state_modified` on `last_modified` + +#### caldav_occurrence_overrides + +Stores edited instances of recurring tasks. + +```sql +CREATE TABLE caldav_occurrence_overrides ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + parent_task_id INTEGER NOT NULL REFERENCES tasks(id) ON DELETE CASCADE, + calendar_id INTEGER NOT NULL REFERENCES caldav_calendars(id) ON DELETE CASCADE, + + recurrence_id DATETIME NOT NULL, -- Which instance (original due date) + + -- Overridden fields (NULL = not overridden) + override_name TEXT, + override_due_date DATETIME, + override_status INTEGER, + override_priority INTEGER, + override_note TEXT, + + created_at DATETIME, + updated_at DATETIME, + UNIQUE(parent_task_id, calendar_id, recurrence_id) +); +``` + +**Indexes:** +- `idx_caldav_overrides_parent` on `parent_task_id` +- `idx_caldav_overrides_calendar` on `calendar_id` +- `idx_caldav_overrides_recurrence` on `recurrence_id` + +#### caldav_remote_calendars + +External CalDAV server configurations. + +```sql +CREATE TABLE caldav_remote_calendars ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + local_calendar_id INTEGER REFERENCES caldav_calendars(id) ON DELETE SET NULL, + + -- Remote server + name STRING NOT NULL, + server_url STRING NOT NULL, + calendar_path STRING NOT NULL, + username STRING NOT NULL, + password_encrypted TEXT NOT NULL, -- AES-256-GCM + auth_type STRING DEFAULT 'basic', + + -- Sync configuration + enabled BOOLEAN DEFAULT 1, + sync_direction STRING DEFAULT 'bidirectional', + last_sync_at DATETIME, + last_sync_status STRING, + last_sync_error TEXT, + server_ctag STRING, + server_sync_token STRING, + + created_at DATETIME, + updated_at DATETIME +); +``` + +**Indexes:** +- `idx_caldav_remote_user_id` on `user_id` +- `idx_caldav_remote_enabled` on `enabled` +- `idx_caldav_remote_local_cal` on `local_calendar_id` + +--- + +## WebDAV Protocol Implementation + +### HTTP Method Registration + +Express doesn't support WebDAV methods (PROPFIND, REPORT, etc.) by default. Register custom methods in [app.js](../../backend/app.js): + +```javascript +['PROPFIND', 'REPORT', 'MKCALENDAR'].forEach(method => { + express.Router[method.toLowerCase()] = function(path, ...handlers) { + return this.route(path)[method.toLowerCase()] = handlers; + }; +}); +``` + +### Discovery Endpoint + +**Location:** [backend/modules/caldav/protocol/discovery.js](../../backend/modules/caldav/protocol/discovery.js) + +**RFC 6764 .well-known Discovery:** + +```javascript +router.get('/.well-known/caldav', (req, res) => { + res.redirect(301, '/caldav/'); +}); +``` + +### PROPFIND Handler + +**Location:** [backend/modules/caldav/webdav/propfind.js](../../backend/modules/caldav/webdav/propfind.js) + +**Purpose:** List calendar resources and properties + +**Request Example:** + +```xml + + + + + + + + + + +``` + +**Response Structure:** + +```xml + + + + /caldav/user@example.com/tasks/task-uid-123/ + + + + text/calendar; component=VTODO + "etag-value-here" + BEGIN:VCALENDAR...END:VCALENDAR + + HTTP/1.1 200 OK + + + +``` + +**Implementation Notes:** +- Depth: 0 returns collection properties only +- Depth: 1 returns collection + all resources +- ETags generated from task `updated_at` timestamp +- Recurring tasks expanded into virtual instances + +### REPORT Handler + +**Location:** [backend/modules/caldav/webdav/report.js](../../backend/modules/caldav/webdav/report.js) + +**Purpose:** Query/filter calendar resources + +**Supported Reports:** +- `calendar-query` - Query with filters +- `calendar-multiget` - Fetch specific resources by URL +- `sync-collection` - Incremental sync (RFC 6578) + +**calendar-query Example:** + +```xml + + + + + + + + + + + + + +``` + +**Supported Filters:** +- `comp-filter` - Component type (VCALENDAR, VTODO) +- `time-range` - Date/time range filtering +- `prop-filter` - Property value filtering (limited support) + +### Task Operations (GET/PUT/DELETE) + +**Location:** [backend/modules/caldav/webdav/task-handlers.js](../../backend/modules/caldav/webdav/task-handlers.js) + +#### GET - Fetch Task + +```http +GET /caldav/{username}/tasks/{uid}/ HTTP/1.1 +Authorization: Basic base64(email:password) +``` + +**Response:** + +```http +HTTP/1.1 200 OK +Content-Type: text/calendar; charset=utf-8 +ETag: "etag-value" + +BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//CalDAV Server//EN +BEGIN:VTODO +UID:task-uid-123 +SUMMARY:Task Title +... +END:VTODO +END:VCALENDAR +``` + +#### PUT - Create/Update Task + +```http +PUT /caldav/{username}/tasks/{uid}/ HTTP/1.1 +Authorization: Basic base64(email:password) +Content-Type: text/calendar; charset=utf-8 + +BEGIN:VCALENDAR +... +END:VCALENDAR +``` + +**Response:** +- 201 Created (new task) +- 204 No Content (updated task) + +**ETag Handling:** +- If-Match header supported for optimistic locking +- If-None-Match: * to prevent overwrite + +#### DELETE - Remove Task + +```http +DELETE /caldav/{username}/tasks/{uid}/ HTTP/1.1 +Authorization: Basic base64(email:password) +``` + +**Response:** +- 204 No Content (success) +- 404 Not Found (task doesn't exist) + +--- + +## iCalendar Transformation + +### Task β†’ VTODO Serialization + +**Location:** [backend/modules/caldav/icalendar/vtodo-serializer.js](../../backend/modules/caldav/icalendar/vtodo-serializer.js) + +**Field Mappings:** + +```javascript +const fieldMappings = { + uid: (task) => task.uid, + summary: (task) => task.name, + description: (task) => task.note || '', + due: (task) => task.due_date ? formatDateTimeUTC(task.due_date) : null, + dtstart: (task) => task.defer_until ? formatDateTimeUTC(task.defer_until) : null, + completed: (task) => task.completed_at ? formatDateTimeUTC(task.completed_at) : null, + status: (task) => mapStatus(task.status), + priority: (task) => mapPriority(task.priority), + created: (task) => formatDateTimeUTC(task.created_at), + dtstamp: () => formatDateTimeUTC(new Date()), + 'last-modified': (task) => formatDateTimeUTC(task.updated_at) +}; +``` + +**Status Mapping:** + +```javascript +const STATUS_MAP = { + 0: 'NEEDS-ACTION', // NOT_STARTED + 1: 'IN-PROCESS', // IN_PROGRESS + 2: 'COMPLETED', // DONE + 3: 'COMPLETED', // ARCHIVED + 4: 'NEEDS-ACTION', // WAITING + 5: 'CANCELLED', // CANCELLED + 6: 'NEEDS-ACTION' // PLANNED +}; +``` + +**Priority Mapping (Inverse Scale):** + +```javascript +function mapPriority(tududiPriority) { + // Tududi: 0=Low, 1=Medium, 2=High + // iCalendar: 1=Highest, 5=Medium, 9=Lowest + const priorityMap = { 0: 7, 1: 5, 2: 3 }; + return priorityMap[tududiPriority] || 5; +} +``` + +**Recurrence (RRULE) Generation:** + +```javascript +function generateRRule(task) { + const rruleMap = { + daily: () => `FREQ=DAILY;INTERVAL=${task.recurrence_interval || 1}`, + weekly: () => { + const days = task.recurrence_weekdays || [1]; // Default Monday + const byDay = days.map(d => ['SU','MO','TU','WE','TH','FR','SA'][d]).join(','); + return `FREQ=WEEKLY;BYDAY=${byDay}`; + }, + monthly: () => { + if (task.recurrence_month_day) { + return `FREQ=MONTHLY;BYMONTHDAY=${task.recurrence_month_day}`; + } + // Monthly by weekday (e.g., 2nd Thursday) + const week = task.recurrence_week || 1; + const day = ['SU','MO','TU','WE','TH','FR','SA'][task.recurrence_weekday || 1]; + return `FREQ=MONTHLY;BYDAY=${week}${day}`; + }, + yearly: () => `FREQ=YEARLY;BYMONTH=${task.recurrence_month || 1}` + }; + + let rrule = rruleMap[task.recurrence_pattern]?.(); + if (!rrule) return null; + + // Add count or until + if (task.recurrence_count) { + rrule += `;COUNT=${task.recurrence_count}`; + } else if (task.recurrence_end_date) { + rrule += `;UNTIL=${formatDateTimeUTC(task.recurrence_end_date)}`; + } + + return rrule; +} +``` + +### VTODO β†’ Task Parsing + +**Location:** [backend/modules/caldav/icalendar/vtodo-parser.js](../../backend/modules/caldav/icalendar/vtodo-parser.js) + +**Parsing Workflow:** + +```javascript +function vtodoToTask(vtodoString) { + // 1. Parse iCalendar string + const jcalData = ICAL.parse(vtodoString); + const comp = new ICAL.Component(jcalData); + const vtodoComp = comp.getFirstSubcomponent('vtodo'); + + // 2. Extract basic properties + const task = { + uid: vtodoComp.getFirstPropertyValue('uid'), + name: vtodoComp.getFirstPropertyValue('summary'), + note: vtodoComp.getFirstPropertyValue('description'), + }; + + // 3. Parse dates (convert to UTC) + const due = vtodoComp.getFirstPropertyValue('due'); + if (due) task.due_date = due.toJSDate().toISOString(); + + const dtstart = vtodoComp.getFirstPropertyValue('dtstart'); + if (dtstart) task.defer_until = dtstart.toJSDate().toISOString(); + + // 4. Parse status and priority + const status = vtodoComp.getFirstPropertyValue('status'); + task.status = reverseMapStatus(status); + + const priority = vtodoComp.getFirstPropertyValue('priority'); + task.priority = reverseMapPriority(priority); + + // 5. Parse recurrence + const rrule = vtodoComp.getFirstPropertyValue('rrule'); + if (rrule) { + Object.assign(task, parseRRule(rrule)); + } + + // 6. Parse custom properties + const customProps = vtodoComp.getAllProperties().filter(p => + p.name.startsWith('x-tududi-') + ); + customProps.forEach(prop => { + // Handle X-TUDUDI-* properties + }); + + return task; +} +``` + +**Reverse Priority Mapping:** + +```javascript +function reverseMapPriority(icalPriority) { + // iCalendar 1-9 β†’ Tududi 0-2 + if (icalPriority >= 1 && icalPriority <= 3) return 2; // High + if (icalPriority >= 4 && icalPriority <= 6) return 1; // Medium + if (icalPriority >= 7 && icalPriority <= 9) return 0; // Low + return 1; // Default to medium +} +``` + +--- + +## Synchronization Engine + +### Architecture + +**Location:** [backend/modules/caldav/sync/sync-engine.js](../../backend/modules/caldav/sync/sync-engine.js) + +**Three-Phase Process:** + +``` +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ PULL PHASE β”‚ Fetch changes from remote CalDAV server +β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜ + β”‚ + β–Ό +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ MERGE PHASE β”‚ Detect conflicts, apply resolution strategy +β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜ + β”‚ + β–Ό +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β”‚ PUSH PHASE β”‚ Send local changes to remote server +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ +``` + +### Pull Phase + +**Location:** [backend/modules/caldav/sync/pull-phase.js](../../backend/modules/caldav/sync/pull-phase.js) + +```javascript +async function pullChanges(remoteCalendar) { + // 1. Send PROPFIND or REPORT to remote server + const response = await fetch(`${remoteCalendar.server_url}${remoteCalendar.calendar_path}`, { + method: 'PROPFIND', + headers: { + 'Authorization': `Basic ${getAuthHeader(remoteCalendar)}`, + 'Depth': '1', + 'Content-Type': 'application/xml' + }, + body: buildPropfindRequest(['getetag', 'calendar-data']) + }); + + // 2. Parse multistatus response + const remoteResources = parseMultistatusResponse(await response.text()); + + // 3. Convert VTODOs to tasks + const remoteTasks = remoteResources.map(resource => ({ + task: vtodoParser.vtodoToTask(resource.calendarData), + etag: resource.etag, + href: resource.href + })); + + return remoteTasks; +} +``` + +### Merge Phase + +**Location:** [backend/modules/caldav/sync/merge-phase.js](../../backend/modules/caldav/sync/merge-phase.js) + +```javascript +async function mergeChanges(localTasks, remoteTasks, conflictStrategy) { + const conflicts = []; + const toUpdate = []; + const toCreate = []; + + for (const remoteTask of remoteTasks) { + const localTask = localTasks.find(t => t.uid === remoteTask.task.uid); + + if (!localTask) { + // New remote task, create locally + toCreate.push(remoteTask); + continue; + } + + const syncState = await SyncStateRepository.findByTaskAndCalendar( + localTask.id, + calendar.id + ); + + // Check for conflicts + if (syncState.etag !== remoteTask.etag && + localTask.updated_at > syncState.last_synced_at) { + // Both local and remote changed + conflicts.push({ + task: localTask, + localVersion: localTask, + remoteVersion: remoteTask.task, + remoteEtag: remoteTask.etag + }); + continue; + } + + // Remote changed, local didn't + if (syncState.etag !== remoteTask.etag) { + toUpdate.push(remoteTask); + } + } + + // Apply conflict resolution + const resolved = await resolveConflicts(conflicts, conflictStrategy); + + return { toCreate, toUpdate, resolved }; +} +``` + +### Push Phase + +**Location:** [backend/modules/caldav/sync/push-phase.js](../../backend/modules/caldav/sync/push-phase.js) + +```javascript +async function pushChanges(localChanges, remoteCalendar) { + for (const task of localChanges) { + const vtodo = vtodoSerializer.taskToVTodo(task); + const href = `${remoteCalendar.server_url}${remoteCalendar.calendar_path}${task.uid}/`; + + const response = await fetch(href, { + method: 'PUT', + headers: { + 'Authorization': `Basic ${getAuthHeader(remoteCalendar)}`, + 'Content-Type': 'text/calendar; charset=utf-8', + 'If-Match': task.syncState?.etag || '*' + }, + body: vtodo + }); + + if (response.ok) { + const newEtag = response.headers.get('etag'); + await SyncStateRepository.updateEtag(task.id, remoteCalendar.id, newEtag); + } + } +} +``` + +### Conflict Resolution Strategies + +**Location:** [backend/modules/caldav/sync/conflict-resolver.js](../../backend/modules/caldav/sync/conflict-resolver.js) + +```javascript +const strategies = { + last_write_wins: (local, remote) => { + return new Date(local.updated_at) > new Date(remote.updated_at) + ? local + : remote; + }, + + local_wins: (local, remote) => local, + + remote_wins: (local, remote) => remote, + + manual: (local, remote) => { + // Store both versions for manual resolution + return { + requiresManualResolution: true, + local, + remote + }; + } +}; +``` + +--- + +## Authentication + +### HTTP Basic Auth + +**Location:** [backend/modules/caldav/middleware/caldav-auth.js](../../backend/modules/caldav/middleware/caldav-auth.js) + +```javascript +async function caldavAuth(req, res, next) { + // 1. Check for existing session (web UI) + if (req.session?.userId) { + req.currentUser = await User.findByPk(req.session.userId); + return next(); + } + + // 2. Check for Bearer token (API) + if (req.headers.authorization?.startsWith('Bearer ')) { + // Validate API token + return next(); + } + + // 3. Parse HTTP Basic Auth + const authHeader = req.headers.authorization; + if (!authHeader?.startsWith('Basic ')) { + return res.status(401) + .set('WWW-Authenticate', 'Basic realm="Tududi CalDAV"') + .json({ error: 'Authentication required' }); + } + + const credentials = Buffer.from(authHeader.split(' ')[1], 'base64').toString('utf8'); + const [username, password] = credentials.split(':'); + + // 4. Validate credentials + const user = await User.findOne({ where: { email: username } }); + if (!user || !await bcrypt.compare(password, user.password_digest)) { + return res.status(401).json({ error: 'Invalid credentials' }); + } + + req.currentUser = user; + next(); +} +``` + +--- + +## Security + +### Password Encryption + +**Location:** [backend/modules/caldav/services/encryption-service.js](../../backend/modules/caldav/services/encryption-service.js) + +**AES-256-GCM Encryption:** + +```javascript +const crypto = require('crypto'); + +const ALGORITHM = 'aes-256-gcm'; +const KEY = Buffer.from(process.env.ENCRYPTION_KEY || process.env.SECRET_KEY, 'utf-8').slice(0, 32); + +function encrypt(plaintext) { + const iv = crypto.randomBytes(16); + const cipher = crypto.createCipheriv(ALGORITHM, KEY, iv); + + let encrypted = cipher.update(plaintext, 'utf8', 'hex'); + encrypted += cipher.final('hex'); + + const authTag = cipher.getAuthTag(); + + return JSON.stringify({ + iv: iv.toString('hex'), + encrypted, + authTag: authTag.toString('hex') + }); +} + +function decrypt(ciphertext) { + const { iv, encrypted, authTag } = JSON.parse(ciphertext); + + const decipher = crypto.createDecipheriv( + ALGORITHM, + KEY, + Buffer.from(iv, 'hex') + ); + + decipher.setAuthTag(Buffer.from(authTag, 'hex')); + + let decrypted = decipher.update(encrypted, 'hex', 'utf8'); + decrypted += decipher.final('utf8'); + + return decrypted; +} + +module.exports = { encrypt, decrypt }; +``` + +### XML Injection Prevention + +**Location:** [backend/modules/caldav/middleware/xml-parser.js](../../backend/modules/caldav/middleware/xml-parser.js) + +```javascript +const xml2js = require('xml2js'); + +const parser = new xml2js.Parser({ + explicitArray: false, + ignoreAttrs: false, + trim: true, + normalize: true, + // Security: Disable external entities + xmlns: false, + explicitRoot: true, + // Prevent billion laughs attack + strict: true +}); +``` + +--- + +## Performance Optimizations + +### Database Indexes + +**Migration:** [20260420000005-add-caldav-indexes.js](../../backend/migrations/20260420000005-add-caldav-indexes.js) + +Critical indexes for performance: +- `tasks.uid` - Fast task lookup by UID +- `tasks.updated_at` - Identify changed tasks +- `caldav_sync_state.task_id` - Sync state lookup +- `caldav_sync_state.calendar_id` - Calendar-based queries +- `caldav_sync_state.last_modified` - Incremental sync + +### Caching Strategy + +**ETag Caching:** +- ETags generated from task `updated_at` timestamp +- Clients cache VTODO data, re-fetch only if ETag changed +- Reduces bandwidth and serialization overhead + +**CTag (Collection Tag):** +- Single tag for entire calendar collection +- Changes when any task in calendar changes +- Enables quick "has anything changed?" check + +### Recurring Task Expansion + +**Lazy Expansion:** +- Parent task stored once in database +- Instances generated on-demand during serialization +- Configurable limit (default: 365 instances) +- Prevents database bloat from thousands of future instances + +**Implementation:** + +```javascript +function expandRecurringTask(parentTask, maxInstances = 365) { + if (!parentTask.recurrence_pattern) return [parentTask]; + + const instances = []; + const rrule = parseRRule(parentTask); + const dates = rrule.between(new Date(), addDays(new Date(), 365), true, maxInstances); + + dates.forEach((date, index) => { + const instance = { + ...parentTask, + uid: `${parentTask.uid}`, // Same UID + recurrenceId: date.toISOString(), // RECURRENCE-ID property + due_date: date.toISOString() + }; + instances.push(instance); + }); + + return instances; +} +``` + +--- + +## Testing + +### Unit Tests + +**Location:** [backend/tests/unit/caldav/](../../backend/tests/unit/caldav/) + +Test coverage: +- iCalendar serialization/parsing +- RRULE generation/parsing +- Field mappings (status, priority) +- Encryption/decryption +- ETag/CTag generation + +### Integration Tests + +**Location:** [backend/tests/integration/caldav.test.js](../../backend/tests/integration/caldav.test.js) + +Test scenarios: +- WebDAV method handlers (PROPFIND, REPORT, etc.) +- Authentication (Basic Auth, sessions) +- Task CRUD operations +- Recurring task expansion +- Conflict detection and resolution +- Sync engine phases + +### E2E Tests + +**Location:** [e2e/tests/caldav-client.spec.ts](../../e2e/tests/caldav-client.spec.ts) + +Test real-world client interactions: +- CalDAV discovery +- PROPFIND with Depth: 0 and 1 +- REPORT with calendar-query +- GET/PUT/DELETE task operations +- Recurring task synchronization +- Performance (large calendars) + +--- + +## Debugging + +### Enable Debug Logging + +```bash +CALDAV_LOG_LEVEL=debug +CALDAV_LOG_REQUESTS=true +``` + +### Common Issues + +**Issue:** PROPFIND returns empty multistatus + +**Debug:** +```javascript +console.log('Tasks found:', tasks.length); +console.log('Expanded instances:', expandedTasks.length); +console.log('XML response:', xmlResponse); +``` + +**Issue:** RRULE parsing fails + +**Debug:** +```javascript +const rrule = vtodoComp.getFirstPropertyValue('rrule'); +console.log('RRULE object:', rrule); +console.log('Frequency:', rrule.freq); +console.log('Interval:', rrule.interval); +``` + +**Issue:** Sync conflicts not detected + +**Debug:** +```javascript +console.log('Local updated_at:', localTask.updated_at); +console.log('Sync state updated_at:', syncState.last_synced_at); +console.log('Remote etag:', remoteTask.etag); +console.log('Sync state etag:', syncState.etag); +``` + +--- + +## References + +### RFCs + +- [RFC 4791 - CalDAV](https://datatracker.ietf.org/doc/html/rfc4791) - CalDAV protocol +- [RFC 5545 - iCalendar](https://datatracker.ietf.org/doc/html/rfc5545) - iCalendar format +- [RFC 6578 - Sync-Collection](https://datatracker.ietf.org/doc/html/rfc6578) - Incremental sync +- [RFC 4918 - WebDAV](https://datatracker.ietf.org/doc/html/rfc4918) - WebDAV protocol + +### Libraries + +- [ical.js](https://github.com/kewisch/ical.js) - iCalendar parsing/generation +- [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) - XML parsing +- [node-cron](https://github.com/node-cron/node-cron) - Background scheduling + +### External Resources + +- [CalDAV Client Implementation Guide](https://sabredav.org/dav/building-a-caldav-client/) +- [Apple CalDAV Server](https://github.com/apple/ccs-calendarserver) +- [Radicale CalDAV Server](https://radicale.org/) + +--- + +## Contributing + +When working on CalDAV features: + +1. **Follow existing patterns** - Use repository pattern for data access +2. **Write tests** - Unit tests for logic, integration tests for HTTP handlers +3. **Update docs** - Keep user and developer docs in sync +4. **Test with clients** - Verify with tasks.org, Thunderbird, or Apple Reminders +5. **Performance matters** - Profile with 1000+ tasks, optimize queries +6. **Security first** - Validate all inputs, use prepared statements, encrypt passwords + +### Adding New VTODO Properties + +1. Update field mappings in [field-mappings.js](../../backend/modules/caldav/icalendar/field-mappings.js) +2. Add serialization in [vtodo-serializer.js](../../backend/modules/caldav/icalendar/vtodo-serializer.js) +3. Add parsing in [vtodo-parser.js](../../backend/modules/caldav/icalendar/vtodo-parser.js) +4. Write round-trip tests in [backend/tests/unit/caldav/](../../backend/tests/unit/caldav/) +5. Update user documentation in [docs/11-caldav-sync.md](../11-caldav-sync.md) + +--- + +**Document Version:** 1.0.0 +**Last Updated:** 2026-04-20 +**Maintainer:** Update when CalDAV implementation changes diff --git a/docs/feature-plans/00-oidc-sso.md b/docs/feature-plans/00-oidc-sso.md index 5d4adaf..2566957 100644 --- a/docs/feature-plans/00-oidc-sso.md +++ b/docs/feature-plans/00-oidc-sso.md @@ -32,7 +32,7 @@ This implementation uses **environment variables** for OIDC provider configurati |--------|---------------------------|-------------------| | **Configuration** | Edit `.env` file, restart server | Web UI, no restart needed | | **Tables** | 3 tables (identities, state, audit) | 4 tables (+ providers table) | -| **Timeline** | 15-19 days (3-4 weeks) | 22-29 days (4-6 weeks) | +| **Timeline** | Faster | Longer | | **Complexity** | Lower | Higher | | **Target Audience** | Self-hosters with shell access | Non-technical admins | | **Secret Storage** | .env plaintext (standard practice) | Database with AES-256-GCM | @@ -40,7 +40,7 @@ This implementation uses **environment variables** for OIDC provider configurati | **Migration Path** | Can add admin UI later | N/A | **Why This Approach:** -- βœ… **Faster delivery:** Ship OIDC 7-10 days sooner +- βœ… **Faster delivery:** Ship OIDC faster - βœ… **Simpler codebase:** Less code to maintain - βœ… **Familiar pattern:** Self-hosters already edit .env for DB, SMTP, etc. - βœ… **Sufficient for MVP:** Most users need 1-2 providers @@ -599,7 +599,7 @@ Log all authentication events: ## Implementation Steps -### Phase 1: Database & Models (2 days) +### Phase 1: Database & Models 1. Create `oidc_identities` migration and model 2. Create `oidc_state_nonces` migration and model 3. Create migration to make `password_digest` nullable @@ -609,7 +609,7 @@ Log all authentication events: **Testing:** Unit tests for models and validation rules -### Phase 2: Backend Core Services (3-4 days) +### Phase 2: Backend Core Services 1. Install `openid-client` dependency 2. Implement `providerConfig.js` (load from .env) 3. Implement `stateManager.js` (state lifecycle) @@ -617,7 +617,7 @@ Log all authentication events: **Testing:** Unit tests for each service -### Phase 3: OIDC Authentication Flow (4-5 days) +### Phase 3: OIDC Authentication Flow 1. Implement `service.js` (discovery, auth flow, callback) 2. Implement `provisioningService.js` (JIT provisioning logic) 3. Implement `oidcIdentityService.js` (linking/unlinking) @@ -627,7 +627,7 @@ Log all authentication events: **Testing:** Integration tests with mock OIDC provider -### Phase 4: Frontend Login Flow (2-3 days) +### Phase 4: Frontend Login Flow 1. Create `OIDCProviderButtons` component 2. Update `Login.tsx` to fetch and display providers 3. Create `OIDCCallback.tsx` component @@ -636,7 +636,7 @@ Log all authentication events: **Testing:** E2E tests with Playwright (mock provider) -### Phase 5: Frontend Account Linking (2-3 days) +### Phase 5: Frontend Account Linking 1. Create "Connected Accounts" section in SecurityTab 2. Implement link/unlink flows 3. Add validation for last auth method @@ -644,14 +644,13 @@ Log all authentication events: **Testing:** E2E tests for linking workflows -### Phase 6: Documentation & Polish (2 days) +### Phase 6: Documentation & Polish 1. Create `/docs/10-oidc-sso.md` (user guide) 2. Update README with .env configuration examples 3. Add provider-specific setup guides (Google, Okta, Authentik, PocketID) 4. Add i18n for all UI text 5. Full regression testing -**Total Estimated Time:** 15-19 days (3-4 weeks) --- @@ -671,7 +670,7 @@ If .env configuration proves limiting, a future release can add admin UI: - Test connection button - Audit log viewer -**Estimated Additional Time:** 3-4 days +**Estimated Additional Time:** Moderate effort This keeps the initial release simple while providing a clear upgrade path. @@ -930,7 +929,7 @@ Reads `.env` providers and inserts into database. Build `/admin/oidc-providers` page with CRUD operations. ### Benefits of This Approach -- βœ… Ship OIDC faster (3-4 weeks vs 4-6 weeks) +- βœ… Ship OIDC faster - βœ… Learn from user feedback before building UI - βœ… Keep initial implementation simple - βœ… Clear upgrade path when needed diff --git a/docs/feature-plans/01-caldav-sync.md b/docs/feature-plans/01-caldav-sync.md new file mode 100644 index 0000000..d7dc470 --- /dev/null +++ b/docs/feature-plans/01-caldav-sync.md @@ -0,0 +1,687 @@ +# CalDAV Synchronization Implementation Plan + +**GitHub Issue:** [#978 - Add CalDAV Synchronization Support](https://github.com/chrisvel/tududi/issues/978) + +--- + +## Context + +Tududi currently supports hierarchical task management with sophisticated recurring tasks, but lacks external synchronization. This feature adds CalDAV protocol support to enable bidirectional sync with CalDAV servers (Nextcloud, Baikal, etesync) and clients (tasks.org, Apple Reminders, Thunderbird). + +**Why This Change:** +- Enable mobile/desktop client access (tasks.org, Apple Reminders, Thunderbird) +- Support self-hosted CalDAV server sync (Nextcloud, Baikal) +- Maintain task data across multiple devices +- Enable offline task management with eventual sync +- Requested in [Discussion #246](https://github.com/chrisvel/tududi/discussions/246) + +**Implementation Approach:** +- Custom CalDAV/WebDAV implementation (RFC 4791) +- `ical.js` library for iCalendar VTODO format +- Hybrid recurring task strategy (store once, expand for CalDAV) +- RFC 6578 compliance for incremental sync +- Database storage for calendar configurations (not .env like OIDC) + +**Estimated Effort:** Significant development effort + +--- + +## Key Architecture Decisions + +### 1. Database Storage (not .env) +**Decision:** Store calendar configurations in database with web UI management. + +**Why:** Unlike OIDC (system-wide, admin-configured), CalDAV is per-user. Users need to configure multiple calendars, update credentials frequently, and enable/disable sync without server restart. + +### 2. Hybrid Recurring Task Expansion +**Decision:** Store parent task only, expand to VTODO instances on-demand at serialization time. + +**Why:** Reuses existing virtual instance logic (`recurringTaskService.js`). CalDAV clients expect discrete VTODO entries with RECURRENCE-ID, but we don't persist all future instances. + +### 3. HTTP Basic Auth Support +**Decision:** Add HTTP Basic Auth middleware for CalDAV routes. + +**Why:** CalDAV clients (tasks.org, Thunderbird) require HTTP Basic Auth. Web UI continues using sessions. No changes to existing auth middleware needed. + +### 4. Library Selection +- **iCalendar:** `ical.js` (v2.1.0) - industry standard +- **XML:** `xml2js` (v0.6.0) - bidirectional XML ↔ JS +- **CalDAV Protocol:** Custom implementation (no mature Node.js library) + +### 5. Route Structure +**Mount CalDAV at `/caldav/`:** +``` +/.well-known/caldav β†’ Discovery redirect +/caldav/{username}/tasks/ β†’ User's default calendar +/caldav/{username}/tasks/{uid}/ β†’ Individual task resource +``` + +--- + +## Database Schema Changes + +### 1. `caldav_calendars` - Calendar configuration +```sql +CREATE TABLE caldav_calendars ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + uid STRING NOT NULL UNIQUE, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + + -- Calendar identity + name STRING NOT NULL, + description TEXT, + color STRING, + + -- CalDAV metadata + ctag STRING, -- Collection tag (change detection) + sync_token STRING, -- RFC 6578 sync-token + + -- Sync configuration + enabled BOOLEAN DEFAULT 1, + sync_direction STRING DEFAULT 'bidirectional', + sync_interval_minutes INTEGER DEFAULT 15, + last_sync_at DATETIME, + last_sync_status STRING, + conflict_resolution STRING DEFAULT 'last_write_wins', + + created_at DATETIME, + updated_at DATETIME +); +``` +**Migration:** `20260420000001-create-caldav-calendars.js` + +### 2. `caldav_sync_state` - Per-task sync tracking +```sql +CREATE TABLE caldav_sync_state ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + task_id INTEGER NOT NULL REFERENCES tasks(id) ON DELETE CASCADE, + calendar_id INTEGER NOT NULL REFERENCES caldav_calendars(id) ON DELETE CASCADE, + + -- CalDAV metadata + etag STRING NOT NULL, + last_modified DATETIME NOT NULL, + + -- Sync tracking + last_synced_at DATETIME, + sync_status STRING DEFAULT 'synced', + + -- Conflict data + conflict_local_version JSON, + conflict_remote_version JSON, + conflict_detected_at DATETIME, + + created_at DATETIME, + updated_at DATETIME, + UNIQUE(task_id, calendar_id) +); +``` +**Migration:** `20260420000002-create-caldav-sync-state.js` + +### 3. `caldav_occurrence_overrides` - Edited recurring instances +```sql +CREATE TABLE caldav_occurrence_overrides ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + parent_task_id INTEGER NOT NULL REFERENCES tasks(id) ON DELETE CASCADE, + calendar_id INTEGER NOT NULL REFERENCES caldav_calendars(id) ON DELETE CASCADE, + + recurrence_id DATETIME NOT NULL, -- Which instance (original due date) + + -- Overridden fields (NULL = not overridden) + override_name TEXT, + override_due_date DATETIME, + override_status INTEGER, + override_priority INTEGER, + override_note TEXT, + + created_at DATETIME, + updated_at DATETIME, + UNIQUE(parent_task_id, calendar_id, recurrence_id) +); +``` +**Migration:** `20260420000003-create-caldav-occurrence-overrides.js` + +### 4. `caldav_remote_calendars` - External CalDAV servers +```sql +CREATE TABLE caldav_remote_calendars ( + id INTEGER PRIMARY KEY AUTOINCREMENT, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + local_calendar_id INTEGER REFERENCES caldav_calendars(id) ON DELETE SET NULL, + + -- Remote server + name STRING NOT NULL, + server_url STRING NOT NULL, + calendar_path STRING NOT NULL, + username STRING NOT NULL, + password_encrypted TEXT NOT NULL, -- AES-256-GCM + auth_type STRING DEFAULT 'basic', + + -- Sync configuration + enabled BOOLEAN DEFAULT 1, + sync_direction STRING DEFAULT 'bidirectional', + last_sync_at DATETIME, + last_sync_status STRING, + last_sync_error TEXT, + server_ctag STRING, + server_sync_token STRING, + + created_at DATETIME, + updated_at DATETIME +); +``` +**Migration:** `20260420000004-create-caldav-remote-calendars.js` + +**Note:** No changes to `tasks` table - existing `uid` field becomes CalDAV UID. + +--- + +## Backend Implementation + +### Module Structure +``` +backend/modules/caldav/ +β”œβ”€β”€ index.js # Module exports +β”œβ”€β”€ routes.js # WebDAV/CalDAV HTTP handlers +β”œβ”€β”€ webdav/ # WebDAV protocol +β”‚ β”œβ”€β”€ propfind.js # PROPFIND method +β”‚ β”œβ”€β”€ report.js # REPORT method (calendar-query) +β”‚ β”œβ”€β”€ options.js # OPTIONS method +β”‚ └── utils.js # WebDAV XML helpers +β”œβ”€β”€ protocol/ +β”‚ β”œβ”€β”€ discovery.js # .well-known handler +β”‚ β”œβ”€β”€ capabilities.js # CalDAV capabilities +β”‚ └── sync-collection.js # RFC 6578 sync-token +β”œβ”€β”€ icalendar/ # iCalendar transformation +β”‚ β”œβ”€β”€ vtodo-serializer.js # Task β†’ VTODO +β”‚ β”œβ”€β”€ vtodo-parser.js # VTODO β†’ Task +β”‚ β”œβ”€β”€ rrule-generator.js # Recurrence β†’ RRULE +β”‚ β”œβ”€β”€ rrule-parser.js # RRULE β†’ Recurrence +β”‚ └── field-mappings.js # Status, priority mappings +β”œβ”€β”€ sync/ # Synchronization engine +β”‚ β”œβ”€β”€ sync-engine.js # Main orchestrator +β”‚ β”œβ”€β”€ pull-phase.js # Fetch from remote +β”‚ β”œβ”€β”€ merge-phase.js # Conflict detection +β”‚ β”œβ”€β”€ push-phase.js # Send to remote +β”‚ └── conflict-resolver.js # Resolution strategies +β”œβ”€β”€ repositories/ +β”‚ β”œβ”€β”€ calendar-repository.js +β”‚ β”œβ”€β”€ sync-state-repository.js +β”‚ β”œβ”€β”€ override-repository.js +β”‚ └── remote-calendar-repository.js +β”œβ”€β”€ services/ +β”‚ β”œβ”€β”€ calendar-service.js +β”‚ β”œβ”€β”€ sync-scheduler.js # Background sync (node-cron) +β”‚ └── encryption-service.js # AES-256-GCM password encryption +β”œβ”€β”€ middleware/ +β”‚ β”œβ”€β”€ caldav-auth.js # HTTP Basic Auth +β”‚ └── xml-parser.js # Parse XML bodies +└── utils/ + β”œβ”€β”€ etag-generator.js + β”œβ”€β”€ ctag-generator.js + └── validation.js +``` + +### Critical Services + +#### 1. Task β†’ VTODO Field Mappings + +| Tududi Field | VTODO Property | Transformation | +|--------------|----------------|----------------| +| `uid` | `UID` | Direct (15-char nanoid) | +| `name` | `SUMMARY` | Direct | +| `note` | `DESCRIPTION` | Direct | +| `due_date` | `DUE` | UTC DATE-TIME | +| `defer_until` | `DTSTART` | UTC DATE-TIME | +| `completed_at` | `COMPLETED` | UTC DATE-TIME | +| `status` (0-6) | `STATUS` | Map to NEEDS-ACTION/IN-PROCESS/COMPLETED/CANCELLED | +| `priority` (0-2) | `PRIORITY` | Inverse scale (0β†’7, 1β†’5, 2β†’3) | +| `recurrence_*` | `RRULE` | Generate RRULE string | +| `parent_task_id` | `RELATED-TO` | Parent UID | +| Custom | `X-TUDUDI-*` | Extended properties | + +**Status Mapping:** +```javascript +// Tududi β†’ iCalendar +0 (NOT_STARTED) β†’ NEEDS-ACTION +1 (IN_PROGRESS) β†’ IN-PROCESS +2 (DONE) β†’ COMPLETED +3 (ARCHIVED) β†’ COMPLETED +4 (WAITING) β†’ NEEDS-ACTION +5 (CANCELLED) β†’ CANCELLED +6 (PLANNED) β†’ NEEDS-ACTION +``` + +**Priority Mapping (Inverse):** +```javascript +// Tududi 0=Low, 1=Medium, 2=High +// iCalendar 1=Highest, 5=Medium, 9=Lowest +tududiToIcal: priority => 9 - (priority * 2) +icalToTududi: + 1-3 β†’ High (2) + 4-6 β†’ Medium (1) + 7-9 β†’ Low (0) +``` + +#### 2. RRULE Generation Examples + +| Tududi Pattern | RRULE | +|----------------|-------| +| daily, interval=2 | `FREQ=DAILY;INTERVAL=2` | +| weekly, weekdays=[1,3,5] | `FREQ=WEEKLY;BYDAY=MO,WE,FR` | +| monthly, month_day=15 | `FREQ=MONTHLY;BYMONTHDAY=15` | +| monthly_weekday, week=2, weekday=4 | `FREQ=MONTHLY;BYDAY=2TH` | +| monthly_last_day | `FREQ=MONTHLY;BYMONTHDAY=-1` | + +**Implementation:** `/backend/modules/caldav/icalendar/rrule-generator.js` + +#### 3. Sync Engine Workflow + +``` +PULL PHASE (pull-phase.js) +β”œβ”€ Fetch remote changes (REPORT with sync-token) +β”œβ”€ Parse VTODO to tasks +└─ Store in temporary buffer + +MERGE PHASE (merge-phase.js) +β”œβ”€ Compare ETags (local vs remote) +β”œβ”€ Detect conflicts (both changed) +β”œβ”€ Apply resolution strategy: +β”‚ β”œβ”€ last_write_wins: Compare timestamps +β”‚ β”œβ”€ local_wins: Keep local +β”‚ β”œβ”€ remote_wins: Keep remote +β”‚ └─ manual: Flag for user resolution +└─ Update local database + +PUSH PHASE (push-phase.js) +β”œβ”€ Identify local changes (updated_at > last_synced_at) +β”œβ”€ Serialize to VTODO +β”œβ”€ PUT to remote server +└─ Update sync state (ETags, timestamps) +``` + +**Implementation:** `/backend/modules/caldav/sync/sync-engine.js` + +#### 4. HTTP Basic Auth Middleware + +**File:** `/backend/modules/caldav/middleware/caldav-auth.js` + +```javascript +async function caldavAuth(req, res, next) { + // Check existing session/Bearer token first + if (req.session?.userId || req.headers.authorization?.startsWith('Bearer ')) { + return next(); + } + + // Parse HTTP Basic Auth + const authHeader = req.headers.authorization; + if (!authHeader?.startsWith('Basic ')) { + return res.status(401) + .set('WWW-Authenticate', 'Basic realm="Tududi CalDAV"') + .json({ error: 'Authentication required' }); + } + + const credentials = Buffer.from(authHeader.split(' ')[1], 'base64').toString('utf8'); + const [username, password] = credentials.split(':'); + + // Validate against User model + const user = await User.findOne({ where: { email: username } }); + if (!user || !await bcrypt.compare(password, user.password_digest)) { + return res.status(401).json({ error: 'Invalid credentials' }); + } + + req.currentUser = user; + next(); +} +``` + +### Routes + +**WebDAV Protocol Routes:** +```javascript +// Discovery +GET /.well-known/caldav β†’ Redirect to /caldav/ + +// CalDAV endpoints (use caldavAuth middleware) +PROPFIND /caldav/:username/tasks/ β†’ List tasks +REPORT /caldav/:username/tasks/ β†’ Query/filter tasks +OPTIONS /caldav/:username/tasks/ β†’ Capabilities +GET /caldav/:username/tasks/:uid/ β†’ Fetch task +PUT /caldav/:username/tasks/:uid/ β†’ Create/update task +DELETE /caldav/:username/tasks/:uid/ β†’ Delete task +``` + +**REST API Routes (use requireAuth middleware):** +```javascript +// Calendar management +GET /api/caldav/calendars +POST /api/caldav/calendar +PUT /api/caldav/calendar/:id +DELETE /api/caldav/calendar/:id + +// Remote calendar configuration +GET /api/caldav/remote-calendars +POST /api/caldav/remote-calendar +PUT /api/caldav/remote-calendar/:id +DELETE /api/caldav/remote-calendar/:id + +// Sync operations +POST /api/caldav/sync/:calendarId β†’ Manual sync trigger +GET /api/caldav/sync-status/:calendarId β†’ Sync status + +// Conflict resolution +GET /api/caldav/conflicts β†’ List conflicts +POST /api/caldav/resolve-conflict/:taskId β†’ Resolve conflict +``` + +**Note:** Express doesn't natively support PROPFIND/REPORT. Register custom methods in `app.js`: +```javascript +['PROPFIND', 'REPORT', 'MKCALENDAR'].forEach(method => { + express.Router[method.toLowerCase()] = function(path, ...handlers) { + return this.route(path)[method.toLowerCase()] = handlers; + }; +}); +``` + +--- + +## Frontend Implementation + +### 1. CalDAV Settings Tab + +**File:** `/frontend/components/Settings/tabs/CalDAVTab.tsx` + +**Features:** +- List configured calendars +- Add/edit/delete calendars +- Configure remote CalDAV servers +- Enable/disable sync per calendar +- Manual sync trigger button +- View sync status (last sync time, errors) +- Sync interval selection (5, 15, 30, 60 minutes) +- Conflict resolution strategy selector + +### 2. Conflict Resolution UI + +**File:** `/frontend/components/CalDAV/ConflictResolver.tsx` + +**Features:** +- List all tasks with sync conflicts +- Side-by-side comparison (local vs remote) +- Resolve individual conflict (choose local/remote/merge) +- Batch resolution (apply strategy to all) +- Field-level diff highlighting + +### 3. Setup Wizard + +**File:** `/frontend/components/CalDAV/SetupWizard.tsx` + +**Steps:** +1. Select server type (Nextcloud, Baikal, Generic) +2. Enter server URL and credentials +3. Test connection +4. Select calendar to sync +5. Configure sync settings +6. Complete setup + +--- + +## Security Considerations + +### 1. Password Encryption (AES-256-GCM) +```javascript +// /backend/modules/caldav/services/encryption-service.js +const KEY = Buffer.from(process.env.ENCRYPTION_KEY || process.env.SECRET_KEY, 'utf-8').slice(0, 32); + +function encrypt(text) { + const iv = crypto.randomBytes(16); + const cipher = crypto.createCipheriv('aes-256-gcm', KEY, iv); + const encrypted = cipher.update(text, 'utf8', 'hex') + cipher.final('hex'); + const authTag = cipher.getAuthTag(); + return JSON.stringify({ iv: iv.toString('hex'), encrypted, authTag: authTag.toString('hex') }); +} +``` + +### 2. XML Injection Prevention +Use `xml2js` with strict parsing (disable external entities). + +### 3. Rate Limiting +- CalDAV routes: 60 req/min (existing `apiLimiter`) +- Sync operations: 5 req/min (custom `syncLimiter`) + +### 4. Authorization +Verify calendar ownership before operations: +```javascript +async function requireCalendarAccess(req, res, next) { + const calendar = await CalendarRepository.findById(req.params.calendarId); + if (!calendar || calendar.user_id !== req.currentUser.id) { + return res.status(404).json({ error: 'Calendar not found' }); + } + req.calendar = calendar; + next(); +} +``` + +### 5. CSRF Exemption +CalDAV routes must be exempt from CSRF (already handled in `app.js`): +```javascript +const isCalDAVPath = req.path.startsWith('/caldav/'); +if (isCalDAVPath) req._csrfExempt = true; +``` + +--- + +## Implementation Phases + +### Phase 1: Database & Models +- Schema design, create 4 migrations, write models +- Repository layer (CRUD operations) +- Encryption service (AES-256-GCM) +**Testing:** Unit tests for models, repositories, encryption + +### Phase 2: iCalendar Transformation +- VTODO serialization (Task β†’ VTODO) +- RRULE generation (recurrence β†’ RRULE) +- VTODO parsing (VTODO β†’ Task) +- RRULE parsing (RRULE β†’ recurrence) +**Testing:** Unit tests for serialization, parsing, round-trip conversion + +### Phase 3: WebDAV Protocol +- PROPFIND handler, XML utilities, multistatus responses +- REPORT handler (calendar-query, filters) +- GET/PUT/DELETE handlers (task CRUD) +- Discovery, HTTP Basic Auth, ETag generation +- Recurring task expansion (RECURRENCE-ID) +**Testing:** Integration tests with mock CalDAV requests + +### Phase 4: Synchronization Engine +- Sync state management (ETags, CTags, sync-tokens) +- Pull phase (fetch from remote) +- Merge phase (conflict detection, resolution) +- Push phase (send to remote) +- Sync orchestrator (coordinate phases) +**Testing:** Integration tests with mock CalDAV server + +### Phase 5: Background Scheduler & API +- Cron scheduler (node-cron, periodic sync) +- REST API endpoints (calendar CRUD, remote config) +- Error handling, retry logic, status reporting +**Testing:** API integration tests + +### Phase 6: Frontend +- CalDAV settings tab (calendar list, forms) +- Sync controls (manual trigger, intervals, toggles) +- Conflict resolution UI (diff view, resolution) +- Setup wizard (step-by-step remote config) +**Testing:** E2E tests with Playwright + +### Phase 7: Client Compatibility +- Test with tasks.org, Apple Reminders, Thunderbird, Evolution +- Performance optimization (indexes, caching, 1000+ tasks < 30s) +- Bug fixes, edge cases (timezones, deleted instances) +**Testing:** E2E tests with real CalDAV clients + +### Phase 8: Documentation & Polish +- User docs (setup guides for Nextcloud, Baikal, client configs) +- Developer docs (protocol implementation, VTODO mappings) +- Final testing, README updates, release notes +**Testing:** Full E2E regression + +--- + +## Environment Variables + +```bash +# Feature toggle +CALDAV_ENABLED=true + +# Encryption +ENCRYPTION_KEY=your-256-bit-key # Falls back to SECRET_KEY + +# Defaults +CALDAV_DEFAULT_SYNC_INTERVAL=15 # Minutes +CALDAV_MAX_RECURRING_INSTANCES=365 # Number of future instances to expand +CALDAV_CONFLICT_RESOLUTION=last_write_wins + +# Performance +CALDAV_RATE_LIMIT=60 # Requests per minute +CALDAV_MAX_SYNC_TASKS=1000 # Max tasks per sync +CALDAV_REQUEST_TIMEOUT=30000 # Milliseconds + +# Debugging +CALDAV_LOG_LEVEL=info +CALDAV_LOG_REQUESTS=false +``` + +--- + +## Critical Files to Modify/Create + +### Top 5 Most Critical Files + +1. **`/backend/modules/caldav/icalendar/vtodo-serializer.js`** + Core transformation logic (Task β†’ VTODO). Handles all field mappings, recurrence, edge cases. Foundation of CalDAV interoperability. + +2. **`/backend/modules/caldav/sync/sync-engine.js`** + Orchestrates bidirectional sync (pull, merge, push). Handles conflict detection, resolution, error recovery. Critical for data integrity. + +3. **`/backend/modules/caldav/webdav/propfind.js`** + Primary CalDAV protocol handler. Clients use this to discover and list tasks. Must generate correct WebDAV XML per RFC 4791. + +4. **`/backend/modules/caldav/routes.js`** + Defines all CalDAV endpoints (WebDAV + REST API). Integrates auth middleware, mounts handlers. Central routing configuration. + +5. **`/backend/migrations/20260420000001-create-caldav-calendars.js`** + Foundational database schema. All other tables depend on `caldav_calendars`. Schema design affects entire implementation. + +### Other Critical Files + +- `/backend/app.js` - Register CalDAV routes, custom HTTP methods +- `/backend/models/caldav_calendar.js` - Calendar model +- `/backend/modules/caldav/middleware/caldav-auth.js` - HTTP Basic Auth +- `/backend/modules/caldav/icalendar/rrule-generator.js` - RRULE generation +- `/backend/modules/caldav/services/sync-scheduler.js` - Background sync +- `/frontend/components/Settings/tabs/CalDAVTab.tsx` - Settings UI + +--- + +## Verification Steps + +### 1. CalDAV Discovery +- Access `https://tududi.example.com/.well-known/caldav` +- Should redirect to `/caldav/` +- OPTIONS request returns CalDAV capabilities + +### 2. Client Connection (tasks.org) +- Configure tasks.org with server URL: `https://tududi.example.com/caldav/` +- Username: user's email +- Password: user's tududi password +- Client discovers `/caldav/{username}/tasks/` calendar +- Tasks appear in tasks.org + +### 3. Task Synchronization +- Create task in tududi web UI +- Sync in tasks.org β†’ Task appears with correct fields +- Edit task in tasks.org +- Sync in tududi β†’ Changes reflected + +### 4. Recurring Tasks +- Create "Daily meeting" recurring task in tududi +- Sync to tasks.org β†’ Next 7 instances appear +- Complete one instance in tasks.org +- Sync to tududi β†’ Completion recorded + +### 5. Conflict Resolution +- Edit task in tududi (status: "In Progress") +- Edit same task in tasks.org (status: "Completed") +- Trigger sync β†’ Conflict detected and stored +- Resolve via UI (choose remote) β†’ Status updated to "Completed" + +### 6. Background Sync +- Configure calendar with 15-minute interval +- Wait 15 minutes β†’ Check logs for automatic sync +- Verify `last_sync_at` updated in database + +### 7. Performance +- Create 1000 tasks +- PROPFIND request completes in < 5 seconds +- Sync completes in < 30 seconds + +### 8. Edge Cases +- Delete recurring task in tududi β†’ Removed from tasks.org +- Invalid VTODO from client β†’ Error logged, sync continues +- Network failure β†’ Retry with exponential backoff +- Timezone changes β†’ Dates preserved correctly + +--- + +## Success Criteria + +βœ… CalDAV discovery works (`/.well-known/caldav`) +βœ… PROPFIND/REPORT list tasks with proper WebDAV XML +βœ… PUT/DELETE create/update/remove tasks +βœ… Sync-collection provides incremental sync (RFC 6578) +βœ… Tasks serialize to valid VTODO, all fields preserved +βœ… VTODO parses back without data loss +βœ… RRULE generation/parsing handles all recurrence patterns +βœ… Virtual instances expanded with RECURRENCE-ID +βœ… Edited instances stored in `caldav_occurrence_overrides` +βœ… Status/priority mappings work bidirectionally +βœ… Bidirectional sync works (local ↔ remote) +βœ… Conflict detection and resolution functional +βœ… Background scheduler runs automatically +βœ… Manual sync trigger works +βœ… **Client compatibility:** + - βœ… tasks.org (Android/iOS) + - βœ… Apple Reminders (iOS/macOS) + - βœ… Thunderbird (desktop) + - βœ… Evolution (Linux) +βœ… HTTP Basic Auth works for CalDAV clients +βœ… Password encryption secure (AES-256-GCM) +βœ… 1000 tasks sync in < 30 seconds +βœ… Settings UI complete +βœ… Conflict resolver UI functional +βœ… All tests pass (unit, integration, E2E) +βœ… Documentation complete + +--- + +## Known Limitations + +1. **Subtasks:** RELATED-TO property used, but not all clients support hierarchical rendering +2. **Habit Mode:** Stored in X-TUDUDI-* properties, not visible in external clients +3. **Tags:** Exported as CATEGORIES, but tag colors/metadata only in tududi +4. **Projects:** Stored in X-TUDUDI-PROJECT-UID, external clients won't show association +5. **Status Granularity:** 7 tududi statuses mapped to 4 iCalendar statuses (some nuance lost) +6. **Timezone Handling:** Always use UTC in VTODO, convert in UI (document per-client quirks) +7. **Large Recurring Sequences:** Expanding far into the future creates many VTODOs (configurable limit) + +--- + +## References + +- [Issue #978](https://github.com/chrisvel/tududi/issues/978) +- [Discussion #246](https://github.com/chrisvel/tududi/discussions/246) +- [RFC 4791 (CalDAV)](https://datatracker.ietf.org/doc/html/rfc4791) +- [RFC 5545 (iCalendar)](https://datatracker.ietf.org/doc/html/rfc5545) +- [RFC 6578 (Sync-Collection)](https://datatracker.ietf.org/doc/html/rfc6578) +- [ical.js](https://github.com/kewisch/ical.js) +- [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) diff --git a/e2e/tests/caldav-client.spec.ts b/e2e/tests/caldav-client.spec.ts new file mode 100644 index 0000000..df7416b --- /dev/null +++ b/e2e/tests/caldav-client.spec.ts @@ -0,0 +1,448 @@ +import { test, expect } from '@playwright/test'; +import { XMLParser, XMLBuilder } from 'fast-xml-parser'; + +test.describe('CalDAV Client Compatibility', () => { + const baseURL = process.env.APP_URL ?? 'http://localhost:8080'; + const apiURL = process.env.API_URL ?? 'http://localhost:3002'; + const testUser = { + email: process.env.E2E_EMAIL || 'test@tududi.com', + password: process.env.E2E_PASSWORD || 'password123', + username: 'test' + }; + + let authHeader: string; + + test.beforeAll(async () => { + authHeader = 'Basic ' + Buffer.from(`${testUser.email}:${testUser.password}`).toString('base64'); + }); + + test.describe('CalDAV Discovery', () => { + test('should redirect .well-known/caldav to /caldav/', async ({ request }) => { + const response = await request.get(`${apiURL}/.well-known/caldav`, { + maxRedirects: 0 + }); + + expect([301, 302, 307, 308]).toContain(response.status()); + const location = response.headers()['location']; + expect(location).toContain('/caldav'); + }); + + test('should support OPTIONS on CalDAV endpoint', async ({ request }) => { + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'OPTIONS', + headers: { + 'Authorization': authHeader + } + }); + + expect(response.ok()).toBeTruthy(); + const dav = response.headers()['dav']; + expect(dav).toContain('calendar-access'); + }); + }); + + test.describe('PROPFIND - List Tasks', () => { + test('should list tasks in calendar collection', async ({ request }) => { + const propfindBody = ` + + + + + + + + + `; + + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'PROPFIND', + headers: { + 'Authorization': authHeader, + 'Content-Type': 'application/xml', + 'Depth': '1' + }, + data: propfindBody + }); + + expect(response.status()).toBe(207); + const body = await response.text(); + expect(body).toContain('multistatus'); + }); + + test('should handle Depth: 0 for collection properties', async ({ request }) => { + const propfindBody = ` + + + + + + `; + + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'PROPFIND', + headers: { + 'Authorization': authHeader, + 'Content-Type': 'application/xml', + 'Depth': '0' + }, + data: propfindBody + }); + + expect(response.status()).toBe(207); + const body = await response.text(); + expect(body).toContain('collection'); + }); + }); + + test.describe('REPORT - Calendar Query', () => { + test('should query tasks with calendar-query REPORT', async ({ request }) => { + const reportBody = ` + + + + + + + + + + + `; + + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'REPORT', + headers: { + 'Authorization': authHeader, + 'Content-Type': 'application/xml', + 'Depth': '1' + }, + data: reportBody + }); + + expect(response.status()).toBe(207); + const body = await response.text(); + expect(body).toContain('multistatus'); + }); + + test('should filter tasks by time range', async ({ request }) => { + const startDate = new Date(); + startDate.setDate(startDate.getDate() - 7); + const endDate = new Date(); + endDate.setDate(endDate.getDate() + 7); + + const reportBody = ` + + + + + + + + + + + + + `; + + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'REPORT', + headers: { + 'Authorization': authHeader, + 'Content-Type': 'application/xml', + 'Depth': '1' + }, + data: reportBody + }); + + expect(response.status()).toBe(207); + }); + }); + + test.describe('GET/PUT/DELETE - Task Operations', () => { + let taskUID: string; + + test('should create task via PUT', async ({ request }) => { + taskUID = `test-${Date.now()}@tududi.local`; + const vtodo = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//E2E Test//EN +BEGIN:VTODO +UID:${taskUID} +SUMMARY:E2E Test Task +STATUS:NEEDS-ACTION +PRIORITY:5 +DUE:${new Date(Date.now() + 86400000).toISOString().replace(/[-:]/g, '').split('.')[0]}Z +CREATED:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +DTSTAMP:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +END:VTODO +END:VCALENDAR`; + + const response = await request.put(`${apiURL}/caldav/${testUser.username}/tasks/${taskUID}/`, { + headers: { + 'Authorization': authHeader, + 'Content-Type': 'text/calendar; charset=utf-8' + }, + data: vtodo + }); + + expect([201, 204]).toContain(response.status()); + const etag = response.headers()['etag']; + expect(etag).toBeTruthy(); + }); + + test('should retrieve task via GET', async ({ request }) => { + const response = await request.get(`${apiURL}/caldav/${testUser.username}/tasks/${taskUID}/`, { + headers: { + 'Authorization': authHeader + } + }); + + expect(response.ok()).toBeTruthy(); + expect(response.headers()['content-type']).toContain('text/calendar'); + const body = await response.text(); + expect(body).toContain('BEGIN:VCALENDAR'); + expect(body).toContain('BEGIN:VTODO'); + expect(body).toContain(`UID:${taskUID}`); + expect(body).toContain('SUMMARY:E2E Test Task'); + }); + + test('should update task via PUT', async ({ request }) => { + const updatedVtodo = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//E2E Test//EN +BEGIN:VTODO +UID:${taskUID} +SUMMARY:Updated E2E Test Task +STATUS:IN-PROCESS +PRIORITY:3 +DUE:${new Date(Date.now() + 86400000).toISOString().replace(/[-:]/g, '').split('.')[0]}Z +CREATED:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +DTSTAMP:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +LAST-MODIFIED:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +END:VTODO +END:VCALENDAR`; + + const response = await request.put(`${apiURL}/caldav/${testUser.username}/tasks/${taskUID}/`, { + headers: { + 'Authorization': authHeader, + 'Content-Type': 'text/calendar; charset=utf-8' + }, + data: updatedVtodo + }); + + expect([200, 204]).toContain(response.status()); + + const getResponse = await request.get(`${apiURL}/caldav/${testUser.username}/tasks/${taskUID}/`, { + headers: { + 'Authorization': authHeader + } + }); + const body = await getResponse.text(); + expect(body).toContain('SUMMARY:Updated E2E Test Task'); + expect(body).toContain('STATUS:IN-PROCESS'); + }); + + test('should delete task via DELETE', async ({ request }) => { + const response = await request.delete(`${apiURL}/caldav/${testUser.username}/tasks/${taskUID}/`, { + headers: { + 'Authorization': authHeader + } + }); + + expect([204, 200]).toContain(response.status()); + + const getResponse = await request.get(`${apiURL}/caldav/${testUser.username}/tasks/${taskUID}/`, { + headers: { + 'Authorization': authHeader + }, + maxRedirects: 0 + }); + expect(getResponse.status()).toBe(404); + }); + }); + + test.describe('Recurring Tasks', () => { + let recurringUID: string; + + test('should create recurring task with RRULE', async ({ request }) => { + recurringUID = `recurring-${Date.now()}@tududi.local`; + const vtodo = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//E2E Test//EN +BEGIN:VTODO +UID:${recurringUID} +SUMMARY:Daily Recurring Task +STATUS:NEEDS-ACTION +RRULE:FREQ=DAILY;COUNT=7 +DUE:${new Date(Date.now() + 86400000).toISOString().replace(/[-:]/g, '').split('.')[0]}Z +CREATED:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +DTSTAMP:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +END:VTODO +END:VCALENDAR`; + + const response = await request.put(`${apiURL}/caldav/${testUser.username}/tasks/${recurringUID}/`, { + headers: { + 'Authorization': authHeader, + 'Content-Type': 'text/calendar; charset=utf-8' + }, + data: vtodo + }); + + expect([201, 204]).toContain(response.status()); + }); + + test('should expand recurring task instances in PROPFIND', async ({ request }) => { + const propfindBody = ` + + + + + + `; + + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'PROPFIND', + headers: { + 'Authorization': authHeader, + 'Content-Type': 'application/xml', + 'Depth': '1' + }, + data: propfindBody + }); + + expect(response.status()).toBe(207); + const body = await response.text(); + expect(body).toContain(recurringUID); + }); + + test('should cleanup recurring task', async ({ request }) => { + await request.delete(`${apiURL}/caldav/${testUser.username}/tasks/${recurringUID}/`, { + headers: { + 'Authorization': authHeader + } + }); + }); + }); + + test.describe('Authentication', () => { + test('should reject requests without authentication', async ({ request }) => { + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'PROPFIND', + headers: { + 'Content-Type': 'application/xml', + 'Depth': '1' + } + }); + + expect(response.status()).toBe(401); + expect(response.headers()['www-authenticate']).toBeTruthy(); + }); + + test('should reject invalid credentials', async ({ request }) => { + const invalidAuth = 'Basic ' + Buffer.from('invalid:credentials').toString('base64'); + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'PROPFIND', + headers: { + 'Authorization': invalidAuth, + 'Content-Type': 'application/xml', + 'Depth': '1' + } + }); + + expect(response.status()).toBe(401); + }); + }); + + test.describe('Performance', () => { + test('should handle PROPFIND for large calendar efficiently', async ({ request }) => { + const startTime = Date.now(); + + const propfindBody = ` + + + + + + `; + + const response = await request.fetch(`${apiURL}/caldav/${testUser.username}/tasks/`, { + method: 'PROPFIND', + headers: { + 'Authorization': authHeader, + 'Content-Type': 'application/xml', + 'Depth': '1' + }, + data: propfindBody + }); + + const endTime = Date.now(); + const duration = endTime - startTime; + + expect(response.status()).toBe(207); + expect(duration).toBeLessThan(5000); + }); + }); + + test.describe('Edge Cases', () => { + test('should handle malformed VTODO gracefully', async ({ request }) => { + const malformedVtodo = `BEGIN:VCALENDAR +VERSION:2.0 +BEGIN:VTODO +UID:malformed-${Date.now()} +SUMMARY:Malformed Task +THIS-IS-NOT-VALID:foo +END:VCALENDAR`; + + const response = await request.put(`${apiURL}/caldav/${testUser.username}/tasks/malformed-test/`, { + headers: { + 'Authorization': authHeader, + 'Content-Type': 'text/calendar' + }, + data: malformedVtodo + }); + + expect([400, 422]).toContain(response.status()); + }); + + test('should preserve timezone information', async ({ request }) => { + const tzUID = `tz-${Date.now()}@tududi.local`; + const vtodo = `BEGIN:VCALENDAR +VERSION:2.0 +PRODID:-//Tududi//E2E Test//EN +BEGIN:VTODO +UID:${tzUID} +SUMMARY:Timezone Test +DUE:20260420T140000Z +CREATED:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +DTSTAMP:${new Date().toISOString().replace(/[-:]/g, '').split('.')[0]}Z +END:VTODO +END:VCALENDAR`; + + const putResponse = await request.put(`${apiURL}/caldav/${testUser.username}/tasks/${tzUID}/`, { + headers: { + 'Authorization': authHeader, + 'Content-Type': 'text/calendar' + }, + data: vtodo + }); + + expect([201, 204]).toContain(putResponse.status()); + + const getResponse = await request.get(`${apiURL}/caldav/${testUser.username}/tasks/${tzUID}/`, { + headers: { + 'Authorization': authHeader + } + }); + const body = await getResponse.text(); + expect(body).toContain('DUE:20260420T140000Z'); + + await request.delete(`${apiURL}/caldav/${testUser.username}/tasks/${tzUID}/`, { + headers: { + 'Authorization': authHeader + } + }); + }); + }); +}); diff --git a/frontend/components/CalDAV/CalendarCard.tsx b/frontend/components/CalDAV/CalendarCard.tsx new file mode 100644 index 0000000..a70b4d4 --- /dev/null +++ b/frontend/components/CalDAV/CalendarCard.tsx @@ -0,0 +1,205 @@ +import React, { useState } from 'react'; +import { useTranslation } from 'react-i18next'; +import { + ArrowPathIcon, + Cog6ToothIcon, + TrashIcon, + ExclamationTriangleIcon, +} from '@heroicons/react/24/outline'; +import type { CalDAVCalendar } from '../../utils/caldavService'; +import SyncStatusIndicator from './SyncStatusIndicator'; +import EditCalendarModal from './EditCalendarModal'; +import { formatDistanceToNow } from 'date-fns'; + +interface CalendarCardProps { + calendar: CalDAVCalendar; + onSync: (calendarId: number) => void; + onDelete: (calendarId: number) => void; + onViewConflicts: (calendarId: number) => void; + onUpdated: () => void; + isSyncing: boolean; + isDeleting: boolean; +} + +const CalendarCard: React.FC = ({ + calendar, + onSync, + onDelete, + onViewConflicts, + onUpdated, + isSyncing, + isDeleting, +}) => { + const { t } = useTranslation(); + const [showEditModal, setShowEditModal] = useState(false); + + const formatLastSync = (lastSyncAt: string | null) => { + if (!lastSyncAt) { + return t('profile.caldav.neverSynced', 'Never synced'); + } + try { + return formatDistanceToNow(new Date(lastSyncAt), { + addSuffix: true, + }); + } catch { + return t('profile.caldav.neverSynced', 'Never synced'); + } + }; + + const getSyncDirectionLabel = () => { + switch (calendar.sync_direction) { + case 'bidirectional': + return t('profile.caldav.bidirectional', 'Bidirectional'); + case 'pull': + return t('profile.caldav.pullOnly', 'Pull only'); + case 'push': + return t('profile.caldav.pushOnly', 'Push only'); + default: + return calendar.sync_direction; + } + }; + + const hasConflicts = + calendar.stats && calendar.stats.conflicts > 0; + + return ( +
+
+
+
+
+

+ {calendar.name} +

+ +
+ + {calendar.description && ( +

+ {calendar.description} +

+ )} + +
+
+ + {t('profile.caldav.lastSync', 'Last sync')}: + +

+ {formatLastSync(calendar.last_sync_at)} +

+
+
+ + {t('profile.caldav.interval', 'Interval')}: + +

+ {calendar.sync_interval_minutes}{' '} + {t('profile.caldav.minutes', 'min')} +

+
+
+ + {t('profile.caldav.direction', 'Direction')}: + +

+ {getSyncDirectionLabel()} +

+
+ {calendar.stats && ( +
+ + {t('profile.caldav.tasks', 'Tasks')}: + +

+ {calendar.stats.synced} /{' '} + {calendar.stats.total} +

+
+ )} +
+ + {hasConflicts && ( +
+ +
+ )} +
+ +
+ + + +
+
+ + {showEditModal && ( + setShowEditModal(false)} + onSaved={() => { + setShowEditModal(false); + onUpdated(); + }} + /> + )} +
+ ); +}; + +export default CalendarCard; diff --git a/frontend/components/CalDAV/CalendarForm.tsx b/frontend/components/CalDAV/CalendarForm.tsx new file mode 100644 index 0000000..4dfac7f --- /dev/null +++ b/frontend/components/CalDAV/CalendarForm.tsx @@ -0,0 +1,583 @@ +import React, { useState } from 'react'; +import { useTranslation } from 'react-i18next'; +import { useToast } from '../Shared/ToastContext'; +import { + createCalendar, + createRemoteCalendar, + testConnection, +} from '../../utils/caldavService'; + +interface CalendarFormProps { + onComplete: () => void; + onCancel: () => void; +} + +const DEFAULT_COLORS = [ + '#3b82f6', + '#ef4444', + '#10b981', + '#f59e0b', + '#8b5cf6', + '#ec4899', + '#06b6d4', + '#84cc16', +]; + +const CalendarForm: React.FC = ({ onComplete, onCancel }) => { + const { t } = useTranslation(); + const { showSuccessToast, showErrorToast } = useToast(); + + const [formData, setFormData] = useState({ + calendarName: '', + calendarDescription: '', + calendarColor: DEFAULT_COLORS[0], + serverUrl: '', + calendarPath: '', + username: '', + password: '', + authType: 'basic' as 'basic' | 'bearer', + syncDirection: 'bidirectional' as 'bidirectional' | 'pull' | 'push', + syncInterval: 15, + conflictResolution: 'manual' as 'last_write_wins' | 'local_wins' | 'remote_wins' | 'manual', + enabled: true, + }); + + const [testResult, setTestResult] = useState<{ + success: boolean; + message: string; + } | null>(null); + const [isTesting, setIsTesting] = useState(false); + const [isSubmitting, setIsSubmitting] = useState(false); + const [errors, setErrors] = useState>({}); + + const validateForm = (): boolean => { + const newErrors: Record = {}; + + if (!formData.calendarName.trim()) { + newErrors.calendarName = t( + 'profile.caldavWizard.calendarNameRequired', + 'Calendar name is required' + ); + } + + if (!formData.serverUrl.trim()) { + newErrors.serverUrl = t( + 'profile.caldavWizard.serverUrlRequired', + 'Server URL is required' + ); + } + + if (!formData.calendarPath.trim()) { + newErrors.calendarPath = t( + 'profile.caldavWizard.calendarPathRequired', + 'Calendar path is required' + ); + } + + if (!formData.username.trim()) { + newErrors.username = t( + 'profile.caldavWizard.credentialsRequired', + 'Username is required' + ); + } + + if (!formData.password.trim()) { + newErrors.password = t( + 'profile.caldavWizard.credentialsRequired', + 'Password is required' + ); + } + + if (!testResult?.success) { + newErrors.connection = t( + 'profile.caldavWizard.testRequired', + 'You must test the connection before saving' + ); + } + + setErrors(newErrors); + return Object.keys(newErrors).length === 0; + }; + + const handleTestConnection = async () => { + if (!formData.serverUrl.trim() || !formData.calendarPath.trim() || + !formData.username.trim() || !formData.password.trim()) { + showErrorToast(t( + 'profile.caldavWizard.fillServerDetails', + 'Please fill in all server connection details first' + )); + return; + } + + setIsTesting(true); + setTestResult(null); + setErrors({}); + + try { + const result = await testConnection({ + server_url: formData.serverUrl, + calendar_path: formData.calendarPath, + username: formData.username, + password: formData.password, + }); + + setTestResult({ + success: result.success && result.supportsCalDAV, + message: result.message, + }); + + if (result.success && result.supportsCalDAV) { + showSuccessToast( + t( + 'profile.caldavWizard.connectionSuccess', + 'Connection successful!' + ) + ); + } else { + showErrorToast(result.message); + } + } catch (err: any) { + const message = + err.message || + t( + 'profile.caldavWizard.connectionFailed', + 'Failed to connect to server' + ); + setTestResult({ success: false, message }); + showErrorToast(message); + } finally { + setIsTesting(false); + } + }; + + const handleSubmit = async (e?: React.FormEvent) => { + if (e) { + e.preventDefault(); + e.stopPropagation(); + } + + if (!validateForm()) { + showErrorToast( + t( + 'profile.caldavWizard.validationError', + 'Please fill in all required fields and test the connection' + ) + ); + return; + } + + setIsSubmitting(true); + + try { + const calendar = await createCalendar({ + name: formData.calendarName, + description: formData.calendarDescription || null, + color: formData.calendarColor, + enabled: formData.enabled, + sync_direction: formData.syncDirection, + sync_interval_minutes: formData.syncInterval, + conflict_resolution: formData.conflictResolution, + }); + + await createRemoteCalendar({ + local_calendar_id: calendar.id, + name: formData.calendarName, + server_url: formData.serverUrl, + calendar_path: formData.calendarPath, + username: formData.username, + password: formData.password, + auth_type: formData.authType, + }); + + showSuccessToast( + t( + 'profile.caldavWizard.setupSuccess', + 'Calendar configured successfully!' + ) + ); + + onComplete(); + } catch (err: any) { + showErrorToast( + err.message || + t( + 'profile.caldavWizard.setupFailed', + 'Failed to create calendar' + ) + ); + } finally { + setIsSubmitting(false); + } + }; + + const handleCreateClick = (e: React.MouseEvent) => { + e.preventDefault(); + e.stopPropagation(); + handleSubmit(); + }; + + return ( +
+
+
+

+ {t('profile.caldavWizard.calendarSettings', 'Calendar Settings')} +

+
+ +
+ + { + setFormData({ ...formData, calendarName: e.target.value }); + setErrors({ ...errors, calendarName: '' }); + }} + className={`block w-full border rounded-md px-3 py-2 bg-white dark:bg-gray-900 text-gray-900 dark:text-white focus:ring-2 focus:ring-blue-500 ${ + errors.calendarName ? 'border-red-500' : 'border-gray-300 dark:border-gray-600' + }`} + placeholder={t('profile.caldavWizard.calendarNamePlaceholder', 'e.g., Work Tasks')} + /> + {errors.calendarName && ( +

{errors.calendarName}

+ )} +
+ +
+ +