ProPeler
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
opt
/
cpanel-ccs
/
doc
/
Extensions
/
Filename :
caldav-sharing.xml
back
Copy
<?xml version="1.0" encoding="UTF-8"?> <?xml-stylesheet type="text/xsl" href="../rfc2629.xslt"?> <!DOCTYPE rfc SYSTEM 'rfc2629.dtd' [ <!ENTITY rfc2119 PUBLIC '' 'bibxml/reference.RFC.2119.xml'> <!ENTITY rfc3744 PUBLIC '' 'bibxml/reference.RFC.3744.xml'> <!ENTITY rfc4791 PUBLIC '' 'bibxml/reference.RFC.4791.xml'> <!ENTITY rfc4918 PUBLIC '' 'bibxml/reference.RFC.4918.xml'> <!ENTITY rfc6638 PUBLIC '' 'bibxml/reference.RFC.6638.xml'> ]> <?rfc toc="yes"?> <?rfc tocdepth="4"?> <?rfc strict="yes"?> <?rfc comments="yes"?> <?rfc inline="yes"?> <?rfc symrefs="yes"?> <?rfc sortrefs="yes"?> <?rfc compact="yes"?> <?rfc subcompact="no"?> <?rfc private="Calendar Server Extension"?> <rfc ipr="none" docName='caldav-sharing-03'> <front> <title abbrev="CalDAV Sharing and Publishing">Shared and Published Calendars in CalDAV</title> <author initials="C." surname="Daboo" fullname="Cyrus Daboo"> <organization abbrev="Apple Inc."> Apple Inc. </organization> <address> <postal> <street>1 Infinite Loop</street> <city>Cupertino</city> <region>CA</region> <code>95014</code> <country>USA</country> </postal> <email>cyrus@daboo.name</email> <uri>http://www.apple.com/</uri> </address> </author> <author initials="E." surname="York" fullname="Eric York"> <organization abbrev="Apple Inc."> Apple Inc. </organization> <address> <postal> <street>1 Infinite Loop</street> <city>Cupertino</city> <region>CA</region> <code>95014</code> <country>USA</country> </postal> <email></email> <uri>http://www.apple.com/</uri> </address> </author> <date/> <abstract> <t> This specification defines an extension to CalDAV that enables the sharing of calendars between users on a CalDAV server. </t> </abstract> </front> <middle> <section title='Introduction'> <t> <xref target="RFC4791">CalDAV</xref> provides a way for calendar users to store calendar data and exchange this data via scheduling operations. Based on the <xref target='RFC4918'>WebDAV</xref> protocol, it also includes the ability to manage access to calendar data via the <xref target='RFC3744'>WebDAV ACL</xref> extension. </t> <t> <xref target='RFC3744'>WebDAV ACL</xref> provides a way to manage fine-grained access controls on WebDAV resources. Whilst this could be used directly to manage sharing of calendars, experience has shown that client developers are averse to using it due to its complexity. Instead a simpler process for sharing calendars is preferred. </t> <t> This extension defines a way for individual calendar users to share calendars with other users. This is done via an "opt-in" process in which a sharing invite is sent from the sharer to a sharee, allowing the sharee to accept or decline. If the sharee accepts the sharing invite, the shared calendar is made available to them in their own calendar home collection (i.e., alongside their own personal calendars). HTTP POST operations are used to manage the sharing invitations and replies, and WebDAV properties are used to expose the state of shared calendars. </t> </section> <!--<section title="Open Issues"> <t> <list style="numbers"> <t> </t> </list> </t> </section>--> <section title='Conventions Used in This Document'> <t> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in <xref target='RFC2119' />. </t> <t> When XML element types in the namespaces "DAV:" and "urn:ietf:params:xml:ns:caldav" are referenced in this document outside of the context of an XML fragment, the string "DAV:" and "CALDAV:" will be prefixed to the element type names respectively. </t> <t> The namespace "http://calendarserver.org/ns/" is used for XML elements defined in this specification. When XML element types in that namespace are referenced in this document outside of the context of an XML fragment, the string "CS:" will be prefixed to the element type names. </t> <t>Terms Used: <list style='hanging'> <t hangText='Sharer'>A calendar user who is sharing a calendar with other calendar users.</t> <t hangText='Sharee'>A calendar user to whom a calendar has been shared.</t> <t hangText='Sharing Invite'>A message sent by a sharer to a sharee to indicate the status of a shared calendar.</t> <t hangText='Sharing Reply'>A message sent by a sharee to a sharer to indicate the status of a shared calendar.</t> </list> </t> </section> <section title='Overview' anchor='overview'> <t> This section provides a basic overview of this protocol by way of a simple use case of a sharer sharing a calendar with a single sharee. </t> <t> To share a calendar with another user, the sharer's client executes an HTTP POST request against the calendar collection resource for the calendar to be shared. The POST request body will contain details of the calendar user to whom the calendar is to be shared as well as the access right to be granted to them. If the request succeeds, a notification is sent to the sharee with details of the calendar being shared to them. </t> <t> The sharer's client will show the notification to the sharee and present them with the choice to accept or decline the invitation to the shared calendar. If the sharee chooses to decline, then nothing changes for that sharee. If the sharee chooses to accept, then the server automatically creates a new calendar collection resource in the sharee's calendar home collection, and ensures that calendar provides a mapping to the actual shared calendar of the sharer. Thus the shared calendar is available to the sharee as just another calendar in their calendar home. The server enforces the appropriare access privileges for the sharee. </t> <t> At any time, the sharer can inspect properties on the calendar collection being shared, and determine the accept/decline status of each sharee. Additional sharees can be added and existing ones removed. The access privileges for existing sharees can also be changed. </t> <t> Once a sharee has a shared calendar set to appear in their calendar home collection, they can remove it and decline the sharing invite by simply having their client issue an HTTP DELETE request on the shared calendar collection. That does not delete any calendar data, but rather simply removes the "link" to the sharer's calendar collection and sets the sharee's inviate status to declined. </t> </section> <section title="Notifications"> <t> In order to facilitate the process of sharing invitations, this specification defines a new generic notification mechanism for CalDAV servers. When this feature is available, a <xref target="CS:notification-URL">CS:notification-URL</xref> property appears on principal resources for those principals who are able to receive notifications. That property specifies a single DAV:href element whose content refers to a WebDAV collection resource. Notification "messages" are deposited into this collection and can be retrieved by clients and acted on accordingly. </t> <t> The notification collection referenced by the <xref target="CS:notification-URL">CS:notification-URL</xref> property MUST have a DAV:resourcetype property with DAV:collection and <xref target="CS:notification">CS:notification</xref> child elements. </t> <t> Notification "messages" are XML documents stored as resources in the notification collection. Each XML document contains a <xref target="CS:notification">CS:notification</xref> element as its root. The root element contains a <xref target="CS:dtstamp">CS:dtstamp</xref> element, and one additional element which represents the type of notification being conveyed in the message. That child element will typically contain additional content that describes the notification. </t> <t> Each notification resource has a <xref target="CS:notificationtype">CS:notificationtype</xref> property which contains as its single child element an empty element that matches the child element of the notification resource XML document root. Any attributes on the child element in the XML document are also present in the property child element. </t> <t> Notifications are automatically generated by the server (perhaps in response to a client action) with an appropriate resource stored in the notifications collection of the user to whom the notification is targeted. Clients SHOULD monitor the notification collection looking for new notification resources. When doing so, clients SHOULD look at the <xref target="CS:notificationtype">CS:notificationtype</xref> property to ensure that the notification is of a type that the client can handle. Once a client has handled the notification in whatever way is appropriate it SHOULD delete the notification resource. Servers MAY delete notification resources on their own if they determine that the notifications are no longer relevant or valid. Servers MAY coalesce notifications as appropriate. </t> <section title="Additional Principal Properties" anchor='principal-properties'> <t> This section defines new properties for WebDAV principal resources as defined in <xref target="RFC3744">RFC3744</xref>. These properties are likely to be protected but the server MAY allow them to be written by appropriate users. </t> <section title="CS:notification-URL Property" anchor="CS:notification-URL"> <t> <list style="hanging"> <t hangText="Name:">notification-URL</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Identify the URL of the notification collection owned by the associated principal resource.</t> <t hangText="Protected:">This property SHOULD be protected.</t> <t hangText="PROPFIND behavior:">This property SHOULD NOT be returned by a PROPFIND allprop request (as defined in Section 14.2 of <xref target="RFC4918"/>).</t> <t hangText="COPY/MOVE behavior:">This property value SHOULD be preserved in COPY and MOVE operations.</t> <t hangText="Description:">This property is needed for a client to determine where the notification collection of the current user is located so that processing of notification messages can occur. If not present, then the associated calendar user is not enabled for notification messages on the server.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT notification-URL (DAV:href)>]]></artwork> </figure> </t> </list> </t> </section> </section> <section title="Properties on Notification Resources" anchor='notification-properties'> <t> The following new WebDAV properties are defined for notification resources. </t> <section title="CS:notificationtype Property" anchor="CS:notificationtype"> <t> <list style="hanging"> <t hangText="Name:">notificationtype</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Identify the type of notification of the corresponding resource.</t> <t hangText="Protected:">This property MUST be protected.</t> <t hangText="PROPFIND behavior:">This property SHOULD NOT be returned by a PROPFIND allprop request (as defined in Section 14.2 of <xref target="RFC4918"/>).</t> <t hangText="COPY/MOVE behavior:">This property value MUST be preserved in COPY and MOVE operations.</t> <t hangText="Description:">This property allows a client, via a PROPFIND Depth:1 request, to quickly find notification messages that the client can handle in a notification collection. The single child element is the notification resource root element's child defining the notification itself. This element MUST be empty, though any attributes on the element in the notification resource MUST be present in the property element.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT notificationtype (invite-notification | invite-reply)> <!-- Child elements are empty but will have appropriate attributes. Any valid notification message child element can appear.-->]]></artwork> </figure> </t> </list> </t> </section> </section> </section> <section title="Shared Calendaring"> <section title="Feature Discovery"> <t> A server that supports the features described in this document MUST include "calendarserver-sharing" as a field in the DAV response header from an OPTIONS request on any resource that supports these features. </t> </section> <section title="Additional Properties for Calendars" anchor='properties'> <t> The following new or modified WebDAV properties are defined for calendar collections and used to view or manipulate shared calendar features. </t> <section title="DAV:resourcetype Property" anchor="DAV:resourcetype"> <t> Calendar collections that are shared have addition elements listed in their DAV:resourcetype property in addition to DAV:collection and CALDAV:calendar. <list style="symbols"> <t><xref target="CS:shared-owner">CS:shared-owner</xref>: used to indicate that the calendar is owned by the current user and is being shared by them.</t> <t><xref target="CS:shared">CS:shared</xref>: used to indicate that the calendar is owned by another user and is being shared to the current user.</t> </list> </t> </section> <section title="CS:invite Property" anchor="CS:invite"> <t> <list style="hanging"> <t hangText="Name:">invite</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Used to show to whom a calendar has been shared.</t> <t hangText="Protected:">This property MUST be protected.</t> <t hangText="PROPFIND behavior:">This property SHOULD NOT be returned by a PROPFIND allprop request (as defined in Section 14.2 of <xref target="RFC4918"/>).</t> <t hangText="COPY/MOVE behavior:">This property value MUST be preserved in COPY and MOVE operations.</t> <t hangText="Description:">This WebDAV property is present on a calendar collection resource that has been shared by the owner, or on the calendar collection resources of the sharees of the calendar. It provides a list of users to whom the calendar has been shared, along with the "status" of the sharing invites sent to each user. In addition, servers SHOULD include a CS:organizer XML element on calendar collection resources of the sharees to provide clients with a fast way to determine who the sharer is. A server's local privacy policy may prevent sharees from knowing about other sharees on a shared calendar. If that is so server will not include CS:user XML elements for other sharees.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT invite (organizer?, user*)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:allowed-sharing-modes Property" anchor="CS:allowed-sharing-modes"> <t> <list style="hanging"> <t hangText="Name:">allowed-sharing-modes</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Used to show which modes of sharing are supported on a calendar collection.</t> <t hangText="Protected:">This property MUST be protected.</t> <t hangText="PROPFIND behavior:">This property SHOULD NOT be returned by a PROPFIND allprop request (as defined in Section 14.2 of <xref target="RFC4918"/>).</t> <t hangText="COPY/MOVE behavior:">This property value MUST be preserved in COPY and MOVE operations.</t> <t hangText="Description:">This WebDAV property is present on a calendar collection resource that can been shared or published. It provides a list of options indicating what sharing modes are allowed as per <xref target="allowed"/>.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT allowed-sharing-modes (can-be-shared?, can-be-published?)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:shared-url Property" anchor="CS:shared-url"> <t> <list style="hanging"> <t hangText="Name:">shared-url</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Indicates the URL of the owner's copy of a shared calendar.</t> <t hangText="Protected:">This property MUST be protected.</t> <t hangText="PROPFIND behavior:">This property SHOULD NOT be returned by a PROPFIND allprop request (as defined in Section 14.2 of <xref target="RFC4918"/>).</t> <t hangText="COPY/MOVE behavior:">This property value MUST be preserved in COPY and MOVE operations.</t> <t hangText="Description:">This WebDAV property is present on a shared calendar collection resource that appears in a sharee's calendar home collection. Its content is a single DAV:href element whose value is the URL of the sharer's calendar being shared.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT shared-url (DAV:href)>]]></artwork> </figure> </t> </list> </t> </section> </section> <section title="Sharer Actions on Shared Calendars"> <section title="Sharing or Unsharing a Calendar"> <t> To update an existing calendar to be shared, the sharer simply adds one or more sharees to the calendar collection as per <xref target="sharee"/>. The server MUST update the DAV:resourcetype property on the calendar collection to ensure it contains a CS:shared-owner XML element to indicate the calendar collection is now shared. </t> <t> To unshare a calendar, the sharer simply removes all sharees to the CS:invite property of the calendar collection as per <xref target="sharee"/>. The server MUST update the DAV:resourcetype property on the calendar collection to ensure it does not contain a CS:shared-owner XML element to indicate the calendar collection is not shared. </t> </section> <section title="Manipulating Sharees of a Shared Calendar" anchor="sharee"> <t> The sharer of a shared calendar is able to manipulate the sharee list by issuing a POST request targeted at the calendar collection resource. The POST request MUST contain an XML document as its body with the root element being <xref target="CS:share">CS:share</xref>. </t> <t> The <xref target="CS:share">CS:share</xref> element in the POST requests MUST contain one or more <xref target="CS:set">CS:set</xref> or <xref target="CS:remove">CS:remove</xref> elements. For each <xref target="CS:set">CS:set</xref> element, the server MUST add the specified sharee access to the calendar. For each <xref target="CS:remove">CS:remove</xref> element the server MUST remove the specified sharee access from the shared calendar. In each case the server MUST send a notification message to any sharees whose status is changed (added, modified or removed), indicating to them a change in status for the shared calendar. The server SHOULD NOT send notification messages to sharees whose status is unchanged. </t> <t> Sharee's are identified via a DAV:href element whose value is either a principal-URL for a sharee hosted on the same server, a calendar user address or email address. In the case of the later two, the sharee might not be a user on the same server - though in that case how invitations are sent or access enabled is out of scope for this specification. A server MAY change the sharee's "address" to any suitable alternative that it might prefer when returning the list of sharees via the <xref target="CS:invite">CS:invite property</xref>. </t> <t> The client MAY include a <xref target="CS:common-name">CS:common-name</xref> element in the <xref target="CS:set">CS:set</xref> element. When provided, the value represents the common name for the sharee, and is returned in the list of sharees via the <xref target="CS:invite">CS:invite property</xref>. The server MAY change this to a suitable alternative when it is able to match the sharee to a known user. If absent from the client request, the server SHOULD add a CS:common-name when it is able to match the sharee with a known user, and a common name for that user can be determined. </t> <t> When the sharee list on a shared calendar is changed, the server MUST send notifications to each sharee to update them on their current sharing status. This is accomplished by sending a <xref target="CS:invite-notification">CS:invite-notification</xref> notification to each sharee. </t> <section title="Example: Successful Sharee Add Request"> <t> This example shows how to add a single sharee (with calendar user address "mailto:eric@example.com") to a shared calendar with CS:read-write access. </t> <figure> <preamble>>> Request <<</preamble> <artwork><![CDATA[ POST /calendars/users/cyrus/shared/ HTTP/1.1 Host: calendar.example.com Content-Type: application/xml; charset="utf-8" Content-Length: xxxx <?xml version="1.0" encoding="utf-8" ?> <CS:share xmlns:D="DAV:" xmlns:CS="http://calendarserver.org/ns/"> <CS:set> <D:href>mailto:eric@example.com</D:href> <CS:common-name>Eric York</CS:common-name> <CS:summary>Shared workspace</CS:summary> <CS:read-write /> </CS:set> </CS:share>]]></artwork> </figure> <figure> <preamble>>> Response <<</preamble> <artwork><![CDATA[ HTTP/1.1 200 OK Cache-Control: no-cache Date: Sat, 11 Nov 2006 09:32:12 GMT]]></artwork> </figure> </section> <section title="Example: Successful Multiple Sharee Change Request"> <t> This example shows how multiple sharee's can be manipulated in a single request. The sharee with calendar user address "mailto:eric@example.com" has their access downgraded to CS:read, whilst another sharee is removed from the access list entirely. </t> <figure> <preamble>>> Request <<</preamble> <artwork><![CDATA[ POST /calendars/users/cyrus/shared/ HTTP/1.1 Host: calendar.example.com Content-Type: application/xml; charset="utf-8" Content-Length: xxxx <?xml version="1.0" encoding="utf-8" ?> <CS:share xmlns:D="DAV:" xmlns:CS="http://calendarserver.org/ns/"> <CS:set> <D:href>mailto:eric@example.com</D:href> <CS:summary>Shared workspace</CS:summary> <CS:read-write /> </CS:set> <CS:remove> <D:href>mailto:wilfredo@example.com</D:href> </CS:remove> </CS:share>]]></artwork> </figure> <figure> <preamble>>> Response <<</preamble> <artwork><![CDATA[ HTTP/1.1 200 OK Cache-Control: no-cache Date: Sat, 11 Nov 2006 09:32:12 GMT]]></artwork> </figure> </section> </section> </section> <section title="Sharee Actions on Shared Calendars"> <section title="Replying to a Sharing Invite"> <t> When a sharee is invited to a shared calendar they can accept or decline the invite by issuing a POST request to the sharee's calendar home collection resource. The POST request MUST contain an XML document as its body with the root element being <xref target="CS:invite-reply">CS:invite-reply</xref>. </t> <t> The <xref target="CS:invite-reply">CS:invite-reply</xref> element in the POST request specifies the sharee who is replying in the DAV:href element, the accept or decline action via the CS:invite-accepted or CS:invite-declined elements, the URL of the shared calendar in the CS:hosturl element, the unique identifier of the invite to which it is a reply in the CS:in-reply-to element, and an optional CS:summary element. </t> <t> The response to a POST request that accepts a shared calendar invite MUST be an XML document containing <xref target="CS:shared-as">CS:shared-as</xref> as its root element. That root element contains a single DAV:href element whose content is the URI of the shared calendar in the sharee's calendar home created by the invite acceptance. </t> <t> When the sharee replies to an invite, the server SHOULD send a notification to the sharer to update them on the change in the sharee state. This is accomplished by sending a <xref target="CS:invite-reply">CS:invite-reply</xref> notification to the sharer. </t> </section> <section title="Removing a Shared Calendar"> <t> To remove a shared calendar from a sharee's calendar home collection a DELETE request is targeted at the shared calendar URI. When such a request is received the server MUST remove the shared calendar from the sharee's calendar home and automatically update the sharee's status in the sharer's calendar's CS:invite property. </t> </section> </section> <section title="General Considerations"> <section title="Access Levels"> <t> Two levels of access ca be granted by a sharer to any sharee. These are governed by the CS:access element used in the CS:invite/CS:user element that specifies a shared user invite. CS:access contains a single empty element that defines the type of access granted: <list style="hanging"> <t hangText="CS:read"> When present this indicates that sharees can read calendar data but cannot change it. </t> <t hangText="CS:read-write"> When present this indicates that sharees can read and write calendar data. </t> </list> </t> </section> <section title="Allowing or Disallowing Sharing" anchor="allowed"> <t> Servers MAY support calendar sharing on a per-calendar basis - e.g., they could treat some calendars as always private (cannot be shared) or always public (always shared). As a result clients need a way to determine which calendar could be shared so they can enable or disable sharing options on a per-calendar basis. </t> <t> This specification adds a <xref target="CS:allowed-sharing-modes">CS:allowed-sharing-modes</xref> WebDAV property which servers can return on calendar collection resources. This property contains XML elements that describe which sharing or publishing capabilities can be supported by the corresponding calendar collection: <list> <t><xref target="CS:can-be-shared">CS:can-be-shared</xref>: when present indicates that the calendar collection can be shared. When not present, the calendar collection cannot be shared.</t> <t><xref target="CS:can-be-published">CS:can-be-published</xref>: when present indicates that the calendar collection can be published. When not present, the calendar collection cannot be published.</t> </list> </t> <t> When not present on a calendar collection, sharing or publishing of that calendar is not allowed. Clients SHOULD NOT attempt to use requests to enable sharing or publishing targeted at those calendar collections. </t> </section> <section title="Per-user WebDAV Properties"> <t> Servers MUST support "per-user" WebDAV properties on shared calendar collections and MAY support them on calendar object resources within shared calendar collections. A "per-user" WebDAV property is one whose value can be set and retrieved independently by each user with appropriate access rights. e.g., user "A" changes the DAV:displayname property on a shared calendar in their calendar home to "My calendar", and user "B" changes the same property to "Shared" on the same shared calendar in their calendar home. When each user retrieves the property value they will see their own last stored value and not the value of the other user. </t> <t> For shared calendars, the server MUST allow all users to write "per-user" WebDAV properties on the shared calendar collection and MAY allow property writes on calendar object resources within the shared calendar collection. This is required even in the case where the sharee has been granted read access only (i.e., the ability to change calendar data is disallowed). This requirement ensures that sharees can always change "personal" properties such as calendar colors and display names. </t> <t> Servers MUST treat the following properties as "per-user": <list> <t>DAV:displayname</t> <t>CALDAV:calendar-description</t> <t>CALDAV:schedule-calendar-transp</t> <t>ICAL:calendar-color</t> </list> </t> <t> Servers MAY treat any dead property as per-user. </t> <t> Servers MUST NOT treat live properties as per-user. </t> </section> <section title="Per-user Calendar Data" anchor="per-user-data"> <t> Servers MUST support "per-user" calendar data in calendar object resources stored in shared calendars. This allows each sharee and the sharer to store their own alarms and free busy transparency status without "interfering" with other users who also have access to the same calendar object resources. </t> <t> For calendaring object resources in shared calendar collections, the server MUST treat the following iCalendar data objects as per-user: <list> <t>TRANSP property</t> <t>VALARM component</t> </list> </t> <t> Servers MAY treat any non-standard X- iCalendar properties as per-user. </t> <t> When handling per-user data in recurring components, servers SHOULD eliminate overridden instances when returning iCalendar data to clients in the case where there are no differences between the overridden component and the instance that could be derived from the "master" recurrence component. For example, consider a daily recurring event, Monday through Friday, initially defined without any overridden instances, that is in a shared calendar. If user "A" overrides the Tuesday instance and adds their own "VALARM" component only, then when user "A" later retrieves the data again they would see that overridden instance, but when user "B" does so, they would not. This ensures that each user sees the most "compact" representation of the calendar data. </t> </section> <section title="Scheduling"> <t> <xref target="RFC6638">CalDAV Scheduling</xref> defines how a CalDAV server carries out scheduling operations when calendar object resources are created, modified or deleted and include "ORGANIZER" and "ATTENDEE" iCalendar properties. </t> <t> When calendar object resources are created, modified or deleted in shared calendars by sharees, the following restrictions apply: <list style="numbers"> <t>The "ORGANIZER" iCalendar property value in the iCalendar data MUST match a calendar user address of the sharer (owner) of the shared calendar. The DAV:owner WebDAV property MUST be present on a shared calendar and MUST provide a reference to a principal-URL of the sharer (owner) of the shared calendar. Clients can use this value to determine what the allowed "ORGANIZER" iCalendar property values are. The server MUST reject any attempt by a sharee to create an iCalendar component with an "ORGANIZER" property value other than the sharer (owner) of the shared calendar.</t> <t>The server MUST reject any attempt by a sharee to MOVE a calendar object resource in a shared calendar to some other collection.</t> <t>When a sharee is listed as an Attendee in a calendar object resource in a shared calendar, and write access is granted, the sharee is allowed to change not only iCalendar data related to the Organizer, but also data related to the Attendee. i.e., a sharee can change their own participation status on the "ATTENDEE" iCalendar property referring to them. Additionally, if the sharee is not listed as an Attendee, and write access is granted, the sharee can add themselves as an Attendee.</t> <t>The default calendar collection defined in Section 6.3 of <xref target="RFC6638"/> MUST NOT be a calendar shared to the corresponding calendar user.</t> </list> </t> <t> Following are additional considerations for scheduling with shared calendars: <list style="numbers"> <t>A scheduled iCalendar component could appear in more than one calendar collection within a sharee's calendar home if the sharee is an Attendee and the Organizer or other Attendees have shared a calendar with the sharee that includes their copies of the iCalendar component. It is important to note that the scheduled component in the shared calendar could have different access rights than the one in the sharee's owned calendar.</t> <t>A scheduled iCalendar component appearing in a sharee's shared calendar could include the sharee as an Attendee. For recurring events, it is possible for the sharee to only be listed as an Attendee in some instances, as opposed to all. Clients will need to be aware of this when allowing sharee's to set their own participation status.</t> </list> </t> <t> In addition, when a shared calendar is first accepted by a sharee, the server SHOULD set the CALDAV:schedule-calendar-transp property to the value CALDAV:transparent to ensure newly accepted shared calendars do not contribute to the sharee's freebusy time until the sharee explicitly requests it. </t> </section> </section> </section> <section title='XML Element Definitions'> <section title="CS:shared-owner" anchor="CS:shared-owner"> <t> <list style="hanging"> <t hangText="Name:">shared-owner</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Used to indicate that a calendar is being shared by the owner.</t> <t hangText="Description:">This property appears in the DAV:resourcetype property on the calendar collection resource shared by a sharer. See <xref target="properties"/>.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT shared-owner EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:shared" anchor="CS:shared"> <t> <list style="hanging"> <t hangText="Name:">shared</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Used to indicate that a calendar is being shared to a sharee.</t> <t hangText="Description:">This property appears in the DAV:resourcetype property on a calendar collection resource that is shared to a sharee and appears in the sharee's calendar home collection. See <xref target="properties"/>.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT shared EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:can-be-shared" anchor="CS:can-be-shared"> <t> <list style="hanging"> <t hangText="Name:">can-be-shared</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Used to indicate that a calendar can be shared.</t> <t hangText="Description:">This element indicates that a calendar can be shared with other users. See <xref target="CS:allowed-sharing-modes"/></t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT can-be-shared EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:can-be-published" anchor="CS:can-be-published"> <t> <list style="hanging"> <t hangText="Name:">can-be-published</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Used to indicate that a calendar can be published.</t> <t hangText="Description:">This element indicates that a calendar can be published to anyone. See <xref target="CS:allowed-sharing-modes"/></t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT can-be-published EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:user" anchor="CS:user"> <t> <list style="hanging"> <t hangText="Name:">user</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Used to show status of sharing invites sent to sharees.</t> <t hangText="Description:">This element provides the "status" of a sharing invite sent to a particular user. See <xref target="CS:invite"/>.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT user (DAV:href, common-name?, (invite-noresponse | invite-accepted | invite-declined | invite-invalid), access, summary?)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:invite-noresponse"> <t> <list style="hanging"> <t hangText="Name:">invite-noresponse</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Sharing invite status.</t> <t hangText="Description:">When used in a <xref target="CS:user">CS:user</xref> element, this element is used to indicate that the sharee has never replied to the corresponding sharing invite. When used in a <xref target="CS:invite-notification">CS:invite-notification</xref> element, this element is used to indicate to the sharee that a sharing reply is needed.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT invite-noresponse EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:invite-deleted"> <t> <list style="hanging"> <t hangText="Name:">invite-deleted</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Sharing invite status.</t> <t hangText="Description:">When used in a <xref target="CS:invite-notification">CS:invite-notification</xref> element, this element is used to indicate to the sharee that a shared calendar has been unshared by the sharer.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT invite-deleted EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:invite-accepted"> <t> <list style="hanging"> <t hangText="Name:">invite-accepted</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Sharing invite status.</t> <t hangText="Description:">When used in a <xref target="CS:user">CS:user</xref> element, this element is used to indicate that the sharee has accepted the corresponding sharing invite. When used in a <xref target="CS:invite-notification">CS:invite-notification</xref> element, this element is used to indicate to the sharee that the sharing invite is an update for one they previously accepted.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT invite-accepted EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:invite-declined"> <t> <list style="hanging"> <t hangText="Name:">invite-declined</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Sharing invite status.</t> <t hangText="Description:">When used in a <xref target="CS:user">CS:user</xref> element, this element is used to indicate that the sharee has declined the corresponding sharing invite. When used in a <xref target="CS:invite-notification">CS:invite-notification</xref> element, this element is used to indicate to the sharee that the sharing invite is an update for one they previously declined.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT invite-declined EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:invite-invalid"> <t> <list style="hanging"> <t hangText="Name:">invite-invalid</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Sharing invite status.</t> <t hangText="Description:">When used in a <xref target="CS:user">CS:user</xref> element, this element is used to indicate that the corresponding sharee is not a valid calendar user known to the server.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT invite-invalid EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:access"> <t> <list style="hanging"> <t hangText="Name:">access</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Shared calendar access level.</t> <t hangText="Description:">When used in a <xref target="CS:user">CS:user</xref> element, this element is used to indicate the sharing access level granted to the corresponding sharee.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT access (read | read-write)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:read"> <t> <list style="hanging"> <t hangText="Name:">read</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Shared calendar access level privilege.</t> <t hangText="Description:">Indicates that the access level granted only allows sharees to read data in the shared calendar (though they can write <xref target="per-user-data">per-user data</xref>).</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT read EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:read-write"> <t> <list style="hanging"> <t hangText="Name:">read-write</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Shared calendar access level privilege.</t> <t hangText="Description:">Indicates that the access level granted allows sharees to read and write all data in the shared calendar, with the exception of components that would trigger scheduling.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT read-write EMPTY>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:summary"> <t> <list style="hanging"> <t hangText="Name:">summary</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Summary or title of shared calendar.</t> <t hangText="Description:">A brief description of a shared calendar. This can be used by sharers to communicate the nature of a shared calendar to sharees, as well as used by sharees to indicate back to the sharer how each sharee is refering to the shared calendar.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT summary (#PCDATA)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:invite-notification" anchor="CS:invite-notification"> <t> <list style="hanging"> <t hangText="Name:">invite-notification</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">A notification used as a shared calendar invite.</t> <t hangText="Description:">Defines a notification message sent automatically by the server when a sharer adds, changes or removes a sharee from a shared calendar. The DAV:href element specifies the calendar user address of the sharee to whom the message was sent. The CALDAV:supported-calendar-component-set is a copy of the matching WebDAV property on the sharers calendar collection, to allow clients to know what restrictions might apply to the shared calendar before accepting it.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT invite-notification ( uid, DAV:href, (invite-noresponse | invite-deleted | invite-accepted | invite-declined), access, hosturl, organizer, summary?, CALDAV:supported-calendar-component-set?>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:uid"> <t> <list style="hanging"> <t hangText="Name:">uid</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Unique identifier.</t> <t hangText="Description:">A unique identifier for an invitation to a shared calendar.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT uid (#PCDATA)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:hosturl"> <t> <list style="hanging"> <t hangText="Name:">hosturl</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Identifies the source URL of a shared calendar.</t> <t hangText="Description:">Contains a single DAV:href element that refers to the source of a shared calendar - i.e., the URL of the calendar shared by the sharer.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT hosturl (DAV:href)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:organizer"> <t> <list style="hanging"> <t hangText="Name:">organizer</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Identifies the sharer of a shared calendar.</t> <t hangText="Description:">Contains a single DAV:href element that identifies the calendar user address of the sharer of a shared calendar, and an optional CS:common-name element that matches that user, and an option CS:first-name, CS:last-name pair of elements that match that user. In some cases servers might have directory information that includes only the common name, or only the first or last name, and it is better to expose those directly to the client as-is rather than to try and split or combine the attributes to synthesize one set or the other.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT organizer (DAV:href, CS:common-name?, (CS:first-name, CS:last-name)?)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:common-name" anchor="CS:common-name"> <t> <list style="hanging"> <t hangText="Name:">common-name</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">The common name of a sharer or sharee.</t> <t hangText="Description:">The common name is optionally provided by a client when adding a sharee and optionally included (or modified) by the server when returning results for sharers or sharees and in notifications.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT common-name (#PCDATA)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:first-name" anchor="CS:first-name"> <t> <list style="hanging"> <t hangText="Name:">first-name</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">The first name of a sharer or sharee.</t> <t hangText="Description:">The first name is optionally included by the server when returning results for sharers or sharees and in notifications.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT first-name (#PCDATA)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:last-name" anchor="CS:last-name"> <t> <list style="hanging"> <t hangText="Name:">last-name</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">The last name of a sharer or sharee.</t> <t hangText="Description:">The last name is optionally included by the server when returning results for sharers or sharees and in notifications.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT last-name (#PCDATA)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:invite-reply" anchor="CS:invite-reply"> <t> <list style="hanging"> <t hangText="Name:">invite-reply</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">A notification used as a reply to a shared calendar invite.</t> <t hangText="Description:">Defines a notification message sent automatically by the server when a sharee replies to a shared calendar invite. The DAV:href element specifies the calendar user address of the sharee to whom the original invite message was sent.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT invite-reply (DAV:href, (invite-accepted | invite-declined), hosturl, in-reply-to, summary?>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:in-reply-to"> <t> <list style="hanging"> <t hangText="Name:">in-reply-to</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Unique identifier.</t> <t hangText="Description:">Specifies the unique identifier of the inviate message that this notification message is a reply to.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT in-reply-to (#PCDATA)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:notification" anchor="CS:notification"> <t> <list style="hanging"> <t hangText="Name:">notification</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Notification message root element.</t> <t hangText="Description:">The root element used in notification resources.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT notification (CS:dtstamp, (invite-notification | invite-reply)> <!-- Any notification type element can appear after CS:dtstamp, this specification defines only the two listed above -->]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:dtstamp" anchor="CS:dtstamp"> <t> <list style="hanging"> <t hangText="Name:">dtstamp</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Date-time stamp.</t> <t hangText="Description:">Contains the date-time stamp corresponding to the creation of a notification message.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT dtstamp (#PCDATA)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:share" anchor="CS:share"> <t> <list style="hanging"> <t hangText="Name:">share</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Describes changes to sharees.</t> <t hangText="Description:">The root element used in POST requests on calendars by sharers to manipulate the sharee list of a shared calendar.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT share (set | remove)*>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:set" anchor="CS:set"> <t> <list style="hanging"> <t hangText="Name:">set</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Sets access for a sharee.</t> <t hangText="Description:">Used to add or modify sharee access to a shared calendar. The specified access to the shared calendar is given to the sharee.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT set (DAV:href, common-name?, summary?, (read | read-write)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:remove" anchor="CS:remove"> <t> <list style="hanging"> <t hangText="Name:">remove</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Removes access for a sharee.</t> <t hangText="Description:">Used to remove sharee access to a shared calendar. All access to the shared calendar is removed for the sharee.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT remove (DAV:href)>]]></artwork> </figure> </t> </list> </t> </section> <section title="CS:shared-as" anchor="CS:shared-as"> <t> <list style="hanging"> <t hangText="Name:">shared-as</t> <t hangText="Namespace:">http://calendarserver.org/ns/</t> <t hangText="Purpose:">Identifies a shared calendar.</t> <t hangText="Description:">Returned by the server for a POST request by a sharee accepting a shared calendar invite. The DAV:href element specifies the URI of the calendar created by the acceptance.</t> <t hangText="Definition:"> <figure> <artwork><![CDATA[ <!ELEMENT shared-as (DAV:href)>]]></artwork> </figure> </t> </list> </t> </section> </section> <section title='Security Considerations'> <t> Per-user WebDAV properties and iCalendar data MUST only be accessible by the user that created them. </t> <t> Alarms set by the sharer SHOULD NOT be propagated to sharees by default. Clients SHOULD NOT automatically enable triggering of alarms on shared calendars that have just been accepted without confirmation by the user. </t> <t> TBD </t> </section> <section title='IANA Considerations'> <t> This document does not require any actions on the part of IANA. </t> </section> <section title='Acknowledgments'> <t> This specification is the result of discussions between the Apple calendar server and client teams. </t> </section> </middle> <back> <references title='Normative References'> &rfc2119; &rfc3744; &rfc4791; &rfc4918; &rfc6638; </references> <!-- <references title='Informative References'> </references> --> <section title='Change History'> <t>Changes in -03: <list style='numbers'> <t>Fixed access element DTD.</t> <t>Remove MKxxx and PROPPATCH mechanism for upgrading/downgrading shared state on a calendar collection. Instead the server implicitly sets the state based on whether there are any sharees or not..</t> <t>Added CS:first-name and CS:last-name optional element to CS:organizer.</t> <t>Added CALDAV:supported-calendar-component-set optional element to CS:invite-notification.</t> </list> </t> <t>Changes in -02: <list style='numbers'> <t>Removed read-write-shared access mode - now a server that does not support shared scheduling should advertise that via a DAV header</t> </list> </t> <t>Changes in -01: <list style='numbers'> <t>Added CS:shared-url property</t> <t>Clarified that notifications are only required to be sent when sharee status is changed</t> </list> </t> </section> </back> </rfc>