studio/calendars
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1ed0ba7206ea1b2d554fe334a886cc4e72616064
calendars/openspec/changes/add-ical-subscription-export/proposal.md
Nathan Panchout a96be2c7b7 📝(docs) add OpenSpec workflow 
Add OpenSpec workflow for AI-assisted change proposals
including proposal templates, archive commands, and
project configuration.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-27 16:56:21 +01:00

63 lines
2.7 KiB
Markdown
Raw Blame History

# Change: Add iCal Subscription Export
## Why
Users want to subscribe to their La Suite Calendars calendars from external
applications (Apple Calendar, Google Calendar, Thunderbird, Outlook, etc.)
using standard iCal URLs. Currently, external access is not supported due to
the API-key authentication model, preventing users from accessing their
calendars outside the web application.
## What Changes
- Add a standalone `CalendarSubscriptionToken` Django model that stores:
- Owner (user) reference
- CalDAV path directly (no FK to Calendar model)
- Calendar display name
- Token UUID and metadata
- Create a public Django endpoint `/ical/<token>.ics` that:
- Validates the token (no user authentication required)
- Proxies the request to SabreDAV using the stored caldav_path and owner email
- Returns the ICS generated by SabreDAV's `ICSExportPlugin`
- Enable SabreDAV's `ICSExportPlugin` in `server.php`
- Add standalone Django REST API endpoint `/api/v1.0/subscription-tokens/`:
- POST to create token with `{ caldav_path, calendar_name }`
- GET/DELETE by-path to manage existing tokens
- Permission verification via caldav_path (user's email must be in path)
- Add UI in the calendar context menu to obtain and copy the subscription URL
- Frontend extracts CalDAV path from calendar URL
- Modal auto-creates token on open
## Architecture Approach
**URL format:** `https://calendars.example.com/ical/<uuid-token>.ics`
**Key design decision:** The token model is **standalone** and stores the CalDAV
path directly, avoiding the need to synchronize CalDAV calendars with Django.
This follows the same pattern as Google Calendar and Outlook:
- Short, clean URL
- Token in URL path acts as authentication (no username/password)
- Reuses SabreDAV's ICSExportPlugin for RFC 5545 compliant ICS generation
See `design.md` for detailed technical flow.
## Impact
- **Affected specs**: New capability `ical-subscription-export`
- **Affected code**:
- `docker/sabredav/server.php` - Add ICSExportPlugin
- `src/backend/core/models.py` - New CalendarSubscriptionToken model (standalone)
- `src/backend/core/api/viewsets.py` - New SubscriptionTokenViewSet
- `src/backend/core/api/viewsets_ical.py` - New ICalExportView
- `src/frontend/apps/calendars/` - UI for subscription URL with caldavPath
- **Security**: Tokens are random UUIDs; URLs should be treated as secrets
- **Database**: New Django table for subscription tokens
- **No breaking changes** to existing functionality
## Out of Scope (Future Work)
- Subscribing TO external calendars from within La Suite Calendars (import)
- CalDAV access with HTTP Basic authentication
- Public (unauthenticated) calendar sharing without token
Reference in New Issue View Git Blame Copy Permalink