UI: New function: Support property overrides on incoming shares

integ_tests/test_shared_collection_edit.py

@@ -0,0 +1,100 @@
+# This file is part of Radicale - CalDAV and CardDAV server
+# Copyright © 2026-2026 Max Berger <max@berger.name>
+#
+# This library is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
+
+"""
+Integration tests for editing properties of a shared collection.
+"""
+
+import pathlib
+import re
+from typing import Any, Generator
+
+import pytest
+from playwright.sync_api import Page, expect
+
+from integ_tests.common import SHARING_HTPASSWD, login, start_radicale_server
+
+
+@pytest.fixture
+def radicale_server(tmp_path: pathlib.Path) -> Generator[str, Any, None]:
+    yield from start_radicale_server(tmp_path, SHARING_HTPASSWD)
+
+
+def create_named_collection(page: Page, name: str) -> None:
+    page.click('.fabcontainer a[data-name="new"]')
+    page.fill('#createcollectionscene input[data-name="displayname"]', name)
+    page.click('#createcollectionscene button[data-name="submit"]')
+    expect(page.locator("#createcollectionscene")).to_be_hidden()
+
+
+def test_shared_collection_property_edit(page: Page, radicale_server: str) -> None:
+    config = SHARING_HTPASSWD
+
+    # 1. Admin logs in and creates "Shared"
+    login(page, radicale_server, config)
+    create_named_collection(page, "Shared")
+
+    # 2. Admin shares it with "max" with "Allow Properties write" enabled
+    article = page.locator("article:not(.hidden)").filter(
+        has=page.locator("[data-name='title']", has_text="Shared")
+    )
+    article.hover()
+    article.locator("a[data-name='share']").click(force=True)
+
+    page.click('button[data-name="sharebymap"]')
+    page.locator('input[data-name="shareuser"]').fill(config.user_username)
+    page.locator('input[data-name="sharehref"]').fill("shared-mapped")
+    # Allow properties write
+    page.check("#newshare_attr_properties_write_allow")
+    page.click('#createeditsharescene button[data-name="submit"]')
+    page.click('#sharecollectionscene button[data-name="cancel"]')
+
+    # 3. Admin logs out
+    page.click('a[data-name="logout"]')
+
+    # 4. Max logs in
+    page.fill('#loginscene input[data-name="user"]', config.user_username)
+    page.fill('#loginscene input[data-name="password"]', "userpassword")
+    page.click('button:has-text("Next")')
+
+    # 5. Max enables the shared collection
+    page.click('a[data-name="incomingshares"]')
+    row = page.locator("tr[data-name='incomingsharerowtemplate']:not(.hidden)")
+    expect(row.locator("input[data-name='pathortoken']")).to_have_value(
+        re.compile("shared-mapped")
+    )
+    row.locator("input[data-name='enabled']").check()
+    row.locator("input[data-name='shown']").check()
+    page.click('#incomingsharingscene button[data-name="close"]')
+
+    # 6. Verify "Edit" button is visible
+    shared_article = page.locator("article:not(.hidden)").filter(
+        has=page.locator("[data-name='title']", has_text="Shared")
+    )
+    shared_article.hover()
+    expect(shared_article.locator("a[data-name='edit']")).to_be_visible()
+
+    # 7. Max edits the collection
+    shared_article.locator("a[data-name='edit']").click()
+    page.fill('#editcollectionscene input[data-name="displayname"]', "Renamed by Max")
+    page.click('#editcollectionscene button[data-name="submit"]')
+
+    # 8. Verify the change
+    expect(
+        page.locator(
+            "article:not(.hidden) [data-name='title']", has_text="Renamed by Max"
+        )
+    ).to_be_visible()

integ_tests/test_sharing_login.py

@@ -151,11 +151,9 @@ def test_incoming_shares(
     expect(article.locator('[data-name="shareoption"]')).to_be_hidden()
     expect(article.locator('a[data-name="delete"]')).to_be_hidden()
 
-    # Edit button depends on permissions
-    if permissions == "rw":
-        expect(article.locator('a[data-name="edit"]')).to_be_visible()
-    else:
-        expect(article.locator('a[data-name="edit"]')).to_be_hidden()
+    # Edit button is visible if either data write or property write is allowed.
+    # In the test environment, permit_properties_overlay is true, so it's always visible.
+    expect(article.locator('a[data-name="edit"]')).to_be_visible()
 
     # 7. Assert no error was shown
     expect(page.locator('#incomingsharingscene span[data-name="error"]')).to_be_hidden()

radicale/web/internal_data/js/scenes/CollectionsScene.js

@@ -22,8 +22,8 @@
 import { delete_collection } from "../api/api.js";
 import { get_auth_header } from "../api/common.js";
 import { Collection, CollectionType, Permission } from "../models/collection.js";
-import { collectionsCache } from "../utils/collections_cache.js";
 import { extract_title } from "../utils/collection_utils.js";
+import { collectionsCache } from "../utils/collections_cache.js";
 import { ErrorHandler } from "../utils/error.js";
 import { bytesToHumanReadable, completeHref, get_element, get_element_by_id } from "../utils/misc.js";
 import { UrlTextHandler } from "../utils/url_text.js";
@@ -243,10 +243,14 @@ export class CollectionsScene {
                 share_option.removeAttribute("data-name");
             }
             delete_btn.classList.add("hidden");
-            if (!/w/i.test(share.Permissions || "")) {
-                edit_btn.classList.add("hidden");
-            } else {
+
+            let has_write_permission = /w/i.test(share.Permissions || "");
+            let has_write_properties = /P/i.test(share.Permissions || "") || collection.has_permission(Permission.WRITE_PROPERTIES);
+
+            if (has_write_permission || has_write_properties) {
                 edit_btn.classList.remove("hidden");
+            } else {
+                edit_btn.classList.add("hidden");
             }
         }
         title_form.textContent = collection.displayname || collection.href;