Decrypt CalDAV password before write-back (#1731)

writeback_event read cfg["password"] (the encrypted blob) and passed it straight to DAVClient, so every local create/edit/delete authenticated with the literal ciphertext, the remote rejected it, and the change never reached the server — the exact silent-write-loss this module was built to prevent. The pull path src/caldav_sync.py already decrypts; mirror that. decrypt() is a no-op on legacy plaintext. Caught by #1731.
2026-06-03 11:36:12 +09:00
parent 6153c5ed68
commit 9960d55a41
1 changed files with 5 additions and 1 deletions
--- a/src/caldav_writeback.py
+++ b/src/caldav_writeback.py
@@ -157,10 +157,14 @@ async def writeback_event(owner: str, calendar_source: str, calendar_id: str,
        return {"skipped": "not a caldav calendar"}
    try:
        from routes.prefs_routes import _load_for_user
+        from src.secret_storage import decrypt
        cfg = (_load_for_user(owner) or {}).get("caldav", {}) or {}
        url = (cfg.get("url") or "").strip()
        user = (cfg.get("username") or "").strip()
-        pw = cfg.get("password") or ""
+        # Stored encrypted by routes/calendar_routes; decrypt before use so
+        # the remote sees the real password (decrypt is a no-op on legacy
+        # plaintext). The pull path src/caldav_sync.py already does this.
+        pw = decrypt(cfg.get("password") or "")
        if not (url and user and pw):
            return {"skipped": "caldav not configured"}
        result = await asyncio.to_thread(_writeback_blocking, calendar_id, ev, delete, url, user, pw)