In organizations it is quite common that you want to have a shared address book with the contact data of all your colleagues.

Today you can achieve this with a address book created within the contacts app and shared with all others. But this has some issues:

1. If you share it read-only someone has to be in charge to keep it up to date
2. If you share it read-write so that everyone can add their own contact data people have to maintain their information twice, once in "contacts" and once in the personal settings.
3. If you share it read-write you risk that people delete contacts by accident, add contacts which doesn't belong to the address book, etc

All information from the personal settings are already written to a carddav system address book. So technically we already have everything we need in the back-end. The idea is to expose it to the contacts app for all users and via carddav in a read-only mode. This way:

1. Every time someone updates their personal settings or if they are updated in a central user management like LDAP the address book will be updated as well.
2. People don't have to maintain their information in multiple places
3. You don't risk that people delete contacts by accident or add personal contacts which doesn't belong to the address book.

Of course there should be a Admin switch to enable/disable this behavior. In most organizations this will be quite useful but of course a shared hoster for example doesn't want to present all users in a address book to all the other users (Although keep in mind that they do it already though the "people menu" which can not be disabled so the feature suggested here has no additional impact on the users privacy). The feature should respect the existing sharing and user enumeration settings.

Acceptance criteria

• Data sources
  1. User backend
  2. Profile
  • Respect profile privacy settings
• Exposed as read-only CalDAV collection
  • Has to be listable in Contacts app
  • Has to be readable by CalDAV clients
  • Name: "Accounts" (should have localized display name, if possible)
• Respects sharing settings for user enumeration
• Do not show in share dialogue (would duplicate users)
• Org chart continues to work
• Mapping
  • Manager -> X-MANAGERSNAME (set by admin via user management, not the user)
    • Optional: map from LDAP
  • Display name -> FN
  • Primary email addresses -> EMAIL (without TYPE)
  • Secondary email addresses -> EMAIL (without TYPE)
  • Phone number -> TEL (without TYPE)
  • Organisation (to be renamed to Company) -> ORG
  • Role (to be renamed to Title) -> TITLE
  • Location -> ADR
  • Language -> LANG
  • Profile page https://cloud.domain.tld/u/<uid> (if enabled) -> URL
  • Optional: https://cloud.domain.tld/apps/spreed/?callUser=<uid> -> URL
  • Optional: Nextcloud groups -> CATEGORIES (if possible and OK with data privacy)

Work packages

• [Bug]: System address book is not syncable #38141
• Store local properties in system addressbook too #38021
• Write profile properties and backend properties to system address book #37800
• Assign managers to users and map value in the system address book #37963
• [Feature] CardDAV - expose system address book #37797
• Frontend part: expose system address book contacts#3317
• Raw z-app-generated--contactsinteraction--recent URI visible to user contacts#2187
• Document system addressbook for admins documentation#10020
• Document system addressbook documentation#10021
• [Bug]: ContactsSearchProvider not respecting share enumeration #37799
• [Research] federated sharing and exposing the system address book #37798
• Add repair step to remove all guest users from system address book