mirror of
https://gitlab.com/davical-project/davical.git
synced 2026-05-26 02:44:29 +00:00
Rationalise confidential event rewriting and fix $c->hide_alarm function.
This commit is contained in:
Andrew McMillan
parent
02b6d47082
commit
10afabbeb9
@ -283,7 +283,7 @@ class DAVResource
|
||||
$this->resource->location = null;
|
||||
$this->resource->url = null;
|
||||
}
|
||||
else if ( isset($c->hide_alarms) && $c->hide_alarms && !$this->HavePrivilegeTo('write') ) {
|
||||
else if ( isset($c->hide_alarm) && $c->hide_alarm && !$this->HavePrivilegeTo('write') ) {
|
||||
$vcal1 = new iCalComponent($this->resource->caldav_data);
|
||||
$comps = $vcal1->GetComponents();
|
||||
$vcal2 = new iCalComponent();
|
||||
|
||||
@ -334,25 +334,25 @@ $sql = 'SELECT caldav_data.*,calendar_item.* FROM collection INNER JOIN caldav_
|
||||
if ( isset($c->strict_result_ordering) && $c->strict_result_ordering ) $sql .= " ORDER BY caldav_data.dav_id";
|
||||
$qry = new AwlQuery( $sql, $params );
|
||||
if ( $qry->Exec("calquery",__LINE__,__FILE__) && $qry->rows() > 0 ) {
|
||||
while( $calendar_object = $qry->Fetch() ) {
|
||||
if ( !$need_post_filter || apply_filter( $qry_filters, $calendar_object ) ) {
|
||||
while( $dav_object = $qry->Fetch() ) {
|
||||
if ( !$need_post_filter || apply_filter( $qry_filters, $dav_object ) ) {
|
||||
if ( $bound_from != $target_collection->dav_name() ) {
|
||||
$calendar_object->dav_name = str_replace( $bound_from, $target_collection->dav_name(), $calendar_object->dav_name);
|
||||
$dav_object->dav_name = str_replace( $bound_from, $target_collection->dav_name(), $dav_object->dav_name);
|
||||
}
|
||||
if ( $need_expansion ) {
|
||||
$vResource = new vComponent($calendar_object->caldav_data);
|
||||
$vResource = new vComponent($dav_object->caldav_data);
|
||||
$expanded = expand_event_instances($vResource, $expand_range_start, $expand_range_end, $expand_as_floating );
|
||||
if ( $expanded->ComponentCount() == 0 ) continue;
|
||||
if ( $need_expansion ) $calendar_object->caldav_data = $expanded->Render();
|
||||
if ( $need_expansion ) $dav_object->caldav_data = $expanded->Render();
|
||||
}
|
||||
else if ( isset($range_filter) ) {
|
||||
$vResource = new vComponent($calendar_object->caldav_data);
|
||||
$vResource = new vComponent($dav_object->caldav_data);
|
||||
$expanded = getVCalendarRange($vResource);
|
||||
dbg_error_log('calquery', 'Expanded to %s:%s which might overlap %s:%s',
|
||||
$expanded->from, $expanded->until, $range_filter->from, $range_filter->until );
|
||||
if ( !$expanded->overlaps($range_filter) ) continue;
|
||||
}
|
||||
$responses[] = calendar_to_xml( $properties, $calendar_object );
|
||||
$responses[] = component_to_xml( $properties, $dav_object );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -39,7 +39,7 @@ if ( $xmltree->GetTag() != 'DAV::principal-property-search'
|
||||
$target->NeedPrivilege( array('DAV::read', 'urn:ietf:params:xml:ns:caldav:read-free-busy'), true ); // They may have either
|
||||
}
|
||||
|
||||
require_once("iCalendar.php");
|
||||
require_once("vCalendar.php");
|
||||
|
||||
$reportnum = -1;
|
||||
$report = array();
|
||||
@ -80,110 +80,6 @@ switch( $xmltree->GetTag() ) {
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Return XML for a single calendar (or todo) entry from the DB
|
||||
*
|
||||
* @param array $properties The properties for this calendar
|
||||
* @param string $item The calendar data for this calendar
|
||||
*
|
||||
* @return string An XML document which is the response for the calendar
|
||||
*/
|
||||
function calendar_to_xml( $properties, $item ) {
|
||||
global $session, $c, $request, $reply;
|
||||
|
||||
dbg_error_log("REPORT","Building XML Response for item '%s'", $item->dav_name );
|
||||
|
||||
$denied = array();
|
||||
$caldav_data = $item->caldav_data;
|
||||
$displayname = $item->summary;
|
||||
if ( isset($properties['calendar-data']) || isset($properties['displayname']) ) {
|
||||
if ( !$request->AllowedTo('all') && $session->user_no != $item->user_no ){
|
||||
// the user is not admin / owner of this calendarlooking at his calendar and can not admin the other cal
|
||||
/** @todo We should examine the ORGANIZER and ATTENDEE fields in the event. If this person is there then they should see this */
|
||||
if ( $item->class == 'CONFIDENTIAL' || !$request->AllowedTo('read') ) {
|
||||
$ical = new iCalComponent( $caldav_data );
|
||||
$resources = $ical->GetComponents('VTIMEZONE',false);
|
||||
$first = $resources[0];
|
||||
|
||||
// if the event is confidential we fake one that just says "Busy"
|
||||
$confidential = new iCalComponent();
|
||||
$confidential->SetType($first->GetType());
|
||||
$confidential->AddProperty( 'SUMMARY', translate('Busy') );
|
||||
$confidential->AddProperty( 'CLASS', 'CONFIDENTIAL' );
|
||||
$confidential->SetProperties( $first->GetProperties('DTSTART'), 'DTSTART' );
|
||||
$confidential->SetProperties( $first->GetProperties('RRULE'), 'RRULE' );
|
||||
$confidential->SetProperties( $first->GetProperties('DURATION'), 'DURATION' );
|
||||
$confidential->SetProperties( $first->GetProperties('DTEND'), 'DTEND' );
|
||||
$confidential->SetProperties( $first->GetProperties('UID'), 'UID' );
|
||||
$ical->SetComponents(array($confidential),$confidential->GetType());
|
||||
|
||||
$caldav_data = $ical->Render();
|
||||
$displayname = translate('Busy');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$url = ConstructURL($item->dav_name);
|
||||
|
||||
$prop = new XMLElement("prop");
|
||||
foreach( $properties AS $k => $v ) {
|
||||
switch( $k ) {
|
||||
case 'getcontentlength':
|
||||
$contentlength = strlen($caldav_data);
|
||||
$prop->NewElement($k, $contentlength );
|
||||
break;
|
||||
case 'getlastmodified':
|
||||
$prop->NewElement($k, ISODateToHTTPDate($item->modified) );
|
||||
break;
|
||||
case 'calendar-data':
|
||||
$reply->CalDAVElement($prop, $k, $caldav_data );
|
||||
break;
|
||||
case 'getcontenttype':
|
||||
$prop->NewElement($k, "text/calendar" );
|
||||
break;
|
||||
case 'current-user-principal':
|
||||
$prop->NewElement("current-user-principal", $request->current_user_principal_xml);
|
||||
break;
|
||||
case 'displayname':
|
||||
$prop->NewElement($k, $displayname );
|
||||
break;
|
||||
case 'resourcetype':
|
||||
$prop->NewElement($k); // Just an empty resourcetype for a non-collection.
|
||||
break;
|
||||
case 'getetag':
|
||||
$prop->NewElement($k, '"'.$item->dav_etag.'"' );
|
||||
break;
|
||||
case '"current-user-privilege-set"':
|
||||
$prop->NewElement($k, privileges($request->permissions) );
|
||||
break;
|
||||
case 'SOME-DENIED-PROPERTY': /** indicating the style for future expansion */
|
||||
$denied[] = $v;
|
||||
break;
|
||||
default:
|
||||
dbg_error_log( 'REPORT', "Request for unsupported property '%s' of calendar item.", $v );
|
||||
$unsupported[] = $v;
|
||||
}
|
||||
}
|
||||
$status = new XMLElement("status", "HTTP/1.1 200 OK" );
|
||||
|
||||
$propstat = new XMLElement( "propstat", array( $prop, $status) );
|
||||
$href = new XMLElement("href", $url );
|
||||
$elements = array($href,$propstat);
|
||||
|
||||
if ( count($denied) > 0 ) {
|
||||
$status = new XMLElement("status", "HTTP/1.1 403 Forbidden" );
|
||||
$noprop = new XMLElement("prop");
|
||||
foreach( $denied AS $k => $v ) {
|
||||
$noprop->NewElement( strtolower($v) );
|
||||
}
|
||||
$elements[] = new XMLElement( "propstat", array( $noprop, $status) );
|
||||
}
|
||||
|
||||
$response = new XMLElement( "response", $elements );
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Return XML for a single component from the DB
|
||||
@ -219,33 +115,27 @@ function component_to_xml( $properties, $item ) {
|
||||
$contenttype = 'text/vcard';
|
||||
break;
|
||||
}
|
||||
if ( isset($properties['calendar-data']) || isset($properties['displayname']) ) {
|
||||
if ( !$request->AllowedTo('all') && $session->user_no != $item->user_no ){
|
||||
// the user is not admin / owner of this calendarlooking at his calendar and can not admin the other cal
|
||||
/** @todo We should examine the ORGANIZER and ATTENDEE fields in the event. If this person is there then they should see this */
|
||||
if ( $type == 'calendar' && $item->class == 'CONFIDENTIAL' || !$request->AllowedTo('read') ) {
|
||||
$ical = new iCalComponent( $caldav_data );
|
||||
$resources = $ical->GetComponents('VTIMEZONE',false);
|
||||
$first = $resources[0];
|
||||
|
||||
// if the event is confidential we fake one that just says "Busy"
|
||||
$confidential = new iCalComponent();
|
||||
$confidential->SetType($first->GetType());
|
||||
$confidential->AddProperty( 'SUMMARY', translate('Busy') );
|
||||
$confidential->AddProperty( 'CLASS', 'CONFIDENTIAL' );
|
||||
$confidential->SetProperties( $first->GetProperties('DTSTART'), 'DTSTART' );
|
||||
$confidential->SetProperties( $first->GetProperties('RRULE'), 'RRULE' );
|
||||
$confidential->SetProperties( $first->GetProperties('DURATION'), 'DURATION' );
|
||||
$confidential->SetProperties( $first->GetProperties('DTEND'), 'DTEND' );
|
||||
$confidential->SetProperties( $first->GetProperties('UID'), 'UID' );
|
||||
$ical->SetComponents(array($confidential),$confidential->GetType());
|
||||
|
||||
$caldav_data = $ical->Render();
|
||||
$displayname = translate('Busy');
|
||||
if ( $type == 'calendar' ) {
|
||||
if ( isset($properties['calendar-data']) || isset($properties['displayname']) ) {
|
||||
if ( !$request->AllowedTo('all') && $session->user_no != $item->user_no ) {
|
||||
// the user is not admin / owner of this calendar looking at his calendar and can not admin the other cal
|
||||
if ( $item->class == 'CONFIDENTIAL' || !$request->AllowedTo('read') ) {
|
||||
dbg_error_log("REPORT","Anonymising confidential event for: %s", $item->dav_name );
|
||||
$vcal = new vCalendar( $caldav_data );
|
||||
$caldav_data = $vcal->Confidential()->Render();
|
||||
$displayname = translate('Busy');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ( isset($properties['calendar-data']) && isset($c->hide_alarm) && $c->hide_alarm && !$request->HavePrivilegeTo('write') ) {
|
||||
dbg_error_log("REPORT","Stripping event alarms for: %s", $item->dav_name );
|
||||
$vcal = new vCalendar($caldav_data);
|
||||
$vcal->ClearComponents('VALARM');
|
||||
$caldav_data = $vcal->Render();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$url = ConstructURL($item->dav_name);
|
||||
|
||||
$prop = new XMLElement("prop");
|
||||
|
||||
@ -2,8 +2,8 @@ HTTP/1.1 207 Multi-Status
|
||||
Date: Dow, 01 Jan 2000 00:00:00 GMT
|
||||
DAV: 1, 2, 3, access-control, calendar-access, calendar-schedule
|
||||
DAV: extended-mkcol, calendar-proxy, bind, addressbook, calendar-auto-schedule
|
||||
ETag: "452f45250e12e66d9f6db823b4615a48"
|
||||
Content-Length: 3503
|
||||
ETag: "987fc68a44b7bc99bdf6fe3ab2d0b0ad"
|
||||
Content-Length: 3587
|
||||
Content-Type: text/xml; charset="utf-8"
|
||||
|
||||
<?xml version="1.0" encoding="utf-8" ?>
|
||||
@ -60,6 +60,16 @@ END:VCALENDAR
|
||||
<C:calendar-data>BEGIN:VCALENDAR
|
||||
PRODID:-//Mozilla Calendar//NONSGML Sunbird//EN
|
||||
VERSION:2.0
|
||||
BEGIN:VEVENT
|
||||
CREATED:20061223T032350Z
|
||||
LAST-MODIFIED:20061223T033144Z
|
||||
DTSTAMP:20061223T033144Z
|
||||
UID:9d050be7-8a02-4355-8ed3-02a9fc5f473f
|
||||
CLASS:CONFIDENTIAL
|
||||
DTSTART;TZID=/mozilla.org/20050126_1/Antarctica/McMurdo:20061223T160000
|
||||
DTEND;TZID=/mozilla.org/20050126_1/Antarctica/McMurdo:20061223T180000
|
||||
SUMMARY:Busy
|
||||
END:VEVENT
|
||||
BEGIN:VTIMEZONE
|
||||
TZID:/mozilla.org/20050126_1/Antarctica/McMurdo
|
||||
X-LIC-LOCATION:Antarctica/McMurdo
|
||||
@ -78,13 +88,6 @@ DTSTART:19701004T020000
|
||||
RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=1SU;BYMONTH=10
|
||||
END:DAYLIGHT
|
||||
END:VTIMEZONE
|
||||
BEGIN:VEVENT
|
||||
SUMMARY:Busy
|
||||
CLASS:CONFIDENTIAL
|
||||
DTSTART;TZID=/mozilla.org/20050126_1/Antarctica/McMurdo:20061223T160000
|
||||
DTEND;TZID=/mozilla.org/20050126_1/Antarctica/McMurdo:20061223T180000
|
||||
UID:9d050be7-8a02-4355-8ed3-02a9fc5f473f
|
||||
END:VEVENT
|
||||
END:VCALENDAR
|
||||
</C:calendar-data>
|
||||
</prop>
|
||||
|
||||
@ -2,8 +2,8 @@ HTTP/1.1 207 Multi-Status
|
||||
Date: Dow, 01 Jan 2000 00:00:00 GMT
|
||||
DAV: 1, 2, 3, access-control, calendar-access, calendar-schedule
|
||||
DAV: extended-mkcol, calendar-proxy, bind, addressbook
|
||||
ETag: "452f45250e12e66d9f6db823b4615a48"
|
||||
Content-Length: 3503
|
||||
ETag: "987fc68a44b7bc99bdf6fe3ab2d0b0ad"
|
||||
Content-Length: 3587
|
||||
Content-Type: text/xml; charset="utf-8"
|
||||
|
||||
<?xml version="1.0" encoding="utf-8" ?>
|
||||
@ -60,6 +60,16 @@ END:VCALENDAR
|
||||
<C:calendar-data>BEGIN:VCALENDAR
|
||||
PRODID:-//Mozilla Calendar//NONSGML Sunbird//EN
|
||||
VERSION:2.0
|
||||
BEGIN:VEVENT
|
||||
CREATED:20061223T032350Z
|
||||
LAST-MODIFIED:20061223T033144Z
|
||||
DTSTAMP:20061223T033144Z
|
||||
UID:9d050be7-8a02-4355-8ed3-02a9fc5f473f
|
||||
CLASS:CONFIDENTIAL
|
||||
DTSTART;TZID=/mozilla.org/20050126_1/Antarctica/McMurdo:20061223T160000
|
||||
DTEND;TZID=/mozilla.org/20050126_1/Antarctica/McMurdo:20061223T180000
|
||||
SUMMARY:Busy
|
||||
END:VEVENT
|
||||
BEGIN:VTIMEZONE
|
||||
TZID:/mozilla.org/20050126_1/Antarctica/McMurdo
|
||||
X-LIC-LOCATION:Antarctica/McMurdo
|
||||
@ -78,13 +88,6 @@ DTSTART:19701004T020000
|
||||
RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=1SU;BYMONTH=10
|
||||
END:DAYLIGHT
|
||||
END:VTIMEZONE
|
||||
BEGIN:VEVENT
|
||||
SUMMARY:Busy
|
||||
CLASS:CONFIDENTIAL
|
||||
DTSTART;TZID=/mozilla.org/20050126_1/Antarctica/McMurdo:20061223T160000
|
||||
DTEND;TZID=/mozilla.org/20050126_1/Antarctica/McMurdo:20061223T180000
|
||||
UID:9d050be7-8a02-4355-8ed3-02a9fc5f473f
|
||||
END:VEVENT
|
||||
END:VCALENDAR
|
||||
</C:calendar-data>
|
||||
</prop>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user