nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-01-27 00:33:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add debug logging for ACE changes

Browse Source
This commit is contained in:
Andrew Ruthven 2025-01-22 14:47:18 +13:00
parent f6547bd376
commit 1fec8fd111
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
inc/caldav-ACL.php
View File

@ -125,6 +125,9 @@ function process_ace( $grantor, $by_principal, $by_collection, $ace ) {
$principal_content = $principal_node->GetContent();
if ( count($principal_content) != 1 ) $request->MalformedRequest('ACL request must contain exactly one principal per ACE');
$principal_content = $principal_content[0];
dbg_error_log( 'ACE', 'NSTag: "%s", by_collection: %s, by_principal: %s', $principal_content->GetNSTag(), $by_collection ?? 'Null', $by_principal ?? 'Null');
switch( $principal_content->GetNSTag() ) {
case 'DAV::property':
$principal_property = $principal_content->GetContent();
@ -142,8 +145,10 @@ function process_ace( $grantor, $by_principal, $by_collection, $ace ) {
$principal_type = 'href';
$grantee = new DAVResource( DeconstructURL($principal_content->GetContent()) );
$grantee_id = $grantee->getProperty('principal_id');
if ( !$grantee->Exists() || !$grantee->IsPrincipal() )
$request->PreconditionFailed(403,'recognized-principal', 'Principal "' . $principal_content->GetContent() . '" not found.');
$sqlparms = array( ':to_principal' => $grantee_id);
$where = 'WHERE to_principal=:to_principal AND ';
if ( isset($by_principal) ) {
@ -154,6 +159,7 @@ function process_ace( $grantor, $by_principal, $by_collection, $ace ) {
$sqlparms[':by_collection'] = $by_collection;
$where .= 'by_collection = :by_collection';
}
$qry = new AwlQuery('SELECT privileges FROM grants '.$where, $sqlparms);
if ( $qry->Exec('ACL',__LINE__,__FILE__) && $qry->rows() == 1 && $current = $qry->Fetch() ) {
$sql = 'UPDATE grants SET privileges=:privileges::INT::BIT(24) '.$where;
@ -169,6 +175,15 @@ function process_ace( $grantor, $by_principal, $by_collection, $ace ) {
Principal::cacheDelete('dav_name',$grantee->dav_name());
Principal::cacheFlush('principal_id IN (SELECT member_id FROM group_member WHERE group_id = ?)', array($grantee_id));
}
/**
* Basically this has changed everyone's permissions now, so...
*/
$cache = getCacheInstance();
$cache->flush();
#Principal::cacheFlush('TRUE');
break;
case 'DAV::authenticated':