nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-05-27 02:54:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

MKTICKET handling is now working.

Browse Source
This commit is contained in:
Andrew McMillan 2010-03-05 12:29:54 +13:00
parent 231e3fda8a
commit 31f8c6b17f
9 changed files with 237 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
inc/caldav-MKTICKET.php
View File

@ -18,33 +18,31 @@
* @license http://gnu.org/copyleft/gpl.html GNU GPL v2 or later
*/
dbg_error_log('MKTICKET', 'method handler');
require_once('AwlQuery.php');
require_once('DAVResource.php');
$request->NeedPrivilege('DAV::bind');
require_once('XMLDocument.php');
$reply = new XMLDocument(array( 'DAV:' => '', 'T' => 'http://www.xythos.com/namespaces/StorageServer', 'DT' => 'http://xmlns.davical.org/ticket' ));
$reply = new XMLDocument(array( 'DAV:' => '', 'T' => 'http://www.xythos.com/namespaces/StorageServer' ));
$target = new DAVResource( $request->path );
if ( ! $target->Exists() ) {
$request->XMLResponse( 404, $reply->Render( 'error', new XMLElement('not-found') ) );
$request->XMLResponse( 404, new XMLElement( 'error', new XMLElement('resource-must-not-be-null'), $reply->GetXmlNsArray() ) );
}
if ( ! isset($request->xml_tags) ) {
$request->XMLResponse( 400, $reply->Render( 'error', new XMLElement('missing-xml-for-request') ) );
$request->XMLResponse( 400, new XMLElement( 'error', new XMLElement('missing-xml-for-request'), $reply->GetXmlNsArray() ) );
}
$xmltree = BuildXMLTree( $request->xml_tags, $position);
if ( $xmltree->GetTag() != 'http://www.xythos.com/namespaces/StorageServer:ticketinfo' ) {
$request->XMLResponse( 400, $reply->Render( 'error', new XMLElement('invalid-xml-for-request') ) );
if ( $xmltree->GetTag() != 'http://www.xythos.com/namespaces/StorageServer:ticketinfo' &&
$xmltree->GetTag() != 'DAV::ticketinfo' ) {
$request->XMLResponse( 400, new XMLElement( 'error', new XMLElement('invalid-xml-for-request'), $reply->GetXmlNsArray() ) );
}
$ticket_visits = 'infinity';
$ticket_timeout = 'Seconds-3600';
$ticket_public = 0;
$ticket_privs_array = array('read-free-busy');
$ticketinfo = $xmltree->GetContent();
foreach( $ticketinfo AS $k => $v ) {
foreach( $xmltree->GetContent() AS $k => $v ) {
// <!ELEMENT ticketinfo (id?, owner?, timeout, visits, privilege)>
switch( $v->GetTag() ) {
case 'DAV::timeout':
@ -52,16 +50,6 @@ foreach( $ticketinfo AS $k => $v ) {
$ticket_timeout = $v->GetContent();
break;
case 'DAV::public':
case 'http://xmlns.davical.org/ticket:public':
$ticket_public = 1;
break;
case 'DAV::visits':
case 'http://www.xythos.com/namespaces/StorageServer:visits':
$ticket_visits = $v->GetContent();
break;
case 'DAV::privilege':
case 'http://www.xythos.com/namespaces/StorageServer:privilege':
$ticket_privs_array = $v->GetElements(); // Ensure we always get an array back
@ -71,12 +59,12 @@ foreach( $ticketinfo AS $k => $v ) {
}
if ( $ticket_privileges & privilege_to_bits('write') ) $ticket_privileges |= privilege_to_bits( 'read' );
if ( $ticket_privileges & privilege_to_bits('read') ) $ticket_privileges |= privilege_to_bits( array('read-free-busy', 'read-current-user-privilege-set') );
if ( $ticket_privileges & privilege_to_bits('read-free-busy') ) $ticket_privileges |= privilege_to_bits( 'schedule-query-freebusy') );
if ( $ticket_privileges & privilege_to_bits('read-free-busy') ) $ticket_privileges |= privilege_to_bits( 'schedule-query-freebusy');
break;
}
}
if ( preg_match( '{^([a-z]+)-(\d+)$}', $ticket_timeout, $matches ) ) {
if ( preg_match( '{^([a-z]+)-(\d+)$}i', $ticket_timeout, $matches ) ) {
/** It isn't specified, but timeout seems to be 'unit-number' like 'Seconds-3600', so we make it '3600 Seconds' which PostgreSQL understands */
$sql_timeout = $matches[2] . ' ' . $matches[1];
}
@ -84,40 +72,40 @@ else {
$sql_timeout = $ticket_timeout;
}
$sql_visits = ( $ticket_visits == 'infinity' ? -1: intval($ticket_visits) );
$collection_id = $target->GetProperty('collection_id');
$resource_id = $target->GetProperty('dav_id');
$i = 0;
do {
$ticket_id = substr(sha1(date('r') .rand(2100000000) . microtime(true)), 7, 8);
$ticket_id = substr( str_replace('+', '',base64_encode(sha1(date('r') .rand(0,2100000000) . microtime(true),true))), 7, 8);
$qry = new AwlQuery(
'INSERT INTO access_ticket ( ticket_id, dav_owner_id, is_public, privileges, target_collection_id, target_resource_id, expires, visits )
VALUES( :ticket_id, :owner, :public, :privs, :collection, :resource, (current_timestamp + interval :expires), :visits )',
'INSERT INTO access_ticket ( ticket_id, dav_owner_id, privileges, target_collection_id, target_resource_id, expires )
VALUES( :ticket_id, :owner, :privs, :collection, :resource, (current_timestamp + :expires::interval) )',
array(
':ticket_id' => $ticket_id,
':owner' => $session->principal_id,
':public' => $ticket_public,
':privs' => $ticket_privileges,
':privs' => sprintf( '%024.24s', decbin($ticket_privileges)),
':collection' => $collection_id,
':resource' => $resource_id,
':expires' => $sql_timeout,
':visits' => $sql_visits
)
)
);
$result = $qry->Exec('MKTICKET', __LINE__, __FILE__);
} while( !$result && $i++ < 2 );
$privs = array();
foreach( bits_to_privilege($ticket_privileges) AS $k => $v ) {
$privs[] = new XMLElement($v);
}
$ticketinfo = new XMLElement( 'T:ticketinfo', array(
new XMLElement( 'T:id', $ticket_id),
new XMLElement( 'owner', $reply->href( ConstructURL($session->dav_name) ) ),
new XMLElement( 'privilege', privileges_to_XML(bits_to_privilege($ticket_privileges),$reply)),
new XMLElement( 'owner', $reply->href( ConstructURL('/'.$session->username.'/') ) ),
new XMLElement( 'privilege', $privs),
new XMLElement( 'T:timeout', $ticket_timeout),
new XMLElement( 'T:visits', $ticket_visits)
new XMLElement( 'T:visits', 'infinity')
)
);
if ( $ticket_public ) $ticketinfo->NewElement( 'DT:public', $ticket_public);
$request->XMLResponse( 200, $reply->Render( 'prop', new XMLElement('T:ticketdiscovery', $ticketinfo) ) );
$prop = new XMLElement( "prop", new XMLElement('T:ticketdiscovery', $ticketinfo), $reply->GetXmlNsArray() );
$request->XMLResponse( 200, $prop );

26
testing/tests/regression-suite/948-MKTICKET.result Normal file
View File

@ -0,0 +1,26 @@
<?xml version="1.0" encoding="utf-8" ?>
<prop xmlns="DAV:" xmlns:http://www.xythos.com/namespaces/StorageServer="T">
<T:ticketdiscovery>
<T:ticketinfo>
<T:id>Good Ticket ID</T:id>
<owner>
<href>/caldav.php/user1/</href>
</owner>
<privilege>
<DAV::read/>
<DAV::read-current-user-privilege-set/>
<urn:ietf:params:xml:ns:caldav:read-free-busy/>
<urn:ietf:params:xml:ns:caldav:schedule-query-freebusy/>
</privilege>
<T:timeout>Second-3600</T:timeout>
<T:visits>infinity</T:visits>
</T:ticketinfo>
</T:ticketdiscovery>
</prop>
dav_owner_id: >3<
privileges: >000000000001001000100001<
target_collection: >10<
target_resource_i: >NULL<
timeout: >01:00:00<

28
testing/tests/regression-suite/948-MKTICKET.test Normal file
View File

@ -0,0 +1,28 @@
#
# MKTICKET request for a ticket on a collection
#
TYPE=MKTICKET
URL=http://regression.host/caldav.php/user1/home/
HEADER=User-Agent: Ticket Spec Tests
HEADER=Content-Type: text/xml; charset="UTF-8"
BEGINDATA
<?xml version="1.0" encoding="utf-8" ?>
<D:ticketinfo xmlns:D="DAV:" >
<D:privilege><D:read/></D:privilege>
<D:timeout>Second-3600</D:timeout>
<D:visits>1</D:visits>
</D:ticketinfo>
ENDDATA
QUERY
SELECT dav_owner_id,
(expires - current_timestamp)::interval(0) AS timeout,
privileges,
target_collection_id,
target_resource_id
FROM access_ticket
ENDQUERY
REPLACE=!<T:id>\S{8}</T:id>!<T:id>Good Ticket ID</T:id>!

19
testing/tests/regression-suite/949-MKTICKET.result Normal file
View File

@ -0,0 +1,19 @@
HTTP/1.1 400 Bad Request
Date: Dow, 01 Jan 2000 00:00:00 GMT
DAV: 1, 2, access-control, calendar-access, calendar-schedule, extended-mkcol, calendar-proxy
ETag: "960996e0df498010929014e5d8385771"
Content-Length: 155
Connection: close
Content-Type: text/xml; charset="utf-8"
<?xml version="1.0" encoding="utf-8" ?>
<error xmlns="DAV:" xmlns:http://www.xythos.com/namespaces/StorageServer="T">
<missing-xml-for-request/>
</error>
dav_owner_id: >3<
privileges: >000000000001001000100001<
target_collection: >10<
target_resource_i: >NULL<
timeout: >00:59:01<

24
testing/tests/regression-suite/949-MKTICKET.test Normal file
View File

@ -0,0 +1,24 @@
#
# MKTICKET request for a ticket on a collection
#
TYPE=MKTICKET
URL=http://regression.host/caldav.php/user1/home/
HEADER=User-Agent: Ticket Spec Tests
HEADER=Content-Type: text/xml; charset="UTF-8"
HEAD
# Test error response on no XML
BEGINDATA
ENDDATA
QUERY
SELECT dav_owner_id,
(expires - current_timestamp)::interval(0) AS timeout,
privileges,
target_collection_id,
target_resource_id
FROM access_ticket
ENDQUERY
REPLACE=!<T:id>\S{8}</T:id>!<T:id>Good Ticket ID</T:id>!

37
testing/tests/regression-suite/950-MKTICKET.result Normal file
View File

@ -0,0 +1,37 @@
<?xml version="1.0" encoding="utf-8" ?>
<prop xmlns="DAV:" xmlns:http://www.xythos.com/namespaces/StorageServer="T">
<T:ticketdiscovery>
<T:ticketinfo>
<T:id>Good Ticket ID</T:id>
<owner>
<href>/caldav.php/user1/</href>
</owner>
<privilege>
<DAV::read/>
<DAV::read-current-user-privilege-set/>
<urn:ietf:params:xml:ns:caldav:read-free-busy/>
<DAV::write/>
<DAV::write-properties/>
<DAV::write-content/>
<DAV::bind/>
<DAV::unbind/>
<urn:ietf:params:xml:ns:caldav:schedule-query-freebusy/>
</privilege>
<T:timeout>Second-86400</T:timeout>
<T:visits>infinity</T:visits>
</T:ticketinfo>
</T:ticketdiscovery>
</prop>
dav_owner_id: >3<
privileges: >000000000001001000100001<
target_collection: >10<
target_resource_i: >NULL<
timeout: >00:58:51<
dav_owner_id: >3<
privileges: >000000000001001011100111<
target_collection: >10<
target_resource_i: >1365<
timeout: >24:00:00<

27
testing/tests/regression-suite/950-MKTICKET.test Normal file
View File

@ -0,0 +1,27 @@
#
# MKTICKET request for a ticket on a collection resource
#
TYPE=MKTICKET
URL=http://regression.host/caldav.php/user1/home/4aaf8f37-f232-4c8e-a72e-e171d4c4fe54.ics
HEADER=User-Agent: Ticket Spec Tests
HEADER=Content-Type: text/xml; charset="UTF-8"
BEGINDATA
<?xml version="1.0" encoding="utf-8" ?>
<D:ticketinfo xmlns:D="DAV:" >
<D:privilege><D:write/></D:privilege>
<D:timeout>Second-86400</D:timeout>
</D:ticketinfo>
ENDDATA
QUERY
SELECT dav_owner_id,
(expires - current_timestamp)::interval(0) AS timeout,
privileges,
target_collection_id,
target_resource_id
FROM access_ticket
ENDQUERY
REPLACE=!<T:id>\S{8}</T:id>!<T:id>Good Ticket ID</T:id>!

24
testing/tests/regression-suite/951-MKTICKET.result Normal file
View File

@ -0,0 +1,24 @@
<?xml version="1.0" encoding="utf-8" ?>
<error xmlns="DAV:">
<need-privileges>
<resource>
<href>/caldav.php/user4/home/</href>
<privilege>
<bind/>
</privilege>
</resource>
</need-privileges>
</error>
dav_owner_id: >3<
privileges: >000000000001001000100001<
target_collection: >10<
target_resource_i: >NULL<
timeout: >00:58:35<
dav_owner_id: >3<
privileges: >000000000001001011100111<
target_collection: >10<
target_resource_i: >1365<
timeout: >23:59:43<

28
testing/tests/regression-suite/951-MKTICKET.test Normal file
View File

@ -0,0 +1,28 @@
#
# MKTICKET request for a ticket on a collection we don't have rights to
#
TYPE=MKTICKET
URL=http://regression.host/caldav.php/user4/home/
HEADER=User-Agent: Ticket Spec Tests
HEADER=Content-Type: text/xml; charset="UTF-8"
BEGINDATA
<?xml version="1.0" encoding="utf-8" ?>
<D:ticketinfo xmlns:D="DAV:" >
<D:privilege><D:read/></D:privilege>
<D:timeout>Second-3600</D:timeout>
<D:visits>1</D:visits>
</D:ticketinfo>
ENDDATA
QUERY
SELECT dav_owner_id,
(expires - current_timestamp)::interval(0) AS timeout,
privileges,
target_collection_id,
target_resource_id
FROM access_ticket
ENDQUERY
REPLACE=!<T:id>\S{8}</T:id>!<T:id>Good Ticket ID</T:id>!