From 31f8c6b17f43c2e6002230fa11011a6ece525874 Mon Sep 17 00:00:00 2001 From: Andrew McMillan Date: Fri, 5 Mar 2010 12:29:54 +1300 Subject: [PATCH] MKTICKET handling is now working. --- inc/caldav-MKTICKET.php | 60 ++++++++----------- .../regression-suite/948-MKTICKET.result | 26 ++++++++ .../tests/regression-suite/948-MKTICKET.test | 28 +++++++++ .../regression-suite/949-MKTICKET.result | 19 ++++++ .../tests/regression-suite/949-MKTICKET.test | 24 ++++++++ .../regression-suite/950-MKTICKET.result | 37 ++++++++++++ .../tests/regression-suite/950-MKTICKET.test | 27 +++++++++ .../regression-suite/951-MKTICKET.result | 24 ++++++++ .../tests/regression-suite/951-MKTICKET.test | 28 +++++++++ 9 files changed, 237 insertions(+), 36 deletions(-) create mode 100644 testing/tests/regression-suite/948-MKTICKET.result create mode 100644 testing/tests/regression-suite/948-MKTICKET.test create mode 100644 testing/tests/regression-suite/949-MKTICKET.result create mode 100644 testing/tests/regression-suite/949-MKTICKET.test create mode 100644 testing/tests/regression-suite/950-MKTICKET.result create mode 100644 testing/tests/regression-suite/950-MKTICKET.test create mode 100644 testing/tests/regression-suite/951-MKTICKET.result create mode 100644 testing/tests/regression-suite/951-MKTICKET.test diff --git a/inc/caldav-MKTICKET.php b/inc/caldav-MKTICKET.php index 4c9aee50..aaaa6105 100644 --- a/inc/caldav-MKTICKET.php +++ b/inc/caldav-MKTICKET.php @@ -18,33 +18,31 @@ * @license http://gnu.org/copyleft/gpl.html GNU GPL v2 or later */ dbg_error_log('MKTICKET', 'method handler'); -require_once('AwlQuery.php'); +require_once('DAVResource.php'); $request->NeedPrivilege('DAV::bind'); require_once('XMLDocument.php'); -$reply = new XMLDocument(array( 'DAV:' => '', 'T' => 'http://www.xythos.com/namespaces/StorageServer', 'DT' => 'http://xmlns.davical.org/ticket' )); +$reply = new XMLDocument(array( 'DAV:' => '', 'T' => 'http://www.xythos.com/namespaces/StorageServer' )); $target = new DAVResource( $request->path ); if ( ! $target->Exists() ) { - $request->XMLResponse( 404, $reply->Render( 'error', new XMLElement('not-found') ) ); + $request->XMLResponse( 404, new XMLElement( 'error', new XMLElement('resource-must-not-be-null'), $reply->GetXmlNsArray() ) ); } if ( ! isset($request->xml_tags) ) { - $request->XMLResponse( 400, $reply->Render( 'error', new XMLElement('missing-xml-for-request') ) ); + $request->XMLResponse( 400, new XMLElement( 'error', new XMLElement('missing-xml-for-request'), $reply->GetXmlNsArray() ) ); } $xmltree = BuildXMLTree( $request->xml_tags, $position); -if ( $xmltree->GetTag() != 'http://www.xythos.com/namespaces/StorageServer:ticketinfo' ) { - $request->XMLResponse( 400, $reply->Render( 'error', new XMLElement('invalid-xml-for-request') ) ); +if ( $xmltree->GetTag() != 'http://www.xythos.com/namespaces/StorageServer:ticketinfo' && + $xmltree->GetTag() != 'DAV::ticketinfo' ) { + $request->XMLResponse( 400, new XMLElement( 'error', new XMLElement('invalid-xml-for-request'), $reply->GetXmlNsArray() ) ); } -$ticket_visits = 'infinity'; $ticket_timeout = 'Seconds-3600'; -$ticket_public = 0; $ticket_privs_array = array('read-free-busy'); -$ticketinfo = $xmltree->GetContent(); -foreach( $ticketinfo AS $k => $v ) { +foreach( $xmltree->GetContent() AS $k => $v ) { // switch( $v->GetTag() ) { case 'DAV::timeout': @@ -52,16 +50,6 @@ foreach( $ticketinfo AS $k => $v ) { $ticket_timeout = $v->GetContent(); break; - case 'DAV::public': - case 'http://xmlns.davical.org/ticket:public': - $ticket_public = 1; - break; - - case 'DAV::visits': - case 'http://www.xythos.com/namespaces/StorageServer:visits': - $ticket_visits = $v->GetContent(); - break; - case 'DAV::privilege': case 'http://www.xythos.com/namespaces/StorageServer:privilege': $ticket_privs_array = $v->GetElements(); // Ensure we always get an array back @@ -71,12 +59,12 @@ foreach( $ticketinfo AS $k => $v ) { } if ( $ticket_privileges & privilege_to_bits('write') ) $ticket_privileges |= privilege_to_bits( 'read' ); if ( $ticket_privileges & privilege_to_bits('read') ) $ticket_privileges |= privilege_to_bits( array('read-free-busy', 'read-current-user-privilege-set') ); - if ( $ticket_privileges & privilege_to_bits('read-free-busy') ) $ticket_privileges |= privilege_to_bits( 'schedule-query-freebusy') ); + if ( $ticket_privileges & privilege_to_bits('read-free-busy') ) $ticket_privileges |= privilege_to_bits( 'schedule-query-freebusy'); break; } } -if ( preg_match( '{^([a-z]+)-(\d+)$}', $ticket_timeout, $matches ) ) { +if ( preg_match( '{^([a-z]+)-(\d+)$}i', $ticket_timeout, $matches ) ) { /** It isn't specified, but timeout seems to be 'unit-number' like 'Seconds-3600', so we make it '3600 Seconds' which PostgreSQL understands */ $sql_timeout = $matches[2] . ' ' . $matches[1]; } @@ -84,40 +72,40 @@ else { $sql_timeout = $ticket_timeout; } -$sql_visits = ( $ticket_visits == 'infinity' ? -1: intval($ticket_visits) ); - $collection_id = $target->GetProperty('collection_id'); $resource_id = $target->GetProperty('dav_id'); $i = 0; do { - $ticket_id = substr(sha1(date('r') .rand(2100000000) . microtime(true)), 7, 8); + $ticket_id = substr( str_replace('+', '',base64_encode(sha1(date('r') .rand(0,2100000000) . microtime(true),true))), 7, 8); $qry = new AwlQuery( - 'INSERT INTO access_ticket ( ticket_id, dav_owner_id, is_public, privileges, target_collection_id, target_resource_id, expires, visits ) - VALUES( :ticket_id, :owner, :public, :privs, :collection, :resource, (current_timestamp + interval :expires), :visits )', + 'INSERT INTO access_ticket ( ticket_id, dav_owner_id, privileges, target_collection_id, target_resource_id, expires ) + VALUES( :ticket_id, :owner, :privs, :collection, :resource, (current_timestamp + :expires::interval) )', array( ':ticket_id' => $ticket_id, ':owner' => $session->principal_id, - ':public' => $ticket_public, - ':privs' => $ticket_privileges, + ':privs' => sprintf( '%024.24s', decbin($ticket_privileges)), ':collection' => $collection_id, ':resource' => $resource_id, ':expires' => $sql_timeout, - ':visits' => $sql_visits ) - ) + ); $result = $qry->Exec('MKTICKET', __LINE__, __FILE__); } while( !$result && $i++ < 2 ); +$privs = array(); +foreach( bits_to_privilege($ticket_privileges) AS $k => $v ) { + $privs[] = new XMLElement($v); +} $ticketinfo = new XMLElement( 'T:ticketinfo', array( new XMLElement( 'T:id', $ticket_id), - new XMLElement( 'owner', $reply->href( ConstructURL($session->dav_name) ) ), - new XMLElement( 'privilege', privileges_to_XML(bits_to_privilege($ticket_privileges),$reply)), + new XMLElement( 'owner', $reply->href( ConstructURL('/'.$session->username.'/') ) ), + new XMLElement( 'privilege', $privs), new XMLElement( 'T:timeout', $ticket_timeout), - new XMLElement( 'T:visits', $ticket_visits) + new XMLElement( 'T:visits', 'infinity') ) ); -if ( $ticket_public ) $ticketinfo->NewElement( 'DT:public', $ticket_public); -$request->XMLResponse( 200, $reply->Render( 'prop', new XMLElement('T:ticketdiscovery', $ticketinfo) ) ); +$prop = new XMLElement( "prop", new XMLElement('T:ticketdiscovery', $ticketinfo), $reply->GetXmlNsArray() ); +$request->XMLResponse( 200, $prop ); diff --git a/testing/tests/regression-suite/948-MKTICKET.result b/testing/tests/regression-suite/948-MKTICKET.result new file mode 100644 index 00000000..216a6fe4 --- /dev/null +++ b/testing/tests/regression-suite/948-MKTICKET.result @@ -0,0 +1,26 @@ + + + + + Good Ticket ID + + /caldav.php/user1/ + + + + + + + + Second-3600 + infinity + + + + + dav_owner_id: >3< + privileges: >000000000001001000100001< +target_collection: >10< +target_resource_i: >NULL< + timeout: >01:00:00< + diff --git a/testing/tests/regression-suite/948-MKTICKET.test b/testing/tests/regression-suite/948-MKTICKET.test new file mode 100644 index 00000000..f5a2d0a1 --- /dev/null +++ b/testing/tests/regression-suite/948-MKTICKET.test @@ -0,0 +1,28 @@ +# +# MKTICKET request for a ticket on a collection +# +TYPE=MKTICKET +URL=http://regression.host/caldav.php/user1/home/ +HEADER=User-Agent: Ticket Spec Tests +HEADER=Content-Type: text/xml; charset="UTF-8" + + +BEGINDATA + + + + Second-3600 + 1 + +ENDDATA + +QUERY +SELECT dav_owner_id, + (expires - current_timestamp)::interval(0) AS timeout, + privileges, + target_collection_id, + target_resource_id + FROM access_ticket +ENDQUERY + +REPLACE=!\S{8}!Good Ticket ID! diff --git a/testing/tests/regression-suite/949-MKTICKET.result b/testing/tests/regression-suite/949-MKTICKET.result new file mode 100644 index 00000000..becccec5 --- /dev/null +++ b/testing/tests/regression-suite/949-MKTICKET.result @@ -0,0 +1,19 @@ +HTTP/1.1 400 Bad Request +Date: Dow, 01 Jan 2000 00:00:00 GMT +DAV: 1, 2, access-control, calendar-access, calendar-schedule, extended-mkcol, calendar-proxy +ETag: "960996e0df498010929014e5d8385771" +Content-Length: 155 +Connection: close +Content-Type: text/xml; charset="utf-8" + + + + + + + dav_owner_id: >3< + privileges: >000000000001001000100001< +target_collection: >10< +target_resource_i: >NULL< + timeout: >00:59:01< + diff --git a/testing/tests/regression-suite/949-MKTICKET.test b/testing/tests/regression-suite/949-MKTICKET.test new file mode 100644 index 00000000..70982c10 --- /dev/null +++ b/testing/tests/regression-suite/949-MKTICKET.test @@ -0,0 +1,24 @@ +# +# MKTICKET request for a ticket on a collection +# +TYPE=MKTICKET +URL=http://regression.host/caldav.php/user1/home/ +HEADER=User-Agent: Ticket Spec Tests +HEADER=Content-Type: text/xml; charset="UTF-8" +HEAD + +# Test error response on no XML + +BEGINDATA +ENDDATA + +QUERY +SELECT dav_owner_id, + (expires - current_timestamp)::interval(0) AS timeout, + privileges, + target_collection_id, + target_resource_id + FROM access_ticket +ENDQUERY + +REPLACE=!\S{8}!Good Ticket ID! diff --git a/testing/tests/regression-suite/950-MKTICKET.result b/testing/tests/regression-suite/950-MKTICKET.result new file mode 100644 index 00000000..cb6fe63c --- /dev/null +++ b/testing/tests/regression-suite/950-MKTICKET.result @@ -0,0 +1,37 @@ + + + + + Good Ticket ID + + /caldav.php/user1/ + + + + + + + + + + + + + Second-86400 + infinity + + + + + dav_owner_id: >3< + privileges: >000000000001001000100001< +target_collection: >10< +target_resource_i: >NULL< + timeout: >00:58:51< + + dav_owner_id: >3< + privileges: >000000000001001011100111< +target_collection: >10< +target_resource_i: >1365< + timeout: >24:00:00< + diff --git a/testing/tests/regression-suite/950-MKTICKET.test b/testing/tests/regression-suite/950-MKTICKET.test new file mode 100644 index 00000000..4569a98c --- /dev/null +++ b/testing/tests/regression-suite/950-MKTICKET.test @@ -0,0 +1,27 @@ +# +# MKTICKET request for a ticket on a collection resource +# +TYPE=MKTICKET +URL=http://regression.host/caldav.php/user1/home/4aaf8f37-f232-4c8e-a72e-e171d4c4fe54.ics +HEADER=User-Agent: Ticket Spec Tests +HEADER=Content-Type: text/xml; charset="UTF-8" + + +BEGINDATA + + + + Second-86400 + +ENDDATA + +QUERY +SELECT dav_owner_id, + (expires - current_timestamp)::interval(0) AS timeout, + privileges, + target_collection_id, + target_resource_id + FROM access_ticket +ENDQUERY + +REPLACE=!\S{8}!Good Ticket ID! diff --git a/testing/tests/regression-suite/951-MKTICKET.result b/testing/tests/regression-suite/951-MKTICKET.result new file mode 100644 index 00000000..4eb3b29f --- /dev/null +++ b/testing/tests/regression-suite/951-MKTICKET.result @@ -0,0 +1,24 @@ + + + + + /caldav.php/user4/home/ + + + + + + + + dav_owner_id: >3< + privileges: >000000000001001000100001< +target_collection: >10< +target_resource_i: >NULL< + timeout: >00:58:35< + + dav_owner_id: >3< + privileges: >000000000001001011100111< +target_collection: >10< +target_resource_i: >1365< + timeout: >23:59:43< + diff --git a/testing/tests/regression-suite/951-MKTICKET.test b/testing/tests/regression-suite/951-MKTICKET.test new file mode 100644 index 00000000..c84ab2f4 --- /dev/null +++ b/testing/tests/regression-suite/951-MKTICKET.test @@ -0,0 +1,28 @@ +# +# MKTICKET request for a ticket on a collection we don't have rights to +# +TYPE=MKTICKET +URL=http://regression.host/caldav.php/user4/home/ +HEADER=User-Agent: Ticket Spec Tests +HEADER=Content-Type: text/xml; charset="UTF-8" + + +BEGINDATA + + + + Second-3600 + 1 + +ENDDATA + +QUERY +SELECT dav_owner_id, + (expires - current_timestamp)::interval(0) AS timeout, + privileges, + target_collection_id, + target_resource_id + FROM access_ticket +ENDQUERY + +REPLACE=!\S{8}!Good Ticket ID!