Change freebusy to use the code we wrote for the free busy REPORT.

htdocs/freebusy.php

@@ -3,69 +3,9 @@ require_once("../inc/always.php");
 dbg_error_log( "freebusy", " User agent: %s", ((isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "Unfortunately Mulberry and Chandler don't send a 'User-agent' header with their requests :-(")) );
 require_once("BasicAuthSession.php");
 
-$raw_headers = apache_request_headers();
-$raw_post = file_get_contents ( 'php://input');
+dbg_log_array( "headers", '_SERVER', $_SERVER, true );
 
-/**
-* Our path is /<script name>/<user name>/<user controlled> if it ends in
-* a trailing '/' then it is referring to a DAV 'collection' but otherwise
-* it is referring to a DAV data item.
-*
-* Permissions are controlled as follows:
-*  1. if there is no <user name> component, the request has read privileges
-*  2. if the requester is an admin, the request has read/write priviliges
-*  3. if there is a <user name> component which matches the logged on user
-*     then the request has read/write privileges
-*  4. otherwise we query the defined relationships between users and use
-*     the minimum privileges returned from that analysis.
-*/
-$request_path = $_SERVER['PATH_INFO'];
-$bad_chars_regex = '/[\\^\\[\\(\\\\]/';
-if ( preg_match( $bad_chars_regex, $request_path ) ) {
-  header("HTTP/1.1 400 Bad Request");
-  header("Content-type: text/plain");
-  echo "The calendar path contains illegal characters.";
-  dbg_error_log("freebusy", "Illegal characters /%s/ in calendar path for User: %d, Path: %s", $bad_chars_regex, $session->user_no, $request_path);
-  exit(0);
-}
-dbg_error_log("freebusy", "Legal characters /%s/ in calendar path for User: %d, Path: %s", $bad_chars_regex, $session->user_no, $request_path);
-
-$path_split = preg_split('#/+#', $request_path );
-$permissions = array();
-if ( !isset($path_split[1]) || $path_split[1] == '' ) {
-  dbg_error_log( "freebusy", "No useful path split possible" );
-  unset($path_user_no);
-  unset($path_username);
-}
-else {
-  $path_username = $path_split[1];
-  @dbg_error_log( "freebusy", "Path split into at least /// %s /// %s /// %s", $path_split[1], $path_split[2], $path_split[3] );
-  $qry = new PgQuery( "SELECT * FROM usr WHERE username = ?;", $path_username );
-  if ( $qry->Exec("caldav") && $path_user_record = $qry->Fetch() ) {
-    $path_user_no = $path_user_record->user_no;
-  }
-  if ( $session->AllowedTo("Admin") ) {
-    $permissions = array('read' => 'read', "write" => 'write' );
-    dbg_error_log( "freebusy", "Full permissions for a systems administrator" );
-  }
-  else if ( $session->user_no == $path_user_no ) {
-    $permissions = array('read' => 'read', "write" => 'write' );
-    dbg_error_log( "freebusy", "Full permissions for user accessing their own hierarchy" );
-  }
-  else if ( isset($path_user_no) ) {
-    /**
-    * We need to query the database for permissions
-    */
-    $qry = new PgQuery( "SELECT get_permissions( ?, ? ) AS perm;", $session->user_no, $path_user_no);
-    if ( $qry->Exec("caldav") && $permission_result = $qry->Fetch() ) {
-      $permission_result = "!".$permission_result->perm; // We prepend something to ensure we get a non-zero position.
-      $permissions = array();
-      if ( strpos($permission_result,"R") )       $permissions['read'] = 'read';
-      if ( strpos($permission_result,"W") )       $permissions['write'] = 'write';
-    }
-    dbg_error_log( "freebusy", "Restricted permissions for user accessing someone elses hierarchy: read=%s, write=%s", isset($permissions['read']), isset($permissions['write']) );
-  }
-}
+require_once("CalDAVRequest.php");
 
 /**
 * We also allow URLs like .../freebusy.php/user@example.com to work, so long as
@@ -73,27 +13,9 @@ else {
 * NOTE: It is OK for there to *be* duplicate e-mail addresses, just so long as we
 * only have read permission (or more) for only one of them.
 */
-if ( isset($by_email) ) unset( $by_email );
-if ( preg_match( '#/(\S+@\S+[.]\S+)$#', $request_path, $matches) ) {
-  $by_email = $matches[1];
-  $qry = new PgQuery("SELECT user_no FROM usr WHERE email = ? AND get_permissions(?,user_no) ~ 'R';", $by_email, $session->user_no );
-  if ( $qry->Exec("freebusy",__LINE__,__FILE__) && $qry->rows == 1 ) {
-    $email_user = $qry->Fetch();
-    $permissions['read'] = 'read';
-  }
-  else {
-    unset( $by_email );
-  }
-}
+$request = new CalDAVRequest(array("allow_by_email" => 1));
 
-
-if ( !isset($permissions['read']) ) {
-  header("HTTP/1.1 403 Forbidden");
-  header("Content-type: text/plain");
-  echo "You may not access that calendar.";
-  dbg_error_log("freebusy", "Access denied for User: %d, Path: %s", $session->user_no, $request_path);
-  exit(0);
-}
+if ( ! $request->AllowedTo('freebusy') ) $request->DoResponse( 404 );
 
 switch ( $_SERVER['REQUEST_METHOD'] ) {
   case 'GET':

inc/freebusy-GET.php

@@ -1,33 +1,79 @@
 <?php
 require_once("iCalendar.php");
+include_once("RRule.php");
 
-  $sql = 'SELECT caldav_data.caldav_type AS type, calendar_item.uid, calendar_item.rrule ';
-  $sql .= ', to_ical_utc(dtstart)  AS dtstart ';
-  $sql .= ', to_ical_utc(dtend)    AS dtend ';
-  $sql .= ', to_ical_utc(due)      AS due ';
-  $sql .= ', to_ical_utc(dtstamp)  AS dtstamp ';
-  $sql .= ', to_ical_utc(last_modified)  AS "last-modified" ';
-  $sql .= ' FROM caldav_data INNER JOIN calendar_item USING(user_no, dav_name) ';
-  if ( isset($by_email) ) {
-    $sql .= " WHERE caldav_data.user_no = $email_user->user_no;";
-  }
-  else {
-    $sql .= " WHERE caldav_data.user_no = $path_user_no AND caldav_data.dav_name ~ ".qpg("^".$request_path);
-  }
-  $qry = new PgQuery( $sql );
+$start = date( "Ymd\THis", time() - (86400 * 30) );
+$finish = date( "Ymd\THis", time() + (86400 * 200) );
+if ( isset($request->by_email) ) {
+  $where = "WHERE caldav_data.user_no = $request->user_no ";
+}
+else {
+  $where = "WHERE caldav_data.user_no = $request->user_no AND caldav_data.dav_name ~ ".qpg("^".$request->path)." ";
+}
+$where .= "AND (dtend >= '$start'::timestamp with time zone OR calculate_later_timestamp('$start'::timestamp with time zone,dtend,rrule) >= '$start'::timestamp with time zone) ";
+$where .= "AND dtstart <= '$finish'::timestamp with time zone ";
+$where .= "AND caldav_data.caldav_type IN ( 'VEVENT', 'VFREEBUSY' ) ";
 
-  header("Content-type: text/calendar");
-
-  echo iCalendar::iCalHeader();
-
-  $freebusy_properties = array( "uid", "dtstamp", "dtstart", "duration", "last-modified", "rrule" );
-
-  if ( $qry->Exec("freebusy",__LINE__,__FILE__) && $qry->rows > 0 ) {
-    while( $calendar_item = $qry->Fetch() ) {
-      $event = new iCalendar( $calendar_item );
-      echo $event->Render( false, 'VFREEBUSY', $freebusy_properties );
+$busy = array();
+$busy_tentative = array();
+$sql = "SELECT caldav_data.caldav_data, calendar_item.rrule, ";
+$sql .= "to_char(calendar_item.dtstart at time zone 'GMT',".iCalendar::SqlDateFormat().") AS start, ";
+$sql .= "to_char(calendar_item.dtend at time zone 'GMT',".iCalendar::SqlDateFormat().") AS finish ";
+$sql .= "FROM caldav_data INNER JOIN calendar_item USING(user_no, dav_name) $where ORDER BY dtstart, dtend";
+// echo $sql. "\n";
+$qry = new PgQuery( $sql );
+if ( $qry->Exec("freebusy",__LINE__,__FILE__) && $qry->rows > 0 ) {
+  while( $calendar_object = $qry->Fetch() ) {
+    if ( ! preg_match( '/^TRANSP.*TRANSPARENT/im', $calendar_object->caldav_data ) ) {
+      if ( preg_match( '/^STATUS.*:.*TENTATIVE/im', $calendar_object->caldav_data ) ) {
+        $busy_tenantive[] = $calendar_object;
+      }
+      else if ( ! preg_match( '/STATUS.*:.*CANCELLED/m', $calendar_object->caldav_data ) ) {
+        dbg_error_log( "freebusy", " FreeBusy: Not transparent, tentative or cancelled: %s, %s", $calendar_object->start, $calendar_object->finish );
+        $busy[] = $calendar_object;
+      }
     }
   }
-  echo iCalendar::iCalFooter();
+}
+$freebusy = iCalendar::iCalHeader();
+$freebusy .= sprintf("BEGIN:VFREEBUSY\nDTSTAMP:%s\nDTSTART:%s\nDTEND:%s\n", date('Ymd\THis\Z'), $start, $finish);
+
+foreach( $busy_tentative AS $k => $v ) {
+  $start = new iCalDate($v->start);
+  $duration = $start->DateDifference($v->finish);
+  if ( $v->rrule != "" ) {
+    $rrule = new RRule( $start, $v->rrule );
+    while ( $date = $rrule->GetNext() ) {
+      if ( ! $date->GreaterThan($start) ) continue;
+      if ( $date->GreaterThan($finish) ) break;
+      $freebusy .= sprintf("FREEBUSY;FBTYPE=BUSY-TENTATIVE:%s/%s\n", $date->Render('Ymd\THis'), $duration );
+    }
+  }
+  else {
+    $freebusy .= sprintf("FREEBUSY;FBTYPE=BUSY-TENTATIVE:%s/%s\n", $start->Render('Ymd\THis'), $duration );
+  }
+}
+
+foreach( $busy AS $k => $v ) {
+  $start = new iCalDate($v->start);
+  $duration = $start->DateDifference($v->finish);
+  if ( $v->rrule != "" ) {
+    $rrule = new RRule( $start, $v->rrule );
+    while ( $date = $rrule->GetNext() ) {
+      if ( ! $date->GreaterThan($start) ) continue;
+      if ( $date->GreaterThan($finish) ) break;
+      $freebusy .= sprintf("FREEBUSY:%s/%s\n", $date->Render('Ymd\THis'), $duration );
+    }
+  }
+  else {
+    $freebusy .= sprintf("FREEBUSY:%s/%s\n", $start->Render('Ymd\THis'), $duration );
+  }
+}
+
+$freebusy .= "END:VFREEBUSY\n";
+$freebusy .= iCalendar::iCalFooter();
+$request->DoResponse( 200, $freebusy, 'text/calendar' );
+// Won't return from that
+
 
 ?>