nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-05-30 03:24:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Obfuscate event data when reader only has read-free-busy permission.

Browse Source 
Signed-off-by: Andrew McMillan <andrew@morphoss.com>
This commit is contained in:
Andrew McMillan 2011-01-04 17:08:22 +13:00
parent e70bcd80d1
commit 51576df490
2 changed files with 19 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
inc/DAVResource.php
View File

@ -12,6 +12,7 @@
require_once('AwlCache.php'); require_once('AwlCache.php');
require_once('AwlQuery.php'); require_once('AwlQuery.php');
require_once('DAVTicket.php'); require_once('DAVTicket.php');
require_once('iCalendar.php');
/** /**
@ -260,8 +261,18 @@ class DAVResource
else { else {
$this->resourcetypes = ''; $this->resourcetypes = '';
if ( isset($this->resource->caldav_data) ) { if ( isset($this->resource->caldav_data) ) {
if ( substr($this->resource->caldav_data,0,15) == 'BEGIN:VCALENDAR' ) { $this->resource->displayname = $this->resource->summary;
if ( strtoupper(substr($this->resource->caldav_data,0,15)) == 'BEGIN:VCALENDAR' ) {
$this->contenttype = 'text/calendar'; $this->contenttype = 'text/calendar';
if ( !$this->HavePrivilegeTo('read') && $this->HavePrivilegeTo('read-free-busy') ) {
$vcal = new iCalComponent($this->resource->caldav_data);
$confidential = $vcal->CloneConfidential();
$this->resource->caldav_data = $confidential->Render();
$this->resource->displayname = $this->resource->summary = translate('Busy');
$this->resource->description = null;
$this->resource->location = null;
$this->resource->url = null;
}
} }
else if ( strtoupper(substr($this->resource->caldav_data,0,11)) == 'BEGIN:VCARD' ) { else if ( strtoupper(substr($this->resource->caldav_data,0,11)) == 'BEGIN:VCARD' ) {
$this->contenttype = 'text/vcard'; $this->contenttype = 'text/vcard';
@ -269,7 +280,6 @@ class DAVResource
else if ( strtoupper(substr($this->resource->caldav_data,0,11)) == 'BEGIN:VLIST' ) { else if ( strtoupper(substr($this->resource->caldav_data,0,11)) == 'BEGIN:VLIST' ) {
$this->contenttype = 'text/x-vlist'; $this->contenttype = 'text/x-vlist';
} }
$this->resource->displayname = $this->resource->summary;
} }
} }
} }
@ -1478,9 +1488,9 @@ EOQRY;
break; break;
case 'DAV::owner': case 'DAV::owner':
// After a careful reading of RFC3744 we see that this must be the principal-URL of the owner // The principal-URL of the owner
$owner_url = ( isset($this->_is_binding) && $this->_is_binding ? $this->collection->bind_owner_url : $this->principal_url() ); if ( !isset($this->principal) ) $this->FetchPrincipal();
$reply->DAVElement( $prop, 'owner', $reply->href( $owner_url ) ); $reply->DAVElement( $prop, 'owner', $reply->href( $this->principal->url() ) );
break; break;
// Empty tag responses. // Empty tag responses.

6
issues/i_1378ca0a.cil
View File

@ -1,9 +1,9 @@
Summary: DAVResource should sometimes obfuscate resource data Summary: DAVResource should sometimes obfuscate resource data
Status: New Status: Finished
CreatedBy: Andrew McMillan <andrew@morphoss.com> CreatedBy: Andrew McMillan <andrew@morphoss.com>
AssignedTo: AssignedTo: Andrew McMillan <andrew@morphoss.com>
Inserted: 2011-01-02T21:25:18 Inserted: 2011-01-02T21:25:18
Updated: 2011-01-02T21:25:18 Updated: 2011-01-04T04:06:12
When freebusy permissions are available, DAVResource will sometimes When freebusy permissions are available, DAVResource will sometimes
be called on to provide the real resource data, and in such cases be called on to provide the real resource data, and in such cases