Allow an e-mail address to be used with the freebusy.php functionality.

htdocs/freebusy.php

@@ -67,6 +67,26 @@ else {
   }
 }
 
+/**
+* We also allow URLs like .../freebusy.php/user@example.com to work, so long as
+* the e-mail matches a single user whose calendar we have rights to.
+* NOTE: It is OK for there to *be* duplicate e-mail addresses, just so long as we
+* only have read permission (or more) for only one of them.
+*/
+if ( isset($by_email) ) unset( $by_email );
+if ( preg_match( '#/(\S+@\S+[.]\S+)$#', $request_path, $matches) ) {
+  $by_email = $matches[1];
+  $qry = new PgQuery("SELECT user_no FROM usr WHERE email = ? AND get_permissions(?,user_no) ~ 'R';", $by_email, $session->user_no );
+  if ( $qry->Exec("freebusy",__LINE__,__FILE__) && $qry->rows == 1 ) {
+    $email_user = $qry->Fetch();
+    $permissions['read'] = 'read';
+  }
+  else {
+    unset( $by_email );
+  }
+}
+
+
 if ( !isset($permissions['read']) ) {
   header("HTTP/1.1 403 Forbidden");
   header("Content-type: text/plain");

inc/freebusy-GET.php

@@ -8,7 +8,12 @@ require_once("iCalendar.php");
   $sql .= ', to_ical_utc(dtstamp)  AS dtstamp ';
   $sql .= ', to_ical_utc(last_modified)  AS "last-modified" ';
   $sql .= ' FROM caldav_data INNER JOIN calendar_item USING(user_no, dav_name) ';
-  $sql .= ' WHERE caldav_data.dav_name ~ '.qpg("^".$request_path);
+  if ( isset($by_email) ) {
+    $sql .= " WHERE caldav_data.user_no = $email_user->user_no;";
+  }
+  else {
+    $sql .= " WHERE caldav_data.user_no = $path_user_no AND caldav_data.dav_name ~ ".qpg("^".$request_path);
+  }
   $qry = new PgQuery( $sql );
 
   header("Content-type: text/calendar");