From 5caf334f77b3a0b64a2fe00a91cbc4a2590f1c51 Mon Sep 17 00:00:00 2001 From: Andrew McMillan Date: Mon, 19 Feb 2007 11:16:14 +1300 Subject: [PATCH] Removed this which is superseded by directly issuing GET/PUT against collection URLs for WebDAV. --- htdocs/ics.php | 93 -------------------------------------------------- 1 file changed, 93 deletions(-) delete mode 100644 htdocs/ics.php diff --git a/htdocs/ics.php b/htdocs/ics.php deleted file mode 100644 index 32e939a0..00000000 --- a/htdocs/ics.php +++ /dev/null @@ -1,93 +0,0 @@ -// if it ends in -* a trailing '/' then it is referring to a DAV 'collection' but otherwise -* it is referring to a DAV data item. -* -* Permissions are controlled as follows: -* 1. if there is no component, the request has read privileges -* 2. if the requester is an admin, the request has read/write priviliges -* 3. if there is a component which matches the logged on user -* then the request has read/write privileges -* 4. otherwise we query the defined relationships between users and use -* the maximum privileges returned from that analysis. -*/ -$request_path = $_SERVER['PATH_INFO']; -$path_split = preg_split('#/+#', $request_path ); -$permissions = array(); -if ( !isset($path_split[1]) || $path_split[1] == '' ) { - dbg_error_log( "caldav", "No useful path split possible" ); - unset($path_user_no); - unset($path_username); - $permissions = array("read" => 'read' ); -} -else { - $path_username = $path_split[1]; - @dbg_error_log( "caldav", "Path split into at least /// %s /// %s /// %s", $path_split[1], $path_split[2], $path_split[3] ); - $qry = new PgQuery( "SELECT * FROM usr WHERE username = ?;", $path_username ); - if ( $qry->Exec("caldav") && $path_user_record = $qry->Fetch() ) { - $path_user_no = $path_user_record->user_no; - } - if ( $session->AllowedTo("Admin") || $session->user_no == $path_user_no ) { - $permissions = array('read' => 'read', "write" => 'write' ); - } - else if ( isset($path_user_no) ) { - /** - * We need to query the database for permissions - */ - $qry = new PgQuery( "SELECT get_permissions( ?, ? ) AS perm;", $session->user_no, $path_user_no); - if ( $qry->Exec("caldav") && $permission_result = $qry->Fetch() ) { - $permission_result = "!".$permission_result->perm; // We prepend something to ensure we get a non-zero position. - $permissions = array(); - if ( strpos($permission_result,"R") ) $permissions['read'] = 'read'; - if ( strpos($permission_result,"W") ) $permissions['write'] = 'write'; - } - } -} - -header("Content-type: text/plain"); - -if ( !isset($path_username) && ! $session->AllowedTo("Admin") ) { - header('HTTP/1.0 401 Unauthorized'); - printf( "You may not request a summarised set of all calendar information." ); - dbg_error_log( "ics", "User '%s' attempted a request for %s which would be all calendar information.", $session->username, $_SERVER['PATH_INFO'] ); -} -elseif ( isset($permissions['read']) ) { - $results = iCalendar::iCalHeader(); - - $qry = new PgQuery( "SELECT * FROM caldav_data INNER JOIN calendar_item USING(user_no, dav_name)" ); - if ( $qry->Exec("ics") && $qry->rows > 0 ) { - while( $resource = $qry->Fetch() ) { - $item = new iCalendar( array('icalendar' => $resource->caldav_data) ); - $results .= $item->JustThisBitPlease('VEVENT', 99999); - $results .= $item->JustThisBitPlease('VTODO', 99999); - $results .= $item->JustThisBitPlease('VJOURNAL', 99999); - } - } - - $results .= iCalendar::iCalFooter(); - - print $results; -} -else { - header('HTTP/1.0 401 Unauthorized'); - header("Content-type: text/plain"); - printf( "User '%s' does not have rights to that calendar information.", $session->username ); - dbg_error_log( "ics", "User '%s' does not have rights to that calendar information.", $session->username ); - exit; -} - -?> \ No newline at end of file