nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-05-21 01:54:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Efficiency improvements from bypassing get_permissions() call in query.

Browse Source
This commit is contained in:
Andrew McMillan 2008-01-23 18:03:28 +13:00
parent 30e0e47e71
commit 615c53d3f8
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
inc/caldav-GET.php
View File

@ -23,10 +23,10 @@ if ( $request->IsCollection() ) {
* The CalDAV specification does not define GET on a collection, but typically this is
* used as a .ics download for the whole collection, which is what we do also.
*/
$qry = new PgQuery( "SELECT caldav_data, class, caldav_type, calendar_item.user_no, get_permissions($session->user_no,caldav_data.user_no) as permissions FROM caldav_data LEFT JOIN calendar_item USING ( dav_name ) WHERE caldav_data.user_no = ? AND caldav_data.dav_name ~ ? $privacy_clause ORDER BY caldav_data.user_no, caldav_data.dav_name, caldav_data.created;", $request->user_no, $request->path.'[^/]+$');
$qry = new PgQuery( "SELECT caldav_data, class, caldav_type, calendar_item.user_no FROM caldav_data LEFT JOIN calendar_item USING ( dav_name ) WHERE caldav_data.user_no = ? AND caldav_data.dav_name ~ ? $privacy_clause ORDER BY caldav_data.user_no, caldav_data.dav_name, caldav_data.created;", $request->user_no, $request->path.'[^/]+$');
}
else {
$qry = new PgQuery( "SELECT caldav_data, caldav_data.dav_etag, class, caldav_type, calendar_item.user_no, get_permissions($session->user_no,caldav_data.user_no) as permissions FROM caldav_data LEFT JOIN calendar_item USING ( dav_name ) WHERE caldav_data.user_no = ? AND caldav_data.dav_name = ? $privacy_clause;", $request->user_no, $request->path);
$qry = new PgQuery( "SELECT caldav_data, caldav_data.dav_etag, class, caldav_type, calendar_item.user_no FROM caldav_data LEFT JOIN calendar_item USING ( dav_name ) WHERE caldav_data.user_no = ? AND caldav_data.dav_name = ? $privacy_clause;", $request->user_no, $request->path);
}
dbg_error_log("get", "%s", $qry->querystring );
if ( $qry->Exec("GET") && $qry->rows == 1 ) {
@ -54,7 +54,7 @@ else if ( $qry->rows > 1 ) {
$ical = new iCalendar( array( "icalendar" => $event->caldav_data ) );
$timezones[$ical->Get("TZID")] = 1;
if ( !is_numeric(strpos($event->permissions,'A')) && $session->user_no != $event->user_no ){
if ( !$request->AllowedTo('all') && $session->user_no != $event->user_no ){
// the user is not admin / owner of this calendarlooking at his calendar and can not admin the other cal
if ( $event->class == 'CONFIDENTIAL' ) {
// if the event is confidential we fake one that just says "Busy"