From 615c53d3f8b8ef3e2e6f6cd7a4be6d9ad3b2d701 Mon Sep 17 00:00:00 2001 From: Andrew McMillan Date: Wed, 23 Jan 2008 18:03:28 +1300 Subject: [PATCH] Efficiency improvements from bypassing get_permissions() call in query. --- inc/caldav-GET.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/inc/caldav-GET.php b/inc/caldav-GET.php index 6b1e1b1c..a65fa9b5 100644 --- a/inc/caldav-GET.php +++ b/inc/caldav-GET.php @@ -23,10 +23,10 @@ if ( $request->IsCollection() ) { * The CalDAV specification does not define GET on a collection, but typically this is * used as a .ics download for the whole collection, which is what we do also. */ - $qry = new PgQuery( "SELECT caldav_data, class, caldav_type, calendar_item.user_no, get_permissions($session->user_no,caldav_data.user_no) as permissions FROM caldav_data LEFT JOIN calendar_item USING ( dav_name ) WHERE caldav_data.user_no = ? AND caldav_data.dav_name ~ ? $privacy_clause ORDER BY caldav_data.user_no, caldav_data.dav_name, caldav_data.created;", $request->user_no, $request->path.'[^/]+$'); + $qry = new PgQuery( "SELECT caldav_data, class, caldav_type, calendar_item.user_no FROM caldav_data LEFT JOIN calendar_item USING ( dav_name ) WHERE caldav_data.user_no = ? AND caldav_data.dav_name ~ ? $privacy_clause ORDER BY caldav_data.user_no, caldav_data.dav_name, caldav_data.created;", $request->user_no, $request->path.'[^/]+$'); } else { - $qry = new PgQuery( "SELECT caldav_data, caldav_data.dav_etag, class, caldav_type, calendar_item.user_no, get_permissions($session->user_no,caldav_data.user_no) as permissions FROM caldav_data LEFT JOIN calendar_item USING ( dav_name ) WHERE caldav_data.user_no = ? AND caldav_data.dav_name = ? $privacy_clause;", $request->user_no, $request->path); + $qry = new PgQuery( "SELECT caldav_data, caldav_data.dav_etag, class, caldav_type, calendar_item.user_no FROM caldav_data LEFT JOIN calendar_item USING ( dav_name ) WHERE caldav_data.user_no = ? AND caldav_data.dav_name = ? $privacy_clause;", $request->user_no, $request->path); } dbg_error_log("get", "%s", $qry->querystring ); if ( $qry->Exec("GET") && $qry->rows == 1 ) { @@ -54,7 +54,7 @@ else if ( $qry->rows > 1 ) { $ical = new iCalendar( array( "icalendar" => $event->caldav_data ) ); $timezones[$ical->Get("TZID")] = 1; - if ( !is_numeric(strpos($event->permissions,'A')) && $session->user_no != $event->user_no ){ + if ( !$request->AllowedTo('all') && $session->user_no != $event->user_no ){ // the user is not admin / owner of this calendarlooking at his calendar and can not admin the other cal if ( $event->class == 'CONFIDENTIAL' ) { // if the event is confidential we fake one that just says "Busy"