nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-05-31 03:34:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,705 Commits 11 Branches 63 Tags 15 MiB
Commit Graph

1942 Commits

Author SHA1 Message Date
Florian Schlichting
bbea62d288 Merge branch 'server-array-upper' into 'master' 
Convert array keys for $_SERVER to uppercase

See merge request !38
 2017-04-24 21:59:08 +00:00
Jan Losinski
b5072dd154 Set the user agent string for external calendars 2017-04-24 21:20:34 +00:00
Florian Schlichting
a16dfc7c41 cardquery: query limit can be used independently of any query filter 2017-04-24 22:31:32 +02:00
Florian Schlichting
76e540fb0a cardquery: typo, ends-with has wildcard in front 2017-04-24 22:30:53 +02:00
Florian Schlichting
29e2dbfe92 cardquery: a prop-filter without an actual filter rule means we simply need to ensure the property exists 
This guards against a crash when calling ->GetNSTag() on a non-object.

This may need to be refined in case we could be dealing with something
that's not a prop-filter.
 2017-04-24 22:25:18 +02:00
Jan Losinski
e97c9674e9 Convert array keys for $_SERVER to uppercase 
It seems to be the case, that array indicies in $_SERVER are always
uppercase. Sadly I could not find any documentation of this but at
least with mod_php it is the case. Also a extensive search on github
projects seems to support this thesis.

On my installation the 'X-FORWARDED-PROTO' is even then uppercase when
its mixed case in the Header provided by the reverse proxy.

Signed-off-by: Jan Losinski <losinski@wh2.tu-dresden.de>
 2017-04-13 03:00:36 +02:00
Florian Schlichting
06e20e5508 dont send early exceptions to the client only, leave a trace in the error log too 2017-04-08 16:43:21 +02:00
Florian Schlichting
323292eb8c log an error instead of crashing on principal-property-search REPORT without a proper match clause (fix #114) 2017-04-08 14:41:50 +02:00
Florian Schlichting
e94d69d3f7 do not output unescaped XML special characters in if-match error message (fixes: #113) 2017-04-08 13:54:49 +02:00
Rik Theys
e0b8ecada5 Fix modified mapping (fix #108) 
The checks to test if a "modified" attribute was found in the
$valid array used in_array, which fails.

Replace this with array_key_exists calls.

This fixes https://gitlab.com/davical-project/davical/issues/108

[ $mapping['modified'] is a key in $valid, not a value. This is a
regression introduced in 970b61ac, for 1.1.5 ]
 2017-04-08 00:09:50 +02:00
Scott Balneaves
8313f765ce Only list active principals in grant selection 
modified as per Andrew McMillan's suggestion
 2017-04-07 15:09:53 +02:00
Scott Balneaves
8052111635 modify hide_older_than logic to allow through recurring events (fixes #103, !36) 2017-04-07 15:08:10 +02:00
Florian Schlichting
1c174f4b78 fix sync of deleted events when hide_todo is set (fixes #100) 
thanks Jerome Borsboom @hinotori
 2017-04-07 14:29:42 +02:00
Florian Schlichting
4cf6628ea5 cannot-modify-protected-property should be used with 403 Forbidden, not 409 Conflict 
see the end of https://tools.ietf.org/html/rfc4918#section-16 (WebDAV,
Precondition/Postcondition XML Elements)
 2017-03-29 11:22:44 +02:00
Florian Schlichting
fb4f80d4c1 do not put two sets of angle brackets around cannot-modify-protected-property error tag (fixes #112) 2017-03-29 11:20:35 +02:00
Florian Schlichting
f1ca12bbe9 Fix display of deactivated users after LDAP sync to not include those in $c->do_not_sync_from_ldap 
...thus reducing the rate of heart attacks in DAViCal admins.

Also: ignore empty user objects that my LDAP server seems to generate.
 2017-03-27 16:56:34 +02:00
Florian Schlichting
2a84694331 Unbreak locale selection in admin interface 
http://php.net/manual/en/function.setlocale.php says "Different systems
have different naming schemes for locales." This seems to be true for
platforms (eg Win vs. Linux), but on Debian AFAIR locales were always at
least two-part (de_DE), never just one (de). This seems to have been
broken in 504651a3, likely by mistake.

Also, switch locale immediately, even before writing to the database.

BTW, what happens when system default locale is configured to e.g. fr_FR
and the user selects "English" - does that work?
 2017-01-17 23:40:26 +01:00
Florian Schlichting
6edd828803 Fix ldapDriver instantiation 2017-01-17 23:36:05 +01:00
Marc
364bbd1df5 allow admins to manually toggle the uniqueMember fix via config (fix #102) 2017-01-17 23:30:59 +01:00
Florian Schlichting
1335a6117b UI: create internal and external bindings (closes: #90) 2017-01-11 00:13:52 +01:00
Florian Schlichting
93bd6073b1 creating a DAVResource from "/ " loops a lot 2017-01-11 00:10:33 +01:00
Florian Schlichting
0ca04aaa68 UI: do not show tickets unless user has write access; they are like passwords 
Same with external URLs

Also restrict Delete buttons on incoming binds to Admins: these binds
will usually live in other people's namespace, which we should not
alter, and may be restricted to default privileges (e.g. freebusy)
anyway
 2017-01-11 00:10:21 +01:00
Florian Schlichting
ab7dad057d UI: use ExtraRowFormat to fix tooltip on action rows / buttons 2017-01-10 22:14:42 +01:00
Florian Schlichting
2c11535eb0 use secure URIs where possible 2017-01-08 15:48:52 +01:00
Florian Schlichting
fd36a1f5a5 destroy LSID cookie when actively hitting "Logout" (fixes #56, Debian #703138) 2017-01-08 02:12:22 +01:00
Florian Schlichting
93d3b6daba remove logout button when the webserver does auth, or use a configured logout URL (fixes #67, Debian #703130) 2017-01-08 02:08:13 +01:00
Florian Schlichting
202542dc1b updates for bulk addressbook import 2017-01-07 02:17:29 +01:00
Florian Schlichting
e245b8d1fb support for bulk addressbook import (thanks Jorge Lpez Prez) - fixes #74 2017-01-06 16:06:11 +01:00
Florian Schlichting
4d689f8539 Create configured default relationships from all drivers as well as for internal auth (closes: #75) 
previously, this was only usable with the LDAP driver
 2017-01-06 16:06:11 +01:00
Florian Schlichting
2c0c65d08a add optional support for X-Forwarded-Proto etc (closes: #87) 
Modify the relevant $_SERVER variables directly, as we're using them in
various places in davical and awl.
 2017-01-06 16:06:11 +01:00
Florian Schlichting
ad763744f1 fix a typo, add a debug statement 
WriteAddressbookMember doesn't exist, but as far as I can see it is only
referenced from WriteMember, which itself isn't used anywhere...
 2017-01-06 15:04:59 +01:00
Florian Schlichting
78669a3078 delete obsolete entries when updating addressbooks as external resources (see comment on !34) 2017-01-05 11:55:15 +01:00
Florian Schlichting
81e404264f Merge branch 'addressbook_sync_token' into 'master' 
Allow updating addressbooks as external resources. (Closes #93)

Closes #93

See merge request !34
 2017-01-05 10:31:11 +00:00
Florian Schlichting
c71bf2511e fix expand-property "group-member-set" on calendar-proxy-write URL (closes: #88) 2017-01-04 22:32:58 +01:00
Florian Schlichting
e7c43a0689 fix infinite loop when finding delegates (closes #48) 2017-01-04 20:52:03 +01:00
Florian Schlichting
adce3f48a9 provide a .ics download link in collection view and document $c->get_includes_subcollections 2017-01-02 21:57:41 +01:00
Florian Schlichting
c305bef787 $principal->fullname is not a method (fixes #101) 2017-01-01 12:35:45 +01:00
Florian Schlichting
bd9d5eacf2 $session: document ->username, actually implement ->fullname 2016-12-31 15:15:33 +01:00
Florian Schlichting
fc78600e64 Allow deletion of collections, tickets, bindings of principals to whom you have write access (closes: #47) 
Previously, only the Admin or the principal herself could delete a
collection. Deletion is immediate and irreversible, so there is a risk
in allowing this. But it doesn't make sense to allow the creation of a
test collection and then block the subsequent clean-up.
 2016-12-30 21:43:29 +01:00
Florian Schlichting
c0a2d6a7ee do not show edit buttons on admin pages when not allowed to edit 2016-12-30 18:47:46 +01:00
Florian Schlichting
fcace79813 display an error message when not allowed to delete something on the admin page 2016-12-30 16:25:53 +01:00
Florian Schlichting
f24c62531a inc/ui/collection-edit.php: display only privileges applicable for collections 2016-12-30 08:54:28 +01:00
Florian Schlichting
404d9ab449 fix remaining apigen errors (duplicate function names etc) 2016-12-30 08:54:24 +01:00
Florian Schlichting
7cadfc9463 lets have only one function check_for_expansion() 2016-12-30 08:54:19 +01:00
Florian Schlichting
eaef540766 replace RRule with RRule-v2 2016-12-30 08:54:14 +01:00
Florian Schlichting
2a64f0be84 clean up apigen errors (closes: #85) 2016-12-30 08:54:10 +01:00
Florian Schlichting
701feb6143 drivers_*: brush up apidoc 2016-12-30 08:54:05 +01:00
Florian Schlichting
f4fd23ed3c drivers_rimap: update similar to drivers_imap_pam 2016-12-30 08:53:59 +01:00
Florian Schlichting
1393c30390 migrate away from deprecated auth functions, warn more aggressively 2016-12-30 08:53:51 +01:00
Florian Schlichting
8639f08d45 RFC7240: "Prefer: return=minimal" 
"return-minimal" was current up to and including draft -15
 2016-12-30 08:53:31 +01:00