// if it ends in * a trailing '/' then it is referring to a DAV 'collection' but otherwise * it is referring to a DAV data item. * * Permissions are controlled as follows: * 1. if there is no component, the request has read privileges * 2. if the requester is an admin, the request has read/write priviliges * 3. if there is a component which matches the logged on user * then the request has read/write privileges * 4. otherwise we query the defined relationships between users and use * the maximum privileges returned from that analysis. */ $path_split = preg_split('#/+#', $_SERVER['PATH_INFO'] ); dbg_log_array("ics", "PATH", $path_split, true ); $permissions = array(); unset($path_user_no); unset($path_username); if ( $session->AllowedTo("Admin") ) { $permissions = array('read' => 1 ); } if ( isset($path_split[1]) && $path_split[1] != '' ) { $path_username = $path_split[1]; dbg_error_log( "ics", "It appears that we have a reasonable path for this.", $path_username ); $qry = new PgQuery( "SELECT * FROM usr WHERE username = ?;", $path_username ); if ( $qry->Exec("caldav") && $path_user_record = $qry->Fetch() ) { $path_user_no = $path_user_record->user_no; } if ( $session->AllowedTo("Admin") || $session->user_no == $path_user_no ) { $permissions = array('read' => 1 ); } else { /** * We need to query the database for permissions */ } } header("Content-type: text/plain"); if ( !isset($path_username) && ! $session->AllowedTo("Admin") ) { header('HTTP/1.0 401 Unauthorized'); printf( "You may not request a summarised set of all calendar information." ); dbg_error_log( "ics", "User '%s' attempted a request for %s which would be all calendar information.", $session->username, $_SERVER['PATH_INFO'] ); } elseif ( isset($permissions['read']) ) { $results = iCalendar::iCalHeader(); $qry = new PgQuery( "SELECT * FROM caldav_data INNER JOIN calendar_item USING(user_no, dav_name)" ); if ( $qry->Exec("ics") && $qry->rows > 0 ) { while( $resource = $qry->Fetch() ) { $item = new iCalendar( array('icalendar' => $resource->caldav_data) ); $results .= $item->JustThisBitPlease('VEVENT', 99999); $results .= $item->JustThisBitPlease('VTODO', 99999); $results .= $item->JustThisBitPlease('VJOURNAL', 99999); } } $results .= iCalendar::iCalFooter(); print $results; } else { header('HTTP/1.0 401 Unauthorized'); header("Content-type: text/plain"); printf( "User '%s' does not have rights to that calendar information.", $session->username ); dbg_error_log( "ics", "User '%s' does not have rights to that calendar information.", $session->username ); exit; } ?>