Beispiel #1
0
}
if (!$dav_resource->Exists() && !$dav_resource->HavePrivilegeTo('DAV::bind')) {
    $request->DoResponse(403);
}
if (!ini_get('open_basedir') && (isset($c->dbg['ALL']) || isset($c->dbg['put']) && $c->dbg['put'])) {
    $fh = fopen('/tmp/PUT.txt', 'w');
    if ($fh) {
        fwrite($fh, $request->raw_post);
        fclose($fh);
    }
}
include_once 'caldav-PUT-functions.php';
controlRequestContainer($dav_resource->GetProperty('username'), $dav_resource->GetProperty('user_no'), $dav_resource->bound_from(), true);
$lock_opener = $request->FailIfLocked();
if ($dav_resource->IsCollection()) {
    if ($dav_resource->IsPrincipal() || $dav_resource->IsBinding() || !isset($c->readonly_webdav_collections) || $c->readonly_webdav_collections == true) {
        $request->DoResponse(405);
        // Method not allowed
        return;
    }
    $appending = isset($_GET['mode']) && $_GET['mode'] == 'append';
    /**
     * CalDAV does not define the result of a PUT on a collection.  We treat that
     * as an import. The code is in caldav-PUT-functions.php
     */
    import_collection($request->raw_post, $request->user_no, $request->path, true, $appending);
    $request->DoResponse(200);
    return;
}
$etag = md5($request->raw_post);
$ic = new iCalComponent($request->raw_post);
Beispiel #2
0
}
function rollback($response_code = 412)
{
    global $request;
    $qry = new AwlQuery('ROLLBACK');
    $qry->Exec('move');
    // Just in case
    $request->DoResponse($response_code);
    // And we don't return from that.
}
$qry = new AwlQuery('BEGIN');
if (!$qry->Exec('move')) {
    rollback(500);
}
$src_name = $src->dav_name();
$dst_name = $dest->IsBinding() ? $dest->bound_from() : $dest->dav_name();
$src_collection = $src->GetProperty('collection_id');
$dst_collection = $dest->GetProperty('collection_id');
$src_user_no = $src->GetProperty('user_no');
$dst_user_no = $dest->GetProperty('user_no');
$cache = getCacheInstance();
$cachekeys = array();
if ($src->IsCollection()) {
    $cachekeys[] = ($src->ContainerType() == 'principal' ? 'principal' : 'collection') . '-' . $src->parent_path();
    $cachekeys[] = ($src->IsPrincipal() == 'principal' ? 'principal' : 'collection') . '-' . $src->dav_name();
    $cachekeys[] = ($src->IsPrincipal() ? 'principal' : 'collection') . '-' . $dest->dav_name();
    if ($dest->Exists()) {
        $qry = new AwlQuery('DELETE FROM collection WHERE dav_name = :dst_name', array(':dst_name' => $dst_name));
        if (!$qry->Exec('move')) {
            rollback(500);
        }
Beispiel #3
0
            $request->DoResponse(500, translate('Database Error'));
        }
        fetch_external($row->bind_id, '');
        $request->DoResponse(201);
    } else {
        $request->DoResponse(500, translate('Database Error'));
    }
} else {
    $source = new DAVResource($href);
    if (!$source->Exists()) {
        $request->PreconditionFailed(403, 'DAV::bind-source-exists', translate('The BIND Request MUST identify an existing resource.'));
    }
    if ($source->IsPrincipal() || !$source->IsCollection()) {
        $request->PreconditionFailed(403, 'DAV::binding-allowed', translate('DAViCal only allows BIND requests for collections at present.'));
    }
    if ($source->IsBinding()) {
        $source = new DAVResource($source->bound_from());
    }
    /*
      bind_id INT8 DEFAULT nextval('dav_id_seq') PRIMARY KEY,
      bound_source_id INT8 REFERENCES collection(collection_id) ON UPDATE CASCADE ON DELETE CASCADE,
      access_ticket_id TEXT REFERENCES access_ticket(ticket_id) ON UPDATE CASCADE ON DELETE SET NULL,
      parent_container TEXT NOT NULL,
      dav_name TEXT UNIQUE NOT NULL,
      dav_displayname TEXT,
      external_url TEXT,
      type TEXT
    */
    $sql = 'INSERT INTO dav_binding ( bound_source_id, access_ticket_id, dav_owner_id, parent_container, dav_name, dav_displayname )
  VALUES( :target_id, :ticket_id, :session_principal, :parent_container, :dav_name, :displayname )';
    $params = array(':target_id' => $source->GetProperty('collection_id'), ':ticket_id' => isset($request->ticket) ? $request->ticket->id() : null, ':parent_container' => $parent->dav_name(), ':session_principal' => $session->principal_id, ':dav_name' => $destination_path, ':displayname' => $source->GetProperty('displayname'));
Beispiel #4
0
<?php

/**
* CalDAV Server - handle PROPPATCH method
*
* @package   davical
* @subpackage   caldav
* @author    Andrew McMillan <*****@*****.**>
* @copyright Morphoss Ltd - http://www.morphoss.com/
* @license   http://gnu.org/copyleft/gpl.html GNU GPL v2
*/
dbg_error_log("PROPPATCH", "method handler");
require_once 'iCalendar.php';
require_once 'DAVResource.php';
$dav_resource = new DAVResource($request->path);
if (!($dav_resource->HavePrivilegeTo('DAV::write-properties') || $dav_resource->IsBinding())) {
    $request->DoResponse(403);
}
$position = 0;
$xmltree = BuildXMLTree($request->xml_tags, $position);
// echo $xmltree->Render();
if ($xmltree->GetTag() != "DAV::propertyupdate") {
    $request->DoResponse(403);
}
/**
* Find the properties being set, and the properties being removed
*/
$setprops = $xmltree->GetPath("/DAV::propertyupdate/DAV::set/DAV::prop/*");
$rmprops = $xmltree->GetPath("/DAV::propertyupdate/DAV::remove/DAV::prop/*");
/**
* We build full status responses for failures.  For success we just record
Beispiel #5
0
    if ($qry->QDo("SELECT write_sync_change(collection_id, 404, caldav_data.dav_name) FROM caldav_data WHERE collection_id = :collection_id", $params) && $qry->QDo("DELETE FROM property WHERE dav_name LIKE (SELECT dav_name FROM collection WHERE collection_id = :collection_id) || '%'", $params) && $qry->QDo("DELETE FROM locks WHERE dav_name LIKE (SELECT dav_name FROM collection WHERE collection_id = :collection_id) || '%'", $params) && $qry->QDo("DELETE FROM caldav_data WHERE collection_id = :collection_id", $params) && $qry->QDo("DELETE FROM collection WHERE collection_id = :collection_id", $params)) {
        @dbg_error_log("DELETE", "DELETE (collection): User: %d, ETag: %s, Path: %s", $session->user_no, $request->etag_if_match, $request->path);
        return true;
    }
    return false;
}
if (!$dav_resource->Exists()) {
    $request->DoResponse(404);
}
if (!($dav_resource->resource_id() > 0)) {
    $request->DoResponse(403);
}
$qry = new AwlQuery();
$qry->Begin();
if ($dav_resource->IsCollection()) {
    if ($dav_resource->IsBinding()) {
        $params = array(':dav_name' => $dav_resource->dav_name());
        if ($qry->QDo("DELETE FROM dav_binding WHERE dav_name = :dav_name", $params) && $qry->Commit()) {
            @dbg_error_log("DELETE", "DELETE: Binding: %d, ETag: %s, Path: %s", $session->user_no, $request->etag_if_match, $request->path);
            $request->DoResponse(204);
        }
    } else {
        if (delete_collection($dav_resource->resource_id()) && $qry->Commit()) {
            // Uncache anything to do with the collection
            $cache = getCacheInstance();
            $cache->delete('collection-' . $dav_resource->dav_name(), null);
            $request->DoResponse(204);
        }
    }
} else {
    if (isset($request->etag_if_match) && $request->etag_if_match != $dav_resource->unique_tag()) {
/**
* CalDAV Server - handle PROPPATCH method
*
* @package   davical
* @subpackage   caldav
* @author    Andrew McMillan <*****@*****.**>
* @copyright Morphoss Ltd - http://www.morphoss.com/
* @license   http://gnu.org/copyleft/gpl.html GNU GPL v2
*/
dbg_error_log("PROPPATCH", "method handler");
require_once 'vCalendar.php';
require_once 'DAVResource.php';
$dav_resource = new DAVResource($request->path);
if (!$dav_resource->HavePrivilegeTo('DAV::write-properties')) {
    $parent = $dav_resource->GetParentContainer();
    if (!$dav_resource->IsBinding() || !$parent->HavePrivilegeTo('DAV::write')) {
        $request->PreconditionFailed(403, 'DAV::write-properties', 'You do not have permission to write properties to that resource');
    }
}
$position = 0;
$xmltree = BuildXMLTree($request->xml_tags, $position);
// echo $xmltree->Render();
if ($xmltree->GetNSTag() != "DAV::propertyupdate") {
    $request->PreconditionFailed(403, 'DAV::propertyupdate', 'XML request did not contain a &lt;propertyupdate&gt; tag');
}
/**
* Find the properties being set, and the properties being removed
*/
$setprops = $xmltree->GetPath("/DAV::propertyupdate/DAV::set/DAV::prop/*");
$rmprops = $xmltree->GetPath("/DAV::propertyupdate/DAV::remove/DAV::prop/*");
/**