/** * 'beforeMethod' event handles. This event handles intercepts GET requests ending * with ?export * * @param string $method * @param string $uri * @return bool */ public function beforeMethod($method, $uri) { if ($method != 'GET') { return; } if ($this->server->httpRequest->getQueryString() != 'export') { return; } // splitting uri list($uri) = explode('?', $uri, 2); $node = $this->server->tree->getNodeForPath($uri); if (!$node instanceof Sabre_CalDAV_Calendar) { return; } // Checking ACL, if available. if ($aclPlugin = $this->server->getPlugin('acl')) { $aclPlugin->checkPrivileges($uri, '{DAV:}read'); } $this->server->httpResponse->setHeader('Content-Type', 'text/calendar'); $this->server->httpResponse->sendStatus(200); $nodes = $this->server->getPropertiesForPath($uri, array('{' . Sabre_CalDAV_Plugin::NS_CALDAV . '}calendar-data'), 1); $this->server->httpResponse->sendBody($this->generateICS($nodes)); // Returning false to break the event chain return false; }
function testInit() { $fakeServer = new Sabre_DAV_Server(new Sabre_DAV_ObjectTree(new Sabre_DAV_SimpleDirectory('bla'))); $plugin = new Sabre_DAV_Auth_Plugin(new Sabre_DAV_Auth_MockBackend(), 'realm'); $this->assertTrue($plugin instanceof Sabre_DAV_Auth_Plugin); $fakeServer->addPlugin($plugin); $this->assertEquals($plugin, $fakeServer->getPlugin('auth')); }
/** * Returns the standard users' principal. * * This is one authorative principal url for the current user. * This method will return null if the user wasn't logged in. * * @return string|null */ public function getCurrentUserPrincipal() { $authPlugin = $this->server->getPlugin('auth'); if (is_null($authPlugin)) { return null; } $userName = $authPlugin->getCurrentUser(); if (!$userName) { return null; } return $this->defaultUsernamePath . '/' . $userName; }
function getServer() { $tree = array(new Sabre_DAVACL_MockPropertyNode('node1', array('{http://sabredav.org/ns}simple' => 'foo', '{http://sabredav.org/ns}href' => new Sabre_DAV_Property_Href('node2'), '{DAV:}displayname' => 'Node 1')), new Sabre_DAVACL_MockPropertyNode('node2', array('{http://sabredav.org/ns}simple' => 'simple', '{http://sabredav.org/ns}hreflist' => new Sabre_DAV_Property_HrefList(array('node1', 'node3')), '{DAV:}displayname' => 'Node 2')), new Sabre_DAVACL_MockPropertyNode('node3', array('{http://sabredav.org/ns}simple' => 'simple', '{DAV:}displayname' => 'Node 3'))); $fakeServer = new Sabre_DAV_Server($tree); $fakeServer->debugExceptions = true; $fakeServer->httpResponse = new Sabre_HTTP_ResponseMock(); $plugin = new Sabre_DAVACL_Plugin(); $plugin->allowAccessToNodesWithoutACL = true; $this->assertTrue($plugin instanceof Sabre_DAVACL_Plugin); $fakeServer->addPlugin($plugin); $this->assertEquals($plugin, $fakeServer->getPlugin('acl')); return $fakeServer; }
function getServer() { $backend = new Sabre_DAV_Auth_MockBackend(); $dir = new Sabre_DAV_SimpleDirectory('root'); $principals = new Sabre_DAV_Auth_PrincipalCollection($backend); $dir->addChild($principals); $fakeServer = new Sabre_DAV_Server(new Sabre_DAV_ObjectTree($dir)); $fakeServer->httpResponse = new Sabre_HTTP_ResponseMock(); $plugin = new Sabre_DAV_Auth_Plugin($backend, 'realm'); $this->assertTrue($plugin instanceof Sabre_DAV_Auth_Plugin); $fakeServer->addPlugin($plugin); $this->assertEquals($plugin, $fakeServer->getPlugin('Sabre_DAV_Auth_Plugin')); return $fakeServer; }
/** * This method is responsible for parsing the request and generating the * response for the CALDAV:free-busy-query REPORT. * * @param DOMNode $dom * @return void */ protected function freeBusyQueryReport(DOMNode $dom) { $start = null; $end = null; foreach ($dom->firstChild->childNodes as $childNode) { $clark = Sabre_DAV_XMLUtil::toClarkNotation($childNode); if ($clark == '{' . self::NS_CALDAV . '}time-range') { $start = $childNode->getAttribute('start'); $end = $childNode->getAttribute('end'); break; } } if ($start) { $start = Sabre_VObject_DateTimeParser::parseDateTime($start); } if ($end) { $end = Sabre_VObject_DateTimeParser::parseDateTime($end); } if (!$start && !$end) { throw new Sabre_DAV_Exception_BadRequest('The freebusy report must have a time-range filter'); } $acl = $this->server->getPlugin('acl'); if (!$acl) { throw new Sabre_DAV_Exception('The ACL plugin must be loaded for free-busy queries to work'); } $uri = $this->server->getRequestUri(); $acl->checkPrivileges($uri, '{' . self::NS_CALDAV . '}read-free-busy'); $calendar = $this->server->tree->getNodeForPath($uri); if (!$calendar instanceof Sabre_CalDAV_ICalendar) { throw new Sabre_DAV_Exception_NotImplemented('The free-busy-query REPORT is only implemented on calendars'); } $objects = array_map(function ($child) { $obj = $child->get(); if (is_resource($obj)) { $obj = stream_get_contents($obj); } return $obj; }, $calendar->getChildren()); $generator = new Sabre_VObject_FreeBusyGenerator(); $generator->setObjects($objects); $generator->setTimeRange($start, $end); $result = $generator->getResult(); $result = $result->serialize(); $this->server->httpResponse->sendStatus(200); $this->server->httpResponse->setHeader('Content-Type', 'text/calendar'); $this->server->httpResponse->setHeader('Content-Length', strlen($result)); $this->server->httpResponse->sendBody($result); }
function getServer() { $backend = new Sabre_DAVACL_MockPrincipalBackend(); $dir = new Sabre_DAV_SimpleDirectory('root'); $principals = new Sabre_DAVACL_PrincipalCollection($backend); $dir->addChild($principals); $fakeServer = new Sabre_DAV_Server(new Sabre_DAV_ObjectTree($dir)); $fakeServer->httpResponse = new Sabre_HTTP_ResponseMock(); $fakeServer->debugExceptions = true; $plugin = new Sabre_DAVACL_MockPlugin($backend, 'realm'); $plugin->allowAccessToNodesWithoutACL = true; $this->assertTrue($plugin instanceof Sabre_DAVACL_Plugin); $fakeServer->addPlugin($plugin); $this->assertEquals($plugin, $fakeServer->getPlugin('acl')); return $fakeServer; }
/** * Returns free-busy information for a specific address. The returned * data is an array containing the following properties: * * calendar-data : A VFREEBUSY VObject * request-status : an iTip status code. * href: The principal's email address, as requested * * The following request status codes may be returned: * * 2.0;description * * 3.7;description * * @param string $email address * @param DateTime $start * @param DateTime $end * @param Sabre_VObject_Component $request * @return Sabre_VObject_Component */ protected function getFreeBusyForEmail($email, DateTime $start, DateTime $end, VObject\Component $request) { $caldavNS = '{' . Sabre_CalDAV_Plugin::NS_CALDAV . '}'; $aclPlugin = $this->server->getPlugin('acl'); if (substr($email, 0, 7) === 'mailto:') { $email = substr($email, 7); } $result = $aclPlugin->principalSearch(array('{http://sabredav.org/ns}email-address' => $email), array('{DAV:}principal-URL', $caldavNS . 'calendar-home-set', '{http://sabredav.org/ns}email-address')); if (!count($result)) { return array('request-status' => '3.7;Could not find principal', 'href' => 'mailto:' . $email); } if (!isset($result[0][200][$caldavNS . 'calendar-home-set'])) { return array('request-status' => '3.7;No calendar-home-set property found', 'href' => 'mailto:' . $email); } $homeSet = $result[0][200][$caldavNS . 'calendar-home-set']->getHref(); // Grabbing the calendar list $objects = array(); foreach ($this->server->tree->getNodeForPath($homeSet)->getChildren() as $node) { if (!$node instanceof Sabre_CalDAV_ICalendar) { continue; } $aclPlugin->checkPrivileges($homeSet . $node->getName(), $caldavNS . 'read-free-busy'); // Getting the list of object uris within the time-range $urls = $node->calendarQuery(array('name' => 'VCALENDAR', 'comp-filters' => array(array('name' => 'VEVENT', 'comp-filters' => array(), 'prop-filters' => array(), 'is-not-defined' => false, 'time-range' => array('start' => $start, 'end' => $end))), 'prop-filters' => array(), 'is-not-defined' => false, 'time-range' => null)); $calObjects = array_map(function ($url) use($node) { $obj = $node->getChild($url)->get(); return $obj; }, $urls); $objects = array_merge($objects, $calObjects); } $vcalendar = VObject\Component::create('VCALENDAR'); $vcalendar->VERSION = '2.0'; $vcalendar->METHOD = 'REPLY'; $vcalendar->CALSCALE = 'GREGORIAN'; $vcalendar->PRODID = '-//SabreDAV//SabreDAV ' . Sabre_DAV_Version::VERSION . '//EN'; $generator = new VObject\FreeBusyGenerator(); $generator->setObjects($objects); $generator->setTimeRange($start, $end); $generator->setBaseObject($vcalendar); $result = $generator->getResult(); $vcalendar->VFREEBUSY->ATTENDEE = 'mailto:' . $email; $vcalendar->VFREEBUSY->UID = (string) $request->VFREEBUSY->UID; $vcalendar->VFREEBUSY->ORGANIZER = clone $request->VFREEBUSY->ORGANIZER; return array('calendar-data' => $result, 'request-status' => '2.0;Success', 'href' => 'mailto:' . $email); }
/** * Returns free-busy information for a specific address. The returned * data is an array containing the following properties: * * calendar-data : A VFREEBUSY VObject * request-status : an iTip status code. * href: The principal's email address, as requested * * The following request status codes may be returned: * * 2.0;description * * 3.7;description * * @param string $email address * @param DateTime $start * @param DateTime $end * @param Sabre_VObject_Component $request * @return Sabre_VObject_Component */ protected function getFreeBusyForEmail($email, DateTime $start, DateTime $end, Sabre_VObject_Component $request) { $caldavNS = '{' . Sabre_CalDAV_Plugin::NS_CALDAV . '}'; $aclPlugin = $this->server->getPlugin('acl'); if (substr($email, 0, 7) === 'mailto:') { $email = substr($email, 7); } $result = $aclPlugin->principalSearch(array('{http://sabredav.org/ns}email-address' => $email), array('{DAV:}principal-URL', $caldavNS . 'calendar-home-set', '{http://sabredav.org/ns}email-address')); if (!count($result)) { return array('request-status' => '3.7;Could not find principal', 'href' => 'mailto:' . $email); } if (!isset($result[0][200][$caldavNS . 'calendar-home-set'])) { return array('request-status' => '3.7;No calendar-home-set property found', 'href' => 'mailto:' . $email); } $homeSet = $result[0][200][$caldavNS . 'calendar-home-set']->getHref(); $calendars = array(); // Grabbing the calendar list $props = array('{DAV:}resourcetype'); $objects = array(); foreach ($this->server->tree->getNodeForPath($homeSet)->getChildren() as $node) { if (!$node instanceof Sabre_CalDAV_ICalendar) { continue; } $aclPlugin->checkPrivileges($homeSet . $node->getName(), $caldavNS . 'read-free-busy'); $calObjects = array_map(function ($child) { $obj = $child->get(); return $obj; }, $node->getChildren()); $objects = array_merge($objects, $calObjects); } $vcalendar = new Sabre_VObject_Component('VCALENDAR'); $vcalendar->VERSION = '2.0'; $vcalendar->METHOD = 'REPLY'; $vcalendar->CALSCALE = 'GREGORIAN'; $vcalendar->PRODID = '-//SabreDAV//SabreDAV ' . Sabre_DAV_Version::VERSION . '//EN'; $generator = new Sabre_VObject_FreeBusyGenerator(); $generator->setObjects($objects); $generator->setTimeRange($start, $end); $generator->setBaseObject($vcalendar); $result = $generator->getResult(); $vcalendar->VFREEBUSY->ATTENDEE = 'mailto:' . $email; $vcalendar->VFREEBUSY->UID = (string) $request->VFREEBUSY->UID; return array('calendar-data' => $result, 'request-status' => '2.0;Success', 'href' => 'mailto:' . $email); }
function testACLIntegrationNotBlocked() { if (!SABRE_HASSQLITE) { $this->markTestSkipped('SQLite driver is not available'); } $cbackend = Sabre_CalDAV_TestUtil::getBackend(); $pbackend = new Sabre_DAVACL_MockPrincipalBackend(); $props = array('uri' => 'UUID-123467', 'principaluri' => 'admin', 'id' => 1); $tree = array(new Sabre_CalDAV_Calendar($pbackend, $cbackend, $props), new Sabre_DAVACL_PrincipalCollection($pbackend)); $p = new Sabre_CalDAV_ICSExportPlugin(); $s = new Sabre_DAV_Server($tree); $s->addPlugin($p); $s->addPlugin(new Sabre_CalDAV_Plugin()); $s->addPlugin(new Sabre_DAVACL_Plugin()); $s->addPlugin(new Sabre_DAV_Auth_Plugin(new Sabre_DAV_Auth_MockBackend(), 'SabreDAV')); // Forcing login $s->getPlugin('acl')->adminPrincipals = array('principals/admin'); $h = new Sabre_HTTP_Request(array('QUERY_STRING' => 'export', 'REQUEST_URI' => '/UUID-123467', 'REQUEST_METHOD' => 'GET')); $s->httpRequest = $h; $s->httpResponse = new Sabre_HTTP_ResponseMock(); $s->exec(); $this->assertEquals('HTTP/1.1 200 OK', $s->httpResponse->status, 'Invalid status received. Response body: ' . $s->httpResponse->body); $this->assertEquals(array('Content-Type' => 'text/calendar'), $s->httpResponse->headers); $obj = Sabre_VObject_Reader::read($s->httpResponse->body); $this->assertEquals(5, count($obj->children())); $this->assertEquals(1, count($obj->VERSION)); $this->assertEquals(1, count($obj->CALSCALE)); $this->assertEquals(1, count($obj->PRODID)); $this->assertEquals(1, count($obj->VTIMEZONE)); $this->assertEquals(1, count($obj->VEVENT)); }
/** * This event is triggered when the server didn't know how to handle a * certain request. * * We intercept this to handle POST requests on calendars. * * @param string $method * @param string $uri * @return null|bool */ public function unknownMethod($method, $uri) { if ($method !== 'POST') { return; } // Only handling xml $contentType = $this->server->httpRequest->getHeader('Content-Type'); if (strpos($contentType, 'application/xml') === false && strpos($contentType, 'text/xml') === false) { return; } // Making sure the node exists try { $node = $this->server->tree->getNodeForPath($uri); } catch (Sabre_DAV_Exception_NotFound $e) { return; } $requestBody = $this->server->httpRequest->getBody(true); // If this request handler could not deal with this POST request, it // will return 'null' and other plugins get a chance to handle the // request. // // However, we already requested the full body. This is a problem, // because a body can only be read once. This is why we preemptively // re-populated the request body with the existing data. $this->server->httpRequest->setBody($requestBody); $dom = Sabre_DAV_XMLUtil::loadDOMDocument($requestBody); $documentType = Sabre_DAV_XMLUtil::toClarkNotation($dom->firstChild); switch ($documentType) { // Dealing with the 'share' document, which modified invitees on a // calendar. case '{' . Sabre_CalDAV_Plugin::NS_CALENDARSERVER . '}share': // We can only deal with IShareableCalendar objects if (!$node instanceof Sabre_CalDAV_IShareableCalendar) { return; } // Getting ACL info $acl = $this->server->getPlugin('acl'); // If there's no ACL support, we allow everything if ($acl) { $acl->checkPrivileges($uri, '{DAV:}write'); } $mutations = $this->parseShareRequest($dom); $node->updateShares($mutations[0], $mutations[1]); $this->server->httpResponse->sendStatus(200); // Adding this because sending a response body may cause issues, // and I wanted some type of indicator the response was handled. $this->server->httpResponse->setHeader('X-Sabre-Status', 'everything-went-well'); // Breaking the event chain return false; // The invite-reply document is sent when the user replies to an // invitation of a calendar share. // The invite-reply document is sent when the user replies to an // invitation of a calendar share. case '{' . Sabre_CalDAV_Plugin::NS_CALENDARSERVER . '}invite-reply': // This only works on the calendar-home-root node. if (!$node instanceof Sabre_CalDAV_UserCalendars) { return; } // Getting ACL info $acl = $this->server->getPlugin('acl'); // If there's no ACL support, we allow everything if ($acl) { $acl->checkPrivileges($uri, '{DAV:}write'); } $message = $this->parseInviteReplyRequest($dom); $url = $node->shareReply($message['href'], $message['status'], $message['calendarUri'], $message['inReplyTo'], $message['summary']); $this->server->httpResponse->sendStatus(200); // Adding this because sending a response body may cause issues, // and I wanted some type of indicator the response was handled. $this->server->httpResponse->setHeader('X-Sabre-Status', 'everything-went-well'); if ($url) { $dom = new DOMDocument('1.0', 'UTF-8'); $dom->formatOutput = true; $root = $dom->createElement('cs:shared-as'); foreach ($this->server->xmlNamespaces as $namespace => $prefix) { $root->setAttribute('xmlns:' . $prefix, $namespace); } $dom->appendChild($root); $href = new Sabre_DAV_Property_Href($url); $href->serialize($this->server, $root); $this->server->httpResponse->setHeader('Content-Type', 'application/xml'); $this->server->httpResponse->sendBody($dom->saveXML()); } // Breaking the event chain return false; case '{' . Sabre_CalDAV_Plugin::NS_CALENDARSERVER . '}publish-calendar': // We can only deal with IShareableCalendar objects if (!$node instanceof Sabre_CalDAV_IShareableCalendar) { return; } // Getting ACL info $acl = $this->server->getPlugin('acl'); // If there's no ACL support, we allow everything if ($acl) { $acl->checkPrivileges($uri, '{DAV:}write'); } $node->setPublishStatus(true); // iCloud sends back the 202, so we will too. $this->server->httpResponse->sendStatus(202); // Adding this because sending a response body may cause issues, // and I wanted some type of indicator the response was handled. $this->server->httpResponse->setHeader('X-Sabre-Status', 'everything-went-well'); // Breaking the event chain return false; case '{' . Sabre_CalDAV_Plugin::NS_CALENDARSERVER . '}unpublish-calendar': // We can only deal with IShareableCalendar objects if (!$node instanceof Sabre_CalDAV_IShareableCalendar) { return; } // Getting ACL info $acl = $this->server->getPlugin('acl'); // If there's no ACL support, we allow everything if ($acl) { $acl->checkPrivileges($uri, '{DAV:}write'); } $node->setPublishStatus(false); $this->server->httpResponse->sendStatus(200); // Adding this because sending a response body may cause issues, // and I wanted some type of indicator the response was handled. $this->server->httpResponse->setHeader('X-Sabre-Status', 'everything-went-well'); // Breaking the event chain return false; } }
/** * @param Sabre_DAV_Server $server * @param Sabre_CalDAV_Calendar $calendar * @param string $calendarobject_uri * @param string $with_privilege * @return null|Sabre\VObject\Component\VCalendar */ function dav_get_current_user_calendarobject(&$server, &$calendar, $calendarobject_uri, $with_privilege = "") { $obj = $calendar->getChild($calendarobject_uri); if ($with_privilege == "") { $with_privilege = DAV_ACL_READ; } $a = get_app(); $uri = "/calendars/" . strtolower($a->user["nickname"]) . "/" . $calendar->getName() . "/" . $calendarobject_uri; /** @var Sabre_DAVACL_Plugin $aclplugin */ $aclplugin = $server->getPlugin("acl"); if (!$aclplugin->checkPrivileges($uri, $with_privilege, Sabre_DAVACL_Plugin::R_PARENT, false)) { return null; } $data = $obj->get(); $vObject = Sabre\VObject\Reader::read($data); return $vObject; }