/** * The constructor, which just calls the actual type configured */ function PublicSession() { global $c; $principal = new Principal('username', 'unauthenticated'); // Assign each field in the selected record to the object foreach ($principal as $k => $v) { $this->{$k} = $v; } $this->username = $principal->username(); $this->user_no = $principal->user_no(); $this->principal_id = $principal->principal_id(); $this->email = $principal->email(); $this->dav_name = $principal->dav_name(); $this->principal = $principal; if (function_exists("awl_set_locale") && isset($this->locale) && $this->locale != "") { awl_set_locale($this->locale); } $this->groups = isset($c->public_groups) ? $c->public_groups : array(); $this->roles = array('Public' => true); $this->logged_in = false; }
function __construct($user_no = null) { if (empty($user_no)) { $this->user_no = -1; $this->principal_id = -1; $this->logged_in = false; return; } $this->user_no = $user_no; $principal = new Principal('user_no', $user_no); // Assign each field in the selected record to the object foreach ($principal as $k => $v) { $this->{$k} = $v; } $this->username = $principal->username(); $this->principal_id = $principal->principal_id(); $this->email = $principal->email(); $this->dav_name = $principal->dav_name(); $this->principal = $principal; $this->logged_in = true; }
<?php param_to_global('id', 'int', 'old_id', 'principal_id'); $privilege_names = array('read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set', 'bind', 'unbind', 'write-acl', 'read-free-busy', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy'); $privilege_xlate = array('all' => translate('All privileges'), 'read' => translate('Read'), 'write-properties' => translate('Write Metadata'), 'write-content' => translate('Write Data'), 'unlock' => translate('Override a Lock'), 'read-acl' => translate('Read Access Controls'), 'read-current-user-privilege-set' => translate('Read Current User\'s Access'), 'bind' => translate('Create Events/Collections'), 'unbind' => translate('Delete Events/Collections'), 'write-acl' => translate('Write Access Controls'), 'read-free-busy' => translate('Read Free/Busy Information'), 'schedule-deliver-invite' => translate('Scheduling: Deliver an Invitation'), 'schedule-deliver-reply' => translate('Scheduling: Deliver a Reply'), 'schedule-query-freebusy' => translate('Scheduling: Query free/busy'), 'schedule-send-invite' => translate('Scheduling: Send an Invitation'), 'schedule-send-reply' => translate('Scheduling: Send a Reply'), 'schedule-send-freebusy' => translate('Scheduling: Send free/busy'), 'write' => translate('Write'), 'schedule-deliver' => translate('Scheduling: Delivery'), 'schedule-send' => translate('Scheduling: Sending')); $can_write_principal = $session->AllowedTo('Admin') || $session->principal_id == $id; if (!$can_write_principal && $id > 0) { $target_principal = new Principal('principal_id', $id); $can_write_principal = $session->HavePrivilegeTo('DAV::write', $target_principal->dav_name()); } $delete_collection_confirmation_required = null; $delete_principal_confirmation_required = null; $delete_ticket_confirmation_required = null; $delete_bind_in_confirmation_required = null; $delete_binding_confirmation_required = null; function handle_subaction($subaction) { global $session, $c, $id, $editor; global $delete_collection_confirmation_required; global $delete_principal_confirmation_required; global $delete_ticket_confirmation_required; global $delete_bind_in_confirmation_required; global $delete_binding_confirmation_required; dbg_error_log('admin-principal-edit', ':handle_action: Action %s', $subaction); switch ($subaction) { case 'delete_collection': dbg_error_log('admin-principal-edit', ':handle_action: Deleting collection %s for principal %d', $_GET['dav_name'], $id); if ($session->AllowedTo('Admin') || $id > 0 && $session->principal_id == $id) { if ($session->CheckConfirmationHash('GET', 'confirm')) { dbg_error_log('admin-principal-edit', ':handle_action: Allowed to delete collection %s for principal %d', $_GET['dav_name'], $id); $qry = new AwlQuery('DELETE FROM collection WHERE dav_name=?;', $_GET['dav_name']);
/** * Creates some default home collections for the user. * @param string $username The username of the user we are creating relationships for. */ function CreateHomeCollections($username, $defult_timezone = null) { global $session, $c; if (!isset($c->default_collections)) { $c->default_collections = array(); if (!empty($c->home_calendar_name)) { $c->default_collections[] = array('type' => 'calendar', 'name' => $c->home_calendar_name); } if (!empty($c->home_addressbook_name)) { $c->default_collections[] = array('type' => 'addressbook', 'name' => $c->home_addressbook_name); } } if (!is_array($c->default_collections) || !count($c->default_collections)) { return true; } $principal = new Principal('username', $username); $user_fullname = $principal->fullname; // user fullname $user_rfullname = implode(' ', array_reverse(explode(' ', $principal->fullname))); // user fullname in reverse order $sql = 'INSERT INTO collection (user_no, parent_container, dav_name, dav_etag, dav_displayname, is_calendar, is_addressbook, default_privileges, created, modified, resourcetypes) '; $sql .= 'VALUES( :user_no, :parent_container, :collection_path, :dav_etag, :displayname, :is_calendar, :is_addressbook, :privileges::BIT(24), current_timestamp, current_timestamp, :resourcetypes );'; foreach ($c->default_collections as $v) { if ($v['type'] == 'calendar' || $v['type'] == 'addressbook') { if (!empty($v['name'])) { $qry = new AwlQuery('SELECT 1 FROM collection WHERE dav_name = :dav_name', array(':dav_name' => $principal->dav_name() . $v['name'] . '/')); if (!$qry->Exec()) { $c->messages[] = i18n('There was an error reading from the database.'); return false; } if ($qry->rows() > 0) { $c->messages[] = i18n('Home ' . ($v['type'] == 'calendar' ? 'calendar' : 'addressbook') . ' already exists.'); return true; } else { $params[':user_no'] = $principal->user_no(); $params[':parent_container'] = $principal->dav_name(); $params[':dav_etag'] = '-1'; $params[':collection_path'] = $principal->dav_name() . $v['name'] . '/'; $params[':displayname'] = !isset($v['displayname']) || empty($v['displayname']) ? $user_fullname . ($v['type'] == 'calendar' ? ' calendar' : ' addressbook') : str_replace(array('%fn', '%rfn'), array($user_fullname, $user_rfullname), $v['displayname']); $params[':resourcetypes'] = $v['type'] == 'calendar' ? '<DAV::collection/><urn:ietf:params:xml:ns:caldav:calendar/>' : '<DAV::collection/><urn:ietf:params:xml:ns:carddav:addressbook/>'; $params[':is_calendar'] = $v['type'] == 'calendar' ? true : false; $params[':is_addressbook'] = $v['type'] == 'addressbook' ? true : false; $params[':privileges'] = !isset($v['privileges']) || $v['privileges'] === null ? null : privilege_to_bits($v['privileges']); $qry = new AwlQuery($sql, $params); if ($qry->Exec()) { $c->messages[] = i18n('Home ' . ($v['type'] == 'calendar' ? 'calendar' : 'addressbook') . ' added.'); dbg_error_log("User", ":Write: Created user's home " . ($v['type'] == 'calendar' ? 'calendar' : 'addressbook') . " at '%s'", $params[':collection_path']); // create value for urn:ietf:params:xml:ns:caldav:supported-calendar-component-set property if ($v['type'] == 'calendar' && isset($v['calendar_components']) && $v['calendar_components'] != null && is_array($v['calendar_components']) && count($v['calendar_components'])) { // convert the array to uppercase and allow only real calendar compontents $components_clean = array_intersect(array_map("strtoupper", $v['calendar_components']), array('VEVENT', 'VTODO', 'VJOURNAL', 'VTIMEZONE', 'VFREEBUSY', 'VPOLL', 'VAVAILABILITY')); // convert the $components_clean array to XML string $result_xml = ''; foreach ($components_clean as $curr) { $result_xml .= sprintf('<comp name="%s" xmlns="urn:ietf:params:xml:ns:caldav"/>', $curr); } // handle the components XML string as user defined property (see below) if ($result_xml != '') { $v['default_properties']['urn:ietf:params:xml:ns:caldav:supported-calendar-component-set'] = $result_xml; } } // store all user defined properties (note: it also handles 'calendar_components' - see above) if (isset($v['default_properties']) && $v['default_properties'] != null && is_array($v['default_properties']) && count($v['default_properties'])) { $sql2 = 'INSERT INTO property (dav_name, property_name, property_value, changed_on, changed_by) '; $sql2 .= 'VALUES (:collection_path, :property_name, :property_value, current_timestamp, :user_no);'; $params2[':user_no'] = $principal->user_no(); $params2[':collection_path'] = $principal->dav_name() . $v['name'] . '/'; foreach ($v['default_properties'] as $key => $val) { $params2[':property_name'] = $key; $params2[':property_value'] = $val; $qry2 = new AwlQuery($sql2, $params2); if ($qry2->Exec()) { dbg_error_log("User", ":Write: Created property '%s' for " . ($v['type'] == 'calendar' ? 'calendar' : 'addressbook') . " at '%s'", $params2[':property_name'], $params2[':collection_path']); } else { $c->messages[] = i18n("There was an error writing to the database."); return false; } } } } else { $c->messages[] = i18n("There was an error writing to the database."); return false; } } } } } return true; }
*/ if (isset($fb_user)) { $_SERVER['PATH_INFO'] = '/' . $fb_user . '/'; } /** * We also allow URLs like .../freebusy.php/user@example.com to work, so long as * the e-mail matches a single user whose calendar we have rights to. * @NOTE: It is OK for there to *be* duplicate e-mail addresses, just so long as we * only have read permission (or more) for only one of them. */ require_once "CalDAVRequest.php"; $request = new CalDAVRequest(array("allow_by_email" => 1)); $path_match = '^' . $request->path; if (preg_match('{^/(\\S+@[a-z0-9][a-z0-9-]*[.][a-z0-9.-]+)/?$}i', $request->path, $matches)) { $principal = new Principal('email', $matches[1]); $path_match = '^' . $principal->dav_name(); } if (isset($fb_format) && $fb_format != 'text/calendar') { $request->DoResponse(406, translate('This server only supports the text/calendar format for freebusy URLs')); } if (!$request->HavePrivilegeTo('read-free-busy')) { $request->DoResponse(404); } require_once "freebusy-functions.php"; switch ($_SERVER['REQUEST_METHOD']) { case 'GET': $range_start = new RepeatRuleDateTime($fb_start); if (!isset($fb_end)) { $range_end = clone $range_start; $range_end->modify($fb_period); } else {