/** * Returns the list of users as Sabre_CalDAV_User objects. * * @return array */ public function getChildren() { $users = $this->authBackend->getUsers(); $children = array(); foreach ($users as $user) { $children[] = new Sabre_CalDAV_UserCalendars($this->authBackend, $this->caldavBackend, $user['uri']); } return $children; }
/** * This method is called before any HTTP method and forces users to be authenticated * * @param string $method * @throws Sabre_DAV_Exception_NotAuthenticated * @return bool */ public function beforeMethod($method) { $digest = new Sabre_HTTP_DigestAuth(); // Hooking up request and response objects $digest->setHTTPRequest($this->server->httpRequest); $digest->setHTTPResponse($this->server->httpResponse); $digest->setRealm($this->realm); $digest->init(); $username = $digest->getUsername(); // No username was given if (!$username) { $digest->requireLogin(); throw new Sabre_DAV_Exception_NotAuthenticated('No digest authentication headers were found'); } // Now checking the backend for the A1 hash $A1 = $this->authBackend->getDigestHash($username); // If this was false, the user account didn't exist if (!$A1) { $digest->requireLogin(); throw new Sabre_DAV_Exception_NotAuthenticated('The supplied username was not on file'); } // If this was false, the password or part of the hash was incorrect. if (!$digest->validateA1($A1)) { $digest->requireLogin(); throw new Sabre_DAV_Exception_NotAuthenticated('Incorrect username'); } $this->userName = $username; $this->userId = $this->authBackend->getUserId($username); // Eventhooks must return true to continue processing return true; }
/** * Check if user has access. * * This method does a check if the currently logged in user * has permission to access this calendar. There is only read-write * access, so you're in or you're out. * * @return bool */ protected function hasPrivilege() { if (!($user = $this->authBackend->getCurrentUser())) { return false; } if ($user['uri'] !== $this->calendarInfo['principaluri']) { return false; } return true; }
/** * This method is called before any HTTP method and forces users to be authenticated * * @param string $method * @throws Sabre_DAV_Exception_NotAuthenticated * @return bool */ public function beforeMethod($method, $uri) { $this->authBackend->authenticate($this->server, $this->realm); }