/**
* The constructor, which just calls the actual type configured
*/
function PublicSession()
{
global $c;
$principal = new Principal('username', 'unauthenticated');
// Assign each field in the selected record to the object
foreach ($principal as $k => $v) {
$this->{$k} = $v;
}
$this->username = $principal->username();
$this->user_no = $principal->user_no();
$this->principal_id = $principal->principal_id();
$this->email = $principal->email();
$this->dav_name = $principal->dav_name();
$this->principal = $principal;
if (function_exists("awl_set_locale") && isset($this->locale) && $this->locale != "") {
awl_set_locale($this->locale);
}
$this->groups = isset($c->public_groups) ? $c->public_groups : array();
$this->roles = array('Public' => true);
$this->logged_in = false;
}
function __construct($user_no = null)
{
if (empty($user_no)) {
$this->user_no = -1;
$this->principal_id = -1;
$this->logged_in = false;
return;
}
$this->user_no = $user_no;
$principal = new Principal('user_no', $user_no);
// Assign each field in the selected record to the object
foreach ($principal as $k => $v) {
$this->{$k} = $v;
}
$this->username = $principal->username();
$this->principal_id = $principal->principal_id();
$this->email = $principal->email();
$this->dav_name = $principal->dav_name();
$this->principal = $principal;
$this->logged_in = true;
}
<?php
param_to_global('id', 'int', 'old_id', 'principal_id');
$privilege_names = array('read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set', 'bind', 'unbind', 'write-acl', 'read-free-busy', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy');
$privilege_xlate = array('all' => translate('All privileges'), 'read' => translate('Read'), 'write-properties' => translate('Write Metadata'), 'write-content' => translate('Write Data'), 'unlock' => translate('Override a Lock'), 'read-acl' => translate('Read Access Controls'), 'read-current-user-privilege-set' => translate('Read Current User\'s Access'), 'bind' => translate('Create Events/Collections'), 'unbind' => translate('Delete Events/Collections'), 'write-acl' => translate('Write Access Controls'), 'read-free-busy' => translate('Read Free/Busy Information'), 'schedule-deliver-invite' => translate('Scheduling: Deliver an Invitation'), 'schedule-deliver-reply' => translate('Scheduling: Deliver a Reply'), 'schedule-query-freebusy' => translate('Scheduling: Query free/busy'), 'schedule-send-invite' => translate('Scheduling: Send an Invitation'), 'schedule-send-reply' => translate('Scheduling: Send a Reply'), 'schedule-send-freebusy' => translate('Scheduling: Send free/busy'), 'write' => translate('Write'), 'schedule-deliver' => translate('Scheduling: Delivery'), 'schedule-send' => translate('Scheduling: Sending'));
$can_write_principal = $session->AllowedTo('Admin') || $session->principal_id == $id;
if (!$can_write_principal && $id > 0) {
$target_principal = new Principal('principal_id', $id);
$can_write_principal = $session->HavePrivilegeTo('DAV::write', $target_principal->dav_name());
}
$delete_collection_confirmation_required = null;
$delete_principal_confirmation_required = null;
$delete_ticket_confirmation_required = null;
$delete_bind_in_confirmation_required = null;
$delete_binding_confirmation_required = null;
function handle_subaction($subaction)
{
global $session, $c, $id, $editor;
global $delete_collection_confirmation_required;
global $delete_principal_confirmation_required;
global $delete_ticket_confirmation_required;
global $delete_bind_in_confirmation_required;
global $delete_binding_confirmation_required;
dbg_error_log('admin-principal-edit', ':handle_action: Action %s', $subaction);
switch ($subaction) {
case 'delete_collection':
dbg_error_log('admin-principal-edit', ':handle_action: Deleting collection %s for principal %d', $_GET['dav_name'], $id);
if ($session->AllowedTo('Admin') || $id > 0 && $session->principal_id == $id) {
if ($session->CheckConfirmationHash('GET', 'confirm')) {
dbg_error_log('admin-principal-edit', ':handle_action: Allowed to delete collection %s for principal %d', $_GET['dav_name'], $id);
$qry = new AwlQuery('DELETE FROM collection WHERE dav_name=?;', $_GET['dav_name']);
/**
* Creates some default home collections for the user.
* @param string $username The username of the user we are creating relationships for.
*/
function CreateHomeCollections($username, $defult_timezone = null)
{
global $session, $c;
if (!isset($c->default_collections)) {
$c->default_collections = array();
if (!empty($c->home_calendar_name)) {
$c->default_collections[] = array('type' => 'calendar', 'name' => $c->home_calendar_name);
}
if (!empty($c->home_addressbook_name)) {
$c->default_collections[] = array('type' => 'addressbook', 'name' => $c->home_addressbook_name);
}
}
if (!is_array($c->default_collections) || !count($c->default_collections)) {
return true;
}
$principal = new Principal('username', $username);
$user_fullname = $principal->fullname;
// user fullname
$user_rfullname = implode(' ', array_reverse(explode(' ', $principal->fullname)));
// user fullname in reverse order
$sql = 'INSERT INTO collection (user_no, parent_container, dav_name, dav_etag, dav_displayname, is_calendar, is_addressbook, default_privileges, created, modified, resourcetypes) ';
$sql .= 'VALUES( :user_no, :parent_container, :collection_path, :dav_etag, :displayname, :is_calendar, :is_addressbook, :privileges::BIT(24), current_timestamp, current_timestamp, :resourcetypes );';
foreach ($c->default_collections as $v) {
if ($v['type'] == 'calendar' || $v['type'] == 'addressbook') {
if (!empty($v['name'])) {
$qry = new AwlQuery('SELECT 1 FROM collection WHERE dav_name = :dav_name', array(':dav_name' => $principal->dav_name() . $v['name'] . '/'));
if (!$qry->Exec()) {
$c->messages[] = i18n('There was an error reading from the database.');
return false;
}
if ($qry->rows() > 0) {
$c->messages[] = i18n('Home ' . ($v['type'] == 'calendar' ? 'calendar' : 'addressbook') . ' already exists.');
return true;
} else {
$params[':user_no'] = $principal->user_no();
$params[':parent_container'] = $principal->dav_name();
$params[':dav_etag'] = '-1';
$params[':collection_path'] = $principal->dav_name() . $v['name'] . '/';
$params[':displayname'] = !isset($v['displayname']) || empty($v['displayname']) ? $user_fullname . ($v['type'] == 'calendar' ? ' calendar' : ' addressbook') : str_replace(array('%fn', '%rfn'), array($user_fullname, $user_rfullname), $v['displayname']);
$params[':resourcetypes'] = $v['type'] == 'calendar' ? '<DAV::collection/><urn:ietf:params:xml:ns:caldav:calendar/>' : '<DAV::collection/><urn:ietf:params:xml:ns:carddav:addressbook/>';
$params[':is_calendar'] = $v['type'] == 'calendar' ? true : false;
$params[':is_addressbook'] = $v['type'] == 'addressbook' ? true : false;
$params[':privileges'] = !isset($v['privileges']) || $v['privileges'] === null ? null : privilege_to_bits($v['privileges']);
$qry = new AwlQuery($sql, $params);
if ($qry->Exec()) {
$c->messages[] = i18n('Home ' . ($v['type'] == 'calendar' ? 'calendar' : 'addressbook') . ' added.');
dbg_error_log("User", ":Write: Created user's home " . ($v['type'] == 'calendar' ? 'calendar' : 'addressbook') . " at '%s'", $params[':collection_path']);
// create value for urn:ietf:params:xml:ns:caldav:supported-calendar-component-set property
if ($v['type'] == 'calendar' && isset($v['calendar_components']) && $v['calendar_components'] != null && is_array($v['calendar_components']) && count($v['calendar_components'])) {
// convert the array to uppercase and allow only real calendar compontents
$components_clean = array_intersect(array_map("strtoupper", $v['calendar_components']), array('VEVENT', 'VTODO', 'VJOURNAL', 'VTIMEZONE', 'VFREEBUSY', 'VPOLL', 'VAVAILABILITY'));
// convert the $components_clean array to XML string
$result_xml = '';
foreach ($components_clean as $curr) {
$result_xml .= sprintf('<comp name="%s" xmlns="urn:ietf:params:xml:ns:caldav"/>', $curr);
}
// handle the components XML string as user defined property (see below)
if ($result_xml != '') {
$v['default_properties']['urn:ietf:params:xml:ns:caldav:supported-calendar-component-set'] = $result_xml;
}
}
// store all user defined properties (note: it also handles 'calendar_components' - see above)
if (isset($v['default_properties']) && $v['default_properties'] != null && is_array($v['default_properties']) && count($v['default_properties'])) {
$sql2 = 'INSERT INTO property (dav_name, property_name, property_value, changed_on, changed_by) ';
$sql2 .= 'VALUES (:collection_path, :property_name, :property_value, current_timestamp, :user_no);';
$params2[':user_no'] = $principal->user_no();
$params2[':collection_path'] = $principal->dav_name() . $v['name'] . '/';
foreach ($v['default_properties'] as $key => $val) {
$params2[':property_name'] = $key;
$params2[':property_value'] = $val;
$qry2 = new AwlQuery($sql2, $params2);
if ($qry2->Exec()) {
dbg_error_log("User", ":Write: Created property '%s' for " . ($v['type'] == 'calendar' ? 'calendar' : 'addressbook') . " at '%s'", $params2[':property_name'], $params2[':collection_path']);
} else {
$c->messages[] = i18n("There was an error writing to the database.");
return false;
}
}
}
} else {
$c->messages[] = i18n("There was an error writing to the database.");
return false;
}
}
}
}
}
return true;
}
*/
if (isset($fb_user)) {
$_SERVER['PATH_INFO'] = '/' . $fb_user . '/';
}
/**
* We also allow URLs like .../freebusy.php/user@example.com to work, so long as
* the e-mail matches a single user whose calendar we have rights to.
* @NOTE: It is OK for there to *be* duplicate e-mail addresses, just so long as we
* only have read permission (or more) for only one of them.
*/
require_once "CalDAVRequest.php";
$request = new CalDAVRequest(array("allow_by_email" => 1));
$path_match = '^' . $request->path;
if (preg_match('{^/(\\S+@[a-z0-9][a-z0-9-]*[.][a-z0-9.-]+)/?$}i', $request->path, $matches)) {
$principal = new Principal('email', $matches[1]);
$path_match = '^' . $principal->dav_name();
}
if (isset($fb_format) && $fb_format != 'text/calendar') {
$request->DoResponse(406, translate('This server only supports the text/calendar format for freebusy URLs'));
}
if (!$request->HavePrivilegeTo('read-free-busy')) {
$request->DoResponse(404);
}
require_once "freebusy-functions.php";
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
$range_start = new RepeatRuleDateTime($fb_start);
if (!isset($fb_end)) {
$range_end = clone $range_start;
$range_end->modify($fb_period);
} else {
