/**
* Triggered before properties are looked up in specific nodes.
*
* @param DAV\PropFind $propFind
* @param DAV\INode $node
* @param array $requestedProperties
* @param array $returnedProperties
* @TODO really should be broken into multiple methods, or even a class.
* @return bool
*/
function propFind(DAV\PropFind $propFind, DAV\INode $node)
{
$path = $propFind->getPath();
// Checking the read permission
if (!$this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, false)) {
// User is not allowed to read properties
// Returning false causes the property-fetching system to pretend
// that the node does not exist, and will cause it to be hidden
// from listings such as PROPFIND or the browser plugin.
if ($this->hideNodesFromListings) {
return false;
}
// Otherwise we simply mark every property as 403.
foreach ($propFind->getRequestedProperties() as $requestedProperty) {
$propFind->set($requestedProperty, null, 403);
}
return;
}
/* Adding principal properties */
if ($node instanceof IPrincipal) {
$propFind->handle('{DAV:}alternate-URI-set', function () use($node) {
return new DAV\Property\HrefList($node->getAlternateUriSet());
});
$propFind->handle('{DAV:}principal-URL', function () use($node) {
return new DAV\Property\Href($node->getPrincipalUrl() . '/');
});
$propFind->handle('{DAV:}group-member-set', function () use($node) {
$members = $node->getGroupMemberSet();
foreach ($members as $k => $member) {
$members[$k] = rtrim($member, '/') . '/';
}
return new DAV\Property\HrefList($members);
});
$propFind->handle('{DAV:}group-membership', function () use($node) {
$members = $node->getGroupMembership();
foreach ($members as $k => $member) {
$members[$k] = rtrim($member, '/') . '/';
}
return new DAV\Property\HrefList($members);
});
$propFind->handle('{DAV:}displayname', [$node, 'getDisplayName']);
}
$propFind->handle('{DAV:}principal-collection-set', function () {
$val = $this->principalCollectionSet;
// Ensuring all collections end with a slash
foreach ($val as $k => $v) {
$val[$k] = $v . '/';
}
return new DAV\Property\HrefList($val);
});
$propFind->handle('{DAV:}current-user-principal', function () {
if ($url = $this->getCurrentUserPrincipal()) {
return new Property\Principal(Property\Principal::HREF, $url . '/');
} else {
return new Property\Principal(Property\Principal::UNAUTHENTICATED);
}
});
$propFind->handle('{DAV:}supported-privilege-set', function () use($node) {
return new Property\SupportedPrivilegeSet($this->getSupportedPrivilegeSet($node));
});
$propFind->handle('{DAV:}current-user-privilege-set', function () use($node, $propFind, $path) {
if (!$this->checkPrivileges($path, '{DAV:}read-current-user-privilege-set', self::R_PARENT, false)) {
$propFind->set('{DAV:}current-user-privilege-set', null, 403);
} else {
$val = $this->getCurrentUserPrivilegeSet($node);
if (!is_null($val)) {
return new Property\CurrentUserPrivilegeSet($val);
}
}
});
$propFind->handle('{DAV:}acl', function () use($node, $propFind, $path) {
/* The ACL property contains all the permissions */
if (!$this->checkPrivileges($path, '{DAV:}read-acl', self::R_PARENT, false)) {
$propFind->set('{DAV:}acl', null, 403);
} else {
$acl = $this->getACL($node);
if (!is_null($acl)) {
return new Property\Acl($this->getACL($node));
}
}
});
$propFind->handle('{DAV:}acl-restrictions', function () {
return new Property\AclRestrictions();
});
/* Adding ACL properties */
if ($node instanceof IACL) {
$propFind->handle('{DAV:}owner', function () use($node) {
return new DAV\Property\Href($node->getOwner() . '/');
});
}
}
/**
* Triggered before properties are looked up in specific nodes.
*
* @param string $uri
* @param DAV\INode $node
* @param array $requestedProperties
* @param array $returnedProperties
* @TODO really should be broken into multiple methods, or even a class.
* @return bool
*/
public function beforeGetProperties($uri, DAV\INode $node, &$requestedProperties, &$returnedProperties)
{
// Checking the read permission
if (!$this->checkPrivileges($uri, '{DAV:}read', self::R_PARENT, false)) {
// User is not allowed to read properties
if ($this->hideNodesFromListings) {
return false;
}
// Marking all requested properties as '403'.
foreach ($requestedProperties as $key => $requestedProperty) {
unset($requestedProperties[$key]);
$returnedProperties[403][$requestedProperty] = null;
}
return;
}
/* Adding principal properties */
if ($node instanceof IPrincipal) {
if (false !== ($index = array_search('{DAV:}alternate-URI-set', $requestedProperties))) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}alternate-URI-set'] = new DAV\Property\HrefList($node->getAlternateUriSet());
}
if (false !== ($index = array_search('{DAV:}principal-URL', $requestedProperties))) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}principal-URL'] = new DAV\Property\Href($node->getPrincipalUrl() . '/');
}
if (false !== ($index = array_search('{DAV:}group-member-set', $requestedProperties))) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}group-member-set'] = new DAV\Property\HrefList($node->getGroupMemberSet());
}
if (false !== ($index = array_search('{DAV:}group-membership', $requestedProperties))) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}group-membership'] = new DAV\Property\HrefList($node->getGroupMembership());
}
if (false !== ($index = array_search('{DAV:}displayname', $requestedProperties))) {
$returnedProperties[200]['{DAV:}displayname'] = $node->getDisplayName();
}
}
if (false !== ($index = array_search('{DAV:}principal-collection-set', $requestedProperties))) {
unset($requestedProperties[$index]);
$val = $this->principalCollectionSet;
// Ensuring all collections end with a slash
foreach ($val as $k => $v) {
$val[$k] = $v . '/';
}
$returnedProperties[200]['{DAV:}principal-collection-set'] = new DAV\Property\HrefList($val);
}
if (false !== ($index = array_search('{DAV:}current-user-principal', $requestedProperties))) {
unset($requestedProperties[$index]);
if ($url = $this->getCurrentUserPrincipal()) {
$returnedProperties[200]['{DAV:}current-user-principal'] = new Property\Principal(Property\Principal::HREF, $url . '/');
} else {
$returnedProperties[200]['{DAV:}current-user-principal'] = new Property\Principal(Property\Principal::UNAUTHENTICATED);
}
}
if (false !== ($index = array_search('{DAV:}supported-privilege-set', $requestedProperties))) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}supported-privilege-set'] = new Property\SupportedPrivilegeSet($this->getSupportedPrivilegeSet($node));
}
if (false !== ($index = array_search('{DAV:}current-user-privilege-set', $requestedProperties))) {
if (!$this->checkPrivileges($uri, '{DAV:}read-current-user-privilege-set', self::R_PARENT, false)) {
$returnedProperties[403]['{DAV:}current-user-privilege-set'] = null;
unset($requestedProperties[$index]);
} else {
$val = $this->getCurrentUserPrivilegeSet($node);
if (!is_null($val)) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}current-user-privilege-set'] = new Property\CurrentUserPrivilegeSet($val);
}
}
}
/* The ACL property contains all the permissions */
if (false !== ($index = array_search('{DAV:}acl', $requestedProperties))) {
if (!$this->checkPrivileges($uri, '{DAV:}read-acl', self::R_PARENT, false)) {
unset($requestedProperties[$index]);
$returnedProperties[403]['{DAV:}acl'] = null;
} else {
$acl = $this->getACL($node);
if (!is_null($acl)) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}acl'] = new Property\Acl($this->getACL($node));
}
}
}
/* The acl-restrictions property contains information on how privileges
* must behave.
*/
if (false !== ($index = array_search('{DAV:}acl-restrictions', $requestedProperties))) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}acl-restrictions'] = new Property\AclRestrictions();
}
/* Adding ACL properties */
if ($node instanceof IACL) {
if (false !== ($index = array_search('{DAV:}owner', $requestedProperties))) {
unset($requestedProperties[$index]);
$returnedProperties[200]['{DAV:}owner'] = new DAV\Property\Href($node->getOwner() . '/');
}
}
}
