PHP DAVResource::getProperty 예제들

예제 #1

파일: caldav-ACL.php 프로젝트: derekyu1437/davical

function process_ace($grantor, $by_principal, $by_collection, $ace)
{
    global $cache_delete_list, $request;
    $elements = $ace->GetContent();
    $principal_node = $elements[0];
    $grant = $elements[1];
    if ($principal_node->GetNSTag() != 'DAV::principal') {
        $request->MalformedRequest('ACL request must contain a principal, not ' . $principal->GetNSTag());
    }
    $grant_tag = $grant->GetNSTag();
    if ($grant_tag == 'DAV::deny') {
        $request->PreconditionFailed(403, 'grant-only');
    }
    if ($grant_tag == 'DAV::invert') {
        $request->PreconditionFailed(403, 'no-invert');
    }
    if ($grant->GetNSTag() != 'DAV::grant') {
        $request->MalformedRequest('ACL request must contain a principal for each ACE');
    }
    $privilege_names = array();
    $xml_privs = $grant->GetPath("/DAV::grant/DAV::privilege/*");
    foreach ($xml_privs as $k => $priv) {
        $privilege_names[] = $priv->GetNSTag();
    }
    $privileges = privilege_to_bits($privilege_names);
    $principal_content = $principal_node->GetContent();
    if (count($principal_content) != 1) {
        $request->MalformedRequest('ACL request must contain exactly one principal per ACE');
    }
    $principal_content = $principal_content[0];
    switch ($principal_content->GetNSTag()) {
        case 'DAV::property':
            $principal_property = $principal_content->GetContent();
            if ($principal_property[0]->GetNSTag() != 'DAV::owner') {
                $request->PreconditionFailed(403, 'recognized-principal');
            }
            if (privilege_to_bits('all') != $privileges) {
                $request->PreconditionFailed(403, 'no-protected-ace-conflict', 'Owner must always have all permissions');
            }
            continue;
            // and then we ignore it, since it's protected
            break;
        case 'DAV::unauthenticated':
            $request->PreconditionFailed(403, 'allowed-principal', 'May not set privileges for unauthenticated users');
            break;
        case 'DAV::href':
            $principal_type = 'href';
            $grantee = new DAVResource(DeconstructURL($principal_content->GetContent()));
            $grantee_id = $grantee->getProperty('principal_id');
            if (!$grantee->Exists() || !$grantee->IsPrincipal()) {
                $request->PreconditionFailed(403, 'recognized-principal', 'Principal "' + $principal_content->GetContent() + '" not found.');
            }
            $sqlparms = array(':to_principal' => $grantee_id);
            $where = 'WHERE to_principal=:to_principal AND ';
            if (isset($by_principal)) {
                $sqlparms[':by_principal'] = $by_principal;
                $where .= 'by_principal = :by_principal';
            } else {
                $sqlparms[':by_collection'] = $by_collection;
                $where .= 'by_collection = :by_collection';
            }
            $qry = new AwlQuery('SELECT privileges FROM grants ' . $where, $sqlparms);
            if ($qry->Exec('ACL', __LINE__, __FILE__) && $qry->rows() == 1 && ($current = $qry->Fetch())) {
                $sql = 'UPDATE grants SET privileges=:privileges::INT::BIT(24) ' . $where;
            } else {
                $sqlparms[':by_principal'] = $by_principal;
                $sqlparms[':by_collection'] = $by_collection;
                $sql = 'INSERT INTO grants (by_principal, by_collection, to_principal, privileges) VALUES(:by_principal, :by_collection, :to_principal, :privileges::INT::BIT(24))';
            }
            $sqlparms[':privileges'] = $privileges;
            $qry = new AwlQuery($sql, $sqlparms);
            if ($qry->Exec('ACL', __LINE__, __FILE__)) {
                Principal::cacheDelete('dav_name', $grantee->dav_name());
                Principal::cacheFlush('principal_id IN (SELECT member_id FROM group_member WHERE group_id = ?)', array($grantee_id));
            }
            break;
        case 'DAV::authenticated':
            $principal_type = 'authenticated';
            if (bindec($grantor->GetProperty('default_privileges')) == $privileges) {
                continue;
            }
            // There is no change, so skip it
            $sqlparms = array(':privileges' => $privileges);
            if (isset($by_collection)) {
                $sql = 'UPDATE collection SET default_privileges=:privileges::INT::BIT(24) WHERE collection_id=:by_collection';
                $sqlparms[':by_collection'] = $by_collection;
            } else {
                $sql = 'UPDATE principal SET default_privileges=:privileges::INT::BIT(24) WHERE principal_id=:by_principal';
                $sqlparms[':by_principal'] = $by_principal;
            }
            $qry = new AwlQuery($sql, $sqlparms);
            if ($qry->Exec('ACL', __LINE__, __FILE__)) {
                /**
                 *  Basically this has changed everyone's permissions now, so...
                 */
                Principal::cacheFlush('TRUE');
            }
            break;
        case 'DAV::all':
            //      $principal_type = 'all';
            $request->PreconditionFailed(403, 'allowed-principal', 'May not set privileges for unauthenticated users');
            break;
        default:
            $request->PreconditionFailed(403, 'recognized-principal');
            break;
    }
}