/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$createprincipal = $this->getOwner();
$deleteprincipal = $this->getOwner();
$uid = OCA\Contacts\Addressbook::extractUserID($this->getOwner());
$readWriteACL = array(array('privilege' => '{DAV:}read', 'principal' => 'principals/' . OCP\User::getUser(), 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => 'principals/' . OCP\User::getUser(), 'protected' => true));
if ($uid != OCP\USER::getUser()) {
$sharedAddressbook = OCP\Share::getItemSharedWithBySource('addressbook', $this->addressBookInfo['id']);
if ($sharedAddressbook) {
if ($sharedAddressbook['permissions'] & OCP\PERMISSION_CREATE && $sharedAddressbook['permissions'] & OCP\PERMISSION_UPDATE && $sharedAddressbook['permissions'] & OCP\PERMISSION_DELETE) {
return $readWriteACL;
}
if ($sharedAddressbook['permissions'] & OCP\PERMISSION_CREATE) {
$createprincipal = 'principals/' . OCP\USER::getUser();
}
if ($sharedAddressbook['permissions'] & OCP\PERMISSION_READ) {
$readprincipal = 'principals/' . OCP\USER::getUser();
}
if ($sharedAddressbook['permissions'] & OCP\PERMISSION_UPDATE) {
$writeprincipal = 'principals/' . OCP\USER::getUser();
}
if ($sharedAddressbook['permissions'] & OCP\PERMISSION_DELETE) {
$deleteprincipal = 'principals/' . OCP\USER::getUser();
}
}
} else {
return parent::getACL();
}
return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write-content', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}bind', 'principal' => $createprincipal, 'protected' => true), array('privilege' => '{DAV:}unbind', 'principal' => $deleteprincipal, 'protected' => true));
}
/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$uid = OCA\Contacts\Addressbook::extractUserID($this->getOwner());
if ($uid != OCP\USER::getUser()) {
$sharedAddressbook = OCP\Share::getItemSharedWithBySource('addressbook', $this->addressBookInfo['id']);
if ($sharedAddressbook && $sharedAddressbook['permissions'] & OCP\PERMISSION_READ) {
$readprincipal = 'principals/' . OCP\USER::getUser();
}
if ($sharedAddressbook && $sharedAddressbook['permissions'] & OCP\PERMISSION_UPDATE) {
$writeprincipal = 'principals/' . OCP\USER::getUser();
}
}
return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true));
}
/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$uid = OC_Calendar_Calendar::extractUserID($this->getOwner());
if ($uid != OCP\USER::getUser()) {
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $this->calendarInfo['id']);
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_READ) {
$readprincipal = 'principals/' . OCP\USER::getUser();
}
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_UPDATE) {
$writeprincipal = 'principals/' . OCP\USER::getUser();
}
}
return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true), array('privilege' => '{' . Sabre_CalDAV_Plugin::NS_CALDAV . '}read-free-busy', 'principal' => '{DAV:}authenticated', 'protected' => true));
}
/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$uid = OC_Calendar_Calendar::extractUserID($this->getOwner());
if ($uid != OCP\USER::getUser()) {
$object = OC_VObject::parse($this->objectData['calendardata']);
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $this->calendarInfo['id']);
$sharedAccessClassPermissions = OC_Calendar_App::getAccessClassPermissions($object->VEVENT->CLASS->value);
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_READ && $sharedAccessClassPermissions & OCP\PERMISSION_READ) {
$readprincipal = 'principals/' . OCP\USER::getUser();
}
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_UPDATE && $sharedAccessClassPermissions & OCP\PERMISSION_UPDATE) {
$writeprincipal = 'principals/' . OCP\USER::getUser();
}
}
return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true));
}
/**
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
* * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
* * 'protected' (optional), indicating that this ACE is not allowed to
* be updated.
*
* @return array
*/
public function getACL()
{
$readprincipal = $this->getOwner();
$writeprincipal = $this->getOwner();
$uid = OC_Calendar_Calendar::extractUserID($this->getOwner());
if ($uid != OCP\USER::getUser()) {
if ($uid === 'contact_birthdays') {
$readprincipal = 'principals/' . OCP\User::getUser();
} else {
$object = \Sabre\VObject\Reader::read($this->objectData['calendardata']);
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $this->calendarInfo['id']);
$sharedAccessClassPermissions = OC_Calendar_Object::getAccessClassPermissions($object);
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_READ && $sharedAccessClassPermissions & OCP\PERMISSION_READ) {
$readprincipal = 'principals/' . OCP\USER::getUser();
}
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\PERMISSION_UPDATE && $sharedAccessClassPermissions & OCP\PERMISSION_UPDATE) {
$writeprincipal = 'principals/' . OCP\USER::getUser();
}
}
}
return array(array('privilege' => '{DAV:}read', 'principal' => $readprincipal, 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal, 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}write', 'principal' => $writeprincipal . '/calendar-proxy-write', 'protected' => true), array('privilege' => '{DAV:}read', 'principal' => $readprincipal . '/calendar-proxy-read', 'protected' => true));
}
public static function getAddressbook($id)
{
// TODO: Throw an exception instead of returning json.
$addressbook = OC_Contacts_Addressbook::find($id);
if ($addressbook === false || $addressbook['userid'] != OCP\USER::getUser()) {
if ($addressbook === false) {
OCP\Util::writeLog('contacts', 'Addressbook not found: ' . $id, OCP\Util::ERROR);
//throw new Exception('Addressbook not found: '. $id);
OCP\JSON::error(array('data' => array('message' => self::$l10n->t('Addressbook not found: ' . $id))));
} else {
$sharedAddressbook = OCP\Share::getItemSharedWithBySource('addressbook', $id, OC_Share_Backend_Addressbook::FORMAT_ADDRESSBOOKS);
if ($sharedAddressbook) {
return $sharedAddressbook[0];
} else {
OCP\Util::writeLog('contacts', 'Addressbook(' . $id . ') is not from ' . OCP\USER::getUser(), OCP\Util::ERROR);
//throw new Exception('This is not your addressbook.');
OCP\JSON::error(array('data' => array('message' => self::$l10n->t('This is not your addressbook.'))));
}
}
}
return $addressbook;
}
public function testInvalidItemType()
{
$message = 'Sharing backend for foobar not found';
try {
OCP\Share::shareItem('foobar', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_READ);
$this->fail('Exception was expected: ' . $message);
} catch (Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
try {
OCP\Share::getItemsSharedWith('foobar');
$this->fail('Exception was expected: ' . $message);
} catch (Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
try {
OCP\Share::getItemSharedWith('foobar', 'test.txt');
$this->fail('Exception was expected: ' . $message);
} catch (Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
try {
OCP\Share::getItemSharedWithBySource('foobar', 'test.txt');
$this->fail('Exception was expected: ' . $message);
} catch (Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
try {
OCP\Share::getItemShared('foobar', 'test.txt');
$this->fail('Exception was expected: ' . $message);
} catch (Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
try {
OCP\Share::unshare('foobar', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2);
$this->fail('Exception was expected: ' . $message);
} catch (Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
try {
OCP\Share::setPermissions('foobar', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, \OCP\Constants::PERMISSION_UPDATE);
$this->fail('Exception was expected: ' . $message);
} catch (Exception $exception) {
$this->assertEquals($message, $exception->getMessage());
}
}
/**
* @brief merges two calendars
* @param integer $id1
* @param integer $id2
* @return boolean
*/
public static function mergeCalendar($id1, $id2)
{
$calendar = self::find($id1);
if ($calendar['userid'] != OCP\User::getUser() && !OC_Group::inGroup(OCP\User::getUser(), 'admin')) {
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $id1);
if (!$sharedCalendar || !($sharedCalendar['permissions'] & OCP\PERMISSION_UPDATE)) {
throw new Exception(OC_Calendar_App::$l10n->t('You do not have the permissions to add to this calendar.'));
}
}
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*clndr_objects` SET `calendarid` = ? WHERE `calendarid` = ?');
$stmt->execute(array($id1, $id2));
self::touchCalendar($id1);
self::deleteCalendar($id2);
}
}
$calendars = OC_Calendar_Calendar::allCalendars(OCP\USER::getUser());
foreach ($calendars as $cal) {
if ($cal['userid'] != OCP\User::getUser()) {
continue;
}
if ($cal['displayname'] == $_POST['name'] && $cal['id'] != $_POST['id']) {
OCP\JSON::error(array('message' => 'namenotavailable'));
exit;
}
}
$calendarid = $_POST['id'];
try {
OC_Calendar_Calendar::editCalendar($calendarid, strip_tags($_POST['name']), null, null, null, $_POST['color']);
OC_Calendar_Calendar::setCalendarActive($calendarid, $_POST['active']);
} catch (Exception $e) {
OCP\JSON::error(array('message' => $e->getMessage()));
exit;
}
$calendar = OC_Calendar_Calendar::find($calendarid);
$tmpl = new OCP\Template('calendar', 'part.choosecalendar.rowfields');
$tmpl->assign('calendar', $calendar);
$shared = false;
if ($calendar['userid'] != OCP\User::getUser()) {
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $calendarid);
if ($sharedCalendar && $sharedCalendar['permissions'] & OCP\Share::PERMISSION_UPDATE) {
$shared = true;
}
}
$tmpl->assign('shared', $shared);
OCP\JSON::success(array('page' => $tmpl->fetchPage(), 'eventSource' => OC_Calendar_Calendar::getEventSourceInfo($calendar)));
/**
* @brief removes an address book
* @param integer $id
* @return boolean true on success, otherwise an exception will be thrown
*/
public static function delete($id)
{
$addressbook = self::find($id);
if ($addressbook['userid'] != OCP\User::getUser()) {
$sharedAddressbook = OCP\Share::getItemSharedWithBySource('addressbook', $id);
if (!$sharedAddressbook || !($sharedAddressbook['permissions'] & OCP\Share::PERMISSION_DELETE)) {
throw new Exception(OC_Contacts_App::$l10n->t('You do not have the permissions to delete this addressbook.'));
}
}
// First delete cards belonging to this addressbook.
$cards = OC_Contacts_VCard::all($id);
foreach ($cards as $card) {
try {
OC_Contacts_VCard::delete($card['id']);
} catch (Exception $e) {
OCP\Util::writeLog('contacts', __METHOD__ . ', exception deleting vCard ' . $card['id'] . ': ' . $e->getMessage(), OCP\Util::ERROR);
}
}
try {
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*contacts_addressbooks` WHERE `id` = ?');
$stmt->execute(array($id));
} catch (Exception $e) {
OCP\Util::writeLog('contacts', __METHOD__ . ', exception for ' . $id . ': ' . $e->getMessage(), OCP\Util::ERROR);
throw new Exception(OC_Contacts_App::$l10n->t('There was an error deleting this addressbook.'));
}
// TODO: Unshare all when that method is created
//OCP\Share::unshare('addressbook', $id);
if (count(self::all(OCP\User::getUser())) == 0) {
self::addDefault();
}
return true;
}
</li>
<li>
<a id="newCalendar"><?php
p($l->t('New Calendar'));
?>
</a>
</li>
<?php
$option_calendars = OC_Calendar_Calendar::allCalendars(OCP\USER::getUser());
for ($i = 0; $i < count($option_calendars); $i++) {
print_unescaped("<li data-id='" . OC_Util::sanitizeHTML($option_calendars[$i]['id']) . "'>");
$tmpl = new OCP\Template('calendar', 'part.choosecalendar.rowfields');
$tmpl->assign('calendar', $option_calendars[$i]);
if ($option_calendars[$i]['userid'] != OCP\User::getUser()) {
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $option_calendars[$i]['id']);
$shared = true;
} else {
$shared = false;
}
$tmpl->assign('shared', $shared);
$tmpl->printpage();
print_unescaped("</li>");
}
?>
<li id="caldav_url_entry">
<input style="display:none;width: 78%;float: left;" type="text" id="caldav_url" title="<?php
p($l->t("CalDav Link"));
?>
">
<img id="caldav_url_close" style="float:right;height: 16px;padding:7px;margin-top:3px;cursor:pointer;vertical-align: middle;display: none;" src="<?php
private static function getInternalFileAttachment($attachment) {
$path = urldecode($attachment['path']);
$path = substr($path, strpos($path, "/")+1 ); //remove root folder "files/"
$userId = OC_User::getUser();
if ( $attachment['owner'] == $userId ) {
// file-owner can use own path
$path = \OC\Files\Filesystem::getPath($attachment['fileid']);
} else {
$item_shared = OCP\Share::getItemSharedWithBySource('file', $attachment['fileid']);
if ( $item_shared != false ) { // if item is direct shared use shared-file target
$path = $item_shared['file_target'];
} else {
// else search shared parent folder
$path = "/" . self::getInheritedSharedPath( urldecode($attachment['path']), $userId, $attachment['owner'] );
}
$ocVersion = OCP\Util::getVersion();
if ( $ocVersion[0] < 7 ) {
$path = "/Shared" . $path;
}
}
$view = new \OC\Files\View('/' . $userId . '/files');
$fileinfo = $view->getFileInfo($path);
$download_url = OCP\Util::linkToRoute('download', array('file' => $path));
// File not found
if ( \OC\Files\Filesystem::is_file( $path ) == false ) {
$fileinfo['name'] = "File not found.";
$download_url = "#";
}
$result = array(
"type" => $attachment['type'],
"mimetype" => $fileinfo['mimetype'],
"name" => $fileinfo['name'],
"path" => $path,
"download_url" => $download_url
);
return $result;
}
* later.
* See the COPYING-README file.
*/
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('calendar');
session_write_close();
// Look for the calendar id
$calendar_id = null;
if (strval(intval($_GET['calendar_id'])) == strval($_GET['calendar_id'])) {
// integer for sure.
$id = intval($_GET['calendar_id']);
$calendarrow = OC_Calendar_App::getCalendar($id, true, false);
// Let's at least security check otherwise we might as well use OC_Calendar_Calendar::find())
if ($calendarrow !== false) {
$calendar_id = $id;
} else {
if (OCP\Share::getItemSharedWithBySource('calendar', $id) === false) {
OCP\JSON::encodedPrint(array());
exit;
}
}
}
$calendar_id = is_null($calendar_id) ? strip_tags($_GET['calendar_id']) : $calendar_id;
$start = version_compare(PHP_VERSION, '5.3.0', '>=') ? DateTime::createFromFormat('U', $_GET['start']) : new DateTime('@' . $_GET['start']);
$end = version_compare(PHP_VERSION, '5.3.0', '>=') ? DateTime::createFromFormat('U', $_GET['end']) : new DateTime('@' . $_GET['end']);
$events = OC_Calendar_App::getrequestedEvents($calendar_id, $start, $end);
$output = array();
foreach ($events as $event) {
$output = array_merge($output, OC_Calendar_App::generateEventOutput($event, $start, $end));
}
OCP\JSON::encodedPrint($output);
/**
* @brief Get the permissions for a calendar / an event
* @param (int) $id - id of the calendar / event
* @param (string) $type - type of the id (calendar/event)
* @return (int) $permissions - CRUDS permissions
* @see OCP\Share
*/
public static function getPermissions($id, $type)
{
$permissions_all = OCP\Share::PERMISSION_CREATE | OCP\Share::PERMISSION_READ | OCP\Share::PERMISSION_UPDATE | OCP\Share::PERMISSION_DELETE | OCP\Share::PERMISSION_SHARE;
if ($type == self::CALENDAR) {
$calendar = self::getCalendar($id, false, false);
if ($calendar['userid'] == OCP\USER::getUser()) {
return $permissions_all;
} else {
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $id);
if ($sharedCalendar) {
return $sharedCalendar['permissions'];
}
}
} elseif ($type == self::EVENT) {
if (OC_Calendar_Object::getowner($id) == OCP\USER::getUser()) {
return $permissions_all;
} else {
$object = OC_Calendar_Object::find($id);
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $object['calendarid']);
$sharedEvent = OCP\Share::getItemSharedWithBySource('event', $id);
$calendar_permissions = 0;
$event_permissions = 0;
if ($sharedCalendar) {
$calendar_permissions = $sharedCalendar['permissions'];
}
if ($sharedEvent) {
$event_permissions = $sharedEvent['permissions'];
}
return max($calendar_permissions, $event_permissions);
}
}
return 0;
}
/**
* @brief Get the permissions for a calendar / an event
* @param (int) $id - id of the calendar / event
* @param (string) $type - type of the id (calendar/event)
* @return (int) $permissions - CRUDS permissions
* @param (string) $accessclass - access class (rfc5545, section 3.8.1.3)
* @see OCP\Share
*/
public static function getPermissions($id, $type, $accessclass = '')
{
$permissions_all = OCP\PERMISSION_ALL;
if ($type == self::CALENDAR) {
$calendar = self::getCalendar($id, false, false);
if ($calendar['userid'] == OCP\USER::getUser()) {
return $permissions_all;
} else {
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $id);
if ($sharedCalendar) {
return $sharedCalendar['permissions'];
}
}
} elseif ($type == self::EVENT) {
if (OC_Calendar_Object::getowner($id) == OCP\USER::getUser()) {
return $permissions_all;
} else {
$object = OC_Calendar_Object::find($id);
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $object['calendarid']);
$sharedEvent = OCP\Share::getItemSharedWithBySource('event', $id);
$calendar_permissions = 0;
$event_permissions = 0;
if ($sharedCalendar) {
$calendar_permissions = $sharedCalendar['permissions'];
}
if ($sharedEvent) {
$event_permissions = $sharedEvent['permissions'];
}
if ($accessclass === 'PRIVATE') {
return 0;
} elseif ($accessclass === 'CONFIDENTIAL') {
return OCP\PERMISSION_READ;
} else {
return max($calendar_permissions, $event_permissions);
}
}
}
return 0;
}
public static function moveToCalendar($id, $calendarid)
{
$calendar = OC_Calendar_Calendar::find($calendarid);
if ($calendar['userid'] != OCP\User::getUser()) {
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $calendarid);
if (!$sharedCalendar || !($sharedCalendar['permissions'] & OCP\PERMISSION_DELETE)) {
throw new Exception(OC_Calendar_App::$l10n->t('You do not have the permissions to add events to this calendar.'));
}
}
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*clndr_objects` SET `calendarid`=? WHERE `id`=?');
$stmt->execute(array($calendarid, $id));
OC_Calendar_Calendar::touchCalendar($calendarid);
OCP\Util::emitHook('OC_Calendar', 'moveEvent', $id);
return true;
}
/**
* @brief Move card(s) to an address book
* @param integer $aid Address book id
* @param $id Array or integer of cards to be moved.
* @return boolean
*
*/
public static function moveToAddressBook($aid, $id, $isAddressbook = false)
{
OC_Contacts_App::getAddressbook($aid);
// check for user ownership.
$addressbook = OC_Contacts_Addressbook::find($aid);
if ($addressbook['userid'] != OCP\User::getUser()) {
$sharedAddressbook = OCP\Share::getItemSharedWithBySource('addressbook', $aid);
if (!$sharedAddressbook || !($sharedAddressbook['permissions'] & OCP\Share::PERMISSION_CREATE)) {
return false;
}
}
if (is_array($id)) {
foreach ($id as $index => $cardId) {
$card = self::find($cardId);
if (!$card) {
unset($id[$index]);
}
$oldAddressbook = OC_Contacts_Addressbook::find($card['addressbookid']);
if ($oldAddressbook['userid'] != OCP\User::getUser()) {
$sharedContact = OCP\Share::getItemSharedWithBySource('contact', $cardId, OCP\Share::FORMAT_NONE, null, true);
if (!$sharedContact || !($sharedContact['permissions'] & OCP\Share::PERMISSION_DELETE)) {
unset($id[$index]);
}
}
}
$id_sql = join(',', array_fill(0, count($id), '?'));
$prep = 'UPDATE `*PREFIX*contacts_cards` SET `addressbookid` = ? WHERE `id` IN (' . $id_sql . ')';
try {
$stmt = OCP\DB::prepare($prep);
//$aid = array($aid);
$vals = array_merge((array) $aid, $id);
$result = $stmt->execute($vals);
} catch (Exception $e) {
OCP\Util::writeLog('contacts', __METHOD__ . ', exception: ' . $e->getMessage(), OCP\Util::ERROR);
OCP\Util::writeLog('contacts', __METHOD__ . ', ids: ' . join(',', $vals), OCP\Util::DEBUG);
OCP\Util::writeLog('contacts', __METHOD__ . ', SQL:' . $prep, OCP\Util::DEBUG);
return false;
}
} else {
$stmt = null;
if ($isAddressbook) {
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*contacts_cards` SET `addressbookid` = ? WHERE `addressbookid` = ?');
} else {
$card = self::find($id);
if (!$card) {
return false;
}
$oldAddressbook = OC_Contacts_Addressbook::find($card['addressbookid']);
if ($oldAddressbook['userid'] != OCP\User::getUser()) {
$sharedContact = OCP\Share::getItemSharedWithBySource('contact', $id, OCP\Share::FORMAT_NONE, null, true);
if (!$sharedContact || !($sharedContact['permissions'] & OCP\Share::PERMISSION_DELETE)) {
return false;
}
}
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*contacts_cards` SET `addressbookid` = ? WHERE `id` = ?');
}
try {
$result = $stmt->execute(array($aid, $id));
} catch (Exception $e) {
OCP\Util::writeLog('contacts', __METHOD__ . ', exception: ' . $e->getMessage(), OCP\Util::DEBUG);
OCP\Util::writeLog('contacts', __METHOD__ . ' id: ' . $id, OCP\Util::DEBUG);
return false;
}
}
OC_Hook::emit('OC_Contacts_VCard', 'post_moveToAddressbook', array('aid' => $aid, 'id' => $id));
OC_Contacts_Addressbook::touch($aid);
return true;
}
}
break;
}
} else {
if (isset($_GET['fetch'])) {
switch ($_GET['fetch']) {
case 'getItemsSharedStatuses':
if (isset($_GET['itemType'])) {
$return = OCP\Share::getItemsShared((string) $_GET['itemType'], OCP\Share::FORMAT_STATUSES);
is_array($return) ? OC_JSON::success(array('data' => $return)) : OC_JSON::error();
}
break;
case 'getItem':
if (isset($_GET['itemType']) && isset($_GET['itemSource']) && isset($_GET['checkReshare']) && isset($_GET['checkShares'])) {
if ($_GET['checkReshare'] == 'true') {
$reshare = OCP\Share::getItemSharedWithBySource((string) $_GET['itemType'], (string) $_GET['itemSource'], OCP\Share::FORMAT_NONE, null, true);
} else {
$reshare = false;
}
if ($_GET['checkShares'] == 'true') {
$shares = OCP\Share::getItemShared((string) $_GET['itemType'], (string) $_GET['itemSource'], OCP\Share::FORMAT_NONE, null, true);
} else {
$shares = false;
}
OC_JSON::success(array('data' => array('reshare' => $reshare, 'shares' => $shares)));
}
break;
case 'getShareWithEmail':
$result = array();
if (isset($_GET['search'])) {
$cm = OC::$server->getContactsManager();
// Make up for not supporting the 'N' field in earlier version.
if (!isset($details['N'])) {
$details['N'] = array();
$details['N'][0] = array($details['FN'][0]['value'], '', '', '', '');
}
// Don't wanna transfer the photo in a json string.
if (isset($details['PHOTO'])) {
$details['PHOTO'] = true;
//unset($details['PHOTO']);
} else {
$details['PHOTO'] = false;
}
$lastmodified = OC_Contacts_App::lastModified($vcard);
if (!$lastmodified) {
$lastmodified = new DateTime();
}
$permissions = OCP\Share::PERMISSION_CREATE | OCP\Share::PERMISSION_READ | OCP\Share::PERMISSION_UPDATE | OCP\Share::PERMISSION_DELETE | OCP\Share::PERMISSION_SHARE;
$addressbook = OC_Contacts_Addressbook::find($card['addressbookid']);
if ($addressbook['userid'] != OCP\User::getUser()) {
$sharedAddressbook = OCP\Share::getItemSharedWithBySource('addressbook', $card['addressbookid']);
if ($sharedAddressbook) {
$permissions = $sharedAddressbook['permissions'];
}
}
$details['id'] = $id;
$details['displayname'] = $card['fullname'];
$details['addressbookid'] = $card['addressbookid'];
$details['lastmodified'] = $lastmodified->format('U');
$details['permissions'] = $permissions;
OC_Contacts_App::setLastModifiedHeader($vcard);
OCP\JSON::success(array('data' => $details));
