/** * @depends testSupportedReportSetProperty * @depends testCalendarMultiGetReport */ function testCalendarQueryReport1ObjectNoCalData() { $body = '<?xml version="1.0"?>' . '<c:calendar-query xmlns:c="urn:ietf:params:xml:ns:caldav" xmlns:d="DAV:">' . '<d:prop>' . ' <d:getetag />' . '</d:prop>' . '<c:filter>' . ' <c:comp-filter name="VCALENDAR">' . ' <c:comp-filter name="VEVENT" />' . ' </c:comp-filter>' . '</c:filter>' . '</c:calendar-query>'; $request = new HTTP\Request(array('REQUEST_METHOD' => 'REPORT', 'REQUEST_URI' => '/calendars/user1/UUID-123467/UUID-2345', 'HTTP_DEPTH' => '0')); $request->setBody($body); $this->server->httpRequest = $request; $this->server->exec(); $this->assertEquals('HTTP/1.1 207 Multi-Status', $this->response->status, 'Received an unexpected status. Full response body: ' . $this->response->body); $xml = simplexml_load_string(DAV\XMLUtil::convertDAVNamespace($this->response->body)); $xml->registerXPathNamespace('d', 'urn:DAV'); $xml->registerXPathNamespace('c', 'urn:ietf:params:xml:ns:caldav'); $check = array('/d:multistatus', '/d:multistatus/d:response', '/d:multistatus/d:response/d:href', '/d:multistatus/d:response/d:propstat', '/d:multistatus/d:response/d:propstat/d:prop', '/d:multistatus/d:response/d:propstat/d:prop/d:getetag', '/d:multistatus/d:response/d:propstat/d:status' => 'HTTP/1.1 200 OK'); foreach ($check as $v1 => $v2) { $xpath = is_int($v1) ? $v2 : $v1; $result = $xml->xpath($xpath); $this->assertEquals(1, count($result), 'We expected 1 ' . $xpath . ' elements. We\'ve found ' . count($result) . '. Full result: ' . $this->response->body); if (!is_int($v1)) { $this->assertEquals($v2, (string) $result[0]); } } }
/** * Parses a webdav lock xml body, and returns a new Sabre\DAV\Locks\LockInfo object * * @param string $body * @return DAV\Locks\LockInfo */ protected function parseLockRequest($body) { $xml = simplexml_load_string(DAV\XMLUtil::convertDAVNamespace($body), null, LIBXML_NOWARNING); $xml->registerXPathNamespace('d', 'urn:DAV'); $lockInfo = new LockInfo(); $children = $xml->children("urn:DAV"); $lockInfo->owner = (string) $children->owner; $lockInfo->token = DAV\UUIDUtil::getUUID(); $lockInfo->scope = count($xml->xpath('d:lockscope/d:exclusive')) > 0 ? LockInfo::EXCLUSIVE : LockInfo::SHARED; return $lockInfo; }
/** * Parses a webdav lock xml body, and returns a new Sabre\DAV\Locks\LockInfo object * * @param string $body * @return DAV\Locks\LockInfo */ protected function parseLockRequest($body) { // Fixes an XXE vulnerability on PHP versions older than 5.3.23 or // 5.4.13. $previous = libxml_disable_entity_loader(true); $xml = simplexml_load_string(DAV\XMLUtil::convertDAVNamespace($body), null, LIBXML_NOWARNING); libxml_disable_entity_loader($previous); $xml->registerXPathNamespace('d', 'urn:DAV'); $lockInfo = new LockInfo(); $children = $xml->children("urn:DAV"); $lockInfo->owner = (string) $children->owner; $lockInfo->token = DAV\UUIDUtil::getUUID(); $lockInfo->scope = count($xml->xpath('d:lockscope/d:exclusive')) > 0 ? LockInfo::EXCLUSIVE : LockInfo::SHARED; return $lockInfo; }