$request->DoResponse(200);
return;
}
$etag = md5($request->raw_post);
$ic = new iCalComponent($request->raw_post);
if (!$dav_resource->Exists() && (isset($request->etag_if_match) && $request->etag_if_match != '')) {
/**
* RFC2068, 14.25:
* If none of the entity tags match, or if "*" is given and no current
* entity exists, the server MUST NOT perform the requested method, and
* MUST return a 412 (Precondition Failed) response.
*/
$request->PreconditionFailed(412, 'if-match');
}
if ($dav_resource->Exists()) {
if (isset($request->etag_if_match) && $request->etag_if_match != '' && $request->etag_if_match != $dav_resource->unique_tag()) {
/**
* RFC2068, 14.25:
* If none of the entity tags match, or if "*" is given and no current
* entity exists, the server MUST NOT perform the requested method, and
* MUST return a 412 (Precondition Failed) response.
*/
$request->PreconditionFailed(412, 'if-match', sprintf('Existing resource ETag of "%s" does not match "%s"', $dav_resource->unique_tag(), $request->etag_if_match));
} else {
if (isset($request->etag_none_match) && $request->etag_none_match != '' && ($request->etag_none_match == $dav_resource->unique_tag() || $request->etag_none_match == '*')) {
/**
* RFC2068, 14.26:
* If any of the entity tags match the entity tag of the entity that
* would have been returned in the response to a similar GET request
* (without the If-None-Match header) on that resource, or if "*" is
* given and any current entity exists for that resource, then the
$request->PreconditionFailed(409, 'collection-must-exist', translate('The destination collection does not exist'));
}
$container->NeedPrivilege('DAV::bind');
} else {
if ($dest->IsCollection()) {
if (!isset($c->readonly_webdav_collections) || $c->readonly_webdav_collections) {
$request->PreconditionFailed(405, 'method-not-allowed', translate('You may not PUT to a collection URL'));
}
$request->DoResponse(403, translate('PUT on a collection is only allowed for text/calendar content against a calendar collection'));
}
$dest->NeedPrivilege('DAV::write-content');
}
if (isset($request->etag_none_match) && $request->etag_none_match != '*' && $dest->Exists()) {
$request->PreconditionFailed(412, 'if-none-match', translate('A resource already exists at the destination.'));
}
if (isset($request->etag_if_match) && $request->etag_if_match != $dest->unique_tag()) {
$request->PreconditionFailed(412, 'if-match', sprintf('Existing resource ETag of "%s" does not match "%s"', $dest->unique_tag(), $request->etag_if_match));
}
$collection_id = $container->GetProperty('collection_id');
$qry = new AwlQuery();
$qry->Begin();
$etag = md5($request->raw_post);
$params = array(':user_no' => $dest->GetProperty('user_no'), ':dav_name' => $dest->bound_from(), ':etag' => $etag, ':dav_data' => $request->raw_post, ':session_user' => $session->user_no);
if ($dest->Exists()) {
$sql = 'UPDATE caldav_data SET caldav_data=:dav_data, dav_etag=:etag, logged_user=:session_user,
modified=current_timestamp, user_no=:user_no, caldav_type=\'VCARD\' WHERE dav_name=:dav_name';
$response_code = 200;
$qry->QDo($sql, $params);
$qry->QDo("SELECT dav_id FROM caldav_data WHERE dav_name = :dav_name ", array(':dav_name' => $params[':dav_name']));
} else {
$sql = 'INSERT INTO caldav_data ( user_no, dav_name, dav_etag, caldav_data, caldav_type, logged_user, created, modified, collection_id )
$comp->ClearComponents('VALARM');
$vcal->AddComponent($comp);
} else {
$vcal->AddComponent($comp);
}
}
}
/** Put the timezones on there that we need */
foreach ($need_zones as $tzid => $v) {
if (isset($timezones[$tzid])) {
$vcal->AddComponent($timezones[$tzid]);
}
}
$response = $vcal->Render();
header('Content-Length: ' . strlen($response));
header('Etag: ' . $dav_resource->unique_tag());
$request->DoResponse(200, $request->method == 'HEAD' ? '' : $response, 'text/calendar; charset="utf-8"');
}
// Just a single event then
$resource = $dav_resource->resource();
$ic = new iCalComponent($resource->caldav_data);
/** Default deny... */
$allowed = false;
if ($dav_resource->HavePrivilegeTo('all', false) || $session->user_no == $resource->user_no || $session->user_no == $resource->logged_user || $c->allow_get_email_visibility && $ic->IsAttendee($session->email)) {
/**
* These people get to see all of the event, and they should always
* get any alarms as well.
*/
$allowed = true;
} else {
if ($resource->class != 'PRIVATE') {
if (isset($request->etag_if_match) && $request->etag_if_match != '' || isset($request->etag_none_match) && $request->etag_none_match != '') {
/**
* RFC2068, 14.25:
* If none of the entity tags match, or if "*" is given and no current
* entity exists, the server MUST NOT perform the requested method, and
* MUST return a 412 (Precondition Failed) response.
*
* RFC2068, 14.26:
* If any of the entity tags match the entity tag of the entity that
* would have been returned in the response to a similar GET request
* (without the If-None-Match header) on that resource, or if "*" is
* given and any current entity exists for that resource, then the
* server MUST NOT perform the requested method.
*/
$error = '';
if (isset($request->etag_if_match) && $request->etag_if_match != $src->unique_tag()) {
$error = translate('Existing resource does not match "If-Match" header - not accepted.');
} else {
if (isset($request->etag_none_match) && $request->etag_none_match != '' && $request->etag_none_match == $src->unique_tag()) {
$error = translate('Existing resource matches "If-None-Match" header - not accepted.');
}
}
if ($error != '') {
$request->DoResponse(412, $error);
}
}
}
$src->NeedPrivilege('DAV::unbind');
$dest->NeedPrivilege('DAV::write-content');
if (!$dest->Exists()) {
$dest->NeedPrivilege('DAV::bind');
$request->DoResponse(409, translate('Destination collection does not exist'));
}
$container->NeedPrivilege('DAV::bind');
} else {
if ($dest->IsCollection()) {
if (!isset($c->readonly_webdav_collections) || $c->readonly_webdav_collections) {
$request->DoResponse(403, translate('You may not PUT to a collection URL'));
}
$request->DoResponse(403, translate('PUT on a collection is only allowed for text/calendar content against a calendar collection'));
}
$dest->NeedPrivilege('DAV::write-content');
}
if (isset($request->etag_none_match) && $request->etag_none_match != '*' && $dest->Exists()) {
$request->DoResponse(412);
}
if (isset($request->etag_if_match) && $request->etag_if_match != $dest->unique_tag()) {
$request->DoResponse(412);
}
$collection_id = $container->GetProperty('collection_id');
$qry = new AwlQuery();
$qry->Begin();
$etag = md5($request->raw_post);
$params = array(':user_no' => $dest->GetProperty('user_no'), ':dav_name' => $dest->bound_from(), ':etag' => $etag, ':dav_data' => $request->raw_post, ':session_user' => $session->user_no);
if ($dest->Exists()) {
$sql = 'UPDATE caldav_data SET caldav_data=:dav_data, dav_etag=:etag, logged_user=:session_user,
modified=current_timestamp WHERE user_no=:user_no AND dav_name=:dav_name';
$response_code = 200;
} else {
$sql = 'INSERT INTO caldav_data ( user_no, dav_name, dav_etag, caldav_data, logged_user, created, modified, collection_id )
VALUES( :user_no, :dav_name, :etag, :dav_data, :session_user, current_timestamp, current_timestamp, :collection_id )';
$params[':collection_id'] = $collection_id;
if ($dav_resource->IsBinding()) {
$params = array(':dav_name' => $dav_resource->dav_name());
if ($qry->QDo("DELETE FROM dav_binding WHERE dav_name = :dav_name", $params) && $qry->Commit()) {
@dbg_error_log("DELETE", "DELETE: Binding: %d, ETag: %s, Path: %s", $session->user_no, $request->etag_if_match, $request->path);
$request->DoResponse(204);
}
} else {
if (delete_collection($dav_resource->resource_id()) && $qry->Commit()) {
// Uncache anything to do with the collection
$cache = getCacheInstance();
$cache->delete('collection-' . $dav_resource->dav_name(), null);
$request->DoResponse(204);
}
}
} else {
if (isset($request->etag_if_match) && $request->etag_if_match != $dav_resource->unique_tag()) {
$request->DoResponse(412, translate("Resource has changed on server - not deleted"));
}
// Check to see if we need to do any scheduling transactions for this one.
do_scheduling_for_delete($dav_resource);
// We need to serialise access to this process just for this collection
$cache = getCacheInstance();
$myLock = $cache->acquireLock('collection-' . $dav_resource->parent_path());
$collection_id = $dav_resource->GetProperty('collection_id');
$params = array(':dav_id' => $dav_resource->resource_id());
if ($qry->QDo("DELETE FROM property WHERE dav_name = (SELECT dav_name FROM caldav_data WHERE dav_id = :dav_id)", $params) && $qry->QDo("DELETE FROM locks WHERE dav_name = (SELECT dav_name FROM caldav_data WHERE dav_id = :dav_id)", $params) && $qry->QDo("SELECT write_sync_change(collection_id, 404, caldav_data.dav_name) FROM caldav_data WHERE dav_id = :dav_id", $params) && $qry->QDo("DELETE FROM caldav_data WHERE dav_id = :dav_id", $params)) {
if (function_exists('log_caldav_action')) {
log_caldav_action('DELETE', $dav_resource->GetProperty('uid'), $dav_resource->GetProperty('user_no'), $collection_id, $request->path);
}
$qry->Commit();
@dbg_error_log("DELETE", "DELETE: User: %d, ETag: %s, Path: %s", $session->user_no, $request->etag_if_match, $request->path);
$request->DoResponse(403, translate('A DAViCal principal collection may only contain collections'));
}
if (!$container->Exists()) {
$request->DoResponse(409, translate('Destination collection does not exist'));
}
$container->NeedPrivilege('DAV::bind');
} else {
if ($dest->IsCollection()) {
if (!isset($c->readonly_webdav_collections) || $c->readonly_webdav_collections) {
$request->DoResponse(403, translate('You may not PUT to a collection URL'));
}
$request->DoResponse(403, translate('PUT on a collection is only allowed for text/calendar content against a calendar collection'));
}
$dest->NeedPrivilege('DAV::write-content');
}
$request->CheckEtagMatch($dest->Exists(), $dest->unique_tag());
$collection_id = $container->GetProperty('collection_id');
$qry = new AwlQuery();
$qry->Begin();
$etag = md5($request->raw_post);
$params = array(':user_no' => $dest->GetProperty('user_no'), ':dav_name' => $dest->bound_from(), ':etag' => $etag, ':dav_data' => $request->raw_post, ':session_user' => $session->user_no);
if ($dest->Exists()) {
$sql = 'UPDATE caldav_data SET caldav_data=:dav_data, dav_etag=:etag, logged_user=:session_user,
modified=current_timestamp WHERE user_no=:user_no AND dav_name=:dav_name';
$response_code = 200;
} else {
$sql = 'INSERT INTO caldav_data ( user_no, dav_name, dav_etag, caldav_data, logged_user, created, modified, collection_id )
VALUES( :user_no, :dav_name, :etag, :dav_data, :session_user, current_timestamp, current_timestamp, :collection_id )';
$params[':collection_id'] = $collection_id;
$response_code = 201;
}
if ($fh) {
fwrite($fh, $request->raw_post);
fclose($fh);
}
}
controlRequestContainer($dav_resource->GetProperty('username'), $dav_resource->GetProperty('user_no'), $dav_resource->bound_from(), true);
$lock_opener = $request->FailIfLocked();
if ($dav_resource->IsCollection()) {
if ($dav_resource->IsPrincipal() || $dav_resource->IsBinding() || !isset($c->readonly_webdav_collections) || $c->readonly_webdav_collections == true) {
$request->DoResponse(405);
// Method not allowed
return;
}
$appending = isset($_GET['mode']) && $_GET['mode'] == 'append';
/**
* CalDAV does not define the result of a PUT on a collection. We treat that
* as an import. The code is in caldav-PUT-functions.php
*/
import_collection($request->raw_post, $request->user_no, $request->path, true, $appending);
$request->DoResponse(200);
return;
}
$etag = md5($request->raw_post);
$request->CheckEtagMatch($dav_resource->Exists(), $dav_resource->unique_tag());
$put_action_type = $dav_resource->Exists() ? 'UPDATE' : 'INSERT';
$collection = $dav_resource->GetParentContainer();
write_resource($dav_resource, $request->raw_post, $collection, $session->user_no, $etag, $put_action_type, true, true);
if (isset($etag)) {
header(sprintf('ETag: "%s"', $etag));
}
$request->DoResponse($dav_resource->Exists() ? 204 : 201);
