/** * (non-PHPdoc) * @see Sabre\DAV\Collection::getChild() */ public function getChild($_name) { $eventId = $_name instanceof Tinebase_Record_Interface ? $_name->getId() : $this->_getIdFromName($_name); // check if child exists in calendarQuery cache if ($this->_calendarQueryCache && isset($this->_calendarQueryCache[$eventId])) { $child = $this->_calendarQueryCache[$eventId]; // remove entries from cache / they will not be used anymore unset($this->_calendarQueryCache[$eventId]); if (empty($this->_calendarQueryCache)) { $this->_calendarQueryCache = null; } return $child; } $modelName = $this->_application->name . '_Model_' . $this->_model; if ($_name instanceof $modelName) { $object = $_name; } else { $filterClass = $this->_application->name . '_Model_' . $this->_model . 'Filter'; $filter = new $filterClass(array(array('field' => 'container_id', 'operator' => 'equals', 'value' => $this->_container->getId()), array('condition' => 'OR', 'filters' => array(array('field' => 'id', 'operator' => 'equals', 'value' => $eventId), array('field' => 'uid', 'operator' => 'equals', 'value' => $eventId))))); $object = $this->_getController()->search($filter, null, false, false, 'sync')->getFirstRecord(); if ($object == null) { throw new Sabre\DAV\Exception\NotFound('Object not found'); } } $httpRequest = new Sabre\HTTP\Request(); // lie about existence of event of request is a PUT request from an ATTENDEE for an already existing event // to prevent ugly (and not helpful) error messages on the client if (isset($_SERVER['REQUEST_METHOD']) && $httpRequest->getMethod() == 'PUT' && $httpRequest->getHeader('If-None-Match') === '*') { if ($object->organizer != Tinebase_Core::getUser()->contact_id && Calendar_Model_Attender::getOwnAttender($object->attendee) !== null) { throw new Sabre\DAV\Exception\NotFound('Object not found'); } } $objectClass = $this->_application->name . '_Frontend_WebDAV_' . $this->_model; return new $objectClass($this->_container, $object); }
/** * Starts the DAV Server * * @return void */ public function exec() { try { // If nginx (pre-1.2) is used as a proxy server, and SabreDAV as an // origin, we must make sure we send back HTTP/1.0 if this was // requested. // This is mainly because nginx doesn't support Chunked Transfer // Encoding, and this forces the webserver SabreDAV is running on, // to buffer entire responses to calculate Content-Length. $this->httpResponse->defaultHttpVersion = $this->httpRequest->getHTTPVersion(); $this->invokeMethod($this->httpRequest->getMethod(), $this->getRequestUri()); } catch (Exception $e) { try { $this->broadcastEvent('exception', array($e)); } catch (Exception $ignore) { } $DOM = new \DOMDocument('1.0', 'utf-8'); $DOM->formatOutput = true; $error = $DOM->createElementNS('DAV:', 'd:error'); $error->setAttribute('xmlns:s', self::NS_SABREDAV); $DOM->appendChild($error); $h = function ($v) { return htmlspecialchars($v, ENT_NOQUOTES, 'UTF-8'); }; $error->appendChild($DOM->createElement('s:exception', $h(get_class($e)))); $error->appendChild($DOM->createElement('s:message', $h($e->getMessage()))); if ($this->debugExceptions) { $error->appendChild($DOM->createElement('s:file', $h($e->getFile()))); $error->appendChild($DOM->createElement('s:line', $h($e->getLine()))); $error->appendChild($DOM->createElement('s:code', $h($e->getCode()))); $error->appendChild($DOM->createElement('s:stacktrace', $h($e->getTraceAsString()))); } if (self::$exposeVersion) { $error->appendChild($DOM->createElement('s:sabredav-version', $h(Version::VERSION))); } if ($e instanceof Exception) { $httpCode = $e->getHTTPCode(); $e->serialize($this, $error); $headers = $e->getHTTPHeaders($this); } else { $httpCode = 500; $headers = array(); } $headers['Content-Type'] = 'application/xml; charset=utf-8'; $this->httpResponse->sendStatus($httpCode); $this->httpResponse->setHeaders($headers); $this->httpResponse->sendBody($DOM->saveXML()); } }
/** * */ public function process() { $this->emit('process:before', [['request' => $this->httpRequest]]); // set Content Security Policy and CORS headers $this->httpResponse->addHeader('Content-Security-Policy', "default-src *"); $this->httpResponse->addHeader('X-Content-Security-Policy', "default-src *"); if ($this->httpRequest->hasHeader('Origin')) { // TODO: allow to configure allowed origins $this->httpResponse->addHeader('Access-Control-Allow-Origin', "*"); } // FIXME: respond to OPTIONS requests directly and without validation if ($this->httpRequest->getMethod() == 'OPTIONS') { $this->httpResponse->addHeader('Access-Control-Request-Method', 'GET, POST, OPTIONS'); $this->httpResponse->addHeader('Access-Control-Allow-Headers', $this->httpRequest->getHeader('Access-Control-Request-Headers')); $this->httpResponse->setStatus(204); $this->sapi->sendResponse($this->httpResponse); return; } // extract route from request (jmap, auth|.well-known/jmap, upload) if ($route = $this->getRouteMatch($this->httpRequest->getPath())) { try { call_user_func($this->routes[$route], $this->httpRequest, $this->httpResponse); } catch (\RuntimeException $e) { if ($e instanceof Exception\ProcessorException) { $this->httpResponse->setStatus($e->getStatusCode()); } else { $this->httpResponse->setStatus(500); } $this->logger->err(strval($e)); $this->emit('process:error', [['request' => $this->httpRequest, 'exception' => $e]]); } } else { // TODO: throw invalid route error $this->httpResponse->setStatus(404); } $this->emit('process:after', [['response' => $this->httpResponse]]); $this->sapi->sendResponse($this->httpResponse); }
function testGetMethod() { $this->assertEquals('PUT', $this->request->getMethod(), 'It seems as if we didn\'t get a valid HTTP Request method back'); }