/** * Triggered before properties are looked up in specific nodes. * * @param DAV\PropFind $propFind * @param DAV\INode $node * @param array $requestedProperties * @param array $returnedProperties * @TODO really should be broken into multiple methods, or even a class. * @return bool */ function propFind(DAV\PropFind $propFind, DAV\INode $node) { $path = $propFind->getPath(); // Checking the read permission if (!$this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, false)) { // User is not allowed to read properties // Returning false causes the property-fetching system to pretend // that the node does not exist, and will cause it to be hidden // from listings such as PROPFIND or the browser plugin. if ($this->hideNodesFromListings) { return false; } // Otherwise we simply mark every property as 403. foreach ($propFind->getRequestedProperties() as $requestedProperty) { $propFind->set($requestedProperty, null, 403); } return; } /* Adding principal properties */ if ($node instanceof IPrincipal) { $propFind->handle('{DAV:}alternate-URI-set', function () use($node) { return new DAV\Property\HrefList($node->getAlternateUriSet()); }); $propFind->handle('{DAV:}principal-URL', function () use($node) { return new DAV\Property\Href($node->getPrincipalUrl() . '/'); }); $propFind->handle('{DAV:}group-member-set', function () use($node) { $members = $node->getGroupMemberSet(); foreach ($members as $k => $member) { $members[$k] = rtrim($member, '/') . '/'; } return new DAV\Property\HrefList($members); }); $propFind->handle('{DAV:}group-membership', function () use($node) { $members = $node->getGroupMembership(); foreach ($members as $k => $member) { $members[$k] = rtrim($member, '/') . '/'; } return new DAV\Property\HrefList($members); }); $propFind->handle('{DAV:}displayname', [$node, 'getDisplayName']); } $propFind->handle('{DAV:}principal-collection-set', function () { $val = $this->principalCollectionSet; // Ensuring all collections end with a slash foreach ($val as $k => $v) { $val[$k] = $v . '/'; } return new DAV\Property\HrefList($val); }); $propFind->handle('{DAV:}current-user-principal', function () { if ($url = $this->getCurrentUserPrincipal()) { return new Property\Principal(Property\Principal::HREF, $url . '/'); } else { return new Property\Principal(Property\Principal::UNAUTHENTICATED); } }); $propFind->handle('{DAV:}supported-privilege-set', function () use($node) { return new Property\SupportedPrivilegeSet($this->getSupportedPrivilegeSet($node)); }); $propFind->handle('{DAV:}current-user-privilege-set', function () use($node, $propFind, $path) { if (!$this->checkPrivileges($path, '{DAV:}read-current-user-privilege-set', self::R_PARENT, false)) { $propFind->set('{DAV:}current-user-privilege-set', null, 403); } else { $val = $this->getCurrentUserPrivilegeSet($node); if (!is_null($val)) { return new Property\CurrentUserPrivilegeSet($val); } } }); $propFind->handle('{DAV:}acl', function () use($node, $propFind, $path) { /* The ACL property contains all the permissions */ if (!$this->checkPrivileges($path, '{DAV:}read-acl', self::R_PARENT, false)) { $propFind->set('{DAV:}acl', null, 403); } else { $acl = $this->getACL($node); if (!is_null($acl)) { return new Property\Acl($this->getACL($node)); } } }); $propFind->handle('{DAV:}acl-restrictions', function () { return new Property\AclRestrictions(); }); /* Adding ACL properties */ if ($node instanceof IACL) { $propFind->handle('{DAV:}owner', function () use($node) { return new DAV\Property\Href($node->getOwner() . '/'); }); } }
/** * Triggered before properties are looked up in specific nodes. * * @param string $uri * @param DAV\INode $node * @param array $requestedProperties * @param array $returnedProperties * @TODO really should be broken into multiple methods, or even a class. * @return bool */ public function beforeGetProperties($uri, DAV\INode $node, &$requestedProperties, &$returnedProperties) { // Checking the read permission if (!$this->checkPrivileges($uri, '{DAV:}read', self::R_PARENT, false)) { // User is not allowed to read properties if ($this->hideNodesFromListings) { return false; } // Marking all requested properties as '403'. foreach ($requestedProperties as $key => $requestedProperty) { unset($requestedProperties[$key]); $returnedProperties[403][$requestedProperty] = null; } return; } /* Adding principal properties */ if ($node instanceof IPrincipal) { if (false !== ($index = array_search('{DAV:}alternate-URI-set', $requestedProperties))) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}alternate-URI-set'] = new DAV\Property\HrefList($node->getAlternateUriSet()); } if (false !== ($index = array_search('{DAV:}principal-URL', $requestedProperties))) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}principal-URL'] = new DAV\Property\Href($node->getPrincipalUrl() . '/'); } if (false !== ($index = array_search('{DAV:}group-member-set', $requestedProperties))) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}group-member-set'] = new DAV\Property\HrefList($node->getGroupMemberSet()); } if (false !== ($index = array_search('{DAV:}group-membership', $requestedProperties))) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}group-membership'] = new DAV\Property\HrefList($node->getGroupMembership()); } if (false !== ($index = array_search('{DAV:}displayname', $requestedProperties))) { $returnedProperties[200]['{DAV:}displayname'] = $node->getDisplayName(); } } if (false !== ($index = array_search('{DAV:}principal-collection-set', $requestedProperties))) { unset($requestedProperties[$index]); $val = $this->principalCollectionSet; // Ensuring all collections end with a slash foreach ($val as $k => $v) { $val[$k] = $v . '/'; } $returnedProperties[200]['{DAV:}principal-collection-set'] = new DAV\Property\HrefList($val); } if (false !== ($index = array_search('{DAV:}current-user-principal', $requestedProperties))) { unset($requestedProperties[$index]); if ($url = $this->getCurrentUserPrincipal()) { $returnedProperties[200]['{DAV:}current-user-principal'] = new Property\Principal(Property\Principal::HREF, $url . '/'); } else { $returnedProperties[200]['{DAV:}current-user-principal'] = new Property\Principal(Property\Principal::UNAUTHENTICATED); } } if (false !== ($index = array_search('{DAV:}supported-privilege-set', $requestedProperties))) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}supported-privilege-set'] = new Property\SupportedPrivilegeSet($this->getSupportedPrivilegeSet($node)); } if (false !== ($index = array_search('{DAV:}current-user-privilege-set', $requestedProperties))) { if (!$this->checkPrivileges($uri, '{DAV:}read-current-user-privilege-set', self::R_PARENT, false)) { $returnedProperties[403]['{DAV:}current-user-privilege-set'] = null; unset($requestedProperties[$index]); } else { $val = $this->getCurrentUserPrivilegeSet($node); if (!is_null($val)) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}current-user-privilege-set'] = new Property\CurrentUserPrivilegeSet($val); } } } /* The ACL property contains all the permissions */ if (false !== ($index = array_search('{DAV:}acl', $requestedProperties))) { if (!$this->checkPrivileges($uri, '{DAV:}read-acl', self::R_PARENT, false)) { unset($requestedProperties[$index]); $returnedProperties[403]['{DAV:}acl'] = null; } else { $acl = $this->getACL($node); if (!is_null($acl)) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}acl'] = new Property\Acl($this->getACL($node)); } } } /* The acl-restrictions property contains information on how privileges * must behave. */ if (false !== ($index = array_search('{DAV:}acl-restrictions', $requestedProperties))) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}acl-restrictions'] = new Property\AclRestrictions(); } /* Adding ACL properties */ if ($node instanceof IACL) { if (false !== ($index = array_search('{DAV:}owner', $requestedProperties))) { unset($requestedProperties[$index]); $returnedProperties[200]['{DAV:}owner'] = new DAV\Property\Href($node->getOwner() . '/'); } } }