Overview

Packages

  • awl
    • caldav-client-v2
    • RRule
  • davical
    • authentication
      • drivers
    • caldav
    • DAViCalSession
    • DAVTicket
    • external-bind
    • feed
    • HTTPAuthSession
    • iSchedule
    • iSchedule-POST
    • logging
    • metrics
    • Principal
    • propfind
    • PublicSession
    • Request
    • Resource
    • tzservice
  • None
  • PHP

Classes

  • CalDAVClient
  • CheckResult
  • setupFakeSession
  • VCard
  • VTimezone

Functions

  • access_ticket_browser
  • binding_row_editor
  • bindings_to_other_browser
  • bindings_to_us_browser
  • build_dependencies_table
  • build_privileges_html
  • build_site_statistics
  • BuildSqlFilter
  • calquery_apply_filter
  • cardquery_apply_filter
  • catch_setup_errors
  • check_awl_version
  • check_calendar
  • check_curl
  • check_database_connection
  • check_datetime
  • check_davical_version
  • check_gettext
  • check_iconv
  • check_ldap
  • check_magic_quotes_gpc
  • check_magic_quotes_runtime
  • check_pdo
  • check_pdo_pgsql
  • check_pgsql
  • check_real_php
  • check_schema_version
  • check_string
  • check_suhosin_server_strip
  • check_xml
  • collection_privilege_format_function
  • confirm_delete_bind_in
  • confirm_delete_binding
  • confirm_delete_collection
  • confirm_delete_principal
  • confirm_delete_ticket
  • do_error
  • edit_binding_row
  • edit_grant_row_collection
  • edit_grant_row_principal
  • edit_group_row
  • edit_ticket_row
  • errorResponse
  • expand_properties
  • fetch_external
  • get_address_properties
  • get_freebusy
  • get_href_containers
  • get_phpinfo
  • grant_row_editor
  • group_members_browser
  • group_memberships_browser
  • group_row_editor
  • handle_subaction
  • i18n
  • ischedule_get
  • log_setup_error
  • make_help_link
  • principal_collection_browser
  • principal_editor
  • principal_grants_browser
  • principal_privilege_format_function
  • send_page_header
  • SqlFilterCardDAV
  • SqlFilterFragment
  • ticket_row_editor
  • unicodeToUtf8
  • update_external
  • utf8ToUnicode
  • Overview
  • Package
  • Function
  • Tree
  • Deprecated
  • Todo
  1: <?php
  2: 
  3: // Editor component for collections
  4: $editor = new Editor(translate('Collection'), 'collection');
  5: param_to_global('id', 'int', 'old_id', 'collection_id' );
  6: param_to_global('user_no', 'int' );
  7: param_to_global('principal_id', 'int' );
  8: param_to_global('collection_name', '{^.+$}' );
  9: if ( isset($user_no) ) $principal = new Principal('user_no',$user_no);
 10: if ( isset($principal_id) ) $principal = new Principal('principal_id',$principal_id);
 11: $editor->SetLookup( 'timezone', 'SELECT \'\', \'*** Unknown ***\' UNION SELECT tzid, olson_name FROM timezones WHERE tzid = olson_name AND length(vtimezone) > 100 ORDER BY 1' );
 12: $editor->SetLookup( 'schedule_transp', 'SELECT \'opaque\', \'Opaque\' UNION SELECT \'transp\', \'Transparent\'' );
 13: 
 14: 
 15: $editor->AddAttribute('timezone', 'id', 'fld_timezone' );
 16: $editor->AddAttribute('schedule_transp', 'id', 'fld_schedule_transp' );
 17: $editor->AddAttribute('is_calendar', 'id', 'fld_is_calendar');
 18: $editor->AddAttribute('is_addressbook', 'id', 'fld_is_addressbook');
 19: $editor->AddAttribute('is_calendar', 'onclick', 'toggle_enabled(\'fld_is_calendar\',\'=fld_timezone\',\'=fld_schedule_transp\',\'!fld_is_addressbook\');');
 20: $editor->AddAttribute('is_addressbook', 'onclick', 'toggle_enabled(\'fld_is_addressbook\',\'!fld_is_calendar\');');
 21: 
 22: $editor->AddField('use_default_privs','default_privileges IS NULL');
 23: $editor->AddAttribute('use_default_privs', 'id', 'fld_use_default_privs');
 24: $editor->AddAttribute('use_default_privs', 'onclick', 'toggle_visible(\'fld_use_default_privs\',\'!privileges_settings\');');
 25: 
 26: $editor->AddField('ics_file', "''");
 27: $editor->AddAttribute('ics_file', 'title', translate('Upload an iCalendar file or VCard file to replace this collection.'));
 28: $editor->AddAttribute('ics_file', 'id', 'fld_ics_file');
 29: $editor->AddField('mode', 'FALSE');
 30: $editor->AddAttribute('mode', 'title', translate('Should the uploaded entries be appended to the collection?'));
 31: $editor->AddAttribute('mode', '_label', translate('Append'));
 32: $editor->AddAttribute('mode', 'id', 'fld_mode');
 33: 
 34: $editor->SetWhere( 'collection_id='.$id );
 35: 
 36: $privilege_names = array( 'read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set',
 37:                           'bind', 'unbind', 'write-acl', 'read-free-busy' );
 38: 
 39: $params = array(
 40:   ':session_principal' => $session->principal_id,
 41:   ':scan_depth'        => $c->permission_scan_depth
 42: );
 43: $is_update = ( $_POST['_editor_action'][$editor->Id] == 'update' );
 44: if ( isset($collection_name) ) $collection_name = trim(str_replace( '/', '', $collection_name));
 45: if ( !$is_update && isset($collection_name) && $collection_name != '' && is_object($principal) ) {
 46:   $_POST['dav_name'] = sprintf('/%s/%s/', $principal->username(), $collection_name );
 47:   $_POST['parent_container'] = sprintf('/%s/', $principal->username() );
 48:   $params[':collection_path'] = $_POST['dav_name'];
 49:   $privsql = 'SELECT path_privs( :session_principal, :collection_path, :scan_depth) AS priv';
 50: }
 51: else if ( $id > 0 ) {
 52:   $params[':collection_id'] = $id;
 53:   $privsql = 'SELECT path_privs( :session_principal, dav_name, :scan_depth) AS priv FROM collection WHERE collection_id = :collection_id';
 54: }
 55: else {
 56:   if ( $editor->IsSubmit() && !$is_update && isset($collection_name) && $collection_name == '' ) {
 57:     $c->messages[] =  i18n('The collection name may not be blank.');
 58:   }
 59: }
 60: 
 61: if ( isset($privsql) ) {
 62:   $privqry = new AwlQuery( $privsql, $params );
 63:   $privqry->Exec('admin-collection-edit',__LINE__,__FILE__);
 64:   $permissions = $privqry->Fetch();
 65:   $can_write_collection = ($session->AllowedTo('Admin') || (bindec($permissions->priv) & privilege_to_bits('DAV::bind')) );
 66: }
 67: 
 68: dbg_error_log('collection-edit', "Can write collection: %s", ($can_write_collection? 'yes' : 'no') );
 69: 
 70: $pwstars = '@@@@@@@@@@';
 71: if ( $can_write_collection && $editor->IsSubmit() ) {
 72:   $editor->WhereNewRecord( "collection_id=(SELECT CURRVAL('dav_id_seq'))" );
 73:   if ( $_POST['use_default_privs'] == 'on' ) {
 74:     $_POST['default_privileges'] = '';
 75:   }
 76:   else if ( isset($_POST['default_privileges']) ) {
 77:     $privilege_bitpos = array_flip($privilege_names);
 78:     $priv_names = array_keys($_POST['default_privileges']);
 79:     $privs = privilege_to_bits($priv_names);
 80:     $_POST['default_privileges'] = sprintf('%024s',decbin($privs));
 81:     $editor->Assign('default_privileges', $privs_dec);
 82:   }
 83:   $is_update = ( $_POST['_editor_action'][$editor->Id] == 'update' );
 84:   if ( $_POST['timezone'] == '' ) unset($_POST['timezone']);
 85:   $resourcetypes = '<DAV::collection/>';
 86:   if ( isset($_POST['is_calendar'])    && $_POST['is_calendar'] == 'on' )    $resourcetypes .= '<urn:ietf:params:xml:ns:caldav:calendar/>';
 87:   if ( isset($_POST['is_addressbook']) && $_POST['is_addressbook'] == 'on' ) $resourcetypes .= '<urn:ietf:params:xml:ns:carddav:addressbook/>';
 88:   $_POST['resourcetypes'] = $resourcetypes;
 89:   if ( $editor->IsCreate() ) {
 90:     $c->messages[] = i18n("Creating new Collection.");
 91:   }
 92:   else {
 93:     $c->messages[] = i18n("Updating Collection.");
 94:   }
 95:   if ( !$editor->Write() ) {
 96:     $c->messages[] = i18n("Failed to write collection.");
 97:     if ( $id > 0 ) $editor->GetRecord();
 98:   }
 99:   else if ( isset($_FILES['ics_file']['tmp_name']) && $_FILES['ics_file']['tmp_name'] != '' ) {
100:     /**
101:     * If the user has uploaded a .ics file as a calendar, we fake this out
102:     * as if it were a "PUT" request against a collection.  This is something
103:     * of a hack.  It works though :-)
104:     */
105:     $ics = trim(file_get_contents($_FILES['ics_file']['tmp_name']));
106:     dbg_error_log('collection-edit',':Write: Loaded %d bytes from %s', strlen($ics), $_FILES['ics_file']['tmp_name'] );
107:     include_once('check_UTF8.php');
108:     if ( !check_string($ics) ) $ics = force_utf8($ics);
109: 
110:     if ( check_string($ics) ) {
111:       $path = $editor->Value('dav_name');
112:       $user_no = $editor->Value('user_no');
113:       $username = $editor->Value('username');
114:       param_to_global('mode');
115:       include_once('caldav-PUT-functions.php');
116:       controlRequestContainer( $username, $user_no, $path, false, ($publicly_readable == 'on' ? true : false));
117:       import_collection( $ics, $user_no, $path, $session->user_no, ($mode == 'on') );
118:       $c->messages[] = sprintf(translate('Calendar "%s" was loaded from file.'), $path);
119:     }
120:     else {
121:       $c->messages[] =  i18n('The file is not UTF-8 encoded, please check the error for more details.');
122:     }
123:   }
124:   // Uncache anything to do with the collection
125:   $cache = getCacheInstance();
126:   $cache->delete( 'collection-'.$editor->Value('dav_name'), null );
127: }
128: else {
129:   if ( $id > 0 ) $editor->GetRecord();
130:   if ( $editor->IsSubmit() ) {
131:     $c->messages[] = i18n('You do not have permission to modify this collection.');
132:   }
133: }
134: if ( $editor->Available() ) {
135:   $c->page_title = $editor->Title(translate('Collection').': '.$editor->Value('dav_displayname'));
136:   $entryqry = new AwlQuery( 'SELECT count(*) as count from caldav_data where collection_id='.$editor->Value('collection_id')  );
137:   $entryqry->Exec('admin-collection-edit');
138:   $entries = $entryqry->Fetch();  $entries = $entries->count;
139: 
140:   $external_bind = "";
141:   if ($can_write_collection) {
142:     $externalqry = new AwlQuery( 'SELECT external_url from dav_binding where bound_source_id=:id  limit 1', array(':id' => $editor->Value('collection_id') ) );
143:     $externalqry->Exec('external-bind-url');
144:     $external = $externalqry->Fetch();  $external_url = $external->external_url;
145:     if ( $external_url ) {
146:         $external_bind = "\n<tr> <th class='right'>" . translate('External Url') . "</th>         <td class='left'>$external_url</td> </tr>";
147:     }
148:   }
149: }
150: else {
151:   $c->page_title = $editor->Title(translate('Create New Collection'));
152:   $privs = decbin(privilege_to_bits($c->default_privileges));
153:   $editor->Assign('default_privileges', $privs);
154:   $editor->Assign('username', $principal->username());
155:   $editor->Assign('user_no', $principal->user_no());
156:   $editor->Assign('is_calendar', 't' );
157:   $editor->Assign('use_default_privs', 't');
158:   $entries = 0;
159: }
160: 
161: 
162: $privilege_xlate = array(
163:   'read' => translate('Read'),
164:   'write-properties' => translate('Write Metadata'),
165:   'write-content' => translate('Write Data'),
166:   'unlock' => translate('Override a Lock'),
167:   'read-acl' => translate('Read Access Controls'),
168:   'read-current-user-privilege-set' => translate('Read Current User\'s Access'),
169:   'bind' => translate('Create Events/Collections'),
170:   'unbind' => translate('Delete Events/Collections'),
171:   'write-acl' => translate('Write Access Controls'),
172:   'read-free-busy' => translate('Read Free/Busy Information'),
173:   'schedule-deliver-invite' => translate('Scheduling: Deliver an Invitation'),
174:   'schedule-deliver-reply' => translate('Scheduling: Deliver a Reply'),
175:   'schedule-query-freebusy' => translate('Scheduling: Query free/busy'),
176:   'schedule-send-invite' => translate('Scheduling: Send an Invitation'),
177:   'schedule-send-reply' => translate('Scheduling: Send a Reply'),
178:   'schedule-send-freebusy' => translate('Scheduling: Send free/busy'),
179:   'write' => translate('Write'),
180:   'schedule-deliver' => translate('Scheduling: Delivery'),
181:   'schedule-send' => translate('Scheduling: Sending')
182: );
183: 
184: /**
185: * collection_privilege_format_function is for formatting the binary privileges from the
186: * database, including localising them.  This is a hook function for a browser
187: * column object, so it takes three parameters:
188: * @param mixed $value The value of the column.
189: * @param BrowserColumn $column The BrowserColumn object we are hooked into.
190: * @param dbrow $row The row object we read from the database.
191: * @return string The formatted privileges.
192: */
193: function collection_privilege_format_function( $value, $column, $row ) {
194:   global $privilege_xlate;
195: 
196:   $privs = bits_to_privilege($value, 'calendar');
197:   $formatted = '';
198:   foreach( $privs AS $k => $v ) {
199:     $formatted .= ($formatted == '' ? '' : ', ');
200:     $v = preg_replace( '{^.*:}', '', $v );
201:     $formatted .= (isset($privilege_xlate[$v]) ? $privilege_xlate[$v] : $v );
202:   }
203:   return $formatted;
204: }
205: 
206: $default_privileges = bindec($editor->Value('default_privileges'));
207: $privileges_set = '<div id="privileges"><input type="hidden" name="default_privileges[fake_privilege_for_input]" value="0">';
208: for( $i=0; $i<count($privilege_names); $i++ ) {
209:   $privilege_set = ( (1 << $i) & $default_privileges ? ' CHECKED' : '');
210:   $privileges_set .= '<label class="privilege"><input name="default_privileges['.$privilege_names[$i].']" id="default_privileges_'.$privilege_names[$i].'" type="checkbox"'.$privilege_set.'>'.$privilege_xlate[$privilege_names[$i]].'</label>'."\n";
211: }
212: $privileges_set .= '</div>';
213: 
214: $prompt_collection_id = translate('Collection ID');
215: $value_id = ( $editor->Available() ? '##collection_id.hidden####collection_id.value##' : translate('New Collection'));
216: $prompt_dav_name = translate('DAV Path');
217: $value_dav_name = $c->base_url.'/caldav.php'. ( $editor->Available() ? '##dav_name.value##' : '/##user_no.hidden####username.value##/ ##collection_name.input.30##' );
218: $prompt_load_file = translate('Load From File');
219: $prompt_displayname = translate('Displayname');
220: $prompt_entries = translate('Items in Collection');
221: if ( $entries > 0 && $editor->Value('is_calendar') && isset($c->get_includes_subcollections) && $c->get_includes_subcollections
222:   && ( bindec($permissions->priv) & privilege_to_bits( array('urn:ietf:params:xml:ns:caldav:read-free-busy','DAV::read')))) {
223:   $entries = '<a href="' . $c->base_url . '/caldav.php' . substr($editor->Value('dav_name'), 0, -1) . '.ics" title="'
224:     . translate('Download entire collection as .ics file') . '">' . $entries . '</a>';
225: }
226: $prompt_public = translate('Publicly Readable');
227: $prompt_calendar = translate('Is a Calendar');
228: $prompt_addressbook = translate('Is an Addressbook');
229: $prompt_use_default_privs = translate('Specific Privileges');
230: $prompt_privileges = translate('Default Privileges');
231: $prompt_description = translate('Description');
232: $prompt_schedule_transp = translate('Schedule Transparency');
233: $prompt_timezone = translate('Calendar Timezone');
234: 
235: $btn_all = htmlspecialchars(translate('All'));             $btn_all_title = htmlspecialchars(translate('Toggle all privileges'));
236: $btn_rw  = htmlspecialchars(translate('Read/Write'));      $btn_rw_title = htmlspecialchars(translate('Set read+write privileges'));
237: $btn_read = htmlspecialchars(translate('Read'));           $btn_read_title = htmlspecialchars(translate('Set read privileges'));
238: $btn_fb = htmlspecialchars(translate('Free/Busy'));        $btn_fb_title = htmlspecialchars(translate('Set free/busy privileges'));
239: $btn_sd = htmlspecialchars(translate('Schedule Deliver')); $btn_sd_title = htmlspecialchars(translate('Privileges to allow delivery of scheduling messages'));
240: $btn_ss = htmlspecialchars(translate('Schedule Send'));    $btn_ss_title = htmlspecialchars(translate('Privileges to delegate scheduling decisions'));
241: 
242: if ($can_write_collection || ! $id > 0) {
243:   $privileges_row = <<<EOPRIV
244: <input type="button" value="$btn_all" class="submit" title="$btn_all_title" onclick="toggle_privileges('default_privileges', 'all', 'form_editor_1');">
245: <input type="button" value="$btn_rw" class="submit" title="$btn_rw_title"
246:  onclick="toggle_privileges('default_privileges', 'read', 'write-properties', 'write-content', 'bind', 'unbind', 'read-free-busy',
247:                             'read-current-user-privilege-set', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy',
248:                             'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );">
249: <input type="button" value="$btn_read" class="submit" title="$btn_read_title"
250:  onclick="toggle_privileges('default_privileges', 'read', 'read-free-busy', 'schedule-query-freebusy', 'read-current-user-privilege-set' );">
251: <input type="button" value="$btn_fb" class="submit" title="$btn_fb_title"
252:  onclick="toggle_privileges('default_privileges', 'read-free-busy', 'schedule-query-freebusy' );">
253: <br>$privileges_set
254: EOPRIV;
255:   $submit_row = '<tr> <th class="right"></th>                   <td class="left" colspan="2">##submit##</td> </tr>';
256: } else {
257:   $privileges_row = collection_privilege_format_function( $editor->Value('default_privileges') );
258:   $privileges_row = '<div id="privileges">' . $privileges_row . '</div>';
259:   $submit_row = '';
260: }
261: 
262: $id = $editor->Value('collection_id');
263: $template = <<<EOTEMPLATE
264: ##form##
265: <script language="javascript">
266: function toggle_privileges() {
267:   var argv = toggle_privileges.arguments;
268:   var argc = argv.length;
269: 
270:   if ( argc < 2 ) {
271:     return;
272:   }
273:   var match_me = argv[0];
274: 
275:   var set_to = -1;
276:   if ( argv[1] == 'all' ) {
277:     var form = document.getElementById(argv[2]);
278:     var fieldcount = form.elements.length;
279:     var matching = '/^' + match_me + '/';
280:     for (var i = 0; i < fieldcount; i++) {
281:       var fieldname = form.elements[i].name;
282:       if ( fieldname.match( match_me ) ) {
283:         if ( set_to == -1 ) {
284:           set_to = ( form.elements[i].checked ? 0 : 1 );
285:         }
286:         form.elements[i].checked = set_to;
287:       }
288:     }
289:   }
290:   else {
291:     for (var i = 1; i < argc; i++) {
292:       var f = document.getElementById( match_me + '_' + argv[i]);
293:       if ( set_to == -1 ) {
294:         set_to = ( f.checked ? 0 : 1 );
295:       }
296:       f.checked = set_to;
297:     }
298:   }
299: }
300: 
301: function toggle_enabled() {
302:   var argv = toggle_enabled.arguments;
303:   var argc = argv.length;
304: 
305:   var fld_checkbox =  document.getElementById(argv[0]);
306: 
307:   if ( argc < 2 ) {
308:     return;
309:   }
310: 
311:   for (var i = 1; i < argc; i++) {
312:     var fld_id = argv[i].substr(1);
313:     var fld_logical = argv[i].substr(0,1);
314:     var f = document.getElementById(fld_id);
315:     if ( fld_logical == '=' )
316:       f.disabled = !fld_checkbox.checked;
317:     else
318:       f.disabled = fld_checkbox.checked;
319:   }
320: }
321: 
322: function toggle_visible() {
323:   var argv = toggle_visible.arguments;
324:   var argc = argv.length;
325: 
326:   var fld_checkbox =  document.getElementById(argv[0]);
327: 
328:   if ( argc < 2 ) {
329:     return;
330:   }
331: 
332:   for (var i = 1; i < argc; i++) {
333:     var block_id = argv[i].substr(1);
334:     var block_logical = argv[i].substr(0,1);
335:     var b = document.getElementById(block_id);
336:     if ( block_logical == '!' )
337:       b.style.display = (fld_checkbox.checked ? 'none' : '');
338:     else
339:       b.style.display = (!fld_checkbox.checked ? 'none' : '');
340:   }
341: }
342: </script>
343: <style>
344: th.right, label.privilege {
345:   white-space:nowrap;
346: }
347: label.privilege {
348:   margin:0.2em 1em 0.2em 0.1em;
349:   padding:0 0.2em;
350:   line-height:1.6em;
351:   font-size: 87%;
352: }
353: </style>
354: <table>
355:  <tr> <th class="right">$prompt_collection_id:</th>    <td class="left">$value_id</td> </tr>
356:  <tr> <th class="right">$prompt_dav_name:</th>         <td class="left">$value_dav_name</td> </tr>$external_bind
357:  <tr> <th class="right">$prompt_entries:</th>          <td class="left">$entries</td> </tr>
358:  <tr> <th class="right">$prompt_load_file:</th>        <td class="left">##ics_file.file.60## ##mode.checkbox##
359:  </td> </tr>
360:  <tr> <th class="right">$prompt_displayname:</th>      <td class="left">##dav_displayname.input.50##</td> </tr>
361:  <tr> <th class="right">$prompt_public:</th>           <td class="left">##publicly_readable.checkbox##</td> </tr>
362:  <tr> <th class="right">$prompt_calendar:</th>         <td class="left">##is_calendar.checkbox##</td> </tr>
363:  <tr> <th class="right">$prompt_addressbook:</th>      <td class="left">##is_addressbook.checkbox##</td> </tr>
364:  <tr> <th class="right">$prompt_privileges:</th><td class="left">##use_default_privs.checkbox## &nbsp; &nbsp; &nbsp;
365:  <div id="privileges_settings">
366:   $privileges_row
367:  </div></td> </tr>
368:  <tr> <th class="right">$prompt_timezone:</th>         <td class="left">##timezone.select##</td> </tr>
369:  <tr> <th class="right">$prompt_schedule_transp:</th>  <td class="left">##schedule_transp.select##</td> </tr>
370:  <tr> <th class="right">$prompt_description:</th>      <td class="left">##description.textarea.78x6##</td> </tr>
371:  $submit_row
372: </table>
373: </form>
374: <script language="javascript">
375: toggle_enabled('fld_is_calendar','=fld_timezone','=fld_schedule_transp','!fld_is_addressbook');
376: toggle_enabled('fld_is_addressbook','!fld_is_calendar');
377: toggle_visible('fld_use_default_privs','!privileges_settings');
378: </script>
379: 
380: EOTEMPLATE;
381: 
382: 
383: 
384: $editor->SetTemplate( $template );
385: $page_elements[] = $editor;
386: 
387: 
388: if ( $editor->Available() ) {
389: 
390:   $c->stylesheets[] = 'css/browse.css';
391:   $c->scripts[] = 'js/browse.js';
392: 
393: 
394:   $grantrow = new Editor("Grants", "grants");
395:   $grantrow->SetSubmitName( 'savegrantrow' );
396:   $grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = '.$id.') ORDER BY displayname' );
397:   if ( $can_write_collection ) {
398:     if ( $grantrow->IsSubmit() ) {
399:       $_POST['by_collection'] = $id;
400:       $to_principal = intval($_POST['to_principal']);
401:       $orig_to_id =  intval($_POST['orig_to_id']);
402:       $grantrow->SetWhere( "by_collection=".$id." AND to_principal=$orig_to_id");
403:       if ( isset($_POST['grant_privileges']) ) {
404:         $privilege_bitpos = array_flip($privilege_names);
405:         $priv_names = array_keys($_POST['grant_privileges']);
406:         $privs = privilege_to_bits($priv_names);
407:         $_POST['privileges'] = sprintf('%024s',decbin($privs));
408:         $grantrow->Assign('privileges', $privs_dec);
409:       }
410:       $grantrow->Write( );
411:       unset($_GET['to_principal']);
412:     }
413:     elseif ( isset($_GET['delete_grant']) ) {
414:       $qry = new AwlQuery("DELETE FROM grants WHERE by_collection=:grantor_id AND to_principal = :to_principal",
415:                             array( ':grantor_id' => $id, ':to_principal' => intval($_GET['delete_grant']) ));
416:       $qry->Exec('collection-edit');
417:     }
418:   }
419: 
420:   function edit_grant_row_collection( $row_data ) {
421:     global $grantrow, $id, $privilege_xlate, $privilege_names;
422:     global $btn_all, $btn_all_title, $btn_rw, $btn_rw_title, $btn_read, $btn_read_title;
423:     global $btn_fb, $btn_fb_title, $btn_sd, $btn_sd_title, $btn_ss, $btn_ss_title;
424: 
425:     $submit_label = translate('Grant');
426:     if ( $row_data->to_principal > -1 ) {
427:       $grantrow->SetRecord( $row_data );
428:       $submit_label = translate('Apply Changes');
429:     }
430: 
431:     $grant_privileges = bindec($grantrow->Value('grant_privileges'));
432:     $privileges_set = '<div id="privileges">';
433:     for( $i=0; $i < count($privilege_names); $i++ ) {
434:       $privilege_set = ( (1 << $i) & $grant_privileges ? ' CHECKED' : '');
435:       $privileges_set .= '<label class="privilege"><input name="grant_privileges['.$privilege_names[$i].']" id="grant_privileges_'.$privilege_names[$i].'" type="checkbox"'.$privilege_set.'>'.$privilege_xlate[$privilege_names[$i]].'</label>'."\n";
436:     }
437:     $privileges_set .= '</div>';
438: 
439:     $orig_to_id = $row_data->to_principal;
440:     $form_id = $grantrow->Id();
441:     $form_url = preg_replace( '#&(edit|delete)_grant=\d+#', '', $_SERVER['REQUEST_URI'] );
442: 
443:     $template = <<<EOTEMPLATE
444: <form method="POST" enctype="multipart/form-data" id="form_$form_id" action="$form_url">
445:   <td class="left" colspan="2"><input type="hidden" name="id" value="$id"><input type="hidden" name="orig_to_id" value="$orig_to_id">##to_principal.select##</td>
446:   <td class="left" colspan="2">
447: <input type="button" value="$btn_all" class="submit" title="$btn_all_title" onclick="toggle_privileges('grant_privileges', 'all', 'form_$form_id');">
448: <input type="button" value="$btn_rw" class="submit" title="$btn_rw_title"
449:  onclick="toggle_privileges('grant_privileges', 'read', 'write-properties', 'write-content', 'bind', 'unbind', 'read-free-busy',
450:                             'read-current-user-privilege-set', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy',
451:                             'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );">
452: <input type="button" value="$btn_read" class="submit" title="$btn_read_title"
453:  onclick="toggle_privileges('grant_privileges', 'read', 'read-free-busy', 'schedule-query-freebusy', 'read-current-user-privilege-set' );">
454: <input type="button" value="$btn_fb" class="submit" title="$btn_fb_title"
455:  onclick="toggle_privileges('grant_privileges', 'read-free-busy', 'schedule-query-freebusy' );">
456: <br>$privileges_set
457:   <td class="center">##$submit_label.submit##</td>
458: </form>
459: 
460: EOTEMPLATE;
461: 
462:     $grantrow->SetTemplate( $template );
463:     $grantrow->Title("");
464: 
465:     return $grantrow->Render();
466:   }
467: 
468:   $browser = new Browser(translate('Collection Grants'));
469: 
470:   $browser->AddColumn( 'to_principal', translate('To ID'), 'right', '##principal_link##' );
471:   $rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id=';
472:   $browser->AddHidden( 'principal_link', "'<a href=\"$rowurl' || to_principal || '\">' || to_principal || '</a>'" );
473:   $browser->AddHidden( 'grant_privileges', 'privileges' );
474:   $browser->AddColumn( 'displayname', translate('Display Name') );
475:   $browser->AddColumn( 'privs', translate('Privileges'), '', '', 'privileges', '', '', 'collection_privilege_format_function' );
476:   $browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
477: 
478:   if ( $can_write_collection ) {
479:     $del_link  = '<a href="'.$c->base_url.'/admin.php?action=edit&t=collection&id='.$id.'&delete_grant=##to_principal##" class="submit" title="">'.translate('Revoke').'</a>';
480:     $edit_link  = '<a href="'.$c->base_url.'/admin.php?action=edit&t=collection&id='.$id.'&edit_grant=##to_principal##" class="submit" title="">'.translate('Edit').'</a>';
481:     $browser->AddColumn( 'action', translate('Action'), 'center', '', "'$edit_link&nbsp;$del_link'" );
482:   }
483: 
484:   $browser->SetOrdering( 'displayname', 'A' );
485: 
486:   $browser->SetJoins( 'grants LEFT JOIN dav_principal ON (to_principal = principal_id) ' );
487:   $browser->SetWhere( 'by_collection = '.$id );
488: 
489:   if ( $c->enable_row_linking ) {
490:     $browser->RowFormat( '<tr onMouseover="LinkHref(this,1);" title="'.translate('Click to edit principal details').'" class="r%d">', '</tr>', '#even' );
491:   }
492:   else {
493:     $browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
494:   }
495:   $browser->DoQuery();
496:   $page_elements[] = $browser;
497: 
498:   if ( $can_write_collection ) {
499:     if ( isset($_GET['edit_grant']) ) {
500:       $browser->MatchedRow('to_principal', $_GET['edit_grant'], 'edit_grant_row_collection');
501:     }
502:     else {
503:       $browser->ExtraRowFormat( '<tr class="r%d">', '</tr>', '#even' );
504:       $extra_row = array( 'to_principal' => -1 );
505:       $browser->MatchedRow('to_principal', -1, 'edit_grant_row_collection');
506:       $extra_row = (object) $extra_row;
507:       $browser->AddRow($extra_row);
508:     }
509:   }
510: 
511: 
512:   $browser = new Browser(translate('Access Tickets'));
513:   $browser->AddHidden( 'dav_owner_id' );
514:   if ($can_write_collection) {
515:     $browser->AddColumn( 'ticket_id', translate('Ticket ID'), '', '' );
516:   }
517:   $browser->AddColumn( 'target', translate('Target'), '', '<td style="white-space:nowrap;">%s</td>', "'".$c->base_url.'/caldav.php'."' ||COALESCE(d.dav_name,c.dav_name)" );
518:   $browser->AddColumn( 'expiry', translate('Expires'), '', '', 'TO_CHAR(expires,\'YYYYMMDD"T"HH:MI:SS\')');
519:   $browser->AddColumn( 'privs', translate('Privileges'), '', '', "privileges_list(privileges)" );
520:   if ($can_write_collection) {
521:     $delurl = $c->base_url . '/admin.php?action=edit&t=principal&id=##dav_owner_id##&ticket_id=##URL:ticket_id##&subaction=delete_ticket';
522:     $browser->AddColumn( 'delete', translate('Action'), 'center', '', "'<a class=\"submit\" href=\"$delurl\">".translate('Delete')."</a>'" );
523:   }
524: 
525:   $browser->SetOrdering( 'target', 'A' );
526: 
527:   $browser->SetJoins( 'access_ticket t LEFT JOIN collection c ON (target_collection_id=collection_id) LEFT JOIN caldav_data d ON (target_resource_id=dav_id)' );
528:   $browser->SetWhere( 'target_collection_id = '.intval($editor->Value('collection_id')) );
529: 
530:   $browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
531: 
532:   $browser->DoQuery();
533:   $page_elements[] = $browser;
534: 
535: 
536: /**
537:  bind_id          | bigint | not null default nextval('dav_id_seq'::regclass)
538:  bound_source_id  | bigint |
539:  access_ticket_id | text   |
540:  dav_owner_id     | bigint | not null
541:  parent_container | text   | not null
542:  dav_name         | text   | not null
543:  dav_displayname  | text   |
544:  */
545: 
546:   $browser = new Browser(translate('Bindings to this Collection'));
547:   $browser->AddColumn( 'bind_id', translate('ID'), '', '' );
548:   $browser->AddHidden( 'b.dav_owner_id' );
549:   $browser->AddColumn( 'bound_as', translate('Bound As'), '', '<td style="white-space:nowrap;">%s</td>', 'b.dav_name' );
550:   $browser->AddColumn( 'access_ticket_id', translate('Ticket ID'), '', '' );
551:   $browser->AddColumn( 'privs', translate('Privileges'), '', '', "privileges_list(privileges)" );
552:   if ( $session->AllowedTo('Admin') ) {
553:     $delurl = $c->base_url . '/admin.php?action=edit&t=principal&id=##dav_owner_id##&bind_id=##URL:bind_id##&subaction=delete_binding';
554:     $browser->AddColumn( 'delete', translate('Action'), 'center', '', "'<a class=\"submit\" href=\"$delurl\">".translate('Delete')."</a>'" );
555:   }
556: 
557:   $browser->SetOrdering( 'target', 'A' );
558: 
559:   $browser->SetJoins( 'dav_binding b LEFT JOIN collection c ON (bound_source_id=collection_id) LEFT JOIN access_ticket t ON (ticket_id=access_ticket_id)' );
560:   $browser->SetWhere( 'bound_source_id = '.intval($editor->Value('collection_id')) );
561: 
562:   $browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
563: 
564:   $browser->DoQuery();
565:   $page_elements[] = $browser;
566: 
567: }
568: 
569: 
DAViCal API documentation generated by ApiGen 2.8.0