1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10:
11:
12: require_once('AwlQuery.php');
13:
14:
15: 16: 17: 18: 19:
20: class DAVTicket
21: {
22: 23: 24:
25: private $ticket_id;
26:
27: 28: 29:
30: private $dav_name;
31:
32: 33: 34:
35: private $target_collection_id;
36:
37: 38: 39:
40: private $target_resource_id;
41:
42: 43: 44:
45: private $expiry;
46:
47: 48: 49:
50: private $dav_owner_id;
51:
52: 53: 54:
55: private $privileges;
56:
57: 58: 59:
60: private $grantor_collection_privileges;
61:
62: 63: 64: 65:
66: function __construct( $ticket_id ) {
67: global $c;
68:
69: $this->dav_name = null;
70: $this->target_collection_id = null;
71: $this->target_resource_id = null;
72: $this->expiry = null;
73: $this->expired = true;
74: $this->dav_owner_id = null;
75: $this->ticket_id = $ticket_id;
76: $this->privileges = 0;
77: $this->grantor_collection_privileges = 0;
78:
79: $qry = new AwlQuery(
80: 'SELECT access_ticket.*, collection.dav_name, (access_ticket.expires < current_timestamp) AS expired,
81: path_privs(access_ticket.dav_owner_id,collection.dav_name,:scan_depth) AS grantor_collection_privileges
82: FROM access_ticket JOIN collection ON (target_collection_id = collection_id)
83: WHERE ticket_id = :ticket_id::text',
84: array(':ticket_id' => $ticket_id, ':scan_depth' => $c->permission_scan_depth)
85: );
86: if ( $qry->Exec('DAVTicket',__LINE__,__FILE__) && $qry->rows() == 1 && $t = $qry->Fetch() ) {
87: if ( ! $t->expired ) {
88: foreach( $t AS $k => $v ) {
89: $this->{$k} = $v;
90: }
91: $this->expired = false;
92: $this->privileges = bindec($this->privileges);
93: $this->grantor_collection_privileges = bindec($this->grantor_collection_privileges);
94: dbg_error_log( 'DAVTicket', 'Found a current ticket for "%s"', implode(', ',bits_to_privilege($this->privileges())) );
95: }
96: else {
97: dbg_error_log( 'DAVTicket', 'Found an expired ticket: %s - %s', $ticket_id, $t->expires );
98: }
99: }
100: if ( isset($this->target_resource_id) ) {
101: $qry = new AwlQuery( 'SELECT dav_name FROM caldav_data WHERE dav_id = :dav_id', array(':dav_id' => $this->target_resource_id ) );
102: if ( $qry->Exec('DAVTicket',__LINE__,__FILE__) && $qry->rows() == 1 && $r = $qry->Fetch() ) {
103: $this->dav_name = $r->dav_name;
104: }
105: }
106: }
107:
108:
109: function dav_name() {
110: return $this->dav_name;
111: }
112:
113:
114: function id() {
115: return $this->ticket_id;
116: }
117:
118:
119: function privileges() {
120: return ($this->privileges & $this->grantor_collection_privileges);
121: }
122:
123:
124: function MatchesPath( $test_path ) {
125: $length = strlen($this->dav_name);
126: return (substr($test_path, 0, $length) == $this->dav_name);
127: }
128:
129: function MatchesResource( $test_resource_id ) {
130: return ($test_resource_id == $this->target_collection_id || $test_resource_id == $this->target_resource_id);
131: }
132: }
133: