1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10:
11:
12: require_once('Principal.php');
13:
14: 15: 16: 17: 18:
19: class DAVPrincipal extends Principal
20: {
21:
22: 23: 24: 25:
26: private $calendar_home_set;
27:
28: 29: 30: 31:
32: private $addressbook_home_set;
33:
34: 35: 36:
37: private $calendar_free_busy_set;
38:
39: 40: 41:
42: protected $_is_group;
43:
44: 45: 46:
47: private $group_member_set;
48:
49: 50: 51:
52: private $group_membership;
53:
54: 55: 56:
57: private $read_proxy_for;
58:
59: 60: 61:
62: private $write_proxy_for;
63:
64: 65: 66:
67: private $read_proxy_group;
68:
69: 70: 71:
72: private $write_proxy_group;
73:
74: 75: 76:
77: private $principal_address;
78:
79: 80: 81: 82:
83: private $unique_tag;
84:
85: 86: 87: 88: 89: 90: 91: 92: 93: 94:
95: function __construct( $parameters = null ) {
96: global $session, $c;
97:
98: $this->exists = null;
99:
100: if ( $parameters == null ) return;
101:
102: if ( is_object($parameters) ) {
103: dbg_error_log( 'principal', 'Principal: record for %s', $parameters->username );
104: parent::__construct('username',$parameters->username);
105: }
106: else if ( is_int($parameters) ) {
107: dbg_error_log( 'principal', 'Principal: %d', $parameters );
108: parent::__construct('principal_id',$parameters);
109: }
110: else if ( is_array($parameters) ) {
111: if ( ! isset($parameters['options']['allow_by_email']) ) $parameters['options']['allow_by_email'] = false;
112: if ( isset($parameters['username']) ) {
113: parent::__construct('username',$parameters['username']);
114: }
115: else if ( isset($parameters['user_no']) ) {
116: parent::__construct('user_no',$parameters['user_no']);
117: }
118: else if ( isset($parameters['principal_id']) ) {
119: parent::__construct('principal_id',$parameters['principal_id']);
120: }
121: else if ( isset($parameters['email']) ) {
122: parent::__construct('email',$parameters['email']);
123: }
124: else if ( isset($parameters['path']) ) {
125: parent::__construct('path',$parameters['path']);
126: }
127: else if ( isset($parameters['principal-property-search']) ) {
128: $username = $this->PropertySearch($parameters['principal-property-search']);
129: parent::__construct('username',$username);
130: }
131: }
132:
133: if ( ! $this->exists ) return;
134:
135: $this->InitialiseRecord();
136:
137: }
138:
139:
140: 141: 142: 143:
144: function InitialiseRecord() {
145: global $c;
146:
147: $this->unique_tag = '"'.md5($this->username . $this->modified).'"';
148: $this->_is_group = (isset($this->type_id) && $this->type_id == 3);
149:
150: $this->principal_address = $this->url . 'principal.vcf';
151:
152: $this->user_address_set = array(
153: 'mailto:'.$this->email,
154: $this->url,
155:
156:
157: );
158:
159: if ( isset ( $c->notifications_server ) ) {
160: $this->xmpp_uri = 'xmpp:pubsub.'.$c->notifications_server['host'].'?pubsub;node=/davical-'.$this->principal_id;
161: $this->xmpp_server = $c->notifications_server['host'];
162: }
163:
164: if ( $this->_is_group ) {
165: $this->group_member_set = array();
166: $qry = new AwlQuery('SELECT usr.username FROM group_member JOIN principal ON (principal_id=member_id) JOIN usr USING(user_no) WHERE usr.active=true AND group_id = :group_id ORDER BY principal.principal_id ', array( ':group_id' => $this->principal_id) );
167: if ( $qry->Exec('DAVPrincipal') && $qry->rows() > 0 ) {
168: while( $member = $qry->Fetch() ) {
169: $this->group_member_set[] = ConstructURL( '/'. $member->username . '/', true);
170: }
171: }
172: }
173:
174: $this->group_membership = array();
175: $qry = new AwlQuery('SELECT usr.username FROM group_member JOIN principal ON (principal_id=group_id) JOIN usr USING(user_no) WHERE usr.active=true AND member_id = :member_id UNION SELECT usr.username FROM group_member LEFT JOIN grants ON (to_principal=group_id) JOIN principal ON (principal_id=by_principal) JOIN usr USING(user_no) WHERE usr.active=true AND member_id = :member_id and by_principal != member_id ORDER BY 1', array( ':member_id' => $this->principal_id ) );
176: if ( $qry->Exec('DAVPrincipal') && $qry->rows() > 0 ) {
177: while( $group = $qry->Fetch() ) {
178: $this->group_membership[] = ConstructURL( '/'. $group->username . '/', true);
179: }
180: }
181:
182: $this->read_proxy_group = null;
183: $this->write_proxy_group = null;
184: $this->write_proxy_for = null;
185: $this->read_proxy_for = null;
186:
187: dbg_error_log( 'principal', ' User: %s (%d) URL: %s, By Email: %d', $this->username, $this->user_no, $this->url, $this->by_email );
188: }
189:
190:
191: 192: 193:
194: function FetchProxyGroups() {
195: global $c;
196:
197: $this->read_proxy_group = array();
198: $this->write_proxy_group = array();
199: $this->write_proxy_for = array();
200: $this->read_proxy_for = array();
201:
202: if ( isset($c->disable_caldav_proxy) && $c->disable_caldav_proxy ) return;
203:
204: $write_priv = privilege_to_bits(array('write'));
205:
206:
207: $sql = 'SELECT principal_id, username, pprivs(:request_principal::int8,principal_id,:scan_depth::int) FROM principal JOIN usr USING(user_no) WHERE usr.active=true AND principal_id IN (SELECT * from p_has_proxy_access_to(:request_principal,:scan_depth))';
208: $params = array( ':request_principal' => $this->principal_id, ':scan_depth' => $c->permission_scan_depth );
209: $qry = new AwlQuery($sql, $params);
210: if ( $qry->Exec('DAVPrincipal') && $qry->rows() > 0 ) {
211: while( $relationship = $qry->Fetch() ) {
212: if ( (bindec($relationship->pprivs) & $write_priv) != 0 ) {
213: $this->write_proxy_for[] = ConstructURL( '/'. $relationship->username . '/', true);
214: $this->group_membership[] = ConstructURL( '/'. $relationship->username . '/calendar-proxy-write/', true);
215: }
216: else {
217: $this->read_proxy_for[] = ConstructURL( '/'. $relationship->username . '/', true);
218: $this->group_membership[] = ConstructURL( '/'. $relationship->username . '/calendar-proxy-read/', true);
219: }
220: }
221: }
222:
223: $sql = 'SELECT principal_id, username, pprivs(:request_principal::int8,principal_id,:scan_depth::int) FROM principal JOIN usr USING(user_no) WHERE usr.active=true AND principal_id IN (SELECT * from grants_proxy_access_from_p(:request_principal,:scan_depth))';
224: $qry = new AwlQuery($sql, $params );
225: if ( $qry->Exec('DAVPrincipal') && $qry->rows() > 0 ) {
226: while( $relationship = $qry->Fetch() ) {
227: if ( bindec($relationship->pprivs) & $write_priv ) {
228: $this->write_proxy_group[] = ConstructURL( '/'. $relationship->username . '/', true);
229: }
230: else {
231: $this->read_proxy_group[] = ConstructURL( '/'. $relationship->username . '/', true);
232: }
233: }
234: }
235: dbg_error_log( 'principal', 'Read-proxy-for: %s', implode(',',$this->read_proxy_for) );
236: dbg_error_log( 'principal', 'Write-proxy-for: %s', implode(',',$this->write_proxy_for) );
237: dbg_error_log( 'principal', 'Read-proxy-group: %s', implode(',',$this->read_proxy_group) );
238: dbg_error_log( 'principal', 'Write-proxy-group: %s', implode(',',$this->write_proxy_group) );
239: }
240:
241:
242: 243: 244:
245: function ReadProxyGroup() {
246: if ( !isset($this->read_proxy_group) ) $this->FetchProxyGroups();
247: return $this->read_proxy_group;
248: }
249:
250:
251: 252: 253:
254: function WriteProxyGroup() {
255: if ( !isset($this->write_proxy_group) ) $this->FetchProxyGroups();
256: return $this->write_proxy_group;
257: }
258:
259:
260: 261: 262: 263:
264: function ProxyFor( $type ) {
265: if ( !isset($this->read_proxy_for) ) $this->FetchProxyGroups();
266: if ( $type == 'write' ) return $this->write_proxy_for;
267: return $this->read_proxy_for;
268: }
269:
270:
271: 272: 273:
274: function GroupMembership() {
275: if ( !isset($this->read_proxy_group) ) $this->FetchProxyGroups();
276: return $this->group_membership;
277: }
278:
279:
280: 281: 282:
283: function GroupMemberSet() {
284: if ( ! $this->_is_group ) return null;
285: return $this->group_member_set;
286: }
287:
288:
289: 290: 291: 292:
293: function IsGroup() {
294: return $this->_is_group;
295: }
296:
297:
298: 299: 300: 301:
302: function GetProperty( $property_id ) {
303:
304: switch( $property_id ) {
305: case 'DAV::resource-id':
306: if ( $this->exists && $this->principal_id > 0 )
307: ConstructURL('/.resources/'.$this->principal_id);
308: else
309: return null;
310: break;
311: }
312:
313: if ( isset($this->{$property_id}) ) {
314: if ( ! is_object($this->{$property_id}) ) return $this->{$property_id};
315: return clone($this->{$property_id});
316: }
317: return null;
318: }
319:
320: 321: 322:
323: public function unique_tag() {
324: if ( isset($this->unique_tag) ) return $this->unique_tag;
325:
326: if ( $this->exists !== true ) $this->unique_tag = '"-1"';
327:
328: return $this->unique_tag;
329: }
330:
331:
332: 333: 334:
335: function calendar_home_set() {
336: if ( !isset($this->calendar_home_set) ) {
337: $this->calendar_home_set = array();
338: $qry = new AwlQuery('SELECT DISTINCT parent_container FROM collection WHERE is_calendar AND dav_name ~ :dav_name_start',
339: array( ':dav_name_start' => '^'.$this->dav_name));
340: if ( $qry->Exec('principal',__LINE__,__FILE__) ) {
341: if ( $qry->rows() > 0 ) {
342: while( $calendar = $qry->Fetch() ) {
343: $this->calendar_home_set[] = ConstructURL($calendar->parent_container, true);
344: }
345: }
346: else {
347: $this->calendar_home_set[] = $this->url;
348: }
349: }
350: }
351: return $this->calendar_home_set;
352: }
353:
354:
355: 356: 357:
358: function addressbook_home_set() {
359: if ( !isset($this->addressbook_home_set) ) {
360: $this->addressbook_home_set = array();
361: $qry = new AwlQuery('SELECT DISTINCT parent_container FROM collection WHERE is_addressbook AND dav_name ~ :dav_name_start',
362: array( ':dav_name_start' => '^'.$this->dav_name));
363: if ( $qry->Exec('principal',__LINE__,__FILE__) ) {
364: if ( $qry->rows() > 0 ) {
365: while( $addressbook = $qry->Fetch() ) {
366: $this->addressbook_home_set[] = ConstructURL($addressbook->parent_container, true);
367: }
368: }
369: else {
370: $this->addressbook_home_set[] = $this->url;
371: }
372: }
373: }
374: return $this->addressbook_home_set;
375: }
376:
377:
378: 379: 380: 381: 382: 383: 384:
385: function calendar_free_busy_set() {
386: if (!isset($this->calendar_free_busy_set)) {
387: $this->calendar_free_busy_set = array();
388: $qry = new AwlQuery('SELECT dav_name FROM collection WHERE is_calendar AND (schedule_transp = \'opaque\' OR schedule_transp IS NULL) AND dav_name ~ :dav_name_start ORDER BY user_no, collection_id',
389: array(':dav_name_start' => '^' . $this->dav_name));
390: if ($qry->Exec('principal', __LINE__, __FILE__)) {
391: while ($calendar = $qry->Fetch()) {
392: $this->calendar_free_busy_set[] = ConstructURL($calendar->dav_name, true);
393: }
394: }
395: }
396: return $this->calendar_free_busy_set;
397: }
398:
399:
400: 401: 402:
403: function Privileges() {
404: global $session;
405: if ( !isset($this->privileges) ) $this->privileges = 0;
406: if ( is_string($this->privileges) ) $this->privileges = bindec( $this->privileges );
407: if ( $this->_is_group ) {
408: if ( isset($session->principal) && in_array($session->principal->url(), $this->GroupMemberSet()) ) {
409: $this->privileges |= privilege_to_bits( array('DAV::read', 'DAV::read-current-user-privilege-set') );
410: }
411: }
412: return $this->privileges;
413: }
414:
415:
416: 417: 418:
419: function AsCollection() {
420: $dav_name = (isset($this->original_request_url) ? DeconstructURL($this->original_request_url) : $this->dav_name());
421: $collection = (object) array(
422: 'collection_id' => ($this->principal_id() ? $this->principal_id() : 0),
423: 'is_calendar' => false,
424: 'is_addressbook' => false,
425: 'is_principal' => true,
426: 'type' => 'principal' . (isset($this->original_request_url) ? '_link' : ''),
427: 'user_no' => ($this->user_no() ? $this->user_no() : 0),
428: 'username' => $this->username(),
429: 'dav_name' => $dav_name,
430: 'parent_container' => '/',
431: 'email' => ($this->email()? $this->email() : ''),
432: 'created' => $this->created,
433: 'updated' => $this->modified,
434: 'dav_etag' => substr($this->unique_tag(),1,-1),
435: 'resourcetypes' => $this->resourcetypes
436: );
437: $collection->dav_displayname = (isset($this->dav_displayname) ? $this->dav_displayname : (isset($this->fullname) ? $this->fullname : $collection->username));
438:
439: return $collection;
440: }
441:
442:
443: function PropertySearch( $parameters ) {
444: throw new Exception("Unimplemented!");
445: }
446:
447: 448: 449:
450: function PrincipalProperty( $tag, $prop, &$reply, &$denied ) {
451: global $c, $request;
452:
453: dbg_error_log('principal',':PrincipalProperty: Principal Property "%s"', $tag );
454: switch( $tag ) {
455: case 'DAV::getcontenttype':
456: $reply->DAVElement( $prop, 'getcontenttype', 'httpd/unix-directory' );
457: break;
458:
459: case 'DAV::resourcetype':
460: $reply->DAVElement( $prop, 'resourcetype', array( new XMLElement('principal'), new XMLElement('collection')) );
461: break;
462:
463: case 'DAV::displayname':
464: $reply->DAVElement( $prop, 'displayname', $this->fullname );
465: break;
466:
467: case 'DAV::principal-URL':
468: $reply->DAVElement( $prop, 'principal-URL', $reply->href($this->url()) );
469: break;
470:
471: case 'DAV::getlastmodified':
472: $reply->DAVElement( $prop, 'getlastmodified', ISODateToHTTPDate($this->modified) );
473: break;
474:
475: case 'DAV::creationdate':
476: $reply->DAVElement( $prop, 'creationdate', DateToISODate($this->created) );
477: break;
478:
479: case 'DAV::getcontentlanguage':
480:
481: $locale = (isset($c->current_locale) ? $c->current_locale : '');
482: if ( isset($this->locale) && $this->locale != '' ) $locale = $this->locale;
483: $reply->DAVElement( $prop, 'getcontentlanguage', $locale );
484: break;
485:
486: case 'http://calendarserver.org/ns/:group-member-set':
487: case 'DAV::group-member-set':
488: if ( $request->IsProxyRequest() ) {
489:
490: if ($request->proxy_type == 'read') {
491: $reply->DAVElement( $prop, 'group-member-set', $reply->href($this->ReadProxyGroup()) );
492: } else {
493: $reply->DAVElement( $prop, 'group-member-set', $reply->href($this->WriteProxyGroup()) );
494: }
495: } else {
496:
497: if ( ! $this->_is_group ) return false;
498: $reply->DAVElement( $prop, 'group-member-set', $reply->href($this->group_member_set) );
499: }
500: break;
501:
502: case 'http://calendarserver.org/ns/:group-membership':
503: case 'DAV::group-membership':
504: $reply->DAVElement( $prop, 'group-membership', $reply->href($this->GroupMembership()) );
505: break;
506:
507: case 'urn:ietf:params:xml:ns:caldav:schedule-inbox-URL':
508: $reply->CalDAVElement($prop, 'schedule-inbox-URL', $reply->href($this->url('schedule-inbox')) );
509: break;
510:
511: case 'urn:ietf:params:xml:ns:caldav:schedule-outbox-URL':
512: $reply->CalDAVElement($prop, 'schedule-outbox-URL', $reply->href($this->url('schedule-outbox')) );
513: break;
514:
515: case 'urn:ietf:params:xml:ns:caldav:schedule-default-calendar-URL':
516: $reply->CalDAVElement($prop, 'schedule-default-calendar-URL', $reply->href($this->url('schedule-default-calendar')) );
517: break;
518:
519: case 'http://calendarserver.org/ns/:dropbox-home-URL':
520: $reply->CalendarserverElement($prop, 'dropbox-home-URL', $reply->href($this->url('dropbox')) );
521: break;
522:
523: case 'http://calendarserver.org/ns/:xmpp-server':
524: if ( ! isset( $this->xmpp_uri ) ) return false;
525: $reply->CalendarserverElement($prop, 'xmpp-server', $this->xmpp_server );
526: break;
527:
528: case 'http://calendarserver.org/ns/:xmpp-uri':
529: if ( ! isset( $this->xmpp_uri ) ) return false;
530: $reply->CalendarserverElement($prop, 'xmpp-uri', $this->xmpp_uri );
531: break;
532:
533: case 'urn:ietf:params:xml:ns:carddav:addressbook-home-set':
534: $reply->CardDAVElement($prop, $tag, $reply->href( $this->addressbook_home_set() ) );
535: break;
536:
537: case 'urn:ietf:params:xml:ns:caldav:calendar-home-set':
538: $reply->CalDAVElement($prop, $tag, $reply->href( $this->calendar_home_set() ) );
539: break;
540:
541: case 'urn:ietf:params:xml:ns:caldav:calendar-free-busy-set':
542: 543: 544: 545: 546:
547: if ( isset($c->support_obsolete_free_busy_property) && $c->support_obsolete_free_busy_property )
548: $reply->CalDAVElement( $prop, 'calendar-free-busy-set', $reply->href( $this->calendar_free_busy_set() ) );
549: else
550: return false;
551: break;
552:
553: case 'urn:ietf:params:xml:ns:caldav:calendar-user-address-set':
554: $reply->CalDAVElement($prop, 'calendar-user-address-set', $reply->href($this->user_address_set));
555: break;
556:
557: case 'DAV::owner':
558:
559: $reply->DAVElement( $prop, 'owner', $reply->href( $this->url ) );
560: break;
561:
562:
563: case 'DAV::alternate-URI-set':
564: $reply->DAVElement( $prop, $reply->Tag($tag));
565: break;
566:
567: case 'SOME-DENIED-PROPERTY':
568: $denied[] = $reply->Tag($tag);
569: break;
570:
571: default:
572: return false;
573: break;
574: }
575:
576: return true;
577: }
578:
579:
580: 581: 582: 583: 584: 585: 586: 587: 588:
589: function RenderAsXML( $properties, &$reply, $props_only = false ) {
590: dbg_error_log('principal',':RenderAsXML: Principal "%s"', $this->username );
591:
592: $prop = new XMLElement('prop');
593: $denied = array();
594: $not_found = array();
595: foreach( $properties AS $k => $tag ) {
596: if ( ! $this->PrincipalProperty( $tag, $prop, $reply, $denied ) ) {
597: dbg_error_log( 'principal', 'Request for unsupported property "%s" of principal "%s".', $tag, $this->username );
598: $not_found[] = $reply->Tag($tag);
599: }
600: }
601:
602: if ( $props_only ) return $prop;
603:
604: $status = new XMLElement('status', 'HTTP/1.1 200 OK' );
605:
606: $propstat = new XMLElement( 'propstat', array( $prop, $status) );
607: $href = $reply->href($this->url );
608:
609: $elements = array($href,$propstat);
610:
611: if ( count($denied) > 0 ) {
612: $status = new XMLElement('status', 'HTTP/1.1 403 Forbidden' );
613: $noprop = new XMLElement('prop');
614: foreach( $denied AS $k => $v ) {
615: $noprop->NewElement( $v );
616: }
617: $elements[] = new XMLElement( 'propstat', array( $noprop, $status) );
618: }
619:
620: if ( count($not_found) > 0 ) {
621: $status = new XMLElement('status', 'HTTP/1.1 404 Not Found' );
622: $noprop = new XMLElement('prop');
623: foreach( $not_found AS $k => $v ) {
624: $noprop->NewElement( $v );
625: }
626: $elements[] = new XMLElement( 'propstat', array( $noprop, $status) );
627: }
628:
629: $response = new XMLElement( 'response', $elements );
630:
631: return $response;
632: }
633:
634: }
635: