1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133:
<?php
require_once('AwlQuery.php');
class DAVTicket
{
private $ticket_id;
private $dav_name;
private $target_collection_id;
private $target_resource_id;
private $expiry;
private $dav_owner_id;
private $privileges;
private $grantor_collection_privileges;
function __construct( $ticket_id ) {
global $c;
$this->dav_name = null;
$this->target_collection_id = null;
$this->target_resource_id = null;
$this->expiry = null;
$this->expired = true;
$this->dav_owner_id = null;
$this->ticket_id = $ticket_id;
$this->privileges = 0;
$this->grantor_collection_privileges = 0;
$qry = new AwlQuery(
'SELECT access_ticket.*, collection.dav_name, (access_ticket.expires < current_timestamp) AS expired,
path_privs(access_ticket.dav_owner_id,collection.dav_name,:scan_depth) AS grantor_collection_privileges
FROM access_ticket JOIN collection ON (target_collection_id = collection_id)
WHERE ticket_id = :ticket_id::text',
array(':ticket_id' => $ticket_id, ':scan_depth' => $c->permission_scan_depth)
);
if ( $qry->Exec('DAVTicket',__LINE__,__FILE__) && $qry->rows() == 1 && $t = $qry->Fetch() ) {
if ( ! $t->expired ) {
foreach( $t AS $k => $v ) {
$this->{$k} = $v;
}
$this->expired = false;
$this->privileges = bindec($this->privileges);
$this->grantor_collection_privileges = bindec($this->grantor_collection_privileges);
dbg_error_log( 'DAVTicket', 'Found a current ticket for "%s"', implode(', ',bits_to_privilege($this->privileges())) );
}
else {
dbg_error_log( 'DAVTicket', 'Found an expired ticket: %s - %s', $ticket_id, $t->expires );
}
}
if ( isset($this->target_resource_id) ) {
$qry = new AwlQuery( 'SELECT dav_name FROM caldav_data WHERE dav_id = :dav_id', array(':dav_id' => $this->target_resource_id ) );
if ( $qry->Exec('DAVTicket',__LINE__,__FILE__) && $qry->rows() == 1 && $r = $qry->Fetch() ) {
$this->dav_name = $r->dav_name;
}
}
}
function dav_name() {
return $this->dav_name;
}
function id() {
return $this->ticket_id;
}
function privileges() {
return ($this->privileges & $this->grantor_collection_privileges);
}
function MatchesPath( $test_path ) {
$length = strlen($this->dav_name);
return (substr($test_path, 0, $length) == $this->dav_name);
}
function MatchesResource( $test_resource_id ) {
return ($test_resource_id == $this->target_collection_id || $test_resource_id == $this->target_resource_id);
}
}