DAViCal
DAVPrincipal.php
1 <?php
12 require_once('Principal.php');
13 
19 class DAVPrincipal extends Principal
20 {
21 
26  private $calendar_home_set;
27 
32  private $addressbook_home_set;
33 
37  private $calendar_free_busy_set;
38 
42  protected $_is_group;
43 
47  private $group_member_set;
48 
52  private $group_membership;
53 
57  private $read_proxy_for;
58 
62  private $write_proxy_for;
63 
67  private $read_proxy_group;
68 
72  private $write_proxy_group;
73 
77  private $principal_address;
78 
83  private $unique_tag;
84 
85  private $user_address_set;
86 
97  function __construct( $parameters = null ) {
98  global $session, $c;
99 
100  $this->exists = null;
101 
102  if ( $parameters == null ) return;
103 
104  if ( is_object($parameters) ) {
105  dbg_error_log( 'principal', 'Principal: record for %s', $parameters->username );
106  parent::__construct('username',$parameters->username);
107  }
108  else if ( is_int($parameters) ) {
109  dbg_error_log( 'principal', 'Principal: %d', $parameters );
110  parent::__construct('principal_id',$parameters);
111  }
112  else if ( is_array($parameters) ) {
113  if ( ! isset($parameters['options']['allow_by_email']) ) $parameters['options']['allow_by_email'] = false;
114  if ( isset($parameters['username']) ) {
115  parent::__construct('username',$parameters['username']);
116  }
117  else if ( isset($parameters['user_no']) ) {
118  parent::__construct('user_no',$parameters['user_no']);
119  }
120  else if ( isset($parameters['principal_id']) ) {
121  parent::__construct('principal_id',$parameters['principal_id']);
122  }
123  else if ( isset($parameters['email']) ) {
124  parent::__construct('email',$parameters['email']);
125  }
126  else if ( isset($parameters['path']) ) {
127  parent::__construct('path',$parameters['path']);
128  }
129  else if ( isset($parameters['principal-property-search']) ) {
130  $username = $this->PropertySearch($parameters['principal-property-search']);
131  parent::__construct('username',$username);
132  }
133  }
134 
135  if ( ! $this->exists ) return;
136 
137  $this->InitialiseRecord();
138 
139  }
140 
141 
146  function InitialiseRecord() {
147  global $c;
148 
149  $this->unique_tag = '"'.md5($this->username . $this->modified).'"';
150  $this->_is_group = (isset($this->type_id) && $this->type_id == 3);
151 
152  $this->principal_address = $this->url . 'principal.vcf';
153 
154  $this->user_address_set = array(
155  'mailto:'.$this->email,
156  $this->url,
157 // ConstructURL( '/~'.$this->username.'/', true ),
158 // ConstructURL( '/__uuids__/'.$this->username.'/', true ),
159  );
160 
161  if ( isset ( $c->notifications_server ) ) {
162  $this->xmpp_uri = 'xmpp:pubsub.'.$c->notifications_server['host'].'?pubsub;node=/davical-'.$this->principal_id;
163  $this->xmpp_server = $c->notifications_server['host'];
164  }
165 
166  if ( $this->_is_group ) {
167  $this->group_member_set = array();
168  $qry = new AwlQuery('SELECT usr.username FROM group_member JOIN principal ON (principal_id=member_id) JOIN usr USING(user_no) WHERE usr.active=true AND group_id = :group_id ORDER BY principal.principal_id ', array( ':group_id' => $this->principal_id) );
169  if ( $qry->Exec('DAVPrincipal') && $qry->rows() > 0 ) {
170  while( $member = $qry->Fetch() ) {
171  $this->group_member_set[] = ConstructURL( '/'. $member->username . '/', true);
172  }
173  }
174  }
175 
176  $this->group_membership = array();
177  $qry = new AwlQuery('SELECT usr.username FROM group_member JOIN principal ON (principal_id=group_id) JOIN usr USING(user_no) WHERE usr.active=true AND member_id = :member_id UNION SELECT usr.username FROM group_member LEFT JOIN grants ON (to_principal=group_id) JOIN principal ON (principal_id=by_principal) JOIN usr USING(user_no) WHERE usr.active=true AND member_id = :member_id and by_principal != member_id ORDER BY 1', array( ':member_id' => $this->principal_id ) );
178  if ( $qry->Exec('DAVPrincipal') && $qry->rows() > 0 ) {
179  while( $group = $qry->Fetch() ) {
180  $this->group_membership[] = ConstructURL( '/'. $group->username . '/', true);
181  }
182  }
183 
184  $this->read_proxy_group = null;
185  $this->write_proxy_group = null;
186  $this->write_proxy_for = null;
187  $this->read_proxy_for = null;
188 
189  dbg_error_log( 'principal', ' User: %s (%d) URL: %s, By Email: %d', $this->username, $this->user_no, $this->url, $this->by_email );
190  }
191 
192 
196  function FetchProxyGroups() {
197  global $c;
198 
199  $this->read_proxy_group = array();
200  $this->write_proxy_group = array();
201  $this->write_proxy_for = array();
202  $this->read_proxy_for = array();
203 
204  if ( isset($c->disable_caldav_proxy) && $c->disable_caldav_proxy ) return;
205 
206  $write_priv = privilege_to_bits(array('write'));
207  // whom are we a proxy for? who is a proxy for us?
208  // (as per Caldav Proxy section 5.1 Paragraph 7 and 5)
209  $sql = 'SELECT principal_id, username, pprivs(:request_principal::int8,principal_id,:scan_depth::int) FROM principal JOIN usr USING(user_no) WHERE usr.active=true AND principal_id IN (SELECT * from p_has_proxy_access_to(:request_principal,:scan_depth))';
210  if ( isset($c->strict_result_ordering) && $c->strict_result_ordering ) $sql .= " ORDER BY username";
211 
212  $params = array( ':request_principal' => $this->principal_id, ':scan_depth' => $c->permission_scan_depth );
213  $qry = new AwlQuery($sql, $params);
214  if ( $qry->Exec('DAVPrincipal') && $qry->rows() > 0 ) {
215  while( $relationship = $qry->Fetch() ) {
216  if ( (bindec($relationship->pprivs) & $write_priv) != 0 ) {
217  $this->write_proxy_for[] = ConstructURL( '/'. $relationship->username . '/', true);
218  $this->group_membership[] = ConstructURL( '/'. $relationship->username . '/calendar-proxy-write/', true);
219  }
220  else {
221  $this->read_proxy_for[] = ConstructURL( '/'. $relationship->username . '/', true);
222  $this->group_membership[] = ConstructURL( '/'. $relationship->username . '/calendar-proxy-read/', true);
223  }
224  }
225  }
226 
227  /* grants_proxy_access_from_p() is too clever and doesn't return any results, so do it on foot
228  $sql = 'SELECT principal_id, username, pprivs(principal_id,:request_principal::int8,:scan_depth::int) FROM principal JOIN usr USING(user_no) WHERE usr.active=true AND principal_id IN (SELECT * from grants_proxy_access_from_p(:request_principal,:scan_depth))';
229  */
230  $sql = 'SELECT principal_id, username, pprivs(principal_id,:request_principal::int8,:scan_depth::int) FROM principal JOIN usr USING(user_no) WHERE usr.active=true AND principal_id IN (SELECT to_principal FROM grants WHERE by_principal = :request_principal AND (privileges & 5::BIT(24)) != 0::BIT(24) AND by_collection IS NULL AND to_principal != :request_principal )';
231  if ( isset($c->strict_result_ordering) && $c->strict_result_ordering ) $sql .= " ORDER BY username";
232 
233  $qry = new AwlQuery($sql, $params ); // reuse $params assigned for earlier query
234  if ( $qry->Exec('DAVPrincipal') && $qry->rows() > 0 ) {
235  while( $relationship = $qry->Fetch() ) {
236  if ( bindec($relationship->pprivs) & $write_priv ) {
237  $this->write_proxy_group[] = ConstructURL( '/'. $relationship->username . '/', true);
238  }
239  else {
240  $this->read_proxy_group[] = ConstructURL( '/'. $relationship->username . '/', true);
241  }
242  }
243  }
244  dbg_error_log( 'principal', 'Read-proxy-for: %s', implode(',',$this->read_proxy_for) );
245  dbg_error_log( 'principal', 'Write-proxy-for: %s', implode(',',$this->write_proxy_for) );
246  dbg_error_log( 'principal', 'Read-proxy-group: %s', implode(',',$this->read_proxy_group) );
247  dbg_error_log( 'principal', 'Write-proxy-group: %s', implode(',',$this->write_proxy_group) );
248  }
249 
250 
254  function ReadProxyGroup() {
255  if ( !isset($this->read_proxy_group) ) $this->FetchProxyGroups();
256  return $this->read_proxy_group;
257  }
258 
259 
263  function WriteProxyGroup() {
264  if ( !isset($this->write_proxy_group) ) $this->FetchProxyGroups();
265  return $this->write_proxy_group;
266  }
267 
268 
273  function ProxyFor( $type ) {
274  if ( !isset($this->read_proxy_for) ) $this->FetchProxyGroups();
275  if ( $type == 'write' ) return $this->write_proxy_for;
276  return $this->read_proxy_for;
277  }
278 
279 
283  function GroupMembership() {
284  if ( !isset($this->read_proxy_group) ) $this->FetchProxyGroups();
285  return $this->group_membership;
286  }
287 
288 
292  function GroupMemberSet() {
293  if ( ! $this->_is_group ) return null;
294  return $this->group_member_set;
295  }
296 
297 
302  function IsGroup() {
303  return $this->_is_group;
304  }
305 
306 
311  function GetProperty( $property_id ) {
312 
313  switch( $property_id ) {
314  case 'DAV::resource-id':
315  if ( $this->exists && $this->principal_id > 0 )
316  ConstructURL('/.resources/'.$this->principal_id);
317  else
318  return null;
319  break;
320  }
321 
322  if ( isset($this->{$property_id}) ) {
323  if ( ! is_object($this->{$property_id}) ) return $this->{$property_id};
324  return clone($this->{$property_id});
325  }
326  return null;
327  }
328 
332  public function unique_tag() {
333  if ( isset($this->unique_tag) ) return $this->unique_tag;
334 
335  if ( $this->exists !== true ) $this->unique_tag = '"-1"';
336 
337  return $this->unique_tag;
338  }
339 
340 
344  function calendar_home_set() {
345  if ( !isset($this->calendar_home_set) ) {
346  $this->calendar_home_set = array();
347  $qry = new AwlQuery('SELECT DISTINCT parent_container FROM collection WHERE is_calendar AND dav_name ~ :dav_name_start',
348  array( ':dav_name_start' => '^'.$this->dav_name));
349  if ( $qry->Exec('principal',__LINE__,__FILE__) ) {
350  if ( $qry->rows() > 0 ) {
351  while( $calendar = $qry->Fetch() ) {
352  $this->calendar_home_set[] = ConstructURL($calendar->parent_container, true);
353  }
354  }
355  else {
356  $this->calendar_home_set[] = $this->url;
357  }
358  }
359  }
360  return $this->calendar_home_set;
361  }
362 
363 
367  function addressbook_home_set() {
368  if ( !isset($this->addressbook_home_set) ) {
369  $this->addressbook_home_set = array();
370  $qry = new AwlQuery('SELECT DISTINCT parent_container FROM collection WHERE is_addressbook AND dav_name ~ :dav_name_start',
371  array( ':dav_name_start' => '^'.$this->dav_name));
372  if ( $qry->Exec('principal',__LINE__,__FILE__) ) {
373  if ( $qry->rows() > 0 ) {
374  while( $addressbook = $qry->Fetch() ) {
375  $this->addressbook_home_set[] = ConstructURL($addressbook->parent_container, true);
376  }
377  }
378  else {
379  $this->addressbook_home_set[] = $this->url;
380  }
381  }
382  }
383  return $this->addressbook_home_set;
384  }
385 
386 
395  if (!isset($this->calendar_free_busy_set)) {
396  $this->calendar_free_busy_set = array();
397  $qry = new AwlQuery('SELECT dav_name FROM collection WHERE is_calendar AND (schedule_transp = \'opaque\' OR schedule_transp IS NULL) AND dav_name ~ :dav_name_start ORDER BY user_no, collection_id',
398  array(':dav_name_start' => '^' . $this->dav_name));
399  if ($qry->Exec('principal', __LINE__, __FILE__)) {
400  while ($calendar = $qry->Fetch()) {
401  $this->calendar_free_busy_set[] = ConstructURL($calendar->dav_name, true);
402  }
403  }
404  }
405  return $this->calendar_free_busy_set;
406  }
407 
408 
412  function Privileges() {
413  global $session;
414  if ( !isset($this->privileges) ) $this->privileges = 0;
415  if ( is_string($this->privileges) ) $this->privileges = bindec( $this->privileges );
416  if ( $this->_is_group ) {
417  if ( isset($session->principal) && in_array($session->principal->url(), $this->GroupMemberSet()) ) {
418  $this->privileges |= privilege_to_bits( array('DAV::read', 'DAV::read-current-user-privilege-set') );
419  }
420  }
421  return $this->privileges;
422  }
423 
424 
428  function AsCollection() {
429  $dav_name = (isset($this->original_request_url) ? DeconstructURL($this->original_request_url) : $this->dav_name());
430  $collection = (object) array(
431  'collection_id' => ($this->principal_id() ? $this->principal_id() : 0),
432  'is_calendar' => false,
433  'is_addressbook' => false,
434  'is_principal' => true,
435  'type' => 'principal' . (isset($this->original_request_url) ? '_link' : ''),
436  'user_no' => ($this->user_no() ? $this->user_no() : 0),
437  'username' => $this->username(),
438  'dav_name' => $dav_name,
439  'parent_container' => '/',
440  'email' => ($this->email()? $this->email() : ''),
441  'created' => $this->created,
442  'updated' => $this->modified,
443  'dav_etag' => substr($this->unique_tag(),1,-1),
444  'resourcetypes' => $this->resourcetypes
445  );
446  $collection->dav_displayname = (isset($this->dav_displayname) ? $this->dav_displayname : (isset($this->fullname) ? $this->fullname : $collection->username));
447 
448  return $collection;
449  }
450 
451 
452  function PropertySearch( $parameters ) {
453  throw new Exception("Unimplemented!");
454  }
455 
459  function PrincipalProperty( $tag, $prop, &$reply, &$denied ) {
460  global $c;
461 
462  dbg_error_log('principal',':PrincipalProperty: Principal Property "%s"', $tag );
463  switch( $tag ) {
464  case 'DAV::getcontenttype':
465  $reply->DAVElement( $prop, 'getcontenttype', 'httpd/unix-directory' );
466  break;
467 
468  case 'DAV::resourcetype':
469  $reply->DAVElement( $prop, 'resourcetype', array( new XMLElement('principal'), new XMLElement('collection')) );
470  break;
471 
472  case 'DAV::displayname':
473  $reply->DAVElement( $prop, 'displayname', $this->fullname );
474  break;
475 
476  case 'DAV::principal-URL':
477  $reply->DAVElement( $prop, 'principal-URL', $reply->href($this->url()) );
478  break;
479 
480  case 'DAV::getlastmodified':
481  $reply->DAVElement( $prop, 'getlastmodified', ISODateToHTTPDate($this->modified) );
482  break;
483 
484  case 'DAV::creationdate':
485  $reply->DAVElement( $prop, 'creationdate', DateToISODate($this->created) );
486  break;
487 
488  case 'DAV::getcontentlanguage':
490  $locale = (isset($c->current_locale) ? $c->current_locale : '');
491  if ( isset($this->locale) && $this->locale != '' ) $locale = $this->locale;
492  $reply->DAVElement( $prop, 'getcontentlanguage', $locale );
493  break;
494 
495  case 'http://calendarserver.org/ns/:group-member-set':
496  case 'DAV::group-member-set':
498  if ( ! $this->_is_group ) return false;
499  $reply->DAVElement( $prop, 'group-member-set', $reply->href($this->group_member_set) );
500  break;
501 
502  case 'http://calendarserver.org/ns/:group-membership':
503  case 'DAV::group-membership':
504  $reply->DAVElement( $prop, 'group-membership', $reply->href($this->GroupMembership()) );
505  break;
506 
507  case 'urn:ietf:params:xml:ns:caldav:schedule-inbox-URL':
508  $reply->CalDAVElement($prop, 'schedule-inbox-URL', $reply->href($this->url('schedule-inbox')) );
509  break;
510 
511  case 'urn:ietf:params:xml:ns:caldav:schedule-outbox-URL':
512  $reply->CalDAVElement($prop, 'schedule-outbox-URL', $reply->href($this->url('schedule-outbox')) );
513  break;
514 
515  case 'urn:ietf:params:xml:ns:caldav:schedule-default-calendar-URL':
516  $reply->CalDAVElement($prop, 'schedule-default-calendar-URL', $reply->href($this->url('schedule-default-calendar')) );
517  break;
518 
519  case 'http://calendarserver.org/ns/:dropbox-home-URL':
520  $reply->CalendarserverElement($prop, 'dropbox-home-URL', $reply->href($this->url('dropbox')) );
521  break;
522 
523  case 'http://calendarserver.org/ns/:xmpp-server':
524  if ( ! isset( $this->xmpp_uri ) ) return false;
525  $reply->CalendarserverElement($prop, 'xmpp-server', $this->xmpp_server );
526  break;
527 
528  case 'http://calendarserver.org/ns/:xmpp-uri':
529  if ( ! isset( $this->xmpp_uri ) ) return false;
530  $reply->CalendarserverElement($prop, 'xmpp-uri', $this->xmpp_uri );
531  break;
532 
533  case 'urn:ietf:params:xml:ns:carddav:addressbook-home-set':
534  $reply->CardDAVElement($prop, $tag, $reply->href( $this->addressbook_home_set() ) );
535  break;
536 
537  case 'urn:ietf:params:xml:ns:caldav:calendar-home-set':
538  $reply->CalDAVElement($prop, $tag, $reply->href( $this->calendar_home_set() ) );
539  break;
540 
541  case 'urn:ietf:params:xml:ns:caldav:calendar-free-busy-set':
547  if ( isset($c->support_obsolete_free_busy_property) && $c->support_obsolete_free_busy_property )
548  $reply->CalDAVElement( $prop, 'calendar-free-busy-set', $reply->href( $this->calendar_free_busy_set() ) );
549  else
550  return false;
551  break;
552 
553  case 'urn:ietf:params:xml:ns:caldav:calendar-user-address-set':
554  $reply->CalDAVElement($prop, 'calendar-user-address-set', $reply->href($this->user_address_set));
555  break;
556 
557  case 'urn:ietf:params:xml:ns:caldav:calendar-user-type':
562  $type = 'UNKNOWN';
563  if ( isset($this->type_id) ) {
564  switch ( $this->type_id ) {
565  case 1:
566  $type = 'INDIVIDUAL';
567  break;
568  case 2:
569  $type = 'RESOURCE';
570  break;
571  case 3:
572  $type = 'GROUP';
573  break;
574  // 'ROOM' type is not supported yet
575  }
576  }
577  $reply->CalDAVElement($prop, 'calendar-user-type', $type);
578  break;
579 
580  case 'DAV::owner':
581  // After a careful reading of RFC3744 we see that this must be the principal-URL of the owner
582  $reply->DAVElement( $prop, 'owner', $reply->href( $this->url ) );
583  break;
584 
585  // Empty tag responses.
586  case 'DAV::alternate-URI-set':
587  $reply->DAVElement( $prop, $reply->Tag($tag));
588  break;
589 
590  case 'SOME-DENIED-PROPERTY':
591  $denied[] = $reply->Tag($tag);
592  break;
593 
594  default:
595  return false;
596  break;
597  }
598 
599  return true;
600  }
601 
602 
612  function RenderAsXML( $properties, &$reply, $props_only = false ) {
613  dbg_error_log('principal',':RenderAsXML: Principal "%s"', $this->username );
614 
615  $prop = new XMLElement('prop');
616  $denied = array();
617  $not_found = array();
618  foreach( $properties AS $k => $tag ) {
619  if ( ! $this->PrincipalProperty( $tag, $prop, $reply, $denied ) ) {
620  dbg_error_log( 'principal', 'Request for unsupported property "%s" of principal "%s".', $tag, $this->username );
621  $not_found[] = $reply->Tag($tag);
622  }
623  }
624 
625  if ( $props_only ) return $prop;
626 
627  $status = new XMLElement('status', 'HTTP/1.1 200 OK' );
628 
629  $propstat = new XMLElement( 'propstat', array( $prop, $status) );
630  $href = $reply->href($this->url );
631 
632  $elements = array($href,$propstat);
633 
634  if ( count($denied) > 0 ) {
635  $status = new XMLElement('status', 'HTTP/1.1 403 Forbidden' );
636  $noprop = new XMLElement('prop');
637  foreach( $denied AS $k => $v ) {
638  $noprop->NewElement( $v );
639  }
640  $elements[] = new XMLElement( 'propstat', array( $noprop, $status) );
641  }
642 
643  if ( count($not_found) > 0 ) {
644  $status = new XMLElement('status', 'HTTP/1.1 404 Not Found' );
645  $noprop = new XMLElement('prop');
646  foreach( $not_found AS $k => $v ) {
647  $noprop->NewElement( $v );
648  }
649  $elements[] = new XMLElement( 'propstat', array( $noprop, $status) );
650  }
651 
652  $response = new XMLElement( 'response', $elements );
653 
654  return $response;
655  }
656 
657 }
__construct( $parameters=null)
RenderAsXML( $properties, &$reply, $props_only=false)
ProxyFor( $type)
url($type='principal', $internal=false)
Definition: Principal.php:470
GetProperty( $property_id)
principal_id()
Definition: Principal.php:364
PrincipalProperty( $tag, $prop, &$reply, &$denied)