search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Allow for silly programs that send content-type XML with a GET request.
[davical.git] / inc / CalDAVRequest.php
blob20ac9e857d5277adcfc11e0e3726efb8d7c1c756
1 <?php
2 /**
3 * Functions that are needed for all CalDAV Requests
4 *
5 * - Ascertaining the paths
6 * - Ascertaining the current user's permission to those paths.
7 * - Utility functions which we can use to decide whether this
8 * is a permitted activity for this user.
9 *
10 * @package davical
11 * @subpackage Request
12 * @author Andrew McMillan <andrew@mcmillan.net.nz>
13 * @copyright Catalyst .Net Ltd, Morphoss Ltd
14 * @license http://gnu.org/copyleft/gpl.html GNU GPL v3 or later
15 */
16
17 require_once("AwlCache.php");
18 require_once("XMLDocument.php");
19 require_once("DAVPrincipal.php");
20 include("DAVTicket.php");
21
22 define('DEPTH_INFINITY', 9999);
23
24 /**
25 * A class for collecting things to do with this request.
26 *
27 * @package davical
28 */
29 class CalDAVRequest
30 {
31 var $options;
32
33 /**
34 * The raw data sent along with the request
35 */
36 var $raw_post;
37
38 /**
39 * The HTTP request method: PROPFIND, LOCK, REPORT, OPTIONS, etc...
40 */
41 var $method;
42
43 /**
44 * The depth parameter from the request headers, coerced into a valid integer: 0, 1
45 * or DEPTH_INFINITY which is defined above. The default is set per various RFCs.
46 */
47 var $depth;
48
49 /**
50 * The 'principal' (user/resource/...) which this request seeks to access
51 * @var DAVPrincipal
52 */
53 var $principal;
54
55 /**
56 * The 'current_user_principal_xml' the DAV:current-user-principal answer. An
57 * XMLElement object with an <href> or <unauthenticated> fragment.
58 */
59 var $current_user_principal_xml;
60
61 /**
62 * The user agent making the request.
63 */
64 var $user_agent;
65
66 /**
67 * The ID of the collection containing this path, or of this path if it is a collection
68 */
69 var $collection_id;
70
71 /**
72 * The path corresponding to the collection_id
73 */
74 var $collection_path;
75
76 /**
77 * The type of collection being requested:
78 * calendar, schedule-inbox, schedule-outbox
79 */
80 var $collection_type;
81
82 /**
83 * The type of collection being requested:
84 * calendar, schedule-inbox, schedule-outbox
85 */
86 protected $exists;
87
88 /**
89 * The value of any 'Destionation:' header, if present.
90 */
91 var $destination;
92
93 /**
94 * The decimal privileges allowed by this user to the identified resource.
95 */
96 protected $privileges;
97
98 /**
99 * A static structure of supported privileges.
100 */
101 var $supported_privileges;
102
103 /**
104 * A DAVTicket object, if there is a ?ticket=id or Ticket: id with this request
105 */
106 public $ticket;
107
108 /**
109 * Create a new CalDAVRequest object.
110 */
111 function __construct( $options = array() ) {
112 global $session, $c, $debugging;
113
114 $this->options = $options;
115 if ( !isset($this->options['allow_by_email']) ) $this->options['allow_by_email'] = false;
116
117 /**
118 * Our path is /<script name>/<user name>/<user controlled> if it ends in
119 * a trailing '/' then it is referring to a DAV 'collection' but otherwise
120 * it is referring to a DAV data item.
121 *
122 * Permissions are controlled as follows:
123 * 1. if there is no <user name> component, the request has read privileges
124 * 2. if the requester is an admin, the request has read/write priviliges
125 * 3. if there is a <user name> component which matches the logged on user
126 * then the request has read/write privileges
127 * 4. otherwise we query the defined relationships between users and use
128 * the minimum privileges returned from that analysis.
129 */
130 $this->path = (isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : "/");
131 $this->path = rawurldecode($this->path);
132
133 /** Allow a request for .../calendar.ics to translate into the calendar URL */
134 if ( preg_match( '#^(/[^/]+/[^/]+).ics$#', $this->path, $matches ) ) {
135 $this->path = $matches[1]. '/';
136 }
137
138 // dbg_error_log( "caldav", "Sanitising path '%s'", $this->path );
139 $bad_chars_regex = '/[\\^\\[\\(\\\\]/';
140 if ( preg_match( $bad_chars_regex, $this->path ) ) {
141 $this->DoResponse( 400, translate("The calendar path contains illegal characters.") );
142 }
143 if ( strstr($this->path,'//') ) $this->path = preg_replace( '#//+#', '/', $this->path);
144
145 if ( !isset($c->raw_post) ) $c->raw_post = file_get_contents( 'php://input');
146 if ( isset($_SERVER['HTTP_CONTENT_ENCODING']) ) {
147 $encoding = $_SERVER['HTTP_CONTENT_ENCODING'];
148 @dbg_error_log('caldav', 'Content-Encoding: %s', $encoding );
149 $encoding = preg_replace('{[^a-z0-9-]}i','',$encoding);
150 if ( ! ini_get('open_basedir') && (isset($c->dbg['ALL']) || isset($c->dbg['caldav'])) ) {
151 $fh = fopen('/tmp/encoded_data.'.$encoding,'w');
152 if ( $fh ) {
153 fwrite($fh,$c->raw_post);
154 fclose($fh);
155 }
156 }
157 switch( $encoding ) {
158 case 'gzip':
159 $this->raw_post = @gzdecode($c->raw_post);
160 break;
161 case 'deflate':
162 $this->raw_post = @gzinflate($c->raw_post);
163 break;
164 case 'compress':
165 $this->raw_post = @gzuncompress($c->raw_post);
166 break;
167 default:
168 }
169 if ( empty($this->raw_post) && !empty($c->raw_post) ) {
170 $this->PreconditionFailed(415, 'content-encoding', sprintf('Unable to decode "%s" content encoding.', $_SERVER['HTTP_CONTENT_ENCODING']));
171 }
172 $c->raw_post = $this->raw_post;
173 }
174 else {
175 $this->raw_post = $c->raw_post;
176 }
177
178 if ( isset($debugging) && isset($_GET['method']) ) {
179 $_SERVER['REQUEST_METHOD'] = $_GET['method'];
180 }
181 else if ( $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']) ){
182 $_SERVER['REQUEST_METHOD'] = $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'];
183 }
184 $this->method = $_SERVER['REQUEST_METHOD'];
185 $this->content_type = (isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : null);
186 if ( preg_match( '{^(\S+/\S+)\s*(;.*)?$}', $this->content_type, $matches ) ) {
187 $this->content_type = $matches[1];
188 }
189 if ( isset($_SERVER['CONTENT_LENGTH']) && $_SERVER['CONTENT_LENGTH'] > 7 ) {
190 if ( $this->method == 'PROPFIND' || $this->method == 'REPORT' || $this->method == 'PROPPATCH' || $this->method == 'BIND' || $this->method == 'MKTICKET' || $this->method == 'ACL' ) {
191 if ( !preg_match( '{^(text|application)/xml$}', $this->content_type ) ) {
192 @dbg_error_log( "LOG request", 'Request is "%s" but client set content-type to "%s". Assuming they meant XML!',
193 $request->method, $this->content_type );
194 $this->content_type = 'text/xml';
195 }
196 }
197 else if ( $this->method == 'PUT' || $this->method == 'POST' ) {
198 $this->CoerceContentType();
199 }
200 }
201 else if ( !preg_match( '{^(text|application)/xml$}', $this->content_type ) ) {
202 if ( $this->method == 'GET' || $this->method == 'HEAD' || $this->method == 'OPTIONS' || $this->method == 'MKCALENDAR' || $this->method == 'MKCOL' ) {
203 @dbg_error_log( "LOG request", '%s Request specified %s content type but none is present. Assuming null content-type.',
204 $request->method, $this->content_type );
205 $this->content_type = 'text/plain';
206 }
207 }
208 $this->user_agent = ((isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "Probably Mulberry"));
209
210 /**
211 * A variety of requests may set the "Depth" header to control recursion
212 */
213 if ( isset($_SERVER['HTTP_DEPTH']) ) {
214 $this->depth = $_SERVER['HTTP_DEPTH'];
215 }
216 else {
217 /**
218 * Per rfc2518, section 9.2, 'Depth' might not always be present, and if it
219 * is not present then a reasonable request-type-dependent default should be
220 * chosen.
221 */
222 switch( $this->method ) {
223 case 'PROPFIND':
224 case 'DELETE':
225 case 'MOVE':
226 case 'COPY':
227 case 'LOCK':
228 $this->depth = 'infinity';
229 break;
230
231 case 'REPORT':
232 default:
233 $this->depth = 0;
234 }
235 }
236 if ( $this->depth == 'infinity' ) $this->depth = DEPTH_INFINITY;
237 $this->depth = intval($this->depth);
238
239 /**
240 * MOVE/COPY use a "Destination" header and (optionally) an "Overwrite" one.
241 */
242 if ( isset($_SERVER['HTTP_DESTINATION']) ) {
243 $this->destination = $_SERVER['HTTP_DESTINATION'];
244 if ( preg_match('{^(https?)://([a-z.-]+)(:[0-9]+)?(/.*)$}', $this->destination, $matches ) ) {
245 $this->destination = $matches[4];
246 }
247 }
248 $this->overwrite = ( isset($_SERVER['HTTP_OVERWRITE']) && ($_SERVER['HTTP_OVERWRITE'] == 'F') ? false : true ); // RFC4918, 9.8.4 says default True.
249
250 /**
251 * LOCK things use an "If" header to hold the lock in some cases, and "Lock-token" in others
252 */
253 if ( isset($_SERVER['HTTP_IF']) ) $this->if_clause = $_SERVER['HTTP_IF'];
254 if ( isset($_SERVER['HTTP_LOCK_TOKEN']) && preg_match( '#[<]opaquelocktoken:(.*)[>]#', $_SERVER['HTTP_LOCK_TOKEN'], $matches ) ) {
255 $this->lock_token = $matches[1];
256 }
257
258 /**
259 * Check for an access ticket.
260 */
261 if ( isset($_GET['ticket']) ) {
262 $this->ticket = new DAVTicket($_GET['ticket']);
263 }
264 else if ( isset($_SERVER['HTTP_TICKET']) ) {
265 $this->ticket = new DAVTicket($_SERVER['HTTP_TICKET']);
266 }
267
268 /**
269 * LOCK things use a "Timeout" header to set a series of reducing alternative values
270 */
271 if ( isset($_SERVER['HTTP_TIMEOUT']) ) {
272 $timeouts = explode( ',', $_SERVER['HTTP_TIMEOUT'] );
273 foreach( $timeouts AS $k => $v ) {
274 if ( strtolower($v) == 'infinite' ) {
275 $this->timeout = (isset($c->maximum_lock_timeout) ? $c->maximum_lock_timeout : 86400 * 100);
276 break;
277 }
278 elseif ( strtolower(substr($v,0,7)) == 'second-' ) {
279 $this->timeout = min( intval(substr($v,7)), (isset($c->maximum_lock_timeout) ? $c->maximum_lock_timeout : 86400 * 100) );
280 break;
281 }
282 }
283 if ( ! isset($this->timeout) || $this->timeout == 0 ) $this->timeout = (isset($c->default_lock_timeout) ? $c->default_lock_timeout : 900);
284 }
285
286 $this->principal = new Principal('path',$this->path);
287
288 /**
289 * RFC2518, 5.2: URL pointing to a collection SHOULD end in '/', and if it does not then
290 * we SHOULD return a Content-location header with the correction...
291 *
292 * We therefore look for a collection which matches one of the following URLs:
293 * - The exact request.
294 * - If the exact request, doesn't end in '/', then the request URL with a '/' appended
295 * - The request URL truncated to the last '/'
296 * The collection URL for this request is therefore the longest row in the result, so we
297 * can "... ORDER BY LENGTH(dav_name) DESC LIMIT 1"
298 */
299 $sql = "SELECT * FROM collection WHERE dav_name = :exact_name";
300 $params = array( ':exact_name' => $this->path );
301 if ( !preg_match( '#/$#', $this->path ) ) {
302 $sql .= " OR dav_name = :truncated_name OR dav_name = :trailing_slash_name";
303 $params[':truncated_name'] = preg_replace( '#[^/]*$#', '', $this->path);
304 $params[':trailing_slash_name'] = $this->path."/";
305 }
306 $sql .= " ORDER BY LENGTH(dav_name) DESC LIMIT 1";
307 $qry = new AwlQuery( $sql, $params );
308 if ( $qry->Exec('caldav',__LINE__,__FILE__) && $qry->rows() == 1 && ($row = $qry->Fetch()) ) {
309 if ( $row->dav_name == $this->path."/" ) {
310 $this->path = $row->dav_name;
311 dbg_error_log( "caldav", "Path is actually a collection - sending Content-Location header." );
312 header( "Content-Location: ".ConstructURL($this->path) );
313 }
314
315 $this->collection_id = $row->collection_id;
316 $this->collection_path = $row->dav_name;
317 $this->collection_type = ($row->is_calendar == 't' ? 'calendar' : 'collection');
318 $this->collection = $row;
319 if ( preg_match( '#^((/[^/]+/)\.(in|out)/)[^/]*$#', $this->path, $matches ) ) {
320 $this->collection_type = 'schedule-'. $matches[3]. 'box';
321 }
322 $this->collection->type = $this->collection_type;
323 }
324 else if ( preg_match( '{^( ( / ([^/]+) / ) \.(in|out)/ ) [^/]*$}x', $this->path, $matches ) ) {
325 // The request is for a scheduling inbox or outbox (or something inside one) and we should auto-create it
326 $params = array( ':username' => $matches[3], ':parent_container' => $matches[2], ':dav_name' => $matches[1] );
327 $params[':boxname'] = ($matches[4] == 'in' ? ' Inbox' : ' Outbox');
328 $this->collection_type = 'schedule-'. $matches[4]. 'box';
329 $params[':resourcetypes'] = sprintf('<DAV::collection/><urn:ietf:params:xml:ns:caldav:%s/>', $this->collection_type );
330 $sql = <<<EOSQL
331 INSERT INTO collection ( user_no, parent_container, dav_name, dav_displayname, is_calendar, created, modified, dav_etag, resourcetypes )
332 VALUES( (SELECT user_no FROM usr WHERE username = text(:username)),
333 :parent_container, :dav_name,
334 (SELECT fullname FROM usr WHERE username = text(:username)) || :boxname,
335 FALSE, current_timestamp, current_timestamp, '1', :resourcetypes )
336 EOSQL;
337
338 $qry = new AwlQuery( $sql, $params );
339 $qry->Exec('caldav',__LINE__,__FILE__);
340 dbg_error_log( 'caldav', 'Created new collection as "%s".', trim($params[':boxname']) );
341
342 // Uncache anything to do with the collection
343 $cache = getCacheInstance();
344 $cache->delete( 'collection-'.$params[':dav_name'], null );
345 $cache->delete( 'principal-'.$params[':parent_container'], null );
346
347 $qry = new AwlQuery( "SELECT * FROM collection WHERE dav_name = :dav_name", array( ':dav_name' => $matches[1] ) );
348 if ( $qry->Exec('caldav',__LINE__,__FILE__) && $qry->rows() == 1 && ($row = $qry->Fetch()) ) {
349 $this->collection_id = $row->collection_id;
350 $this->collection_path = $matches[1];
351 $this->collection = $row;
352 $this->collection->type = $this->collection_type;
353 }
354 }
355 else if ( preg_match( '#^((/[^/]+/)calendar-proxy-(read|write))/?[^/]*$#', $this->path, $matches ) ) {
356 $this->collection_type = 'proxy';
357 $this->_is_proxy_request = true;
358 $this->proxy_type = $matches[3];
359 $this->collection_path = $matches[1].'/'; // Enforce trailling '/'
360 if ( $this->collection_path == $this->path."/" ) {
361 $this->path .= '/';
362 dbg_error_log( "caldav", "Path is actually a (proxy) collection - sending Content-Location header." );
363 header( "Content-Location: ".ConstructURL($this->path) );
364 }
365 }
366 else if ( $this->options['allow_by_email'] && preg_match( '#^/(\S+@\S+[.]\S+)/?$#', $this->path) ) {
367 /** @todo we should deprecate this now that Evolution 2.27 can do scheduling extensions */
368 $this->collection_id = -1;
369 $this->collection_type = 'email';
370 $this->collection_path = $this->path;
371 $this->_is_principal = true;
372 }
373 else if ( preg_match( '#^(/[^/]+)/?$#', $this->path, $matches) || preg_match( '#^(/principals/[^/]+/[^/]+)/?$#', $this->path, $matches) ) {
374 $this->collection_id = -1;
375 $this->collection_path = $matches[1].'/'; // Enforce trailling '/'
376 $this->collection_type = 'principal';
377 $this->_is_principal = true;
378 if ( $this->collection_path == $this->path."/" ) {
379 $this->path .= '/';
380 dbg_error_log( "caldav", "Path is actually a collection - sending Content-Location header." );
381 header( "Content-Location: ".ConstructURL($this->path) );
382 }
383 if ( preg_match( '#^(/principals/[^/]+/[^/]+)/?$#', $this->path, $matches) ) {
384 // Force a depth of 0 on these, which are at the wrong URL.
385 $this->depth = 0;
386 }
387 }
388 else if ( $this->path == '/' ) {
389 $this->collection_id = -1;
390 $this->collection_path = '/';
391 $this->collection_type = 'root';
392 }
393
394 if ( $this->collection_path == $this->path ) $this->_is_collection = true;
395 dbg_error_log( "caldav", " Collection '%s' is %d, type %s", $this->collection_path, $this->collection_id, $this->collection_type );
396
397 /**
398 * Extract the user whom we are accessing
399 */
400 $this->principal = new DAVPrincipal( array( "path" => $this->path, "options" => $this->options ) );
401 $this->user_no = $this->principal->user_no();
402 $this->username = $this->principal->username();
403 $this->by_email = $this->principal->byEmail();
404 $this->principal_id = $this->principal->principal_id();
405
406 if ( $this->collection_type == 'principal' || $this->collection_type == 'email' || $this->collection_type == 'proxy' ) {
407 $this->collection = $this->principal->AsCollection();
408 if( $this->collection_type == 'proxy' ) {
409 $this->collection = $this->principal->AsCollection();
410 $this->collection->is_proxy = 't';
411 $this->collection->type = 'proxy';
412 $this->collection->proxy_type = $this->proxy_type;
413 $this->collection->dav_displayname = sprintf('Proxy %s for %s', $this->proxy_type, $this->principal->username() );
414 }
415 }
416 elseif( $this->collection_type == 'root' ) {
417 $this->collection = (object) array(
418 'collection_id' => 0,
419 'dav_name' => '/',
420 'dav_etag' => md5($c->system_name),
421 'is_calendar' => 'f',
422 'is_addressbook' => 'f',
423 'is_principal' => 'f',
424 'user_no' => 0,
425 'dav_displayname' => $c->system_name,
426 'type' => 'root',
427 'created' => date('Ymd\THis')
428 );
429 }
430
431 /**
432 * Evaluate our permissions for accessing the target
433 */
434 $this->setPermissions();
435
436 $this->supported_methods = array(
437 'OPTIONS' => '',
438 'PROPFIND' => '',
439 'REPORT' => '',
440 'DELETE' => '',
441 'LOCK' => '',
442 'UNLOCK' => '',
443 'MOVE' => '',
444 'ACL' => ''
445 );
446 if ( $this->IsCollection() ) {
447 switch ( $this->collection_type ) {
448 case 'root':
449 case 'email':
450 // We just override the list completely here.
451 $this->supported_methods = array(
452 'OPTIONS' => '',
453 'PROPFIND' => '',
454 'REPORT' => ''
455 );
456 break;
457 case 'schedule-inbox':
458 case 'schedule-outbox':
459 $this->supported_methods = array_merge(
460 $this->supported_methods,
461 array(
462 'POST' => '', 'GET' => '', 'PUT' => '', 'HEAD' => '', 'PROPPATCH' => ''
463 )
464 );
465 break;
466 case 'calendar':
467 $this->supported_methods['GET'] = '';
468 $this->supported_methods['PUT'] = '';
469 $this->supported_methods['HEAD'] = '';
470 break;
471 case 'collection':
472 case 'principal':
473 $this->supported_methods['GET'] = '';
474 $this->supported_methods['PUT'] = '';
475 $this->supported_methods['HEAD'] = '';
476 $this->supported_methods['MKCOL'] = '';
477 $this->supported_methods['MKCALENDAR'] = '';
478 $this->supported_methods['PROPPATCH'] = '';
479 $this->supported_methods['BIND'] = '';
480 break;
481 }
482 }
483 else {
484 $this->supported_methods = array_merge(
485 $this->supported_methods,
486 array(
487 'GET' => '',
488 'HEAD' => '',
489 'PUT' => ''
490 )
491 );
492 }
493
494 $this->supported_reports = array(
495 'DAV::principal-property-search' => '',
496 'DAV::expand-property' => '',
497 'DAV::sync-collection' => ''
498 );
499 if ( isset($this->collection) && $this->collection->is_calendar ) {
500 $this->supported_reports = array_merge(
501 $this->supported_reports,
502 array(
503 'urn:ietf:params:xml:ns:caldav:calendar-query' => '',
504 'urn:ietf:params:xml:ns:caldav:calendar-multiget' => '',
505 'urn:ietf:params:xml:ns:caldav:free-busy-query' => ''
506 )
507 );
508 }
509 if ( isset($this->collection) && $this->collection->is_addressbook ) {
510 $this->supported_reports = array_merge(
511 $this->supported_reports,
512 array(
513 'urn:ietf:params:xml:ns:carddav:addressbook-query' => '',
514 'urn:ietf:params:xml:ns:carddav:addressbook-multiget' => ''
515 )
516 );
517 }
518
519
520 /**
521 * If the content we are receiving is XML then we parse it here. RFC2518 says we
522 * should reasonably expect to see either text/xml or application/xml
523 */
524 if ( isset($this->content_type) && preg_match( '#(application|text)/xml#', $this->content_type ) ) {
525 if ( !isset($this->raw_post) || $this->raw_post == '' ) {
526 $this->XMLResponse( 400, new XMLElement( 'error', new XMLElement('missing-xml'), array( 'xmlns' => 'DAV:') ) );
527 }
528 $xml_parser = xml_parser_create_ns('UTF-8');
529 $this->xml_tags = array();
530 xml_parser_set_option ( $xml_parser, XML_OPTION_SKIP_WHITE, 1 );
531 xml_parser_set_option ( $xml_parser, XML_OPTION_CASE_FOLDING, 0 );
532 $rc = xml_parse_into_struct( $xml_parser, $this->raw_post, $this->xml_tags );
533 if ( $rc == false ) {
534 dbg_error_log( 'ERROR', 'XML parsing error: %s at line %d, column %d',
535 xml_error_string(xml_get_error_code($xml_parser)),
536 xml_get_current_line_number($xml_parser), xml_get_current_column_number($xml_parser) );
537 $this->XMLResponse( 400, new XMLElement( 'error', new XMLElement('invalid-xml'), array( 'xmlns' => 'DAV:') ) );
538 }
539 xml_parser_free($xml_parser);
540 if ( count($this->xml_tags) ) {
541 dbg_error_log( "caldav", " Parsed incoming XML request body." );
542 }
543 else {
544 $this->xml_tags = null;
545 dbg_error_log( "ERROR", "Incoming request sent content-type XML with no XML request body." );
546 }
547 }
548
549 /**
550 * Look out for If-None-Match or If-Match headers
551 */
552 if ( isset($_SERVER["HTTP_IF_NONE_MATCH"]) ) {
553 $this->etag_none_match = $_SERVER["HTTP_IF_NONE_MATCH"];
554 if ( $this->etag_none_match == '' ) unset($this->etag_none_match);
555 }
556 if ( isset($_SERVER["HTTP_IF_MATCH"]) ) {
557 $this->etag_if_match = $_SERVER["HTTP_IF_MATCH"];
558 if ( $this->etag_if_match == '' ) unset($this->etag_if_match);
559 }
560 }
561
562
563 /**
564 * Permissions are controlled as follows:
565 * 1. if the path is '/', the request has read privileges
566 * 2. if the requester is an admin, the request has read/write priviliges
567 * 3. if there is a <user name> component which matches the logged on user
568 * then the request has read/write privileges
569 * 4. otherwise we query the defined relationships between users and use
570 * the minimum privileges returned from that analysis.
571 *
572 * @param int $user_no The current user number
573 *
574 */
575 function setPermissions() {
576 global $c, $session;
577
578 if ( $this->path == '/' || $this->path == '' ) {
579 $this->privileges = privilege_to_bits( array('read','read-free-busy','read-acl'));
580 dbg_error_log( "caldav", "Full read permissions for user accessing /" );
581 }
582 else if ( $session->AllowedTo("Admin") || $session->principal->user_no() == $this->user_no ) {
583 $this->privileges = privilege_to_bits('all');
584 dbg_error_log( "caldav", "Full permissions for %s", ( $session->principal->user_no() == $this->user_no ? "user accessing their own hierarchy" : "a systems administrator") );
585 }
586 else {
587 $this->privileges = 0;
588 if ( $this->IsPublic() ) {
589 $this->privileges = privilege_to_bits(array('read','read-free-busy'));
590 dbg_error_log( "caldav", "Basic read permissions for user accessing a public collection" );
591 }
592 else if ( isset($c->public_freebusy_url) && $c->public_freebusy_url ) {
593 $this->privileges = privilege_to_bits('read-free-busy');
594 dbg_error_log( "caldav", "Basic free/busy permissions for user accessing a public free/busy URL" );
595 }
596
597 /**
598 * In other cases we need to query the database for permissions
599 */
600 $params = array( ':session_principal_id' => $session->principal->principal_id(), ':scan_depth' => $c->permission_scan_depth );
601 if ( isset($this->by_email) && $this->by_email ) {
602 $sql ='SELECT pprivs( :session_principal_id::int8, :request_principal_id::int8, :scan_depth::int ) AS perm';
603 $params[':request_principal_id'] = $this->principal_id;
604 }
605 else {
606 $sql = 'SELECT path_privs( :session_principal_id::int8, :request_path::text, :scan_depth::int ) AS perm';
607 $params[':request_path'] = $this->path;
608 }
609 $qry = new AwlQuery( $sql, $params );
610 if ( $qry->Exec('caldav',__LINE__,__FILE__) && $permission_result = $qry->Fetch() )
611 $this->privileges |= bindec($permission_result->perm);
612
613 dbg_error_log( 'caldav', 'Restricted permissions for user accessing someone elses hierarchy: %s', decbin($this->privileges) );
614 if ( isset($this->ticket) && $this->ticket->MatchesPath($this->path) ) {
615 $this->privileges |= $this->ticket->privileges();
616 dbg_error_log( 'caldav', 'Applying permissions for ticket "%s" now: %s', $this->ticket->id(), decbin($this->privileges) );
617 }
618 }
619
620 /** convert privileges into older style permissions */
621 $this->permissions = array();
622 $privs = bits_to_privilege($this->privileges);
623 foreach( $privs AS $k => $v ) {
624 switch( $v ) {
625 case 'DAV::all': $type = 'abstract'; break;
626 case 'DAV::write': $type = 'aggregate'; break;
627 default: $type = 'real';
628 }
629 $v = str_replace('DAV::', '', $v);
630 $this->permissions[$v] = $type;
631 }
632
633 }
634
635
636 /**
637 * Checks whether the resource is locked, returning any lock token, or false
638 *
639 * @todo This logic does not catch all locking scenarios. For example an infinite
640 * depth request should check the permissions for all collections and resources within
641 * that. At present we only maintain permissions on a per-collection basis though.
642 */
643 function IsLocked() {
644 if ( !isset($this->_locks_found) ) {
645 $this->_locks_found = array();
646
647 $sql = 'DELETE FROM locks WHERE (start + timeout) < current_timestamp';
648 $qry = new AwlQuery($sql);
649 $qry->Exec('caldav',__LINE__,__FILE__);
650
651 /**
652 * Find the locks that might apply and load them into an array
653 */
654 $sql = 'SELECT * FROM locks WHERE :dav_name::text ~ (\'^\'||dav_name||:pattern_end_match)::text';
655 $qry = new AwlQuery($sql, array( ':dav_name' => $this->path, ':pattern_end_match' => ($this->IsInfiniteDepth() ? '' : '$') ) );
656 if ( $qry->Exec('caldav',__LINE__,__FILE__) ) {
657 while( $lock_row = $qry->Fetch() ) {
658 $this->_locks_found[$lock_row->opaquelocktoken] = $lock_row;
659 }
660 }
661 else {
662 $this->DoResponse(500,translate("Database Error"));
663 // Does not return.
664 }
665 }
666
667 foreach( $this->_locks_found AS $lock_token => $lock_row ) {
668 if ( $lock_row->depth == DEPTH_INFINITY || $lock_row->dav_name == $this->path ) {
669 return $lock_token;
670 }
671 }
672
673 return false; // Nothing matched
674 }
675
676
677 /**
678 * Checks whether the collection is public
679 */
680 function IsPublic() {
681 if ( isset($this->collection) && isset($this->collection->publicly_readable) && $this->collection->publicly_readable == 't' ) {
682 return true;
683 }
684 return false;
685 }
686
687
688 private static function supportedPrivileges() {
689 return array(
690 'all' => array(
691 'read' => translate('Read the content of a resource or collection'),
692 'write' => array(
693 'bind' => translate('Create a resource or collection'),
694 'unbind' => translate('Delete a resource or collection'),
695 'write-content' => translate('Write content'),
696 'write-properties' => translate('Write properties')
697 ),
698 'urn:ietf:params:xml:ns:caldav:read-free-busy' => translate('Read the free/busy information for a calendar collection'),
699 'read-acl' => translate('Read ACLs for a resource or collection'),
700 'read-current-user-privilege-set' => translate('Read the details of the current user\'s access control to this resource.'),
701 'write-acl' => translate('Write ACLs for a resource or collection'),
702 'unlock' => translate('Remove a lock'),
703
704 'urn:ietf:params:xml:ns:caldav:schedule-deliver' => array(
705 'urn:ietf:params:xml:ns:caldav:schedule-deliver-invite'=> translate('Deliver scheduling invitations from an organiser to this scheduling inbox'),
706 'urn:ietf:params:xml:ns:caldav:schedule-deliver-reply' => translate('Deliver scheduling replies from an attendee to this scheduling inbox'),
707 'urn:ietf:params:xml:ns:caldav:schedule-query-freebusy' => translate('Allow free/busy enquiries targeted at the owner of this scheduling inbox')
708 ),
709
710 'urn:ietf:params:xml:ns:caldav:schedule-send' => array(
711 'urn:ietf:params:xml:ns:caldav:schedule-send-invite' => translate('Send scheduling invitations as an organiser from the owner of this scheduling outbox.'),
712 'urn:ietf:params:xml:ns:caldav:schedule-send-reply' => translate('Send scheduling replies as an attendee from the owner of this scheduling outbox.'),
713 'urn:ietf:params:xml:ns:caldav:schedule-send-freebusy' => translate('Send free/busy enquiries')
714 )
715 )
716 );
717 }
718
719 /**
720 * Returns the dav_name of the resource in our internal namespace
721 */
722 function dav_name() {
723 if ( isset($this->path) ) return $this->path;
724 return null;
725 }
726
727
728 /**
729 * Returns the name for this depth: 0, 1, infinity
730 */
731 function GetDepthName( ) {
732 if ( $this->IsInfiniteDepth() ) return 'infinity';
733 return $this->depth;
734 }
735
736 /**
737 * Returns the tail of a Regex appropriate for this Depth, when appended to
738 *
739 */
740 function DepthRegexTail() {
741 if ( $this->IsInfiniteDepth() ) return '';
742 if ( $this->depth == 0 ) return '$';
743 return '[^/]*/?$';
744 }
745
746 /**
747 * Returns the locked row, either from the cache or from the database
748 *
749 * @param string $dav_name The resource which we want to know the lock status for
750 */
751 function GetLockRow( $lock_token ) {
752 if ( isset($this->_locks_found) && isset($this->_locks_found[$lock_token]) ) {
753 return $this->_locks_found[$lock_token];
754 }
755
756 $qry = new AwlQuery('SELECT * FROM locks WHERE opaquelocktoken = :lock_token', array( ':lock_token' => $lock_token ) );
757 if ( $qry->Exec('caldav',__LINE__,__FILE__) ) {
758 $lock_row = $qry->Fetch();
759 $this->_locks_found = array( $lock_token => $lock_row );
760 return $this->_locks_found[$lock_token];
761 }
762 else {
763 $this->DoResponse( 500, translate("Database Error") );
764 }
765
766 return false; // Nothing matched
767 }
768
769
770 /**
771 * Checks to see whether the lock token given matches one of the ones handed in
772 * with the request.
773 *
774 * @param string $lock_token The opaquelocktoken which we are looking for
775 */
776 function ValidateLockToken( $lock_token ) {
777 if ( isset($this->lock_token) && $this->lock_token == $lock_token ) {
778 dbg_error_log( "caldav", "They supplied a valid lock token. Great!" );
779 return true;
780 }
781 if ( isset($this->if_clause) ) {
782 dbg_error_log( "caldav", "Checking lock token '%s' against '%s'", $lock_token, $this->if_clause );
783 $tokens = preg_split( '/[<>]/', $this->if_clause );
784 foreach( $tokens AS $k => $v ) {
785 dbg_error_log( "caldav", "Checking lock token '%s' against '%s'", $lock_token, $v );
786 if ( 'opaquelocktoken:' == substr( $v, 0, 16 ) ) {
787 if ( substr( $v, 16 ) == $lock_token ) {
788 dbg_error_log( "caldav", "Lock token '%s' validated OK against '%s'", $lock_token, $v );
789 return true;
790 }
791 }
792 }
793 }
794 else {
795 @dbg_error_log( "caldav", "Invalid lock token '%s' - not in Lock-token (%s) or If headers (%s) ", $lock_token, $this->lock_token, $this->if_clause );
796 }
797
798 return false;
799 }
800
801
802 /**
803 * Returns the DB object associated with a lock token, or false.
804 *
805 * @param string $lock_token The opaquelocktoken which we are looking for
806 */
807 function GetLockDetails( $lock_token ) {
808 if ( !isset($this->_locks_found) && false === $this->IsLocked() ) return false;
809 if ( isset($this->_locks_found[$lock_token]) ) return $this->_locks_found[$lock_token];
810 return false;
811 }
812
813
814 /**
815 * This will either (a) return false if no locks apply, or (b) return the lock_token
816 * which the request successfully included to open the lock, or:
817 * (c) respond directly to the client with the failure.
818 *
819 * @return mixed false (no lock) or opaquelocktoken (opened lock)
820 */
821 function FailIfLocked() {
822 if ( $existing_lock = $this->IsLocked() ) { // NOTE Assignment in if() is expected here.
823 dbg_error_log( "caldav", "There is a lock on '%s'", $this->path);
824 if ( ! $this->ValidateLockToken($existing_lock) ) {
825 $lock_row = $this->GetLockRow($existing_lock);
826 /**
827 * Already locked - deny it
828 */
829 $response[] = new XMLElement( 'response', array(
830 new XMLElement( 'href', $lock_row->dav_name ),
831 new XMLElement( 'status', 'HTTP/1.1 423 Resource Locked')
832 ));
833 if ( $lock_row->dav_name != $this->path ) {
834 $response[] = new XMLElement( 'response', array(
835 new XMLElement( 'href', $this->path ),
836 new XMLElement( 'propstat', array(
837 new XMLElement( 'prop', new XMLElement( 'lockdiscovery' ) ),
838 new XMLElement( 'status', 'HTTP/1.1 424 Failed Dependency')
839 ))
840 ));
841 }
842 $response = new XMLElement( "multistatus", $response, array('xmlns'=>'DAV:') );
843 $xmldoc = $response->Render(0,'<?xml version="1.0" encoding="utf-8" ?>');
844 $this->DoResponse( 207, $xmldoc, 'text/xml; charset="utf-8"' );
845 // Which we won't come back from
846 }
847 return $existing_lock;
848 }
849 return false;
850 }
851
852
853 /**
854 * Coerces the Content-type of the request into something valid/appropriate
855 */
856 function CoerceContentType() {
857 if ( isset($this->content_type) ) {
858 $type = explode( '/', $this->content_type, 2);
859 /** @todo: Perhaps we should look at the target collection type, also. */
860 if ( $type[0] == 'text' ) {
861 if ( !empty($type[1]) && ($type[1] == 'vcard' || $type[1] == 'calendar' || $type[1] == 'x-vcard') ) {
862 return;
863 }
864 }
865 }
866
867 /** Null (or peculiar) content-type supplied so we have to try and work it out... */
868 $first_word = trim(substr( $this->raw_post, 0, 30));
869 $first_word = strtoupper( preg_replace( '/\s.*/s', '', $first_word ) );
870 switch( $first_word ) {
871 case '<?XML':
872 dbg_error_log( 'LOG WARNING', 'Application sent content-type of "%s" instead of "text/xml"',
873 (isset($this->content_type)?$this->content_type:'(null)') );
874 $this->content_type = 'text/xml';
875 break;
876 case 'BEGIN:VCALENDAR':
877 dbg_error_log( 'LOG WARNING', 'Application sent content-type of "%s" instead of "text/calendar"',
878 (isset($this->content_type)?$this->content_type:'(null)') );
879 $this->content_type = 'text/calendar';
880 break;
881 case 'BEGIN:VCARD':
882 dbg_error_log( 'LOG WARNING', 'Application sent content-type of "%s" instead of "text/vcard"',
883 (isset($this->content_type)?$this->content_type:'(null)') );
884 $this->content_type = 'text/vcard';
885 break;
886 default:
887 dbg_error_log( 'LOG NOTICE', 'Unusual content-type of "%s" and first word of content is "%s"',
888 (isset($this->content_type)?$this->content_type:'(null)'), $first_word );
889 }
890 if ( empty($this->content_type) ) $this->content_type = 'text/plain';
891 }
892
893
894 /**
895 * Returns true if the URL referenced by this request points at a collection.
896 */
897 function IsCollection( ) {
898 if ( !isset($this->_is_collection) ) {
899 $this->_is_collection = preg_match( '#/$#', $this->path );
900 }
901 return $this->_is_collection;
902 }
903
904
905 /**
906 * Returns true if the URL referenced by this request points at a calendar collection.
907 */
908 function IsCalendar( ) {
909 if ( !$this->IsCollection() || !isset($this->collection) ) return false;
910 return $this->collection->is_calendar == 't';
911 }
912
913
914 /**
915 * Returns true if the URL referenced by this request points at an addressbook collection.
916 */
917 function IsAddressBook( ) {
918 if ( !$this->IsCollection() || !isset($this->collection) ) return false;
919 return $this->collection->is_addressbook == 't';
920 }
921
922
923 /**
924 * Returns true if the URL referenced by this request points at a principal.
925 */
926 function IsPrincipal( ) {
927 if ( !isset($this->_is_principal) ) {
928 $this->_is_principal = preg_match( '#^/[^/]+/$#', $this->path );
929 }
930 return $this->_is_principal;
931 }
932
933
934 /**
935 * Returns true if the URL referenced by this request is within a proxy URL
936 */
937 function IsProxyRequest( ) {
938 if ( !isset($this->_is_proxy_request) ) {
939 $this->_is_proxy_request = preg_match( '#^/[^/]+/calendar-proxy-(read|write)/?[^/]*$#', $this->path );
940 }
941 return $this->_is_proxy_request;
942 }
943
944
945 /**
946 * Returns true if the request asked for infinite depth
947 */
948 function IsInfiniteDepth( ) {
949 return ($this->depth == DEPTH_INFINITY);
950 }
951
952
953 /**
954 * Returns the ID of the collection of, or containing this request
955 */
956 function CollectionId( ) {
957 return $this->collection_id;
958 }
959
960
961 /**
962 * Returns the array of supported privileges converted into XMLElements
963 */
964 function BuildSupportedPrivileges( &$reply, $privs = null ) {
965 $privileges = array();
966 if ( $privs === null ) $privs = self::supportedPrivileges();
967 foreach( $privs AS $k => $v ) {
968 dbg_error_log( 'caldav', 'Adding privilege "%s" which is "%s".', $k, $v );
969 $privilege = new XMLElement('privilege');
970 $reply->NSElement($privilege,$k);
971 $privset = array($privilege);
972 if ( is_array($v) ) {
973 dbg_error_log( 'caldav', '"%s" is a container of sub-privileges.', $k );
974 $privset = array_merge($privset, $this->BuildSupportedPrivileges($reply,$v));
975 }
976 else if ( $v == 'abstract' ) {
977 dbg_error_log( 'caldav', '"%s" is an abstract privilege.', $v );
978 $privset[] = new XMLElement('abstract');
979 }
980 else if ( strlen($v) > 1 ) {
981 $privset[] = new XMLElement('description', $v);
982 }
983 $privileges[] = new XMLElement('supported-privilege',$privset);
984 }
985 return $privileges;
986 }
987
988
989 /**
990 * Are we allowed to do the requested activity
991 *
992 * +------------+------------------------------------------------------+
993 * | METHOD | PRIVILEGES |
994 * +------------+------------------------------------------------------+
995 * | MKCALENDAR | DAV:bind |
996 * | REPORT | DAV:read or CALDAV:read-free-busy (on all referenced |
997 * | | resources) |
998 * +------------+------------------------------------------------------+
999 *
1000 * @param string $activity The activity we want to do.
1001 */
1002 function AllowedTo( $activity ) {
1003 global $session;
1004 dbg_error_log('caldav', 'Checking whether "%s" is allowed to "%s"', $session->principal->username(), $activity);
1005 if ( isset($this->permissions['all']) ) return true;
1006 switch( $activity ) {
1007 case 'all':
1008 return false; // If they got this far then they don't
1009 break;
1010
1011 case "CALDAV:schedule-send-freebusy":
1012 return isset($this->permissions['read']) || isset($this->permissions['urn:ietf:params:xml:ns:caldav:read-free-busy']);
1013 break;
1014
1015 case "CALDAV:schedule-send-invite":
1016 return isset($this->permissions['read']) || isset($this->permissions['urn:ietf:params:xml:ns:caldav:read-free-busy']);
1017 break;
1018
1019 case "CALDAV:schedule-send-reply":
1020 return isset($this->permissions['read']) || isset($this->permissions['urn:ietf:params:xml:ns:caldav:read-free-busy']);
1021 break;
1022
1023 case 'freebusy':
1024 return isset($this->permissions['read']) || isset($this->permissions['urn:ietf:params:xml:ns:caldav:read-free-busy']);
1025 break;
1026
1027 case 'delete':
1028 return isset($this->permissions['write']) || isset($this->permissions['unbind']);
1029 break;
1030
1031 case 'proppatch':
1032 return isset($this->permissions['write']) || isset($this->permissions['write-properties']);
1033 break;
1034
1035 case 'modify':
1036 return isset($this->permissions['write']) || isset($this->permissions['write-content']);
1037 break;
1038
1039 case 'create':
1040 return isset($this->permissions['write']) || isset($this->permissions['bind']);
1041 break;
1042
1043 case 'mkcalendar':
1044 case 'mkcol':
1045 if ( !isset($this->permissions['write']) || !isset($this->permissions['bind']) ) return false;
1046 if ( $this->is_principal ) return false;
1047 if ( $this->path == '/' ) return false;
1048 break;
1049
1050 default:
1051 $test_bits = privilege_to_bits( $activity );
1052 // dbg_error_log( 'caldav', 'request::AllowedTo("%s") (%s) against allowed "%s" => "%s" (%s)',
1053 // (is_array($activity) ? implode(',',$activity) : $activity), decbin($test_bits),
1054 // decbin($this->privileges), ($this->privileges & $test_bits), decbin($this->privileges & $test_bits) );
1055 return (($this->privileges & $test_bits) > 0 );
1056 break;
1057 }
1058
1059 return false;
1060 }
1061
1062
1063
1064 /**
1065 * Return the privileges bits for the current session user to this resource
1066 */
1067 function Privileges() {
1068 return $this->privileges;
1069 }
1070
1071
1072 /**
1073 * Is the user has the privileges to do what is requested.
1074 */
1075 function HavePrivilegeTo( $do_what ) {
1076 $test_bits = privilege_to_bits( $do_what );
1077 // dbg_error_log( 'caldav', 'request::HavePrivilegeTo("%s") [%s] against allowed "%s" => "%s" (%s)',
1078 // (is_array($do_what) ? implode(',',$do_what) : $do_what), decbin($test_bits),
1079 // decbin($this->privileges), ($this->privileges & $test_bits), decbin($this->privileges & $test_bits) );
1080 return ($this->privileges & $test_bits) > 0;
1081 }
1082
1083
1084 /**
1085 * Sometimes it's a perfectly formed request, but we just don't do that :-(
1086 * @param array $unsupported An array of the properties we don't support.
1087 */
1088 function UnsupportedRequest( $unsupported ) {
1089 if ( isset($unsupported) && count($unsupported) > 0 ) {
1090 $badprops = new XMLElement( "prop" );
1091 foreach( $unsupported AS $k => $v ) {
1092 // Not supported at this point...
1093 dbg_error_log("ERROR", " %s: Support for $v:$k properties is not implemented yet", $this->method );
1094 $badprops->NewElement(strtolower($k),false,array("xmlns" => strtolower($v)));
1095 }
1096 $error = new XMLElement("error", $badprops, array("xmlns" => "DAV:") );
1097
1098 $this->XMLResponse( 422, $error );
1099 }
1100 }
1101
1102
1103 /**
1104 * Send a need-privileges error response. This function will only return
1105 * if the $href is not supplied and the current user has the specified
1106 * permission for the request path.
1107 *
1108 * @param string $privilege The name of the needed privilege.
1109 * @param string $href The unconstructed URI where we needed the privilege.
1110 */
1111 function NeedPrivilege( $privileges, $href=null ) {
1112 if ( is_string($privileges) ) $privileges = array( $privileges );
1113 if ( !isset($href) ) {
1114 if ( $this->HavePrivilegeTo($privileges) ) return;
1115 $href = $this->path;
1116 }
1117
1118 $reply = new XMLDocument( array('DAV:' => '') );
1119 $privnodes = array( $reply->href(ConstructURL($href)), new XMLElement( 'privilege' ) );
1120 // RFC3744 specifies that we can only respond with one needed privilege, so we pick the first.
1121 $reply->NSElement( $privnodes[1], $privileges[0] );
1122 $xml = new XMLElement( 'need-privileges', new XMLElement( 'resource', $privnodes) );
1123 $xmldoc = $reply->Render('error',$xml);
1124 $this->DoResponse( 403, $xmldoc, 'text/xml; charset="utf-8"' );
1125 exit(0); // Unecessary, but might clarify things
1126 }
1127
1128
1129 /**
1130 * Send an error response for a failed precondition.
1131 *
1132 * @param int $status The status code for the failed precondition. Normally 403
1133 * @param string $precondition The namespaced precondition tag.
1134 * @param string $explanation An optional text explanation for the failure.
1135 */
1136 function PreconditionFailed( $status, $precondition, $explanation = '', $xmlns='DAV:') {
1137 $xmldoc = sprintf('<?xml version="1.0" encoding="utf-8" ?>
1138 <error xmlns="%s">
1139 <%s/>%s
1140 </error>', $xmlns, str_replace($xmlns.':', '', $precondition), $explanation );
1141
1142 $this->DoResponse( $status, $xmldoc, 'text/xml; charset="utf-8"' );
1143 exit(0); // Unecessary, but might clarify things
1144 }
1145
1146
1147 /**
1148 * Send a simple error informing the client that was a malformed request
1149 *
1150 * @param string $text An optional text description of the failure.
1151 */
1152 function MalformedRequest( $text = 'Bad request' ) {
1153 $this->DoResponse( 400, $text );
1154 exit(0); // Unecessary, but might clarify things
1155 }
1156
1157
1158 /**
1159 * Send an XML Response. This function will never return.
1160 *
1161 * @param int $status The HTTP status to respond
1162 * @param XMLElement $xmltree An XMLElement tree to be rendered
1163 */
1164 function XMLResponse( $status, $xmltree ) {
1165 $xmldoc = $xmltree->Render(0,'<?xml version="1.0" encoding="utf-8" ?>');
1166 $etag = md5($xmldoc);
1167 header("ETag: \"$etag\"");
1168 $this->DoResponse( $status, $xmldoc, 'text/xml; charset="utf-8"' );
1169 exit(0); // Unecessary, but might clarify things
1170 }
1171
1172 /**
1173 * Utility function we call when we have a simple status-based response to
1174 * return to the client. Possibly
1175 *
1176 * @param int $status The HTTP status code to send.
1177 * @param string $message The friendly text message to send with the response.
1178 */
1179 function DoResponse( $status, $message="", $content_type="text/plain; charset=\"utf-8\"" ) {
1180 global $session, $c;
1181 @header( sprintf("HTTP/1.1 %d %s", $status, getStatusMessage($status)) );
1182 @header( sprintf("X-DAViCal-Version: DAViCal/%d.%d.%d; DB/%d.%d.%d", $c->code_major, $c->code_minor, $c->code_patch, $c->schema_major, $c->schema_minor, $c->schema_patch) );
1183 @header( "Content-type: ".$content_type );
1184
1185 if ( (isset($c->dbg['ALL']) && $c->dbg['ALL']) || (isset($c->dbg['response']) && $c->dbg['response']) || $status > 399 ) {
1186 $lines = headers_list();
1187 dbg_error_log( "LOG ", "***************** Response Header ****************" );
1188 foreach( $lines AS $v ) {
1189 dbg_error_log( "LOG headers", "-->%s", $v );
1190 }
1191 dbg_error_log( "LOG ", "******************** Response ********************" );
1192 // Log the request in all it's gory detail.
1193 $lines = preg_split( '#[\r\n]+#', $message);
1194 foreach( $lines AS $v ) {
1195 dbg_error_log( "LOG response", "-->%s", $v );
1196 }
1197 }
1198
1199 header( "Content-Length: ".strlen($message) );
1200 echo $message;
1201
1202 if ( isset($c->dbg['caldav']) && $c->dbg['caldav'] ) {
1203 if ( strlen($message) > 100 || strstr($message, "\n") ) {
1204 $message = substr( preg_replace("#\s+#m", ' ', $message ), 0, 100) . (strlen($message) > 100 ? "..." : "");
1205 }
1206
1207 dbg_error_log("caldav", "Status: %d, Message: %s, User: %d, Path: %s", $status, $message, $session->principal->user_no(), $this->path);
1208 }
1209 if ( isset($c->dbg['statistics']) && $c->dbg['statistics'] ) {
1210 $script_time = microtime(true) - $c->script_start_time;
1211 @dbg_error_log("statistics", "Method: %s, Status: %d, Script: %5.3lfs, Queries: %5.3lfs, URL: %s",
1212 $this->method, $status, $script_time, $c->total_query_time, $this->path);
1213 }
1214 @ob_flush(); exit(0);
1215 }
1216
1217 }
1218
DAViCal CalDAV & CardDAV Server