3 * CalDAV Server - handle GET method
7 * @author Andrew McMillan <andrew@mcmillan.net.nz>
8 * @copyright Catalyst .Net Ltd, Morphoss Ltd <http://www.morphoss.com/>
9 * @license http://gnu.org/copyleft/gpl.html GNU GPL v2 or later
11 dbg_error_log("get", "GET method handler");
13 require("caldav-GET-functions.php");
15 $dav_resource = new DAVResource($request->path
);
16 $dav_resource->NeedPrivilege( array('urn:ietf:params:xml:ns:caldav:read-free-busy','DAV::read') );
17 if ( $dav_resource->IsExternal() ) {
18 require_once("external-fetch.php");
19 update_external ( $dav_resource );
22 if ( ! $dav_resource->Exists() ) {
23 $request->DoResponse( 404, translate("Resource Not Found.") );
27 if ( $dav_resource->IsCollection() ) {
28 $response = export_iCalendar($dav_resource);
29 header( 'Etag: '.$dav_resource->unique_tag() );
30 $request->DoResponse( 200, ($request->method
== 'HEAD' ?
'' : $response), 'text/calendar; charset="utf-8"' );
34 // Just a single event then
36 $resource = $dav_resource->resource();
37 $ic = new iCalComponent( $resource->caldav_data
);
39 $resource->caldav_data
= preg_replace( '{(?<!\r)\n}', "\r\n", $resource->caldav_data
);
41 /** Default deny... */
43 if ( $dav_resource->HavePrivilegeTo('all', false) ||
$session->user_no
== $resource->user_no ||
$session->user_no
== $resource->logged_user
44 ||
( $c->allow_get_email_visibility
&& $ic->IsAttendee($session->email
) ) ) {
46 * These people get to see all of the event, and they should always
47 * get any alarms as well.
51 else if ( $resource->class != 'PRIVATE' ) {
52 $allowed = true; // but we may well obfuscate it below
53 if ( ! $dav_resource->HavePrivilegeTo('DAV::read') ||
( $resource->class == 'CONFIDENTIAL' && ! $request->HavePrivilegeTo('DAV::write-content') ) ) {
54 $ical = new iCalComponent( $resource->caldav_data
);
55 $comps = $ical->GetComponents('VTIMEZONE',false);
56 $confidential = obfuscated_event($comps[0]);
57 $ical->SetComponents( array($confidential), $resource->caldav_type
);
58 $resource->caldav_data
= $ical->Render();
61 // else $resource->class == 'PRIVATE' and this person may not see it.
64 $request->DoResponse( 403, translate("Forbidden") );
67 header( 'Etag: "'.$resource->dav_etag
.'"' );
68 header( 'Content-Length: '.strlen($resource->caldav_data
) );
70 $contenttype = 'text/plain';
71 switch( $resource->caldav_type
) {
75 $contenttype = 'text/calendar';
79 $contenttype = 'text/vcard';
83 $request->DoResponse( 200, ($request->method
== 'HEAD' ?
'' : $resource->caldav_data
), $contenttype.'; charset="utf-8"' );