inc/caldav-REPORT.php

   1 <?php
   2 /**
   3 * CalDAV Server - handle REPORT method
   4 *
   5 * @package   davical
   6 * @subpackage   caldav
   7 * @author    Andrew McMillan <andrew@morphoss.com>
   8 * @copyright Catalyst .Net Ltd, Morphoss Ltd
   9 * @license   http://gnu.org/copyleft/gpl.html GNU GPL v2
  10 */
  11 dbg_error_log("REPORT", "method handler");
  12
  13 require_once("XMLDocument.php");
  14 require_once('DAVResource.php');
  15
  16 require_once('RRule-v2.php');
  17
  18 if ( ! ini_get('open_basedir') && (isset($c->dbg['ALL']) || (isset($c->dbg['report']) && $c->dbg['report'])) ) {
  19   $fh = fopen('/tmp/REPORT.txt','w');
  20   if ( $fh ) {
  21     fwrite($fh,$request->raw_post);
  22     fclose($fh);
  23   }
  24 }
  25
  26 if ( !isset($request->xml_tags) ) {
  27   $request->DoResponse( 406, translate("REPORT body contains no XML data!") );
  28 }
  29 $position = 0;
  30 $xmltree = BuildXMLTree( $request->xml_tags, $position);
  31 if ( !is_object($xmltree) ) {
  32   $request->DoResponse( 406, translate("REPORT body is not valid XML data!") );
  33 }
  34
  35 $target = new DAVResource($request->path);
  36
  37 if ( $xmltree->GetNSTag() != 'DAV::principal-property-search'
  38                 && $xmltree->GetNSTag() != 'DAV::principal-property-search-set' ) {
  39   $target->NeedPrivilege( array('DAV::read', 'urn:ietf:params:xml:ns:caldav:read-free-busy'), true ); // They may have either
  40 }
  41
  42 require_once("vCalendar.php");
  43
  44 $reportnum = -1;
  45 $report = array();
  46 $denied = array();
  47 $unsupported = array();
  48 if ( isset($prop_filter) ) unset($prop_filter);
  49
  50 if ( $xmltree->GetNSTag() == 'urn:ietf:params:xml:ns:caldav:free-busy-query' ) {
  51   include("caldav-REPORT-freebusy.php");
  52   exit; // Not that the above include should return anyway
  53 }
  54
  55 $reply = new XMLDocument( array( "DAV:" => "" ) );
  56 switch( $xmltree->GetNSTag() ) {
  57   case 'DAV::principal-property-search':
  58     include("caldav-REPORT-principal.php");
  59     exit; // Not that it should return anyway.
  60   case 'DAV::principal-search-property-set':
  61     include("caldav-REPORT-pps-set.php");
  62     exit; // Not that it should return anyway.
  63   case 'DAV::sync-collection':
  64                 if ( $target->IsExternal() ) {
  65                         require_once("external-fetch.php");
  66                         update_external ( $target );
  67                 }
  68     include("caldav-REPORT-sync-collection.php");
  69     exit; // Not that it should return anyway.
  70   case 'DAV::expand-property':
  71     if ( $target->IsExternal() ) {
  72                         require_once("external-fetch.php");
  73                         update_external ( $target );
  74                 }
  75     include("caldav-REPORT-expand-property.php");
  76     exit; // Not that it should return anyway.
  77   case 'DAV::principal-match':
  78     include("caldav-REPORT-principal-match.php");
  79     exit; // Not that it should return anyway.
  80 }
  81
  82
  83
  84 /**
  85 * Return XML for a single component from the DB
  86 *
  87 * @param array $properties The properties for this component
  88 * @param string $item The DB row data for this component
  89 *
  90 * @return string An XML document which is the response for the component
  91 */
  92 function component_to_xml( $properties, $item ) {
  93   global $session, $c, $request, $reply;
  94
  95   dbg_error_log("REPORT","Building XML Response for item '%s'", $item->dav_name );
  96
  97   $denied = array();
  98   $unsupported = array();
  99   $caldav_data = $item->caldav_data;
 100   $displayname = preg_replace( '{^.*/}', '', $item->dav_name );
 101   $type = 'unknown';
 102   $contenttype = 'text/plain';
 103   switch( $item->caldav_type ) {
 104     case 'VJOURNAL':
 105     case 'VEVENT':
 106     case 'VTODO':
 107       $displayname = $item->summary;
 108       $type = 'calendar';
 109       $contenttype = 'text/calendar';
 110       break;
 111
 112     case 'VCARD':
 113       $displayname = $item->fn;
 114       $type = 'vcard';
 115       $contenttype = 'text/vcard';
 116       break;
 117   }
 118   if ( $type == 'calendar' ) {
 119     if ( isset($properties['calendar-data']) || isset($properties['displayname']) ) {
 120       if ( !$request->AllowedTo('all') && $session->user_no != $item->user_no ) {
 121         // the user is not admin / owner of this calendar looking at his calendar and can not admin the other cal
 122         if ( $item->class == 'CONFIDENTIAL' || !$request->AllowedTo('read') ) {
 123           dbg_error_log("REPORT","Anonymising confidential event for: %s", $item->dav_name );
 124           $vcal = new vCalendar( $caldav_data );
 125           $caldav_data = $vcal->Confidential()->Render();
 126           $displayname = translate('Busy');
 127         }
 128       }
 129     }
 130
 131     if ( isset($c->hide_alarm) && $c->hide_alarm ) {
 132       $dav_resource = new DAVResource($request->path);
 133       if ( isset($properties['calendar-data']) && !$dav_resource->HavePrivilegeTo('write') ) {
 134         dbg_error_log("REPORT","Stripping event alarms for: %s", $item->dav_name );
 135         $vcal = new vCalendar($caldav_data);
 136         $vcal->ClearComponents('VALARM');
 137         $caldav_data = $vcal->Render();
 138       }
 139     }
 140   }
 141
 142   $url = ConstructURL($item->dav_name);
 143
 144   $prop = new XMLElement("prop");
 145   foreach( $properties AS $full_tag => $v ) {
 146     $base_tag = preg_replace('{^.*:}', '', $full_tag );
 147     switch( $full_tag ) {
 148       case 'DAV::getcontentlength':
 149         $contentlength = strlen($caldav_data);
 150         $prop->NewElement($base_tag, $contentlength );
 151         break;
 152       case 'DAV::getlastmodified':
 153         $prop->NewElement($base_tag, ISODateToHTTPDate($item->modified) );
 154         break;
 155       case 'urn:ietf:params:xml:ns:caldav:calendar-data':
 156         if ( $type == 'calendar' ) $reply->CalDAVElement($prop, $base_tag, $caldav_data );
 157         else $unsupported[] = $base_tag;
 158         break;
 159       case 'urn:ietf:params:xml:ns:carddav:address-data':
 160         if ( $type == 'vcard' ) $reply->CardDAVElement($prop, $base_tag, $caldav_data );
 161         else $unsupported[] = $base_tag;
 162         break;
 163       case 'DAV::getcontenttype':
 164         $prop->NewElement($base_tag, $contenttype );
 165         break;
 166       case 'DAV::current-user-principal':
 167         $prop->NewElement("current-user-principal", $request->current_user_principal_xml);
 168         break;
 169       case 'DAV::displayname':
 170         $prop->NewElement($base_tag, $displayname );
 171         break;
 172       case 'DAV::resourcetype':
 173         $prop->NewElement($base_tag); // Just an empty resourcetype for a non-collection.
 174         break;
 175       case 'DAV::getetag':
 176         $prop->NewElement($base_tag, '"'.$item->dav_etag.'"' );
 177         break;
 178       case '"current-user-privilege-set"':
 179         $prop->NewElement($base_tag, privileges($request->permissions) );
 180         break;
 181       case 'SOME-DENIED-PROPERTY':  /** indicating the style for future expansion */
 182         $denied[] = $full_tag;
 183         break;
 184       default:
 185         dbg_error_log( 'REPORT', "Request for unsupported property '%s' of calendar item.", $full_tag );
 186         $unsupported[] = $full_tag;
 187     }
 188   }
 189   $status = new XMLElement("status", "HTTP/1.1 200 OK" );
 190
 191   $propstat = new XMLElement( "propstat", array( $prop, $status) );
 192   $href = new XMLElement("href", $url );
 193   $elements = array($href,$propstat);
 194
 195   if ( count($denied) > 0 ) {
 196     $status = new XMLElement("status", "HTTP/1.1 403 Forbidden" );
 197     $noprop = new XMLElement("prop");
 198     foreach( $denied AS $k => $v ) {
 199       $reply->NSElement($noprop, $v);
 200     }
 201     $elements[] = new XMLElement( "propstat", array( $noprop, $status) );
 202   }
 203
 204   if ( ! $request->PreferMinimal() && count($unsupported) > 0 ) {
 205     $status = new XMLElement("status", "HTTP/1.1 404 Not Found" );
 206     $noprop = new XMLElement("prop");
 207     foreach( $unsupported AS $k => $v ) {
 208       $reply->NSElement($noprop, $v);
 209     }
 210     $elements[] = new XMLElement( "propstat", array( $noprop, $status) );
 211   }
 212
 213   $response = new XMLElement( "response", $elements );
 214
 215   return $response;
 216 }
 217
 218 if ( $target->IsExternal() ) {
 219         require_once("external-fetch.php");
 220         update_external ( $target );
 221 }
 222
 223 if ( $xmltree->GetNSTag() == "urn:ietf:params:xml:ns:caldav:calendar-query" ) {
 224   $calquery = $xmltree->GetPath("/urn:ietf:params:xml:ns:caldav:calendar-query/*");
 225   include("caldav-REPORT-calquery.php");
 226 }
 227 elseif ( $xmltree->GetNSTag() == "urn:ietf:params:xml:ns:caldav:calendar-multiget" ) {
 228   $mode = 'caldav';
 229   $qry_content = $xmltree->GetContent('urn:ietf:params:xml:ns:caldav:calendar-multiget');
 230   include("caldav-REPORT-multiget.php");
 231 }
 232 elseif ( $xmltree->GetNSTag() == "urn:ietf:params:xml:ns:carddav:addressbook-multiget" ) {
 233   $mode = 'carddav';
 234   $qry_content = $xmltree->GetContent('urn:ietf:params:xml:ns:carddav:addressbook-multiget');
 235   include("caldav-REPORT-multiget.php");
 236 }
 237 elseif ( $xmltree->GetNSTag() == "urn:ietf:params:xml:ns:carddav:addressbook-query" ) {
 238   $cardquery = $xmltree->GetPath("/urn:ietf:params:xml:ns:carddav:addressbook-query/*");
 239   include("caldav-REPORT-cardquery.php");
 240 }
 241 else {
 242   dbg_error_log( 'ERROR', "Request for unsupported report type '%s'.", $xmltree->GetNSTag() );
 243   $request->PreconditionFailed( 403, 'DAV::supported-report', sprintf( '"%s" is not a supported report type', $xmltree->GetNSTag()) );
 244 }
 245