aboutsummaryrefslogtreecommitdiffstats
path: root/3rdparty/Sabre/DAVACL
diff options
context:
space:
mode:
authorGeorg Ehrke <dev@georgswebsite.de>2012-04-25 10:39:31 +0200
committerGeorg Ehrke <dev@georgswebsite.de>2012-04-25 10:39:31 +0200
commitd76552a009ddd394e45b6c4b417e7267f1ae7c3d (patch)
treeab9394d1c8501d48aad8952af5bafbeba107567f /3rdparty/Sabre/DAVACL
parent03f81fdd884f646f1cd9e8155de764fb2c89dce6 (diff)
parente888f4d9bc40dddd197f858d3fe585df631189b6 (diff)
downloadnextcloud-server-d76552a009ddd394e45b6c4b417e7267f1ae7c3d.tar.gz
nextcloud-server-d76552a009ddd394e45b6c4b417e7267f1ae7c3d.zip
Merge branch 'sabredav_1.6'
Diffstat (limited to '3rdparty/Sabre/DAVACL')
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/AbstractPrincipalCollection.php101
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Exception/AceConflict.php20
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Exception/NeedPrivileges.php41
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Exception/NoAbstract.php18
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Exception/NotRecognizedPrincipal.php18
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Exception/NotSupportedPrivilege.php18
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/IACL.php45
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/IPrincipal.php52
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/IPrincipalBackend.php140
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Plugin.php602
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Principal.php144
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/PrincipalBackend/PDO.php333
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/PrincipalCollection.php12
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Property/Acl.php105
-rwxr-xr-x3rdparty/Sabre/DAVACL/Property/AclRestrictions.php32
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Property/CurrentUserPrivilegeSet.php42
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Property/Principal.php56
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Property/SupportedPrivilegeSet.php44
-rwxr-xr-x[-rw-r--r--]3rdparty/Sabre/DAVACL/Version.php6
-rwxr-xr-x3rdparty/Sabre/DAVACL/includes.php38
20 files changed, 1217 insertions, 650 deletions
diff --git a/3rdparty/Sabre/DAVACL/AbstractPrincipalCollection.php b/3rdparty/Sabre/DAVACL/AbstractPrincipalCollection.php
index a361e054610..e05b7749805 100644..100755
--- a/3rdparty/Sabre/DAVACL/AbstractPrincipalCollection.php
+++ b/3rdparty/Sabre/DAVACL/AbstractPrincipalCollection.php
@@ -3,53 +3,52 @@
/**
* Principals Collection
*
- * This is a helper class that easily allows you to create a collection that
+ * This is a helper class that easily allows you to create a collection that
* has a childnode for every principal.
- *
- * To use this class, simply implement the getChildForPrincipal method.
+ *
+ * To use this class, simply implement the getChildForPrincipal method.
*
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
abstract class Sabre_DAVACL_AbstractPrincipalCollection extends Sabre_DAV_Collection {
/**
- * Node or 'directory' name.
- *
- * @var string
+ * Node or 'directory' name.
+ *
+ * @var string
*/
protected $path;
/**
- * Principal backend
- *
- * @var Sabre_DAVACL_IPrincipalBackend
+ * Principal backend
+ *
+ * @var Sabre_DAVACL_IPrincipalBackend
*/
protected $principalBackend;
/**
* If this value is set to true, it effectively disables listing of users
- * it still allows user to find other users if they have an exact url.
- *
- * @var bool
+ * it still allows user to find other users if they have an exact url.
+ *
+ * @var bool
*/
public $disableListing = false;
/**
* Creates the object
*
- * This object must be passed the principal backend. This object will
- * filter all principals from a specfied prefix ($principalPrefix). The
- * default is 'principals', if your principals are stored in a different
+ * This object must be passed the principal backend. This object will
+ * filter all principals from a specified prefix ($principalPrefix). The
+ * default is 'principals', if your principals are stored in a different
* collection, override $principalPrefix
- *
- *
- * @param Sabre_DAVACL_IPrincipalBackend $principalBackend
+ *
+ *
+ * @param Sabre_DAVACL_IPrincipalBackend $principalBackend
* @param string $principalPrefix
- * @param string $nodeName
*/
public function __construct(Sabre_DAVACL_IPrincipalBackend $principalBackend, $principalPrefix = 'principals') {
@@ -64,28 +63,28 @@ abstract class Sabre_DAVACL_AbstractPrincipalCollection extends Sabre_DAV_Collec
* The passed array contains principal information, and is guaranteed to
* at least contain a uri item. Other properties may or may not be
* supplied by the authentication backend.
- *
- * @param array $principalInfo
+ *
+ * @param array $principalInfo
* @return Sabre_DAVACL_IPrincipal
*/
abstract function getChildForPrincipal(array $principalInfo);
/**
- * Returns the name of this collection.
- *
- * @return string
+ * Returns the name of this collection.
+ *
+ * @return string
*/
public function getName() {
list(,$name) = Sabre_DAV_URLUtil::splitPath($this->principalPrefix);
- return $name;
+ return $name;
}
/**
- * Return the list of users
- *
- * @return void
+ * Return the list of users
+ *
+ * @return array
*/
public function getChildren() {
@@ -99,23 +98,57 @@ abstract class Sabre_DAVACL_AbstractPrincipalCollection extends Sabre_DAV_Collec
}
- return $children;
+ return $children;
}
/**
* Returns a child object, by its name.
- *
+ *
* @param string $name
- * @throws Sabre_DAV_Exception_FileNotFound
+ * @throws Sabre_DAV_Exception_NotFound
* @return Sabre_DAV_IPrincipal
*/
public function getChild($name) {
$principalInfo = $this->principalBackend->getPrincipalByPath($this->principalPrefix . '/' . $name);
- if (!$principalInfo) throw new Sabre_DAV_Exception_FileNotFound('Principal with name ' . $name . ' not found');
+ if (!$principalInfo) throw new Sabre_DAV_Exception_NotFound('Principal with name ' . $name . ' not found');
return $this->getChildForPrincipal($principalInfo);
}
+ /**
+ * This method is used to search for principals matching a set of
+ * properties.
+ *
+ * This search is specifically used by RFC3744's principal-property-search
+ * REPORT. You should at least allow searching on
+ * http://sabredav.org/ns}email-address.
+ *
+ * The actual search should be a unicode-non-case-sensitive search. The
+ * keys in searchProperties are the WebDAV property names, while the values
+ * are the property values to search on.
+ *
+ * If multiple properties are being searched on, the search should be
+ * AND'ed.
+ *
+ * This method should simply return a list of 'child names', which may be
+ * used to call $this->getChild in the future.
+ *
+ * @param array $searchProperties
+ * @return array
+ */
+ public function searchPrincipals(array $searchProperties) {
+
+ $result = $this->principalBackend->searchPrincipals($this->principalPrefix, $searchProperties);
+ $r = array();
+
+ foreach($result as $row) {
+ list(, $r[]) = Sabre_DAV_URLUtil::splitPath($row);
+ }
+
+ return $r;
+
+ }
+
}
diff --git a/3rdparty/Sabre/DAVACL/Exception/AceConflict.php b/3rdparty/Sabre/DAVACL/Exception/AceConflict.php
index d10aeb4345c..4b9f93b0036 100644..100755
--- a/3rdparty/Sabre/DAVACL/Exception/AceConflict.php
+++ b/3rdparty/Sabre/DAVACL/Exception/AceConflict.php
@@ -1,12 +1,12 @@
<?php
/**
- * Sabre_DAVACL_Exception_AceConflict
- *
+ * Sabre_DAVACL_Exception_AceConflict
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Exception_AceConflict extends Sabre_DAV_Exception_Conflict {
@@ -15,20 +15,18 @@ class Sabre_DAVACL_Exception_AceConflict extends Sabre_DAV_Exception_Conflict {
* Adds in extra information in the xml response.
*
* This method adds the {DAV:}no-ace-conflict element as defined in rfc3744
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $errorNode
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $errorNode
* @return void
*/
public function serialize(Sabre_DAV_Server $server,DOMElement $errorNode) {
-
+
$doc = $errorNode->ownerDocument;
-
+
$np = $doc->createElementNS('DAV:','d:no-ace-conflict');
$errorNode->appendChild($np);
}
}
-
-?>
diff --git a/3rdparty/Sabre/DAVACL/Exception/NeedPrivileges.php b/3rdparty/Sabre/DAVACL/Exception/NeedPrivileges.php
index 024ab6641f3..9b055dd9709 100644..100755
--- a/3rdparty/Sabre/DAVACL/Exception/NeedPrivileges.php
+++ b/3rdparty/Sabre/DAVACL/Exception/NeedPrivileges.php
@@ -1,60 +1,61 @@
<?php
/**
- * NeedPrivileges
+ * NeedPrivileges
*
* The 403-need privileges is thrown when a user didn't have the appropriate
* permissions to perform an operation
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @version $Id$
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Exception_NeedPrivileges extends Sabre_DAV_Exception_Forbidden {
/**
- * The relevant uri
- *
- * @var string
+ * The relevant uri
+ *
+ * @var string
*/
protected $uri;
/**
- * The privileges the user didn't have.
- *
- * @var array
+ * The privileges the user didn't have.
+ *
+ * @var array
*/
protected $privileges;
/**
- * Constructor
- *
- * @param string $uri
- * @param array $privileges
+ * Constructor
+ *
+ * @param string $uri
+ * @param array $privileges
*/
public function __construct($uri,array $privileges) {
$this->uri = $uri;
$this->privileges = $privileges;
+ parent::__construct('User did not have the required privileges (' . implode(',', $privileges) . ') for path "' . $uri . '"');
+
}
/**
* Adds in extra information in the xml response.
*
* This method adds the {DAV:}need-privileges element as defined in rfc3744
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $errorNode
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $errorNode
* @return void
*/
public function serialize(Sabre_DAV_Server $server,DOMElement $errorNode) {
-
+
$doc = $errorNode->ownerDocument;
-
+
$np = $doc->createElementNS('DAV:','d:need-privileges');
$errorNode->appendChild($np);
diff --git a/3rdparty/Sabre/DAVACL/Exception/NoAbstract.php b/3rdparty/Sabre/DAVACL/Exception/NoAbstract.php
index 60f49ebff4a..f44e3e32281 100644..100755
--- a/3rdparty/Sabre/DAVACL/Exception/NoAbstract.php
+++ b/3rdparty/Sabre/DAVACL/Exception/NoAbstract.php
@@ -2,11 +2,11 @@
/**
* Sabre_DAVACL_Exception_NoAbstract
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Exception_NoAbstract extends Sabre_DAV_Exception_PreconditionFailed {
@@ -15,20 +15,18 @@ class Sabre_DAVACL_Exception_NoAbstract extends Sabre_DAV_Exception_Precondition
* Adds in extra information in the xml response.
*
* This method adds the {DAV:}no-abstract element as defined in rfc3744
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $errorNode
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $errorNode
* @return void
*/
public function serialize(Sabre_DAV_Server $server,DOMElement $errorNode) {
-
+
$doc = $errorNode->ownerDocument;
-
+
$np = $doc->createElementNS('DAV:','d:no-abstract');
$errorNode->appendChild($np);
}
}
-
-?>
diff --git a/3rdparty/Sabre/DAVACL/Exception/NotRecognizedPrincipal.php b/3rdparty/Sabre/DAVACL/Exception/NotRecognizedPrincipal.php
index e056dc9e4f7..8d1e38ca1b4 100644..100755
--- a/3rdparty/Sabre/DAVACL/Exception/NotRecognizedPrincipal.php
+++ b/3rdparty/Sabre/DAVACL/Exception/NotRecognizedPrincipal.php
@@ -2,11 +2,11 @@
/**
* Sabre_DAVACL_Exception_NotRecognizedPrincipal
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Exception_NotRecognizedPrincipal extends Sabre_DAV_Exception_PreconditionFailed {
@@ -15,20 +15,18 @@ class Sabre_DAVACL_Exception_NotRecognizedPrincipal extends Sabre_DAV_Exception_
* Adds in extra information in the xml response.
*
* This method adds the {DAV:}recognized-principal element as defined in rfc3744
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $errorNode
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $errorNode
* @return void
*/
public function serialize(Sabre_DAV_Server $server,DOMElement $errorNode) {
-
+
$doc = $errorNode->ownerDocument;
-
+
$np = $doc->createElementNS('DAV:','d:recognized-principal');
$errorNode->appendChild($np);
}
}
-
-?>
diff --git a/3rdparty/Sabre/DAVACL/Exception/NotSupportedPrivilege.php b/3rdparty/Sabre/DAVACL/Exception/NotSupportedPrivilege.php
index 27db7cdd7dd..3b5d012d7fa 100644..100755
--- a/3rdparty/Sabre/DAVACL/Exception/NotSupportedPrivilege.php
+++ b/3rdparty/Sabre/DAVACL/Exception/NotSupportedPrivilege.php
@@ -2,11 +2,11 @@
/**
* Sabre_DAVACL_Exception_NotSupportedPrivilege
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Exception_NotSupportedPrivilege extends Sabre_DAV_Exception_PreconditionFailed {
@@ -15,20 +15,18 @@ class Sabre_DAVACL_Exception_NotSupportedPrivilege extends Sabre_DAV_Exception_P
* Adds in extra information in the xml response.
*
* This method adds the {DAV:}not-supported-privilege element as defined in rfc3744
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $errorNode
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $errorNode
* @return void
*/
public function serialize(Sabre_DAV_Server $server,DOMElement $errorNode) {
-
+
$doc = $errorNode->ownerDocument;
-
+
$np = $doc->createElementNS('DAV:','d:not-supported-privilege');
$errorNode->appendChild($np);
}
}
-
-?>
diff --git a/3rdparty/Sabre/DAVACL/IACL.php b/3rdparty/Sabre/DAVACL/IACL.php
index 506be4248d7..003e6993483 100644..100755
--- a/3rdparty/Sabre/DAVACL/IACL.php
+++ b/3rdparty/Sabre/DAVACL/IACL.php
@@ -4,11 +4,11 @@
* ACL-enabled node
*
* If you want to add WebDAV ACL to a node, you must implement this class
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
interface Sabre_DAVACL_IACL extends Sabre_DAV_INode {
@@ -16,8 +16,8 @@ interface Sabre_DAVACL_IACL extends Sabre_DAV_INode {
/**
* Returns the owner principal
*
- * This must be a url to a principal, or null if there's no owner
- *
+ * This must be a url to a principal, or null if there's no owner
+ *
* @return string|null
*/
function getOwner();
@@ -26,8 +26,8 @@ interface Sabre_DAVACL_IACL extends Sabre_DAV_INode {
* Returns a group principal
*
* This must be a url to a principal, or null if there's no owner
- *
- * @return string|null
+ *
+ * @return string|null
*/
function getGroup();
@@ -35,24 +35,39 @@ interface Sabre_DAVACL_IACL extends Sabre_DAV_INode {
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
- * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
+ * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
- * * 'protected' (optional), indicating that this ACE is not allowed to
- * be updated.
- *
- * @return array
+ * * 'protected' (optional), indicating that this ACE is not allowed to
+ * be updated.
+ *
+ * @return array
*/
function getACL();
/**
* Updates the ACL
*
- * This method will receive a list of new ACE's.
- *
- * @param array $acl
+ * This method will receive a list of new ACE's.
+ *
+ * @param array $acl
* @return void
*/
function setACL(array $acl);
+ /**
+ * Returns the list of supported privileges for this node.
+ *
+ * The returned data structure is a list of nested privileges.
+ * See Sabre_DAVACL_Plugin::getDefaultSupportedPrivilegeSet for a simple
+ * standard structure.
+ *
+ * If null is returned from this method, the default privilege set is used,
+ * which is fine for most common usecases.
+ *
+ * @return array|null
+ */
+ function getSupportedPrivilegeSet();
+
+
}
diff --git a/3rdparty/Sabre/DAVACL/IPrincipal.php b/3rdparty/Sabre/DAVACL/IPrincipal.php
index 7868811db76..fc7605bf625 100644..100755
--- a/3rdparty/Sabre/DAVACL/IPrincipal.php
+++ b/3rdparty/Sabre/DAVACL/IPrincipal.php
@@ -2,50 +2,50 @@
/**
* IPrincipal interface
- *
+ *
* Implement this interface to define your own principals
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
interface Sabre_DAVACL_IPrincipal extends Sabre_DAV_INode {
/**
- * Returns a list of altenative urls for a principal
- *
+ * Returns a list of alternative urls for a principal
+ *
* This can for example be an email address, or ldap url.
- *
- * @return array
+ *
+ * @return array
*/
function getAlternateUriSet();
/**
- * Returns the full principal url
- *
- * @return string
+ * Returns the full principal url
+ *
+ * @return string
*/
function getPrincipalUrl();
/**
* Returns the list of group members
- *
+ *
* If this principal is a group, this function should return
- * all member principal uri's for the group.
- *
+ * all member principal uri's for the group.
+ *
* @return array
*/
function getGroupMemberSet();
/**
* Returns the list of groups this principal is member of
- *
+ *
* If this principal is a member of a (list of) groups, this function
- * should return a list of principal uri's for it's members.
- *
- * @return array
+ * should return a list of principal uri's for it's members.
+ *
+ * @return array
*/
function getGroupMembership();
@@ -54,11 +54,11 @@ interface Sabre_DAVACL_IPrincipal extends Sabre_DAV_INode {
*
* If this principal is a group, this method sets all the group members.
* The list of members is always overwritten, never appended to.
- *
- * This method should throw an exception if the members could not be set.
- *
- * @param array $principals
- * @return void
+ *
+ * This method should throw an exception if the members could not be set.
+ *
+ * @param array $principals
+ * @return void
*/
function setGroupMemberSet(array $principals);
@@ -66,9 +66,9 @@ interface Sabre_DAVACL_IPrincipal extends Sabre_DAV_INode {
* Returns the displayname
*
* This should be a human readable name for the principal.
- * If none is available, return the nodename.
- *
- * @return string
+ * If none is available, return the nodename.
+ *
+ * @return string
*/
function getDisplayName();
diff --git a/3rdparty/Sabre/DAVACL/IPrincipalBackend.php b/3rdparty/Sabre/DAVACL/IPrincipalBackend.php
index 8899f6f80df..e798bf890c0 100644..100755
--- a/3rdparty/Sabre/DAVACL/IPrincipalBackend.php
+++ b/3rdparty/Sabre/DAVACL/IPrincipalBackend.php
@@ -3,14 +3,14 @@
/**
* Implement this interface to create your own principal backends.
*
- * Creating backends for principals is entirely optional. You can also
- * implement Sabre_DAVACL_IPrincipal directly. This interface is used solely by
+ * Creating backends for principals is entirely optional. You can also
+ * implement Sabre_DAVACL_IPrincipal directly. This interface is used solely by
* Sabre_DAVACL_AbstractPrincipalCollection.
*
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
interface Sabre_DAVACL_IPrincipalBackend {
@@ -18,56 +18,136 @@ interface Sabre_DAVACL_IPrincipalBackend {
/**
* Returns a list of principals based on a prefix.
*
- * This prefix will often contain something like 'principals'. You are only
+ * This prefix will often contain something like 'principals'. You are only
* expected to return principals that are in this base path.
*
- * You are expected to return at least a 'uri' for every user, you can
+ * You are expected to return at least a 'uri' for every user, you can
* return any additional properties if you wish so. Common properties are:
- * {DAV:}displayname
- * {http://sabredav.org/ns}email-address - This is a custom SabreDAV
- * field that's actualy injected in a number of other properties. If
+ * {DAV:}displayname
+ * {http://sabredav.org/ns}email-address - This is a custom SabreDAV
+ * field that's actually injected in a number of other properties. If
* you have an email address, use this property.
- *
- * @param string $prefixPath
- * @return array
+ *
+ * @param string $prefixPath
+ * @return array
*/
function getPrincipalsByPrefix($prefixPath);
/**
* Returns a specific principal, specified by it's path.
- * The returned structure should be the exact same as from
- * getPrincipalsByPrefix.
- *
- * @param string $path
- * @return array
+ * The returned structure should be the exact same as from
+ * getPrincipalsByPrefix.
+ *
+ * @param string $path
+ * @return array
*/
function getPrincipalByPath($path);
/**
- * Returns the list of members for a group-principal
- *
- * @param string $principal
- * @return array
+ * Updates one ore more webdav properties on a principal.
+ *
+ * The list of mutations is supplied as an array. Each key in the array is
+ * a propertyname, such as {DAV:}displayname.
+ *
+ * Each value is the actual value to be updated. If a value is null, it
+ * must be deleted.
+ *
+ * This method should be atomic. It must either completely succeed, or
+ * completely fail. Success and failure can simply be returned as 'true' or
+ * 'false'.
+ *
+ * It is also possible to return detailed failure information. In that case
+ * an array such as this should be returned:
+ *
+ * array(
+ * 200 => array(
+ * '{DAV:}prop1' => null,
+ * ),
+ * 201 => array(
+ * '{DAV:}prop2' => null,
+ * ),
+ * 403 => array(
+ * '{DAV:}prop3' => null,
+ * ),
+ * 424 => array(
+ * '{DAV:}prop4' => null,
+ * ),
+ * );
+ *
+ * In this previous example prop1 was successfully updated or deleted, and
+ * prop2 was succesfully created.
+ *
+ * prop3 failed to update due to '403 Forbidden' and because of this prop4
+ * also could not be updated with '424 Failed dependency'.
+ *
+ * This last example was actually incorrect. While 200 and 201 could appear
+ * in 1 response, if there's any error (403) the other properties should
+ * always fail with 423 (failed dependency).
+ *
+ * But anyway, if you don't want to scratch your head over this, just
+ * return true or false.
+ *
+ * @param string $path
+ * @param array $mutations
+ * @return array|bool
+ */
+ function updatePrincipal($path, $mutations);
+
+ /**
+ * This method is used to search for principals matching a set of
+ * properties.
+ *
+ * This search is specifically used by RFC3744's principal-property-search
+ * REPORT. You should at least allow searching on
+ * http://sabredav.org/ns}email-address.
+ *
+ * The actual search should be a unicode-non-case-sensitive search. The
+ * keys in searchProperties are the WebDAV property names, while the values
+ * are the property values to search on.
+ *
+ * If multiple properties are being searched on, the search should be
+ * AND'ed.
+ *
+ * This method should simply return an array with full principal uri's.
+ *
+ * If somebody attempted to search on a property the backend does not
+ * support, you should simply return 0 results.
+ *
+ * You can also just return 0 results if you choose to not support
+ * searching at all, but keep in mind that this may stop certain features
+ * from working.
+ *
+ * @param string $prefixPath
+ * @param array $searchProperties
+ * @return array
+ */
+ function searchPrincipals($prefixPath, array $searchProperties);
+
+ /**
+ * Returns the list of members for a group-principal
+ *
+ * @param string $principal
+ * @return array
*/
function getGroupMemberSet($principal);
/**
- * Returns the list of groups a principal is a member of
- *
- * @param string $principal
- * @return array
+ * Returns the list of groups a principal is a member of
+ *
+ * @param string $principal
+ * @return array
*/
function getGroupMembership($principal);
/**
* Updates the list of group members for a group principal.
*
- * The principals should be passed as a list of uri's.
- *
- * @param string $principal
- * @param array $members
+ * The principals should be passed as a list of uri's.
+ *
+ * @param string $principal
+ * @param array $members
* @return void
*/
- function setGroupMemberSet($principal, array $members);
+ function setGroupMemberSet($principal, array $members);
}
diff --git a/3rdparty/Sabre/DAVACL/Plugin.php b/3rdparty/Sabre/DAVACL/Plugin.php
index b964bdb5dec..5c828c6d97b 100644..100755
--- a/3rdparty/Sabre/DAVACL/Plugin.php
+++ b/3rdparty/Sabre/DAVACL/Plugin.php
@@ -6,14 +6,14 @@
* This plugin provides funcitonality to enforce ACL permissions.
* ACL is defined in RFC3744.
*
- * In addition it also provides support for the {DAV:}current-user-principal
- * property, defined in RFC5397 and the {DAV:}expand-property report, as
- * defined in RFC3253.
- *
+ * In addition it also provides support for the {DAV:}current-user-principal
+ * property, defined in RFC5397 and the {DAV:}expand-property report, as
+ * defined in RFC3253.
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
@@ -40,16 +40,16 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
const R_RECURSIVEPARENTS = 3;
/**
- * Reference to server object.
- *
- * @var Sabre_DAV_Server
+ * Reference to server object.
+ *
+ * @var Sabre_DAV_Server
*/
protected $server;
/**
* List of urls containing principal collections.
- * Modify this if your principals are located elsewhere.
- *
+ * Modify this if your principals are located elsewhere.
+ *
* @var array
*/
public $principalCollectionSet = array(
@@ -57,14 +57,14 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
);
/**
- * By default ACL is only enforced for nodes that have ACL support (the
- * ones that implement Sabre_DAVACL_IACL). For any other node, access is
+ * By default ACL is only enforced for nodes that have ACL support (the
+ * ones that implement Sabre_DAVACL_IACL). For any other node, access is
* always granted.
*
- * To override this behaviour you can turn this setting off. This is useful
+ * To override this behaviour you can turn this setting off. This is useful
* if you plan to fully support ACL in the entire tree.
*
- * @var bool
+ * @var bool
*/
public $allowAccessToNodesWithoutACL = true;
@@ -72,28 +72,50 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* By default nodes that are inaccessible by the user, can still be seen
* in directory listings (PROPFIND on parent with Depth: 1)
*
- * In certain cases it's desirable to hide inaccessible nodes. Setting this
+ * In certain cases it's desirable to hide inaccessible nodes. Setting this
* to true will cause these nodes to be hidden from directory listings.
- *
- * @var bool
+ *
+ * @var bool
*/
public $hideNodesFromListings = false;
/**
- * This string is prepended to the username of the currently logged in
- * user. This allows the plugin to determine the principal path based on
+ * This string is prepended to the username of the currently logged in
+ * user. This allows the plugin to determine the principal path based on
* the username.
- *
+ *
* @var string
*/
public $defaultUsernamePath = 'principals';
/**
+ * This list of properties are the properties a client can search on using
+ * the {DAV:}principal-property-search report.
+ *
+ * The keys are the property names, values are descriptions.
+ *
+ * @var array
+ */
+ public $principalSearchPropertySet = array(
+ '{DAV:}displayname' => 'Display name',
+ '{http://sabredav.org/ns}email-address' => 'Email address',
+ );
+
+ /**
+ * Any principal uri's added here, will automatically be added to the list
+ * of ACL's. They will effectively receive {DAV:}all privileges, as a
+ * protected privilege.
+ *
+ * @var array
+ */
+ public $adminPrincipals = array();
+
+ /**
* Returns a list of features added by this plugin.
*
* This list is used in the response of a HTTP OPTIONS request.
- *
- * @return array
+ *
+ * @return array
*/
public function getFeatures() {
@@ -102,10 +124,10 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
/**
- * Returns a list of available methods for a given url
- *
- * @param string $uri
- * @return array
+ * Returns a list of available methods for a given url
+ *
+ * @param string $uri
+ * @return array
*/
public function getMethods($uri) {
@@ -115,11 +137,11 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/**
* Returns a plugin name.
- *
+ *
* Using this name other plugins will be able to access other plugins
- * using Sabre_DAV_Server::getPlugin
- *
- * @return string
+ * using Sabre_DAV_Server::getPlugin
+ *
+ * @return string
*/
public function getPluginName() {
@@ -131,37 +153,38 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* Returns a list of reports this plugin supports.
*
* This will be used in the {DAV:}supported-report-set property.
- * Note that you still need to subscribe to the 'report' event to actually
- * implement them
- *
+ * Note that you still need to subscribe to the 'report' event to actually
+ * implement them
+ *
* @param string $uri
- * @return array
+ * @return array
*/
public function getSupportedReportSet($uri) {
return array(
'{DAV:}expand-property',
'{DAV:}principal-property-search',
- '{DAV:}principal-search-property-set',
+ '{DAV:}principal-search-property-set',
);
}
/**
- * Checks if the current user has the specified privilege(s).
- *
+ * Checks if the current user has the specified privilege(s).
+ *
* You can specify a single privilege, or a list of privileges.
* This method will throw an exception if the privilege is not available
* and return true otherwise.
*
* @param string $uri
* @param array|string $privileges
- * @param bool $throwExceptions if set to false, this method won't through exceptions.
+ * @param int $recursion
+ * @param bool $throwExceptions if set to false, this method won't through exceptions.
* @throws Sabre_DAVACL_Exception_NeedPrivileges
- * @return bool
+ * @return bool
*/
- public function checkPrivileges($uri,$privileges,$recursion = self::R_PARENT, $throwExceptions = true) {
+ public function checkPrivileges($uri, $privileges, $recursion = self::R_PARENT, $throwExceptions = true) {
if (!is_array($privileges)) $privileges = array($privileges);
@@ -171,7 +194,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
if ($this->allowAccessToNodesWithoutACL) {
return true;
} else {
- if ($throwExceptions)
+ if ($throwExceptions)
throw new Sabre_DAVACL_Exception_NeedPrivileges($uri,$privileges);
else
return false;
@@ -189,7 +212,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
if ($failed) {
- if ($throwExceptions)
+ if ($throwExceptions)
throw new Sabre_DAVACL_Exception_NeedPrivileges($uri,$failed);
else
return false;
@@ -202,9 +225,9 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* Returns the standard users' principal.
*
* This is one authorative principal url for the current user.
- * This method will return null if the user wasn't logged in.
- *
- * @return string|null
+ * This method will return null if the user wasn't logged in.
+ *
+ * @return string|null
*/
public function getCurrentUserPrincipal() {
@@ -220,9 +243,9 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/**
* Returns a list of principals that's associated to the current
- * user, either directly or through group membership.
- *
- * @return array
+ * user, either directly or through group membership.
+ *
+ * @return array
*/
public function getCurrentUserPrincipals() {
@@ -236,7 +259,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
while(count($check)) {
$principal = array_shift($check);
-
+
$node = $this->server->tree->getNodeForPath($principal);
if ($node instanceof Sabre_DAVACL_IPrincipal) {
foreach($node->getGroupMembership() as $groupMember) {
@@ -262,11 +285,38 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* Returns the supported privilege structure for this ACL plugin.
*
* See RFC3744 for more details. Currently we default on a simple,
- * standard structure.
- *
- * @return array
+ * standard structure.
+ *
+ * You can either get the list of privileges by a uri (path) or by
+ * specifying a Node.
+ *
+ * @param string|Sabre_DAV_INode $node
+ * @return array
*/
- public function getSupportedPrivilegeSet() {
+ public function getSupportedPrivilegeSet($node) {
+
+ if (is_string($node)) {
+ $node = $this->server->tree->getNodeForPath($node);
+ }
+
+ if ($node instanceof Sabre_DAVACL_IACL) {
+ $result = $node->getSupportedPrivilegeSet();
+
+ if ($result)
+ return $result;
+ }
+
+ return self::getDefaultSupportedPrivilegeSet();
+
+ }
+
+ /**
+ * Returns a fairly standard set of privileges, which may be useful for
+ * other systems to use as a basis.
+ *
+ * @return array
+ */
+ static function getDefaultSupportedPrivilegeSet() {
return array(
'privilege' => '{DAV:}all',
@@ -314,7 +364,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
),
),
), // {DAV:}write
- ),
+ ),
); // {DAV:}all
}
@@ -329,12 +379,13 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* - aggregates
* - abstract
* - concrete
- *
- * @return array
+ *
+ * @param string|Sabre_DAV_INode $node
+ * @return array
*/
- final public function getFlatPrivilegeSet() {
+ final public function getFlatPrivilegeSet($node) {
- $privs = $this->getSupportedPrivilegeSet();
+ $privs = $this->getSupportedPrivilegeSet($node);
$flat = array();
$this->getFPSTraverse($privs, null, $flat);
@@ -346,9 +397,12 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/**
* Traverses the privilege set tree for reordering
*
- * This function is solely used by getFlatPrivilegeSet, and would have been
+ * This function is solely used by getFlatPrivilegeSet, and would have been
* a closure if it wasn't for the fact I need to support PHP 5.2.
- *
+ *
+ * @param array $priv
+ * @param $concrete
+ * @param array $flat
* @return void
*/
final private function getFPSTraverse($priv, $concrete, &$flat) {
@@ -368,7 +422,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
if (isset($priv['aggregates'])) {
foreach($priv['aggregates'] as $subPriv) {
-
+
$this->getFPSTraverse($subPriv, $myPriv['concrete'], $flat);
}
@@ -382,8 +436,8 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
*
* Either a uri or a Sabre_DAV_INode may be passed.
*
- * null will be returned if the node doesn't support ACLs.
- *
+ * null will be returned if the node doesn't support ACLs.
+ *
* @param string|Sabre_DAV_INode $node
* @return array
*/
@@ -392,10 +446,18 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
if (is_string($node)) {
$node = $this->server->tree->getNodeForPath($node);
}
- if ($node instanceof Sabre_DAVACL_IACL) {
- return $node->getACL();
+ if (!$node instanceof Sabre_DAVACL_IACL) {
+ return null;
}
- return null;
+ $acl = $node->getACL();
+ foreach($this->adminPrincipals as $adminPrincipal) {
+ $acl[] = array(
+ 'principal' => $adminPrincipal,
+ 'privilege' => '{DAV:}all',
+ 'protected' => true,
+ );
+ }
+ return $acl;
}
@@ -405,10 +467,10 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
*
* Either a uri or a Sabre_DAV_INode may be passed.
*
- * null will be returned if the node doesn't support ACLs.
- *
- * @param string|Sabre_DAV_INode $node
- * @return array
+ * null will be returned if the node doesn't support ACLs.
+ *
+ * @param string|Sabre_DAV_INode $node
+ * @return array
*/
public function getCurrentUserPrivilegeSet($node) {
@@ -417,6 +479,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
$acl = $this->getACL($node);
+
if (is_null($acl)) return null;
$principals = $this->getCurrentUserPrincipals();
@@ -425,27 +488,121 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
foreach($acl as $ace) {
- if (in_array($ace['principal'], $principals)) {
- $collected[] = $ace;
+ $principal = $ace['principal'];
+
+ switch($principal) {
+
+ case '{DAV:}owner' :
+ $owner = $node->getOwner();
+ if ($owner && in_array($owner, $principals)) {
+ $collected[] = $ace;
+ }
+ break;
+
+
+ // 'all' matches for every user
+ case '{DAV:}all' :
+
+ // 'authenticated' matched for every user that's logged in.
+ // Since it's not possible to use ACL while not being logged
+ // in, this is also always true.
+ case '{DAV:}authenticated' :
+ $collected[] = $ace;
+ break;
+
+ // 'unauthenticated' can never occur either, so we simply
+ // ignore these.
+ case '{DAV:}unauthenticated' :
+ break;
+
+ default :
+ if (in_array($ace['principal'], $principals)) {
+ $collected[] = $ace;
+ }
+ break;
+
}
+
+
}
// Now we deduct all aggregated privileges.
- $flat = $this->getFlatPrivilegeSet();
+ $flat = $this->getFlatPrivilegeSet($node);
$collected2 = array();
- foreach($collected as $privilege) {
+ while(count($collected)) {
+
+ $current = array_pop($collected);
+ $collected2[] = $current['privilege'];
- $collected2[] = $privilege['privilege'];
- foreach($flat[$privilege['privilege']]['aggregates'] as $subPriv) {
- if (!in_array($subPriv, $collected2))
- $collected2[] = $subPriv;
+ foreach($flat[$current['privilege']]['aggregates'] as $subPriv) {
+ $collected2[] = $subPriv;
+ $collected[] = $flat[$subPriv];
}
}
- return $collected2;
+ return array_values(array_unique($collected2));
+
+ }
+
+ /**
+ * Principal property search
+ *
+ * This method can search for principals matching certain values in
+ * properties.
+ *
+ * This method will return a list of properties for the matched properties.
+ *
+ * @param array $searchProperties The properties to search on. This is a
+ * key-value list. The keys are property
+ * names, and the values the strings to
+ * match them on.
+ * @param array $requestedProperties This is the list of properties to
+ * return for every match.
+ * @param string $collectionUri The principal collection to search on.
+ * If this is ommitted, the standard
+ * principal collection-set will be used.
+ * @return array This method returns an array structure similar to
+ * Sabre_DAV_Server::getPropertiesForPath. Returned
+ * properties are index by a HTTP status code.
+ *
+ */
+ public function principalSearch(array $searchProperties, array $requestedProperties, $collectionUri = null) {
+
+ if (!is_null($collectionUri)) {
+ $uris = array($collectionUri);
+ } else {
+ $uris = $this->principalCollectionSet;
+ }
+
+ $lookupResults = array();
+ foreach($uris as $uri) {
+
+ $principalCollection = $this->server->tree->getNodeForPath($uri);
+ if (!$principalCollection instanceof Sabre_DAVACL_AbstractPrincipalCollection) {
+ // Not a principal collection, we're simply going to ignore
+ // this.
+ continue;
+ }
+
+ $results = $principalCollection->searchPrincipals($searchProperties);
+ foreach($results as $result) {
+ $lookupResults[] = rtrim($uri,'/') . '/' . $result;
+ }
+
+ }
+
+ $matches = array();
+
+ foreach($lookupResults as $lookupResult) {
+
+ list($matches[]) = $this->server->getPropertiesForPath($lookupResult, $requestedProperties, 0);
+
+ }
+
+ return $matches;
}
@@ -453,8 +610,8 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* Sets up the plugin
*
* This method is automatically called by the server class.
- *
- * @param Sabre_DAV_Server $server
+ *
+ * @param Sabre_DAV_Server $server
* @return void
*/
public function initialize(Sabre_DAV_Server $server) {
@@ -485,11 +642,11 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
'{DAV:}group'
);
- // Automatically mapping nodes implementing IPrincipal to the
+ // Automatically mapping nodes implementing IPrincipal to the
// {DAV:}principal resourcetype.
$server->resourceTypeMapping['Sabre_DAVACL_IPrincipal'] = '{DAV:}principal';
- // Mapping the group-member-set property to the HrefList property
+ // Mapping the group-member-set property to the HrefList property
// class.
$server->propertyMap['{DAV:}group-member-set'] = 'Sabre_DAV_Property_HrefList';
@@ -499,10 +656,10 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/* {{{ Event handlers */
/**
- * Triggered before any method is handled
- *
- * @param string $method
- * @param string $uri
+ * Triggered before any method is handled
+ *
+ * @param string $method
+ * @param string $uri
* @return void
*/
public function beforeMethod($method, $uri) {
@@ -523,14 +680,14 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
case 'PUT' :
case 'LOCK' :
- case 'UNLOCK' :
- // This method requires the write-content priv if the node
- // already exists, and bind on the parent if the node is being
- // created.
- // The bind privilege is handled in the beforeBind event.
+ case 'UNLOCK' :
+ // This method requires the write-content priv if the node
+ // already exists, and bind on the parent if the node is being
+ // created.
+ // The bind privilege is handled in the beforeBind event.
$this->checkPrivileges($uri,'{DAV:}write-content');
break;
-
+
case 'PROPPATCH' :
$this->checkPrivileges($uri,'{DAV:}write-properties');
@@ -543,16 +700,16 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
case 'COPY' :
case 'MOVE' :
// Copy requires read privileges on the entire source tree.
- // If the target exists write-content normally needs to be
- // checked, however, we're deleting the node beforehand and
- // creating a new one after, so this is handled by the
+ // If the target exists write-content normally needs to be
+ // checked, however, we're deleting the node beforehand and
+ // creating a new one after, so this is handled by the
// beforeUnbind event.
- //
- // The creation of the new node is handled by the beforeBind
+ //
+ // The creation of the new node is handled by the beforeBind
// event.
//
- // If MOVE is used beforeUnbind will also be used to check if
- // the sourcenode can be deleted.
+ // If MOVE is used beforeUnbind will also be used to check if
+ // the sourcenode can be deleted.
$this->checkPrivileges($uri,'{DAV:}read',self::R_RECURSIVE);
break;
@@ -563,11 +720,11 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/**
* Triggered before a new node is created.
- *
+ *
* This allows us to check permissions for any operation that creates a
* new node, such as PUT, MKCOL, MKCALENDAR, LOCK, COPY and MOVE.
- *
- * @param string $uri
+ *
+ * @param string $uri
* @return void
*/
public function beforeBind($uri) {
@@ -578,12 +735,12 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
/**
- * Triggered before a node is deleted
- *
- * This allows us to check permissions for any operation that will delete
- * an existing node.
- *
- * @param string $uri
+ * Triggered before a node is deleted
+ *
+ * This allows us to check permissions for any operation that will delete
+ * an existing node.
+ *
+ * @param string $uri
* @return void
*/
public function beforeUnbind($uri) {
@@ -594,26 +751,26 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
/**
- * Triggered before a node is unlocked.
- *
- * @param string $uri
+ * Triggered before a node is unlocked.
+ *
+ * @param string $uri
* @param Sabre_DAV_Locks_LockInfo $lock
- * @TODO: not yet implemented
+ * @TODO: not yet implemented
* @return void
*/
public function beforeUnlock($uri, Sabre_DAV_Locks_LockInfo $lock) {
-
+
}
/**
- * Triggered before properties are looked up in specific nodes.
- *
- * @param string $uri
- * @param Sabre_DAV_INode $node
- * @param array $requestedProperties
+ * Triggered before properties are looked up in specific nodes.
+ *
+ * @param string $uri
+ * @param Sabre_DAV_INode $node
+ * @param array $requestedProperties
* @param array $returnedProperties
- * @TODO really should be broken into multiple methods, or even a class.
+ * @TODO really should be broken into multiple methods, or even a class.
* @return void
*/
public function beforeGetProperties($uri, Sabre_DAV_INode $node, &$requestedProperties, &$returnedProperties) {
@@ -633,7 +790,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
return;
- }
+ }
/* Adding principal properties */
if ($node instanceof Sabre_DAVACL_IPrincipal) {
@@ -692,7 +849,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
if (false !== ($index = array_search('{DAV:}supported-privilege-set', $requestedProperties))) {
unset($requestedProperties[$index]);
- $returnedProperties[200]['{DAV:}supported-privilege-set'] = new Sabre_DAVACL_Property_SupportedPrivilegeSet($this->getSupportedPrivilegeSet());
+ $returnedProperties[200]['{DAV:}supported-privilege-set'] = new Sabre_DAVACL_Property_SupportedPrivilegeSet($this->getSupportedPrivilegeSet($node));
}
if (false !== ($index = array_search('{DAV:}current-user-privilege-set', $requestedProperties))) {
@@ -730,16 +887,24 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
+ /* The acl-restrictions property contains information on how privileges
+ * must behave.
+ */
+ if (false !== ($index = array_search('{DAV:}acl-restrictions', $requestedProperties))) {
+ unset($requestedProperties[$index]);
+ $returnedProperties[200]['{DAV:}acl-restrictions'] = new Sabre_DAVACL_Property_AclRestrictions();
+ }
+
}
/**
- * This method intercepts PROPPATCH methods and make sure the
- * group-member-set is updated correctly.
- *
- * @param array $propertyDelta
- * @param array $result
- * @param Sabre_DAV_INode $node
- * @return void
+ * This method intercepts PROPPATCH methods and make sure the
+ * group-member-set is updated correctly.
+ *
+ * @param array $propertyDelta
+ * @param array $result
+ * @param Sabre_DAV_INode $node
+ * @return bool
*/
public function updateProperties(&$propertyDelta, &$result, Sabre_DAV_INode $node) {
@@ -763,18 +928,18 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
$node->setGroupMemberSet($memberSet);
-
+
$result[200]['{DAV:}group-member-set'] = null;
unset($propertyDelta['{DAV:}group-member-set']);
}
/**
- * This method handels HTTP REPORT requests
- *
- * @param string $reportName
- * @param DOMNode $dom
- * @return void
+ * This method handels HTTP REPORT requests
+ *
+ * @param string $reportName
+ * @param DOMNode $dom
+ * @return bool
*/
public function report($reportName, $dom) {
@@ -785,7 +950,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
return false;
case '{DAV:}principal-search-property-set' :
$this->principalSearchPropertySetReport($dom);
- return false;
+ return false;
case '{DAV:}expand-property' :
$this->expandPropertyReport($dom);
return false;
@@ -795,12 +960,12 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
/**
- * This event is triggered for any HTTP method that is not known by the
- * webserver.
+ * This event is triggered for any HTTP method that is not known by the
+ * webserver.
*
- * @param string $method
- * @param string $uri
- * @return void
+ * @param string $method
+ * @param string $uri
+ * @return bool
*/
public function unknownMethod($method, $uri) {
@@ -817,12 +982,12 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* @param string $uri
* @return void
*/
- public function httpACL($uri) {
+ public function httpACL($uri) {
$body = $this->server->httpRequest->getBody(true);
$dom = Sabre_DAV_XMLUtil::loadDOMDocument($body);
- $newAcl =
+ $newAcl =
Sabre_DAVACL_Property_Acl::unserialize($dom->firstChild)
->getPrivileges();
@@ -839,13 +1004,13 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
$oldAcl = $this->getACL($node);
- $supportedPrivileges = $this->getFlatPrivilegeSet();
+ $supportedPrivileges = $this->getFlatPrivilegeSet($node);
- /* Checking if protected principals from the existing principal set are
+ /* Checking if protected principals from the existing principal set are
not overwritten. */
- foreach($oldAcl as $k=>$oldAce) {
+ foreach($oldAcl as $oldAce) {
- if (!isset($oldAce['protected']) || !$oldAce['protected']) continue;
+ if (!isset($oldAce['protected']) || !$oldAce['protected']) continue;
$found = false;
foreach($newAcl as $newAce) {
@@ -853,16 +1018,16 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
$newAce['privilege'] === $oldAce['privilege'] &&
$newAce['principal'] === $oldAce['principal'] &&
$newAce['protected']
- )
+ )
$found = true;
}
- if (!$found)
+ if (!$found)
throw new Sabre_DAVACL_Exception_AceConflict('This resource contained a protected {DAV:}ace, but this privilege did not occur in the ACL request');
}
- foreach($newAcl as $k=>$newAce) {
+ foreach($newAcl as $newAce) {
// Do we recognize the privilege
if (!isset($supportedPrivileges[$newAce['privilege']])) {
@@ -876,12 +1041,12 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
// Looking up the principal
try {
$principal = $this->server->tree->getNodeForPath($newAce['principal']);
- } catch (Sabre_DAV_Exception_FileNotFound $e) {
+ } catch (Sabre_DAV_Exception_NotFound $e) {
throw new Sabre_DAVACL_Exception_NotRecognizedPrincipal('The specified principal (' . $newAce['principal'] . ') does not exist');
}
if (!($principal instanceof Sabre_DAVACL_IPrincipal)) {
throw new Sabre_DAVACL_Exception_NotRecognizedPrincipal('The specified uri (' . $newAce['principal'] . ') is not a principal');
- }
+ }
}
$node->setACL($newAcl);
@@ -893,7 +1058,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/* Reports {{{ */
/**
- * The expand-property report is defined in RFC3253 section 3-8.
+ * The expand-property report is defined in RFC3253 section 3-8.
*
* This report is very similar to a standard PROPFIND. The difference is
* that it has the additional ability to look at properties containing a
@@ -903,7 +1068,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* Other rfc's, such as ACL rely on this report, so it made sense to put
* it in this plugin.
*
- * @param DOMElement $dom
+ * @param DOMElement $dom
* @return void
*/
protected function expandPropertyReport($dom) {
@@ -940,9 +1105,9 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/**
* This method is used by expandPropertyReport to parse
* out the entire HTTP request.
- *
- * @param DOMElement $node
- * @return array
+ *
+ * @param DOMElement $node
+ * @return array
*/
protected function parseExpandPropertyReportRequest($node) {
@@ -950,9 +1115,9 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
do {
if (Sabre_DAV_XMLUtil::toClarkNotation($node)!=='{DAV:}property') continue;
-
+
if ($node->firstChild) {
-
+
$children = $this->parseExpandPropertyReportRequest($node->firstChild);
} else {
@@ -965,7 +1130,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
if (!$namespace) $namespace = 'DAV:';
$propName = '{'.$namespace.'}' . $node->getAttribute('name');
- $requestedProperties[$propName] = $children;
+ $requestedProperties[$propName] = $children;
} while ($node = $node->nextSibling);
@@ -979,11 +1144,12 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
*
* @param array $path
* @param array $requestedProperties the list of required properties
- * @param array $depth
+ * @param int $depth
+ * @return array
*/
- protected function expandProperties($path,array $requestedProperties,$depth) {
+ protected function expandProperties($path, array $requestedProperties, $depth) {
- $foundProperties = $this->server->getPropertiesForPath($path,array_keys($requestedProperties),$depth);
+ $foundProperties = $this->server->getPropertiesForPath($path, array_keys($requestedProperties), $depth);
$result = array();
@@ -993,7 +1159,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
// We're only traversing if sub-properties were requested
if(count($childRequestedProperties)===0) continue;
-
+
// We only have to do the expansion if the property was found
// and it contains an href element.
if (!array_key_exists($propertyName,$node[200])) continue;
@@ -1006,7 +1172,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
$childProps = array();
foreach($hrefs as $href) {
- $childProps = array_merge($childProps, $this->expandProperties($href,$childRequestedProperties,0));
+ $childProps = array_merge($childProps, $this->expandProperties($href, $childRequestedProperties, 0));
}
$node[200][$propertyName] = new Sabre_DAV_Property_ResponseList($childProps);
@@ -1022,27 +1188,23 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/**
* principalSearchPropertySetReport
*
- * This method responsible for handing the
+ * This method responsible for handing the
* {DAV:}principal-search-property-set report. This report returns a list
* of properties the client may search on, using the
* {DAV:}principal-property-search report.
- *
- * @param DOMDocument $dom
+ *
+ * @param DOMDocument $dom
* @return void
*/
protected function principalSearchPropertySetReport(DOMDocument $dom) {
- $searchProperties = array(
- '{DAV:}displayname' => 'display name'
- );
-
$httpDepth = $this->server->getHTTPDepth(0);
if ($httpDepth!==0) {
throw new Sabre_DAV_Exception_BadRequest('This report is only defined when Depth: 0');
}
-
- if ($dom->firstChild->hasChildNodes())
- throw new Sabre_DAV_Exception_BadRequest('The principal-search-property-set report element is not allowed to have child elements');
+
+ if ($dom->firstChild->hasChildNodes())
+ throw new Sabre_DAV_Exception_BadRequest('The principal-search-property-set report element is not allowed to have child elements');
$dom = new DOMDocument('1.0','utf-8');
$dom->formatOutput = true;
@@ -1055,16 +1217,16 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
}
- $nsList = $this->server->xmlNamespaces;
+ $nsList = $this->server->xmlNamespaces;
- foreach($searchProperties as $propertyName=>$description) {
+ foreach($this->principalSearchPropertySet as $propertyName=>$description) {
$psp = $dom->createElement('d:principal-search-property');
$root->appendChild($psp);
$prop = $dom->createElement('d:prop');
$psp->appendChild($prop);
-
+
$propName = null;
preg_match('/^{([^}]*)}(.*)$/',$propertyName,$propName);
@@ -1088,78 +1250,25 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
/**
* principalPropertySearchReport
*
- * This method is reponsible for handing the
- * {DAV:}principal-property-search report. This report can be used for
+ * This method is responsible for handing the
+ * {DAV:}principal-property-search report. This report can be used for
* clients to search for groups of principals, based on the value of one
* or more properties.
- *
- * @param DOMDocument $dom
+ *
+ * @param DOMDocument $dom
* @return void
*/
protected function principalPropertySearchReport(DOMDocument $dom) {
- $searchableProperties = array(
- '{DAV:}displayname' => 'display name'
-
- );
-
list($searchProperties, $requestedProperties, $applyToPrincipalCollectionSet) = $this->parsePrincipalPropertySearchReportRequest($dom);
- $result = array();
-
- if ($applyToPrincipalCollectionSet) {
- $uris = array();
- } else {
- $uris = array($this->server->getRequestUri());
- }
-
- $lookupResults = array();
- foreach($uris as $uri) {
-
- $p = array_keys($searchProperties);
- $p[] = '{DAV:}resourcetype';
- $r = $this->server->getPropertiesForPath($uri, $p, 1);
-
- // The first item in the results is the parent, so we get rid of it.
- array_shift($r);
- $lookupResults = array_merge($lookupResults, $r);
- }
-
- $matches = array();
-
- foreach($lookupResults as $lookupResult) {
-
- // We're only looking for principals
- if (!isset($lookupResult[200]['{DAV:}resourcetype']) ||
- (!($lookupResult[200]['{DAV:}resourcetype'] instanceof Sabre_DAV_Property_ResourceType)) ||
- !$lookupResult[200]['{DAV:}resourcetype']->is('{DAV:}principal')) continue;
-
- foreach($searchProperties as $searchProperty=>$searchValue) {
- if (!isset($searchableProperties[$searchProperty])) {
- // If a property is not 'searchable', the spec dictates
- // this is not a match.
- continue;
- }
-
- if (isset($lookupResult[200][$searchProperty]) &&
- mb_stripos($lookupResult[200][$searchProperty], $searchValue, 0, 'UTF-8')!==false) {
- $matches[] = $lookupResult['href'];
- }
-
- }
-
+ $uri = null;
+ if (!$applyToPrincipalCollectionSet) {
+ $uri = $this->server->getRequestUri();
}
+ $result = $this->principalSearch($searchProperties, $requestedProperties, $uri);
- $matchProperties = array();
-
- foreach($matches as $match) {
-
- list($result) = $this->server->getPropertiesForPath($match, $requestedProperties, 0);
- $matchProperties[] = $result;
-
- }
-
- $xml = $this->server->generateMultiStatus($matchProperties);
+ $xml = $this->server->generateMultiStatus($result);
$this->server->httpResponse->setHeader('Content-Type','application/xml; charset=utf-8');
$this->server->httpResponse->sendStatus(207);
$this->server->httpResponse->sendBody($xml);
@@ -1175,9 +1284,9 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
* This method returns an array with two elements:
* 1. an array with properties to search on, and their values
* 2. a list of propertyvalues that should be returned for the request.
- *
- * @param DOMDocument $dom
- * @return array
+ *
+ * @param DOMDocument $dom
+ * @return array
*/
protected function parsePrincipalPropertySearchReportRequest($dom) {
@@ -1193,8 +1302,9 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
// Parsing the search request
foreach($dom->firstChild->childNodes as $searchNode) {
- if (Sabre_DAV_XMLUtil::toClarkNotation($searchNode) == '{DAV:}apply-to-principal-collection-set')
+ if (Sabre_DAV_XMLUtil::toClarkNotation($searchNode) == '{DAV:}apply-to-principal-collection-set') {
$applyToPrincipalCollectionSet = true;
+ }
if (Sabre_DAV_XMLUtil::toClarkNotation($searchNode)!=='{DAV:}property-search')
continue;
@@ -1208,7 +1318,7 @@ class Sabre_DAVACL_Plugin extends Sabre_DAV_ServerPlugin {
case '{DAV:}prop' :
$property = Sabre_DAV_XMLUtil::parseProperties($searchNode);
- reset($property);
+ reset($property);
$propertyName = key($property);
break;
diff --git a/3rdparty/Sabre/DAVACL/Principal.php b/3rdparty/Sabre/DAVACL/Principal.php
index 790603c900f..51c6658afd6 100644..100755
--- a/3rdparty/Sabre/DAVACL/Principal.php
+++ b/3rdparty/Sabre/DAVACL/Principal.php
@@ -4,17 +4,17 @@
* Principal class
*
* This class is a representation of a simple principal
- *
- * Many WebDAV specs require a user to show up in the directory
- * structure.
+ *
+ * Many WebDAV specs require a user to show up in the directory
+ * structure.
*
* This principal also has basic ACL settings, only allowing the principal
- * access it's own principal.
- *
+ * access it's own principal.
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPrincipal, Sabre_DAV_IProperties, Sabre_DAVACL_IACL {
@@ -22,20 +22,21 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
/**
* Struct with principal information.
*
- * @var array
+ * @var array
*/
protected $principalProperties;
/**
- * Principal backend
- *
- * @var Sabre_DAVACL_IPrincipalBackend
+ * Principal backend
+ *
+ * @var Sabre_DAVACL_IPrincipalBackend
*/
protected $principalBackend;
/**
- * Creates the principal object
+ * Creates the principal object
*
+ * @param Sabre_DAVACL_IPrincipalBackend $principalBackend
* @param array $principalProperties
*/
public function __construct(Sabre_DAVACL_IPrincipalBackend $principalBackend, array $principalProperties = array()) {
@@ -49,22 +50,22 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
}
/**
- * Returns the full principal url
- *
- * @return string
+ * Returns the full principal url
+ *
+ * @return string
*/
public function getPrincipalUrl() {
return $this->principalProperties['uri'];
- }
+ }
/**
- * Returns a list of altenative urls for a principal
- *
+ * Returns a list of alternative urls for a principal
+ *
* This can for example be an email address, or ldap url.
- *
- * @return array
+ *
+ * @return array
*/
public function getAlternateUriSet() {
@@ -79,16 +80,16 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
$uris[] = 'mailto:' . $this->principalProperties['{http://sabredav.org/ns}email-address'];
}
- return array_unique($uris);
+ return array_unique($uris);
}
/**
* Returns the list of group members
- *
+ *
* If this principal is a group, this function should return
- * all member principal uri's for the group.
- *
+ * all member principal uri's for the group.
+ *
* @return array
*/
public function getGroupMemberSet() {
@@ -99,11 +100,11 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
/**
* Returns the list of groups this principal is member of
- *
+ *
* If this principal is a member of a (list of) groups, this function
- * should return a list of principal uri's for it's members.
- *
- * @return array
+ * should return a list of principal uri's for it's members.
+ *
+ * @return array
*/
public function getGroupMembership() {
@@ -117,11 +118,11 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
*
* If this principal is a group, this method sets all the group members.
* The list of members is always overwritten, never appended to.
- *
- * This method should throw an exception if the members could not be set.
- *
- * @param array $principals
- * @return void
+ *
+ * This method should throw an exception if the members could not be set.
+ *
+ * @param array $groupMembers
+ * @return void
*/
public function setGroupMemberSet(array $groupMembers) {
@@ -132,22 +133,21 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
/**
* Returns this principals name.
- *
- * @return string
+ *
+ * @return string
*/
public function getName() {
$uri = $this->principalProperties['uri'];
list(, $name) = Sabre_DAV_URLUtil::splitPath($uri);
-
return $name;
}
/**
- * Returns the name of the user
- *
- * @return void
+ * Returns the name of the user
+ *
+ * @return string
*/
public function getDisplayName() {
@@ -160,16 +160,16 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
}
/**
- * Returns a list of properties
- *
- * @param array $requestedProperties
- * @return void
+ * Returns a list of properties
+ *
+ * @param array $requestedProperties
+ * @return array
*/
public function getProperties($requestedProperties) {
$newProperties = array();
foreach($requestedProperties as $propName) {
-
+
if (isset($this->principalProperties[$propName])) {
$newProperties[$propName] = $this->principalProperties[$propName];
}
@@ -177,29 +177,27 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
}
return $newProperties;
-
+
}
/**
* Updates this principals properties.
- *
- * Currently this is not supported
*
- * @param array $properties
+ * @param array $mutations
* @see Sabre_DAV_IProperties::updateProperties
- * @return bool|array
+ * @return bool|array
*/
- public function updateProperties($properties) {
+ public function updateProperties($mutations) {
- return false;
+ return $this->principalBackend->updatePrincipal($this->principalProperties['uri'], $mutations);
}
/**
* Returns the owner principal
*
- * This must be a url to a principal, or null if there's no owner
- *
+ * This must be a url to a principal, or null if there's no owner
+ *
* @return string|null
*/
public function getOwner() {
@@ -213,8 +211,8 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
* Returns a group principal
*
* This must be a url to a principal, or null if there's no owner
- *
- * @return string|null
+ *
+ * @return string|null
*/
public function getGroup() {
@@ -226,20 +224,20 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
* Returns a list of ACE's for this node.
*
* Each ACE has the following properties:
- * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
+ * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are
* currently the only supported privileges
* * 'principal', a url to the principal who owns the node
- * * 'protected' (optional), indicating that this ACE is not allowed to
- * be updated.
- *
- * @return array
+ * * 'protected' (optional), indicating that this ACE is not allowed to
+ * be updated.
+ *
+ * @return array
*/
public function getACL() {
return array(
array(
'privilege' => '{DAV:}read',
- 'principal' => $this->principalProperties['uri'],
+ 'principal' => $this->getPrincipalUrl(),
'protected' => true,
),
);
@@ -249,9 +247,9 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
/**
* Updates the ACL
*
- * This method will receive a list of new ACE's.
- *
- * @param array $acl
+ * This method will receive a list of new ACE's.
+ *
+ * @param array $acl
* @return void
*/
public function setACL(array $acl) {
@@ -260,4 +258,22 @@ class Sabre_DAVACL_Principal extends Sabre_DAV_Node implements Sabre_DAVACL_IPri
}
+ /**
+ * Returns the list of supported privileges for this node.
+ *
+ * The returned data structure is a list of nested privileges.
+ * See Sabre_DAVACL_Plugin::getDefaultSupportedPrivilegeSet for a simple
+ * standard structure.
+ *
+ * If null is returned from this method, the default privilege set is used,
+ * which is fine for most common usecases.
+ *
+ * @return array|null
+ */
+ public function getSupportedPrivilegeSet() {
+
+ return null;
+
+ }
+
}
diff --git a/3rdparty/Sabre/DAVACL/PrincipalBackend/PDO.php b/3rdparty/Sabre/DAVACL/PrincipalBackend/PDO.php
index 55bd1903c9b..a76b4a9d727 100644..100755
--- a/3rdparty/Sabre/DAVACL/PrincipalBackend/PDO.php
+++ b/3rdparty/Sabre/DAVACL/PrincipalBackend/PDO.php
@@ -3,46 +3,80 @@
/**
* PDO principal backend
*
- * This is a simple principal backend that maps exactly to the users table, as
+ * This is a simple principal backend that maps exactly to the users table, as
* used by Sabre_DAV_Auth_Backend_PDO.
*
- * It assumes all principals are in a single collection. The default collection
+ * It assumes all principals are in a single collection. The default collection
* is 'principals/', but this can be overriden.
*
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_PrincipalBackend_PDO implements Sabre_DAVACL_IPrincipalBackend {
/**
- * pdo
- *
- * @var PDO
+ * pdo
+ *
+ * @var PDO
*/
protected $pdo;
/**
- * PDO table name for 'principals'
- *
- * @var string
+ * PDO table name for 'principals'
+ *
+ * @var string
*/
protected $tableName;
/**
- * PDO table name for 'group members'
- *
- * @var string
+ * PDO table name for 'group members'
+ *
+ * @var string
*/
protected $groupMembersTableName;
/**
+ * A list of additional fields to support
+ *
+ * @var array
+ */
+ protected $fieldMap = array(
+
+ /**
+ * This property can be used to display the users' real name.
+ */
+ '{DAV:}displayname' => array(
+ 'dbField' => 'displayname',
+ ),
+
+ /**
+ * This property is actually used by the CardDAV plugin, where it gets
+ * mapped to {http://calendarserver.orgi/ns/}me-card.
+ *
+ * The reason we don't straight-up use that property, is because
+ * me-card is defined as a property on the users' addressbook
+ * collection.
+ */
+ '{http://sabredav.org/ns}vcard-url' => array(
+ 'dbField' => 'vcardurl',
+ ),
+ /**
+ * This is the users' primary email-address.
+ */
+ '{http://sabredav.org/ns}email-address' => array(
+ 'dbField' => 'email',
+ ),
+ );
+
+ /**
* Sets up the backend.
- *
+ *
* @param PDO $pdo
- * @param string $tableName
+ * @param string $tableName
+ * @param string $groupMembersTableName
*/
public function __construct(PDO $pdo, $tableName = 'principals', $groupMembersTableName = 'groupmembers') {
@@ -50,27 +84,35 @@ class Sabre_DAVACL_PrincipalBackend_PDO implements Sabre_DAVACL_IPrincipalBacken
$this->tableName = $tableName;
$this->groupMembersTableName = $groupMembersTableName;
- }
+ }
/**
* Returns a list of principals based on a prefix.
*
- * This prefix will often contain something like 'principals'. You are only
+ * This prefix will often contain something like 'principals'. You are only
* expected to return principals that are in this base path.
*
- * You are expected to return at least a 'uri' for every user, you can
+ * You are expected to return at least a 'uri' for every user, you can
* return any additional properties if you wish so. Common properties are:
- * {DAV:}displayname
- * {http://sabredav.org/ns}email-address - This is a custom SabreDAV
+ * {DAV:}displayname
+ * {http://sabredav.org/ns}email-address - This is a custom SabreDAV
* field that's actualy injected in a number of other properties. If
* you have an email address, use this property.
- *
- * @param string $prefixPath
- * @return array
+ *
+ * @param string $prefixPath
+ * @return array
*/
public function getPrincipalsByPrefix($prefixPath) {
- $result = $this->pdo->query('SELECT uri, email, displayname FROM `'. $this->tableName . '`');
+
+ $fields = array(
+ 'uri',
+ );
+
+ foreach($this->fieldMap as $key=>$value) {
+ $fields[] = $value['dbField'];
+ }
+ $result = $this->pdo->query('SELECT '.implode(',', $fields).' FROM '. $this->tableName);
$principals = array();
@@ -80,11 +122,15 @@ class Sabre_DAVACL_PrincipalBackend_PDO implements Sabre_DAVACL_IPrincipalBacken
list($rowPrefix) = Sabre_DAV_URLUtil::splitPath($row['uri']);
if ($rowPrefix !== $prefixPath) continue;
- $principals[] = array(
+ $principal = array(
'uri' => $row['uri'],
- '{DAV:}displayname' => $row['displayname']?$row['displayname']:basename($row['uri']),
- '{http://sabredav.org/ns}email-address' => $row['email'],
);
+ foreach($this->fieldMap as $key=>$value) {
+ if ($row[$value['dbField']]) {
+ $principal[$key] = $row[$value['dbField']];
+ }
+ }
+ $principals[] = $principal;
}
@@ -94,43 +140,218 @@ class Sabre_DAVACL_PrincipalBackend_PDO implements Sabre_DAVACL_IPrincipalBacken
/**
* Returns a specific principal, specified by it's path.
- * The returned structure should be the exact same as from
- * getPrincipalsByPrefix.
- *
- * @param string $path
- * @return array
+ * The returned structure should be the exact same as from
+ * getPrincipalsByPrefix.
+ *
+ * @param string $path
+ * @return array
*/
public function getPrincipalByPath($path) {
- $stmt = $this->pdo->prepare('SELECT id, uri, email, displayname FROM `'.$this->tableName.'` WHERE uri = ?');
- $stmt->execute(array($path));
+ $fields = array(
+ 'id',
+ 'uri',
+ );
- $users = array();
+ foreach($this->fieldMap as $key=>$value) {
+ $fields[] = $value['dbField'];
+ }
+ $stmt = $this->pdo->prepare('SELECT '.implode(',', $fields).' FROM '. $this->tableName . ' WHERE uri = ?');
+ $stmt->execute(array($path));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$row) return;
- return array(
+ $principal = array(
'id' => $row['id'],
'uri' => $row['uri'],
- '{DAV:}displayname' => $row['displayname']?$row['displayname']:basename($row['uri']),
- '{http://sabredav.org/ns}email-address' => $row['email'],
);
+ foreach($this->fieldMap as $key=>$value) {
+ if ($row[$value['dbField']]) {
+ $principal[$key] = $row[$value['dbField']];
+ }
+ }
+ return $principal;
+
+ }
+
+ /**
+ * Updates one ore more webdav properties on a principal.
+ *
+ * The list of mutations is supplied as an array. Each key in the array is
+ * a propertyname, such as {DAV:}displayname.
+ *
+ * Each value is the actual value to be updated. If a value is null, it
+ * must be deleted.
+ *
+ * This method should be atomic. It must either completely succeed, or
+ * completely fail. Success and failure can simply be returned as 'true' or
+ * 'false'.
+ *
+ * It is also possible to return detailed failure information. In that case
+ * an array such as this should be returned:
+ *
+ * array(
+ * 200 => array(
+ * '{DAV:}prop1' => null,
+ * ),
+ * 201 => array(
+ * '{DAV:}prop2' => null,
+ * ),
+ * 403 => array(
+ * '{DAV:}prop3' => null,
+ * ),
+ * 424 => array(
+ * '{DAV:}prop4' => null,
+ * ),
+ * );
+ *
+ * In this previous example prop1 was successfully updated or deleted, and
+ * prop2 was succesfully created.
+ *
+ * prop3 failed to update due to '403 Forbidden' and because of this prop4
+ * also could not be updated with '424 Failed dependency'.
+ *
+ * This last example was actually incorrect. While 200 and 201 could appear
+ * in 1 response, if there's any error (403) the other properties should
+ * always fail with 423 (failed dependency).
+ *
+ * But anyway, if you don't want to scratch your head over this, just
+ * return true or false.
+ *
+ * @param string $path
+ * @param array $mutations
+ * @return array|bool
+ */
+ public function updatePrincipal($path, $mutations) {
+
+ $updateAble = array();
+ foreach($mutations as $key=>$value) {
+
+ // We are not aware of this field, we must fail.
+ if (!isset($this->fieldMap[$key])) {
+
+ $response = array(
+ 403 => array(
+ $key => null,
+ ),
+ 424 => array(),
+ );
+
+ // Adding the rest to the response as a 424
+ foreach($mutations as $subKey=>$subValue) {
+ if ($subKey !== $key) {
+ $response[424][$subKey] = null;
+ }
+ }
+ return $response;
+ }
+
+ $updateAble[$this->fieldMap[$key]['dbField']] = $value;
+
+ }
+
+ // No fields to update
+ $query = "UPDATE " . $this->tableName . " SET ";
+
+ $first = true;
+ foreach($updateAble as $key => $value) {
+ if (!$first) {
+ $query.= ', ';
+ }
+ $first = false;
+ $query.= "$key = :$key ";
+ }
+ $query.='WHERE uri = :uri';
+ $stmt = $this->pdo->prepare($query);
+ $updateAble['uri'] = $path;
+ $stmt->execute($updateAble);
+
+ return true;
}
/**
- * Returns the list of members for a group-principal
- *
- * @param string $principal
- * @return array
+ * This method is used to search for principals matching a set of
+ * properties.
+ *
+ * This search is specifically used by RFC3744's principal-property-search
+ * REPORT. You should at least allow searching on
+ * http://sabredav.org/ns}email-address.
+ *
+ * The actual search should be a unicode-non-case-sensitive search. The
+ * keys in searchProperties are the WebDAV property names, while the values
+ * are the property values to search on.
+ *
+ * If multiple properties are being searched on, the search should be
+ * AND'ed.
+ *
+ * This method should simply return an array with full principal uri's.
+ *
+ * If somebody attempted to search on a property the backend does not
+ * support, you should simply return 0 results.
+ *
+ * You can also just return 0 results if you choose to not support
+ * searching at all, but keep in mind that this may stop certain features
+ * from working.
+ *
+ * @param string $prefixPath
+ * @param array $searchProperties
+ * @return array
+ */
+ public function searchPrincipals($prefixPath, array $searchProperties) {
+
+ $query = 'SELECT uri FROM ' . $this->tableName . ' WHERE 1=1 ';
+ $values = array();
+ foreach($searchProperties as $property => $value) {
+
+ switch($property) {
+
+ case '{DAV:}displayname' :
+ $query.=' AND displayname LIKE ?';
+ $values[] = '%' . $value . '%';
+ break;
+ case '{http://sabredav.org/ns}email-address' :
+ $query.=' AND email LIKE ?';
+ $values[] = '%' . $value . '%';
+ break;
+ default :
+ // Unsupported property
+ return array();
+
+ }
+
+ }
+ $stmt = $this->pdo->prepare($query);
+ $stmt->execute($values);
+
+ $principals = array();
+ while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+
+ // Checking if the principal is in the prefix
+ list($rowPrefix) = Sabre_DAV_URLUtil::splitPath($row['uri']);
+ if ($rowPrefix !== $prefixPath) continue;
+
+ $principals[] = $row['uri'];
+
+ }
+
+ return $principals;
+
+ }
+
+ /**
+ * Returns the list of members for a group-principal
+ *
+ * @param string $principal
+ * @return array
*/
public function getGroupMemberSet($principal) {
$principal = $this->getPrincipalByPath($principal);
if (!$principal) throw new Sabre_DAV_Exception('Principal not found');
- $stmt = $this->pdo->prepare('SELECT principals.uri as uri FROM `'.$this->groupMembersTableName.'` AS groupmembers LEFT JOIN `'.$this->tableName.'` AS principals ON groupmembers.member_id = principals.id WHERE groupmembers.principal_id = ?');
+ $stmt = $this->pdo->prepare('SELECT principals.uri as uri FROM '.$this->groupMembersTableName.' AS groupmembers LEFT JOIN '.$this->tableName.' AS principals ON groupmembers.member_id = principals.id WHERE groupmembers.principal_id = ?');
$stmt->execute(array($principal['id']));
$result = array();
@@ -138,21 +359,21 @@ class Sabre_DAVACL_PrincipalBackend_PDO implements Sabre_DAVACL_IPrincipalBacken
$result[] = $row['uri'];
}
return $result;
-
+
}
/**
- * Returns the list of groups a principal is a member of
- *
- * @param string $principal
- * @return array
+ * Returns the list of groups a principal is a member of
+ *
+ * @param string $principal
+ * @return array
*/
public function getGroupMembership($principal) {
$principal = $this->getPrincipalByPath($principal);
if (!$principal) throw new Sabre_DAV_Exception('Principal not found');
- $stmt = $this->pdo->prepare('SELECT principals.uri as uri FROM `'.$this->groupMembersTableName.'` AS groupmembers LEFT JOIN `'.$this->tableName.'` AS principals ON groupmembers.principal_id = principals.id WHERE groupmembers.member_id = ?');
+ $stmt = $this->pdo->prepare('SELECT principals.uri as uri FROM '.$this->groupMembersTableName.' AS groupmembers LEFT JOIN '.$this->tableName.' AS principals ON groupmembers.principal_id = principals.id WHERE groupmembers.member_id = ?');
$stmt->execute(array($principal['id']));
$result = array();
@@ -166,16 +387,16 @@ class Sabre_DAVACL_PrincipalBackend_PDO implements Sabre_DAVACL_IPrincipalBacken
/**
* Updates the list of group members for a group principal.
*
- * The principals should be passed as a list of uri's.
- *
- * @param string $principal
- * @param array $members
+ * The principals should be passed as a list of uri's.
+ *
+ * @param string $principal
+ * @param array $members
* @return void
*/
public function setGroupMemberSet($principal, array $members) {
// Grabbing the list of principal id's.
- $stmt = $this->pdo->prepare('SELECT id, uri FROM `'.$this->tableName.'` WHERE uri IN (? ' . str_repeat(', ? ', count($members)) . ');');
+ $stmt = $this->pdo->prepare('SELECT id, uri FROM '.$this->tableName.' WHERE uri IN (? ' . str_repeat(', ? ', count($members)) . ');');
$stmt->execute(array_merge(array($principal), $members));
$memberIds = array();
@@ -191,12 +412,12 @@ class Sabre_DAVACL_PrincipalBackend_PDO implements Sabre_DAVACL_IPrincipalBacken
if (!$principalId) throw new Sabre_DAV_Exception('Principal not found');
// Wiping out old members
- $stmt = $this->pdo->prepare('DELETE FROM `'.$this->groupMembersTableName.'` WHERE principal_id = ?;');
+ $stmt = $this->pdo->prepare('DELETE FROM '.$this->groupMembersTableName.' WHERE principal_id = ?;');
$stmt->execute(array($principalId));
foreach($memberIds as $memberId) {
- $stmt = $this->pdo->prepare('INSERT INTO `'.$this->groupMembersTableName.'` (principal_id, member_id) VALUES (?, ?);');
+ $stmt = $this->pdo->prepare('INSERT INTO '.$this->groupMembersTableName.' (principal_id, member_id) VALUES (?, ?);');
$stmt->execute(array($principalId, $memberId));
}
diff --git a/3rdparty/Sabre/DAVACL/PrincipalCollection.php b/3rdparty/Sabre/DAVACL/PrincipalCollection.php
index 4d22bf8aa75..c3e4cb83f23 100644..100755
--- a/3rdparty/Sabre/DAVACL/PrincipalCollection.php
+++ b/3rdparty/Sabre/DAVACL/PrincipalCollection.php
@@ -7,11 +7,11 @@
* Sabre_DAV_Auth_Backend to determine which users are available on the list.
*
* The users are instances of Sabre_DAV_Auth_Principal
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_PrincipalCollection extends Sabre_DAVACL_AbstractPrincipalCollection {
@@ -22,9 +22,9 @@ class Sabre_DAVACL_PrincipalCollection extends Sabre_DAVACL_AbstractPrincipalCol
* The passed array contains principal information, and is guaranteed to
* at least contain a uri item. Other properties may or may not be
* supplied by the authentication backend.
- *
- * @param array $principal
- * @return Sabre_DAV_INode
+ *
+ * @param array $principal
+ * @return Sabre_DAV_INode
*/
public function getChildForPrincipal(array $principal) {
diff --git a/3rdparty/Sabre/DAVACL/Property/Acl.php b/3rdparty/Sabre/DAVACL/Property/Acl.php
index e41e7411310..05e1a690b3c 100644..100755
--- a/3rdparty/Sabre/DAVACL/Property/Acl.php
+++ b/3rdparty/Sabre/DAVACL/Property/Acl.php
@@ -1,47 +1,47 @@
<?php
/**
- * This class represents the {DAV:}acl property
- *
+ * This class represents the {DAV:}acl property
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
/**
- * List of privileges
- *
- * @var array
+ * List of privileges
+ *
+ * @var array
*/
private $privileges;
/**
- * Wether or not the server base url is required to be prefixed when
- * serializing the property.
- *
- * @var boolean
+ * Whether or not the server base url is required to be prefixed when
+ * serializing the property.
+ *
+ * @var boolean
*/
private $prefixBaseUrl;
/**
* Constructor
*
- * This object requires a structure similar to the return value from
+ * This object requires a structure similar to the return value from
* Sabre_DAVACL_Plugin::getACL().
*
- * Each privilege is a an array with at least a 'privilege' property, and a
- * 'principal' property. A privilege may have a 'protected' property as
- * well.
+ * Each privilege is a an array with at least a 'privilege' property, and a
+ * 'principal' property. A privilege may have a 'protected' property as
+ * well.
*
- * The prefixBaseUrl should be set to false, if the supplied principal urls
- * are already full urls. If this is kept to true, the servers base url
- * will automatically be prefixed.
+ * The prefixBaseUrl should be set to false, if the supplied principal urls
+ * are already full urls. If this is kept to true, the servers base url
+ * will automatically be prefixed.
*
- * @param bool $prefixBaseUrl
- * @param array $privileges
+ * @param bool $prefixBaseUrl
+ * @param array $privileges
*/
public function __construct(array $privileges, $prefixBaseUrl = true) {
@@ -51,9 +51,9 @@ class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
}
/**
- * Returns the list of privileges for this property
- *
- * @return array
+ * Returns the list of privileges for this property
+ *
+ * @return array
*/
public function getPrivileges() {
@@ -62,10 +62,10 @@ class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
}
/**
- * Serializes the property into a DOMElement
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $node
+ * Serializes the property into a DOMElement
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $node
* @return void
*/
public function serialize(Sabre_DAV_Server $server,DOMElement $node) {
@@ -80,10 +80,10 @@ class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
}
/**
- * Unserializes the {DAV:}acl xml element.
- *
- * @param DOMElement $dom
- * @return Sabre_DAVACL_Property_Acl
+ * Unserializes the {DAV:}acl xml element.
+ *
+ * @param DOMElement $dom
+ * @return Sabre_DAVACL_Property_Acl
*/
static public function unserialize(DOMElement $dom) {
@@ -98,11 +98,22 @@ class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
}
$principal = Sabre_DAVACL_Property_Principal::unserialize($principal->item(0));
- if ($principal->getType()!==Sabre_DAVACL_Property_Principal::HREF) {
- throw new Sabre_DAV_Exception_NotImplemented('Currently only uri based principals are support, {DAV:}all, {DAV:}unauthenticated and {DAV:}authenticated are not implemented yet');
+ switch($principal->getType()) {
+ case Sabre_DAVACL_Property_Principal::HREF :
+ $principal = $principal->getHref();
+ break;
+ case Sabre_DAVACL_Property_Principal::AUTHENTICATED :
+ $principal = '{DAV:}authenticated';
+ break;
+ case Sabre_DAVACL_Property_Principal::UNAUTHENTICATED :
+ $principal = '{DAV:}unauthenticated';
+ break;
+ case Sabre_DAVACL_Property_Principal::ALL :
+ $principal = '{DAV:}all';
+ break;
+
}
- $principal = $principal->getHref();
$protected = false;
if ($xace->getElementsByTagNameNS('urn:DAV','protected')->length > 0) {
@@ -140,7 +151,7 @@ class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
'privilege' => $privilegeName,
);
- }
+ }
}
@@ -149,12 +160,12 @@ class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
}
/**
- * Serializes a single access control entry.
- *
- * @param DOMDocument $doc
- * @param DOMElement $node
+ * Serializes a single access control entry.
+ *
+ * @param DOMDocument $doc
+ * @param DOMElement $node
* @param array $ace
- * @param Sabre_DAV_Server $server
+ * @param Sabre_DAV_Server $server
* @return void
*/
private function serializeAce($doc,$node,$ace, $server) {
@@ -164,7 +175,19 @@ class Sabre_DAVACL_Property_Acl extends Sabre_DAV_Property {
$principal = $doc->createElementNS('DAV:','d:principal');
$xace->appendChild($principal);
- $principal->appendChild($doc->createElementNS('DAV:','d:href',($this->prefixBaseUrl?$server->getBaseUri():'') . $ace['principal'] . '/'));
+ switch($ace['principal']) {
+ case '{DAV:}authenticated' :
+ $principal->appendChild($doc->createElementNS('DAV:','d:authenticated'));
+ break;
+ case '{DAV:}unauthenticated' :
+ $principal->appendChild($doc->createElementNS('DAV:','d:unauthenticated'));
+ break;
+ case '{DAV:}all' :
+ $principal->appendChild($doc->createElementNS('DAV:','d:all'));
+ break;
+ default:
+ $principal->appendChild($doc->createElementNS('DAV:','d:href',($this->prefixBaseUrl?$server->getBaseUri():'') . $ace['principal'] . '/'));
+ }
$grant = $doc->createElementNS('DAV:','d:grant');
$xace->appendChild($grant);
diff --git a/3rdparty/Sabre/DAVACL/Property/AclRestrictions.php b/3rdparty/Sabre/DAVACL/Property/AclRestrictions.php
new file mode 100755
index 00000000000..a8b054956dd
--- /dev/null
+++ b/3rdparty/Sabre/DAVACL/Property/AclRestrictions.php
@@ -0,0 +1,32 @@
+<?php
+
+/**
+ * AclRestrictions property
+ *
+ * This property represents {DAV:}acl-restrictions, as defined in RFC3744.
+ *
+ * @package Sabre
+ * @subpackage DAVACL
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class Sabre_DAVACL_Property_AclRestrictions extends Sabre_DAV_Property {
+
+ /**
+ * Serializes the property into a DOMElement
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $elem
+ * @return void
+ */
+ public function serialize(Sabre_DAV_Server $server,DOMElement $elem) {
+
+ $doc = $elem->ownerDocument;
+
+ $elem->appendChild($doc->createElementNS('DAV:','d:grant-only'));
+ $elem->appendChild($doc->createElementNS('DAV:','d:no-invert'));
+
+ }
+
+}
diff --git a/3rdparty/Sabre/DAVACL/Property/CurrentUserPrivilegeSet.php b/3rdparty/Sabre/DAVACL/Property/CurrentUserPrivilegeSet.php
index 72274597b31..94a29640615 100644..100755
--- a/3rdparty/Sabre/DAVACL/Property/CurrentUserPrivilegeSet.php
+++ b/3rdparty/Sabre/DAVACL/Property/CurrentUserPrivilegeSet.php
@@ -2,31 +2,31 @@
/**
* CurrentUserPrivilegeSet
- *
- * This class represents the current-user-privilege-set property. When
- * requested, it contain all the privileges a user has on a specific node.
- *
+ *
+ * This class represents the current-user-privilege-set property. When
+ * requested, it contain all the privileges a user has on a specific node.
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Property_CurrentUserPrivilegeSet extends Sabre_DAV_Property {
/**
- * List of privileges
- *
- * @var array
+ * List of privileges
+ *
+ * @var array
*/
private $privileges;
/**
* Creates the object
*
- * Pass the privileges in clark-notation
- *
- * @param array $privileges
+ * Pass the privileges in clark-notation
+ *
+ * @param array $privileges
*/
public function __construct(array $privileges) {
@@ -35,10 +35,10 @@ class Sabre_DAVACL_Property_CurrentUserPrivilegeSet extends Sabre_DAV_Property {
}
/**
- * Serializes the property in the DOM
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $node
+ * Serializes the property in the DOM
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $node
* @return void
*/
public function serialize(Sabre_DAV_Server $server,DOMElement $node) {
@@ -53,11 +53,11 @@ class Sabre_DAVACL_Property_CurrentUserPrivilegeSet extends Sabre_DAV_Property {
}
/**
- * Serializes one privilege
- *
- * @param DOMDocument $doc
- * @param DOMElement $node
- * @param string $privName
+ * Serializes one privilege
+ *
+ * @param DOMDocument $doc
+ * @param DOMElement $node
+ * @param string $privName
* @return void
*/
protected function serializePriv($doc,$node,$privName) {
diff --git a/3rdparty/Sabre/DAVACL/Property/Principal.php b/3rdparty/Sabre/DAVACL/Property/Principal.php
index dad9a3550fb..c36328a58e0 100644..100755
--- a/3rdparty/Sabre/DAVACL/Property/Principal.php
+++ b/3rdparty/Sabre/DAVACL/Property/Principal.php
@@ -4,12 +4,12 @@
* Principal property
*
* The principal property represents a principal from RFC3744 (ACL).
- * The property can be used to specify a principal or pseudo principals.
+ * The property can be used to specify a principal or pseudo principals.
*
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabre_DAV_Property_IHref {
@@ -25,16 +25,21 @@ class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabr
const AUTHENTICATED = 2;
/**
- * Specific princpals can be specified with the HREF
+ * Specific principals can be specified with the HREF
*/
const HREF = 3;
/**
+ * Everybody, basically
+ */
+ const ALL = 4;
+
+ /**
* Principal-type
*
* Must be one of the UNAUTHENTICATED, AUTHENTICATED or HREF constants.
- *
- * @var int
+ *
+ * @var int
*/
private $type;
@@ -42,8 +47,8 @@ class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabr
* Url to principal
*
* This value is only used for the HREF principal type.
- *
- * @var string
+ *
+ * @var string
*/
private $href;
@@ -53,10 +58,9 @@ class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabr
* The 'type' argument must be one of the type constants defined in this class.
*
* 'href' is only required for the HREF type.
- *
- * @param int $type
- * @param string $href
- * @return void
+ *
+ * @param int $type
+ * @param string|null $href
*/
public function __construct($type, $href = null) {
@@ -70,9 +74,9 @@ class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabr
}
/**
- * Returns the principal type
- *
- * @return int
+ * Returns the principal type
+ *
+ * @return int
*/
public function getType() {
@@ -81,8 +85,8 @@ class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabr
}
/**
- * Returns the principal uri.
- *
+ * Returns the principal uri.
+ *
* @return string
*/
public function getHref() {
@@ -92,10 +96,10 @@ class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabr
}
/**
- * Serializes the property into a DOMElement.
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $node
+ * Serializes the property into a DOMElement.
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $node
* @return void
*/
public function serialize(Sabre_DAV_Server $server, DOMElement $node) {
@@ -124,10 +128,10 @@ class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabr
}
/**
- * Deserializes a DOM element into a property object.
- *
- * @param DOMElement $dom
- * @return Sabre_DAV_Property_Principal
+ * Deserializes a DOM element into a property object.
+ *
+ * @param DOMElement $dom
+ * @return Sabre_DAV_Property_Principal
*/
static public function unserialize(DOMElement $dom) {
@@ -144,6 +148,8 @@ class Sabre_DAVACL_Property_Principal extends Sabre_DAV_Property implements Sabr
return new self(self::AUTHENTICATED);
case '{DAV:}href':
return new self(self::HREF, $parent->textContent);
+ case '{DAV:}all':
+ return new self(self::ALL);
default :
throw new Sabre_DAV_Exception_BadRequest('Unexpected element (' . Sabre_DAV_XMLUtil::toClarkNotation($parent) . '). Could not deserialize');
diff --git a/3rdparty/Sabre/DAVACL/Property/SupportedPrivilegeSet.php b/3rdparty/Sabre/DAVACL/Property/SupportedPrivilegeSet.php
index 93c3895035d..276d57ae093 100644..100755
--- a/3rdparty/Sabre/DAVACL/Property/SupportedPrivilegeSet.php
+++ b/3rdparty/Sabre/DAVACL/Property/SupportedPrivilegeSet.php
@@ -3,32 +3,32 @@
/**
* SupportedPrivilegeSet property
*
- * This property encodes the {DAV:}supported-privilege-set property, as defined
+ * This property encodes the {DAV:}supported-privilege-set property, as defined
* in rfc3744. Please consult the rfc for details about it's structure.
*
- * This class expects a structure like the one given from
- * Sabre_DAVACL_Plugin::getSupportedPrivilegeSet as the argument in its
+ * This class expects a structure like the one given from
+ * Sabre_DAVACL_Plugin::getSupportedPrivilegeSet as the argument in its
* constructor.
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class Sabre_DAVACL_Property_SupportedPrivilegeSet extends Sabre_DAV_Property {
/**
- * privileges
- *
- * @var array
+ * privileges
+ *
+ * @var array
*/
private $privileges;
/**
- * Constructor
- *
- * @param array $privileges
+ * Constructor
+ *
+ * @param array $privileges
*/
public function __construct(array $privileges) {
@@ -37,10 +37,10 @@ class Sabre_DAVACL_Property_SupportedPrivilegeSet extends Sabre_DAV_Property {
}
/**
- * Serializes the property into a domdocument.
- *
- * @param Sabre_DAV_Server $server
- * @param DOMElement $node
+ * Serializes the property into a domdocument.
+ *
+ * @param Sabre_DAV_Server $server
+ * @param DOMElement $node
* @return void
*/
public function serialize(Sabre_DAV_Server $server,DOMElement $node) {
@@ -53,11 +53,11 @@ class Sabre_DAVACL_Property_SupportedPrivilegeSet extends Sabre_DAV_Property {
/**
* Serializes a property
*
- * This is a recursive function.
- *
- * @param DOMDocument $doc
- * @param DOMElement $node
- * @param array $privilege
+ * This is a recursive function.
+ *
+ * @param DOMDocument $doc
+ * @param DOMElement $node
+ * @param array $privilege
* @return void
*/
private function serializePriv($doc,$node,$privilege) {
@@ -81,7 +81,7 @@ class Sabre_DAVACL_Property_SupportedPrivilegeSet extends Sabre_DAV_Property {
$xsp->appendChild($doc->createElementNS('DAV:','d:description',$privilege['description']));
}
- if (isset($privilege['aggregates'])) {
+ if (isset($privilege['aggregates'])) {
foreach($privilege['aggregates'] as $subPrivilege) {
$this->serializePriv($doc,$xsp,$subPrivilege);
}
diff --git a/3rdparty/Sabre/DAVACL/Version.php b/3rdparty/Sabre/DAVACL/Version.php
index 124463e311e..9950f748741 100644..100755
--- a/3rdparty/Sabre/DAVACL/Version.php
+++ b/3rdparty/Sabre/DAVACL/Version.php
@@ -2,10 +2,10 @@
/**
* This class contains the SabreDAV version constants.
- *
+ *
* @package Sabre
* @subpackage DAVACL
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
* @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
@@ -14,7 +14,7 @@ class Sabre_DAVACL_Version {
/**
* Full version number
*/
- const VERSION = '1.5.2';
+ const VERSION = '1.6.0';
/**
* Stability : alpha, beta, stable
diff --git a/3rdparty/Sabre/DAVACL/includes.php b/3rdparty/Sabre/DAVACL/includes.php
new file mode 100755
index 00000000000..28fa3eed225
--- /dev/null
+++ b/3rdparty/Sabre/DAVACL/includes.php
@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * Sabre_DAVACL includes file
+ *
+ * Including this file will automatically include all files from the
+ * Sabre_DAVACL package.
+ *
+ * This often allows faster loadtimes, as autoload-speed is often quite slow.
+ *
+ * @package Sabre
+ * @subpackage DAVACL
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+
+// Begin includes
+include __DIR__ . '/AbstractPrincipalCollection.php';
+include __DIR__ . '/Exception/AceConflict.php';
+include __DIR__ . '/Exception/NeedPrivileges.php';
+include __DIR__ . '/Exception/NoAbstract.php';
+include __DIR__ . '/Exception/NotRecognizedPrincipal.php';
+include __DIR__ . '/Exception/NotSupportedPrivilege.php';
+include __DIR__ . '/IACL.php';
+include __DIR__ . '/IPrincipal.php';
+include __DIR__ . '/IPrincipalBackend.php';
+include __DIR__ . '/Plugin.php';
+include __DIR__ . '/Principal.php';
+include __DIR__ . '/PrincipalBackend/PDO.php';
+include __DIR__ . '/PrincipalCollection.php';
+include __DIR__ . '/Property/Acl.php';
+include __DIR__ . '/Property/AclRestrictions.php';
+include __DIR__ . '/Property/CurrentUserPrivilegeSet.php';
+include __DIR__ . '/Property/Principal.php';
+include __DIR__ . '/Property/SupportedPrivilegeSet.php';
+include __DIR__ . '/Version.php';
+// End includes
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-08 00:27:11 +0000