diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2018-06-29 06:51:49 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-06-29 06:51:49 +0200 |
| commit | 89b6ee1a45f165346ddcc9120195714087287b47 (patch) | |
| tree | a7951e212e099f08cd28b412aaa03b1fe1757523 /apps/dav/lib | |
| parent | e6780c4fc7fe0bb6ee6d2a8d4bfb2ca09d6e726a (diff) | |
| parent | ab43251a45f9b04a1681a0b206d85676232dd7c3 (diff) | |
| download | nextcloud-server-89b6ee1a45f165346ddcc9120195714087287b47.tar.gz nextcloud-server-89b6ee1a45f165346ddcc9120195714087287b47.zip | |
Merge pull request #9773 from nextcloud/feature/noid/resource_booking
resource booking
Diffstat (limited to 'apps/dav/lib')
| -rw-r--r-- | apps/dav/lib/BackgroundJob/UpdateCalendarResourcesRoomsBackgroundJob.php | 337 | ||||
| -rw-r--r-- | apps/dav/lib/CalDAV/CalDavBackend.php | 3 | ||||
| -rw-r--r-- | apps/dav/lib/CalDAV/CalendarRoot.php | 11 | ||||
| -rw-r--r-- | apps/dav/lib/CalDAV/Plugin.php | 16 | ||||
| -rw-r--r-- | apps/dav/lib/CalDAV/ResourceBooking/AbstractPrincipalBackend.php | 361 | ||||
| -rw-r--r-- | apps/dav/lib/CalDAV/ResourceBooking/ResourcePrincipalBackend.php | 45 | ||||
| -rw-r--r-- | apps/dav/lib/CalDAV/ResourceBooking/RoomPrincipalBackend.php | 45 | ||||
| -rw-r--r-- | apps/dav/lib/CalDAV/Schedule/Plugin.php | 22 | ||||
| -rw-r--r-- | apps/dav/lib/Migration/Version1005Date20180530124431.php | 87 | ||||
| -rw-r--r-- | apps/dav/lib/RootCollection.php | 33 | ||||
| -rw-r--r-- | apps/dav/lib/Server.php | 6 |
11 files changed, 953 insertions, 13 deletions
diff --git a/apps/dav/lib/BackgroundJob/UpdateCalendarResourcesRoomsBackgroundJob.php b/apps/dav/lib/BackgroundJob/UpdateCalendarResourcesRoomsBackgroundJob.php new file mode 100644 index 00000000000..a01540a6292 --- /dev/null +++ b/apps/dav/lib/BackgroundJob/UpdateCalendarResourcesRoomsBackgroundJob.php @@ -0,0 +1,337 @@ +<?php +/** + * @copyright 2018, Georg Ehrke <oc.list@georgehrke.com> + * + * @author Georg Ehrke <oc.list@georgehrke.com> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\DAV\BackgroundJob; + +use OC\BackgroundJob\TimedJob; +use OCA\DAV\CalDAV\CalDavBackend; +use OCP\Calendar\BackendTemporarilyUnavailableException; +use OCP\Calendar\Resource\IManager as IResourceManager; +use OCP\Calendar\Resource\IResource; +use OCP\Calendar\Room\IManager as IRoomManager; +use OCP\Calendar\Room\IRoom; +use OCP\IDBConnection; + +class UpdateCalendarResourcesRoomsBackgroundJob extends TimedJob { + + /** @var IResourceManager */ + private $resourceManager; + + /** @var IRoomManager */ + private $roomManager; + + /** @var IDBConnection */ + private $db; + + /** @var CalDavBackend */ + private $calDavBackend; + + /** @var string */ + private $resourceDbTable; + + /** @var string */ + private $resourcePrincipalUri; + + /** @var string */ + private $roomDbTable; + + /** @var string */ + private $roomPrincipalUri; + + /** + * UpdateCalendarResourcesRoomsBackgroundJob constructor. + * + * @param IResourceManager $resourceManager + * @param IRoomManager $roomManager + * @param IDBConnection $dbConnection + * @param CalDavBackend $calDavBackend + */ + public function __construct(IResourceManager $resourceManager, IRoomManager $roomManager, + IDBConnection $dbConnection, CalDavBackend $calDavBackend) { + $this->resourceManager = $resourceManager; + $this->roomManager = $roomManager; + $this->db = $dbConnection; + $this->calDavBackend = $calDavBackend; + $this->resourceDbTable = 'calendar_resources_cache'; + $this->resourcePrincipalUri = 'principals/calendar-resources'; + $this->roomDbTable = 'calendar_rooms_cache'; + $this->roomPrincipalUri = 'principals/calendar-rooms'; + + // run once an hour + $this->setInterval(60 * 60); + } + + /** + * @param $argument + */ + public function run($argument) { + $this->runResources(); + $this->runRooms(); + } + + /** + * run timed job for resources + */ + private function runResources() { + $resourceBackends = $this->resourceManager->getBackends(); + $cachedResources = $this->getCached($this->resourceDbTable); + $cachedResourceIds = $this->getCachedResourceIds($cachedResources); + + $remoteResourceIds = []; + foreach($resourceBackends as $resourceBackend) { + try { + $remoteResourceIds[$resourceBackend->getBackendIdentifier()] = + $resourceBackend->listAllResources(); + } catch(BackendTemporarilyUnavailableException $ex) { + // If the backend is temporarily unavailable + // ignore this backend in this execution + unset($cachedResourceIds[$resourceBackend->getBackendIdentifier()]); + } + } + + $sortedResources = $this->sortByNewDeletedExisting($cachedResourceIds, $remoteResourceIds); + + foreach($sortedResources['new'] as $backendId => $newResources) { + foreach ($newResources as $newResource) { + $resource = $this->resourceManager->getBackend($backendId) + ->getResource($newResource); + $this->addToCache($this->resourceDbTable, $resource); + } + } + foreach($sortedResources['deleted'] as $backendId => $deletedResources) { + foreach ($deletedResources as $deletedResource) { + $this->deleteFromCache($this->resourceDbTable, + $this->resourcePrincipalUri, $backendId, $deletedResource); + } + } + foreach($sortedResources['edited'] as $backendId => $editedResources) { + foreach ($editedResources as $editedResource) { + $resource = $this->resourceManager->getBackend($backendId) + ->getResource($editedResource); + $this->updateCache($this->resourceDbTable, $resource); + } + } + } + + /** + * run timed job for rooms + */ + private function runRooms() { + $roomBackends = $this->roomManager->getBackends(); + $cachedRooms = $this->getCached($this->roomDbTable); + $cachedRoomIds = $this->getCachedRoomIds($cachedRooms); + + $remoteRoomIds = []; + foreach($roomBackends as $roomBackend) { + try { + $remoteRoomIds[$roomBackend->getBackendIdentifier()] = + $roomBackend->listAllRooms(); + } catch(BackendTemporarilyUnavailableException $ex) { + // If the backend is temporarily unavailable + // ignore this backend in this execution + unset($cachedRoomIds[$roomBackend->getBackendIdentifier()]); + } + } + + $sortedRooms = $this->sortByNewDeletedExisting($cachedRoomIds, $remoteRoomIds); + + foreach($sortedRooms['new'] as $backendId => $newRooms) { + foreach ($newRooms as $newRoom) { + $resource = $this->roomManager->getBackend($backendId) + ->getRoom($newRoom); + $this->addToCache($this->roomDbTable, $resource); + } + } + foreach($sortedRooms['deleted'] as $backendId => $deletedRooms) { + foreach ($deletedRooms as $deletedRoom) { + $this->deleteFromCache($this->roomDbTable, + $this->roomPrincipalUri, $backendId, $deletedRoom); + } + } + foreach($sortedRooms['edited'] as $backendId => $editedRooms) { + foreach ($editedRooms as $editedRoom) { + $resource = $this->roomManager->getBackend($backendId) + ->getRoom($editedRoom); + $this->updateCache($this->roomDbTable, $resource); + } + } + } + + /** + * get cached db rows for resources / rooms + * @param string $tableName + * @return array + */ + private function getCached($tableName):array { + $query = $this->db->getQueryBuilder(); + $query->select('*')->from($tableName); + + $rows = []; + $stmt = $query->execute(); + while($row = $stmt->fetch(\PDO::FETCH_ASSOC)) { + $rows[] = $row; + } + + return $rows; + } + + /** + * @param array $cachedResources + * @return array + */ + private function getCachedResourceIds(array $cachedResources):array { + $cachedResourceIds = []; + foreach ($cachedResources as $cachedResource) { + if (!isset($cachedResourceIds[$cachedResource['backend_id']])) { + $cachedResourceIds[$cachedResource['backend_id']] = []; + } + + $cachedResourceIds[$cachedResource['backend_id']][] = + $cachedResource['resource_id']; + } + + return $cachedResourceIds; + } + + /** + * @param array $cachedRooms + * @return array + */ + private function getCachedRoomIds(array $cachedRooms):array { + $cachedRoomIds = []; + foreach ($cachedRooms as $cachedRoom) { + if (!isset($cachedRoomIds[$cachedRoom['backend_id']])) { + $cachedRoomIds[$cachedRoom['backend_id']] = []; + } + + $cachedRoomIds[$cachedRoom['backend_id']][] = + $cachedRoom['resource_id']; + } + + return $cachedRoomIds; + } + + /** + * sort list of ids by whether they appear only in the backend / + * only in the cache / in both + * + * @param array $cached + * @param array $remote + * @return array + */ + private function sortByNewDeletedExisting(array $cached, array $remote):array { + $sorted = [ + 'new' => [], + 'deleted' => [], + 'edited' => [], + ]; + + $backendIds = array_merge(array_keys($cached), array_keys($remote)); + foreach($backendIds as $backendId) { + if (!isset($cached[$backendId])) { + $sorted['new'][$backendId] = $remote[$backendId]; + } elseif (!isset($remote[$backendId])) { + $sorted['deleted'][$backendId] = $cached[$backendId]; + } else { + $sorted['new'][$backendId] = array_diff($remote[$backendId], $cached[$backendId]); + $sorted['deleted'][$backendId] = array_diff($cached[$backendId], $remote[$backendId]); + $sorted['edited'][$backendId] = array_intersect($remote[$backendId], $cached[$backendId]); + } + } + + return $sorted; + } + + /** + * add entry to cache that exists remotely but not yet in cache + * + * @param string $table + * @param IResource|IRoom $remote + */ + private function addToCache($table, $remote) { + $query = $this->db->getQueryBuilder(); + $query->insert($table) + ->values([ + 'backend_id' => $query->createNamedParameter($remote->getBackend()->getBackendIdentifier()), + 'resource_id' => $query->createNamedParameter($remote->getId()), + 'email' => $query->createNamedParameter($remote->getEMail()), + 'displayname' => $query->createNamedParameter($remote->getDisplayName()), + 'group_restrictions' => $query->createNamedParameter( + $this->serializeGroupRestrictions( + $remote->getGroupRestrictions() + )) + ]) + ->execute(); + } + + /** + * delete entry from cache that does not exist anymore remotely + * + * @param string $table + * @param string $principalUri + * @param string $backendId + * @param string $resourceId + */ + private function deleteFromCache($table, $principalUri, $backendId, $resourceId) { + $query = $this->db->getQueryBuilder(); + $query->delete($table) + ->where($query->expr()->eq('backend_id', $query->createNamedParameter($backendId))) + ->andWhere($query->expr()->eq('resource_id', $query->createNamedParameter($resourceId))) + ->execute(); + + $calendar = $this->calDavBackend->getCalendarByUri($principalUri, implode('-', [$backendId, $resourceId])); + if ($calendar !== null) { + $this->calDavBackend->deleteCalendar($calendar['id']); + } + } + + /** + * update an existing entry in cache + * + * @param string $table + * @param IResource|IRoom $remote + */ + private function updateCache($table, $remote) { + $query = $this->db->getQueryBuilder(); + $query->update($table) + ->set('email', $query->createNamedParameter($remote->getEMail())) + ->set('displayname', $query->createNamedParameter($remote->getDisplayName())) + ->set('group_restrictions', $query->createNamedParameter( + $this->serializeGroupRestrictions( + $remote->getGroupRestrictions() + ))) + ->where($query->expr()->eq('backend_id', $query->createNamedParameter($remote->getBackend()->getBackendIdentifier()))) + ->andWhere($query->expr()->eq('resource_id', $query->createNamedParameter($remote->getId()))) + ->execute(); + } + + /** + * serialize array of group restrictions to store them in database + * + * @param array $groups + * @return string + */ + private function serializeGroupRestrictions(array $groups):string { + return \json_encode($groups); + } +} diff --git a/apps/dav/lib/CalDAV/CalDavBackend.php b/apps/dav/lib/CalDAV/CalDavBackend.php index b28c8534aaa..de46dfeb244 100644 --- a/apps/dav/lib/CalDAV/CalDavBackend.php +++ b/apps/dav/lib/CalDAV/CalDavBackend.php @@ -76,6 +76,9 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription const PERSONAL_CALENDAR_URI = 'personal'; const PERSONAL_CALENDAR_NAME = 'Personal'; + const RESOURCE_BOOKING_CALENDAR_URI = 'calendar'; + const RESOURCE_BOOKING_CALENDAR_NAME = 'Calendar'; + /** * We need to specify a max date, because we need to stop *somewhere* * diff --git a/apps/dav/lib/CalDAV/CalendarRoot.php b/apps/dav/lib/CalDAV/CalendarRoot.php index 2c1c8bb4ef2..f84e8a96780 100644 --- a/apps/dav/lib/CalDAV/CalendarRoot.php +++ b/apps/dav/lib/CalDAV/CalendarRoot.php @@ -27,4 +27,15 @@ class CalendarRoot extends \Sabre\CalDAV\CalendarRoot { function getChildForPrincipal(array $principal) { return new CalendarHome($this->caldavBackend, $principal); } + + function getName() { + if ($this->principalPrefix === 'principals/calendar-resources' || + $this->principalPrefix === 'principals/calendar-rooms') { + $parts = explode('/', $this->principalPrefix); + + return $parts[1]; + } + + return parent::getName(); + } }
\ No newline at end of file diff --git a/apps/dav/lib/CalDAV/Plugin.php b/apps/dav/lib/CalDAV/Plugin.php index 4aa9762899f..f37d9c571a0 100644 --- a/apps/dav/lib/CalDAV/Plugin.php +++ b/apps/dav/lib/CalDAV/Plugin.php @@ -25,15 +25,27 @@ namespace OCA\DAV\CalDAV; class Plugin extends \Sabre\CalDAV\Plugin { + const SYSTEM_CALENDAR_ROOT = 'system-calendars'; + /** * @inheritdoc */ - function getCalendarHomeForPrincipal($principalUrl) { + function getCalendarHomeForPrincipal($principalUrl):string { if (strrpos($principalUrl, 'principals/users', -strlen($principalUrl)) !== false) { list(, $principalId) = \Sabre\Uri\split($principalUrl); - return self::CALENDAR_ROOT .'/' . $principalId; + return self::CALENDAR_ROOT . '/' . $principalId; + } + if (strrpos($principalUrl, 'principals/calendar-resources', -strlen($principalUrl)) !== false) { + list(, $principalId) = \Sabre\Uri\split($principalUrl); + return self::SYSTEM_CALENDAR_ROOT . '/calendar-resources/' . $principalId; } + if (strrpos($principalUrl, 'principals/calendar-rooms', -strlen($principalUrl)) !== false) { + list(, $principalId) = \Sabre\Uri\split($principalUrl); + return self::SYSTEM_CALENDAR_ROOT . '/calendar-rooms/' . $principalId; + } + + throw new \LogicException('This is not supposed to happen'); } } diff --git a/apps/dav/lib/CalDAV/ResourceBooking/AbstractPrincipalBackend.php b/apps/dav/lib/CalDAV/ResourceBooking/AbstractPrincipalBackend.php new file mode 100644 index 00000000000..135bbe5827e --- /dev/null +++ b/apps/dav/lib/CalDAV/ResourceBooking/AbstractPrincipalBackend.php @@ -0,0 +1,361 @@ +<?php +/** + * @copyright 2018, Georg Ehrke <oc.list@georgehrke.com> + * + * @author Georg Ehrke <oc.list@georgehrke.com> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\DAV\CalDAV\ResourceBooking; + +use OCP\IDBConnection; +use OCP\IGroupManager; +use OCP\ILogger; +use OCP\IUserSession; +use Sabre\DAVACL\PrincipalBackend\BackendInterface; +use Sabre\DAV\Exception; +use \Sabre\DAV\PropPatch; + +abstract class AbstractPrincipalBackend implements BackendInterface { + + /** @var IDBConnection */ + private $db; + + /** @var IUserSession */ + private $userSession; + + /** @var IGroupManager */ + private $groupManager; + + /** @var ILogger */ + private $logger; + + /** @var string */ + private $principalPrefix; + + /** @var string */ + private $dbTableName; + + /** + * @param IDBConnection $dbConnection + * @param IUserSession $userSession + * @param IGroupManager $groupManager + * @param ILogger $logger + * @param string $principalPrefix + * @param string $dbPrefix + */ + public function __construct(IDBConnection $dbConnection, + IUserSession $userSession, + IGroupManager $groupManager, + ILogger $logger, + $principalPrefix, $dbPrefix) { + $this->db = $dbConnection; + $this->userSession = $userSession; + $this->groupManager = $groupManager; + $this->logger = $logger; + $this->principalPrefix = $principalPrefix; + $this->dbTableName = 'calendar_' . $dbPrefix . '_cache'; + } + + /** + * Returns a list of principals based on a prefix. + * + * This prefix will often contain something like 'principals'. You are only + * expected to return principals that are in this base path. + * + * You are expected to return at least a 'uri' for every user, you can + * return any additional properties if you wish so. Common properties are: + * {DAV:}displayname + * + * @param string $prefixPath + * @return string[] + */ + public function getPrincipalsByPrefix($prefixPath) { + $principals = []; + + if ($prefixPath === $this->principalPrefix) { + $query = $this->db->getQueryBuilder(); + $query->select(['id', 'backend_id', 'resource_id', 'email', 'displayname']) + ->from($this->dbTableName); + $stmt = $query->execute(); + + while($row = $stmt->fetch(\PDO::FETCH_ASSOC)) { + $principals[] = $this->rowToPrincipal($row); + } + + $stmt->closeCursor(); + } + + return $principals; + } + + /** + * Returns a specific principal, specified by it's path. + * The returned structure should be the exact same as from + * getPrincipalsByPrefix. + * + * @param string $path + * @return array + */ + public function getPrincipalByPath($path) { + if (strpos($path, $this->principalPrefix) !== 0) { + return null; + } + list(, $name) = \Sabre\Uri\split($path); + + list($backendId, $resourceId) = explode('-', $name, 2); + + $query = $this->db->getQueryBuilder(); + $query->select(['id', 'backend_id', 'resource_id', 'email', 'displayname']) + ->from($this->dbTableName) + ->where($query->expr()->eq('backend_id', $query->createNamedParameter($backendId))) + ->andWhere($query->expr()->eq('resource_id', $query->createNamedParameter($resourceId))); + $stmt = $query->execute(); + $row = $stmt->fetch(\PDO::FETCH_ASSOC); + + if(!$row) { + return null; + } + + return $this->rowToPrincipal($row); + } + + /** + * Returns the list of members for a group-principal + * + * @param string $principal + * @return string[] + */ + public function getGroupMemberSet($principal) { + return []; + } + + /** + * Returns the list of groups a principal is a member of + * + * @param string $principal + * @return array + */ + public function getGroupMembership($principal) { + return []; + } + + /** + * Updates the list of group members for a group principal. + * + * The principals should be passed as a list of uri's. + * + * @param string $principal + * @param string[] $members + * @throws Exception + */ + public function setGroupMemberSet($principal, array $members) { + throw new Exception('Setting members of the group is not supported yet'); + } + + /** + * @param string $path + * @param PropPatch $propPatch + * @return int + */ + function updatePrincipal($path, PropPatch $propPatch) { + return 0; + } + + /** + * @param string $prefixPath + * @param array $searchProperties + * @param string $test + * @return array + */ + function searchPrincipals($prefixPath, array $searchProperties, $test = 'allof') { + $results = []; + if (\count($searchProperties) === 0) { + return []; + } + if ($prefixPath !== $this->principalPrefix) { + return []; + } + + $user = $this->userSession->getUser(); + if (!$user) { + return []; + } + $usersGroups = $this->groupManager->getUserGroupIds($user); + + foreach ($searchProperties as $prop => $value) { + switch ($prop) { + case '{http://sabredav.org/ns}email-address': + $query = $this->db->getQueryBuilder(); + $query->select(['id', 'backend_id', 'resource_id', 'email', 'displayname', 'group_restrictions']) + ->from($this->dbTableName) + ->where($query->expr()->iLike('email', $query->createNamedParameter('%' . $this->db->escapeLikeParameter($value) . '%'))); + + $stmt = $query->execute(); + $principals = []; + while($row = $stmt->fetch(\PDO::FETCH_ASSOC)) { + if (!$this->isAllowedToAccessResource($row, $usersGroups)) { + continue; + } + $principals[] = $this->rowToPrincipal($row)['uri']; + } + $results[] = $principals; + + $stmt->closeCursor(); + break; + + case '{DAV:}displayname': + $query = $this->db->getQueryBuilder(); + $query->select(['id', 'backend_id', 'resource_id', 'email', 'displayname', 'group_restrictions']) + ->from($this->dbTableName) + ->where($query->expr()->iLike('displayname', $query->createNamedParameter('%' . $this->db->escapeLikeParameter($value) . '%'))); + + $stmt = $query->execute(); + $principals = []; + while($row = $stmt->fetch(\PDO::FETCH_ASSOC)) { + if (!$this->isAllowedToAccessResource($row, $usersGroups)) { + continue; + } + $principals[] = $this->rowToPrincipal($row)['uri']; + } + $results[] = $principals; + + $stmt->closeCursor(); + break; + + default: + $results[] = []; + break; + } + } + + // results is an array of arrays, so this is not the first search result + // but the results of the first searchProperty + if (count($results) === 1) { + return $results[0]; + } + + switch ($test) { + case 'anyof': + return array_values(array_unique(array_merge(...$results))); + + case 'allof': + default: + return array_values(array_intersect(...$results)); + } + } + + /** + * @param string $uri + * @param string $principalPrefix + * @return null|string + */ + function findByUri($uri, $principalPrefix) { + $user = $this->userSession->getUser(); + if (!$user) { + return null; + } + $usersGroups = $this->groupManager->getUserGroupIds($user); + + if (strpos($uri, 'mailto:') === 0) { + $email = substr($uri, 7); + $query = $this->db->getQueryBuilder(); + $query->select(['id', 'backend_id', 'resource_id', 'email', 'displayname', 'group_restrictions']) + ->from($this->dbTableName) + ->where($query->expr()->eq('email', $query->createNamedParameter($email))); + + $stmt = $query->execute(); + $row = $stmt->fetch(\PDO::FETCH_ASSOC); + + if(!$row) { + return null; + } + if (!$this->isAllowedToAccessResource($row, $usersGroups)) { + return null; + } + + return $this->rowToPrincipal($row)['uri']; + } + + if (strpos($uri, 'principal:') === 0) { + $path = substr($uri, 10); + if (strpos($path, $this->principalPrefix) !== 0) { + return null; + } + + list(, $name) = \Sabre\Uri\split($path); + list($backendId, $resourceId) = explode('-', $name, 2); + + $query = $this->db->getQueryBuilder(); + $query->select(['id', 'backend_id', 'resource_id', 'email', 'displayname', 'group_restrictions']) + ->from($this->dbTableName) + ->where($query->expr()->eq('backend_id', $query->createNamedParameter($backendId))) + ->andWhere($query->expr()->eq('resource_id', $query->createNamedParameter($resourceId))); + $stmt = $query->execute(); + $row = $stmt->fetch(\PDO::FETCH_ASSOC); + + if(!$row) { + return null; + } + if (!$this->isAllowedToAccessResource($row, $usersGroups)) { + return null; + } + + return $this->rowToPrincipal($row)['uri']; + } + + return null; + } + + /** + * convert database row to principal + */ + private function rowToPrincipal($row) { + return [ + 'uri' => $this->principalPrefix . '/' . $row['backend_id'] . '-' . $row['resource_id'], + '{DAV:}displayname' => $row['displayname'], + '{http://sabredav.org/ns}email-address' => $row['email'] + ]; + } + + /** + * @param $row + * @param $userGroups + * @return bool + */ + private function isAllowedToAccessResource($row, $userGroups) { + if (!isset($row['group_restrictions']) || + $row['group_restrictions'] === null || + $row['group_restrictions'] === '') { + return true; + } + + // group restrictions contains something, but not parsable, deny access and log warning + $json = json_decode($row['group_restrictions']); + if (!\is_array($json)) { + $this->logger->info('group_restrictions field could not be parsed for ' . $this->dbTableName . '::' . $row['id'] . ', denying access to resource'); + return false; + } + + // empty array => no group restrictions + if (empty($json)) { + return true; + } + + return !empty(array_intersect($json, $userGroups)); + } +} diff --git a/apps/dav/lib/CalDAV/ResourceBooking/ResourcePrincipalBackend.php b/apps/dav/lib/CalDAV/ResourceBooking/ResourcePrincipalBackend.php new file mode 100644 index 00000000000..a1030376c11 --- /dev/null +++ b/apps/dav/lib/CalDAV/ResourceBooking/ResourcePrincipalBackend.php @@ -0,0 +1,45 @@ +<?php +/** + * @copyright 2018, Georg Ehrke <oc.list@georgehrke.com> + * + * @author Georg Ehrke <oc.list@georgehrke.com> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\DAV\CalDAV\ResourceBooking; + +use OCP\IDBConnection; +use OCP\IGroupManager; +use OCP\ILogger; +use OCP\IUserSession; + +class ResourcePrincipalBackend extends AbstractPrincipalBackend { + + /** + * @param IDBConnection $dbConnection + * @param IUserSession $userSession + * @param IGroupManager $groupManager + * @param ILogger $logger + */ + public function __construct(IDBConnection $dbConnection, + IUserSession $userSession, + IGroupManager $groupManager, + ILogger $logger) { + parent::__construct($dbConnection, $userSession, $groupManager, $logger, + 'principals/calendar-resources', 'resources'); + } +} diff --git a/apps/dav/lib/CalDAV/ResourceBooking/RoomPrincipalBackend.php b/apps/dav/lib/CalDAV/ResourceBooking/RoomPrincipalBackend.php new file mode 100644 index 00000000000..1d22299515f --- /dev/null +++ b/apps/dav/lib/CalDAV/ResourceBooking/RoomPrincipalBackend.php @@ -0,0 +1,45 @@ +<?php +/** + * @copyright 2018, Georg Ehrke <oc.list@georgehrke.com> + * + * @author Georg Ehrke <oc.list@georgehrke.com> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\DAV\CalDAV\ResourceBooking; + +use OCP\IDBConnection; +use OCP\IGroupManager; +use OCP\ILogger; +use OCP\IUserSession; + +class RoomPrincipalBackend extends AbstractPrincipalBackend { + + /** + * @param IDBConnection $dbConnection + * @param IUserSession $userSession + * @param IGroupManager $groupManager + * @param ILogger $logger + */ + public function __construct(IDBConnection $dbConnection, + IUserSession $userSession, + IGroupManager $groupManager, + ILogger $logger) { + parent::__construct($dbConnection, $userSession, $groupManager, $logger, + 'principals/calendar-rooms', 'rooms'); + } +} diff --git a/apps/dav/lib/CalDAV/Schedule/Plugin.php b/apps/dav/lib/CalDAV/Schedule/Plugin.php index faf495a4de6..b3f7232c2fe 100644 --- a/apps/dav/lib/CalDAV/Schedule/Plugin.php +++ b/apps/dav/lib/CalDAV/Schedule/Plugin.php @@ -80,20 +80,32 @@ class Plugin extends \Sabre\CalDAV\Schedule\Plugin { $principalUrl = $node->getPrincipalUrl(); $calendarHomePath = $caldavPlugin->getCalendarHomeForPrincipal($principalUrl); - if (!$calendarHomePath) { return null; } + if (strpos($principalUrl, 'principals/users') === 0) { + $uri = CalDavBackend::PERSONAL_CALENDAR_URI; + $displayname = CalDavBackend::PERSONAL_CALENDAR_NAME; + } elseif (strpos($principalUrl, 'principals/calendar-resources') === 0 || + strpos($principalUrl, 'principals/calendar-rooms') === 0) { + $uri = CalDavBackend::RESOURCE_BOOKING_CALENDAR_URI; + $displayname = CalDavBackend::RESOURCE_BOOKING_CALENDAR_NAME; + } else { + // How did we end up here? + // TODO - throw exception or just ignore? + return null; + } + /** @var CalendarHome $calendarHome */ $calendarHome = $this->server->tree->getNodeForPath($calendarHomePath); - if (!$calendarHome->childExists(CalDavBackend::PERSONAL_CALENDAR_URI)) { - $calendarHome->getCalDAVBackend()->createCalendar($principalUrl, CalDavBackend::PERSONAL_CALENDAR_URI, [ - '{DAV:}displayname' => CalDavBackend::PERSONAL_CALENDAR_NAME, + if (!$calendarHome->childExists($uri)) { + $calendarHome->getCalDAVBackend()->createCalendar($principalUrl, $uri, [ + '{DAV:}displayname' => $displayname, ]); } - $result = $this->server->getPropertiesForPath($calendarHomePath . '/' . CalDavBackend::PERSONAL_CALENDAR_URI, [], 1); + $result = $this->server->getPropertiesForPath($calendarHomePath . '/' . $uri, [], 1); if (empty($result)) { return null; } diff --git a/apps/dav/lib/Migration/Version1005Date20180530124431.php b/apps/dav/lib/Migration/Version1005Date20180530124431.php new file mode 100644 index 00000000000..ae9a40dc5b2 --- /dev/null +++ b/apps/dav/lib/Migration/Version1005Date20180530124431.php @@ -0,0 +1,87 @@ +<?php +/** + * @copyright 2017 Georg Ehrke <oc.list@georgehrke.com> + * + * @author Georg Ehrke <oc.list@georgehrke.com> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\DAV\Migration; + +use Doctrine\DBAL\Types\Type; +use OCP\DB\ISchemaWrapper; +use OCP\Migration\SimpleMigrationStep; +use OCP\Migration\IOutput; + +/** + * Auto-generated migration step: Please modify to your needs! + */ +class Version1005Date20180530124431 extends SimpleMigrationStep { + + /** + * @param IOutput $output + * @param \Closure $schemaClosure The `\Closure` returns a `ISchemaWrapper` + * @param array $options + * @return null|ISchemaWrapper + * @since 13.0.0 + */ + public function changeSchema(IOutput $output, \Closure $schemaClosure, array $options) { + /** @var ISchemaWrapper $schema */ + $schema = $schemaClosure(); + + $types = ['resources', 'rooms']; + foreach($types as $type) { + if (!$schema->hasTable('calendar_' . $type . '_cache')) { + $table = $schema->createTable('calendar_' . $type . '_cache'); + + $table->addColumn('id', Type::BIGINT, [ + 'autoincrement' => true, + 'notnull' => true, + 'length' => 11, + 'unsigned' => true, + ]); + $table->addColumn('backend_id', Type::STRING, [ + 'notnull' => false, + 'length' => 64, + ]); + $table->addColumn('resource_id', Type::STRING, [ + 'notnull' => false, + 'length' => 64, + ]); + $table->addColumn('email', Type::STRING, [ + 'notnull' => false, + 'length' => 255, + ]); + $table->addColumn('displayname', Type::STRING, [ + 'notnull' => false, + 'length' => 255, + ]); + $table->addColumn('group_restrictions', Type::STRING, [ + 'notnull' => false, + 'length' => 4000, + ]); + + $table->setPrimaryKey(['id'], 'calendar_' . $type . '_cache_id_idx'); + $table->addIndex(['backend_id', 'resource_id'], 'calendar_' . $type . '_cache_backendresource_idx'); + $table->addIndex(['email'], 'calendar_' . $type . '_cache_email_idx'); + $table->addIndex(['displayname'], 'calendar_' . $type . '_cache_displayname_idx'); + } + } + + return $schema; + } +} diff --git a/apps/dav/lib/RootCollection.php b/apps/dav/lib/RootCollection.php index b9f381b4b92..9a3261c388c 100644 --- a/apps/dav/lib/RootCollection.php +++ b/apps/dav/lib/RootCollection.php @@ -27,6 +27,8 @@ namespace OCA\DAV; use OCA\DAV\CalDAV\CalDavBackend; use OCA\DAV\CalDAV\CalendarRoot; use OCA\DAV\CalDAV\PublicCalendarRoot; +use OCA\DAV\CalDAV\ResourceBooking\ResourcePrincipalBackend; +use OCA\DAV\CalDAV\ResourceBooking\RoomPrincipalBackend; use OCA\DAV\CardDAV\AddressBookRoot; use OCA\DAV\CardDAV\CardDavBackend; use OCA\DAV\Connector\Sabre\Principal; @@ -43,6 +45,7 @@ class RootCollection extends SimpleCollection { $random = \OC::$server->getSecureRandom(); $logger = \OC::$server->getLogger(); $userManager = \OC::$server->getUserManager(); + $userSession = \OC::$server->getUserSession(); $groupManager = \OC::$server->getGroupManager(); $shareManager = \OC::$server->getShareManager(); $db = \OC::$server->getDatabaseConnection(); @@ -55,6 +58,8 @@ class RootCollection extends SimpleCollection { $config ); $groupPrincipalBackend = new GroupPrincipalBackend($groupManager); + $calendarResourcePrincipalBackend = new ResourcePrincipalBackend($db, $userSession, $groupManager, $logger); + $calendarRoomPrincipalBackend = new RoomPrincipalBackend($db, $userSession, $groupManager, $logger); // as soon as debug mode is enabled we allow listing of principals $disableListing = !$config->getSystemValue('debug', false); @@ -65,11 +70,25 @@ class RootCollection extends SimpleCollection { $groupPrincipals->disableListing = $disableListing; $systemPrincipals = new Collection(new SystemPrincipalBackend(), 'principals/system'); $systemPrincipals->disableListing = $disableListing; + $calendarResourcePrincipals = new Collection($calendarResourcePrincipalBackend, 'principals/calendar-resources'); + $calendarResourcePrincipals->disableListing = $disableListing; + $calendarRoomPrincipals = new Collection($calendarRoomPrincipalBackend, 'principals/calendar-rooms'); + $calendarRoomPrincipals->disableListing = $disableListing; + + $filesCollection = new Files\RootCollection($userPrincipalBackend, 'principals/users'); $filesCollection->disableListing = $disableListing; $caldavBackend = new CalDavBackend($db, $userPrincipalBackend, $userManager, $groupManager, $random, $logger, $dispatcher); - $calendarRoot = new CalendarRoot($userPrincipalBackend, $caldavBackend, 'principals/users'); - $calendarRoot->disableListing = $disableListing; + $userCalendarRoot = new CalendarRoot($userPrincipalBackend, $caldavBackend, 'principals/users'); + $userCalendarRoot->disableListing = $disableListing; + + $resourceCalendarCaldavBackend = new CalDavBackend($db, $userPrincipalBackend, $userManager, $groupManager, $random, $logger, $dispatcher); + $resourceCalendarRoot = new CalendarRoot($calendarResourcePrincipalBackend, $caldavBackend, 'principals/calendar-resources'); + $resourceCalendarRoot->disableListing = $disableListing; + $roomCalendarCaldavBackend = new CalDavBackend($db, $userPrincipalBackend, $userManager, $groupManager, $random, $logger, $dispatcher); + $roomCalendarRoot = new CalendarRoot($calendarRoomPrincipalBackend, $roomCalendarCaldavBackend, 'principals/calendar-rooms'); + $roomCalendarRoot->disableListing = $disableListing; + $publicCalendarRoot = new PublicCalendarRoot($caldavBackend, $l10n, $config); $publicCalendarRoot->disableListing = $disableListing; @@ -111,9 +130,15 @@ class RootCollection extends SimpleCollection { new SimpleCollection('principals', [ $userPrincipals, $groupPrincipals, - $systemPrincipals]), + $systemPrincipals, + $calendarResourcePrincipals, + $calendarRoomPrincipals]), $filesCollection, - $calendarRoot, + $userCalendarRoot, + new SimpleCollection('system-calendars', [ + $resourceCalendarRoot, + $roomCalendarRoot, + ]), $publicCalendarRoot, new SimpleCollection('addressbooks', [ $usersAddressBookRoot, diff --git a/apps/dav/lib/Server.php b/apps/dav/lib/Server.php index a401fb57045..231ab913195 100644 --- a/apps/dav/lib/Server.php +++ b/apps/dav/lib/Server.php @@ -132,13 +132,15 @@ class Server { // acl $acl = new DavAclPlugin(); $acl->principalCollectionSet = [ - 'principals/users', 'principals/groups' + 'principals/users', 'principals/groups', + 'principals/calendar-resources', + 'principals/calendar-rooms', ]; $acl->defaultUsernamePath = 'principals/users'; $this->server->addPlugin($acl); // calendar plugins - if ($this->requestIsForSubtree(['calendars', 'public-calendars', 'principals'])) { + if ($this->requestIsForSubtree(['calendars', 'public-calendars', 'system-calendars', 'principals'])) { $this->server->addPlugin(new \OCA\DAV\CalDAV\Plugin()); $this->server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin()); $this->server->addPlugin(new \OCA\DAV\CalDAV\Schedule\Plugin()); |