From 00dc157b19834cfe558bc25a105cc509f47d7ed6 Mon Sep 17 00:00:00 2001
From: Thomas Müller <thomas.mueller@tmit.eu>
Date: Mon, 11 Jul 2016 14:26:09 +0200
Subject: Fix requests for browser plugin as well as for the public calendar
 root folder

---
 apps/dav/lib/CalDAV/Publishing/PublishPlugin.php | 28 ------------------------
 apps/dav/lib/DAV/PublicAuth.php                  | 24 +++++++++++++++-----
 2 files changed, 18 insertions(+), 34 deletions(-)

(limited to 'apps')

diff --git a/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php b/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php
index f1f3540d68c..1d45aef5a2f 100644
--- a/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php
+++ b/apps/dav/lib/CalDAV/Publishing/PublishPlugin.php
@@ -91,7 +91,6 @@ class PublishPlugin extends ServerPlugin
 
         $this->server->on('method:POST', [$this, 'httpPost']);
         $this->server->on('propFind',    [$this, 'propFind']);
-        $this->server->on('method:GET',  [$this, 'httpGet'], 90); // 90 because it needs to be called before auth
     }
 
     public function propFind(PropFind $propFind, INode $node)
@@ -210,31 +209,4 @@ class PublishPlugin extends ServerPlugin
 
       }
   }
-
-  /**
-   * We intercept the GET requests to provide our shared calendars.
-   *
-   * @param Sabre\HTTP\RequestInterface $request
-   * @param Sabre\HTTP\ResponseInterface $response
-   */
-  public function httpGet(RequestInterface $request, ResponseInterface $response)
-  {
-      $path = $request->getPath();
-
-    // TODO : Find a better way to do this
-    list($path, $token) = explode('/', $path);
-      if ($path !== 'public-calendars') {
-          return;
-      }
-
-    // This is where the magic happens
-    // Find a place to put the functions getResourceIdFromToken($token) and getRessource($id)
-
-    $this->server->transactionType = 'access-published-calendar';
-
-      $response->setStatus(200);
-      $response->setBody('Success !');
-
-      return false;
-  }
 }
diff --git a/apps/dav/lib/DAV/PublicAuth.php b/apps/dav/lib/DAV/PublicAuth.php
index 65defe5883e..41fab614c3d 100644
--- a/apps/dav/lib/DAV/PublicAuth.php
+++ b/apps/dav/lib/DAV/PublicAuth.php
@@ -34,7 +34,7 @@ class PublicAuth implements BackendInterface {
 	 */
 	public function __construct() {
 		$this->publicURLs = [
-			'public-calendars/'
+			'public-calendars'
 		];
 	}
 
@@ -67,12 +67,8 @@ class PublicAuth implements BackendInterface {
 	 * @return array
 	 */
 	function check(RequestInterface $request, ResponseInterface $response) {
-		$url = $request->getPath();
-		$matchingUrls = array_filter($this->publicURLs, function ($publicUrl) use ($url) {
-			return strpos($url, $publicUrl, 0) === 0;
-		});
 
-		if ($matchingUrls) {
+		if ($this->isRequestPublic($request)) {
 			return [true, "principals/system/public"];
 		}
 		return [false, "No public access to this resource."];
@@ -83,4 +79,20 @@ class PublicAuth implements BackendInterface {
 	 */
 	function challenge(RequestInterface $request, ResponseInterface $response) {
 	}
+
+	/**
+	 * @param RequestInterface $request
+	 * @return array
+	 */
+	private function isRequestPublic(RequestInterface $request) {
+		$params = $request->getQueryParameters();
+		if (isset($params['sabreAction']) && $params['sabreAction'] == 'asset') {
+			return true;
+		}
+		$url = $request->getPath();
+		$matchingUrls = array_filter($this->publicURLs, function ($publicUrl) use ($url) {
+			return strpos($url, $publicUrl, 0) === 0;
+		});
+		return $matchingUrls;
+	}
 }
-- 
cgit v1.2.3