summaryrefslogtreecommitdiffstats
path: root/apps/calendar/ajax/share/share.php
blob: 838db619f62c55d36bed3cfe1ee87d6b959109f3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<?php
/**
 * Copyright (c) 2012 Georg Ehrke <ownclouddev@georgswebsite.de>
 * This file is licensed under the Affero General Public License version 3 or
 * later.
 * See the COPYING-README file.
 */
 
$id = strip_tags($_POST['id']);
$idtype = strip_tags($_POST['idtype']);
switch($idtype){
	case 'calendar':
	case 'event':
		break;
	default:
		OCP\JSON::error(array('message'=>'unexpected parameter'));
		exit;
}
if($idtype == 'calendar' && !OC_Calendar_App::getCalendar($id)){
	OCP\JSON::error(array('message'=>'permission denied'));
	exit;
}
if($idtype == 'event' && !OC_Calendar_App::getEventObject($id)){
	OCP\JSON::error(array('message'=>'permission denied'));
	exit;
}
$sharewith = $_POST['sharewith'];
$sharetype = strip_tags($_POST['sharetype']);
switch($sharetype){
	case 'user':
	case 'group':
	case 'public':
		break;
	default:
		OCP\JSON::error(array('message'=>'unexpected parameter'));
		exit;
}
if($sharetype == 'user' && !OCP\User::userExists($sharewith)){
	OCP\JSON::error(array('message'=>'user not found'));
	exit;
}
if($sharetype == 'group' && !OC_Group::groupExists($sharewith)){
	OCP\JSON::error(array('message'=>'group not found'));
	exit;
}
if($sharetype == 'user' && OCP\USER::getUser() == $sharewith){
	OCP\JSON::error(array('message'=>'you can not share with yourself'));
}
$success = OC_Calendar_Share::share(OCP\USER::getUser(), $sharewith, $sharetype, $id, (($idtype=='calendar') ? OC_Calendar_Share::CALENDAR : OC_Calendar_Share::EVENT));
if($success){
	if($sharetype == 'public'){
		OCP\JSON::success(array('message'=>$success));
	}else{
		OCP\JSON::success(array('message'=>'shared'));
	}
}else{
	OCP\JSON::error(array('message'=>'can not share'));
	exit;
}