From: Jan Schneider Date: Mon, 9 Aug 2010 16:26:32 +0000 (+0200) Subject: Read WebDAV ACL for permission checking. X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=d73feb550c5a129f4c52764141ace84011a6b79e;p=horde.git Read WebDAV ACL for permission checking. --- diff --git a/kronolith/lib/Driver/Ical.php b/kronolith/lib/Driver/Ical.php index 9b5038af5..bf227a301 100644 --- a/kronolith/lib/Driver/Ical.php +++ b/kronolith/lib/Driver/Ical.php @@ -28,21 +28,28 @@ class Kronolith_Driver_Ical extends Kronolith_Driver * * @var array */ - private $_cache = array(); + protected $_cache = array(); /** * HTTP client object. * * @var Horde_Http_Client */ - private $_client; + protected $_client; /** * A list of DAV support levels. * * @var array */ - private $_davSupport; + protected $_davSupport; + + /** + * The Horde_Perms permissions mask matching the CalDAV ACL. + * + * @var integer + */ + protected $_permission; /** * Selects a calendar as the currently opened calendar. @@ -274,6 +281,7 @@ class Kronolith_Driver_Ical extends Kronolith_Driver if ($component->getType() == 'vEvent') { $event = new Kronolith_Event_Ical($this); $event->status = Kronolith::STATUS_FREE; + $event->permission = $this->_permission; $event->fromiCalendar($component); // Force string so JSON encoding is consistent across drivers. $event->id = $id ? $id : 'ical' . $i; @@ -490,6 +498,7 @@ class Kronolith_Driver_Ical extends Kronolith_Driver $xml->writeAttribute('xmlns', 'DAV:'); $xml->startElement('prop'); $xml->writeElement('resourcetype'); + $xml->writeElement('current-user-privilege-set'); $xml->endDocument(); list(, $properties) = $this->_request('PROPFIND', $url, $xml, array('Depth' => 0)); @@ -497,6 +506,26 @@ class Kronolith_Driver_Ical extends Kronolith_Driver throw new Kronolith_Exception(_("The remote server URL does not point to a CalDAV directory.")); } + /* Read ACLs. */ + if ($properties->response->propstat->prop->{'current-user-privilege-set'}) { + foreach ($properties->response->propstat->prop->{'current-user-privilege-set'}->privilege as $privilege) { + if ($privilege->all) { + $this->_permission = Horde_Perms::ALL; + break; + } elseif ($privilege->read) { + /* GET access. */ + $this->_permission |= Horde_Perms::SHOW; + $this->_permission |= Horde_Perms::READ; + } elseif ($privilege->write || $privilege->{'write-content'}) { + /* PUT access. */ + $this->_permission |= Horde_Perms::EDIT; + } elseif ($privilege->unbind) { + /* DELETE access. */ + $this->_permission |= Horde_Perms::DELETE; + } + } + } + return true; } diff --git a/kronolith/lib/Event/Ical.php b/kronolith/lib/Event/Ical.php index 4cca9b6f5..8e56dc4e3 100644 --- a/kronolith/lib/Event/Ical.php +++ b/kronolith/lib/Event/Ical.php @@ -19,6 +19,14 @@ class Kronolith_Event_Ical extends Kronolith_Event public $calendarType = 'remote'; /** + * The Horde_Perms permissions mask matching the CalDAV ACL of this event's + * calendar. + * + * @var integer + */ + public $permission; + + /** * Imports a backend specific event object. * * @param Horde_Icalendar_Vevent Backend specific event object that this @@ -42,6 +50,8 @@ class Kronolith_Event_Ical extends Kronolith_Event /** * Encapsulates permissions checking. * + * $user is being ignored. + * * @param integer $permission The permission to check for. * @param string $user The user to check permissions for. * @@ -49,6 +59,10 @@ class Kronolith_Event_Ical extends Kronolith_Event */ public function hasPermission($permission, $user = null) { + if (!is_null($this->permission)) { + return $this->permission & $permission; + } + switch ($permission) { case Horde_Perms::SHOW: case Horde_Perms::READ: