DAViCal
caldav-GET.php
1 <?php
11 dbg_error_log("get", "GET method handler");
12 
13 require("caldav-GET-functions.php");
14 
15 $dav_resource = new DAVResource($request->path);
16 $dav_resource->NeedPrivilege( array('urn:ietf:params:xml:ns:caldav:read-free-busy','DAV::read') );
17 if ( $dav_resource->IsExternal() ) {
18  require_once("external-fetch.php");
19  update_external ( $dav_resource );
20 }
21 
22 if ( ! $dav_resource->Exists() ) {
23  $request->DoResponse( 404, translate("Resource Not Found.") );
24 }
25 
26 
27 if ( $dav_resource->IsCollection() ) {
28  $response = export_iCalendar($dav_resource);
29  header( 'Etag: '.$dav_resource->unique_tag() );
30  $request->DoResponse( 200, ($request->method == 'HEAD' ? '' : $response), 'text/calendar; charset="utf-8"' );
31 }
32 
33 
34 // Just a single event then
35 
36 $resource = $dav_resource->resource();
37 $ic = new iCalComponent( $resource->caldav_data );
38 
39 $resource->caldav_data = preg_replace( '{(?<!\r)\n}', "\r\n", $resource->caldav_data);
40 
42 $allowed = false;
43 if ( $dav_resource->HavePrivilegeTo('all', false) || $session->user_no == $resource->user_no || $session->user_no == $resource->logged_user
44  || ( $c->allow_get_email_visibility && $ic->IsAttendee($session->email) ) ) {
49  $allowed = true;
50 }
51 else if ( $resource->class != 'PRIVATE' ) {
52  $allowed = true; // but we may well obfuscate it below
53  if ( ! $dav_resource->HavePrivilegeTo('DAV::read') || ( $resource->class == 'CONFIDENTIAL' && ! $request->HavePrivilegeTo('DAV::write-content') ) ) {
54  $ical = new iCalComponent( $resource->caldav_data );
55  $comps = $ical->GetComponents('VTIMEZONE',false);
56  $confidential = obfuscated_event($comps[0]);
57  $ical->SetComponents( array($confidential), $resource->caldav_type );
58  $resource->caldav_data = $ical->Render();
59  }
60 }
61 // else $resource->class == 'PRIVATE' and this person may not see it.
62 
63 if ( ! $allowed ) {
64  $request->DoResponse( 403, translate("Forbidden") );
65 }
66 
67 header( 'Etag: "'.$resource->dav_etag.'"' );
68 header( 'Content-Length: '.strlen($resource->caldav_data) );
69 
70 $contenttype = 'text/plain';
71 switch( $resource->caldav_type ) {
72  case 'VJOURNAL':
73  case 'VEVENT':
74  case 'VTODO':
75  $contenttype = 'text/calendar; component=' . strtolower($resource->caldav_type);
76  break;
77 
78  case 'VCARD':
79  $contenttype = 'text/vcard';
80  break;
81 }
82 
83 $request->DoResponse( 200, ($request->method == 'HEAD' ? '' : $resource->caldav_data), $contenttype.'; charset="utf-8"' );
DAVResource
Definition: DAVResource.php:24