From 50569114acdc64e7c7cae1498635d3f821517c30 Mon Sep 17 00:00:00 2001
From: Daniel Lange <DLange@git.local>
Date: Mon, 7 Mar 2016 15:53:16 +0100
Subject: Initial commit of the Faster IT roundcube_calendar plugin
 distribution This includes:  * Kolab plugins 3.2.9 (calendar and
 libcalendaring)  * CalDAV driver 3.2.8  * .htaccess files for at least some
 security  * SabreDAV updated to 1.8.12 (Jan 2015 release)  * Support for
 CURLOPT_SSL_* settings to allow self-signed certificates  * Small fixes &
 improved documentation

---
 .../SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php  | 211 +++++++++++++++++++++
 1 file changed, 211 insertions(+)
 create mode 100644 calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php

(limited to 'calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php')

diff --git a/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php
new file mode 100644
index 0000000..33f5c2e
--- /dev/null
+++ b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php
@@ -0,0 +1,211 @@
+<?php
+
+namespace OldSabre\DAVACL\Property;
+
+use OldSabre\DAV;
+
+/**
+ * This class represents the {DAV:}acl property
+ *
+ * @copyright Copyright (C) 2007-2015 fruux GmbH (https://fruux.com/).
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class Acl extends DAV\Property {
+
+    /**
+     * List of privileges
+     *
+     * @var array
+     */
+    private $privileges;
+
+    /**
+     * Whether or not the server base url is required to be prefixed when
+     * serializing the property.
+     *
+     * @var boolean
+     */
+    private $prefixBaseUrl;
+
+    /**
+     * Constructor
+     *
+     * This object requires a structure similar to the return value from
+     * OldSabre\DAVACL\Plugin::getACL().
+     *
+     * Each privilege is a an array with at least a 'privilege' property, and a
+     * 'principal' property. A privilege may have a 'protected' property as
+     * well.
+     *
+     * The prefixBaseUrl should be set to false, if the supplied principal urls
+     * are already full urls. If this is kept to true, the servers base url
+     * will automatically be prefixed.
+     *
+     * @param bool $prefixBaseUrl
+     * @param array $privileges
+     */
+    public function __construct(array $privileges, $prefixBaseUrl = true) {
+
+        $this->privileges = $privileges;
+        $this->prefixBaseUrl = $prefixBaseUrl;
+
+    }
+
+    /**
+     * Returns the list of privileges for this property
+     *
+     * @return array
+     */
+    public function getPrivileges() {
+
+        return $this->privileges;
+
+    }
+
+    /**
+     * Serializes the property into a DOMElement
+     *
+     * @param DAV\Server $server
+     * @param \DOMElement $node
+     * @return void
+     */
+    public function serialize(DAV\Server $server,\DOMElement $node) {
+
+        $doc = $node->ownerDocument;
+        foreach($this->privileges as $ace) {
+
+            $this->serializeAce($doc, $node, $ace, $server);
+
+        }
+
+    }
+
+    /**
+     * Unserializes the {DAV:}acl xml element.
+     *
+     * @param \DOMElement $dom
+     * @return Acl
+     */
+    static public function unserialize(\DOMElement $dom) {
+
+        $privileges = array();
+        $xaces = $dom->getElementsByTagNameNS('urn:DAV','ace');
+        for($ii=0; $ii < $xaces->length; $ii++) {
+
+            $xace = $xaces->item($ii);
+            $principal = $xace->getElementsByTagNameNS('urn:DAV','principal');
+            if ($principal->length !== 1) {
+                throw new DAV\Exception\BadRequest('Each {DAV:}ace element must have one {DAV:}principal element');
+            }
+            $principal = Principal::unserialize($principal->item(0));
+
+            switch($principal->getType()) {
+                case Principal::HREF :
+                    $principal = $principal->getHref();
+                    break;
+                case Principal::AUTHENTICATED :
+                    $principal = '{DAV:}authenticated';
+                    break;
+                case Principal::UNAUTHENTICATED :
+                    $principal = '{DAV:}unauthenticated';
+                    break;
+                case Principal::ALL :
+                    $principal = '{DAV:}all';
+                    break;
+
+            }
+
+            $protected = false;
+
+            if ($xace->getElementsByTagNameNS('urn:DAV','protected')->length > 0) {
+                $protected = true;
+            }
+
+            $grants = $xace->getElementsByTagNameNS('urn:DAV','grant');
+            if ($grants->length < 1) {
+                throw new DAV\Exception\NotImplemented('Every {DAV:}ace element must have a {DAV:}grant element. {DAV:}deny is not yet supported');
+            }
+            $grant = $grants->item(0);
+
+            $xprivs = $grant->getElementsByTagNameNS('urn:DAV','privilege');
+            for($jj=0; $jj<$xprivs->length; $jj++) {
+
+                $xpriv = $xprivs->item($jj);
+
+                $privilegeName = null;
+
+                for ($kk=0;$kk<$xpriv->childNodes->length;$kk++) {
+
+                    $childNode = $xpriv->childNodes->item($kk);
+                    if ($t = DAV\XMLUtil::toClarkNotation($childNode)) {
+                        $privilegeName = $t;
+                        break;
+                    }
+                }
+                if (is_null($privilegeName)) {
+                    throw new DAV\Exception\BadRequest('{DAV:}privilege elements must have a privilege element contained within them.');
+                }
+
+                $privileges[] = array(
+                    'principal' => $principal,
+                    'protected' => $protected,
+                    'privilege' => $privilegeName,
+                );
+
+            }
+
+        }
+
+        return new self($privileges);
+
+    }
+
+    /**
+     * Serializes a single access control entry.
+     *
+     * @param \DOMDocument $doc
+     * @param \DOMElement $node
+     * @param array $ace
+     * @param DAV\Server $server
+     * @return void
+     */
+    private function serializeAce($doc,$node,$ace, DAV\Server $server) {
+
+        $xace  = $doc->createElementNS('DAV:','d:ace');
+        $node->appendChild($xace);
+
+        $principal = $doc->createElementNS('DAV:','d:principal');
+        $xace->appendChild($principal);
+        switch($ace['principal']) {
+            case '{DAV:}authenticated' :
+                $principal->appendChild($doc->createElementNS('DAV:','d:authenticated'));
+                break;
+            case '{DAV:}unauthenticated' :
+                $principal->appendChild($doc->createElementNS('DAV:','d:unauthenticated'));
+                break;
+            case '{DAV:}all' :
+                $principal->appendChild($doc->createElementNS('DAV:','d:all'));
+                break;
+            default:
+                $principal->appendChild($doc->createElementNS('DAV:','d:href',($this->prefixBaseUrl?$server->getBaseUri():'') . $ace['principal'] . '/'));
+        }
+
+        $grant = $doc->createElementNS('DAV:','d:grant');
+        $xace->appendChild($grant);
+
+        $privParts = null;
+
+        preg_match('/^{([^}]*)}(.*)$/',$ace['privilege'],$privParts);
+
+        $xprivilege = $doc->createElementNS('DAV:','d:privilege');
+        $grant->appendChild($xprivilege);
+
+        $xprivilege->appendChild($doc->createElementNS($privParts[1],'d:'.$privParts[2]));
+
+        if (isset($ace['protected']) && $ace['protected'])
+            $xace->appendChild($doc->createElement('d:protected'));
+
+    }
+
+}
-- 
cgit v1.2.3