2012-02-05 00:23:31 +04:00
< ? php
/**
* Copyright ( c ) 2012 Georg Ehrke < ownclouddev @ georgswebsite . de >
* This file is licensed under the Affero General Public License version 3 or
* later .
* See the COPYING - README file .
*/
2012-06-30 19:08:00 +04:00
/**
2012-02-05 00:23:31 +04:00
* This class manages shared calendars
*/
class OC_Calendar_Share {
const CALENDAR = 'calendar' ;
const EVENT = 'event' ;
2012-06-30 19:08:00 +04:00
/**
2012-02-05 00:23:31 +04:00
* @ brief : returns informations about all calendar or events which users are sharing with the user - userid
2012-06-30 17:39:20 +04:00
* @ param : string $userid - id of the user
* @ param : string $type - use const self :: CALENDAR or self :: EVENT
* @ return : array $return - information about calendars
2012-02-05 00:23:31 +04:00
*/
2012-02-21 23:10:52 +04:00
public static function allSharedwithuser ( $userid , $type , $active = null , $permission = null ){
2012-08-08 01:31:06 +04:00
$format = OC_Share_Backend_Calendar :: FORMAT_CALENDAR ;
if ( $type == self :: EVENT ) {
$format = OC_Share_Backend_Event :: FORMAT_EVENT ;
2012-02-05 00:23:31 +04:00
}
2012-08-08 01:31:06 +04:00
$return = OCP\Share :: getItemsSharedWith ( $type ,
$format ,
array (
'active' => $active ,
'permissions' => $permission ,
));
2012-02-05 00:23:31 +04:00
return $return ;
}
2012-06-30 19:08:00 +04:00
/**
2012-02-05 00:23:31 +04:00
* @ brief : returns all users a calendar / event is shared with
2012-06-30 17:39:20 +04:00
* @ param : integer id - id of the calendar / event
* @ param : string $type - use const self :: CALENDAR or self :: EVENT
* @ return : array $users - information about users a calendar / event is shared with
2012-02-05 00:23:31 +04:00
*/
public static function allUsersSharedwith ( $id , $type ){
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( 'SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE `' . $type . 'id` = ? ORDER BY `share`' );
2012-02-05 00:23:31 +04:00
$result = $stmt -> execute ( array ( $id ));
$users = array ();
while ( $row = $result -> fetchRow ()){
$users [] = $row ;
}
return $users ;
}
2012-06-30 19:08:00 +04:00
/**
2012-02-05 00:23:31 +04:00
* @ brief : shares a calendar / event
2012-06-30 17:39:20 +04:00
* @ param : string $owner - userid of the owner
* @ param : string $share - userid ( if $sharetype == user ) / groupid ( if $sharetype == group ) / token ( if $sharetype == public )
* @ param : string $sharetype - type of sharing ( can be : user / group / public )
* @ param : string $id - id of the calendar / event
* @ param : string $type - use const self :: CALENDAR or self :: EVENT
2012-02-05 00:23:31 +04:00
* @ return ( mixed ) - token ( if $sharetype == public ) / bool ( if $sharetype != public )
*/
public static function share ( $owner , $share , $sharetype , $id , $type ){
if ( self :: is_already_shared ( $owner , $share , $sharetype , $id , $type )){
return false ;
}
switch ( $sharetype ){
case 'user' :
case 'group' :
case 'public' :
break ;
default :
return false ;
}
if ( $sharetype == 'public' ){
2012-04-08 06:39:02 +04:00
$share = self :: generate_token ( $id , $type );
2012-02-05 00:23:31 +04:00
}
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( 'INSERT INTO `*PREFIX*calendar_share_' . $type . '` (`owner`,`share`,`sharetype`,`' . $type . 'id`,`permissions`' . (( $type == self :: CALENDAR ) ? ',`active`' : '' ) . ') VALUES(?,?,?,?,0' . (( $type == self :: CALENDAR ) ? ', 1' : '' ) . ')' );
2012-02-05 00:23:31 +04:00
$result = $stmt -> execute ( array ( $owner , $share , $sharetype , $id ));
if ( $sharetype == 'public' ){
return $share ;
} else {
return true ;
}
}
2012-06-30 19:08:00 +04:00
/**
2012-02-05 00:23:31 +04:00
* @ brief : stops sharing a calendar / event
2012-06-30 17:39:20 +04:00
* @ param : string $owner - userid of the owner
* @ param : string $share - userid ( if $sharetype == user ) / groupid ( if $sharetype == group ) / token ( if $sharetype == public )
* @ param : string $sharetype - type of sharing ( can be : user / group / public )
* @ param : string $id - id of the calendar / event
* @ param : string $type - use const self :: CALENDAR or self :: EVENT
* @ return boolean
2012-02-05 00:23:31 +04:00
*/
public static function unshare ( $owner , $share , $sharetype , $id , $type ){
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( 'DELETE FROM `*PREFIX*calendar_share_' . $type . '` WHERE `owner` = ? ' . (( $sharetype != 'public' ) ? 'AND `share` = ?' : '' ) . ' AND `sharetype` = ? AND `' . $type . 'id` = ?' );
2012-02-05 00:23:31 +04:00
if ( $sharetype != 'public' ){
$stmt -> execute ( array ( $owner , $share , $sharetype , $id ));
} else {
$stmt -> execute ( array ( $owner , $sharetype , $id ));
}
return true ;
}
2012-06-30 19:08:00 +04:00
/**
2012-02-05 00:23:31 +04:00
* @ brief : changes the permission for a calendar / event
2012-06-30 17:39:20 +04:00
* @ param : string $share - userid ( if $sharetype == user ) / groupid ( if $sharetype == group ) / token ( if $sharetype == public )
* @ param : string $sharetype - type of sharing ( can be : user / group / public )
* @ param : string $id - id of the calendar / event
* @ param : integer $permission - permission of user the calendar / event is shared with ( if $sharetype == public then $permission = 0 )
* @ param : string $type - use const self :: CALENDAR or self :: EVENT
* @ return boolean
2012-02-05 00:23:31 +04:00
*/
public static function changepermission ( $share , $sharetype , $id , $permission , $type ){
if ( $sharetype == 'public' && $permission == 1 ){
$permission = 0 ;
}
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( 'UPDATE `*PREFIX*calendar_share_' . $type . '` SET `permissions` = ? WHERE `share` = ? AND `sharetype` = ? AND `' . $type . 'id` = ?' );
2012-02-05 00:23:31 +04:00
$stmt -> execute ( array ( $permission , $share , $sharetype , $id ));
return true ;
}
2012-06-30 19:08:00 +04:00
/**
2012-02-05 00:23:31 +04:00
* @ brief : generates a token for public calendars / events
2012-06-30 17:39:20 +04:00
* @ return : string $token
2012-02-05 00:23:31 +04:00
*/
private static function generate_token ( $id , $type ){
$uniqid = uniqid ();
if ( $type == self :: CALENDAR ){
2012-04-14 01:26:34 +04:00
$events = OC_Calendar_Object :: all ( $id );
2012-02-05 00:23:31 +04:00
$string = '' ;
foreach ( $events as $event ){
$string .= $event [ 'calendardata' ];
}
} else {
$string = OC_Calendar_Object :: find ( $id );
}
2012-04-13 06:11:48 +04:00
$string = sha1 ( $string [ 'calendardata' ]);
2012-02-05 00:23:31 +04:00
$id = sha1 ( $id );
$array = array ( $uniqid , $string , $id );
shuffle ( $array );
$string = implode ( '' , $array );
$token = md5 ( $string );
return substr ( $token , rand ( 0 , 16 ), 15 );
}
2012-06-30 19:08:00 +04:00
/**
2012-02-05 00:23:31 +04:00
* @ brief : checks if it is already shared
2012-06-30 17:39:20 +04:00
* @ param : string $owner - userid of the owner
* @ param : string $share - userid ( if $sharetype == user ) / groupid ( if $sharetype == group ) / token ( if $sharetype == public )
* @ param : string $sharetype - type of sharing ( can be : user / group / public )
* @ param : string $id - id of the calendar / event
* @ param : string $type - use const self :: CALENDAR or self :: EVENT
* @ return boolean
2012-02-05 00:23:31 +04:00
*/
2012-02-22 13:20:58 +04:00
public static function is_already_shared ( $owner , $share , $sharetype , $id , $type ){
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( 'SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE `owner` = ? AND `share` = ? AND `sharetype` = ? AND `' . $type . 'id` = ?' );
2012-02-05 00:23:31 +04:00
$result = $stmt -> execute ( array ( $owner , $share , $sharetype , $id ));
if ( $result -> numRows () > 0 ){
return true ;
}
return false ;
}
2012-02-22 13:20:58 +04:00
private static function group_sql ( $groups ){
$group_where = '' ;
$i = 0 ;
foreach ( $groups as $group ){
2012-03-26 17:30:04 +04:00
$group_where .= ' OR ' ;
2012-07-30 22:46:14 +04:00
$group_where .= ' (`share` = \'' . $group . '\' AND `sharetype` = \'group\') ' ;
2012-02-22 13:20:58 +04:00
$i ++ ;
}
return $group_where ;
}
private static function permission_sql ( $permission = null ){
$permission_where = '' ;
if ( ! is_null ( $permission )){
2012-07-30 22:46:14 +04:00
$permission_where = ' AND `permissions` = ' ;
2012-05-06 19:41:14 +04:00
$permission_where .= ( $permission == 'rw' ) ? " '1' " : " '0' " ;
2012-02-22 13:20:58 +04:00
}
return $permission_where ;
}
private static function active_sql ( $active = null ){
$active_where = '' ;
if ( ! is_null ( $active )){
2012-07-30 22:46:14 +04:00
$active_where = 'AND `active` = ' ;
2012-02-22 13:20:58 +04:00
$active_where .= ( ! is_null ( $active ) && $active ) ? '1' : '0' ;
}
return $active_where ;
}
2012-06-30 19:08:00 +04:00
/**
2012-02-22 13:41:16 +04:00
* @ brief : checks the permission for editing an event
2012-06-30 17:39:20 +04:00
* @ param : string $share - userid ( if $sharetype == user ) / groupid ( if $sharetype == group ) / token ( if $sharetype == public )
* @ param : string $id - id of the calendar / event
* @ param : string $type - use const self :: CALENDAR or self :: EVENT
* @ return boolean
2012-02-22 13:41:16 +04:00
*/
public static function is_editing_allowed ( $share , $id , $type ){
$group_where = self :: group_sql ( OC_Group :: getUserGroups ( $share ));
$permission_where = self :: permission_sql ( 'rw' );
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( 'SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE ((`share` = ? AND `sharetype` = \'user\') ' . $group_where . ') ' . $permission_where );
2012-02-22 13:41:16 +04:00
$result = $stmt -> execute ( array ( $share ));
if ( $result -> numRows () == 1 ){
return true ;
}
2012-03-26 17:24:43 +04:00
if ( $type == self :: EVENT ){
2012-04-08 06:39:02 +04:00
$event = OC_Calendar_App :: getEventObject ( $id , false , false );
return self :: is_editing_allowed ( $share , $event [ 'calendarid' ], self :: CALENDAR );
2012-03-26 17:24:43 +04:00
}
return false ;
}
2012-06-30 19:08:00 +04:00
/**
2012-03-26 17:24:43 +04:00
* @ brief : checks the access of
2012-06-30 17:39:20 +04:00
* @ param : string $share - userid ( if $sharetype == user ) / groupid ( if $sharetype == group ) / token ( if $sharetype == public )
* @ param : string $id - id of the calendar / event
* @ param : string $type - use const self :: CALENDAR or self :: EVENT
* @ return boolean
2012-03-26 17:24:43 +04:00
*/
public static function check_access ( $share , $id , $type ){
$group_where = self :: group_sql ( OC_Group :: getUserGroups ( $share ));
2012-08-25 02:05:07 +04:00
$stmt = OCP\DB :: prepare ( 'SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE (`' . $type . 'id` = ? AND (`share` = ? AND `sharetype` = \'user\') ' . $group_where . ')' );
2012-04-13 07:15:19 +04:00
$result = $stmt -> execute ( array ( $id , $share ));
2012-04-10 23:53:39 +04:00
$rows = $result -> numRows ();
if ( $rows > 0 ){
2012-03-26 17:24:43 +04:00
return true ;
2012-04-13 07:15:19 +04:00
} elseif ( $type == self :: EVENT ){
2012-04-08 06:39:02 +04:00
$event = OC_Calendar_App :: getEventObject ( $id , false , false );
2012-04-10 23:53:39 +04:00
return self :: check_access ( $share , $event [ 'calendarid' ], self :: CALENDAR );
2012-04-13 07:15:19 +04:00
} else {
return false ;
2012-03-26 17:24:43 +04:00
}
2012-02-22 13:41:16 +04:00
}
2012-06-30 19:08:00 +04:00
/**
2012-04-01 00:12:27 +04:00
* @ brief : returns the calendardata of an event or a calendar
2012-06-30 17:39:20 +04:00
* @ param : string $token - token which should be searched
2012-04-01 00:12:27 +04:00
* @ return : mixed - bool if false , array with type and id if true
*/
public static function getElementByToken ( $token ){
2012-07-30 22:46:14 +04:00
$stmt_calendar = OCP\DB :: prepare ( " SELECT * FROM `*PREFIX*calendar_share_ " . OC_Calendar_Share :: CALENDAR . " ` WHERE `sharetype` = 'public' AND `share` = ? " );
2012-04-01 00:12:27 +04:00
$result_calendar = $stmt_calendar -> execute ( array ( $token ));
2012-07-30 22:46:14 +04:00
$stmt_event = OCP\DB :: prepare ( " SELECT * FROM `*PREFIX*calendar_share_ " . OC_Calendar_Share :: EVENT . " ` WHERE `sharetype` = 'public' AND `share` = ? " );
2012-04-10 19:18:02 +04:00
$result_event = $stmt_event -> execute ( array ( $token ));
2012-04-01 00:12:27 +04:00
$return = array ();
if ( $result_calendar -> numRows () == 0 && $result_event -> numRows () == 0 ){
return false ;
} elseif ( $result_calendar -> numRows () != 0 ){
$return [ 'type' ] = 'calendar' ;
$calendar = $result_calendar -> fetchRow ();
$return [ 'id' ] = $calendar [ 'calendarid' ];
} else {
$return [ 'type' ] = 'event' ;
$event = $result_event -> fetchRow ();
$return [ 'id' ] = $event [ 'eventid' ];
}
2012-04-13 06:11:48 +04:00
return $return ;
2012-04-01 00:12:27 +04:00
}
2012-04-18 13:50:12 +04:00
2012-06-30 19:08:00 +04:00
/**
2012-04-18 13:50:12 +04:00
* @ brief sets the active status of the calendar
2012-06-30 17:39:20 +04:00
* @ param string
2012-04-18 13:50:12 +04:00
*/
public static function set_active ( $share , $id , $active ){
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( " UPDATE `*PREFIX*calendar_share_calendar` SET `active` = ? WHERE `share` = ? AND `sharetype` = 'user' AND `calendarid` = ? " );
2012-04-18 13:50:12 +04:00
$stmt -> execute ( array ( $active , $share , $id ));
}
2012-05-13 22:03:27 +04:00
2012-06-30 19:08:00 +04:00
/**
2012-06-29 19:26:29 +04:00
* @ brief deletes all shared calendars / events after a user was deleted
2012-06-30 17:39:20 +04:00
* @ param string $userid
* @ return boolean
2012-05-13 22:03:27 +04:00
*/
public static function post_userdelete ( $userid ){
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( 'DELETE FROM `*PREFIX*calendar_share_calendar` WHERE `owner` = ?' );
2012-05-13 22:03:27 +04:00
$stmt -> execute ( array ( $userid ));
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( 'DELETE FROM `*PREFIX*calendar_share_event` WHERE `owner` = ?' );
2012-05-13 22:03:27 +04:00
$stmt -> execute ( array ( $userid ));
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( " DELETE FROM `*PREFIX*calendar_share_calendar` WHERE `share` = ? AND `sharetype` = 'user' " );
2012-05-13 22:03:27 +04:00
$stmt -> execute ( array ( $userid ));
2012-07-30 22:46:14 +04:00
$stmt = OCP\DB :: prepare ( " DELETE FROM `*PREFIX*calendar_share_event` WHERE `share` = ? AND `sharetype` = 'user' " );
2012-05-13 22:03:27 +04:00
$stmt -> execute ( array ( $userid ));
return true ;
}
2012-06-29 19:26:29 +04:00
2012-06-30 19:08:00 +04:00
/**
2012-06-29 19:26:29 +04:00
* @ brief deletes all shared events of a calendar
* @ param integer $calid
* @ return boolean
*/
public static function post_caldelete ( $calid ){
2012-08-25 02:05:07 +04:00
$stmt = OCP\DB :: prepare ( 'DELETE FROM `*PREFIX*calendar_share_calendar` WHERE `calendarid` = ?' );
2012-06-29 19:26:29 +04:00
$stmt -> execute ( array ( $calid ));
return true ;
}
2012-06-30 19:08:00 +04:00
/**
2012-06-29 19:26:29 +04:00
* @ brief deletes all shares of an event
* @ param integer $eventid
* @ return boolean
*/
public static function post_eventdelete ( $eventid ){
2012-08-25 02:05:07 +04:00
$stmt = OCP\DB :: prepare ( 'DELETE FROM `*PREFIX*calendar_share_event` WHERE `eventid` = ?' );
2012-06-29 19:26:29 +04:00
$stmt -> execute ( array ( $eventid ));
return true ;
}
2012-02-05 00:23:31 +04:00
}