* CalDAV/Lightning: fixed under some conditions infinit poping up alarms and user not able to add alarms

- Lightning pops up alarm, until Sequence/etag get updated: if user has no edit rights on an other users calendar, etag never got updated, now we update it - fixed user was not able to add alarms via CalDAV, if he had no edit rights for event (was always possible in web UI) - alarms from other users calendars are not included any more, as they make no sense but a lot of trouble - fixed wrong condition on adding alarms, causing some alarms no being saved
2024-10-05 09:42:30 +02:00 · 2011-03-05 10:21:32 +00:00 · 2011-03-05 10:21:32 +00:00 · 3bb9e89bcf
commit 3bb9e89bcf
parent 738966ca68
8 changed files with 73 additions and 42 deletions
--- a/addressbook/inc/class.addressbook_groupdav.inc.php
+++ b/addressbook/inc/class.addressbook_groupdav.inc.php
@ -276,9 +276,10 @@ class addressbook_groupdav extends groupdav_handler
 	 *
 	 * @param array &$options
 	 * @param int $id
+	 * @param int $user=null account_id
 	 * @return mixed boolean true on success, false on failure or string with http status (eg. '404 Not Found')
 	 */
-	function get(&$options,$id)
+	function get(&$options,$id,$user=null)
 	{
 		if (!is_array($contact = $this->_common_get_put_delete('GET',$options,$id)))
 		{
--- a/calendar/inc/class.calendar_groupdav.inc.php
+++ b/calendar/inc/class.calendar_groupdav.inc.php
@ -220,7 +220,7 @@ error_log(__METHOD__."($path,,".array2string($start).") filter=".array2string($f
 				//error_log(__FILE__ . __METHOD__ . "Calendar Data : $calendar_data");
 				if ($calendar_data)
 				{
-					$content = $this->iCal($event);
+					$content = $this->iCal($event,$filter['users']);
 					$props[] = HTTP_WebDAV_Server::mkprop('getcontentlength',bytes($content));
 					$props[] = HTTP_WebDAV_Server::mkprop(groupdav::CALDAV,'calendar-data',$content);
 				}
@ -382,15 +382,16 @@ error_log(__METHOD__."($path,,".array2string($start).") filter=".array2string($f
 	 *
 	 * @param array &$options
 	 * @param int $id
+	 * @param int $user=null account_id
 	 * @return mixed boolean true on success, false on failure or string with http status (eg. '404 Not Found')
 	 */
-	function get(&$options,$id)
+	function get(&$options,$id,$user=null)
 	{
 		if (!is_array($event = $this->_common_get_put_delete('GET',$options,$id)))
 		{
 			return $event;
 		}
-		$options['data'] = $this->iCal($event);
+		$options['data'] = $this->iCal($event,$user);
 		$options['mimetype'] = 'text/calendar; charset=utf-8';
 		header('Content-Encoding: identity');
 		header('ETag: '.$this->get_etag($event));
@ -403,13 +404,23 @@ error_log(__METHOD__."($path,,".array2string($start).") filter=".array2string($f
 	 * Taking into account virtual an real exceptions for recuring events
 	 *
 	 * @param array $event
+	 * @param int $user=null account_id of calendar to display
 	 * @return string
 	 */
-	private function iCal(array $event)
+	private function iCal(array $event,$user=null)
 	{
 		static $handler = null;
 		if (is_null($handler)) $handler = $this->_get_handler();

+		if (!$user) $user = $GLOBALS['egw_info']['user']['account_id'];
+
+		// only return alarms in own calendar, not other users calendars
+		if ($user != $GLOBALS['egw_info']['user']['account_id'])
+		{
+			//error_log(__METHOD__.'('.array2string($event).", $user) clearing alarms");
+			$event['alarm'] = array();
+		}
+
 		$events = array($event);

 		// for recuring events we have to add the exceptions
@ -551,8 +562,18 @@ error_log(__METHOD__."($path,,".array2string($start).") filter=".array2string($f
 			}
 			else
 			{
-				// let lightning think the event is added
-				$retval = '201 Created';
+				$retval = '204 No Content';
+
+				// lightning will pop up the alarm, as long as the Sequence (etag) does NOT change
+				// --> update the etag alone, if user has no edit rights
+				if ($this->agent == 'lightning' && !$this->check_access(EGW_ACL_EDIT, $oldEvent) &&
+					isset($oldEvent['participants'][$GLOBALS['egw_info']['user']['account_id']]))
+				{
+					// just update etag in database
+					$GLOBALS['egw']->db->update($this->bo->so->cal_table,'cal_etag=cal_etag+1',array(
+						'cal_id' => $eventId,
+					),__LINE__,__FILE__,'calendar');
+				}
 			}
 		}
 		else
--- a/calendar/inc/class.calendar_ical.inc.php
+++ b/calendar/inc/class.calendar_ical.inc.php
@ -1423,6 +1423,12 @@ class calendar_ical extends calendar_boupdate
 								$alarm['owner'] = $this->user;
 								$alarm['all'] = false;

+								// if no edit rights, allow participants to set alarms directly (like status)
+								if ($event_info['stored_event'] && !$event_info['acl_edit'])
+								{
+									$this->save_alarm($event_info['stored_event']['id'], $alarm);
+								}
+
 								if (is_array($event_info['stored_event'])
 										&& count($event_info['stored_event']['alarm']) > 0)
 								{
--- a/calendar/inc/class.calendar_so.inc.php
+++ b/calendar/inc/class.calendar_so.inc.php
@ -1090,18 +1090,18 @@ ORDER BY cal_user_type, cal_usre_id
 					$alarm['time'] = $event['cal_start'] - $alarm['offset'];
 				}

-				$start = (int)time() + $alarm['offset'];
-				if ($alarm['time'] < $start)
+				if ($alarm['time'] < time())
 				{
 					//pgoerzen: don't add an alarm in the past
 					if ($event['recur_type'] == MCAL_RECUR_NONE) continue;
+					$start = (int)time() + $alarm['offset'];
 					$event['start'] = $event['cal_start'];
 					$event['end'] = $event['cal_end'];
 					$event['tzid'] = $event['cal_tzid'];
 					$rrule = calendar_rrule::event2rrule($event, false);
 					foreach ($rrule as $time)
 					{
-						if ($start< ($ts = egw_time::to($time,'server'))) break;
+						if ($start < ($ts = egw_time::to($time,'server'))) break;
 						$ts = 0;
 					}
 					if (!$ts) continue;
--- a/infolog/inc/class.infolog_groupdav.inc.php
+++ b/infolog/inc/class.infolog_groupdav.inc.php
@ -331,9 +331,10 @@ class infolog_groupdav extends groupdav_handler
 	 *
 	 * @param array &$options
 	 * @param int $id
+	 * @param int $user=null account_id
 	 * @return mixed boolean true on success, false on failure or string with http status (eg. '404 Not Found')
 	 */
-	function get(&$options,$id)
+	function get(&$options,$id,$user=null)
 	{
 		if (!is_array($task = $this->_common_get_put_delete('GET',$options,$id)))
 		{
--- a/phpgwapi/inc/class.groupdav.inc.php
+++ b/phpgwapi/inc/class.groupdav.inc.php
@ -548,7 +548,7 @@ class groupdav extends HTTP_WebDAV_Server
 		}
 		if (($handler = self::app_handler($app)))
 		{
-			return $handler->get($options,$id);
+			return $handler->get($options,$id,$user);
 		}
 		error_log(__METHOD__."(".array2string($options).") 501 Not Implemented");
 		return '501 Not Implemented';
--- a/phpgwapi/inc/class.groupdav_handler.inc.php
+++ b/phpgwapi/inc/class.groupdav_handler.inc.php
@ -135,9 +135,10 @@ abstract class groupdav_handler
 	 *
 	 * @param array &$options
 	 * @param int $id
+	 * @param int $user=null account_id
 	 * @return mixed boolean true on success, false on failure or string with http status (eg. '404 Not Found')
 	 */
-	abstract function get(&$options,$id);
+	abstract function get(&$options,$id,$user=null);

 	/**
 	 * Handle get request for an applications entry
--- a/phpgwapi/inc/class.groupdav_principals.inc.php
+++ b/phpgwapi/inc/class.groupdav_principals.inc.php
@ -440,9 +440,10 @@ class groupdav_principals extends groupdav_handler
 	 *
 	 * @param array &$options
 	 * @param int $id
+	 * @param int $user=null account_id
 	 * @return mixed boolean true on success, false on failure or string with http status (eg. '404 Not Found')
 	 */
-	function get(&$options,$id)
+	function get(&$options,$id,$user=null)
 	{
 		if (!is_array($account = $this->_common_get_put_delete('GET',$options,$id)))
 		{