not returning deleted entries for read, as they might have identical UID for caldav_name as a non-deleted entry and would therefore block access to these

2024-11-07 16:44:07 +01:00 · 2011-10-04 14:18:35 +00:00 · 2011-10-04 14:18:35 +00:00 · 23584253fd
commit 23584253fd
parent 0de2f3c527
4 changed files with 20 additions and 4 deletions
--- a/addressbook/inc/class.addressbook_groupdav.inc.php
+++ b/addressbook/inc/class.addressbook_groupdav.inc.php
@ -534,12 +534,22 @@ class addressbook_groupdav extends groupdav_handler
 	/**
 	 * Read a contact
 	 *
+	 * We have to make sure to not return or even consider in read deleted contacts, as the might have
+	 * the same UID and/or carddav_name as not deleted contacts and would block access to valid entries
+	 *
 	 * @param string|id $id
 	 * @return array/boolean array with entry, false if no read rights, null if $id does not exist
 	 */
 	function read($id)
 	{
-		$contact = $this->bo->read(array(self::$path_attr => $id));
+		static $non_deleted_tids;
+		if (is_null($non_deleted_tids))
+		{
+			$non_deleted_tids = $this->bo->content_types;
+			unset($non_deleted_tids[addressbook_so::DELETED_TYPE]);
+			$non_deleted_tids = array_keys($non_deleted_tids);
+		}
+		$contact = $this->bo->read(array(self::$path_attr => $id, 'tid' => $non_deleted_tids));

 		if ($contact && $contact['tid'] == addressbook_so::DELETED_TYPE)
 		{
--- a/calendar/inc/class.calendar_groupdav.inc.php
+++ b/calendar/inc/class.calendar_groupdav.inc.php
@ -925,6 +925,9 @@ class calendar_groupdav extends groupdav_handler
 	/**
 	 * Read an entry
 	 *
+	 * We have to make sure to not return or even consider in read deleted events, as the might have
+	 * the same UID and/or caldav_name as not deleted events and would block access to valid entries
+	 *
 	 * @param string|id $id
 	 * @return array|boolean array with entry, false if no read rights, null if $id does not exist
 	 */
@ -932,7 +935,7 @@ class calendar_groupdav extends groupdav_handler
 	{
 		if (strpos($column=self::$path_attr,'_') === false) $column = 'cal_'.$column;

-		$event = $this->bo->read(array($column => $id), null, true, 'server');
+		$event = $this->bo->read(array($column => $id, 'cal_deleted IS NULL'), null, true, 'server');
 		if ($event) $event = array_shift($event);	// read with array as 1. param, returns an array of events!

 		if (!($retval = $this->bo->check_perms(EGW_ACL_FREEBUSY,$event, 0, 'server')))
--- a/infolog/inc/class.infolog_bo.inc.php
+++ b/infolog/inc/class.infolog_bo.inc.php
@ -547,7 +547,7 @@ class infolog_bo
 	function &read($info_id,$run_link_id2from=true,$date_format='ts')
 	{
 		//error_log(__METHOD__.'('.array2string($info_id).', '.array2string($run_link_id2from).", '$date_format') ".function_backtrace());
-		if (is_scalar($info_id) || isset($info_id[0]))
+		if (is_scalar($info_id) || isset($info_id[count($info_id)-1]))
 		{
 			if (is_scalar($info_id) && !is_numeric($info_id))
 			{
--- a/infolog/inc/class.infolog_groupdav.inc.php
+++ b/infolog/inc/class.infolog_groupdav.inc.php
@ -462,12 +462,15 @@ class infolog_groupdav extends groupdav_handler
 	/**
 	 * Read an entry
 	 *
+	 * We have to make sure to not return or even consider in read deleted infologs, as the might have
+	 * the same UID and/or caldav_name as not deleted ones and would block access to valid entries
+	 *
 	 * @param string|id $id
 	 * @return array|boolean array with entry, false if no read rights, null if $id does not exist
 	 */
 	function read($id)
 	{
-		return $this->bo->read(array(self::$path_attr => $id),false,'server');
+		return $this->bo->read(array(self::$path_attr => $id, "info_status!='deleted'"),false,'server');
 	}

 	/**