From 66581cee3fad6bd19c7b9e2b13747febe8419e1e Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Wed, 14 Oct 2015 16:39:39 +0000 Subject: [PATCH] * Calendar/CalDAV/iMip: only include replying participant in iMip REPLY messages --- calendar/inc/class.calendar_boupdate.inc.php | 15 ++++++-- calendar/inc/class.calendar_ical.inc.php | 8 +++- calendar/inc/class.calendar_uiforms.inc.php | 39 ++++++++++---------- 3 files changed, 38 insertions(+), 24 deletions(-) diff --git a/calendar/inc/class.calendar_boupdate.inc.php b/calendar/inc/class.calendar_boupdate.inc.php index 8fe7bba507..d09d09fb63 100644 --- a/calendar/inc/class.calendar_boupdate.inc.php +++ b/calendar/inc/class.calendar_boupdate.inc.php @@ -911,7 +911,8 @@ class calendar_boupdate extends calendar_bo $calendar_ical->setSupportedFields('full'); // full iCal fields+event TZ // we need to pass $event[id] so iCal class reads event again, // as event is in user TZ, but iCal class expects server TZ! - $ics = $calendar_ical->exportVCal(array(isset($cleared_event) ? $cleared_event : $event['id']),'2.0',$method); + $ics = $calendar_ical->exportVCal(array(isset($cleared_event) ? $cleared_event : $event['id']), + '2.0', $method, 0, '', 'utf-8', $method == 'REPLY' ? $user : 0); unset($calendar_ical); } $attachment = array( @@ -1067,10 +1068,12 @@ class calendar_boupdate extends calendar_bo * @param array $event * @param boolean $ignore_acl =false should we ignore the acl * @param boolean $updateTS =true update the content history of the event + * DEPRECATED: we allways (have to) update timestamp, as they are required for sync! * @return int|boolean $cal_id > 0 or false on error (eg. permission denied) */ function save($event,$ignore_acl=false,$updateTS=true) { + unset($updateTS); //error_log(__METHOD__.'('.array2string($event).", $ignore_acl, $updateTS)"); // check if user has the permission to update / create the event @@ -1416,13 +1419,17 @@ class calendar_boupdate extends calendar_bo * @param int|array $event event-array or id of the event * @param string|int $uid account_id or 1-char type-identifer plus id (eg. c15 for addressbook entry #15) * @param int|char $status numeric status (defines) or 1-char code: 'R', 'U', 'T' or 'A' - * @param int $recur_date=0 date to change, or 0 = all since now - * @param boolean $ignore_acl=false do not check the permisions for the $uid, if true - * @param boolean $updateTS=true update the content history of the event + * @param int $recur_date =0 date to change, or 0 = all since now + * @param boolean $ignore_acl =false do not check the permisions for the $uid, if true + * @param boolean $updateTS =true update the content history of the event + * DEPRECATED: we allways (have to) update timestamp, as they are required for sync! + * @param boolean $skip_notification =false true: do not send notification messages * @return int number of changed recurrences */ function set_status($event,$uid,$status,$recur_date=0,$ignore_acl=false,$updateTS=true,$skip_notification=false) { + unset($updateTS); + $cal_id = is_array($event) ? $event['id'] : $event; //echo "

calendar_boupdate::set_status($cal_id,$uid,$status,$recur_date)

\n"; if (!$cal_id || (!$ignore_acl && !$this->check_status_perms($uid,$event))) diff --git a/calendar/inc/class.calendar_ical.inc.php b/calendar/inc/class.calendar_ical.inc.php index f61c085d39..4d4e0153fc 100644 --- a/calendar/inc/class.calendar_ical.inc.php +++ b/calendar/inc/class.calendar_ical.inc.php @@ -191,9 +191,10 @@ class calendar_ical extends calendar_boupdate * default 0 => export whole series (or events, if not recurring) * @param string $principalURL ='' Used for CalDAV exports * @param string $charset ='UTF-8' encoding of the vcalendar, default UTF-8 + * @param int|string $current_user =0 uid of current user to only export that one as participant for method=REPLY * @return string|boolean string with iCal or false on error (e.g. no permission to read the event) */ - function &exportVCal($events, $version='1.0', $method='PUBLISH', $recur_date=0, $principalURL='', $charset='UTF-8') + function &exportVCal($events, $version='1.0', $method='PUBLISH', $recur_date=0, $principalURL='', $charset='UTF-8', $current_user=0) { if ($this->log) { @@ -461,6 +462,11 @@ class calendar_ical extends calendar_boupdate $organizerCN = $participantCN; $organizerUID = ($info['type'] != 'e' ? (string)$uid : ''); } + // iCal method=REPLY only exports replying / current user, except external organiser / chair above + if ($method == 'REPLY' && $current_user && (string)$current_user !== (string)$uid) + { + continue; + } // PARTSTAT={NEEDS-ACTION|ACCEPTED|DECLINED|TENTATIVE|DELEGATED|COMPLETED|IN-PROGRESS} everything from delegated is NOT used by eGW atm. $status = $this->status_egw2ical[$status]; // CUTYPE={INDIVIDUAL|GROUP|RESOURCE|ROOM|UNKNOWN} diff --git a/calendar/inc/class.calendar_uiforms.inc.php b/calendar/inc/class.calendar_uiforms.inc.php index 7ddb47afae..df036a60d4 100644 --- a/calendar/inc/class.calendar_uiforms.inc.php +++ b/calendar/inc/class.calendar_uiforms.inc.php @@ -1752,7 +1752,6 @@ class calendar_uiforms extends calendar_ui $ical_string = $session_data['attachment']; $ical_charset = $session_data['charset']; $ical_method = $session_data['method']; - $ical_sender = $session_data['sender']; unset($session_data); } $ical = new calendar_ical(); @@ -1773,13 +1772,15 @@ class calendar_uiforms extends calendar_ui switch(strtolower($ical_method)) { case 'reply': - if ($ical_sender && ($event['ical_sender_uid'] = groupdav_principals::url2uid('mailto:'.$ical_sender)) && - isset($existing_event['participants'][$event['ical_sender_uid']]) && - $this->bo->check_status_perms($event['ical_sender_uid'], $existing_event)) + // first participant is the one replying (our iCal parser adds owner first!) + $parts = $event['participants']; + unset($parts[$existing_event['owner']]); + list($event['ical_sender_uid'], $event['ical_sender_status']) = each($parts); + $quantity = $role = null; + calendar_so::split_status($event['ical_sender_status'], $quantity, $role); + + if ($event['ical_sender_uid'] && $this->bo->check_status_perms($event['ical_sender_uid'], $existing_event)) { - $event['ical_sender_status'] = $event['participants'][$event['ical_sender_uid']]; - $quantity = $role = null; - calendar_so::split_status($event['ical_sender_status'], $quantity, $role); $existing_status = $existing_event['participants'][$event['ical_sender_uid']]; calendar_so::split_status($existing_status, $quantity, $role); if ($existing_status != $event['ical_sender_status']) @@ -1805,6 +1806,17 @@ class calendar_uiforms extends calendar_ui { $msg = lang('Using already existing event on server.'); } + $user_and_memberships = $GLOBALS['egw']->accounts->memberships($user, true); + $user_and_memberships[] = $user; + if (!array_intersect(array_keys($event['participants']), $user_and_memberships)) + { + $msg .= ($msg ? "\n" : '').lang('You are not invited to that event!'); + if ($event['id']) + { + $readonlys['button[accept]'] = $readonlys['button[tentativ]'] = + $readonlys['button[reject]'] = $readonlys['button[cancel]'] = true; + } + } break; } $event['id'] = $existing_event['id']; @@ -1825,17 +1837,6 @@ class calendar_uiforms extends calendar_ui $event['recure'] = $this->bo->recure2string($event); $event['all_participants'] = implode(",\n",$this->bo->participants($event, true)); - $user_and_memberships = $GLOBALS['egw']->accounts->memberships($user, true); - $user_and_memberships[] = $user; - if (!array_intersect(array_keys($event['participants']), $user_and_memberships)) - { - $msg .= ($msg ? "\n" : '').lang('You are not invited to that event!'); - if ($event['id']) - { - $readonlys['button[accept]'] = $readonlys['button[tentativ]'] = - $readonlys['button[reject]'] = $readonlys['button[cancel]'] = true; - } - } // ignore events in the past (for recurring events check enddate!) if ($this->bo->date2ts($event['start']) < $this->bo->now_su && (!$event['recur_type'] || $event['recur_enddate'] && $event['recur_enddate'] < $this->bo->now_su)) @@ -1913,7 +1914,7 @@ class calendar_uiforms extends calendar_ui // add notification-errors, if we have some $msg = array_merge((array)$msg, notifications::errors(true)); } - $event['msg'] = implode("\n",(array)$msg); + egw_framework::message(implode("\n", (array)$msg)); $readonlys['button[edit]'] = !$event['id']; $event['ics_method'] = $readonlys['ics_method'] = strtolower($ical_method); switch(strtolower($ical_method))