aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/sabre/dav/lib
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2022-03-29 11:42:53 +0200
committerMario Vavti <mario@mariovavti.com>2022-03-29 11:42:53 +0200
commit0784cd593a39a4fc297e8a82f7e79bc8019a0868 (patch)
tree22182afb37cf460f8208fff9d276a0672add3185 /vendor/sabre/dav/lib
parent0e2e9321025f87fe9587f3d183adaea6185e4e20 (diff)
parent9c5d2ee5630dd7033904039dcd1e92db8821b644 (diff)
downloadvolse-hubzilla-7.2.tar.gz
volse-hubzilla-7.2.tar.bz2
volse-hubzilla-7.2.zip
Merge branch '7.2RC'7.2
Diffstat (limited to 'vendor/sabre/dav/lib')
-rw-r--r--vendor/sabre/dav/lib/CalDAV/Backend/PDO.php51
-rw-r--r--vendor/sabre/dav/lib/CalDAV/Calendar.php13
-rw-r--r--vendor/sabre/dav/lib/CalDAV/Plugin.php2
-rw-r--r--vendor/sabre/dav/lib/CalDAV/Schedule/Plugin.php4
-rw-r--r--vendor/sabre/dav/lib/CalDAV/Subscriptions/Subscription.php2
-rw-r--r--vendor/sabre/dav/lib/DAV/Auth/Backend/PDOBasicAuth.php114
-rw-r--r--vendor/sabre/dav/lib/DAV/Auth/Plugin.php4
-rw-r--r--vendor/sabre/dav/lib/DAV/Browser/Plugin.php2
-rw-r--r--vendor/sabre/dav/lib/DAV/Locks/Plugin.php4
-rw-r--r--vendor/sabre/dav/lib/DAV/Server.php3
-rw-r--r--vendor/sabre/dav/lib/DAV/Sync/Plugin.php13
-rw-r--r--vendor/sabre/dav/lib/DAV/Tree.php2
-rw-r--r--vendor/sabre/dav/lib/DAV/Version.php2
-rw-r--r--vendor/sabre/dav/lib/DAV/Xml/Element/Response.php22
-rw-r--r--vendor/sabre/dav/lib/DAVACL/Plugin.php4
-rw-r--r--vendor/sabre/dav/lib/DAVACL/PrincipalBackend/AbstractBackend.php2
-rw-r--r--vendor/sabre/dav/lib/DAVACL/PrincipalBackend/BackendInterface.php2
-rw-r--r--vendor/sabre/dav/lib/DAVACL/Xml/Property/Principal.php2
18 files changed, 206 insertions, 42 deletions
diff --git a/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php b/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php
index 0d5df3968..2f48ab982 100644
--- a/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php
+++ b/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php
@@ -948,42 +948,46 @@ SQL;
}
list($calendarId, $instanceId) = $calendarId;
- // Current synctoken
- $stmt = $this->pdo->prepare('SELECT synctoken FROM '.$this->calendarTableName.' WHERE id = ?');
- $stmt->execute([$calendarId]);
- $currentToken = $stmt->fetchColumn(0);
-
- if (is_null($currentToken)) {
- return null;
- }
-
$result = [
- 'syncToken' => $currentToken,
'added' => [],
'modified' => [],
'deleted' => [],
];
if ($syncToken) {
- $query = 'SELECT uri, operation FROM '.$this->calendarChangesTableName.' WHERE synctoken >= ? AND synctoken < ? AND calendarid = ? ORDER BY synctoken';
+ $query = 'SELECT uri, operation, synctoken FROM '.$this->calendarChangesTableName.' WHERE synctoken >= ? AND calendarid = ? ORDER BY synctoken';
if ($limit > 0) {
- $query .= ' LIMIT '.(int) $limit;
+ // Fetch one more raw to detect result truncation
+ $query .= ' LIMIT '.((int) $limit + 1);
}
// Fetching all changes
$stmt = $this->pdo->prepare($query);
- $stmt->execute([$syncToken, $currentToken, $calendarId]);
+ $stmt->execute([$syncToken, $calendarId]);
$changes = [];
// This loop ensures that any duplicates are overwritten, only the
// last change on a node is relevant.
while ($row = $stmt->fetch(\PDO::FETCH_ASSOC)) {
- $changes[$row['uri']] = $row['operation'];
+ $changes[$row['uri']] = $row;
}
+ $currentToken = null;
+ $result_count = 0;
foreach ($changes as $uri => $operation) {
- switch ($operation) {
+ if (!is_null($limit) && $result_count >= $limit) {
+ $result['result_truncated'] = true;
+ break;
+ }
+
+ if (null === $currentToken || $currentToken < $operation['synctoken'] + 1) {
+ // SyncToken in CalDAV perspective is consistently the next number of the last synced change event in this class.
+ $currentToken = $operation['synctoken'] + 1;
+ }
+
+ ++$result_count;
+ switch ($operation['operation']) {
case 1:
$result['added'][] = $uri;
break;
@@ -995,7 +999,24 @@ SQL;
break;
}
}
+
+ if (!is_null($currentToken)) {
+ $result['syncToken'] = $currentToken;
+ } else {
+ // This means returned value is equivalent to syncToken
+ $result['syncToken'] = $syncToken;
+ }
} else {
+ // Current synctoken
+ $stmt = $this->pdo->prepare('SELECT synctoken FROM '.$this->calendarTableName.' WHERE id = ?');
+ $stmt->execute([$calendarId]);
+ $currentToken = $stmt->fetchColumn(0);
+
+ if (is_null($currentToken)) {
+ return null;
+ }
+ $result['syncToken'] = $currentToken;
+
// No synctoken supplied, this is the initial sync.
$query = 'SELECT uri FROM '.$this->calendarObjectTableName.' WHERE calendarid = ?';
$stmt = $this->pdo->prepare($query);
diff --git a/vendor/sabre/dav/lib/CalDAV/Calendar.php b/vendor/sabre/dav/lib/CalDAV/Calendar.php
index 9f32e702a..6e989314d 100644
--- a/vendor/sabre/dav/lib/CalDAV/Calendar.php
+++ b/vendor/sabre/dav/lib/CalDAV/Calendar.php
@@ -396,7 +396,8 @@ class Calendar implements ICalendar, DAV\IProperties, DAV\Sync\ISyncCollection,
* 'deleted' => [
* 'foo.php.bak',
* 'old.txt'
- * ]
+ * ],
+ * 'result_truncated' : true
* ];
*
* The syncToken property should reflect the *current* syncToken of the
@@ -406,6 +407,9 @@ class Calendar implements ICalendar, DAV\IProperties, DAV\Sync\ISyncCollection,
* If the syncToken is specified as null, this is an initial sync, and all
* members should be reported.
*
+ * If result is truncated due to server limitation or limit by client,
+ * set result_truncated to true, otherwise set to false or do not add the key.
+ *
* The modified property is an array of nodenames that have changed since
* the last token.
*
@@ -422,12 +426,17 @@ class Calendar implements ICalendar, DAV\IProperties, DAV\Sync\ISyncCollection,
* should be treated as infinite.
*
* If the limit (infinite or not) is higher than you're willing to return,
- * you should throw a Sabre\DAV\Exception\TooMuchMatches() exception.
+ * the result should be truncated to fit the limit.
+ * Note that even when the result is truncated, syncToken must be consistent
+ * with the truncated result, not the result before truncation.
+ * (See RFC6578 Section 3.6 for detail)
*
* If the syncToken is expired (due to data cleanup) or unknown, you must
* return null.
*
* The limit is 'suggestive'. You are free to ignore it.
+ * TODO: RFC6578 Setion 3.7 says that the server must fail when the server
+ * cannot truncate according to the limit, so it may not be just suggestive.
*
* @param string $syncToken
* @param int $syncLevel
diff --git a/vendor/sabre/dav/lib/CalDAV/Plugin.php b/vendor/sabre/dav/lib/CalDAV/Plugin.php
index da172049e..98f4f554c 100644
--- a/vendor/sabre/dav/lib/CalDAV/Plugin.php
+++ b/vendor/sabre/dav/lib/CalDAV/Plugin.php
@@ -243,7 +243,7 @@ class Plugin extends DAV\ServerPlugin
* @param mixed $report
* @param mixed $path
*
- * @return bool
+ * @return bool|null
*/
public function report($reportName, $report, $path)
{
diff --git a/vendor/sabre/dav/lib/CalDAV/Schedule/Plugin.php b/vendor/sabre/dav/lib/CalDAV/Schedule/Plugin.php
index 38a7ca96f..3cc360f1d 100644
--- a/vendor/sabre/dav/lib/CalDAV/Schedule/Plugin.php
+++ b/vendor/sabre/dav/lib/CalDAV/Schedule/Plugin.php
@@ -735,9 +735,7 @@ class Plugin extends ServerPlugin
/**
* This method is responsible for parsing a free-busy query request and
- * returning it's result.
- *
- * @return string
+ * returning its result in $response.
*/
protected function handleFreeBusyRequest(IOutbox $outbox, VObject\Component $vObject, RequestInterface $request, ResponseInterface $response)
{
diff --git a/vendor/sabre/dav/lib/CalDAV/Subscriptions/Subscription.php b/vendor/sabre/dav/lib/CalDAV/Subscriptions/Subscription.php
index 3be1b609e..8d56e6441 100644
--- a/vendor/sabre/dav/lib/CalDAV/Subscriptions/Subscription.php
+++ b/vendor/sabre/dav/lib/CalDAV/Subscriptions/Subscription.php
@@ -75,7 +75,7 @@ class Subscription extends Collection implements ISubscription, IACL
/**
* Returns the last modification time.
*
- * @return int
+ * @return int|null
*/
public function getLastModified()
{
diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/PDOBasicAuth.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/PDOBasicAuth.php
new file mode 100644
index 000000000..39324e4db
--- /dev/null
+++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/PDOBasicAuth.php
@@ -0,0 +1,114 @@
+<?php
+
+namespace Sabre\DAV\Auth\Backend;
+
+/**
+ * This is an authentication backend that uses a database to manage passwords.
+ *
+ * @copyright Copyright (C) fruux GmbH (https://fruux.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class PDOBasicAuth extends AbstractBasic
+{
+ /**
+ * Reference to PDO connection.
+ *
+ * @var PDO
+ */
+ protected $pdo;
+
+ /**
+ * PDO table name we'll be using.
+ *
+ * @var string
+ */
+ protected $tableName;
+
+ /**
+ * PDO digest column name we'll be using
+ * (i.e. digest, password, password_hash).
+ *
+ * @var string
+ */
+ protected $digestColumn;
+
+ /**
+ * PDO uuid(unique user identifier) column name we'll be using
+ * (i.e. username, email).
+ *
+ * @var string
+ */
+ protected $uuidColumn;
+
+ /**
+ * Digest prefix:
+ * if the backend you are using for is prefixing
+ * your password hashes set this option to your prefix to
+ * cut it off before verfiying.
+ *
+ * @var string
+ */
+ protected $digestPrefix;
+
+ /**
+ * Creates the backend object.
+ *
+ * If the filename argument is passed in, it will parse out the specified file fist.
+ */
+ public function __construct(\PDO $pdo, array $options = [])
+ {
+ $this->pdo = $pdo;
+ if (isset($options['tableName'])) {
+ $this->tableName = $options['tableName'];
+ } else {
+ $this->tableName = 'users';
+ }
+ if (isset($options['digestColumn'])) {
+ $this->digestColumn = $options['digestColumn'];
+ } else {
+ $this->digestColumn = 'digest';
+ }
+ if (isset($options['uuidColumn'])) {
+ $this->uuidColumn = $options['uuidColumn'];
+ } else {
+ $this->uuidColumn = 'username';
+ }
+ if (isset($options['digestPrefix'])) {
+ $this->digestPrefix = $options['digestPrefix'];
+ }
+ }
+
+ /**
+ * Validates a username and password.
+ *
+ * This method should return true or false depending on if login
+ * succeeded.
+ *
+ * @param string $username
+ * @param string $password
+ *
+ * @return bool
+ */
+ public function validateUserPass($username, $password)
+ {
+ $stmt = $this->pdo->prepare('SELECT '.$this->digestColumn.' FROM '.$this->tableName.' WHERE '.$this->uuidColumn.' = ?');
+ $stmt->execute([$username]);
+ $result = $stmt->fetchAll();
+
+ if (!count($result)) {
+ return false;
+ } else {
+ $digest = $result[0][$this->digestColumn];
+
+ if (isset($this->digestPrefix)) {
+ $digest = substr($digest, strlen($this->digestPrefix));
+ }
+
+ if (password_verify($password, $digest)) {
+ return true;
+ }
+
+ return false;
+ }
+ }
+}
diff --git a/vendor/sabre/dav/lib/DAV/Auth/Plugin.php b/vendor/sabre/dav/lib/DAV/Auth/Plugin.php
index 68adbede5..eb4f27ca6 100644
--- a/vendor/sabre/dav/lib/DAV/Auth/Plugin.php
+++ b/vendor/sabre/dav/lib/DAV/Auth/Plugin.php
@@ -113,8 +113,6 @@ class Plugin extends ServerPlugin
/**
* This method is called before any HTTP method and forces users to be authenticated.
- *
- * @return bool
*/
public function beforeMethod(RequestInterface $request, ResponseInterface $response)
{
@@ -204,8 +202,6 @@ class Plugin extends ServerPlugin
* This method will for example cause a HTTP Basic backend to set a
* WWW-Authorization header, indicating to the client that it should
* authenticate.
- *
- * @return array
*/
public function challenge(RequestInterface $request, ResponseInterface $response)
{
diff --git a/vendor/sabre/dav/lib/DAV/Browser/Plugin.php b/vendor/sabre/dav/lib/DAV/Browser/Plugin.php
index 2f155d9ea..89495e5db 100644
--- a/vendor/sabre/dav/lib/DAV/Browser/Plugin.php
+++ b/vendor/sabre/dav/lib/DAV/Browser/Plugin.php
@@ -85,8 +85,6 @@ class Plugin extends DAV\ServerPlugin
/**
* This method intercepts GET requests that have ?sabreAction=info
* appended to the URL.
- *
- * @return bool
*/
public function httpGetEarly(RequestInterface $request, ResponseInterface $response)
{
diff --git a/vendor/sabre/dav/lib/DAV/Locks/Plugin.php b/vendor/sabre/dav/lib/DAV/Locks/Plugin.php
index 110bfce06..2443f204c 100644
--- a/vendor/sabre/dav/lib/DAV/Locks/Plugin.php
+++ b/vendor/sabre/dav/lib/DAV/Locks/Plugin.php
@@ -295,6 +295,10 @@ class Plugin extends DAV\ServerPlugin
{
$locks = $this->getLocks($path, $includeChildren = true);
foreach ($locks as $lock) {
+ // don't delete a lock on a parent dir
+ if (0 !== strpos($lock->uri, $path)) {
+ continue;
+ }
$this->unlockNode($path, $lock);
}
}
diff --git a/vendor/sabre/dav/lib/DAV/Server.php b/vendor/sabre/dav/lib/DAV/Server.php
index de663d0c1..1f8300d4a 100644
--- a/vendor/sabre/dav/lib/DAV/Server.php
+++ b/vendor/sabre/dav/lib/DAV/Server.php
@@ -895,7 +895,7 @@ class Server implements LoggerAwareInterface, EmitterInterface
}
$propertyNames = $propFind->getRequestedProperties();
- $propFindType = !empty($propertyNames) ? PropFind::NORMAL : PropFind::ALLPROPS;
+ $propFindType = !$propFind->isAllProps() ? PropFind::NORMAL : PropFind::ALLPROPS;
foreach ($this->tree->getChildren($path) as $childNode) {
if ('' !== $path) {
@@ -1237,6 +1237,7 @@ class Server implements LoggerAwareInterface, EmitterInterface
$this->tree->markDirty($parentUri);
$this->emit('afterBind', [$uri]);
+ $this->emit('afterCreateCollection', [$uri]);
}
/**
diff --git a/vendor/sabre/dav/lib/DAV/Sync/Plugin.php b/vendor/sabre/dav/lib/DAV/Sync/Plugin.php
index 32106abb3..8609f759e 100644
--- a/vendor/sabre/dav/lib/DAV/Sync/Plugin.php
+++ b/vendor/sabre/dav/lib/DAV/Sync/Plugin.php
@@ -124,6 +124,10 @@ class Plugin extends DAV\ServerPlugin
throw new DAV\Exception\InvalidSyncToken('Invalid or unknown sync token');
}
+ if (!array_key_exists('result_truncated', $changeInfo)) {
+ $changeInfo['result_truncated'] = false;
+ }
+
// Encoding the response
$this->sendSyncCollectionResponse(
$changeInfo['syncToken'],
@@ -131,7 +135,8 @@ class Plugin extends DAV\ServerPlugin
$changeInfo['added'],
$changeInfo['modified'],
$changeInfo['deleted'],
- $report->properties
+ $report->properties,
+ $changeInfo['result_truncated']
);
}
@@ -141,7 +146,7 @@ class Plugin extends DAV\ServerPlugin
* @param string $syncToken
* @param string $collectionUrl
*/
- protected function sendSyncCollectionResponse($syncToken, $collectionUrl, array $added, array $modified, array $deleted, array $properties)
+ protected function sendSyncCollectionResponse($syncToken, $collectionUrl, array $added, array $modified, array $deleted, array $properties, bool $resultTruncated = false)
{
$fullPaths = [];
@@ -164,6 +169,10 @@ class Plugin extends DAV\ServerPlugin
$fullPath = $collectionUrl.'/'.$item;
$responses[] = new DAV\Xml\Element\Response($fullPath, [], 404);
}
+ if ($resultTruncated) {
+ $responses[] = new DAV\Xml\Element\Response($collectionUrl.'/', [], 507);
+ }
+
$multiStatus = new DAV\Xml\Response\MultiStatus($responses, self::SYNCTOKEN_PREFIX.$syncToken);
$this->server->httpResponse->setStatus(207);
diff --git a/vendor/sabre/dav/lib/DAV/Tree.php b/vendor/sabre/dav/lib/DAV/Tree.php
index 2417979a6..8215e2c39 100644
--- a/vendor/sabre/dav/lib/DAV/Tree.php
+++ b/vendor/sabre/dav/lib/DAV/Tree.php
@@ -226,7 +226,7 @@ class Tree
// flushing the entire cache
$path = trim($path, '/');
foreach ($this->cache as $nodePath => $node) {
- if ('' === $path || $nodePath == $path || 0 === strpos($nodePath, $path.'/')) {
+ if ('' === $path || $nodePath == $path || 0 === strpos((string) $nodePath, $path.'/')) {
unset($this->cache[$nodePath]);
}
}
diff --git a/vendor/sabre/dav/lib/DAV/Version.php b/vendor/sabre/dav/lib/DAV/Version.php
index b25d6c07a..f8b56bb98 100644
--- a/vendor/sabre/dav/lib/DAV/Version.php
+++ b/vendor/sabre/dav/lib/DAV/Version.php
@@ -16,5 +16,5 @@ class Version
/**
* Full version number.
*/
- public const VERSION = '4.1.5';
+ public const VERSION = '4.3.1';
}
diff --git a/vendor/sabre/dav/lib/DAV/Xml/Element/Response.php b/vendor/sabre/dav/lib/DAV/Xml/Element/Response.php
index 45c161fa4..79f06a09b 100644
--- a/vendor/sabre/dav/lib/DAV/Xml/Element/Response.php
+++ b/vendor/sabre/dav/lib/DAV/Xml/Element/Response.php
@@ -121,7 +121,7 @@ class Response implements Element
foreach ($this->getResponseProperties() as $status => $properties) {
// Skipping empty lists
- if (!$properties || (!ctype_digit($status) && !is_int($status))) {
+ if (!$properties || (!is_int($status) && !ctype_digit($status))) {
continue;
}
$empty = false;
@@ -186,8 +186,21 @@ class Response implements Element
return [];
}
+
+ if (!$reader->read()) {
+ $reader->next();
+
+ return [];
+ }
+
+ if (Reader::END_ELEMENT === $reader->nodeType) {
+ $reader->next();
+
+ return [];
+ }
+
$values = [];
- $reader->read();
+
do {
if (Reader::ELEMENT === $reader->nodeType) {
$clark = $reader->getClark();
@@ -199,9 +212,12 @@ class Response implements Element
$values[$clark] = $reader->parseCurrentElement()['value'];
}
} else {
- $reader->read();
+ if (!$reader->read()) {
+ break;
+ }
}
} while (Reader::END_ELEMENT !== $reader->nodeType);
+
$reader->read();
return $values;
diff --git a/vendor/sabre/dav/lib/DAVACL/Plugin.php b/vendor/sabre/dav/lib/DAVACL/Plugin.php
index 6f071927d..46d680e15 100644
--- a/vendor/sabre/dav/lib/DAVACL/Plugin.php
+++ b/vendor/sabre/dav/lib/DAVACL/Plugin.php
@@ -927,8 +927,6 @@ class Plugin extends DAV\ServerPlugin
* Triggered before properties are looked up in specific nodes.
*
* @TODO really should be broken into multiple methods, or even a class.
- *
- * @return bool
*/
public function propFind(DAV\PropFind $propFind, DAV\INode $node)
{
@@ -1070,8 +1068,6 @@ class Plugin extends DAV\ServerPlugin
* @param string $reportName
* @param mixed $report
* @param mixed $path
- *
- * @return bool
*/
public function report($reportName, $report, $path)
{
diff --git a/vendor/sabre/dav/lib/DAVACL/PrincipalBackend/AbstractBackend.php b/vendor/sabre/dav/lib/DAVACL/PrincipalBackend/AbstractBackend.php
index 03a9c4bad..f61a0c953 100644
--- a/vendor/sabre/dav/lib/DAVACL/PrincipalBackend/AbstractBackend.php
+++ b/vendor/sabre/dav/lib/DAVACL/PrincipalBackend/AbstractBackend.php
@@ -33,7 +33,7 @@ abstract class AbstractBackend implements BackendInterface
* @param string $uri
* @param string $principalPrefix
*
- * @return string
+ * @return string|null
*/
public function findByUri($uri, $principalPrefix)
{
diff --git a/vendor/sabre/dav/lib/DAVACL/PrincipalBackend/BackendInterface.php b/vendor/sabre/dav/lib/DAVACL/PrincipalBackend/BackendInterface.php
index 72717a59b..7140a9295 100644
--- a/vendor/sabre/dav/lib/DAVACL/PrincipalBackend/BackendInterface.php
+++ b/vendor/sabre/dav/lib/DAVACL/PrincipalBackend/BackendInterface.php
@@ -110,7 +110,7 @@ interface BackendInterface
* @param string $uri
* @param string $principalPrefix
*
- * @return string
+ * @return string|null
*/
public function findByUri($uri, $principalPrefix);
diff --git a/vendor/sabre/dav/lib/DAVACL/Xml/Property/Principal.php b/vendor/sabre/dav/lib/DAVACL/Xml/Property/Principal.php
index 24aeffad9..52092128f 100644
--- a/vendor/sabre/dav/lib/DAVACL/Xml/Property/Principal.php
+++ b/vendor/sabre/dav/lib/DAVACL/Xml/Property/Principal.php
@@ -142,6 +142,8 @@ class Principal extends DAV\Xml\Property\Href
case self::ALL:
return '<em>all</em>';
}
+
+ return '<em>unknown</em>';
}
/**