diff options
Diffstat (limited to 'vendor/sabre')
16 files changed, 141 insertions, 46 deletions
diff --git a/vendor/sabre/dav/CHANGELOG.md b/vendor/sabre/dav/CHANGELOG.md index 079650965..d8a3898c3 100644 --- a/vendor/sabre/dav/CHANGELOG.md +++ b/vendor/sabre/dav/CHANGELOG.md @@ -1,12 +1,26 @@ ChangeLog ========= +3.2.0 (2016-06-27) +------------------ + +* The default ACL rules allow an unauthenticated user to read information + about nodes that don't have their own ACL defined. This was a security + problem. +* The zip release ships with [sabre/vobject 4.1.0][vobj], + [sabre/http 4.2.1][http], [sabre/event 3.0.0][evnt], + [sabre/uri 1.1.0][uri] and [sabre/xml 1.4.2][xml]. + + 3.2.0-beta1 (2016-05-20) ------------------------ * #833: Calendars throw exceptions when the sharing plugin is not enabled. * #834: Return vCards exactly as they were stored if we don't need to convert in between versions. +* The zip release ships with [sabre/vobject 4.1.0][vobj], + [sabre/http 4.2.1][http], [sabre/event 3.0.0][evnt], + [sabre/uri 1.1.0][uri] and [sabre/xml 1.4.1][xml]. 3.2.0-alpha1 (2016-05-09) @@ -70,6 +84,23 @@ ChangeLog [sabre/uri 1.1.0][uri] and [sabre/xml 1.4.1][xml]. +3.1.5 (????-??-??) +------------------ + +* Fixed: Creating a new calendar on some MySQL configurations caused an error. + + +3.1.4 (2016-05-28) +------------------ + +* #834: Backport from `master`: Return vCards exactly as they were stored if + we don't need to convert in between versions. This should speed up many + large addressbook syncs sometimes up to 50%. +* The zip release ships with [sabre/vobject 4.1.0][vobj], + [sabre/http 4.2.1][http], [sabre/event 3.0.0][evnt], + [sabre/uri 1.1.0][uri] and [sabre/xml 1.4.2][xml]. + + 3.1.3 (2016-04-06) ------------------ diff --git a/vendor/sabre/dav/bin/migrateto32.php b/vendor/sabre/dav/bin/migrateto32.php index 59732b511..7567aeb60 100644 --- a/vendor/sabre/dav/bin/migrateto32.php +++ b/vendor/sabre/dav/bin/migrateto32.php @@ -237,7 +237,7 @@ if ($migrateCalendars) { CREATE TABLE calendars ( id INTEGER UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT, synctoken INTEGER UNSIGNED NOT NULL DEFAULT '1', - components VARBINARY(20) + components VARBINARY(21) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; SQL ); diff --git a/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php b/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php index b1c013d62..95f1d49a6 100644 --- a/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php +++ b/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php @@ -1502,7 +1502,7 @@ SQL; */ function setPublishStatus($calendarId, $value) { - throw new \Exception('Not implemented'); + throw new \Sabre\DAV\Exception\NotImplemented('Not implemented'); } diff --git a/vendor/sabre/dav/lib/CalDAV/Xml/Property/ScheduleCalendarTransp.php b/vendor/sabre/dav/lib/CalDAV/Xml/Property/ScheduleCalendarTransp.php index 4a253e008..a82b8eff7 100644 --- a/vendor/sabre/dav/lib/CalDAV/Xml/Property/ScheduleCalendarTransp.php +++ b/vendor/sabre/dav/lib/CalDAV/Xml/Property/ScheduleCalendarTransp.php @@ -4,8 +4,8 @@ namespace Sabre\CalDAV\Xml\Property; use Sabre\Xml\Element; use Sabre\Xml\Reader; +use Sabre\Xml\Deserializer; use Sabre\Xml\Writer; -use Sabre\Xml\Element\Elements; use Sabre\CalDAV\Plugin; /** @@ -116,23 +116,13 @@ class ScheduleCalendarTransp implements Element { */ static function xmlDeserialize(Reader $reader) { - $elems = Elements::xmlDeserialize($reader); + $elems = Deserializer\enum($reader, Plugin::NS_CALDAV); - $value = null; - - foreach ($elems as $elem) { - switch ($elem) { - case '{' . Plugin::NS_CALDAV . '}opaque' : - $value = self::OPAQUE; - break; - case '{' . Plugin::NS_CALDAV . '}transparent' : - $value = self::TRANSPARENT; - break; - } + if (in_array('transparent', $elems)) { + $value = self::TRANSPARENT; + } else { + $value = self::OPAQUE; } - if (is_null($value)) - return null; - return new self($value); } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php index 6756e68df..3a687d747 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php @@ -25,7 +25,7 @@ class File extends AbstractDigest { /** * Creates the backend object. * - * If the filename argument is passed in, it will parse out the specified file fist. + * If the filename argument is passed in, it will parse out the specified file first. * * @param string|null $filename */ diff --git a/vendor/sabre/dav/lib/DAV/FSExt/Directory.php b/vendor/sabre/dav/lib/DAV/FSExt/Directory.php index 648079e26..dd5f992db 100644 --- a/vendor/sabre/dav/lib/DAV/FSExt/Directory.php +++ b/vendor/sabre/dav/lib/DAV/FSExt/Directory.php @@ -131,12 +131,7 @@ class Directory extends Node implements DAV\ICollection, DAV\IQuota, DAV\IMoveTa foreach ($iterator as $entry) { - $node = $entry->getFilename(); - - if ($node === '.sabredav') - continue; - - $nodes[] = $this->getChild($node); + $nodes[] = $this->getChild($entry->getFilename()); } return $nodes; @@ -153,9 +148,6 @@ class Directory extends Node implements DAV\ICollection, DAV\IQuota, DAV\IMoveTa // Deleting all children foreach ($this->getChildren() as $child) $child->delete(); - // Removing resource info, if its still around - if (file_exists($this->path . '/.sabredav')) unlink($this->path . '/.sabredav'); - // Removing the directory itself rmdir($this->path); diff --git a/vendor/sabre/dav/lib/DAV/Version.php b/vendor/sabre/dav/lib/DAV/Version.php index 5430b967c..2fda85db8 100644 --- a/vendor/sabre/dav/lib/DAV/Version.php +++ b/vendor/sabre/dav/lib/DAV/Version.php @@ -14,6 +14,6 @@ class Version { /** * Full version number */ - const VERSION = '3.2.0-beta1'; + const VERSION = '3.2.0'; } diff --git a/vendor/sabre/dav/lib/DAV/Xml/Property/ShareAccess.php b/vendor/sabre/dav/lib/DAV/Xml/Property/ShareAccess.php index f27af5415..a3fc6b0e1 100644 --- a/vendor/sabre/dav/lib/DAV/Xml/Property/ShareAccess.php +++ b/vendor/sabre/dav/lib/DAV/Xml/Property/ShareAccess.php @@ -127,7 +127,7 @@ class ShareAccess implements Element { switch ($elem['name']) { case '{DAV:}not-shared' : return new self(SharingPlugin::ACCESS_NOTSHARED); - case '{DAV:}sharedowner' : + case '{DAV:}shared-owner' : return new self(SharingPlugin::ACCESS_SHAREDOWNER); case '{DAV:}read' : return new self(SharingPlugin::ACCESS_READ); diff --git a/vendor/sabre/dav/lib/DAV/Xml/Property/SupportedMethodSet.php b/vendor/sabre/dav/lib/DAV/Xml/Property/SupportedMethodSet.php index 56b418db6..7641f3739 100644 --- a/vendor/sabre/dav/lib/DAV/Xml/Property/SupportedMethodSet.php +++ b/vendor/sabre/dav/lib/DAV/Xml/Property/SupportedMethodSet.php @@ -32,16 +32,11 @@ class SupportedMethodSet implements XmlSerializable, HtmlOutput { /** * Creates the property * - * Any reports passed in the constructor - * should be valid report-types in clark-notation. - * - * Either a string or an array of strings must be passed. - * - * @param string|string[] $methods + * @param string[] $methods */ - function __construct($methods = null) { + function __construct(array $methods) { - $this->methods = (array)$methods; + $this->methods = $methods; } diff --git a/vendor/sabre/dav/lib/DAVACL/Plugin.php b/vendor/sabre/dav/lib/DAVACL/Plugin.php index 59a7b0922..8e912309e 100644 --- a/vendor/sabre/dav/lib/DAVACL/Plugin.php +++ b/vendor/sabre/dav/lib/DAVACL/Plugin.php @@ -307,11 +307,6 @@ class Plugin extends DAV\ServerPlugin { 'protected' => true, 'privilege' => '{DAV:}all', ], - [ - 'principal' => '{DAV:}unauthenticated', - 'protected' => true, - 'privilege' => '{DAV:}read', - ], ]; /** diff --git a/vendor/sabre/dav/tests/Sabre/CalDAV/Backend/AbstractPDOTest.php b/vendor/sabre/dav/tests/Sabre/CalDAV/Backend/AbstractPDOTest.php index 35d6da353..2a00f7925 100644 --- a/vendor/sabre/dav/tests/Sabre/CalDAV/Backend/AbstractPDOTest.php +++ b/vendor/sabre/dav/tests/Sabre/CalDAV/Backend/AbstractPDOTest.php @@ -1418,4 +1418,14 @@ abstract class AbstractPDOTest extends \PHPUnit_Framework_TestCase { } + /** + * @expectedException \Sabre\DAV\Exception\NotImplemented + */ + function testSetPublishStatus() { + + $backend = new PDO($this->pdo); + $backend->setPublishStatus([1, 1], true); + + } + } diff --git a/vendor/sabre/dav/tests/Sabre/DAV/Auth/Backend/FileTest.php b/vendor/sabre/dav/tests/Sabre/DAV/Auth/Backend/FileTest.php index 9b66d642f..f694f4806 100644 --- a/vendor/sabre/dav/tests/Sabre/DAV/Auth/Backend/FileTest.php +++ b/vendor/sabre/dav/tests/Sabre/DAV/Auth/Backend/FileTest.php @@ -23,8 +23,7 @@ class FileTest extends \PHPUnit_Framework_TestCase { function testLoadFileBroken() { file_put_contents(SABRE_TEMPDIR . '/backend', 'user:realm:hash'); - $file = new File(); - $file->loadFile(SABRE_TEMPDIR . '/backend'); + $file = new File(SABRE_TEMPDIR . '/backend'); } diff --git a/vendor/sabre/dav/tests/Sabre/DAV/Auth/PluginTest.php b/vendor/sabre/dav/tests/Sabre/DAV/Auth/PluginTest.php index 3ed79a7da..b566dd757 100644 --- a/vendor/sabre/dav/tests/Sabre/DAV/Auth/PluginTest.php +++ b/vendor/sabre/dav/tests/Sabre/DAV/Auth/PluginTest.php @@ -49,6 +49,25 @@ class PluginTest extends \PHPUnit_Framework_TestCase { } /** + * @depends testAuthenticateFail + */ + function testAuthenticateFailDontAutoRequire() { + + $fakeServer = new DAV\Server(new DAV\SimpleCollection('bla')); + $backend = new Backend\Mock(); + $backend->fail = true; + + $plugin = new Plugin($backend); + $plugin->autoRequireLogin = false; + $fakeServer->addPlugin($plugin); + $this->assertTrue( + $fakeServer->emit('beforeMethod', [new HTTP\Request(), new HTTP\Response()]) + ); + $this->assertEquals(1, count($plugin->getLoginFailedReasons())); + + } + + /** * @depends testAuthenticate */ function testMultipleBackend() { diff --git a/vendor/sabre/dav/tests/Sabre/DAV/ServerEventsTest.php b/vendor/sabre/dav/tests/Sabre/DAV/ServerEventsTest.php index 6ac20d2da..4c576f108 100644 --- a/vendor/sabre/dav/tests/Sabre/DAV/ServerEventsTest.php +++ b/vendor/sabre/dav/tests/Sabre/DAV/ServerEventsTest.php @@ -31,7 +31,9 @@ class ServerEventsTest extends AbstractServer { function testAfterResponse() { - $mock = $this->getMock('stdClass', ['afterResponseCallback']); + $mock = $this->getMockBuilder('stdClass') + ->setMethods(['afterResponseCallback']) + ->getMock(); $mock->expects($this->once())->method('afterResponseCallback'); $this->server->on('afterResponse', [$mock, 'afterResponseCallback']); diff --git a/vendor/sabre/dav/tests/Sabre/DAVACL/ExpandPropertiesTest.php b/vendor/sabre/dav/tests/Sabre/DAVACL/ExpandPropertiesTest.php index 0612b5474..91de64372 100644 --- a/vendor/sabre/dav/tests/Sabre/DAVACL/ExpandPropertiesTest.php +++ b/vendor/sabre/dav/tests/Sabre/DAVACL/ExpandPropertiesTest.php @@ -34,6 +34,13 @@ class ExpandPropertiesTest extends \PHPUnit_Framework_TestCase { $fakeServer->httpResponse = new HTTP\ResponseMock(); $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; + // Anyone can do anything + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ] + ]); $this->assertTrue($plugin instanceof Plugin); $fakeServer->addPlugin($plugin); diff --git a/vendor/sabre/dav/tests/Sabre/DAVACL/PluginPropertiesTest.php b/vendor/sabre/dav/tests/Sabre/DAVACL/PluginPropertiesTest.php index 5762ac902..fb42efba7 100644 --- a/vendor/sabre/dav/tests/Sabre/DAVACL/PluginPropertiesTest.php +++ b/vendor/sabre/dav/tests/Sabre/DAVACL/PluginPropertiesTest.php @@ -11,6 +11,13 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); + //Anyone can do anything $plugin->principalCollectionSet = [ 'principals1', 'principals2', @@ -47,6 +54,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { $plugin = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock()); $fakeServer->addPlugin($plugin); $plugin = new Plugin(); + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); $fakeServer->addPlugin($plugin); @@ -80,6 +93,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); $server = new DAV\Server(); $server->addPlugin($plugin); @@ -140,6 +159,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); $nodes = [ new MockACLNode('foo', [ @@ -227,6 +252,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { //$fakeServer->addPlugin($plugin); $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); $fakeServer->addPlugin($plugin); $requestedProperties = [ @@ -256,6 +287,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { //$fakeServer->addPlugin($plugin); $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); $fakeServer->addPlugin($plugin); $requestedProperties = [ @@ -286,6 +323,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { //$fakeServer->addPlugin($plugin); $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); $fakeServer->addPlugin($plugin); $requestedProperties = [ @@ -315,6 +358,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; $fakeServer->addPlugin($plugin); + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); $requestedProperties = [ '{DAV:}group-membership', @@ -343,6 +392,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase { $plugin = new Plugin(); $plugin->allowUnauthenticatedAccess = false; $fakeServer->addPlugin($plugin); + $plugin->setDefaultACL([ + [ + 'principal' => '{DAV:}all', + 'privilege' => '{DAV:}all', + ], + ]); $requestedProperties = [ '{DAV:}displayname', |