Initial commit of the Faster IT roundcube_calendar plugin distribution

This includes:
 * Kolab plugins 3.2.9 (calendar and libcalendaring)
 * CalDAV driver 3.2.8
 * .htaccess files for at least some security
 * SabreDAV updated to 1.8.12 (Jan 2015 release)
 * Support for CURLOPT_SSL_* settings to allow self-signed certificates
 * Small fixes & improved documentation

5 files changed, 624 insertions, 0 deletions

diff --git a/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php
new file mode 100644
index 0000000..33f5c2e
--- /dev/null
+++ b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Acl.php
@@ -0,0 +1,211 @@
+<?php
+
+namespace OldSabre\DAVACL\Property;
+
+use OldSabre\DAV;
+
+/**
+ * This class represents the {DAV:}acl property
+ *
+ * @copyright Copyright (C) 2007-2015 fruux GmbH (https://fruux.com/).
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class Acl extends DAV\Property {
+
+    /**
+     * List of privileges
+     *
+     * @var array
+     */
+    private $privileges;
+
+    /**
+     * Whether or not the server base url is required to be prefixed when
+     * serializing the property.
+     *
+     * @var boolean
+     */
+    private $prefixBaseUrl;
+
+    /**
+     * Constructor
+     *
+     * This object requires a structure similar to the return value from
+     * OldSabre\DAVACL\Plugin::getACL().
+     *
+     * Each privilege is a an array with at least a 'privilege' property, and a
+     * 'principal' property. A privilege may have a 'protected' property as
+     * well.
+     *
+     * The prefixBaseUrl should be set to false, if the supplied principal urls
+     * are already full urls. If this is kept to true, the servers base url
+     * will automatically be prefixed.
+     *
+     * @param bool $prefixBaseUrl
+     * @param array $privileges
+     */
+    public function __construct(array $privileges, $prefixBaseUrl = true) {
+
+        $this->privileges = $privileges;
+        $this->prefixBaseUrl = $prefixBaseUrl;
+
+    }
+
+    /**
+     * Returns the list of privileges for this property
+     *
+     * @return array
+     */
+    public function getPrivileges() {
+
+        return $this->privileges;
+
+    }
+
+    /**
+     * Serializes the property into a DOMElement
+     *
+     * @param DAV\Server $server
+     * @param \DOMElement $node
+     * @return void
+     */
+    public function serialize(DAV\Server $server,\DOMElement $node) {
+
+        $doc = $node->ownerDocument;
+        foreach($this->privileges as $ace) {
+
+            $this->serializeAce($doc, $node, $ace, $server);
+
+        }
+
+    }
+
+    /**
+     * Unserializes the {DAV:}acl xml element.
+     *
+     * @param \DOMElement $dom
+     * @return Acl
+     */
+    static public function unserialize(\DOMElement $dom) {
+
+        $privileges = array();
+        $xaces = $dom->getElementsByTagNameNS('urn:DAV','ace');
+        for($ii=0; $ii < $xaces->length; $ii++) {
+
+            $xace = $xaces->item($ii);
+            $principal = $xace->getElementsByTagNameNS('urn:DAV','principal');
+            if ($principal->length !== 1) {
+                throw new DAV\Exception\BadRequest('Each {DAV:}ace element must have one {DAV:}principal element');
+            }
+            $principal = Principal::unserialize($principal->item(0));
+
+            switch($principal->getType()) {
+                case Principal::HREF :
+                    $principal = $principal->getHref();
+                    break;
+                case Principal::AUTHENTICATED :
+                    $principal = '{DAV:}authenticated';
+                    break;
+                case Principal::UNAUTHENTICATED :
+                    $principal = '{DAV:}unauthenticated';
+                    break;
+                case Principal::ALL :
+                    $principal = '{DAV:}all';
+                    break;
+
+            }
+
+            $protected = false;
+
+            if ($xace->getElementsByTagNameNS('urn:DAV','protected')->length > 0) {
+                $protected = true;
+            }
+
+            $grants = $xace->getElementsByTagNameNS('urn:DAV','grant');
+            if ($grants->length < 1) {
+                throw new DAV\Exception\NotImplemented('Every {DAV:}ace element must have a {DAV:}grant element. {DAV:}deny is not yet supported');
+            }
+            $grant = $grants->item(0);
+
+            $xprivs = $grant->getElementsByTagNameNS('urn:DAV','privilege');
+            for($jj=0; $jj<$xprivs->length; $jj++) {
+
+                $xpriv = $xprivs->item($jj);
+
+                $privilegeName = null;
+
+                for ($kk=0;$kk<$xpriv->childNodes->length;$kk++) {
+
+                    $childNode = $xpriv->childNodes->item($kk);
+                    if ($t = DAV\XMLUtil::toClarkNotation($childNode)) {
+                        $privilegeName = $t;
+                        break;
+                    }
+                }
+                if (is_null($privilegeName)) {
+                    throw new DAV\Exception\BadRequest('{DAV:}privilege elements must have a privilege element contained within them.');
+                }
+
+                $privileges[] = array(
+                    'principal' => $principal,
+                    'protected' => $protected,
+                    'privilege' => $privilegeName,
+                );
+
+            }
+
+        }
+
+        return new self($privileges);
+
+    }
+
+    /**
+     * Serializes a single access control entry.
+     *
+     * @param \DOMDocument $doc
+     * @param \DOMElement $node
+     * @param array $ace
+     * @param DAV\Server $server
+     * @return void
+     */
+    private function serializeAce($doc,$node,$ace, DAV\Server $server) {
+
+        $xace  = $doc->createElementNS('DAV:','d:ace');
+        $node->appendChild($xace);
+
+        $principal = $doc->createElementNS('DAV:','d:principal');
+        $xace->appendChild($principal);
+        switch($ace['principal']) {
+            case '{DAV:}authenticated' :
+                $principal->appendChild($doc->createElementNS('DAV:','d:authenticated'));
+                break;
+            case '{DAV:}unauthenticated' :
+                $principal->appendChild($doc->createElementNS('DAV:','d:unauthenticated'));
+                break;
+            case '{DAV:}all' :
+                $principal->appendChild($doc->createElementNS('DAV:','d:all'));
+                break;
+            default:
+                $principal->appendChild($doc->createElementNS('DAV:','d:href',($this->prefixBaseUrl?$server->getBaseUri():'') . $ace['principal'] . '/'));
+        }
+
+        $grant = $doc->createElementNS('DAV:','d:grant');
+        $xace->appendChild($grant);
+
+        $privParts = null;
+
+        preg_match('/^{([^}]*)}(.*)$/',$ace['privilege'],$privParts);
+
+        $xprivilege = $doc->createElementNS('DAV:','d:privilege');
+        $grant->appendChild($xprivilege);
+
+        $xprivilege->appendChild($doc->createElementNS($privParts[1],'d:'.$privParts[2]));
+
+        if (isset($ace['protected']) && $ace['protected'])
+            $xace->appendChild($doc->createElement('d:protected'));
+
+    }
+
+}
diff --git a/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/AclRestrictions.php b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/AclRestrictions.php
new file mode 100644
index 0000000..f9485ef
--- /dev/null
+++ b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/AclRestrictions.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace OldSabre\DAVACL\Property;
+
+use OldSabre\DAV;
+
+/**
+ * AclRestrictions property
+ *
+ * This property represents {DAV:}acl-restrictions, as defined in RFC3744.
+ *
+ * @copyright Copyright (C) 2007-2015 fruux GmbH (https://fruux.com/).
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class AclRestrictions extends DAV\Property {
+
+    /**
+     * Serializes the property into a DOMElement
+     *
+     * @param DAV\Server $server
+     * @param \DOMElement $elem
+     * @return void
+     */
+    public function serialize(DAV\Server $server,\DOMElement $elem) {
+
+        $doc = $elem->ownerDocument;
+
+        $elem->appendChild($doc->createElementNS('DAV:','d:grant-only'));
+        $elem->appendChild($doc->createElementNS('DAV:','d:no-invert'));
+
+    }
+
+}
diff --git a/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/CurrentUserPrivilegeSet.php b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/CurrentUserPrivilegeSet.php
new file mode 100644
index 0000000..e364121
--- /dev/null
+++ b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/CurrentUserPrivilegeSet.php
@@ -0,0 +1,124 @@
+<?php
+
+namespace OldSabre\DAVACL\Property;
+
+use OldSabre\DAV;
+
+/**
+ * CurrentUserPrivilegeSet
+ *
+ * This class represents the current-user-privilege-set property. When
+ * requested, it contain all the privileges a user has on a specific node.
+ *
+ * @copyright Copyright (C) 2007-2015 fruux GmbH (https://fruux.com/).
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class CurrentUserPrivilegeSet extends DAV\Property {
+
+    /**
+     * List of privileges
+     *
+     * @var array
+     */
+    private $privileges;
+
+    /**
+     * Creates the object
+     *
+     * Pass the privileges in clark-notation
+     *
+     * @param array $privileges
+     */
+    public function __construct(array $privileges) {
+
+        $this->privileges = $privileges;
+
+    }
+
+    /**
+     * Serializes the property in the DOM
+     *
+     * @param DAV\Server $server
+     * @param \DOMElement $node
+     * @return void
+     */
+    public function serialize(DAV\Server $server,\DOMElement $node) {
+
+        $doc = $node->ownerDocument;
+        foreach($this->privileges as $privName) {
+
+            $this->serializePriv($doc,$node,$privName);
+
+        }
+
+    }
+
+    /**
+     * Returns true or false, whether the specified principal appears in the
+     * list.
+     *
+     * @return bool
+     */
+    public function has($privilegeName) {
+
+        return in_array($privilegeName, $this->privileges);
+
+    }
+
+    /**
+     * Serializes one privilege
+     *
+     * @param \DOMDocument $doc
+     * @param \DOMElement $node
+     * @param string $privName
+     * @return void
+     */
+    protected function serializePriv($doc,$node,$privName) {
+
+        $xp  = $doc->createElementNS('DAV:','d:privilege');
+        $node->appendChild($xp);
+
+        $privParts = null;
+        preg_match('/^{([^}]*)}(.*)$/',$privName,$privParts);
+
+        $xp->appendChild($doc->createElementNS($privParts[1],'d:'.$privParts[2]));
+
+    }
+
+    /**
+     * Unserializes the {DAV:}current-user-privilege-set element.
+     *
+     * @param DOMElement $node
+     * @return CurrentUserPrivilegeSet
+     */
+    static public function unserialize(\DOMElement $node) {
+
+        $result = array();
+
+        $xprivs = $node->getElementsByTagNameNS('urn:DAV','privilege');
+
+        for($jj=0; $jj<$xprivs->length; $jj++) {
+
+            $xpriv = $xprivs->item($jj);
+
+            $privilegeName = null;
+
+            for ($kk=0;$kk<$xpriv->childNodes->length;$kk++) {
+
+                $childNode = $xpriv->childNodes->item($kk);
+                if ($t = DAV\XMLUtil::toClarkNotation($childNode)) {
+                    $privilegeName = $t;
+                    break;
+                }
+            }
+
+            $result[] = $privilegeName;
+
+        }
+
+        return new self($result);
+
+    }
+
+}
diff --git a/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Principal.php b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Principal.php
new file mode 100644
index 0000000..fbf7c1f
--- /dev/null
+++ b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/Principal.php
@@ -0,0 +1,161 @@
+<?php
+
+namespace OldSabre\DAVACL\Property;
+use OldSabre\DAV;
+
+/**
+ * Principal property
+ *
+ * The principal property represents a principal from RFC3744 (ACL).
+ * The property can be used to specify a principal or pseudo principals.
+ *
+ * @copyright Copyright (C) 2007-2015 fruux GmbH (https://fruux.com/).
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class Principal extends DAV\Property implements DAV\Property\IHref {
+
+    /**
+     * To specify a not-logged-in user, use the UNAUTHENTICATED principal
+     */
+    const UNAUTHENTICATED = 1;
+
+    /**
+     * To specify any principal that is logged in, use AUTHENTICATED
+     */
+    const AUTHENTICATED = 2;
+
+    /**
+     * Specific principals can be specified with the HREF
+     */
+    const HREF = 3;
+
+    /**
+     * Everybody, basically
+     */
+    const ALL = 4;
+
+    /**
+     * Principal-type
+     *
+     * Must be one of the UNAUTHENTICATED, AUTHENTICATED or HREF constants.
+     *
+     * @var int
+     */
+    private $type;
+
+    /**
+     * Url to principal
+     *
+     * This value is only used for the HREF principal type.
+     *
+     * @var string
+     */
+    private $href;
+
+    /**
+     * Creates the property.
+     *
+     * The 'type' argument must be one of the type constants defined in this class.
+     *
+     * 'href' is only required for the HREF type.
+     *
+     * @param int $type
+     * @param string|null $href
+     */
+    public function __construct($type, $href = null) {
+
+        $this->type = $type;
+
+        if ($type===self::HREF && is_null($href)) {
+            throw new DAV\Exception('The href argument must be specified for the HREF principal type.');
+        }
+        $this->href = $href;
+
+    }
+
+    /**
+     * Returns the principal type
+     *
+     * @return int
+     */
+    public function getType() {
+
+        return $this->type;
+
+    }
+
+    /**
+     * Returns the principal uri.
+     *
+     * @return string
+     */
+    public function getHref() {
+
+        return $this->href;
+
+    }
+
+    /**
+     * Serializes the property into a DOMElement.
+     *
+     * @param DAV\Server $server
+     * @param \DOMElement $node
+     * @return void
+     */
+    public function serialize(DAV\Server $server, \DOMElement $node) {
+
+        $prefix = $server->xmlNamespaces['DAV:'];
+        switch($this->type) {
+
+            case self::UNAUTHENTICATED :
+                $node->appendChild(
+                    $node->ownerDocument->createElement($prefix . ':unauthenticated')
+                );
+                break;
+            case self::AUTHENTICATED :
+                $node->appendChild(
+                    $node->ownerDocument->createElement($prefix . ':authenticated')
+                );
+                break;
+            case self::HREF :
+                $href = $node->ownerDocument->createElement($prefix . ':href');
+                $href->nodeValue = $server->getBaseUri() . DAV\URLUtil::encodePath($this->href);
+                $node->appendChild($href);
+                break;
+
+        }
+
+    }
+
+    /**
+     * Deserializes a DOM element into a property object.
+     *
+     * @param \DOMElement $dom
+     * @return Principal
+     */
+    static public function unserialize(\DOMElement $dom) {
+
+        $parent = $dom->firstChild;
+        while(!DAV\XMLUtil::toClarkNotation($parent)) {
+            $parent = $parent->nextSibling;
+        }
+
+        switch(DAV\XMLUtil::toClarkNotation($parent)) {
+
+            case '{DAV:}unauthenticated' :
+                return new self(self::UNAUTHENTICATED);
+            case '{DAV:}authenticated' :
+                return new self(self::AUTHENTICATED);
+            case '{DAV:}href':
+                return new self(self::HREF, $parent->textContent);
+            case '{DAV:}all':
+                return new self(self::ALL);
+            default :
+                throw new DAV\Exception\BadRequest('Unexpected element (' . DAV\XMLUtil::toClarkNotation($parent) . '). Could not deserialize');
+
+        }
+
+    }
+
+}
diff --git a/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/SupportedPrivilegeSet.php b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/SupportedPrivilegeSet.php
new file mode 100644
index 0000000..30d1d06
--- /dev/null
+++ b/calendar/lib/SabreDAV/lib/OldSabre/DAVACL/Property/SupportedPrivilegeSet.php
@@ -0,0 +1,94 @@
+<?php
+
+namespace OldSabre\DAVACL\Property;
+
+use OldSabre\DAV;
+
+/**
+ * SupportedPrivilegeSet property
+ *
+ * This property encodes the {DAV:}supported-privilege-set property, as defined
+ * in rfc3744. Please consult the rfc for details about it's structure.
+ *
+ * This class expects a structure like the one given from
+ * OldSabre\DAVACL\Plugin::getSupportedPrivilegeSet as the argument in its
+ * constructor.
+ *
+ * @copyright Copyright (C) 2007-2015 fruux GmbH (https://fruux.com/).
+ * @author Evert Pot (http://evertpot.com/)
+ * @license http://sabre.io/license/ Modified BSD License
+ */
+class SupportedPrivilegeSet extends DAV\Property {
+
+    /**
+     * privileges
+     *
+     * @var array
+     */
+    private $privileges;
+
+    /**
+     * Constructor
+     *
+     * @param array $privileges
+     */
+    public function __construct(array $privileges) {
+
+        $this->privileges = $privileges;
+
+    }
+
+    /**
+     * Serializes the property into a domdocument.
+     *
+     * @param DAV\Server $server
+     * @param \DOMElement $node
+     * @return void
+     */
+    public function serialize(DAV\Server $server,\DOMElement $node) {
+
+        $doc = $node->ownerDocument;
+        $this->serializePriv($doc, $node, $this->privileges);
+
+    }
+
+    /**
+     * Serializes a property
+     *
+     * This is a recursive function.
+     *
+     * @param \DOMDocument $doc
+     * @param \DOMElement $node
+     * @param array $privilege
+     * @return void
+     */
+    private function serializePriv($doc,$node,$privilege) {
+
+        $xsp = $doc->createElementNS('DAV:','d:supported-privilege');
+        $node->appendChild($xsp);
+
+        $xp  = $doc->createElementNS('DAV:','d:privilege');
+        $xsp->appendChild($xp);
+
+        $privParts = null;
+        preg_match('/^{([^}]*)}(.*)$/',$privilege['privilege'],$privParts);
+
+        $xp->appendChild($doc->createElementNS($privParts[1],'d:'.$privParts[2]));
+
+        if (isset($privilege['abstract']) && $privilege['abstract']) {
+            $xsp->appendChild($doc->createElementNS('DAV:','d:abstract'));
+        }
+
+        if (isset($privilege['description'])) {
+            $xsp->appendChild($doc->createElementNS('DAV:','d:description',$privilege['description']));
+        }
+
+        if (isset($privilege['aggregates'])) {
+            foreach($privilege['aggregates'] as $subPrivilege) {
+                $this->serializePriv($doc,$xsp,$subPrivilege);
+            }
+        }
+
+    }
+
+}