dav4rack_ext 0.0.2

data/lib/dav4rack_ext/carddav/resources/contact_resource.rb

@@ -0,0 +1,132 @@
+require 'vcard_parser'
+
+module DAV4Rack
+  module Carddav
+    
+    class ContactResource < Resource
+      
+      define_properties('DAV:') do
+        property('getetag') do
+          @contact.etag
+        end
+        
+        property('creationdate') do
+          @contact.created_at
+        end
+
+        property('getcontentlength') do
+          @contact.vcard.to_s.size
+        end
+
+        property('getcontenttype') do
+          "text/vcard"
+        end
+
+        property('getlastmodified') do
+          @contact.updated_at
+        end
+      end
+      
+      define_properties(CARDAV_NS) do
+        explicit do
+          property('address-data') do |el|
+            
+            fields = el[:children].select{|e| e[:name] == 'prop' }.map{|e| e[:attributes]['name'] }
+            data = @contact.vcard.to_s(fields)
+                      
+            <<-EOS
+            <C:address-data xmlns:C="#{CARDAV_NS}">
+              <![CDATA[#{data}]]>
+            </C:address-data>
+            EOS
+          end
+        end
+      end
+      
+      
+
+      def collection?
+        false
+      end
+
+      def exist?
+        Logger.info "ContactR::exist?(#{public_path});"
+        @contact != nil
+      end
+      
+      def setup
+        super
+        
+        @address_book = @options[:_parent_] || current_user.current_addressbook()
+        @contact = @options[:_object_] || current_user.current_contact()
+        
+      end
+
+      def put(request, response)
+        b = request.body.read
+
+        # Ensure we only have one vcard per request
+        # Section 5.1:
+        # Address object resources contained in address book collections MUST
+        # contain a single vCard component only.
+        vcards = VCardParser::VCard.parse(b)
+        raise BadRequest if vcards.size != 1
+        vcf = vcards[0]
+
+        uid = vcf['UID'].value
+
+        # [6.3.2] Check for If-None-Match: *
+        # If set, client does want to create a new contact only, raise an error
+        # if contact already exists
+        want_new_contact = (request.env['HTTP_IF_NONE_MATCH'] == '*')
+        
+        @contact = @address_book.find_contact(uid)
+
+        # If the client has explicitly stated they want a new contact
+        raise Conflict if (want_new_contact and @contact)
+        
+        if @contact
+          Logger.debug("Updating contact #{uid} (#{@contact.object_id})")
+        else
+          Logger.debug("Creating new contact ! (#{uid})")
+          @contact = @address_book.create_contact(uid)
+        end
+
+        @contact.update_from_vcard(vcf)
+
+        if @contact.save
+          @public_path = File.join(@address_book.path, @contact.uid)
+          response['ETag'] = @contact.etag
+          Created
+        else
+          # Is another error more appropriate?
+          raise Conflict
+        end
+      end
+
+      def parent
+        @address_book
+      end
+      
+      def parent_exists?
+        @address_book != nil
+      end
+      
+      def parent_collection?
+        true
+      end
+      
+      def get(request, response)
+        response.headers['Etag'] = @contact.etag
+        response.body = @contact.vcard.vcard
+      end
+
+      def delete
+        @contact.destroy
+        NoContent
+      end
+
+    end
+    
+  end
+end

data/lib/dav4rack_ext/carddav/resources/principal_resource.rb

@@ -0,0 +1,132 @@
+module DAV4Rack
+  module Carddav
+    
+    class PrincipalResource < Resource
+      
+      def exist?
+        ret = (path == '') || (path == '/')
+        return ret
+      end
+
+      def collection?
+        return true
+      end
+      
+      
+      define_properties('DAV:') do
+        property('alternate-URI-set') do
+          # "<D:alternate-URI-set xmlns:D='DAV:' />"
+        end
+        
+        property('group-membership') do
+          # "<D:group-membership xmlns:D='DAV:' />"
+        end
+        
+        property('group-membership-set') do
+          # "<D:group-membership-set xmlns:D='DAV:' />"
+        end
+        
+        # iOS 6.0 expect "/
+        # UA: iOS/6.0 (10A403) Preferences/1.0
+        property('principal-URL') do
+          <<-EOS
+            <D:principal-URL xmlns:D='DAV:'>
+              <D:href>#{principal_uri}</D:href>
+            </D:principal-URL>
+          EOS
+        end
+        
+        # This violates the spec that requires an HTTP or HTTPS URL.  Unfortunately,
+        # Apple's AddressBook.app treats everything as a pathname.  Also, the model
+        # shouldn't need to know about the URL scheme and such.
+        # iOS 6.0 expect /
+        property('current-user-principal') do
+          <<-EOS
+            <D:current-user-principal xmlns:D='DAV:'>
+              <D:href>#{root_uri_path}</D:href>
+            </D:current-user-principal>
+          EOS
+        end
+        
+        property('acl') do
+          <<-EOS
+            <D:acl xmlns:D='DAV:'>
+              <D:ace>
+                <D:principal>
+                  <D:href>#{root_uri_path}</D:href>
+                </D:principal>
+                <D:protected/>
+                <D:grant>
+                  #{get_privileges_aggregate}
+                </D:grant>
+              </D:ace>
+            </D:acl>
+          EOS
+        end
+        
+        property('acl-restrictions') do
+          <<-EOS
+            <D:acl-restrictions xmlns:D='DAV:'>
+              <D:grant-only/><D:no-invert/>
+            </D:acl-restrictions>
+          EOS
+        end
+
+        
+        property('resourcetype') do
+          <<-EOS
+            <resourcetype>
+              <D:collection />
+              <D:principal />
+            </resourcetype>
+          EOS
+        end
+        
+        property('displayname') do
+          "User Principal Resource"
+        end
+        
+        property('creationdate') do
+          current_user.created_at
+        end
+        
+        property('getlastmodified') do
+          current_user.updated_at
+        end
+      end
+      
+      define_properties(CARDAV_NS) do
+        explicit do
+          property('addressbook-home-set') do
+            <<-EOS
+              <C:addressbook-home-set xmlns:C='#{CARDAV_NS}'>
+                <D:href xmlns:D='DAV:'>#{books_collection_url}</D:href>
+              </C:addressbook-home-set>
+            EOS
+          end
+          
+          # TODO: should return the user's card url
+          # (ex: /users/schmurfy.vcf ) (RFC 7.1.2)
+          property('principal-address') do
+            ""
+          end
+
+        end
+      end
+    
+    private
+      def principal_uri
+        if user_agent.start_with?("iOS/6.0")
+          '/'
+        else
+          root_uri_path
+        end
+      end
+      
+      def books_collection_url
+        File.join(root_uri_path, options[:books_collection])
+      end
+
+    end
+  end
+end

data/lib/dav4rack_ext/carddav.rb

@@ -0,0 +1,13 @@
+require 'dav4rack'
+
+require_relative 'handler'
+require_relative 'helpers/properties'
+
+require_relative 'carddav/controller'
+require_relative 'carddav/resource'
+require_relative 'carddav/resources/principal_resource'
+require_relative 'carddav/resources/addressbook_collection_resource'
+require_relative 'carddav/resources/addressbook_resource'
+require_relative 'carddav/resources/contact_resource'
+
+require_relative 'carddav/app'

data/lib/dav4rack_ext/handler.rb

@@ -0,0 +1,51 @@
+require 'dav4rack/http_status'
+
+module DAV4RackExt
+  
+  class Handler
+    # include DAV4Rack::HTTPStatus
+    
+    def initialize(options= {})
+      @options = options.dup
+      @logger = options.delete(:logger)
+    end
+
+    def call(env)
+      begin
+        request = Rack::Request.new(env)
+        response = Rack::Response.new
+        
+        controller = nil
+        begin
+          
+          controller_class = @options[:controller_class] || DAV4Rack::Controller
+          controller = controller_class.new(request, response, @options.dup, env)
+          res = controller.send(request.request_method.downcase)
+          response.status = res.code if res.respond_to?(:code)
+          
+        rescue DAV4Rack::HTTPStatus::Status => status
+          response.status = status.code
+        end
+        
+        response['Content-Length'] = response.body.to_s.bytesize unless response['Content-Length'] || !response.body.is_a?(String)
+        response.body = [response.body] unless response.body.respond_to? :each
+        response.status = response.status ? response.status.to_i : 200
+        response.headers.keys.each do |k|
+          response.headers[k] = response[k].to_s
+        end
+        
+        while request.body.read(8192)
+          # Apache wants the body dealt with, so just read it and junk it
+        end
+        
+        response.finish
+      rescue Exception => e
+        @logger.error "DAV Error: #{e}\n#{e.backtrace.join("\n")}"
+        raise e
+      end
+    end
+    
+  end
+
+end
+

data/lib/dav4rack_ext/helpers/properties.rb

@@ -0,0 +1,55 @@
+    module Helpers
+      module Properties
+        class MethodMissingRedirector
+          def initialize(*methods, &block)
+            @block = block
+            @methods = methods
+          end
+          
+          def method_missing(name, *args, &block)
+            if @methods.empty? || @methods.include?(name)
+              @block.call(name, *args, &block)
+            end
+          end
+        end
+        
+        def self.extended(klass)
+          class << klass
+            include MetaClassMethods
+          end
+        end
+        
+        # inheritable accessor
+        module MetaClassMethods
+          def define_property(namespace, name, explicit = false, &block)
+            _properties["#{namespace}*#{name}"] = [block, explicit]
+          end
+          
+          def properties
+            inherited = superclass.respond_to?(:properties) ? superclass.properties : {}
+            inherited.merge(_properties)
+          end
+          
+          def _properties
+            @properties ||= {}
+          end
+        end
+        
+        def define_properties(namespace, &block)
+          explicit = false
+          obj = MethodMissingRedirector.new(:property, :explicit) do |method_name, name, &block|
+            if method_name == :property
+              define_property(namespace, name.to_s, explicit, &block)
+            elsif method_name == :explicit
+              explicit = true
+              block.call
+            else
+              raise NoMethodError, method_name
+            end
+          end
+          
+          obj.instance_eval(&block)
+        end
+        
+      end
+    end

data/lib/dav4rack_ext/version.rb

@@ -0,0 +1,3 @@
+module Dav4rackExt
+  VERSION = "0.0.2"
+end

data/lib/dav4rack_ext.rb

@@ -0,0 +1,4 @@
+require_relative 'dav4rack_ext/version'
+
+require_relative 'dav4rack_ext/carddav'
+# require_relative 'dav4rack_ext/calddav'

data/specs/factories.rb

@@ -0,0 +1,20 @@
+FactoryGirl.define do
+  
+  factory(:contact, :class => Testing::Contact) do
+    created_at Time.now
+    updated_at Time.now
+  end
+    
+  factory(:user, :class => Testing::User) do
+    created_at Time.now
+    updated_at Time.now
+    
+    initialize_with { new(env) }
+  end
+  
+  factory(:book, :class => Testing::AddressBook) do
+    created_at Time.now
+    updated_at Time.now
+  end
+  
+end

data/specs/rfc/rfc3744_spec.rb

@@ -0,0 +1,62 @@
+require File.expand_path('../../spec_helper', __FILE__)
+
+describe 'RFC 3744: WebDav Access Control Protocol' do
+  before do
+    @dav_ns = "DAV:"
+    
+    @user = user = stub('User', username: 'john')
+    
+    @root_path = root_path = '/'
+    
+    app = Rack::Builder.new do
+      # use XMLSniffer
+      run DAV4Rack::Carddav.app(root_path, current_user: user)
+    end
+    
+    serve_app(app)
+  end
+  
+  describe '[4] Principal Properties' do
+    it '[4.2] DAV:principal-URL' do
+      response = propfind(@root_path, [
+          ['principal-URL', @dav_ns]
+        ])
+      
+      ensure_element_exists(response, %{D|prop > D|principal-URL > D|href[text()="#{@root_path}"]})
+    end
+  end
+  
+  describe '[5] Access Control Properties' do
+    
+    describe '[5.5] DAV::ACL Element' do
+      it '[5.5.1] ACE Principal' do
+        response = propfind(@root_path, [
+            ['acl', @dav_ns]
+          ])
+        
+        # check that there is one principal which is the root
+        ensure_element_exists(response, %{D|prop > D|acl > D|ace D|principal D|href[text()="#{@root_path}"]})
+      end
+      
+    end
+    
+    it '[5.1]  DAV:owner' do
+      response = propfind(@root_path, [
+          ['owner', @dav_ns]
+        ])
+      
+      ensure_element_exists(response, %{D|prop > D|owner > D|href[text()="#{@root_path}"]})
+    end
+    
+    it '5.2]  DAV:group' do
+      response = propfind(@root_path, [
+          ['group', @dav_ns]
+        ])
+      
+      elements = ensure_element_exists(response, %{D|prop > D|group})
+      elements[0].text.should == ""
+    end
+    
+  end
+  
+end