sonar_rexchange 0.3.7

data/lib/rexchange/dav_get_request.rb

@@ -0,0 +1,28 @@
+require 'rexchange/exchange_request'
+
+module RExchange
+  # Used for arbitrary SEARCH requests
+  class DavGetRequest < ExchangeRequest
+    METHOD = 'GET'
+    REQUEST_HAS_BODY = false
+    RESPONSE_HAS_BODY = true
+
+    def self.execute(credentials, url, &b)
+      begin
+        options = {
+                :path => url,
+                :headers => {
+                        'Translate' => 'f'   # Microsoft IIS 5.0 "Translate: f" Source Disclosure Vulnerability (http://www.securityfocus.com/bid/1578)
+                }
+        }
+        response = super credentials, options
+        yield response if b
+        response
+      rescue RException => e
+        raise e
+      rescue Exception => e
+        raise RException.new(options[:request], response, e)
+      end
+    end
+  end
+end

data/lib/rexchange/dav_mkcol_request.rb

@@ -0,0 +1,27 @@
+require 'rexchange/exchange_request'
+
+module RExchange
+  # Used to make a new collection (aka folder).
+  class DavMkcolRequest < ExchangeRequest
+    METHOD = 'MKCOL'
+    REQUEST_HAS_BODY = false
+    RESPONSE_HAS_BODY = false
+    
+    def self.execute(credentials, folder_url, &b)
+      begin
+        options = {
+          :path => folder_url
+        }
+        
+        response = super credentials, options
+        yield response if b
+        response
+      rescue RException => e
+        raise e
+      rescue Exception => e
+        raise RException.new(options[:request], response, e)
+      end
+    end
+  end
+
+end

data/lib/rexchange/dav_move_request.rb

@@ -0,0 +1,30 @@
+require 'rexchange/exchange_request'
+
+module RExchange
+  # Used to move entities to different locations in the accessable mailbox.
+  class DavMoveRequest < ExchangeRequest
+    METHOD = 'MOVE'
+    REQUEST_HAS_BODY = false
+    RESPONSE_HAS_BODY = false
+
+    def self.execute(credentials, source, destination, &b)
+      begin
+        options = {
+                :headers => {
+                        'Destination' => destination
+                },
+                :path => source
+        }
+
+        response = super credentials, options
+        yield response if b
+        response
+      rescue RException => e
+        raise e
+      rescue Exception => e
+        raise RException.new(options[:request], response, e)
+      end
+    end
+  end
+
+end

data/lib/rexchange/dav_proppatch_request.rb

@@ -0,0 +1,49 @@
+require 'rexchange/exchange_request'
+
+module RExchange
+  # Used to move entities to different locations in the accessable mailbox.
+  class DavProppatchRequest < ExchangeRequest
+    METHOD = 'PROPPATCH'
+
+
+    def self.request_body(property, name_space, value)
+      <<-eos
+    <D:propertyupdate xmlns:D = "DAV:">
+       <D:set>
+          <D:prop>
+            <X:#{property} xmlns:X = "#{name_space}:">#{value}</X:read>
+          </D:prop>
+       </D:set>
+    </D:propertyupdate>
+      eos
+    end
+
+    def self.execute(credentials, uri, property, name_space, value, &b)
+      begin
+        options = {}
+        options[:path] = uri
+        headers = options[:headers] ||= {}
+        headers['Cookie'] = credentials.auth_cookie if credentials.auth_cookie
+        options[:body] = request_body(property, name_space, value)
+
+        response = self.exchange_request(credentials, options)
+        case response
+        when Net::HTTPClientError then
+          self.authenticate(credentials)
+          #repeat exchange_request after authentication with the auth-cookies
+          headers = options[:headers] ||= {}
+          headers['Cookie'] = credentials.auth_cookie if credentials.auth_cookie
+          response = self.exchange_request(credentials, options)
+        end
+        yield response if b
+        response
+      rescue RException => e
+        raise e
+      rescue Exception => e
+        raise RException.new(options[:request], response, e)
+      end
+    end
+
+  end
+
+end

data/lib/rexchange/dav_search_request.rb

@@ -0,0 +1,8 @@
+require 'rexchange/exchange_request'
+
+module RExchange
+  # Used for arbitrary SEARCH requests
+  class DavSearchRequest < ExchangeRequest
+    METHOD = 'SEARCH'
+  end
+end

data/lib/rexchange/exchange_request.rb

@@ -0,0 +1,86 @@
+require 'net/https'
+
+module RExchange
+
+  # Exchange Server's WebDAV interface is non-standard, so
+  # we create this simple wrapper to extend the 'net/http'
+  # library and add the request methods we need.
+  class ExchangeRequest < Net::HTTPRequest
+    REQUEST_HAS_BODY = true
+    RESPONSE_HAS_BODY = true
+
+    def self.authenticate(credentials)
+      owa_uri = credentials.owa_uri
+      if owa_uri
+        http = Net::HTTP.new(owa_uri.host, owa_uri.port)
+        http.set_debug_output(RExchange::DEBUG_STREAM) if RExchange::DEBUG_STREAM
+        req = Net::HTTP::Post.new(owa_uri.path)
+        destination = owa_uri.scheme+"://"+owa_uri.host+(owa_uri.port ? ':'+owa_uri.port.to_s : '')
+        req.body = "destination=#{destination}&username=#{credentials.user}&password=#{credentials.password}"
+        http.use_ssl = owa_uri.scheme ? (owa_uri.scheme.downcase == 'https') : false
+        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        res = http.request(req)
+        credentials.auth_cookie = res.header["set-cookie"].split(',').map(&:strip).map{|c| c.split(';')[0]}.reverse.join('; ') if res.header["set-cookie"]
+      end
+    end
+
+    def self.exchange_request(credentials, options = {})
+      http = Net::HTTP.new(credentials.dav_uri.host, credentials.dav_uri.port)
+      http.set_debug_output(RExchange::DEBUG_STREAM) if RExchange::DEBUG_STREAM
+      request_path = options[:path] || credentials.dav_uri.path
+      req = self.new(request_path)
+      options[:request] = req
+      req.basic_auth credentials.user, credentials.password #if !credentials.is_owa?
+      req.content_type = 'text/xml'
+      req.add_field 'host', credentials.dav_uri.host
+
+      if options[:headers]
+        options[:headers].each_pair do |k, v|
+          req.add_field k, v
+        end
+      end
+
+      req.body = options[:body] if REQUEST_HAS_BODY
+      http.use_ssl = credentials.dav_use_ssl?
+      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      response = http.request(req) if RESPONSE_HAS_BODY
+
+    end
+
+    def self.execute(credentials, options = {}, &b)
+      begin
+        headers = options[:headers] ||= {}
+        headers['Cookie'] = credentials.auth_cookie if credentials.auth_cookie
+        response = self.exchange_request(credentials, options)
+        case response
+        when Net::HTTPClientError then
+          self.authenticate(credentials)
+          #repeat exchange_request after authentication with the auth-cookies
+          headers = options[:headers] ||= {}
+          headers['Cookie'] = credentials.auth_cookie if credentials.auth_cookie
+          response = self.exchange_request(credentials, options)
+        end
+
+        raise 'NOT 2xx NOR 3xx: ' + response.inspect.to_s unless (Net::HTTPSuccess === response || Net::HTTPRedirection === response)
+        
+        yield response if b
+        response
+      rescue RException => e
+        raise e
+      rescue Exception => e
+        #puts e.backtrace.map{|e| e.to_s}.join("\n")
+        raise RException.new(options[:request], response, e)
+      end
+
+    end
+
+    private
+    # You can not instantiate an ExchangeRequest externally.
+    def initialize(*args)
+      super
+    end
+  end
+end
+
+
+

data/lib/rexchange/folder.rb

@@ -0,0 +1,108 @@
+require 'rexml/document'
+require 'net/https'
+require 'rexchange/dav_search_request'
+require 'rexchange/dav_mkcol_request'
+require 'rexchange/message'
+require 'rexchange/contact'
+require 'rexchange/appointment'
+require 'rexchange/note'
+require 'rexchange/task'
+require 'rexchange/message_href'
+require 'uri'
+
+module RExchange
+
+  class FolderNotFoundError < StandardError
+  end
+
+  class Folder
+    include REXML
+
+    attr_reader :credentials, :displayname
+
+    def initialize(credentials, parent, displayname, href, content_type)
+      @credentials, @parent, @href = credentials, parent, href
+      @content_type = CONTENT_TYPES[content_type] || Message
+      @displayname = displayname
+    end
+
+    # Used to access subfolders.
+    def method_missing(sym, *args)
+
+      if folders_hash.has_key?(sym.to_s)
+        folders_hash[sym.to_s]
+      else
+        puts folders_hash.keys.inspect
+        puts sym.to_s
+        raise FolderNotFoundError.new("#{sym} is not a subfolder of #{@displayname} - #{@href}")
+      end
+    end
+
+    include Enumerable
+
+    def message_hrefs(href_regex)
+      RExchange::MessageHref::find_message_hrefs(href_regex, @credentials, to_s)
+    end
+
+    # Iterate through each entry in this folder
+    def each
+      @content_type::find(@credentials, to_s).each do |item|
+        yield item
+      end
+    end
+
+    # Not Implemented!
+    def search(conditions = {})
+      raise NotImplementedError.new('Bad Touch!')
+      @content_type::find(@credentials, to_s, conditions)
+    end
+
+    # Return an Array of subfolders for this folder
+    def folders
+      @folders ||=
+              begin
+                request_body = <<-eos
+          <D:searchrequest xmlns:D = "DAV:">
+             <D:sql>
+             SELECT "DAV:displayname", "DAV:contentclass"
+             FROM SCOPE('shallow traversal of "#{@href}"')
+             WHERE "DAV:ishidden" = false
+                         AND "DAV:isfolder" = true
+             </D:sql>
+          </D:searchrequest>
+                eos
+                folders = []
+                DavSearchRequest.execute(@credentials, :body => request_body) do |response|
+
+
+                  # iterate through folders query and add a new Folder
+                  # object for each, under a normalized name.
+                  xpath_query = "/*/a:response[a:propstat/a:status/text() = 'HTTP/1.1 200 OK']"
+                  Document.new(response.body).elements.each(xpath_query) do |m|
+                    href = m.elements['a:href'].text
+                    displayname = m.elements['a:propstat/a:prop/a:displayname'].text
+                    contentclass = m.elements['a:propstat/a:prop/a:contentclass'].text
+                    folders << Folder.new(@credentials, self, displayname, href, contentclass.split(':').last.sub(/folder$/, ''))
+                  end
+
+                end
+                folders
+              end
+
+    end
+
+    def folders_hash
+      @folders_hash ||= folders.inject({}){|memo, f| memo[f.displayname.normalize]=f; memo}
+    end
+    
+    def make_subfolder(subfolder)
+      path = @href.ensure_ends_with("/") + subfolder.ensure_ends_with("/")
+      DavMkcolRequest.execute(@credentials, path)
+    end
+    
+    # Return the absolute path to this folder (but not the full URI)
+    def to_s
+      @href
+    end
+  end
+end

data/lib/rexchange/generic_item.rb

@@ -0,0 +1,124 @@
+require 'rexml/document'
+require 'ostruct'
+require 'rexchange/dav_move_request'
+require 'rexchange/dav_get_request'
+require 'time'
+
+module RExchange
+
+  class Folder
+    CONTENT_TYPES = {}
+  end
+
+  class GenericItem
+    include REXML
+    include Enumerable
+
+    attr_accessor :attributes
+
+    def initialize(session, dav_property_node)
+      @attributes = {}
+      @session = session
+
+      dav_property_node.elements.each do |element|
+        namespaced_name = element.namespace + element.name
+
+        if element.name =~ /date$/i || self.class::ATTRIBUTE_MAPPINGS.find { |k, v| v == namespaced_name && k.to_s =~ /\_(at|on)$/ }
+          @attributes[namespaced_name] = Time::parse(element.text) rescue element.text
+        else
+          @attributes[namespaced_name] = element.text
+        end
+      end
+    end
+
+    # Set the default CONTENT_CLASS to the class name, and define a
+    # dynamic query method for the derived class.
+    def self.inherited(base)
+      base.const_set('CONTENT_CLASS', base.to_s.split('::').last.downcase)
+
+      def base.query(path)
+        <<-QBODY
+          SELECT
+            #{self::ATTRIBUTE_MAPPINGS.values.map { |f| '"' + f + '"' }.join(',')}
+          FROM SCOPE('shallow traversal of "#{path}"')
+          WHERE "DAV:ishidden" = false
+            AND "DAV:isfolder" = false
+            AND "DAV:contentclass" = 'urn:content-classes:#{self::CONTENT_CLASS}'
+        QBODY
+      end
+    end
+
+    # This handy method is meant to be called from any inheriting
+    # classes. It is used to bind types of folders to particular
+    # Entity classes so that the folder knows what type it's
+    # enumerating. So for a "calendarfolder" you'd call:
+    #   set_folder_type 'calendarfolder' # or just 'calendar'
+    def self.set_folder_type(dav_name)
+      Folder::CONTENT_TYPES[dav_name.sub(/folder$/, '')] = self
+    end
+
+    # --Normally Not Used--
+    # By default the CONTENT_CLASS is determined by the name
+    # of your class. So for the Appointment class the
+    # CONTENT_CLASS would be 'appointment'.
+    # If for some reason this convention doesn't suit you,
+    # you can use this method to set the appropriate value
+    # (which is used in queries).
+    # For example, the DAV:content-class for contacts is:
+    #   'urn:content-classes:person'
+    # Person doesn't strike me as the best name for our class though.
+    # Most people would refer to an entry in a Contacts folder as
+    # a Contact. So that's what we call our class, and we use this method
+    # to make sure everything still works as it should.
+    def self.set_content_class(dav_name)
+      verbosity, $VERBOSE = $VERBOSE, nil # disable warnings for the next operation
+      const_set('CONTENT_CLASS', dav_name)
+      $VERBOSE = verbosity # revert to the original verbosity
+    end
+
+    # Defines what attributes are used in queries, and
+    # what methods they map to in instances. You should
+    # pass a Hash of method_name symbols and namespaced-attribute-name pairs.
+    def self.attribute_mappings(mappings)
+
+      mappings.merge! :uid => 'DAV:uid',
+              :modified_at => 'DAV:getlastmodified',
+              :href => 'DAV:href'
+
+      const_set('ATTRIBUTE_MAPPINGS', mappings)
+
+      mappings.each_pair do |k, v|
+
+        define_method(k) do
+          @attributes[v]
+        end
+
+        define_method("#{k.to_s.sub(/\?$/, '')}=") do |value|
+          @attributes[v] = value
+        end
+
+      end
+    end
+
+    # Retrieve an Array of items (such as Contact, Message, etc)
+    def self.find(credentials, path, conditions = nil)
+      qbody = <<-QBODY
+  			<D:searchrequest xmlns:D = "DAV:">
+  				 <D:sql>
+           #{conditions.nil? ? query(path) : search(path, conditions)}
+           </D:sql>
+        </D:searchrequest>
+      QBODY
+      items = []
+      DavSearchRequest.execute(credentials, :body => qbody) do |response|
+
+        xpath_query = "//a:propstat[a:status/text() = 'HTTP/1.1 200 OK']/a:prop"
+
+        Document.new(response.body).elements.each(xpath_query) do |m|
+          items << self.new(credentials, m)
+        end
+      end
+      items
+    end
+  end
+end