tilia-dav 3.1.0.pre.alpha6 → 3.1.1

data/lib/tilia/dav/auth/backend/sequel.rb

@@ -4,15 +4,6 @@ module Tilia
       module Backend
         # This is an authentication backend that uses a database to manage passwords.
         class Sequel < AbstractDigest
-          protected
-
-          # Reference to PDO connection
-          #
-          # @var PDO
-          attr_accessor :pdo
-
-          public
-
           # PDO table name we'll be using
           #
           # @var string
@@ -26,6 +17,8 @@ module Tilia
           def initialize(sequel)
             @sequel = sequel
             @table_name = 'users'
+
+            super()
           end
 
           # Returns the digest hash for a user.

data/lib/tilia/dav/client.rb

@@ -118,6 +118,8 @@ module Tilia
           add_curl_setting(:encoding, encodings.join(','))
         end
 
+        add_curl_setting(:useragent, "tilia-dav/#{Version::VERSION} (http://sabre.io/)")
+
         @xml = Xml::Service.new
         # BC
         @property_map = @xml.element_map
@@ -181,7 +183,7 @@ module Tilia
 
         response = send_request(request)
 
-        fail Exception, "HTTP error: #{response.status}" if response.status.to_i >= 400
+        fail Http::ClientHttpException.new(response) if response.status.to_i >= 400
 
         result = parse_multi_status(response.body_as_string)
 
@@ -207,7 +209,7 @@ module Tilia
       #
       # @param string url
       # @param array properties
-      # @return void
+      # @return bool
       def prop_patch(url, properties)
         prop_patch = Xml::Request::PropPatch.new
         prop_patch.properties = properties
@@ -220,7 +222,31 @@ module Tilia
           { 'Content-Type' => 'application/xml' },
           xml
         )
-        send_request(request)
+
+        response = send_request(request)
+
+        fail Http::ClientHttpException.new(response) if response.status.to_i >= 400
+
+        if response.status == 207.to_i
+          # If it's a 207, the request could still have failed, but the
+          # information is hidden in the response body.
+          result = parse_multi_status(response.body_as_string)
+
+          error_properties = []
+          result.each do |href, status_list|
+            status_list.each do |status, properties|
+              next unless status.to_i >= 400
+
+              properties.each do |prop_name, prop_value|
+                error_properties << "#{prop_name} (#{status})"
+              end
+            end
+          end
+
+          fail Http::ClientException, "ROPPATCH failed. The following properties errored: #{error_properties.join(', ')}" if error_properties.any?
+        end
+
+        true
       end
 
       # Performs an HTTP options request

data/lib/tilia/dav/core_plugin.rb

@@ -589,13 +589,12 @@ module Tilia
 
         copy_info = @server.copy_and_move_info(request)
 
+        return false unless @server.emit('beforeBind', [copy_info['destination']])
         if copy_info['destinationExists']
           return false unless @server.emit('beforeUnbind', [copy_info['destination']])
           @server.tree.delete(copy_info['destination'])
         end
 
-        return false unless @server.emit('beforeBind', [copy_info['destination']])
-
         @server.tree.copy(path, copy_info['destination'])
 
         @server.emit('afterBind', [copy_info['destination']])

data/lib/tilia/dav/server.rb

@@ -327,11 +327,18 @@ module Tilia
 
         if emit("method:#{method}", [request, response])
           if emit('method', [request, response])
-            # Unsupported method
-            fail Exception::NotImplemented, "'There was no handler found for this \"#{method}\" method"
+            ex_message = "There was no plugin in the system that was willing to handle this #{method} method."
+            if method == "GET"
+              ex_message += " Enable the Browser plugin to get a better result here."
+            end
+
+             # Unsupported method
+            fail Exception::NotImplemented, ex_message
           end
         end
 
+        fail Exception, 'No subsystem set a valid HTTP status code. Something must have interrupted the request without providing further detail.' unless response.status
+
         return nil unless emit("afterMethod:#{method}", [request, response])
         return nil unless emit('afterMethod', [request, response])
 
@@ -381,7 +388,12 @@ module Tilia
         calculate_uri(@http_request.url)
       end
 
-      # Calculates the uri for a request, making sure that the base uri is stripped out
+      # Turns a URI such as the REQUEST_URI into a local path.
+      #
+      # This method:
+      #   * strips off the base path
+      #   * normalizes the path
+      #   * uri-decodes the path
       #
       # @param string uri
       # @throws Exception\Forbidden A permission denied exception is thrown whenever there was an attempt to supply a uri outside of the base uri
@@ -677,7 +689,7 @@ module Tilia
           sub_prop_find = prop_find.clone
           sub_prop_find.depth = new_depth
 
-          if path != ''
+          if path.present?
             sub_path = path + '/' + child_node.name
           else
             sub_path = child_node.name

data/lib/tilia/dav/temporary_file_filter_plugin.rb

@@ -107,6 +107,9 @@ module Tilia
       #
       # @param string uri
       # @param resource data
+      # @param DAV\ICollection _parent_node
+      # @param bool _modified Should be set to true, if this event handler
+      #                       changed &data.
       # @return bool
       def before_create_file(uri, data, _parent, _modified)
         temp_path = temp_file?(uri)

data/lib/tilia/dav/tree.rb

@@ -49,7 +49,7 @@ module Tilia
           # Otherwise, we recursively grab the parent and ask him/her.
           parent = node_for_path(parent_name)
 
-          unless parent.is_a? ICollection
+          unless parent.is_a?(ICollection)
             fail Exception::NotFound, "Could not find node at path: #{path}"
           end
 
@@ -145,10 +145,11 @@ module Tilia
       def children(path)
         node = node_for_path(path)
         children = node.children
-        basePath = path.gsub(/^\/+|\/+$/, '') + '/'
+        base_path = path.gsub(/^\/+|\/+$/, '')
+        base_path += '/' unless base_path.blank?
 
         children.each do |child|
-          cache[basePath + child.name] = child
+          cache[base_path + child.name] = child
         end
 
         children

data/lib/tilia/dav/version.rb

@@ -3,7 +3,7 @@ module Tilia
     # This class contains the SabreDAV version constants.
     class Version
       # Full version number
-      VERSION = '3.1.0-alpha6'
+      VERSION = '3.1.1'.freeze
     end
   end
 end

data/lib/tilia/dav/xml/element/response.rb

@@ -81,7 +81,9 @@ module Tilia
             if @http_status
               writer.write_element('{DAV:}status', "HTTP/1.1 #{@http_status} #{Tilia::Http::Response.status_codes[@http_status]}")
             end
-            writer.write_element('{DAV:}href', writer.context_uri + href)
+            writer.write_element('{DAV:}href', writer.context_uri + Http::encode_path(href))
+
+            empty = true
 
             @response_properties.each do |status, properties|
               # Skipping empty lists
@@ -90,11 +92,27 @@ module Tilia
               next if properties.blank?
               next if status.to_i.to_s != status.to_s
 
+              empty = false
+
               writer.start_element('{DAV:}propstat')
               writer.write_element('{DAV:}prop', properties)
               writer.write_element('{DAV:}status', "HTTP/1.1 #{status} #{Tilia::Http::Response.status_codes[status]}")
               writer.end_element # {DAV:}propstat
             end
+
+            if empty
+              # The WebDAV spec _requires_ at least one DAV:propstat to appear for
+              # every DAV:response. In some circumstances however, there are no
+              # properties to encode.
+              #
+              # In those cases we MUST specify at least one DAV:propstat anyway, with
+              # no properties.
+              writer.write_element(
+                '{DAV:}propstat',
+                '{DAV:}prop'   => [],
+                '{DAV:}status' => "HTTP/1.1 418 #{Http::Response.status_codes[418]}"
+              )
+            end
           end
 
           # The deserialize method is called during xml parsing.
@@ -173,7 +191,7 @@ module Tilia
                 status = elem['value']['{DAV:}status']
                 status = status.split(' ')[1]
                 properties = elem['value'].key?('{DAV:}prop') ? elem['value']['{DAV:}prop'] : []
-                property_lists[status] = properties
+                property_lists[status] = properties if properties.any?
               when '{DAV:}status'
                 status_code = elem['value'].split(' ')[1]
               end

data/lib/tilia/dav_acl/principal_backend/sequel.rb

@@ -198,22 +198,26 @@ module Tilia
         # @param array search_properties
         # @param string test
         # @return array
-        def search_principals(prefix_path, search_properties, _test = 'allof')
-          query = "SELECT uri FROM #{@table_name} WHERE 1=1 "
+        def search_principals(prefix_path, search_properties, test = 'allof')
+          return [] if search_properties.empty? # No criteria
+
+          query = "SELECT uri FROM #{@table_name} WHERE "
           values = []
 
           search_properties.each do |property, value|
             case property
             when '{DAV:}displayname'
-              query << ' AND displayname LIKE ?'
-              values << "%#{value}%"
+              column = 'displayname'
             when '{http://sabredav.org/ns}email-address'
-              query << ' AND email LIKE ?'
-              values << "%#{value}%"
+              column = 'email'
             else
               # Unsupported property
               return []
             end
+
+            query += test == 'anyof' ? ' OR ' : ' AND ' if values.any?
+            query += "lower(#{column}) LIKE lower(?)"
+            values << "%#{value}%"
           end
 
           principals = []
@@ -228,6 +232,46 @@ module Tilia
           principals
         end
 
+        # Finds a principal by its URI.
+        #
+        # This method may receive any type of uri, but mailto: addresses will be
+        # the most common.
+        #
+        # Implementation of this API is optional. It is currently used by the
+        # CalDAV system to find principals based on their email addresses. If this
+        # API is not implemented, some features may not work correctly.
+        #
+        # This method must return a relative principal path, or null, if the
+        # principal was not found or you refuse to find it.
+        #
+        # @param string uri
+        # @param string principal_prefix
+        # @return string, nil
+        def find_by_uri(uri, principal_prefix)
+          value = nil
+          scheme = nil
+          (scheme, value) = uri.split(":", 2)
+          return nil unless value
+
+          uri = nil
+          case scheme
+          when "mailto"
+            @sequel.fetch("SELECT uri FROM #{@table_name} WHERE lower(email)=lower(?)", [value]) do |row|
+              # Checking if the principal is in the prefix
+              row_prefix = Http::UrlUtil.split_path(row[:uri]).first
+              next unless row_prefix == principal_prefix
+
+              uri = row[:uri]
+              break # Stop on first match
+            end
+          else
+            #unsupported uri scheme
+            return nil
+          end
+
+          uri
+        end
+
         # Returns the list of members for a group-principal
         #
         # @param string principal

data/test/cal_dav/ics_export_plugin_test.rb

@@ -8,6 +8,7 @@ module Tilia
         server = Dav::ServerMock.new
         server.add_plugin(plugin)
         assert_equal(plugin, server.plugin('ics-export'))
+        assert_equal('ics-export', plugin.plugin_info['name'])
       end
 
       def test_before_method

data/test/cal_dav/plugin_test.rb

@@ -593,7 +593,7 @@ XML
         utc = ActiveSupport::TimeZone.new('UTC')
         expected_ical = DatabaseUtil.get_test_calendar_data
         expected_ical = VObject::Reader.read(expected_ical)
-        expected_ical.expand(
+        expected_ical = expected_ical.expand(
           utc.parse('2011-01-01 00:00:00'),
           utc.parse('2011-12-31 23:59:59')
         )
@@ -651,7 +651,7 @@ XML
         utc = ActiveSupport::TimeZone.new('UTC')
         expected_ical = DatabaseUtil.get_test_calendar_data
         expected_ical = VObject::Reader.read(expected_ical)
-        expected_ical.expand(
+        expected_ical = expected_ical.expand(
           utc.parse('2000-01-01 00:00:00'),
           utc.parse('2010-12-31 23:59:59')
         )
@@ -711,7 +711,7 @@ XML
         utc = ActiveSupport::TimeZone.new('UTC')
         expected_ical = DatabaseUtil.get_test_calendar_data
         expected_ical = VObject::Reader.read(expected_ical)
-        expected_ical.expand(
+        expected_ical = expected_ical.expand(
           utc.parse('2000-01-01 00:00:00'),
           utc.parse('2010-12-31 23:59:59')
         )
@@ -865,7 +865,7 @@ XML
         utc = ActiveSupport::TimeZone.new('UTC')
         expected_ical = DatabaseUtil.get_test_calendar_data
         expected_ical = VObject::Reader.read(expected_ical)
-        expected_ical.expand(
+        expected_ical = expected_ical.expand(
           utc.parse('2000-01-01 00:00:00'),
           utc.parse('2010-12-31 23:59:59')
         )

data/test/cal_dav/schedule/plugin_properties_test.rb

@@ -16,6 +16,9 @@ module Tilia
             'default',
             {}
           )
+          @principal_backend.add_principal(
+            'uri' => 'principals/user1/calendar-proxy-read'
+          )
         end
 
         def test_principal_properties
@@ -57,6 +60,54 @@ module Tilia
           assert_equal('calendars/user1/default/', prop.href)
         end
 
+        def test_principal_properties_bad_principal
+          props = @server.properties_for_path(
+            'principals/user1/calendar-proxy-read',
+            [
+              '{urn:ietf:params:xml:ns:caldav}schedule-inbox-URL',
+              '{urn:ietf:params:xml:ns:caldav}schedule-outbox-URL',
+              '{urn:ietf:params:xml:ns:caldav}calendar-user-address-set',
+              '{urn:ietf:params:xml:ns:caldav}calendar-user-type',
+              '{urn:ietf:params:xml:ns:caldav}schedule-default-calendar-URL',
+            ]
+          )
+
+          assert(props[0])
+          assert_has_key(200, props[0])
+          assert_has_key(404, props[0])
+
+          assert_has_key('{urn:ietf:params:xml:ns:caldav}schedule-outbox-URL', props[0][404])
+          assert_has_key('{urn:ietf:params:xml:ns:caldav}schedule-inbox-URL', props[0][404])
+
+          prop = props[0][200]['{urn:ietf:params:xml:ns:caldav}calendar-user-address-set']
+          assert(prop.is_a?(Dav::Xml::Property::Href))
+          assert_equal(['/principals/user1/calendar-proxy-read/'], prop.hrefs)
+
+          assert_has_key('{urn:ietf:params:xml:ns:caldav}calendar-user-type', props[0][200])
+          prop = props[0][200]['{urn:ietf:params:xml:ns:caldav}calendar-user-type']
+          assert_equal('INDIVIDUAL', prop)
+
+          assert_has_key('{urn:ietf:params:xml:ns:caldav}schedule-default-calendar-URL', props[0][404])
+        end
+
+        def test_no_default_calendar
+          @caldav_backend.calendars_for_user('principals/user1').each do |calendar|
+            @caldav_backend.delete_calendar(calendar['id'])
+          end
+
+          props = @server.properties_for_path(
+            '/principals/user1',
+            [
+              '{urn:ietf:params:xml:ns:caldav}schedule-default-calendar-URL'
+            ]
+          )
+
+          assert(props[0])
+          assert_has_key(404, props[0])
+
+          assert_has_key('{urn:ietf:params:xml:ns:caldav}schedule-default-calendar-URL', props[0][404])
+        end
+
         # There are two properties for availability. The server should
         # automatically map the old property to the standard property.
         def test_availability_mapping

data/test/card_dav/backend/sequel_my_sql_test.rb

@@ -21,7 +21,7 @@ CREATE TABLE addressbooks (
   description VARCHAR(10000),
   synctoken INT(11) UNSIGNED NOT NULL DEFAULT '1',
   UNIQUE(principaluri(100), uri(100))
-) #{TestUtil.mysql_engine} DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci
+) #{TestUtil.mysql_engine} DEFAULT CHARSET=utf8mb4
 QUERY
                 )
           db.run(<<QUERY
@@ -33,7 +33,7 @@ CREATE TABLE cards (
   lastmodified INT(11) UNSIGNED,
   etag VARBINARY(32),
   size INT(11) UNSIGNED NOT NULL
-) #{TestUtil.mysql_engine} DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci
+) #{TestUtil.mysql_engine} DEFAULT CHARSET=utf8mb4
 QUERY
                 )
           db.run(<<QUERY
@@ -44,7 +44,7 @@ CREATE TABLE addressbookchanges (
   addressbookid INT(11) UNSIGNED NOT NULL,
   operation SMALLINT(2) NOT NULL,
   INDEX addressbookid_synctoken (addressbookid, synctoken)
-) #{TestUtil.mysql_engine} DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci
+) #{TestUtil.mysql_engine} DEFAULT CHARSET=utf8mb4
 QUERY
                 )