20dbg_error_log(
'MKTICKET',
'method handler');
21require_once(
'DAVResource.php');
23$request->NeedPrivilege(
'DAV::bind');
25require_once(
'XMLDocument.php');
26$reply =
new XMLDocument(array(
'DAV:' =>
'',
'http://www.xythos.com/namespaces/StorageServer' =>
'T' ));
29if ( ! $target->Exists() ) {
30 $request->XMLResponse( 404,
new XMLElement(
'error',
new XMLElement(
'resource-must-not-be-null'), $reply->GetXmlNsArray() ) );
33if ( ! isset($request->xml_tags) ) {
34 $request->XMLResponse( 400,
new XMLElement(
'error',
new XMLElement(
'missing-xml-for-request'), $reply->GetXmlNsArray() ) );
37$xmltree = BuildXMLTree( $request->xml_tags );
38if ( $xmltree->GetNSTag() !=
'http://www.xythos.com/namespaces/StorageServer:ticketinfo' &&
39 $xmltree->GetNSTag() !=
'DAV::ticketinfo' ) {
40 $request->XMLResponse( 400,
new XMLElement(
'error',
new XMLElement(
'invalid-xml-for-request'), $reply->GetXmlNsArray() ) );
43$ticket_timeout =
'Seconds-3600';
44$ticket_privs_array = array(
'read-free-busy');
45foreach( $xmltree->GetContent() AS $k => $v ) {
47 switch( $v->GetNSTag() ) {
49 case 'http://www.xythos.com/namespaces/StorageServer:timeout':
50 $ticket_timeout = $v->GetContent();
53 case 'DAV::privilege':
54 case 'http://www.xythos.com/namespaces/StorageServer:privilege':
55 $ticket_privs_array = $v->GetElements();
56 $ticket_privileges = 0;
57 foreach( $ticket_privs_array AS $k1 => $v1 ) {
58 $ticket_privileges |= privilege_to_bits( $v1->GetNSTag() );
60 if ( $ticket_privileges & privilege_to_bits(
'write') ) $ticket_privileges |= privilege_to_bits(
'read' );
61 if ( $ticket_privileges & privilege_to_bits(
'read') ) $ticket_privileges |= privilege_to_bits( array(
'read-free-busy',
'read-current-user-privilege-set') );
62 if ( $ticket_privileges & privilege_to_bits(
'read-free-busy') ) $ticket_privileges |= privilege_to_bits(
'schedule-query-freebusy');
67if ( $ticket_timeout ==
'infinity' ) {
70else if ( preg_match(
'{^([a-z]+)-(\d+)$}i', $ticket_timeout, $matches ) ) {
72 $sql_timeout = $matches[2] .
' ' . $matches[1];
75 $sql_timeout = $ticket_timeout;
78$collection_id = $target->GetProperty(
'collection_id');
79$resource_id = $target->GetProperty(
'dav_id');
83 $ticket_id = substr( str_replace(
'/',
'', str_replace(
'+',
'',base64_encode(sha1(date(
'r') .rand(0,2100000000) . microtime(
true),
true)))), 7, 8);
85 'INSERT INTO access_ticket ( ticket_id, dav_owner_id, privileges, target_collection_id, target_resource_id, expires )
86 VALUES( :ticket_id, :owner, :privs::INT::BIT(24), :collection, :resource, (current_timestamp + :expires::interval) )',
88 ':ticket_id' => $ticket_id,
89 ':owner' => $session->principal_id,
90 ':privs' => $ticket_privileges,
91 ':collection' => $collection_id,
92 ':resource' => $resource_id,
93 ':expires' => $sql_timeout,
96 $result = $qry->Exec(
'MKTICKET', __LINE__, __FILE__);
97}
while( !$result && $i++ < 2 );
99$privs =
new XMLElement(
'privilege');
100foreach( bits_to_privilege($ticket_privileges) AS $k => $v ) {
101 $reply->NSElement($privs, $v);
104$ticketinfo =
new XMLElement(
'T:ticketinfo', array(
105 new XMLElement(
'T:id', $ticket_id),
106 new XMLElement(
'owner', $reply->href( ConstructURL(
'/'.$session->username.
'/') ) ),
108 new XMLElement(
'T:timeout', $ticket_timeout),
109 new XMLElement(
'T:visits',
'infinity')
113$prop =
new XMLElement(
"prop",
new XMLElement(
'T:ticketdiscovery', $ticketinfo), $reply->GetXmlNsArray() );
114header(
'Ticket: '.$ticket_id);
115$request->XMLResponse( 200, $prop );