大佬教程收集整理的这篇文章主要介绍了如何在SabreDAV PHP服务器中为CalDAV实现自定义ACL,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
<?PHP if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class CalDAV extends CI_Controller {
public function _remap() {
$this->load->library('SabreDAV');
$authBACkend = new SabreDAV_DAV_Auth_BACkend_Tank_Auth;
$principalBACkend = new Sabre_DAVACL_PrincipalBACkend_Click4Time;
$calendarBACkend = new Sabre_CalDAv_backend_Click4Time;
// Directory tree
$tree = array(
new Sabre_DAVACL_PrincipalCollection($principalBACkend),
new Sabre_CalDAV_CalendarRootNode($principalBACkend, $calendarBACkend)
);
// The object tree needs in turn to be passed to the server class
$server = new Sabre_DAV_Server($treE);
// You are highly encouraged to set your WebDAV server base url. Without it,
// SabreDAV will guess, but the guess is not always correct. PutTing the
// server on the root of the domain will improve compatibility.
$server->setBaseUri('/caldav/');
// Authentication plugin
$authPlugin = new Sabre_DAV_Auth_Plugin($authBACkend, 'SabreDAV');
$server->addPlugin($authPlugin);
// CalDAV plugin
$caldavPlugin = new Sabre_CalDAV_Plugin();
$server->addPlugin($caldavPlugin);
// ACL plugin
$aclPlugin = new Sabre_DAVACL_Custom;
$server->addPlugin($aclPlugin);
// Support for html frontend
$browser = new Sabre_DAv_browser_Plugin();
$server->addPlugin($browser);
$server->exec();
}
}
@H_618_0@我当前实现权限的尝试是通过自定义ACL插件进行的:
@H_618_0@
<?PHP
class Sabre_DAVACL_Custom extends Sabre_DAVACL_Plugin {
public $allowAccessToNodesWithoutACL = false;
private function _getCurrentUserName() {
$authPlugin = $this->server->getPlugin('auth');
if (is_null($authPlugin)) return null;
return $authPlugin->getCurrentUser();
}
public function getACL($nodE) {
$user = $this->_getCurrentUserName();
$path = $node->getName();
if ($path == 'calendars' || $path == 'principals' || $path == 'root') {
return array(
array(
'privilege' => '{DAV:}read',
'principal' => 'principals/' . $user,
'protected' => true,
)
);
}
else if ($path == 'calendars/' . $user) {
return array(
array(
'privilege' => '{DAV:}read',
'principal' => 'principals/' . $user,
'protected' => true,
)
);
}
return array();
}
}
@H_618_0@该代码几乎可以工作,除了第二次检查应该授权用户查看他或她自己的日历.我无法获得$node的完整路径名.
@H_618_0@这可能是错误的实现方式,但是我无法找到任何文档来确认这是实现ACL的方式.解决方法:
@H_618_0@我使用了不同的尝试,就像您一样扩展了插件,但是随后我替换了getSupportedPrivilegeSet($nodE). @H_618_0@在sabredav 1.8.6中,它看起来像这样: @H_618_0@public function getSupportedPrivilegeSet($nodE) {
if (is_String($nodE)) {
$node = $this->server->tree->getNodeForPath($nodE);
}
if ($node instanceof IACL) {
$result = $node->getSupportedPrivilegeSet();
if ($result)
return $result;
}
return self::getDefaultSupportedPrivilegeSet();
}
@H_618_0@现在您可以使用类而不是我发现更有用的路径,即:
@H_618_0@
class DavCalAcl extends \Sabre\DAVACL\Plugin {
public function getSupportedPrivilegeSet($nodE) {
if (is_String($nodE)) {
$node = $this->server->tree->getNodeForPath($nodE);
}
if($node instanceof \Sabre\CalDAV\Calendar || $node instanceof \Sabre\CalDAV\CalendarObject) {
return array(
array(
'privilege' => '{DAV:}read',
'aggregates' => array(
array(
'privilege' => '{DAV:}read-acl',
'abstract' => true,
),
array(
'privilege' => '{DAV:}read-current-user-privilege-set',
'abstract' => true,
),
),
)
);
}
if ($node instanceof \Sabre\DAVACL\IACL) {
$result = $node->getSupportedPrivilegeSet();
if ($result)
return $result;
}
return self::getDefaultSupportedPrivilegeSet();
}
}
@H_618_0@这是我当前的尝试,目的是让iCal将日历识别为只读…我还没有到那儿,但这也许可以帮助您更好地识别对象
@H_618_0@如果您想要一个节点的绝对路径,我想您总是可以在根目录下搜索当前节点,并记录下将您带到那里的路径.据我检查sabredav中的节点不支持父级或根级属性.
@H_618_0@[更新]
@H_618_0@最好的方法似乎是在插件中覆盖getACl.在这里,您可以测试节点的类并返回您真正想要的东西,而不是默认对象返回的东西(例如,查看UserCalendars-> getACL().
@H_618_0@这是我基于对象类型的只读强制实施方案:
@H_618_0@
class DavCalAcl extends \Sabre\DAVACL\Plugin {
/**
* Returns the full ACL list.
*
* Either a uri or a DAV\INode may be passed.
*
* null will be returned if the node doesn't support ACLs.
*
* @param String|DAV\INode $node
* @return array
*/
public function getACL($nodE) {
if (is_String($nodE)) {
$node = $this->server->tree->getNodeForPath($nodE);
}
if (!$node instanceof \Sabre\DAVACL\IACL) {
return null;
}
if( $node instanceof \Sabre\CalDAV\Calendar ||
$node instanceof \Sabre\CalDAV\CalendarObject ||
$node instanceof \Sabre\CalDAV\UserCalendars
) {
$acl = array(
array(
'privilege' => '{DAV:}read',
'principal' => $node->getowner(),
'protected' => true,
),
);
} else {
$acl = $node->getACL();
}
foreach($this->adminPrincipals as $adminPrincipal) {
$acl[] = array(
'principal' => $adminPrincipal,
'privilege' => '{DAV:}all',
'protected' => true,
);
}
return $acl;
}
}
以上是大佬教程为你收集整理的如何在SabreDAV PHP服务器中为CalDAV实现自定义ACL全部内容,希望文章能够帮你解决如何在SabreDAV PHP服务器中为CalDAV实现自定义ACL所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。