ctucx.git: tinyDAV

[php] Cal-/ CardDAV server with a simple web-GUI based on SabreDAV

1 
2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 
28 
29 
30 
31 
32 
33 
34 
35 
36 
37 
38 
39 
40 
41 
42 
43 
44 
45 
46 
47 
48 
49 
50 
51 
52 
53 
54 
55 
56 
57 
58 
59 
60 
61 
62 
63 
64 
65 
66 
67 
68 
69 
70 
71 
72 
73 
74 
75 
76 
77 
78 
79 
80 
81 
82 
83 
84 
85 
86 
87 
88 
89 
90 
91 
92 
93 
94 
95 
96 
97 
98 
99 
100 
101 
102 
103 
104 
105 
106 
107 
108 
109 
110 
111 
112 
113 
114 
115 
116 
117 
118 
119 
120 
121 
122 
123 
124 
125 
126 
127 
128 
129 
130 
131 
132 
133 
134 
135 
136 
137 
138 
139 
140 
141 
142 
143 
144 
145 
146 
147 
148 
149 
150 
151 
152 
153 
154 
155 
156 
157 
158 
159 
160 
161 
162 
163 
164 
165 
166 
167 
168 
169 
170 
171 
172 
173 
174 
175 
176 
177 
178 
179 
180 
181 
182 
183 
184 
185 
186 
187 
188 
189 
190 
191 
192 
193 
194 
195 
196 
197 
198 
199 
200 
201 
202 
203 
204 
205 
206 
207 
208 
209 
210 
211 
212 
213 
214 
215 
216 
217 
218 
219 
220 
221 
222 
223 
224 
225 
226 
227 
228 
229 
230 
231 
232 
233 
234 
235 
236 
237 
238 
239 
240 
241 
242 
243 
244 
245 
246 
247 
248 
249 
250 
251 
252 
253 
254 
255 
256 
257 
258 
259 
260 
261 
262 
263 
264 
265 
266 
267 
268 
269 
270 
271 
272 
273 
274 
275 
276 
277 
278 
279 
280 
281 
282 
283 
284 
285 
286 
287 
288 
289 
290 
291 
292 
293 
294 
295 
296 
297 
298 
299 
300 
301 
302 
303 
304 
305 
306 
307 
308 
309 
310 
311 
312 
313 
314 
315 
316 
317 
318 
319 
320 
321 
322 
323 
324 
325 
326 
327 
328 
329 
330 
331 
332 
333 <?php
//For debuging. remove in production
error_reporting(E_ALL);
ini_set("log_errors", true);
ini_set('display_errors', true);
ini_set('error_log', './error.log'); 

define('PATH', __DIR__);
session_start();

require PATH.'/lib/JSONDB.php';
require PATH.'/lib/Template.php';
require PATH.'/lib/Router.php';
require PATH.'/lib/Helpers.php';
require PATH.'/lib/UserManager.php';
require PATH.'/lib/GenericCollectionManager.php';
require PATH.'/lib/AddressbookCollectionManager.php';
require PATH.'/lib/CalendarCollectionManager.php';

$pagevars = [];

$db      = new JSONDB(PATH.'/data');
$userMgr = new UserManager($db);
$cardMgr = new AddressbookCollectionManager($db);
$calMgr  = new CalendarCollectionManager($db);
$tpl     = new Template(PATH.'/template/', [
		'IS_ADMIN' => $userMgr->isAdmin(),
	]);

//GET
Router::add('GET', '/', function(){
	global $userMgr;
	
	if (!$userMgr->isLoggedIn()){
		header("Location: /login");
		exit();
	}

	header("Location: /overview");
});

Router::add('GET', '/login', function(){
	global $tpl;

	$tpl->render('login', [
		'PAGE'		=>	'Login',
	]);
});

Router::add('GET', '/logout', function(){
	global $userMgr;
	$userMgr->logout();
	header("Location: /");
});

Router::add('GET', '/overview', function(){
	global $tpl, $db, $userMgr, $cardMgr, $calMgr;
	$userMgr->checkLoggedIn();

	if (!$userMgr->isAdmin()) {
		$addressbooks = $cardMgr->getCollections('principals/'.$userMgr->getLoggedInAccount()['username']);
		$calendars    = $calMgr->getCollections('principals/'.$userMgr->getLoggedInAccount()['username']);

		foreach ($addressbooks as $addressbook) {
			$tpl->blockAssign('addressbooks', [
					'ID'          => $addressbook['id'],
					'DISPLAYNAME' => $addressbook['displayname'],
					'URI'         => $addressbook['uri'],
				]);
		}

		foreach ($calendars as $calendar) {
			$tpl->blockAssign('calendars', [
					'ID'          => $calendar['id'],
					'DISPLAYNAME' => $calendar['displayname'],
					'URI'         => $calendar['uri'],
				]);
		}

	} else {
		$users = $userMgr->getAll();

		foreach ($users as $user) {
			$tpl->blockAssign('users', [
					'ID'       => $user->id,
					'USERNAME' => $user->username,
					'ACTIVE'   => $user->active,
				]);
		}
	}
	
	$tpl->render('overview', [
		'PAGE'     => 'Overview',
		'USERNAME' => $userMgr->getLoggedInAccount()['username'],
	]);
});

Router::add('GET', '/update', function(){
	global $tpl, $userMgr;
	$userMgr->checkLoggedIn();

	$username = strtolower(trim(Helpers::getVar('username')));

	switch(Helpers::getVar('type')) {
		case 'user':
		
			if (!$userMgr->isAdmin()) {
				header("Location: /overview");
				exit();
			}

			if (!$userMgr->exists($username)) {
				header("Location: /overview");
				exit();				
			}

			$user = $userMgr->get($username);

			$tpl->render('update', [
				'PAGE'       => 'Update User',
				'TYPE'       => 'user',
				'USERNAME'   => $user['username'],
				'ACTIVE'     => $user['active']
			]);

		default:
			header("Location: /overview");
	}
});

//POST 
Router::add('POST', '/login', function(){
	global $tpl, $userMgr;

	try {
		$userMgr->checkLogin(strtolower(trim(Helpers::postVar('username'))), Helpers::postVar('password'));
		header("Location: /overview");
	} catch ( Exception $e ) {
		$tpl->render('login', [
			'PAGE' => 'Login',
			'MSG'  => $e->getMessage(),
		]);		
	}
});

Router::add('POST', '/create', function(){
	global $tpl, $userMgr, $cardMgr, $calMgr;
	$userMgr->checkLoggedIn();

	$username = strtolower(trim(Helpers::postVar('username')));
	$msg      = '';	

	switch(Helpers::postVar('type')) {
		case 'user':
			if (!$userMgr->isAdmin()) {
				header("Location: /overview");
				exit();
			}
				
			try {
				$userMgr->create($username, Helpers::postVar('password'), true);
				$cardMgr->createCollection('principals/'.$username, 'default', ['displayname' => 'Default-Addressbook']);
				$calMgr->createCollection('principals/'.$username, 'default', ['displayname' => 'Default-Calendar']);

				header("Location: /overview");
			} catch ( Exception $e ) {
				$tpl->render('message', [
					'PAGE' => 'Message',
					'MSG'  => $e->getMessage(),
				]);		
			}

		case 'addressbook':
		case 'calendar':
			if ($userMgr->getLoggedInAccount()['username'] !== $username && !$userMgr->isAdmin()) {
				header("Location: /overview");
				exit();
			}

			$uri         = Helpers::postVar('uri');
			$displayname = Helpers::postVar('displayname');

			try {
				if (empty($displayname)) throw new Exception('Displayname can\'t be empty.');
				
				if (empty($uri)) {
					$uri = preg_replace("/[^A-Za-z0-9 ]/", '', $displayname);
				}

				if (empty($uri)) throw new Exception('URI can\'t be empty.');

				if (Helpers::postVar('type') !== 'addressbook') {
					$calMgr->createCollection('principals/'.$username, $uri, ['displayname' => $displayname]);
				} else {
					$cardMgr->createCollection('principals/'.$username, $uri, ['displayname' => $displayname]);
				}

				header("Location: /overview");
			} catch ( Exception $e ) {
				$tpl->render('message', [
					'PAGE' => 'Message',
					'MSG'  => $e->getMessage(),
				]);		
			}

		default:
			header("Location: /overview");
			exit();
	}

	$tpl->render('message', [
		'PAGE'     => 'Oofff',
		'MSG'      => $msg, 
	]);
}); 

Router::add('POST', '/update', function(){
	global $tpl, $userMgr;
	$userMgr->checkLoggedIn();

	$username = strtolower(trim(Helpers::postVar('username')));
	$msg      = '';

	switch(Helpers::postVar('type')) {
		case 'password':
			$password1 = Helpers::postVar('password1');
			$password2 = Helpers::postVar('password2');

			if ($userMgr->getLoggedInAccount()['username'] !== $username && !$userMgr->isAdmin()) {
				header("Location: /overview");
				exit();
			} elseif ($password1 !== $password2) {
				$msg = 'Passwords do not match!';
			} else {
				try {
					$userMgr->updatePassword($username, $password1);
					header("Location: /overview");
					
				} catch (Exception $e) {
					$msg = $e->getMessage();
				}
			}

		case 'user':
			$active = boolval(Helpers::postVar('active'));

			if (!$userMgr->isAdmin()) {
				header("Location: /overview");
				exit();
			}

			try {
				if (!$active) {
					$userMgr->disable($username);
				} else {
					$userMgr->enable($username);
				}

				header("Location: /overview");
					
			} catch (Exception $e) {
				$msg = $e->getMessage();
			}

		default:
			header("Location: /overview");
			exit();
	}

	$tpl->render('message', [
		'PAGE'     => 'Oofff',
		'MSG'      => $msg, 
	]);
});

Router::add('POST', '/delete', function(){
	global $tpl, $userMgr, $cardMgr, $calMgr;
	$userMgr->checkLoggedIn();

	$username = strtolower(trim(Helpers::postVar('username')));
	$msg      = '';
	
	switch (Helpers::postVar('type')) {
		case 'user':
			if ($userMgr->getLoggedInAccount()['username'] !== $username && !$userMgr->isAdmin()) {
				header("Location: /overview");
				exit();
			}

			try {
				$userMgr->delete($username);

				$addressbooks = $cardMgr->getCollections('principals/'.$username);
				$calendars    = $calMgr->getCollections('principals/'.$username);

				foreach ($addressbooks as $addressbook) {
					$cardMgr->deleteCollection($addressbook['id']);
				}

				foreach ($calendars as $calendar) {
					$calMgr->deleteCollection($calendar['id']);
				}

				if ($userMgr->getLoggedInAccount()['username'] !== $username) {
					header("Location: /overview");			
				} else {
					$userMgr->logout();
					header("Location: /");
				}					
			} catch (Exception $e) {
				$msg = $e->getMessage();
			}

		default:
			header("Location: /overview");
			exit();
	}

	$tpl->render('message', [
		'PAGE'     => 'Oofff',
		'MSG'      => $msg, 
	]);
});

Router::pathNotFound(function(){
	header("Loctaion: /");
});

Router::methodNotAllowed(function(){
	header("Loctaion: /");
});

Router::run('/');