update to sabre/dav to version 3.2.0

2016-06-28 21:45:14 +02:00
parent feaad50b6c
commit dcc65bbacb
21 changed files with 321 additions and 226 deletions
--- a/vendor/sabre/dav/CHANGELOG.md
+++ b/vendor/sabre/dav/CHANGELOG.md
@@ -1,12 +1,26 @@
 ChangeLog
 =========

+3.2.0 (2016-06-27)
+------------------
+
+* The default ACL rules allow an unauthenticated user to read information
+  about nodes that don't have their own ACL defined. This was a security
+  problem.
+* The zip release ships with [sabre/vobject 4.1.0][vobj],
+  [sabre/http 4.2.1][http], [sabre/event 3.0.0][evnt],
+  [sabre/uri 1.1.0][uri] and [sabre/xml 1.4.2][xml].
+
+
 3.2.0-beta1 (2016-05-20)
 ------------------------

 * #833: Calendars throw exceptions when the sharing plugin is not enabled.
 * #834: Return vCards exactly as they were stored if we don't need to convert
  in between versions.
+* The zip release ships with [sabre/vobject 4.1.0][vobj],
+  [sabre/http 4.2.1][http], [sabre/event 3.0.0][evnt],
+  [sabre/uri 1.1.0][uri] and [sabre/xml 1.4.1][xml].


 3.2.0-alpha1 (2016-05-09)
@@ -70,6 +84,23 @@ ChangeLog
  [sabre/uri 1.1.0][uri] and [sabre/xml 1.4.1][xml].


+3.1.5 (????-??-??)
+------------------
+
+* Fixed: Creating a new calendar on some MySQL configurations caused an error.
+
+
+3.1.4 (2016-05-28)
+------------------
+
+* #834: Backport from `master`: Return vCards exactly as they were stored if
+  we don't need to convert in between versions. This should speed up many
+  large addressbook syncs sometimes up to 50%.
+* The zip release ships with [sabre/vobject 4.1.0][vobj],
+  [sabre/http 4.2.1][http], [sabre/event 3.0.0][evnt],
+  [sabre/uri 1.1.0][uri] and [sabre/xml 1.4.2][xml].
+
+
 3.1.3 (2016-04-06)
 ------------------

--- a/vendor/sabre/dav/bin/migrateto32.php
+++ b/vendor/sabre/dav/bin/migrateto32.php
@@ -237,7 +237,7 @@ if ($migrateCalendars) {
 CREATE TABLE calendars (
    id INTEGER UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT,
    synctoken INTEGER UNSIGNED NOT NULL DEFAULT '1',
-    components VARBINARY(20)
+    components VARBINARY(21)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 SQL
 );
--- a/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php
+++ b/vendor/sabre/dav/lib/CalDAV/Backend/PDO.php
@@ -1502,7 +1502,7 @@ SQL;
     */
    function setPublishStatus($calendarId, $value) {

-        throw new \Exception('Not implemented');
+        throw new \Sabre\DAV\Exception\NotImplemented('Not implemented');

    }

--- a/vendor/sabre/dav/lib/CalDAV/Xml/Property/ScheduleCalendarTransp.php
+++ b/vendor/sabre/dav/lib/CalDAV/Xml/Property/ScheduleCalendarTransp.php
@@ -4,8 +4,8 @@ namespace Sabre\CalDAV\Xml\Property;

 use Sabre\Xml\Element;
 use Sabre\Xml\Reader;
+use Sabre\Xml\Deserializer;
 use Sabre\Xml\Writer;
-use Sabre\Xml\Element\Elements;
 use Sabre\CalDAV\Plugin;

 /**
@@ -116,23 +116,13 @@ class ScheduleCalendarTransp implements Element {
     */
    static function xmlDeserialize(Reader $reader) {

-        $elems = Elements::xmlDeserialize($reader);
+        $elems = Deserializer\enum($reader, Plugin::NS_CALDAV);

-        $value = null;
-
-        foreach ($elems as $elem) {
-            switch ($elem) {
-                case '{' . Plugin::NS_CALDAV . '}opaque' :
-                    $value = self::OPAQUE;
-                    break;
-                case '{' . Plugin::NS_CALDAV . '}transparent' :
-                    $value = self::TRANSPARENT;
-                    break;
-            }
+        if (in_array('transparent', $elems)) {
+            $value = self::TRANSPARENT;
+        } else {
+            $value = self::OPAQUE;
        }
-        if (is_null($value))
-           return null;
-
        return new self($value);

    }
--- a/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php
+++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php
@@ -25,7 +25,7 @@ class File extends AbstractDigest {
    /**
     * Creates the backend object.
     *
-     * If the filename argument is passed in, it will parse out the specified file fist.
+     * If the filename argument is passed in, it will parse out the specified file first.
     *
     * @param string|null $filename
     */
--- a/vendor/sabre/dav/lib/DAV/FSExt/Directory.php
+++ b/vendor/sabre/dav/lib/DAV/FSExt/Directory.php
@@ -131,12 +131,7 @@ class Directory extends Node implements DAV\ICollection, DAV\IQuota, DAV\IMoveTa

        foreach ($iterator as $entry) {

-            $node = $entry->getFilename();
-
-            if ($node === '.sabredav')
-                continue;
-
-            $nodes[] = $this->getChild($node);
+            $nodes[] = $this->getChild($entry->getFilename());

        }
        return $nodes;
@@ -153,9 +148,6 @@ class Directory extends Node implements DAV\ICollection, DAV\IQuota, DAV\IMoveTa
        // Deleting all children
        foreach ($this->getChildren() as $child) $child->delete();

-        // Removing resource info, if its still around
-        if (file_exists($this->path . '/.sabredav')) unlink($this->path . '/.sabredav');
-
        // Removing the directory itself
        rmdir($this->path);

--- a/vendor/sabre/dav/lib/DAV/Version.php
+++ b/vendor/sabre/dav/lib/DAV/Version.php
@@ -14,6 +14,6 @@ class Version {
    /**
     * Full version number
     */
-    const VERSION = '3.2.0-beta1';
+    const VERSION = '3.2.0';

 }
--- a/vendor/sabre/dav/lib/DAV/Xml/Property/ShareAccess.php
+++ b/vendor/sabre/dav/lib/DAV/Xml/Property/ShareAccess.php
@@ -127,7 +127,7 @@ class ShareAccess implements Element {
            switch ($elem['name']) {
                case '{DAV:}not-shared' :
                    return new self(SharingPlugin::ACCESS_NOTSHARED);
-                case '{DAV:}sharedowner' :
+                case '{DAV:}shared-owner' :
                    return new self(SharingPlugin::ACCESS_SHAREDOWNER);
                case '{DAV:}read' :
                    return new self(SharingPlugin::ACCESS_READ);
--- a/vendor/sabre/dav/lib/DAV/Xml/Property/SupportedMethodSet.php
+++ b/vendor/sabre/dav/lib/DAV/Xml/Property/SupportedMethodSet.php
@@ -32,16 +32,11 @@ class SupportedMethodSet implements XmlSerializable, HtmlOutput {
    /**
     * Creates the property
     *
-     * Any reports passed in the constructor
-     * should be valid report-types in clark-notation.
-     *
-     * Either a string or an array of strings must be passed.
-     *
-     * @param string|string[] $methods
+     * @param string[] $methods
     */
-    function __construct($methods = null) {
+    function __construct(array $methods) {

-        $this->methods = (array)$methods;
+        $this->methods = $methods;

    }

--- a/vendor/sabre/dav/lib/DAVACL/Plugin.php
+++ b/vendor/sabre/dav/lib/DAVACL/Plugin.php
@@ -307,11 +307,6 @@ class Plugin extends DAV\ServerPlugin {
            'protected' => true,
            'privilege' => '{DAV:}all',
        ],
-        [
-            'principal' => '{DAV:}unauthenticated',
-            'protected' => true,
-            'privilege' => '{DAV:}read',
-        ],
    ];

    /**
--- a/vendor/sabre/dav/tests/Sabre/CalDAV/Backend/AbstractPDOTest.php
+++ b/vendor/sabre/dav/tests/Sabre/CalDAV/Backend/AbstractPDOTest.php
@@ -1418,4 +1418,14 @@ abstract class AbstractPDOTest extends \PHPUnit_Framework_TestCase {

    }

+    /**
+     * @expectedException \Sabre\DAV\Exception\NotImplemented
+     */
+    function testSetPublishStatus() {
+
+        $backend = new PDO($this->pdo);
+        $backend->setPublishStatus([1, 1], true);
+
+    }
+
 }
--- a/vendor/sabre/dav/tests/Sabre/DAV/Auth/Backend/FileTest.php
+++ b/vendor/sabre/dav/tests/Sabre/DAV/Auth/Backend/FileTest.php
@@ -23,8 +23,7 @@ class FileTest extends \PHPUnit_Framework_TestCase {
    function testLoadFileBroken() {

        file_put_contents(SABRE_TEMPDIR . '/backend', 'user:realm:hash');
-        $file = new File();
-        $file->loadFile(SABRE_TEMPDIR . '/backend');
+        $file = new File(SABRE_TEMPDIR . '/backend');

    }

--- a/vendor/sabre/dav/tests/Sabre/DAV/Auth/PluginTest.php
+++ b/vendor/sabre/dav/tests/Sabre/DAV/Auth/PluginTest.php
@@ -48,6 +48,25 @@ class PluginTest extends \PHPUnit_Framework_TestCase {

    }

+    /**
+     * @depends testAuthenticateFail
+     */
+    function testAuthenticateFailDontAutoRequire() {
+
+        $fakeServer = new DAV\Server(new DAV\SimpleCollection('bla'));
+        $backend = new Backend\Mock();
+        $backend->fail = true;
+
+        $plugin = new Plugin($backend);
+        $plugin->autoRequireLogin = false;
+        $fakeServer->addPlugin($plugin);
+        $this->assertTrue(
+            $fakeServer->emit('beforeMethod', [new HTTP\Request(), new HTTP\Response()])
+        );
+        $this->assertEquals(1, count($plugin->getLoginFailedReasons()));
+
+    }
+
    /**
     * @depends testAuthenticate
     */
--- a/vendor/sabre/dav/tests/Sabre/DAV/ServerEventsTest.php
+++ b/vendor/sabre/dav/tests/Sabre/DAV/ServerEventsTest.php
@@ -31,7 +31,9 @@ class ServerEventsTest extends AbstractServer {

    function testAfterResponse() {

-        $mock = $this->getMock('stdClass', ['afterResponseCallback']);
+        $mock = $this->getMockBuilder('stdClass')
+            ->setMethods(['afterResponseCallback'])
+            ->getMock();
        $mock->expects($this->once())->method('afterResponseCallback');

        $this->server->on('afterResponse', [$mock, 'afterResponseCallback']);
--- a/vendor/sabre/dav/tests/Sabre/DAVACL/ExpandPropertiesTest.php
+++ b/vendor/sabre/dav/tests/Sabre/DAVACL/ExpandPropertiesTest.php
@@ -34,6 +34,13 @@ class ExpandPropertiesTest extends \PHPUnit_Framework_TestCase {
        $fakeServer->httpResponse = new HTTP\ResponseMock();
        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
+        // Anyone can do anything
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ]
+        ]);
        $this->assertTrue($plugin instanceof Plugin);

        $fakeServer->addPlugin($plugin);
--- a/vendor/sabre/dav/tests/Sabre/DAVACL/PluginPropertiesTest.php
+++ b/vendor/sabre/dav/tests/Sabre/DAVACL/PluginPropertiesTest.php
@@ -11,6 +11,13 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {

        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);
+        //Anyone can do anything
        $plugin->principalCollectionSet = [
            'principals1',
            'principals2',
@@ -47,6 +54,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {
        $plugin = new DAV\Auth\Plugin(new DAV\Auth\Backend\Mock());
        $fakeServer->addPlugin($plugin);
        $plugin = new Plugin();
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);
        $fakeServer->addPlugin($plugin);


@@ -80,6 +93,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {

        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);
        $server = new DAV\Server();
        $server->addPlugin($plugin);

@@ -140,6 +159,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {

        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);

        $nodes = [
            new MockACLNode('foo', [
@@ -227,6 +252,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {
        //$fakeServer->addPlugin($plugin);
        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);
        $fakeServer->addPlugin($plugin);

        $requestedProperties = [
@@ -256,6 +287,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {
        //$fakeServer->addPlugin($plugin);
        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);
        $fakeServer->addPlugin($plugin);

        $requestedProperties = [
@@ -286,6 +323,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {
        //$fakeServer->addPlugin($plugin);
        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);
        $fakeServer->addPlugin($plugin);

        $requestedProperties = [
@@ -315,6 +358,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {
        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
        $fakeServer->addPlugin($plugin);
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);

        $requestedProperties = [
            '{DAV:}group-membership',
@@ -343,6 +392,12 @@ class PluginPropertiesTest extends \PHPUnit_Framework_TestCase {
        $plugin = new Plugin();
        $plugin->allowUnauthenticatedAccess = false;
        $fakeServer->addPlugin($plugin);
+        $plugin->setDefaultACL([
+            [
+                'principal' => '{DAV:}all',
+                'privilege' => '{DAV:}all',
+            ],
+        ]);

        $requestedProperties = [
            '{DAV:}displayname',