From 61f6d5872829872c2067258e60759549516716e7 Mon Sep 17 00:00:00 2001
From: Kevin Jardine <kevinjardine@yahoo.com>
Date: Thu, 29 Sep 2011 16:01:52 +0200
Subject: added auth token feature

---
 languages/en.php                               |  3 +
 models/model.php                               | 86 +++++++++++++++++++-------
 start.php                                      | 31 ++++++++++
 views/default/settings/event_calendar/edit.php |  8 +++
 4 files changed, 107 insertions(+), 21 deletions(-)

diff --git a/languages/en.php b/languages/en.php
index 883576b3b..88d66a1da 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -210,6 +210,9 @@ You can manage calendar requests for this event here:
 	'event_calendar:add' => "Add",
 		
 	'feed:ical' => "iCal feed for this page",
+	'event_calendar:ical_auth_file_name:title' => "Location of iCal authentication file on local file system (experimental - not needed for public feeds)",
+
+	'event_calendar:owner:permissions_error' => "You do not have permission to view that page.",
 		
 	/**
 	 * Event calendar river
diff --git a/models/model.php b/models/model.php
index dafc10bc9..dedb69efc 100644
--- a/models/model.php
+++ b/models/model.php
@@ -1095,23 +1095,23 @@ function event_calendar_send_event_request($event,$user_guid) {
 
 // pages
 
-function event_calendar_get_page_content_list($page_type,$group_guid,$start_date,$display_mode,$filter,$region='-') {
+function event_calendar_get_page_content_list($page_type,$container_guid,$start_date,$display_mode,$filter,$region='-') {
 	global $autofeed;
 	$autofeed = true;
 	if ($page_type == 'group') {
-		if (!event_calendar_activated_for_group($group_guid)) {
+		if (!event_calendar_activated_for_group($container__guid)) {
 			forward();
 		}
 		elgg_push_breadcrumb(elgg_echo('event_calendar:group_breadcrumb'));
 		elgg_push_context('groups');
-		elgg_set_page_owner_guid($group_guid);
+		elgg_set_page_owner_guid($container_guid);
 		$user_guid = elgg_get_logged_in_user_guid();
 		$group_calendar = elgg_get_plugin_setting('group_calendar', 'event_calendar');
 		if (!$group_calendar || $group_calendar == 'members') {
 			if (elgg_get_page_owner_entity()->canWriteToContainer($user_guid)){
 				elgg_register_menu_item('title', array(
 					'name' => 'add',
-					'href' => "event_calendar/add/".$group_guid,
+					'href' => "event_calendar/add/".$container_guid,
 					'text' => elgg_echo('event_calendar:add'),
 					'class' => 'elgg-button elgg-button-action',
 				));
@@ -1120,7 +1120,7 @@ function event_calendar_get_page_content_list($page_type,$group_guid,$start_date
 			if (elgg_is_admin_logged_in() || ($group->owner_guid == $user_guid)) {
 				elgg_register_menu_item('title', array(
 					'name' => 'add',
-					'href' => "event_calendar/add/".$group_guid,
+					'href' => "event_calendar/add/".$container_guid,
 					'text' => elgg_echo('event_calendar:add'),
 					'class' => 'elgg-button elgg-button-action',
 				));
@@ -1151,6 +1151,8 @@ function event_calendar_get_page_content_list($page_type,$group_guid,$start_date
 			}
 		}
 	}
+
+	$params = event_calendar_generate_listing_params($page_type,$container_guid,$start_date,$display_mode,$filter,$region);
 	
 	$url = full_url();
 	if (substr_count($url, '?')) {
@@ -1158,8 +1160,6 @@ function event_calendar_get_page_content_list($page_type,$group_guid,$start_date
 	} else {
 		$url .= "?view=ical";
 	}
-
-	$params = event_calendar_generate_listing_params($page_type,$group_guid,$start_date,$display_mode,$filter,$region);
 	
 	$url = elgg_format_url($url);
 	$menu_options = array(
@@ -1284,7 +1284,7 @@ function event_calendar_prepare_edit_form_vars($event = NULL) {
 	return $values;
 }
 
-function event_calendar_generate_listing_params($page_type,$group_guid,$original_start_date,$display_mode,$filter,$region='-') {
+function event_calendar_generate_listing_params($page_type,$container_guid,$original_start_date,$display_mode,$filter,$region='-') {
 	$event_calendar_listing_format = elgg_get_plugin_setting('listing_format', 'event_calendar');
 	$event_calendar_spots_display = trim(elgg_get_plugin_setting('spots_display', 'event_calendar'));
 	$event_calendar_first_date = trim(elgg_get_plugin_setting('first_date', 'event_calendar'));
@@ -1364,8 +1364,38 @@ function event_calendar_generate_listing_params($page_type,$group_guid,$original
 			$subtitle = date('F Y',$start_ts);
 		}
 	}
-
-	$user_guid = elgg_get_logged_in_user_guid();
+	
+	$current_user_guid = elgg_get_logged_in_user_guid();
+	
+	$access_status = elgg_get_ignore_access();
+	
+	if ($page_type == 'owner') {
+		$container = get_entity($container_guid);
+		if (elgg_instanceof($container, 'user')) {
+			$auth_token = get_input('auth_token');
+			if ($auth_token) {
+				$secret_key = event_calendar_get_secret_key();
+				if ($secret_key && ($auth_token === sha1($container->username . $secret_key))) {
+					elgg_set_ignore_access(TRUE);
+				}
+			}
+			if ($container->canEdit()) {
+				$user_guid = $container_guid;
+				$group_guid = 0;
+			} else {
+				register_error('event_calendar:owner:permissions_error');
+				forward();
+				exit;
+			}
+		} else {
+			register_error('event_calendar:owner:permissions_error');
+			forward();
+			exit;
+		}		
+	} else {
+		$user_guid = $current_user_guid;
+		$group_guid = $container_guid;
+	}
 
 	$offset = get_input('offset');
 	$limit = get_input('limit',15);
@@ -1380,17 +1410,17 @@ function event_calendar_generate_listing_params($page_type,$group_guid,$original
 		}
 	}
 	if ($filter == 'all') {
-		$count = event_calendar_get_events_between($start_ts,$end_ts,true,$limit,$offset,$group_guid,$region);
-		$events = event_calendar_get_events_between($start_ts,$end_ts,false,$limit,$offset,$group_guid,$region);
+		$count = event_calendar_get_events_between($start_ts,$end_ts,true,$limit,$offset,$container_guid,$region);
+		$events = event_calendar_get_events_between($start_ts,$end_ts,false,$limit,$offset,$container_guid,$region);
 	} else if ($filter == 'open') {
-		$count = event_calendar_get_open_events_between($start_ts,$end_ts,true,$limit,$offset,$group_guid,$region);
-		$events = event_calendar_get_open_events_between($start_ts,$end_ts,false,$limit,$offset,$group_guid,$region);
+		$count = event_calendar_get_open_events_between($start_ts,$end_ts,true,$limit,$offset,$container_guid,$region);
+		$events = event_calendar_get_open_events_between($start_ts,$end_ts,false,$limit,$offset,$container_guid,$region);
 	} else if ($filter == 'friends') {
-		$count = event_calendar_get_events_for_friends_between($start_ts,$end_ts,true,$limit,$offset,$user_guid,$group_guid,$region);
-		$events = event_calendar_get_events_for_friends_between($start_ts,$end_ts,false,$limit,$offset,$user_guid,$group_guid,$region);
+		$count = event_calendar_get_events_for_friends_between($start_ts,$end_ts,true,$limit,$offset,$user_guid,$container_guid,$region);
+		$events = event_calendar_get_events_for_friends_between($start_ts,$end_ts,false,$limit,$offset,$user_guid,$container_guid,$region);
 	} else if ($filter == 'mine') {
-		$count = event_calendar_get_events_for_user_between2($start_ts,$end_ts,true,$limit,$offset,$user_guid,$group_guid,$region);
-		$events = event_calendar_get_events_for_user_between2($start_ts,$end_ts,false,$limit,$offset,$user_guid,$group_guid,$region);
+		$count = event_calendar_get_events_for_user_between2($start_ts,$end_ts,true,$limit,$offset,$user_guid,$container_guid,$region);
+		$events = event_calendar_get_events_for_user_between2($start_ts,$end_ts,false,$limit,$offset,$user_guid,$container_guid,$region);
 	}
 
 	$vars = array(
@@ -1411,8 +1441,11 @@ function event_calendar_generate_listing_params($page_type,$group_guid,$original
 	);
 
 	$content = elgg_view('event_calendar/show_events', $vars);
-
-	$filter_override = elgg_view('event_calendar/filter_menu',$vars);
+	if ($page_type == 'owner') {
+		$filter_override = '';
+	} else {
+		$filter_override = elgg_view('event_calendar/filter_menu',$vars);
+	}
 
 	if ($event_calendar_listing_format == 'paged') {
 		$title = elgg_echo('event_calendar:upcoming_events_title');
@@ -1421,7 +1454,7 @@ function event_calendar_generate_listing_params($page_type,$group_guid,$original
 	}
 
 	$params = array('title' => $title, 'content' => $content, 'filter_override'=>$filter_override);
-
+	elgg_set_ignore_access($access_status);
 	return $params;
 }
 
@@ -1550,7 +1583,18 @@ function event_calendar_handle_menu($event_guid) {
 		//add_submenu_item(elgg_echo('event_calendar:review_requests_title'), $CONFIG->wwwroot . "pg/event_calendar/review_requests/".$event_id, '0eventcalendaradmin');
 	}
 }
+function event_calendar_get_secret_key() {
+	$key_file_name = elgg_get_plugin_setting('ical_auth_file_name','event_calendar');
+	if ($key_file_name && file_exists($key_file_name)) {	
+		$key = (require($key_file_name));
+		
+		return $key['tokenSecretKey'];
+	} else {
+		return FALSE;
+	}
+}
 
 function getLastDayOfMonth($month,$year) {
 	return idate('d', mktime(0, 0, 0, ($month + 1), 0, $year));
 }
+
diff --git a/start.php b/start.php
index 36b82c941..54ab6e296 100644
--- a/start.php
+++ b/start.php
@@ -132,6 +132,7 @@ function event_calendar_url($entity) {
  *  Add group event:   				event_calendar/add/<group_guid>
  *  Review requests:				event_calendar/review_requests/<event_guid>
  *  Display event subscribers:		event_calendar/display_users/<event_guid>
+ *  Events for a user's calendar:	event_calendar/owner/<username>/<start_date>/<display_mode>/<filter_context>/<region>
  *
  * Title is ignored
  *
@@ -215,6 +216,36 @@ function event_calendar_page_handler($page) {
 			}
 			echo event_calendar_get_page_content_list($page_type,$group_guid,$start_date,$display_mode,$filter_mode,$region);
 			break;
+		case 'owner':
+			if (isset($page[1])) {
+				$username = $page[1];
+				$user = get_user_by_username($username);
+				$user_guid = $user->guid;
+				if (isset($page[2])) {
+					$start_date = $page[2];
+					if (isset($page[3])) {
+					$display_mode = $page[3];
+					if (isset($page[4])) {
+						$filter_mode = $page[4];
+						if (isset($page[5])) {
+							$region = $page[5];
+						} else {
+							$region = '';
+						}
+					} else {
+						$filter_mode = '';
+					}
+					} else {
+						$display_mode = '';
+					}
+				} else {
+					$start_date = '';
+				}
+			} else {
+				$group_guid = 0;
+			}
+			echo event_calendar_get_page_content_list($page_type,$user_guid,$start_date,$display_mode,$filter_mode,$region);
+			break;
 		case 'review_requests':
 			gatekeeper();
 			echo event_calendar_get_page_content_review_requests($page[1]);
diff --git a/views/default/settings/event_calendar/edit.php b/views/default/settings/event_calendar/edit.php
index 51bd2c49f..116a58b8a 100644
--- a/views/default/settings/event_calendar/edit.php
+++ b/views/default/settings/event_calendar/edit.php
@@ -364,5 +364,13 @@ $body .= elgg_echo('event_calendar:settings:more_required:title');
 $body .= '<br />';
 $body .= elgg_view('input/radio',array('internalname'=>'params[more_required]','value'=>$event_calendar_more_required,'options'=>$yn_options));
 
+$body .= '<br />';
+
+$ical_auth_file_name = elgg_get_plugin_setting('ical_auth_file_name', 'event_calendar');
+
+$body .= elgg_echo('event_calendar:ical_auth_file_name:title');
+$body .= '<br />';
+$body .= elgg_view('input/text',array('name'=>'params[ical_auth_file_name]','value'=>$ical_auth_file_name, 'class'=>'event-calendar-ical-auth-setting'));
+
 echo $body;
 ?>
\ No newline at end of file
-- 
cgit v1.2.3