*/
private function auth(RequestInterface $request, ResponseInterface $response) {
if (\OC_User::handleApacheAuth() ||
- ($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED)))
+ //Fix for broken webdav clients
+ ($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
+ //Well behaved clients that only send the cookie are allowed
+ ($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
) {
$user = $this->userSession->getUser()->getUID();
\OC_Util::setupFS($user);
namespace OCA\DAV\Tests\Unit\Connector\Sabre;
+use OCP\IUser;
use Test\TestCase;
use OCP\ISession;
use OCP\IUserSession;
* Class Auth
*
* @package OCA\DAV\Connector\Sabre
+ * @group DB
*/
class Auth extends TestCase {
/** @var ISession */
$httpResponse = $this->getMockBuilder('\Sabre\HTTP\ResponseInterface')
->disableOriginalConstructor()
->getMock();
+ /** @var IUser */
+ $user = $this->getMock('OCP\IUser');
+ $user->method('getUID')->willReturn('MyTestUser');
$this->userSession
->expects($this->any())
->method('isLoggedIn')
->will($this->returnValue(true));
+ $this->userSession
+ ->expects($this->any())
+ ->method('getUser')
+ ->willReturn($user);
$this->session
- ->expects($this->once())
+ ->expects($this->atLeastOnce())
->method('get')
->with('AUTHENTICATED_TO_DAV_BACKEND')
->will($this->returnValue('MyTestUser'));
$httpRequest
- ->expects($this->once())
+ ->expects($this->atLeastOnce())
->method('getHeader')
->with('Authorization')
->will($this->returnValue(null));
- $this->auth->check($httpRequest, $httpResponse);
+ $this->assertEquals(
+ [true, 'principals/users/MyTestUser'],
+ $this->auth->check($httpRequest, $httpResponse)
+ );
}
public function testAuthenticateValidCredentials() {
projects / nextcloud-server.git / commitdiff