diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2017-02-10 14:01:26 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2017-02-10 16:18:04 +0100 |
| commit | 929648ce2c9d91d836a6edb121d563f46b8fc2b0 (patch) | |
| tree | 05525c2c4b9534f3adf92627bb21008c4e1fcb52 | |
| parent | b4ade766656a2032f33d56eb4a0f17bb128af722 (diff) | |
| download | nextcloud-server-929648ce2c9d91d836a6edb121d563f46b8fc2b0.tar.gz nextcloud-server-929648ce2c9d91d836a6edb121d563f46b8fc2b0.zip | |
Add integration tests for legacy DAV endpoints
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
| -rw-r--r-- | apps/dav/appinfo/v1/caldav.php | 1 | ||||
| -rw-r--r-- | apps/dav/appinfo/v1/carddav.php | 1 | ||||
| -rw-r--r-- | apps/dav/lib/Connector/LegacyDAVACL.php | 3 | ||||
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/DavAclPlugin.php | 17 | ||||
| -rw-r--r-- | build/integration/features/bootstrap/CalDavContext.php | 11 | ||||
| -rw-r--r-- | build/integration/features/bootstrap/CardDavContext.php | 12 | ||||
| -rw-r--r-- | build/integration/features/caldav.feature | 55 | ||||
| -rw-r--r-- | build/integration/features/carddav.feature | 21 |
8 files changed, 90 insertions, 31 deletions
diff --git a/apps/dav/appinfo/v1/caldav.php b/apps/dav/appinfo/v1/caldav.php index f524c47a821..7f2ff2b37da 100644 --- a/apps/dav/appinfo/v1/caldav.php +++ b/apps/dav/appinfo/v1/caldav.php @@ -67,6 +67,7 @@ $nodes = array( // Fire up server $server = new \Sabre\DAV\Server($nodes); +$server::$exposeVersion = false; $server->httpRequest->setUrl(\OC::$server->getRequest()->getRequestUri()); $server->setBaseUri($baseuri); diff --git a/apps/dav/appinfo/v1/carddav.php b/apps/dav/appinfo/v1/carddav.php index b70045d420b..04344e83fde 100644 --- a/apps/dav/appinfo/v1/carddav.php +++ b/apps/dav/appinfo/v1/carddav.php @@ -66,6 +66,7 @@ $nodes = array( // Fire up server $server = new \Sabre\DAV\Server($nodes); +$server::$exposeVersion = false; $server->httpRequest->setUrl(\OC::$server->getRequest()->getRequestUri()); $server->setBaseUri($baseuri); // Add plugins diff --git a/apps/dav/lib/Connector/LegacyDAVACL.php b/apps/dav/lib/Connector/LegacyDAVACL.php index d5185ecd03b..46cbb504cce 100644 --- a/apps/dav/lib/Connector/LegacyDAVACL.php +++ b/apps/dav/lib/Connector/LegacyDAVACL.php @@ -67,6 +67,7 @@ class LegacyDAVACL extends DavAclPlugin { return new Principal(Principal::UNAUTHENTICATED); } }); - parent::propFind($propFind, $node); + + return parent::propFind($propFind, $node); } } diff --git a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php index 244394ec6fc..427a3756019 100644 --- a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php +++ b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php @@ -23,6 +23,7 @@ namespace OCA\DAV\Connector\Sabre; +use Sabre\CalDAV\Principal\User; use Sabre\DAV\Exception\NotFound; use Sabre\DAV\IFile; use Sabre\DAV\INode; @@ -72,4 +73,20 @@ class DavAclPlugin extends \Sabre\DAVACL\Plugin { return $access; } + + public function propFind(PropFind $propFind, INode $node) { + // If the node is neither readable nor writable then fail unless its of + // the standard user-principal + if(!($node instanceof User)) { + $path = $propFind->getPath(); + $readPermissions = $this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, false); + $writePermissions = $this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, false); + if ($readPermissions === false && $writePermissions === false) { + $this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, true); + $this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, true); + } + } + + return parent::propFind($propFind, $node); + } } diff --git a/build/integration/features/bootstrap/CalDavContext.php b/build/integration/features/bootstrap/CalDavContext.php index 5db56f0fe7a..cae0089875f 100644 --- a/build/integration/features/bootstrap/CalDavContext.php +++ b/build/integration/features/bootstrap/CalDavContext.php @@ -72,16 +72,18 @@ class CalDavContext implements \Behat\Behat\Context\Context { } /** - * @When :user requests calendar :calendar + * @When :user requests calendar :calendar on the endpoint :endpoint * @param string $user * @param string $calendar + * @param string $endpoint */ - public function requestsCalendar($user, $calendar) { - $davUrl = $this->baseUrl . '/remote.php/dav/calendars/'.$calendar; + public function requestsCalendar($user, $calendar, $endpoint) { + $davUrl = $this->baseUrl . $endpoint . $calendar; $password = ($user === 'admin') ? 'admin' : '123456'; try { - $this->response = $this->client->get( + $request = $this->client->createRequest( + 'PROPFIND', $davUrl, [ 'auth' => [ @@ -90,6 +92,7 @@ class CalDavContext implements \Behat\Behat\Context\Context { ] ] ); + $this->response = $this->client->send($request); } catch (\GuzzleHttp\Exception\ClientException $e) { $this->response = $e->getResponse(); } diff --git a/build/integration/features/bootstrap/CardDavContext.php b/build/integration/features/bootstrap/CardDavContext.php index 4ee882cc2e6..2dce688ab85 100644 --- a/build/integration/features/bootstrap/CardDavContext.php +++ b/build/integration/features/bootstrap/CardDavContext.php @@ -72,20 +72,21 @@ class CardDavContext implements \Behat\Behat\Context\Context { } catch (\GuzzleHttp\Exception\ClientException $e) {} } - /** - * @When :user requests addressbook :addressBook with statuscode :statusCode + * @When :user requests addressbook :addressBook with statuscode :statusCode on the endpoint :endpoint * @param string $user * @param string $addressBook * @param int $statusCode + * @param string $endpoint * @throws \Exception */ - public function requestsAddressbookWithStatuscode($user, $addressBook, $statusCode) { - $davUrl = $this->baseUrl . '/remote.php/dav/addressbooks/users/'.$addressBook; + public function requestsAddressbookWithStatuscodeOnTheEndpoint($user, $addressBook, $statusCode, $endpoint) { + $davUrl = $this->baseUrl . $endpoint . $addressBook; $password = ($user === 'admin') ? 'admin' : '123456'; try { - $this->response = $this->client->get( + $request = $this->client->createRequest( + 'PROPFIND', $davUrl, [ 'auth' => [ @@ -94,6 +95,7 @@ class CardDavContext implements \Behat\Behat\Context\Context { ], ] ); + $this->response = $this->client->send($request); } catch (\GuzzleHttp\Exception\ClientException $e) { $this->response = $e->getResponse(); } diff --git a/build/integration/features/caldav.feature b/build/integration/features/caldav.feature index 948151485db..5c3983fc40b 100644 --- a/build/integration/features/caldav.feature +++ b/build/integration/features/caldav.feature @@ -1,31 +1,52 @@ Feature: caldav Scenario: Accessing a not existing calendar of another user Given user "user0" exists - When "admin" requests calendar "user0/MyCalendar" + When "admin" requests calendar "user0/MyCalendar" on the endpoint "/remote.php/dav/calendars/" Then The CalDAV HTTP status code should be "404" And The exception is "Sabre\DAV\Exception\NotFound" And The error message is "Node with name 'MyCalendar' could not be found" - # Blocked by https://github.com/php/php-src/pull/1417 - #Scenario: Accessing a not shared calendar of another user - # Given user "user0" exists - # Given "admin" creates a calendar named "MyCalendar" - # Given The CalDAV HTTP status code should be "201" - # When "user0" requests calendar "admin/MyCalendar" - # Then The CalDAV HTTP status code should be "404" - # And The exception is "Sabre\DAV\Exception\NotFound" - # And The error message is "Node with name 'MyCalendar' could not be found" + Scenario: Accessing a not shared calendar of another user + Given user "user0" exists + Given "admin" creates a calendar named "MyCalendar" + Given The CalDAV HTTP status code should be "201" + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/" + Then The CalDAV HTTP status code should be "404" + And The exception is "Sabre\DAV\Exception\NotFound" + And The error message is "Node with name 'MyCalendar' could not be found" + + Scenario: Accessing a not shared calendar of another user via the legacy endpoint + Given user "user0" exists + Given "admin" creates a calendar named "MyCalendar" + Given The CalDAV HTTP status code should be "201" + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/caldav/calendars/" + Then The CalDAV HTTP status code should be "404" + And The exception is "Sabre\DAV\Exception\NotFound" + And The error message is "Node with name 'MyCalendar' could not be found" + + Scenario: Accessing a not existing calendar of another user + Given user "user0" exists + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/" + Then The CalDAV HTTP status code should be "404" + And The exception is "Sabre\DAV\Exception\NotFound" + And The error message is "Node with name 'MyCalendar' could not be found" + + Scenario: Accessing a not existing calendar of another user via the legacy endpoint + Given user "user0" exists + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/caldav/calendars/" + Then The CalDAV HTTP status code should be "404" + And The exception is "Sabre\DAV\Exception\NotFound" + And The error message is "Node with name 'MyCalendar' could not be found" Scenario: Accessing a not existing calendar of myself Given user "user0" exists - When "user0" requests calendar "admin/MyCalendar" + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/" Then The CalDAV HTTP status code should be "404" And The exception is "Sabre\DAV\Exception\NotFound" And The error message is "Node with name 'MyCalendar' could not be found" - # Blocked by https://github.com/php/php-src/pull/1417 - #Scenario: Creating a new calendar - # When "admin" creates a calendar named "MyCalendar" - # Then The CalDAV HTTP status code should be "201" - # And "admin" requests calendar "admin/MyCalendar" - # Then The CalDAV HTTP status code should be "200" + Scenario: Creating a new calendar + When "admin" creates a calendar named "MyCalendar" + Then The CalDAV HTTP status code should be "201" + And "admin" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/" + Then The CalDAV HTTP status code should be "207" diff --git a/build/integration/features/carddav.feature b/build/integration/features/carddav.feature index 4fbe403c7db..9432130066e 100644 --- a/build/integration/features/carddav.feature +++ b/build/integration/features/carddav.feature @@ -1,26 +1,39 @@ Feature: carddav Scenario: Accessing a not existing addressbook of another user Given user "user0" exists - When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" + When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/" And The CardDAV exception is "Sabre\DAV\Exception\NotFound" And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" Scenario: Accessing a not shared addressbook of another user Given user "user0" exists Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201" - When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" + When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/" + And The CardDAV exception is "Sabre\DAV\Exception\NotFound" + And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" + + Scenario: Accessing a not existing addressbook of another user via legacy endpoint + Given user "user0" exists + When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/" + And The CardDAV exception is "Sabre\DAV\Exception\NotFound" + And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" + + Scenario: Accessing a not shared addressbook of another user via legacy endpoint + Given user "user0" exists + Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201" + When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/" And The CardDAV exception is "Sabre\DAV\Exception\NotFound" And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" Scenario: Accessing a not existing addressbook of myself Given user "user0" exists - When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" + When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/" And The CardDAV exception is "Sabre\DAV\Exception\NotFound" And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" Scenario: Creating a new addressbook When "admin" creates an addressbook named "MyAddressbook" with statuscode "201" - Then "admin" requests addressbook "admin/MyAddressbook" with statuscode "200" + Then "admin" requests addressbook "admin/MyAddressbook" with statuscode "207" on the endpoint "/remote.php/dav/addressbooks/users/" Scenario: Accessing ones own contact Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201" |