Merge pull request #3443 from nextcloud/add-integration-tests-for-dav

Add integration tests for legacy DAV endpoints

2 files changed, 19 insertions, 1 deletions

diff --git a/apps/dav/lib/Connector/LegacyDAVACL.php b/apps/dav/lib/Connector/LegacyDAVACL.php
index d5185ecd03b..46cbb504cce 100644
--- a/apps/dav/lib/Connector/LegacyDAVACL.php
+++ b/apps/dav/lib/Connector/LegacyDAVACL.php
@@ -67,6 +67,7 @@ class LegacyDAVACL extends DavAclPlugin {
 				return new Principal(Principal::UNAUTHENTICATED);
 			}
 		});
-		parent::propFind($propFind, $node);
+
+		return parent::propFind($propFind, $node);
 	}
 }
diff --git a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
index 244394ec6fc..427a3756019 100644
--- a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
+++ b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
@@ -23,6 +23,7 @@
 
 namespace OCA\DAV\Connector\Sabre;
 
+use Sabre\CalDAV\Principal\User;
 use Sabre\DAV\Exception\NotFound;
 use Sabre\DAV\IFile;
 use Sabre\DAV\INode;
@@ -72,4 +73,20 @@ class DavAclPlugin extends \Sabre\DAVACL\Plugin {
 
 		return $access;
 	}
+
+	public function propFind(PropFind $propFind, INode $node) {
+		// If the node is neither readable nor writable then fail unless its of
+		// the standard user-principal
+		if(!($node instanceof User)) {
+			$path = $propFind->getPath();
+			$readPermissions = $this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, false);
+			$writePermissions = $this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, false);
+			if ($readPermissions === false && $writePermissions === false) {
+				$this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, true);
+				$this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, true);
+			}
+		}
+
+		return parent::propFind($propFind, $node);
+	}
 }