Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent panic on /remote.php/dav/files/ #1320

Merged
merged 13 commits into from
Nov 25, 2020
Merged

Prevent panic on /remote.php/dav/files/ #1320

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
23783b1
avoid panic on /remote.php/dav/files/
refs Nov 13, 2020
370830e
Merge branch 'master' into dav-files-unimplemented
refs Nov 24, 2020
24bf5c4
contain changes only to ocdav.go
refs Nov 24, 2020
b8222bd
enhance xml error response
refs Nov 24, 2020
f02d7ab
fix linter
refs Nov 24, 2020
b6a59b9
adjust expected scenario
refs Nov 24, 2020
f972f66
add changelog
refs Nov 24, 2020
5c0cef9
error check write operation
refs Nov 24, 2020
3cf4e25
Merge branch 'master' into dav-files-unimplemented
refs Nov 24, 2020
392ea67
undo [tests-only]
refs Nov 24, 2020
c777d6f
move block from propfind -> dav
refs Nov 24, 2020
251c49f
remove expected to fail scenario
refs Nov 24, 2020
0f5f818
delete apiShareWebdavOperations-propfind.feature
refs Nov 25, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions internal/grpc/services/gateway/storageprovider.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1315,6 +1315,13 @@ func (s *svc) Stat(ctx context.Context, req *provider.StatRequest) (*provider.St
return s.statHome(ctx)
}

// webdav endpoint is called without a path. i.e: /remote.php/dav/files
if len(strings.Split(req.Ref.GetPath(), "/")) == 2 {
return &provider.StatResponse{
Status: status.NewUnimplemented(ctx, nil, "method not allowed"),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A storage provider determines if the listing of the root folder is allowed based on permissions, not the gateway ...

}, nil
}

if s.isSharedFolder(ctx, p) {
return s.statSharesFolder(ctx)
}
Expand Down
4 changes: 4 additions & 0 deletions internal/http/services/owncloud/ocdav/propfind.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,10 @@ func (s *svc) handlePropfind(w http.ResponseWriter, r *http.Request, ns string)
case rpc.Code_CODE_PERMISSION_DENIED:
log.Debug().Str("path", fn).Interface("status", res.Status).Msg("permission denied")
w.WriteHeader(http.StatusMultiStatus)
// TODO this is not a correct mapping. A new code SHOULD be added to the cs3apis.
case rpc.Code_CODE_UNIMPLEMENTED:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should check if the username is missing only in the ocs api. no need to push these quirks into storage providers or the cs3 api.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agree, will contain the changes to ocdav only

log.Debug().Str("path", fn).Interface("status", res.Status).Msg("method not allowed")
w.WriteHeader(http.StatusMethodNotAllowed)
default:
log.Error().Str("path", fn).Interface("status", res.Status).Msg("grpc stat request failed")
w.WriteHeader(http.StatusInternalServerError)
Expand Down