COPY a file into same folder with same name returns 204 instead of 403

[saw-jan]

In oCIS

curl -X COPY -u admin:admin https://localhost:9200/remote.php/webdav/parent.txt \
-H "Destination: https://localhost:9200/remote.php/webdav/parent.txt" -v

Response

> COPY /remote.php/webdav/parent.txt HTTP/1.1
> Host: localhost:9200
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.68.0
> Accept: */*
> Destination: https://localhost:9200/remote.php/webdav/parent.txt
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Mark bundle as not supporting multiuse
< HTTP/1.1 204 No Content
< Access-Control-Allow-Origin: *
< Content-Security-Policy: default-src 'none';
< Date: Wed, 28 Apr 2021 05:14:03 GMT
< Vary: Origin
< X-Content-Type-Options: nosniff
< X-Download-Options: noopen
< X-Frame-Options: SAMEORIGIN
< X-Permitted-Cross-Domain-Policies: none
< X-Robots-Tag: none
< X-Xss-Protection: 1; mode=block

In oC10

curl -X COPY -u admin:admin http://localhost/core/remote.php/webdav/parent.txt \
-H "Destination: http://localhost/core/remote.php/webdav/parent.txt" -v

Response

> COPY /core/remote.php/webdav/parent.txt HTTP/1.1
> Host: localhost
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.68.0
> Accept: */*
> Destination: http://localhost/core/remote.php/webdav/parent.txt
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 403 Forbidden
< Date: Wed, 28 Apr 2021 05:08:54 GMT
< Server: Apache/2.4.41 (Ubuntu)
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 0
< X-Robots-Tag: none
< X-Frame-Options: SAMEORIGIN
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Set-Cookie: ocjtwb0rhxgi=92uqe4quesp5daoc8706ajc46k; path=/core; HttpOnly; SameSite=Strict
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< Set-Cookie: oc_sessionPassphrase=iOXvB5YyFU0aYROLIjX%2FxUb90kaoe8YP1OcCguMIpI3IBeuZn7YaqN51HQJh39Xkp3xTJgQf8BFoL1gUSDc8aUmlZWnrEqvFfAY3ZUezXlStV7MqvgVpn55fCb5XWFCM; path=/core; HttpOnly; SameSite=Strict
< Content-Security-Policy: default-src 'none';
< Set-Cookie: ocjtwb0rhxgi=anq8jvbfccrj1tci9t4547ju1p; path=/core; HttpOnly; SameSite=Strict
< Set-Cookie: cookie_test=test; expires=Wed, 28-Apr-2021 06:08:54 GMT; Max-Age=3600
< Content-Length: 234
< Content-Type: application/xml; charset=utf-8
< 
<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
  <s:exception>Sabre\DAV\Exception\Forbidden</s:exception>
  <s:message>Source and destination uri are identical.</s:message>
</d:error>

[phil-davis]

I wonder what is correct in that situation? Copying an existing file to itself is a NOOP (the file already there with its correct content!), so maybe 204 is a reasonable status?

Anyone got an opinion?

[ScharfViktor]

re-tested with local server oCIS version 1.11.0

curl -X COPY -u admin:admin https://localhost:9200/remote.php/webdav/one.txt -H "Destination: https://localhost:9200/remote.php/webdav/one.txt" -vk gets server error and move file to trash

ERR error executing path copy error="status code 6" depth=infinity dst=/home/one.txt pkg=rhttp service=storage src=/home/one.txt 2021/09/08 14:39:09 http: superfluous response.WriteHeader call from github.com/cs3org/reva/internal/http/interceptors/log.(*responseLogger).WriteHeader (log.go:154) 2021-09-08T14:39:09+02:00 INF access-log bytes=0 duration=63.251375 method=COPY path=/remote.php/webdav/one.txt proto=HTTP/1.1 remote-addr=[::1]:54193 request=Viktors-Air/DPuVAjlGlE-000536 service=proxy status=500

the next method call gives a 404 as the file no longer exists

[saw-jan]

Yeah,
Now in oCIS, copying to same path gives 500 Internal Server Error

curl -X COPY -u admin:admin https://localhost:9200/remote.php/webdav/parent.txt \ 
-H "Destination: https://localhost:9200/remote.php/webdav/parent.txt" -vk

*   Trying 127.0.0.1:9200...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 9200 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: O=Acme Corp; CN=OCIS
*  start date: Sep 16 04:23:07 2021 GMT
*  expire date: Sep 16 04:23:07 2022 GMT
*  issuer: O=Acme Corp; CN=OCIS
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Server auth using Basic with user 'admin'
> COPY /remote.php/webdav/parent.txt HTTP/1.1
> Host: localhost:9200
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.68.0
> Accept: */*
> Destination: https://localhost:9200/remote.php/webdav/parent.txt
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Mark bundle as not supporting multiuse
< HTTP/1.1 500 Internal Server Error
< Access-Control-Allow-Origin: *
< Content-Length: 0
< Content-Security-Policy: default-src 'none';
< Date: Thu, 16 Sep 2021 05:23:15 GMT
< Vary: Origin
< X-Content-Type-Options: nosniff
< X-Download-Options: noopen
< X-Frame-Options: SAMEORIGIN
< X-Permitted-Cross-Domain-Policies: none
< X-Robots-Tag: none
< X-Xss-Protection: 1; mode=block

[saw-jan]

re-tested with oCIS 1.19.1, still relevant

[amrita-shrestha]

re-tested with ocis 3.1.0-rc.1+bae37cf20b, gives HTTP status 204 (old,new,spaces)
cc @ScharfViktor what is correct behavior?