Merge pull request #3446 from nextcloud/stable10-add-integration-tests-for-dav

[stable10] Add integration tests for legacy DAV endpoints
author: Lukas Reschke <lukas@statuscode.ch> 2017-02-13 12:11:34 +0300
committer: GitHub <noreply@github.com> 2017-02-13 12:11:34 +0300
commit: 02cccc1fcf020887410e578e9a3dc70eb2db7803 (patch)
tree: 4f081b09ac461e9fae4d14f0015714337139cd85
parent: ee2bd31f65a802c97b5776332f8f6bbf29f84270 (diff)
parent: f123f925da1384d0d86a073c36e74a64ebbacea3 (diff)
8 files changed, 90 insertions, 31 deletions
diff --git a/apps/dav/appinfo/v1/caldav.php b/apps/dav/appinfo/v1/caldav.php
index 8972a481db3..4b43392c3ff 100644
--- a/apps/dav/appinfo/v1/caldav.php
+++ b/apps/dav/appinfo/v1/caldav.php
@@ -64,6 +64,7 @@ $nodes = array(
 
 // Fire up server
 $server = new \Sabre\DAV\Server($nodes);
+$server::$exposeVersion = false;
 $server->httpRequest->setUrl(\OC::$server->getRequest()->getRequestUri());
 $server->setBaseUri($baseuri);
 
diff --git a/apps/dav/appinfo/v1/carddav.php b/apps/dav/appinfo/v1/carddav.php
index e091bd58650..f77ee0391b6 100644
--- a/apps/dav/appinfo/v1/carddav.php
+++ b/apps/dav/appinfo/v1/carddav.php
@@ -66,6 +66,7 @@ $nodes = array(
 
 // Fire up server
 $server = new \Sabre\DAV\Server($nodes);
+$server::$exposeVersion = false;
 $server->httpRequest->setUrl(\OC::$server->getRequest()->getRequestUri());
 $server->setBaseUri($baseuri);
 // Add plugins
diff --git a/apps/dav/lib/Connector/LegacyDAVACL.php b/apps/dav/lib/Connector/LegacyDAVACL.php
index 83b08ec44fb..a5281d36c4a 100644
--- a/apps/dav/lib/Connector/LegacyDAVACL.php
+++ b/apps/dav/lib/Connector/LegacyDAVACL.php
@@ -82,6 +82,7 @@ class LegacyDAVACL extends DavAclPlugin {
 				return new Principal(Principal::UNAUTHENTICATED);
 			}
 		});
-		parent::propFind($propFind, $node);
+
+		return parent::propFind($propFind, $node);
 	}
 }
diff --git a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
index 6b6d7893262..c56766ff650 100644
--- a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
+++ b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php
@@ -23,6 +23,7 @@
 
 namespace OCA\DAV\Connector\Sabre;
 
+use Sabre\CalDAV\Principal\User;
 use Sabre\DAV\Exception\NotFound;
 use Sabre\DAV\IFile;
 use Sabre\DAV\INode;
@@ -71,4 +72,20 @@ class DavAclPlugin extends \Sabre\DAVACL\Plugin {
 
 		return $access;
 	}
+
+	public function propFind(PropFind $propFind, INode $node) {
+		// If the node is neither readable nor writable then fail unless its of
+		// the standard user-principal
+		if(!($node instanceof User)) {
+			$path = $propFind->getPath();
+			$readPermissions = $this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, false);
+			$writePermissions = $this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, false);
+			if ($readPermissions === false && $writePermissions === false) {
+				$this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, true);
+				$this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, true);
+			}
+		}
+
+		return parent::propFind($propFind, $node);
+	}
 }
diff --git a/build/integration/features/bootstrap/CalDavContext.php b/build/integration/features/bootstrap/CalDavContext.php
index 5db56f0fe7a..cae0089875f 100644
--- a/build/integration/features/bootstrap/CalDavContext.php
+++ b/build/integration/features/bootstrap/CalDavContext.php
@@ -72,16 +72,18 @@ class CalDavContext implements \Behat\Behat\Context\Context {
 	}
 
 	/**
-	 * @When :user requests calendar :calendar
+	 * @When :user requests calendar :calendar on the endpoint :endpoint
 	 * @param string $user
 	 * @param string $calendar
+	 * @param string $endpoint
 	 */
-	public function requestsCalendar($user, $calendar)  {
-		$davUrl = $this->baseUrl . '/remote.php/dav/calendars/'.$calendar;
+	public function requestsCalendar($user, $calendar, $endpoint)  {
+		$davUrl = $this->baseUrl . $endpoint . $calendar;
 
 		$password = ($user === 'admin') ? 'admin' : '123456';
 		try {
-			$this->response = $this->client->get(
+			$request = $this->client->createRequest(
+				'PROPFIND',
 				$davUrl,
 				[
 					'auth' => [
@@ -90,6 +92,7 @@ class CalDavContext implements \Behat\Behat\Context\Context {
 					]
 				]
 			);
+			$this->response = $this->client->send($request);
 		} catch (\GuzzleHttp\Exception\ClientException $e) {
 			$this->response = $e->getResponse();
 		}
diff --git a/build/integration/features/bootstrap/CardDavContext.php b/build/integration/features/bootstrap/CardDavContext.php
index bfdd51bfdb0..f340548879c 100644
--- a/build/integration/features/bootstrap/CardDavContext.php
+++ b/build/integration/features/bootstrap/CardDavContext.php
@@ -72,20 +72,21 @@ class CardDavContext implements \Behat\Behat\Context\Context {
 		} catch (\GuzzleHttp\Exception\ClientException $e) {}
 	}
 
-
 	/**
-	 * @When :user requests addressbook :addressBook with statuscode :statusCode
+	 * @When :user requests addressbook :addressBook with statuscode :statusCode on the endpoint :endpoint
 	 * @param string $user
 	 * @param string $addressBook
 	 * @param int $statusCode
+	 * @param string $endpoint
 	 * @throws \Exception
 	 */
-	public function requestsAddressbookWithStatuscode($user, $addressBook, $statusCode) {
-		$davUrl = $this->baseUrl . '/remote.php/dav/addressbooks/users/'.$addressBook;
+	public function requestsAddressbookWithStatuscodeOnTheEndpoint($user, $addressBook, $statusCode, $endpoint) {
+		$davUrl = $this->baseUrl . $endpoint . $addressBook;
 
 		$password = ($user === 'admin') ? 'admin' : '123456';
 		try {
-			$this->response = $this->client->get(
+			$request = $this->client->createRequest(
+				'PROPFIND',
 				$davUrl,
 				[
 					'auth' => [
@@ -94,6 +95,7 @@ class CardDavContext implements \Behat\Behat\Context\Context {
 					],
 				]
 			);
+			$this->response = $this->client->send($request);
 		} catch (\GuzzleHttp\Exception\ClientException $e) {
 			$this->response = $e->getResponse();
 		}
diff --git a/build/integration/features/caldav.feature b/build/integration/features/caldav.feature
index 948151485db..5c3983fc40b 100644
--- a/build/integration/features/caldav.feature
+++ b/build/integration/features/caldav.feature
@@ -1,31 +1,52 @@
 Feature: caldav
   Scenario: Accessing a not existing calendar of another user
     Given user "user0" exists
-    When "admin" requests calendar "user0/MyCalendar"
+    When "admin" requests calendar "user0/MyCalendar" on the endpoint "/remote.php/dav/calendars/"
     Then The CalDAV HTTP status code should be "404"
     And The exception is "Sabre\DAV\Exception\NotFound"
     And The error message is "Node with name 'MyCalendar' could not be found"
 
-  # Blocked by https://github.com/php/php-src/pull/1417
-  #Scenario: Accessing a not shared calendar of another user
-  #  Given user "user0" exists
-  #  Given "admin" creates a calendar named "MyCalendar"
-  #  Given The CalDAV HTTP status code should be "201"
-  #  When "user0" requests calendar "admin/MyCalendar"
-  #  Then The CalDAV HTTP status code should be "404"
-  #  And The exception is "Sabre\DAV\Exception\NotFound"
-  #  And The error message is "Node with name 'MyCalendar' could not be found"
+  Scenario: Accessing a not shared calendar of another user
+    Given user "user0" exists
+    Given "admin" creates a calendar named "MyCalendar"
+    Given The CalDAV HTTP status code should be "201"
+    When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/"
+    Then The CalDAV HTTP status code should be "404"
+    And The exception is "Sabre\DAV\Exception\NotFound"
+    And The error message is "Node with name 'MyCalendar' could not be found"
+
+  Scenario: Accessing a not shared calendar of another user via the legacy endpoint
+    Given user "user0" exists
+    Given "admin" creates a calendar named "MyCalendar"
+    Given The CalDAV HTTP status code should be "201"
+    When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/caldav/calendars/"
+    Then The CalDAV HTTP status code should be "404"
+    And The exception is "Sabre\DAV\Exception\NotFound"
+    And The error message is "Node with name 'MyCalendar' could not be found"
+
+  Scenario: Accessing a not existing calendar of another user
+    Given user "user0" exists
+    When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/"
+    Then The CalDAV HTTP status code should be "404"
+    And The exception is "Sabre\DAV\Exception\NotFound"
+    And The error message is "Node with name 'MyCalendar' could not be found"
+
+  Scenario: Accessing a not existing calendar of another user via the legacy endpoint
+    Given user "user0" exists
+    When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/caldav/calendars/"
+    Then The CalDAV HTTP status code should be "404"
+    And The exception is "Sabre\DAV\Exception\NotFound"
+    And The error message is "Node with name 'MyCalendar' could not be found"
 
   Scenario: Accessing a not existing calendar of myself
     Given user "user0" exists
-    When "user0" requests calendar "admin/MyCalendar"
+    When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/"
     Then The CalDAV HTTP status code should be "404"
     And The exception is "Sabre\DAV\Exception\NotFound"
     And The error message is "Node with name 'MyCalendar' could not be found"
 
-  # Blocked by https://github.com/php/php-src/pull/1417
-  #Scenario: Creating a new calendar
-  #  When "admin" creates a calendar named "MyCalendar"
-  #  Then The CalDAV HTTP status code should be "201"
-  #  And "admin" requests calendar "admin/MyCalendar"
-  #  Then The CalDAV HTTP status code should be "200"
+  Scenario: Creating a new calendar
+    When "admin" creates a calendar named "MyCalendar"
+    Then The CalDAV HTTP status code should be "201"
+    And "admin" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/"
+    Then The CalDAV HTTP status code should be "207"
diff --git a/build/integration/features/carddav.feature b/build/integration/features/carddav.feature
index ee9d877085d..648f3d8f4ba 100644
--- a/build/integration/features/carddav.feature
+++ b/build/integration/features/carddav.feature
@@ -1,23 +1,36 @@
 Feature: carddav
   Scenario: Accessing a not existing addressbook of another user
     Given user "user0" exists
-    When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404"
+    When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"
     And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
     And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"
 
   Scenario: Accessing a not shared addressbook of another user
     Given user "user0" exists
     Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"
-    When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404"
+    When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"
+    And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
+    And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"
+
+  Scenario: Accessing a not existing addressbook of another user via legacy endpoint
+    Given user "user0" exists
+    When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/"
+    And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
+    And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"
+
+  Scenario: Accessing a not shared addressbook of another user via legacy endpoint
+    Given user "user0" exists
+    Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"
+    When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/"
     And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
     And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"
 
   Scenario: Accessing a not existing addressbook of myself
     Given user "user0" exists
-    When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404"
+    When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"
     And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
     And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"
 
   Scenario: Creating a new addressbook
     When "admin" creates an addressbook named "MyAddressbook" with statuscode "201"
-    Then "admin" requests addressbook "admin/MyAddressbook" with statuscode "200"
+    Then "admin" requests addressbook "admin/MyAddressbook" with statuscode "207" on the endpoint "/remote.php/dav/addressbooks/users/"
author	Lukas Reschke <lukas@statuscode.ch>	2017-02-13 12:11:34 +0300
committer	GitHub <noreply@github.com>	2017-02-13 12:11:34 +0300
commit	02cccc1fcf020887410e578e9a3dc70eb2db7803 (patch)
tree	4f081b09ac461e9fae4d14f0015714337139cd85
parent	ee2bd31f65a802c97b5776332f8f6bbf29f84270 (diff)
parent	f123f925da1384d0d86a073c36e74a64ebbacea3 (diff)