From d7161b4eee996554607d0d06da399cd299d8df52 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Fri, 24 Apr 2020 13:31:17 +0200
Subject: [PATCH] Only catch anonymous OPTIONS for Office
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
.../Sabre/AnonymousOptionsPlugin.php | 4 ++--
.../tests/unit/DAV/AnonymousOptionsTest.php | 22 +++++++++++++++++--
2 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php b/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
index 63e57735972..e209f7f1af6 100644
--- a/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
+++ b/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
@@ -67,9 +67,9 @@ class AnonymousOptionsPlugin extends ServerPlugin {
$emptyAuth = $request->getHeader('Authorization') === null
|| $request->getHeader('Authorization') === ''
|| trim($request->getHeader('Authorization')) === 'Bearer';
- $isAnonymousOption = $request->getMethod() === 'OPTIONS' && $emptyAuth;
+ $isAnonymousOfficeOption = $request->getMethod() === 'OPTIONS' && $isOffice && $emptyAuth;
$isOfficeHead = $request->getMethod() === 'HEAD' && $isOffice && $emptyAuth;
- if ($isAnonymousOption || $isOfficeHead) {
+ if ($isAnonymousOfficeOption || $isOfficeHead) {
/** @var CorePlugin $corePlugin */
$corePlugin = $this->server->getPlugin('core');
// setup a fake tree for anonymous access
diff --git a/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php b/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
index 6aabb4845fe..c8940533ab0 100644
--- a/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
+++ b/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
@@ -53,18 +53,36 @@ class AnonymousOptionsTest extends TestCase {
public function testAnonymousOptionsRoot() {
$response = $this->sendRequest('OPTIONS', '');
- $this->assertEquals(200, $response->getStatus());
+ $this->assertEquals(401, $response->getStatus());
}
public function testAnonymousOptionsNonRoot() {
$response = $this->sendRequest('OPTIONS', 'foo');
- $this->assertEquals(200, $response->getStatus());
+ $this->assertEquals(401, $response->getStatus());
}
public function testAnonymousOptionsNonRootSubDir() {
$response = $this->sendRequest('OPTIONS', 'foo/bar');
+ $this->assertEquals(401, $response->getStatus());
+ }
+
+ public function testAnonymousOptionsRootOffice() {
+ $response = $this->sendRequest('OPTIONS', '', 'Microsoft Office does strange things');
+
+ $this->assertEquals(200, $response->getStatus());
+ }
+
+ public function testAnonymousOptionsNonRootOffice() {
+ $response = $this->sendRequest('OPTIONS', 'foo', 'Microsoft Office does strange things');
+
+ $this->assertEquals(200, $response->getStatus());
+ }
+
+ public function testAnonymousOptionsNonRootSubDirOffice() {
+ $response = $this->sendRequest('OPTIONS', 'foo/bar', 'Microsoft Office does strange things');
+
$this->assertEquals(200, $response->getStatus());
}
--
GitLab