Request to edit non-existing user by authorized (admin) user sends statuscode 401 (unauthorized) #38423
Description
Request to edit non-existing user by admin user responds with statuscode 401 unauthorized
and ocs statuscode 997
curl -u admin:admin -X PUT http://localhost/core/ocs/v1.php/cloud/users/non-existing \
-d key="email" -d value="example@mail.com" -v> PUT /core/ocs/v1.php/cloud/users/non-existing HTTP/1.1
> Host: localhost
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.68.0
> Accept: */*
> Content-Length: 32
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 32 out of 32 bytes
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< Date: Wed, 17 Feb 2021 10:30:44 GMT
< Server: Apache/2.4.41 (Ubuntu)
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 0
< X-Robots-Tag: none
< X-Frame-Options: SAMEORIGIN
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Set-Cookie: ocd3fn3x61nb=hc44gcifptdipiuqrtblpih5sc; path=/core; HttpOnly
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< Set-Cookie: oc_sessionPassphrase=nfUDLpFNps7YoepKNOHcCoBqUh8GUAqdIRI8dFCe7Ds%2FrPCoR%2FKSTABRd%2FRTByWh3xMCcsGHjV8zMDU%2FN08pvkYxSaudftqLWYp6u4YHiWG2%2FsYc3CXRdlxW6eLMn05l; path=/core; HttpOnly; SameSite=strict
< Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
< Set-Cookie: ocd3fn3x61nb=6bj8hvme756nr8doujvkmri0ug; path=/core; HttpOnly
< Set-Cookie: cookie_test=test; expires=Wed, 17-Feb-2021 11:30:44 GMT; Max-Age=3600
< Set-Cookie: oc_username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/core; HttpOnly
< Set-Cookie: oc_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/core; HttpOnly
< Set-Cookie: oc_remember_login=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/core; HttpOnly
< Set-Cookie: oc_username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/core/; HttpOnly
< Set-Cookie: oc_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/core/; HttpOnly
< Set-Cookie: oc_remember_login=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/core/; HttpOnly
< Set-Cookie: ocd3fn3x61nb=b313be3e7ti19nfbh8vi8s2350; path=/core; HttpOnly
< Set-Cookie: ocd3fn3x61nb=n885quqkr6u6qpe7b84ool80eh; path=/core; HttpOnly
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic realm="Authorisation Required"
< Content-Length: 132
< Content-Type: text/xml; charset=UTF-8
<
<?xml version="1.0"?>
<ocs>
<meta>
<status>failure</status>
<statuscode>997</statuscode>
<message/>
</meta>
<data/>
</ocs>
Expected behaviour
As per oC documentation: https://doc.owncloud.com/server/10.5/developer_manual/core/apis/provisioning-api.html#edit-user
v1 - ocs statuscode shoulde be 101
v1 - http statuscode should be 200
v2 - ocs statuscode shoulde be 404
v2 - http statuscode should be 404
Actual behaviour
v1 & v2 - ocs statuscode is 997
v1 & v2 - http statuscode is 401
Server configuration
ownCloud 10.6.1 alpha (git)