Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add check for Lock-Token in request header. #981

Closed
wants to merge 3 commits into from
Closed

Add check for Lock-Token in request header. #981

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8107e5c
Add check for Lock-Token in request header.
Jul 12, 2017
12217a9
add Word2016 unit test.
Jul 12, 2017
02d240e
Updated test filename
Jul 12, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions lib/DAV/Locks/Plugin.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -531,6 +531,21 @@ function validateTokens(RequestInterface $request, &$conditions) {
}

}

//what if Lock-token is not in If header, but in Lock-Token header?
$lockToken = $request->getHeader('Lock-Token');

if($mustLocks && $lockToken) {
$lockToken = str_replace('<opaquelocktoken:', '', $lockToken);
$lockToken = str_replace('>', '', $lockToken);
foreach ($mustLocks as $jj => $mustLock) {
if ($mustLock->token == $lockToken) {
// We have a match!
// Removing this one from mustlocks
unset($mustLocks[$jj]);
}
}
}

// If there's any locks left in the 'mustLocks' array, it means that
// the resource was locked and we must block it.
Expand Down
124 changes: 124 additions & 0 deletions tests/Sabre/DAV/Locks/MSWord2016Test.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
<?php declare (strict_types=1);

namespace Sabre\DAV\Locks;

use Sabre\DAV;
use Sabre\HTTP;

require_once 'Sabre/HTTP/ResponseMock.php';
require_once 'Sabre/TestUtil.php';

class MSWord2016 extends \PHPUnit_Framework_TestCase {

function tearDown() {

\Sabre\TestUtil::clearTempDir();

}

function testLockEtc() {

mkdir(SABRE_TEMPDIR . '/mstest');
$tree = new DAV\FS\Directory(SABRE_TEMPDIR . '/mstest');

$server = new DAV\Server($tree);
$server->debugExceptions = true;
$locksBackend = new Backend\File(SABRE_TEMPDIR . '/locksdb');
$locksPlugin = new Plugin($locksBackend);
$server->addPlugin($locksPlugin);

$response1 = new HTTP\ResponseMock();

$server->httpRequest = $this->getLockRequest();
$server->httpResponse = $response1;
$server->sapi = new HTTP\SapiMock();
$server->exec();

$this->assertEquals(201, $server->httpResponse->getStatus(), 'Full response body:' . $response1->getBodyAsString());
$this->assertTrue(!!$server->httpResponse->getHeaders('Lock-Token'));
$lockToken = $server->httpResponse->getHeader('Lock-Token');

//sleep(10);

$response2 = new HTTP\ResponseMock();

$server->httpRequest = $this->getLockRequest2();
$server->httpResponse = $response2;
$server->exec();

$this->assertEquals(201, $server->httpResponse->status);
$this->assertTrue(!!$server->httpResponse->getHeaders('Lock-Token'));

//sleep(10);

$response3 = new HTTP\ResponseMock();
$server->httpRequest = $this->getPutRequest($lockToken);
$server->httpResponse = $response3;
$server->exec();

$this->assertEquals(204, $server->httpResponse->status);

}

function getLockRequest() {

$request = HTTP\Sapi::createFromServerArray([
'REQUEST_METHOD' => 'LOCK',
'HTTP_CONTENT_TYPE' => 'application/xml',
'HTTP_TIMEOUT' => 'Second-3600',
'REQUEST_URI' => '/Nouveau%20Microsoft%20Office%20Excel%20Worksheet.xlsx',
]);

$request->setBody('<D:lockinfo xmlns:D="DAV:">
<D:lockscope>
<D:exclusive />
</D:lockscope>
<D:locktype>
<D:write />
</D:locktype>
<D:owner>
<D:href>PC-Vista\User</D:href>
</D:owner>
</D:lockinfo>');

return $request;

}
function getLockRequest2() {

$request = HTTP\Sapi::createFromServerArray([
'REQUEST_METHOD' => 'LOCK',
'HTTP_CONTENT_TYPE' => 'application/xml',
'HTTP_TIMEOUT' => 'Second-3600',
'REQUEST_URI' => '/~$Nouveau%20Microsoft%20Office%20Excel%20Worksheet.xlsx',
]);

$request->setBody('<D:lockinfo xmlns:D="DAV:">
<D:lockscope>
<D:exclusive />
</D:lockscope>
<D:locktype>
<D:write />
</D:locktype>
<D:owner>
<D:href>PC-Vista\User</D:href>
</D:owner>
</D:lockinfo>');

return $request;

}

function getPutRequest($lockToken) {

$request = HTTP\Sapi::createFromServerArray([
'REQUEST_METHOD' => 'PUT',
'REQUEST_URI' => '/Nouveau%20Microsoft%20Office%20Excel%20Worksheet.xlsx',
'HTTP_LOCK_TOKEN' => $lockToken,
]);
$request->setBody('FAKE BODY');
return $request;

}

}