sigoden · sigoden · Jan 11, 2024 · Jan 11, 2024
diff --git a/src/server.rs b/src/server.rs
@@ -374,12 +374,13 @@ impl Server {
             method => match method.as_str() {
                 "PROPFIND" => {
                     if is_dir {
-                        let access_paths = if access_paths.perm().inherit() {
-                            // see https://github.com/sigoden/dufs/issues/229
-                            AccessPaths::new(AccessPerm::ReadOnly)
-                        } else {
-                            access_paths
-                        };
+                        let access_paths =
+                            if access_paths.perm().inherit() && authorization.is_none() {
+                                // see https://github.com/sigoden/dufs/issues/229
+                                AccessPaths::new(AccessPerm::ReadOnly)
+                            } else {
+                                access_paths
+                            };
                         self.handle_propfind_dir(path, headers, access_paths, &mut res)
                             .await?;
                     } else if is_file {

diff --git a/tests/auth.rs b/tests/auth.rs
@@ -271,7 +271,7 @@ fn auth_partial_index(
 
 #[rstest]
 fn no_auth_propfind_dir(
-    #[with(&["--auth", "user:pass@/:rw", "--auth", "@/dir-assets", "-A"])] server: TestServer,
+    #[with(&["--auth", "admin:admin@/:rw", "--auth", "@/dir-assets", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
     let resp = fetch!(b"PROPFIND", server.url()).send()?;
     assert_eq!(resp.status(), 207);
@@ -281,6 +281,19 @@ fn no_auth_propfind_dir(
     Ok(())
 }
 
+#[rstest]
+fn auth_propfind_dir(
+    #[with(&["--auth", "admin:admin@/:rw", "--auth", "user:pass@/dir-assets", "-A"])]
+    server: TestServer,
+) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", server.url()).send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 207);
+    let body = resp.text()?;
+    assert!(body.contains("<D:href>/dir-assets/</D:href>"));
+    assert!(!body.contains("<D:href>/dir1/</D:href>"));
+    Ok(())
+}
+
 #[rstest]
 fn auth_data(
     #[with(&["-a", "user:pass@/:rw", "-a", "@/", "-A"])] server: TestServer,