Skip to content

Commit

Permalink
- no longer rely on ZServer for any WebDAV-related functionality (f…
Browse files Browse the repository at this point in the history 
…ixes #64)
  • Loading branch information
@dataflake
dataflake committed Feb 10, 2020
1 parent 9354847 commit f545948
Show file tree
Hide file tree
Showing 4 changed files with 30 additions and 32 deletions.
3 changes: 3 additions & 0 deletions CHANGES.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ Change Log
2.4 (unreleased)
----------------

- no longer rely on ``ZServer`` for any WebDAV-related functionality.
(`#64 <https://github.com/zopefoundation/Products.PluggableAuthService/issues/64>`_)


2.3 (2020-02-02)
----------------
Expand Down
52 changes: 26 additions & 26 deletions Products/PluggableAuthService/plugins/RequestTypeSniffer.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,30 +98,25 @@ def sniffRequestType(self, request):

InitializeClass(RequestTypeSniffer)

if HAVE_ZSERVER:
# Most of the sniffing code below has been inspired by
# similar tests found in BaseRequest, HTTPRequest and ZServer
def webdavSniffer(request):
dav_src = request.get('WEBDAV_SOURCE_PORT', None)
method = request.get('REQUEST_METHOD', 'GET').upper()
path_info = request.get('PATH_INFO', '')

if dav_src:
return True

if method not in ('GET', 'POST'):
return True
# Most of the sniffing code below has been inspired by
# similar tests found in BaseRequest, HTTPRequest and ZServer
def webdavSniffer(request):
dav_src = request.get('WEBDAV_SOURCE_PORT', None)
method = request.get('REQUEST_METHOD', 'GET').upper()
path_info = request.get('PATH_INFO', '')

if method in ('GET',) and path_info.endswith('manage_DAVget'):
return True
if dav_src:
return True

registerSniffer(IWebDAVRequest, webdavSniffer)
if request.maybe_webdav_client and method not in ('GET', 'POST'):
return True

def ftpSniffer(request):
if isinstance(request, FTPRequest):
return True
if method in ('GET',) and path_info.endswith('manage_DAVget'):
return True

registerSniffer(IFTPRequest, ftpSniffer)

registerSniffer(IWebDAVRequest, webdavSniffer)


def xmlrpcSniffer(request):
Expand All @@ -135,15 +130,20 @@ def xmlrpcSniffer(request):
registerSniffer(IXMLRPCRequest, xmlrpcSniffer)


if HAVE_ZSERVER:
def ftpSniffer(request):
if isinstance(request, FTPRequest):
return True

registerSniffer(IFTPRequest, ftpSniffer)
else:
ftpSniffer = None


def browserSniffer(request):
# If it's none of the above, it's very likely a browser request.
if xmlrpcSniffer(request):
return False
elif not HAVE_ZSERVER:
return True

for sniffer in (webdavSniffer, ftpSniffer):
if sniffer(request):
for sniffer in (xmlrpcSniffer, webdavSniffer, ftpSniffer):
if sniffer is not None and sniffer(request):
return False

return True
Expand Down
5 changes: 0 additions & 5 deletions Products/PluggableAuthService/plugins/tests/test_ChallengeProtocolChooser.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@

import Testing.ZopeTestCase

from Products.PluggableAuthService import HAVE_ZSERVER
from Products.PluggableAuthService.tests.conformance import \
IChallengeProtocolChooser_conformance

Expand Down Expand Up @@ -225,7 +224,6 @@ def test_GET_authorized(self):
self.assertStatus(response, b'HTTP/1.1 200 OK')
self.assertIn('Access Granted', str(response))

@unittest.skipIf(not HAVE_ZSERVER, 'WebDAV requires ZServer')
def test_WebDAV_unauthorized(self):
# Now a PROPFIND request, simulating a WebDAV client. Anonymous user
# should be challenged with a 401 response status:
Expand All @@ -238,7 +236,6 @@ def test_WebDAV_unauthorized(self):
request_method='GET')
self.assertStatus(response, b'HTTP/1.1 401 Unauthorized')

@unittest.skipIf(not HAVE_ZSERVER, 'WebDAV requires ZServer')
def test_WebDAV_authorized(self):
# And with the right credentials the request should succeed:
response = self.publish('/{0.folder_name}/test_script'.format(self),
Expand Down Expand Up @@ -292,7 +289,6 @@ def test_GET_unauthorized(self):
response = self.publish('/{0.folder_name}/test_script'.format(self))
self.assertStatus(response, b'HTTP/1.1 302 Found')

@unittest.skipIf(not HAVE_ZSERVER, 'WebDAV requires ZServer')
def test_WebDAV_unauthorized(self):
# And the same for a WebDAV request:
response = self.publish('/{0.folder_name}/test_script'.format(self),
Expand Down Expand Up @@ -346,7 +342,6 @@ def test_GET_unauthorized(self):
response = self.publish('/{0.folder_name}/test_script'.format(self))
self.assertStatus(response, b'HTTP/1.1 302 Found')

@unittest.skipIf(not HAVE_ZSERVER, 'WebDAV requires ZServer')
def test_WebDAV_unauthorized(self):
# A WebDAV request should result in a 401 response status:
response = self.publish('/{0.folder_name}/test_script'.format(self),
Expand Down
2 changes: 1 addition & 1 deletion setup.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ def _package_doc(name):
install_requires=[
'setuptools',
'six',
'Zope >= 4.0b6',
'Zope >= 4.2.1',
'AccessControl >= 4.0a1',
'Products.PluginRegistry >= 1.6',
'Products.GenericSetup >= 2.0b1',
Expand Down

0 comments on commit f545948

Please sign in to comment.