From 8bba69f6a82fea0dce30b8029cf50eaba3e9b67f Mon Sep 17 00:00:00 2001 From: Matt Ward Date: Wed, 6 Jun 2012 16:28:51 +0000 Subject: [PATCH] Merged BRANCHES/DEV/THOR1_SPRINTS to HEAD: 37459: THOR-1429: Webdav returns 500 when you don't have access to moderated site git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@37460 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../alfresco/repo/webdav/WebDAVMethod.java | 10 +- .../repo/webdav/WebDAVMethodTest.java | 108 ++++++++++++++++++ 2 files changed, 116 insertions(+), 2 deletions(-) create mode 100644 source/java/org/alfresco/repo/webdav/WebDAVMethodTest.java diff --git a/source/java/org/alfresco/repo/webdav/WebDAVMethod.java b/source/java/org/alfresco/repo/webdav/WebDAVMethod.java index db548e3925..6af2af2137 100644 --- a/source/java/org/alfresco/repo/webdav/WebDAVMethod.java +++ b/source/java/org/alfresco/repo/webdav/WebDAVMethod.java @@ -90,6 +90,8 @@ public abstract class WebDAVMethod { // Log output + private static final String VERSION_NUM_PATTERN = "\\d+\\.\\d+(\\.\\d+)?"; + protected static Log logger = LogFactory.getLog("org.alfresco.webdav.protocol"); // Output formatted XML in the response @@ -102,7 +104,11 @@ public abstract class WebDAVMethod private static final Map accessDeniedStatusCodes = new LinkedHashMap(); static { - accessDeniedStatusCodes.put("(darwin)|(macintosh)", HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + accessDeniedStatusCodes.put("^WebDAVLib/" + VERSION_NUM_PATTERN + "$", + HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + accessDeniedStatusCodes.put("^WebDAVFS/" + VERSION_NUM_PATTERN + " \\(\\d+\\)\\s+Darwin/" + + VERSION_NUM_PATTERN + "\\s+\\(.*\\)$", + HttpServletResponse.SC_INTERNAL_SERVER_ERROR); accessDeniedStatusCodes.put(".*", HttpServletResponse.SC_FORBIDDEN); } @@ -1479,7 +1485,7 @@ public abstract class WebDAVMethod { if (m_request != null && m_request.getHeader(WebDAV.HEADER_USER_AGENT) != null) { - String userAgent = m_request.getHeader(WebDAV.HEADER_USER_AGENT).toLowerCase(); + String userAgent = m_request.getHeader(WebDAV.HEADER_USER_AGENT); for (Entry entry : accessDeniedStatusCodes.entrySet()) { diff --git a/source/java/org/alfresco/repo/webdav/WebDAVMethodTest.java b/source/java/org/alfresco/repo/webdav/WebDAVMethodTest.java new file mode 100644 index 0000000000..1f237917c0 --- /dev/null +++ b/source/java/org/alfresco/repo/webdav/WebDAVMethodTest.java @@ -0,0 +1,108 @@ +/* + * Copyright (C) 2005-2012 Alfresco Software Limited. + * + * This file is part of Alfresco + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + */ +package org.alfresco.repo.webdav; + +import static org.junit.Assert.assertEquals; + +import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; + +/** + * Tests for the WebDAVMethod class. + * + * @author Matt Ward + */ +public class WebDAVMethodTest +{ + private WebDAVMethod method; + private MockHttpServletRequest req; + private MockHttpServletResponse resp; + + @Test + public void canGetStatusForAccessDeniedException() + { + // Initially Mac OS X Finder uses a different UA string than for subsequent requests. + assertStatusCode(500, "WebDAVLib/1.3"); + + // Current UA string at time of writing test. + assertStatusCode(500, "WebDAVFS/1.9.0 (01908000) Darwin/11.4.0 (x86_64)"); + + // A fictitious version number long in the future. + assertStatusCode(500, "WebDAVFS/100.10.5 (01908000) Darwin/11.4.0 (x86_64)"); + + // Other processor architectures, e.g. x86_32 should work too. + assertStatusCode(500, "WebDAVFS/100.10.5 (01908000) Darwin/109.6.3 (some_other_processor_arch)"); + + // Other clients should give 403. + assertStatusCode(403, "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6; en-us)"); + // Mozilla-based Windows browser. + assertStatusCode(403, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.12)"); + assertStatusCode(403, "SomeBrowser/1.0 (Macintosh; U; Intel Mac OS X 10_6; en-us)"); + assertStatusCode(403, "SomeBrowser/1.9.0 (01908000) Darwin/11.4.0 (x86_64)"); + assertStatusCode(403, "Cyberduck/4.2.1 (Mac OS X/10.7.4) (i386)"); + // Chrome + assertStatusCode(403, "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.54 Safari/536.5"); + // Safari + assertStatusCode(403, "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2"); + } + + private void assertStatusCode(int expectedStatusCode, String userAgent) + { + // Fresh objects needed for each status code test. + createRequestObjects(); + req.addHeader("User-Agent", userAgent); + method.setDetails(req, resp, null, null); + + int statusCode = method.getStatusForAccessDeniedException(); + + assertEquals("Incorrect status code for user-agent string \"" + userAgent + "\"", + expectedStatusCode, + statusCode); + } + + private void createRequestObjects() + { + method = new TestWebDAVMethod(); + req = new MockHttpServletRequest(); + resp = new MockHttpServletResponse(); + } + + + /** + * Empty subclass of abstract base class for testing base class' behaviour. + */ + private static class TestWebDAVMethod extends WebDAVMethod + { + @Override + protected void executeImpl() throws WebDAVServerException, Exception + { + } + + @Override + protected void parseRequestBody() throws WebDAVServerException + { + } + + @Override + protected void parseRequestHeaders() throws WebDAVServerException + { + } + } +}