(w http.ResponseWriter, r *http.Request)
| 611 | } |
| 612 | |
| 613 | func (h *Handler) handlePropfind(w http.ResponseWriter, r *http.Request) (status int, err error) { |
| 614 | reqPath, status, err := h.stripPrefix(r.URL.Path) |
| 615 | if err != nil { |
| 616 | return status, err |
| 617 | } |
| 618 | ctx := r.Context() |
| 619 | userAgent := r.Header.Get("User-Agent") |
| 620 | ctx = context.WithValue(ctx, "userAgent", userAgent) |
| 621 | user := ctx.Value("user").(*model.User) |
| 622 | reqPath, err = ResolvePath(user, reqPath) |
| 623 | if err != nil { |
| 624 | return 403, err |
| 625 | } |
| 626 | fi, err := fs.Get(ctx, reqPath, &fs.GetArgs{}) |
| 627 | if err != nil { |
| 628 | if errs.IsNotFoundError(err) { |
| 629 | return http.StatusNotFound, err |
| 630 | } |
| 631 | return http.StatusMethodNotAllowed, err |
| 632 | } |
| 633 | depth := infiniteDepth |
| 634 | if hdr := r.Header.Get("Depth"); hdr != "" { |
| 635 | depth = parseDepth(hdr) |
| 636 | if depth == invalidDepth { |
| 637 | return http.StatusBadRequest, errInvalidDepth |
| 638 | } |
| 639 | } |
| 640 | pf, status, err := readPropfind(r.Body) |
| 641 | if err != nil { |
| 642 | return status, err |
| 643 | } |
| 644 | |
| 645 | mw := multistatusWriter{w: w} |
| 646 | |
| 647 | if utils.PathEqual(reqPath, user.BasePath) { |
| 648 | hasRootPerm := false |
| 649 | for _, role := range user.RolesDetail { |
| 650 | for _, entry := range role.PermissionScopes { |
| 651 | if utils.PathEqual(entry.Path, user.BasePath) { |
| 652 | hasRootPerm = true |
| 653 | break |
| 654 | } |
| 655 | } |
| 656 | if hasRootPerm { |
| 657 | break |
| 658 | } |
| 659 | } |
| 660 | if !hasRootPerm { |
| 661 | basePaths := model.GetAllBasePathsFromRoles(user) |
| 662 | type infoItem struct { |
| 663 | path string |
| 664 | info model.Obj |
| 665 | } |
| 666 | infos := []infoItem{{reqPath, fi}} |
| 667 | seen := make(map[string]struct{}) |
| 668 | for _, p := range basePaths { |
| 669 | if !utils.IsSubPath(user.BasePath, p) { |
| 670 | continue |
no test coverage detected