Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F1842057
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
11 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/src/app/Http/Middleware/TrimStrings.php b/src/app/Http/Middleware/TrimStrings.php
index 5a50e7b5..e763dfb7 100644
--- a/src/app/Http/Middleware/TrimStrings.php
+++ b/src/app/Http/Middleware/TrimStrings.php
@@ -1,18 +1,18 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
class TrimStrings extends Middleware
{
/**
* The names of the attributes that should not be trimmed.
*
- * @var array
+ * @var array<int, string>
*/
protected $except = [
'password',
'password_confirmation',
];
}
diff --git a/src/tests/Infrastructure/DavTest.php b/src/tests/Infrastructure/DavTest.php
index 72c92f64..9587b5a1 100644
--- a/src/tests/Infrastructure/DavTest.php
+++ b/src/tests/Infrastructure/DavTest.php
@@ -1,293 +1,294 @@
<?php
namespace Tests\Infrastructure;
use Tests\TestCase;
class DavTest extends TestCase
{
private static ?\GuzzleHttp\Client $client = null;
private static ?\App\User $user = null;
/**
* {@inheritDoc}
*/
public function setUp(): void
{
parent::setUp();
if (!self::$user) {
self::$user = $this->getTestUser('davtest@kolab.org', ['password' => 'simple123'], true);
}
if (!self::$client) {
self::$client = new \GuzzleHttp\Client([
'http_errors' => false, // No exceptions
'base_uri' => \config("services.dav.uri"),
'verify' => false,
'auth' => [self::$user->email, 'simple123'],
'connect_timeout' => 10,
'timeout' => 10,
'headers' => [
"Content-Type" => "application/xml; charset=utf-8",
"Depth" => "1",
]
]);
}
}
public function testDiscoverPrincipal()
{
$user = self::$user;
$body = "<d:propfind xmlns:d='DAV:'><d:prop><d:current-user-principal/></d:prop></d:propfind>";
$response = self::$client->request('PROPFIND', '/iRony/', ['body' => $body]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("<d:href>/iRony/principals/{$user->email}/</d:href>", $data);
$this->assertStringContainsString('<d:href>/iRony/calendars/</d:href>', $data);
$this->assertStringContainsString('<d:href>/iRony/addressbooks/</d:href>', $data);
}
/**
* This codepath is triggerd by MacOS CalDAV when it tries to login.
* Verify we don't crash and end up with a 500 status code.
*/
public function testFailingLogin()
{
$body = "<d:propfind xmlns:d='DAV:'><d:prop><d:current-user-principal/></d:prop></d:propfind>";
$headers = [
"Content-Type" => "application/xml; charset=utf-8",
"Depth" => "1",
'body' => $body,
'auth' => ['invaliduser@kolab.org', 'invalid']
];
$response = self::$client->request('PROPFIND', '/iRony/', $headers);
$this->assertEquals(403, $response->getStatusCode());
}
/**
* This codepath is triggerd by MacOS CardDAV when it tries to login.
* NOTE: This depends on the username_domain roundcube config option.
*/
public function testShortlogin()
{
- $this->markTestSkipped(
- 'Shortlogins dont work with the nginx proxy.'
- );
+ $this->markTestSkipped('Shortlogins dont work with the nginx proxy.');
+
+ // @phpstan-ignore-next-line "Code above always terminates"
$body = "<d:propfind xmlns:d='DAV:'><d:prop><d:current-user-principal/></d:prop></d:propfind>";
$response = self::$client->request('PROPFIND', '/iRony/', [
'body' => $body,
'auth' => ['davtest', 'simple123']
]);
+
$this->assertEquals(207, $response->getStatusCode());
}
public function testDiscoverCalendarHomeset()
{
$user = self::$user;
$body = <<<EOF
<d:propfind xmlns:d="DAV:" xmlns:c="urn:ietf:params:xml:ns:caldav">
<d:prop>
<c:calendar-home-set />
</d:prop>
</d:propfind>
EOF;
$response = self::$client->request('PROPFIND', '/iRony/', ['body' => $body]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("<d:href>/iRony/calendars/{$user->email}/</d:href>", $data);
}
public function testDiscoverCalendars()
{
$user = self::$user;
$body = <<<EOF
<d:propfind xmlns:d="DAV:" xmlns:cs="http://calendarserver.org/ns/" xmlns:c="urn:ietf:params:xml:ns:caldav">
<d:prop>
<d:resourcetype />
<d:displayname />
<cs:getctag />
<c:supported-calendar-component-set />
</d:prop>
</d:propfind>
EOF;
$response = self::$client->request('PROPFIND', "/iRony/calendars/{$user->email}", [
'headers' => [
"Depth" => "infinity",
],
'body' => $body
]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("<d:href>/iRony/calendars/{$user->email}/</d:href>", $data);
$doc = new \DOMDocument('1.0', 'UTF-8');
$doc->loadXML($data);
$response = $doc->getElementsByTagName('response')->item(1);
$doc->getElementsByTagName('href')->item(0);
$this->assertEquals("d:href", $response->childNodes->item(0)->nodeName);
$href = $response->childNodes->item(0)->nodeValue;
return $href;
}
/**
* @depends testDiscoverCalendars
*/
public function testPropfindCalendar($href)
{
$body = <<<EOF
<d:propfind xmlns:d="DAV:" xmlns:cs="http://calendarserver.org/ns/" xmlns:c="urn:ietf:params:xml:ns:caldav">
<d:prop>
<d:resourcetype />
<d:owner/>
<d:current-user-principal/>
<d:current-user-privilege-set/>
<d:supported-report-set/>
<cs:getctag />
<c:supported-calendar-component-set />
</d:prop>
</d:propfind>
EOF;
$response = self::$client->request('PROPFIND', $href, [
'headers' => [
"Depth" => "0",
],
'body' => $body,
]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("<d:href>$href</d:href>", $data);
}
/**
* Thunderbird does this and relies on the WWW-Authenticate header response to
* start sending authenticated requests.
*
* @depends testDiscoverCalendars
*/
public function testPropfindCalendarWithoutAuth($href)
{
$body = <<<EOF
<d:propfind xmlns:d="DAV:" xmlns:cs="http://calendarserver.org/ns/" xmlns:c="urn:ietf:params:xml:ns:caldav">
<d:prop>
<d:resourcetype />
<d:owner/>
<d:current-user-principal/>
<d:current-user-privilege-set/>
<d:supported-report-set/>
<cs:getctag />
<c:supported-calendar-component-set />
</d:prop>
</d:propfind>
EOF;
$response = self::$client->request('PROPFIND', $href, [
'headers' => [
"Depth" => "0",
],
'body' => $body,
'auth' => []
]);
$this->assertEquals(401, $response->getStatusCode());
$this->assertStringContainsString('Basic realm=', $response->getHeader('WWW-Authenticate')[0]);
$data = $response->getBody();
$this->assertStringContainsString("<s:exception>Sabre\DAV\Exception\NotAuthenticated</s:exception>", $data);
}
/**
* Required for MacOS autoconfig
*/
public function testOptions()
{
$user = self::$user;
$body = <<<EOF
<d:propfind xmlns:d="DAV:" xmlns:cs="http://calendarserver.org/ns/" xmlns:c="urn:ietf:params:xml:ns:caldav">
<d:prop>
<d:resourcetype />
<d:displayname />
<cs:getctag />
<c:supported-calendar-component-set />
</d:prop>
</d:propfind>
EOF;
$response = self::$client->request('OPTIONS', "/iRony/principals/{$user->email}/", ['body' => $body]);
$this->assertEquals(200, $response->getStatusCode());
$this->assertStringContainsString('PROPFIND', $response->getHeader('Allow')[0]);
}
public function testWellKnown()
{
$user = self::$user;
$body = <<<EOF
<d:propfind xmlns:d="DAV:" xmlns:cs="http://calendarserver.org/ns/" xmlns:c="urn:ietf:params:xml:ns:caldav">
<d:prop>
<d:resourcetype />
<d:displayname />
<cs:getctag />
<c:supported-calendar-component-set />
</d:prop>
</d:propfind>
EOF;
// The base URL needs to work as a redirect
$response = self::$client->request('PROPFIND', '/.well-known/caldav', [
'headers' => [
"Depth" => "infinity",
],
'body' => $body,
'allow_redirects' => false
]);
$this->assertEquals(301, $response->getStatusCode());
$redirectTarget = $response->getHeader('location')[0];
$this->assertEquals(\config('services.dav.uri') . "iRony/", $redirectTarget);
// Follow the redirect
$response = self::$client->request('PROPFIND', $redirectTarget, [
'headers' => [
"Depth" => "infinity",
],
'body' => $body,
'allow_redirects' => false
]);
$this->assertEquals(207, $response->getStatusCode());
// Any URL should result in a redirect to the same path
$response = self::$client->request('PROPFIND', "/.well-known/caldav/calendars/{$user->email}", [
'headers' => [
"Depth" => "infinity",
],
'body' => $body,
'allow_redirects' => false
]);
$this->assertEquals(301, $response->getStatusCode());
$redirectTarget = $response->getHeader('location')[0];
//FIXME we have an extra slash that we don't technically want here
$this->assertEquals(\config('services.dav.uri') . "iRony//calendars/{$user->email}", $redirectTarget);
// Follow the redirect
$response = self::$client->request('PROPFIND', $redirectTarget, [
'headers' => [
"Depth" => "infinity",
],
'body' => $body,
'allow_redirects' => false
]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("<d:href>/iRony/calendars/{$user->email}/</d:href>", $data);
}
/**
* @doesNotPerformAssertions
*/
public function testCleanup(): void
{
$this->deleteTestUser(self::$user->email);
}
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Mon, Aug 25, 7:42 PM (1 d, 13 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
257765
Default Alt Text
(11 KB)
Attached To
Mode
R2 kolab
Attached
Detach File
Event Timeline
Log In to Comment