method => match method.as_str() {
"PROPFIND" => {
if is_dir {
- let access_paths = if access_paths.perm().inherit() {
- // see https://github.com/sigoden/dufs/issues/229
- AccessPaths::new(AccessPerm::ReadOnly)
- } else {
- access_paths
- };
+ let access_paths =
+ if access_paths.perm().inherit() && authorization.is_none() {
+ // see https://github.com/sigoden/dufs/issues/229
+ AccessPaths::new(AccessPerm::ReadOnly)
+ } else {
+ access_paths
+ };
self.handle_propfind_dir(path, headers, access_paths, &mut res)
.await?;
} else if is_file {
#[rstest]
fn no_auth_propfind_dir(
- #[with(&["--auth", "user:pass@/:rw", "--auth", "@/dir-assets", "-A"])] server: TestServer,
+ #[with(&["--auth", "admin:admin@/:rw", "--auth", "@/dir-assets", "-A"])] server: TestServer,
) -> Result<(), Error> {
let resp = fetch!(b"PROPFIND", server.url()).send()?;
assert_eq!(resp.status(), 207);
Ok(())
}
+#[rstest]
+fn auth_propfind_dir(
+ #[with(&["--auth", "admin:admin@/:rw", "--auth", "user:pass@/dir-assets", "-A"])]
+ server: TestServer,
+) -> Result<(), Error> {
+ let resp = fetch!(b"PROPFIND", server.url()).send_with_digest_auth("user", "pass")?;
+ assert_eq!(resp.status(), 207);
+ let body = resp.text()?;
+ assert!(body.contains("<D:href>/dir-assets/</D:href>"));
+ assert!(!body.contains("<D:href>/dir1/</D:href>"));
+ Ok(())
+}
+
#[rstest]
fn auth_data(
#[with(&["-a", "user:pass@/:rw", "-a", "@/", "-A"])] server: TestServer,
projects / ozva-cloud / commitdiff