webdav.go 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706
  1. // Copyright 2014 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. // Package webdav provides a WebDAV server implementation.
  5. package webdav // import "golang.org/x/net/webdav"
  6. import (
  7. "errors"
  8. "fmt"
  9. "io"
  10. "net/http"
  11. "net/url"
  12. "os"
  13. "path"
  14. "strings"
  15. "time"
  16. )
  17. type Handler struct {
  18. // Prefix is the URL path prefix to strip from WebDAV resource paths.
  19. Prefix string
  20. // FileSystem is the virtual file system.
  21. FileSystem FileSystem
  22. // LockSystem is the lock management system.
  23. LockSystem LockSystem
  24. // Logger is an optional error logger. If non-nil, it will be called
  25. // for all HTTP requests.
  26. Logger func(*http.Request, error)
  27. }
  28. func (h *Handler) stripPrefix(p string) (string, int, error) {
  29. if h.Prefix == "" {
  30. return p, http.StatusOK, nil
  31. }
  32. if r := strings.TrimPrefix(p, h.Prefix); len(r) < len(p) {
  33. return r, http.StatusOK, nil
  34. }
  35. return p, http.StatusNotFound, errPrefixMismatch
  36. }
  37. func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
  38. status, err := http.StatusBadRequest, errUnsupportedMethod
  39. if h.FileSystem == nil {
  40. status, err = http.StatusInternalServerError, errNoFileSystem
  41. } else if h.LockSystem == nil {
  42. status, err = http.StatusInternalServerError, errNoLockSystem
  43. } else {
  44. switch r.Method {
  45. case "OPTIONS":
  46. status, err = h.handleOptions(w, r)
  47. case "GET", "HEAD", "POST":
  48. status, err = h.handleGetHeadPost(w, r)
  49. case "DELETE":
  50. status, err = h.handleDelete(w, r)
  51. case "PUT":
  52. status, err = h.handlePut(w, r)
  53. case "MKCOL":
  54. status, err = h.handleMkcol(w, r)
  55. case "COPY", "MOVE":
  56. status, err = h.handleCopyMove(w, r)
  57. case "LOCK":
  58. status, err = h.handleLock(w, r)
  59. case "UNLOCK":
  60. status, err = h.handleUnlock(w, r)
  61. case "PROPFIND":
  62. status, err = h.handlePropfind(w, r)
  63. case "PROPPATCH":
  64. status, err = h.handleProppatch(w, r)
  65. }
  66. }
  67. if status != 0 {
  68. w.WriteHeader(status)
  69. if status != http.StatusNoContent {
  70. w.Write([]byte(StatusText(status)))
  71. }
  72. }
  73. if h.Logger != nil {
  74. h.Logger(r, err)
  75. }
  76. }
  77. func (h *Handler) lock(now time.Time, root string) (token string, status int, err error) {
  78. token, err = h.LockSystem.Create(now, LockDetails{
  79. Root: root,
  80. Duration: infiniteTimeout,
  81. ZeroDepth: true,
  82. })
  83. if err != nil {
  84. if err == ErrLocked {
  85. return "", StatusLocked, err
  86. }
  87. return "", http.StatusInternalServerError, err
  88. }
  89. return token, 0, nil
  90. }
  91. func (h *Handler) confirmLocks(r *http.Request, src, dst string) (release func(), status int, err error) {
  92. hdr := r.Header.Get("If")
  93. if hdr == "" {
  94. // An empty If header means that the client hasn't previously created locks.
  95. // Even if this client doesn't care about locks, we still need to check that
  96. // the resources aren't locked by another client, so we create temporary
  97. // locks that would conflict with another client's locks. These temporary
  98. // locks are unlocked at the end of the HTTP request.
  99. now, srcToken, dstToken := time.Now(), "", ""
  100. if src != "" {
  101. srcToken, status, err = h.lock(now, src)
  102. if err != nil {
  103. return nil, status, err
  104. }
  105. }
  106. if dst != "" {
  107. dstToken, status, err = h.lock(now, dst)
  108. if err != nil {
  109. if srcToken != "" {
  110. h.LockSystem.Unlock(now, srcToken)
  111. }
  112. return nil, status, err
  113. }
  114. }
  115. return func() {
  116. if dstToken != "" {
  117. h.LockSystem.Unlock(now, dstToken)
  118. }
  119. if srcToken != "" {
  120. h.LockSystem.Unlock(now, srcToken)
  121. }
  122. }, 0, nil
  123. }
  124. ih, ok := parseIfHeader(hdr)
  125. if !ok {
  126. return nil, http.StatusBadRequest, errInvalidIfHeader
  127. }
  128. // ih is a disjunction (OR) of ifLists, so any ifList will do.
  129. for _, l := range ih.lists {
  130. lsrc := l.resourceTag
  131. if lsrc == "" {
  132. lsrc = src
  133. } else {
  134. u, err := url.Parse(lsrc)
  135. if err != nil {
  136. continue
  137. }
  138. if u.Host != r.Host {
  139. continue
  140. }
  141. lsrc, status, err = h.stripPrefix(u.Path)
  142. if err != nil {
  143. return nil, status, err
  144. }
  145. }
  146. release, err = h.LockSystem.Confirm(time.Now(), lsrc, dst, l.conditions...)
  147. if err == ErrConfirmationFailed {
  148. continue
  149. }
  150. if err != nil {
  151. return nil, http.StatusInternalServerError, err
  152. }
  153. return release, 0, nil
  154. }
  155. // Section 10.4.1 says that "If this header is evaluated and all state lists
  156. // fail, then the request must fail with a 412 (Precondition Failed) status."
  157. // We follow the spec even though the cond_put_corrupt_token test case from
  158. // the litmus test warns on seeing a 412 instead of a 423 (Locked).
  159. return nil, http.StatusPreconditionFailed, ErrLocked
  160. }
  161. func (h *Handler) handleOptions(w http.ResponseWriter, r *http.Request) (status int, err error) {
  162. reqPath, status, err := h.stripPrefix(r.URL.Path)
  163. if err != nil {
  164. return status, err
  165. }
  166. ctx := r.Context()
  167. allow := "OPTIONS, LOCK, PUT, MKCOL"
  168. if fi, err := h.FileSystem.Stat(ctx, reqPath); err == nil {
  169. if fi.IsDir() {
  170. allow = "OPTIONS, LOCK, DELETE, PROPPATCH, COPY, MOVE, UNLOCK, PROPFIND"
  171. } else {
  172. allow = "OPTIONS, LOCK, GET, HEAD, POST, DELETE, PROPPATCH, COPY, MOVE, UNLOCK, PROPFIND, PUT"
  173. }
  174. }
  175. w.Header().Set("Allow", allow)
  176. // http://www.webdav.org/specs/rfc4918.html#dav.compliance.classes
  177. w.Header().Set("DAV", "1, 2")
  178. // http://msdn.microsoft.com/en-au/library/cc250217.aspx
  179. w.Header().Set("MS-Author-Via", "DAV")
  180. return 0, nil
  181. }
  182. func (h *Handler) handleGetHeadPost(w http.ResponseWriter, r *http.Request) (status int, err error) {
  183. reqPath, status, err := h.stripPrefix(r.URL.Path)
  184. if err != nil {
  185. return status, err
  186. }
  187. // TODO: check locks for read-only access??
  188. ctx := r.Context()
  189. f, err := h.FileSystem.OpenFile(ctx, reqPath, os.O_RDONLY, 0)
  190. if err != nil {
  191. return http.StatusNotFound, err
  192. }
  193. defer f.Close()
  194. fi, err := f.Stat()
  195. if err != nil {
  196. return http.StatusNotFound, err
  197. }
  198. if fi.IsDir() {
  199. return http.StatusMethodNotAllowed, nil
  200. }
  201. etag, err := findETag(ctx, h.FileSystem, h.LockSystem, reqPath, fi)
  202. if err != nil {
  203. return http.StatusInternalServerError, err
  204. }
  205. w.Header().Set("ETag", etag)
  206. // Let ServeContent determine the Content-Type header.
  207. http.ServeContent(w, r, reqPath, fi.ModTime(), f)
  208. return 0, nil
  209. }
  210. func (h *Handler) handleDelete(w http.ResponseWriter, r *http.Request) (status int, err error) {
  211. reqPath, status, err := h.stripPrefix(r.URL.Path)
  212. if err != nil {
  213. return status, err
  214. }
  215. release, status, err := h.confirmLocks(r, reqPath, "")
  216. if err != nil {
  217. return status, err
  218. }
  219. defer release()
  220. ctx := r.Context()
  221. // TODO: return MultiStatus where appropriate.
  222. // "godoc os RemoveAll" says that "If the path does not exist, RemoveAll
  223. // returns nil (no error)." WebDAV semantics are that it should return a
  224. // "404 Not Found". We therefore have to Stat before we RemoveAll.
  225. if _, err := h.FileSystem.Stat(ctx, reqPath); err != nil {
  226. if os.IsNotExist(err) {
  227. return http.StatusNotFound, err
  228. }
  229. return http.StatusMethodNotAllowed, err
  230. }
  231. if err := h.FileSystem.RemoveAll(ctx, reqPath); err != nil {
  232. return http.StatusMethodNotAllowed, err
  233. }
  234. return http.StatusNoContent, nil
  235. }
  236. func (h *Handler) handlePut(w http.ResponseWriter, r *http.Request) (status int, err error) {
  237. reqPath, status, err := h.stripPrefix(r.URL.Path)
  238. if err != nil {
  239. return status, err
  240. }
  241. release, status, err := h.confirmLocks(r, reqPath, "")
  242. if err != nil {
  243. return status, err
  244. }
  245. defer release()
  246. // TODO(rost): Support the If-Match, If-None-Match headers? See bradfitz'
  247. // comments in http.checkEtag.
  248. ctx := r.Context()
  249. f, err := h.FileSystem.OpenFile(ctx, reqPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
  250. if err != nil {
  251. return http.StatusNotFound, err
  252. }
  253. _, copyErr := io.Copy(f, r.Body)
  254. fi, statErr := f.Stat()
  255. closeErr := f.Close()
  256. // TODO(rost): Returning 405 Method Not Allowed might not be appropriate.
  257. if copyErr != nil {
  258. return http.StatusMethodNotAllowed, copyErr
  259. }
  260. if statErr != nil {
  261. return http.StatusMethodNotAllowed, statErr
  262. }
  263. if closeErr != nil {
  264. return http.StatusMethodNotAllowed, closeErr
  265. }
  266. etag, err := findETag(ctx, h.FileSystem, h.LockSystem, reqPath, fi)
  267. if err != nil {
  268. return http.StatusInternalServerError, err
  269. }
  270. w.Header().Set("ETag", etag)
  271. return http.StatusCreated, nil
  272. }
  273. func (h *Handler) handleMkcol(w http.ResponseWriter, r *http.Request) (status int, err error) {
  274. reqPath, status, err := h.stripPrefix(r.URL.Path)
  275. if err != nil {
  276. return status, err
  277. }
  278. release, status, err := h.confirmLocks(r, reqPath, "")
  279. if err != nil {
  280. return status, err
  281. }
  282. defer release()
  283. ctx := r.Context()
  284. if r.ContentLength > 0 {
  285. return http.StatusUnsupportedMediaType, nil
  286. }
  287. if err := h.FileSystem.Mkdir(ctx, reqPath, 0777); err != nil {
  288. if os.IsNotExist(err) {
  289. return http.StatusConflict, err
  290. }
  291. return http.StatusMethodNotAllowed, err
  292. }
  293. return http.StatusCreated, nil
  294. }
  295. func (h *Handler) handleCopyMove(w http.ResponseWriter, r *http.Request) (status int, err error) {
  296. hdr := r.Header.Get("Destination")
  297. if hdr == "" {
  298. return http.StatusBadRequest, errInvalidDestination
  299. }
  300. u, err := url.Parse(hdr)
  301. if err != nil {
  302. return http.StatusBadRequest, errInvalidDestination
  303. }
  304. if u.Host != "" && u.Host != r.Host {
  305. return http.StatusBadGateway, errInvalidDestination
  306. }
  307. src, status, err := h.stripPrefix(r.URL.Path)
  308. if err != nil {
  309. return status, err
  310. }
  311. dst, status, err := h.stripPrefix(u.Path)
  312. if err != nil {
  313. return status, err
  314. }
  315. if dst == "" {
  316. return http.StatusBadGateway, errInvalidDestination
  317. }
  318. if dst == src {
  319. return http.StatusForbidden, errDestinationEqualsSource
  320. }
  321. ctx := r.Context()
  322. if r.Method == "COPY" {
  323. // Section 7.5.1 says that a COPY only needs to lock the destination,
  324. // not both destination and source. Strictly speaking, this is racy,
  325. // even though a COPY doesn't modify the source, if a concurrent
  326. // operation modifies the source. However, the litmus test explicitly
  327. // checks that COPYing a locked-by-another source is OK.
  328. release, status, err := h.confirmLocks(r, "", dst)
  329. if err != nil {
  330. return status, err
  331. }
  332. defer release()
  333. // Section 9.8.3 says that "The COPY method on a collection without a Depth
  334. // header must act as if a Depth header with value "infinity" was included".
  335. depth := infiniteDepth
  336. if hdr := r.Header.Get("Depth"); hdr != "" {
  337. depth = parseDepth(hdr)
  338. if depth != 0 && depth != infiniteDepth {
  339. // Section 9.8.3 says that "A client may submit a Depth header on a
  340. // COPY on a collection with a value of "0" or "infinity"."
  341. return http.StatusBadRequest, errInvalidDepth
  342. }
  343. }
  344. return copyFiles(ctx, h.FileSystem, src, dst, r.Header.Get("Overwrite") != "F", depth, 0)
  345. }
  346. release, status, err := h.confirmLocks(r, src, dst)
  347. if err != nil {
  348. return status, err
  349. }
  350. defer release()
  351. // Section 9.9.2 says that "The MOVE method on a collection must act as if
  352. // a "Depth: infinity" header was used on it. A client must not submit a
  353. // Depth header on a MOVE on a collection with any value but "infinity"."
  354. if hdr := r.Header.Get("Depth"); hdr != "" {
  355. if parseDepth(hdr) != infiniteDepth {
  356. return http.StatusBadRequest, errInvalidDepth
  357. }
  358. }
  359. return moveFiles(ctx, h.FileSystem, src, dst, r.Header.Get("Overwrite") == "T")
  360. }
  361. func (h *Handler) handleLock(w http.ResponseWriter, r *http.Request) (retStatus int, retErr error) {
  362. duration, err := parseTimeout(r.Header.Get("Timeout"))
  363. if err != nil {
  364. return http.StatusBadRequest, err
  365. }
  366. li, status, err := readLockInfo(r.Body)
  367. if err != nil {
  368. return status, err
  369. }
  370. ctx := r.Context()
  371. token, ld, now, created := "", LockDetails{}, time.Now(), false
  372. if li == (lockInfo{}) {
  373. // An empty lockInfo means to refresh the lock.
  374. ih, ok := parseIfHeader(r.Header.Get("If"))
  375. if !ok {
  376. return http.StatusBadRequest, errInvalidIfHeader
  377. }
  378. if len(ih.lists) == 1 && len(ih.lists[0].conditions) == 1 {
  379. token = ih.lists[0].conditions[0].Token
  380. }
  381. if token == "" {
  382. return http.StatusBadRequest, errInvalidLockToken
  383. }
  384. ld, err = h.LockSystem.Refresh(now, token, duration)
  385. if err != nil {
  386. if err == ErrNoSuchLock {
  387. return http.StatusPreconditionFailed, err
  388. }
  389. return http.StatusInternalServerError, err
  390. }
  391. } else {
  392. // Section 9.10.3 says that "If no Depth header is submitted on a LOCK request,
  393. // then the request MUST act as if a "Depth:infinity" had been submitted."
  394. depth := infiniteDepth
  395. if hdr := r.Header.Get("Depth"); hdr != "" {
  396. depth = parseDepth(hdr)
  397. if depth != 0 && depth != infiniteDepth {
  398. // Section 9.10.3 says that "Values other than 0 or infinity must not be
  399. // used with the Depth header on a LOCK method".
  400. return http.StatusBadRequest, errInvalidDepth
  401. }
  402. }
  403. reqPath, status, err := h.stripPrefix(r.URL.Path)
  404. if err != nil {
  405. return status, err
  406. }
  407. ld = LockDetails{
  408. Root: reqPath,
  409. Duration: duration,
  410. OwnerXML: li.Owner.InnerXML,
  411. ZeroDepth: depth == 0,
  412. }
  413. token, err = h.LockSystem.Create(now, ld)
  414. if err != nil {
  415. if err == ErrLocked {
  416. return StatusLocked, err
  417. }
  418. return http.StatusInternalServerError, err
  419. }
  420. defer func() {
  421. if retErr != nil {
  422. h.LockSystem.Unlock(now, token)
  423. }
  424. }()
  425. // Create the resource if it didn't previously exist.
  426. if _, err := h.FileSystem.Stat(ctx, reqPath); err != nil {
  427. f, err := h.FileSystem.OpenFile(ctx, reqPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
  428. if err != nil {
  429. // TODO: detect missing intermediate dirs and return http.StatusConflict?
  430. return http.StatusInternalServerError, err
  431. }
  432. f.Close()
  433. created = true
  434. }
  435. // http://www.webdav.org/specs/rfc4918.html#HEADER_Lock-Token says that the
  436. // Lock-Token value is a Coded-URL. We add angle brackets.
  437. w.Header().Set("Lock-Token", "<"+token+">")
  438. }
  439. w.Header().Set("Content-Type", "application/xml; charset=utf-8")
  440. if created {
  441. // This is "w.WriteHeader(http.StatusCreated)" and not "return
  442. // http.StatusCreated, nil" because we write our own (XML) response to w
  443. // and Handler.ServeHTTP would otherwise write "Created".
  444. w.WriteHeader(http.StatusCreated)
  445. }
  446. writeLockInfo(w, token, ld)
  447. return 0, nil
  448. }
  449. func (h *Handler) handleUnlock(w http.ResponseWriter, r *http.Request) (status int, err error) {
  450. // http://www.webdav.org/specs/rfc4918.html#HEADER_Lock-Token says that the
  451. // Lock-Token value is a Coded-URL. We strip its angle brackets.
  452. t := r.Header.Get("Lock-Token")
  453. if len(t) < 2 || t[0] != '<' || t[len(t)-1] != '>' {
  454. return http.StatusBadRequest, errInvalidLockToken
  455. }
  456. t = t[1 : len(t)-1]
  457. switch err = h.LockSystem.Unlock(time.Now(), t); err {
  458. case nil:
  459. return http.StatusNoContent, err
  460. case ErrForbidden:
  461. return http.StatusForbidden, err
  462. case ErrLocked:
  463. return StatusLocked, err
  464. case ErrNoSuchLock:
  465. return http.StatusConflict, err
  466. default:
  467. return http.StatusInternalServerError, err
  468. }
  469. }
  470. func (h *Handler) handlePropfind(w http.ResponseWriter, r *http.Request) (status int, err error) {
  471. reqPath, status, err := h.stripPrefix(r.URL.Path)
  472. if err != nil {
  473. return status, err
  474. }
  475. ctx := r.Context()
  476. fi, err := h.FileSystem.Stat(ctx, reqPath)
  477. if err != nil {
  478. if os.IsNotExist(err) {
  479. return http.StatusNotFound, err
  480. }
  481. return http.StatusMethodNotAllowed, err
  482. }
  483. depth := infiniteDepth
  484. if hdr := r.Header.Get("Depth"); hdr != "" {
  485. depth = parseDepth(hdr)
  486. if depth == invalidDepth {
  487. return http.StatusBadRequest, errInvalidDepth
  488. }
  489. }
  490. pf, status, err := readPropfind(r.Body)
  491. if err != nil {
  492. return status, err
  493. }
  494. mw := multistatusWriter{w: w}
  495. walkFn := func(reqPath string, info os.FileInfo, err error) error {
  496. if err != nil {
  497. return err
  498. }
  499. var pstats []Propstat
  500. if pf.Propname != nil {
  501. pnames, err := propnames(ctx, h.FileSystem, h.LockSystem, reqPath)
  502. if err != nil {
  503. return err
  504. }
  505. pstat := Propstat{Status: http.StatusOK}
  506. for _, xmlname := range pnames {
  507. pstat.Props = append(pstat.Props, Property{XMLName: xmlname})
  508. }
  509. pstats = append(pstats, pstat)
  510. } else if pf.Allprop != nil {
  511. pstats, err = allprop(ctx, h.FileSystem, h.LockSystem, reqPath, pf.Prop)
  512. } else {
  513. pstats, err = props(ctx, h.FileSystem, h.LockSystem, reqPath, pf.Prop)
  514. }
  515. if err != nil {
  516. return err
  517. }
  518. href := path.Join(h.Prefix, reqPath)
  519. if href != "/" && info.IsDir() {
  520. href += "/"
  521. }
  522. return mw.write(makePropstatResponse(href, pstats))
  523. }
  524. walkErr := walkFS(ctx, h.FileSystem, depth, reqPath, fi, walkFn)
  525. closeErr := mw.close()
  526. if walkErr != nil {
  527. return http.StatusInternalServerError, walkErr
  528. }
  529. if closeErr != nil {
  530. return http.StatusInternalServerError, closeErr
  531. }
  532. return 0, nil
  533. }
  534. func (h *Handler) handleProppatch(w http.ResponseWriter, r *http.Request) (status int, err error) {
  535. reqPath, status, err := h.stripPrefix(r.URL.Path)
  536. if err != nil {
  537. return status, err
  538. }
  539. release, status, err := h.confirmLocks(r, reqPath, "")
  540. if err != nil {
  541. return status, err
  542. }
  543. defer release()
  544. ctx := r.Context()
  545. if _, err := h.FileSystem.Stat(ctx, reqPath); err != nil {
  546. if os.IsNotExist(err) {
  547. return http.StatusNotFound, err
  548. }
  549. return http.StatusMethodNotAllowed, err
  550. }
  551. patches, status, err := readProppatch(r.Body)
  552. if err != nil {
  553. return status, err
  554. }
  555. pstats, err := patch(ctx, h.FileSystem, h.LockSystem, reqPath, patches)
  556. if err != nil {
  557. return http.StatusInternalServerError, err
  558. }
  559. mw := multistatusWriter{w: w}
  560. writeErr := mw.write(makePropstatResponse(r.URL.Path, pstats))
  561. closeErr := mw.close()
  562. if writeErr != nil {
  563. return http.StatusInternalServerError, writeErr
  564. }
  565. if closeErr != nil {
  566. return http.StatusInternalServerError, closeErr
  567. }
  568. return 0, nil
  569. }
  570. func makePropstatResponse(href string, pstats []Propstat) *response {
  571. resp := response{
  572. Href: []string{(&url.URL{Path: href}).EscapedPath()},
  573. Propstat: make([]propstat, 0, len(pstats)),
  574. }
  575. for _, p := range pstats {
  576. var xmlErr *xmlError
  577. if p.XMLError != "" {
  578. xmlErr = &xmlError{InnerXML: []byte(p.XMLError)}
  579. }
  580. resp.Propstat = append(resp.Propstat, propstat{
  581. Status: fmt.Sprintf("HTTP/1.1 %d %s", p.Status, StatusText(p.Status)),
  582. Prop: p.Props,
  583. ResponseDescription: p.ResponseDescription,
  584. Error: xmlErr,
  585. })
  586. }
  587. return &resp
  588. }
  589. const (
  590. infiniteDepth = -1
  591. invalidDepth = -2
  592. )
  593. // parseDepth maps the strings "0", "1" and "infinity" to 0, 1 and
  594. // infiniteDepth. Parsing any other string returns invalidDepth.
  595. //
  596. // Different WebDAV methods have further constraints on valid depths:
  597. // - PROPFIND has no further restrictions, as per section 9.1.
  598. // - COPY accepts only "0" or "infinity", as per section 9.8.3.
  599. // - MOVE accepts only "infinity", as per section 9.9.2.
  600. // - LOCK accepts only "0" or "infinity", as per section 9.10.3.
  601. // These constraints are enforced by the handleXxx methods.
  602. func parseDepth(s string) int {
  603. switch s {
  604. case "0":
  605. return 0
  606. case "1":
  607. return 1
  608. case "infinity":
  609. return infiniteDepth
  610. }
  611. return invalidDepth
  612. }
  613. // http://www.webdav.org/specs/rfc4918.html#status.code.extensions.to.http11
  614. const (
  615. StatusMulti = 207
  616. StatusUnprocessableEntity = 422
  617. StatusLocked = 423
  618. StatusFailedDependency = 424
  619. StatusInsufficientStorage = 507
  620. )
  621. func StatusText(code int) string {
  622. switch code {
  623. case StatusMulti:
  624. return "Multi-Status"
  625. case StatusUnprocessableEntity:
  626. return "Unprocessable Entity"
  627. case StatusLocked:
  628. return "Locked"
  629. case StatusFailedDependency:
  630. return "Failed Dependency"
  631. case StatusInsufficientStorage:
  632. return "Insufficient Storage"
  633. }
  634. return http.StatusText(code)
  635. }
  636. var (
  637. errDestinationEqualsSource = errors.New("webdav: destination equals source")
  638. errDirectoryNotEmpty = errors.New("webdav: directory not empty")
  639. errInvalidDepth = errors.New("webdav: invalid depth")
  640. errInvalidDestination = errors.New("webdav: invalid destination")
  641. errInvalidIfHeader = errors.New("webdav: invalid If header")
  642. errInvalidLockInfo = errors.New("webdav: invalid lock info")
  643. errInvalidLockToken = errors.New("webdav: invalid lock token")
  644. errInvalidPropfind = errors.New("webdav: invalid propfind")
  645. errInvalidProppatch = errors.New("webdav: invalid proppatch")
  646. errInvalidResponse = errors.New("webdav: invalid response")
  647. errInvalidTimeout = errors.New("webdav: invalid timeout")
  648. errNoFileSystem = errors.New("webdav: no file system")
  649. errNoLockSystem = errors.New("webdav: no lock system")
  650. errNotADirectory = errors.New("webdav: not a directory")
  651. errPrefixMismatch = errors.New("webdav: prefix mismatch")
  652. errRecursionTooDeep = errors.New("webdav: recursion too deep")
  653. errUnsupportedLockInfo = errors.New("webdav: unsupported lock info")
  654. errUnsupportedMethod = errors.New("webdav: unsupported method")
  655. )