[Checkins] SVN: z3c.dav/trunk/ Be more pedantic in parsing `IF'
conditional header. Raise `BadRequest'
Michael Kerrin
michael.kerrin at openapp.ie
Thu Feb 21 13:07:37 EST 2008
Log message for revision 84118:
Be more pedantic in parsing `IF' conditional header. Raise `BadRequest'
exception when no conditions are present in the header. Handle condition
when there are no state tokens known by the system, here the conditional
request should fail.
Changed:
U z3c.dav/trunk/CHANGES.txt
U z3c.dav/trunk/src/z3c/dav/ifvalidator.py
-=-
Modified: z3c.dav/trunk/CHANGES.txt
===================================================================
--- z3c.dav/trunk/CHANGES.txt 2008-02-21 16:09:42 UTC (rev 84117)
+++ z3c.dav/trunk/CHANGES.txt 2008-02-21 18:07:37 UTC (rev 84118)
@@ -5,6 +5,11 @@
1.0b2
=====
+- Be more pedantic in parsing `IF' conditional header. Raise `BadRequest'
+ exception when no conditions are present in the header. Handle condition
+ when there are no state tokens known by the system, here the conditional
+ request should fail.
+
- Improved the handling of `Unauthorized' and `Forbidden' errors during the
processing of `PROPFIND' requests. Basically we return a `Unauthorized'
response requesting the user to log-in when the problem occurs on the
Modified: z3c.dav/trunk/src/z3c/dav/ifvalidator.py
===================================================================
--- z3c.dav/trunk/src/z3c/dav/ifvalidator.py 2008-02-21 16:09:42 UTC (rev 84117)
+++ z3c.dav/trunk/src/z3c/dav/ifvalidator.py 2008-02-21 18:07:37 UTC (rev 84118)
@@ -569,6 +569,22 @@
>>> getStateResults(request)
{}
+ The specification for the `If' header requires at list one condition be
+ present.
+
+ >>> request._environ['IF'] = '</ddd> ()'
+ >>> validator.valid(demo, request, None)
+ Traceback (most recent call last):
+ ...
+ BadRequest: <zope.publisher.browser.TestRequest instance URL=http://127.0.0.1>, 'Invalid IF header: no conditions present'
+
+ >>> request._environ['IF'] = '()'
+ >>> validator.valid(demo, request, None)
+ Traceback (most recent call last):
+ ...
+ BadRequest: <zope.publisher.browser.TestRequest instance URL=http://127.0.0.1>, 'Invalid IF header: no conditions present'
+
+
matchesIfHeader method
======================
@@ -677,6 +693,32 @@
>>> matchesIfHeader(demo, request)
True
+ Update response
+ ===============
+
+ After validating a request the `updateResponse' method is called. This
+ does nothing.
+
+ >>> headers = dict(request.response.getHeaders())
+ >>> validator.updateResponse(demo, request, None)
+ >>> dict(request.response.getHeaders()) == headers
+ True
+
+ Each cases 1
+ ============
+
+ Test case when there are no state tokens known by the system. In this
+ case the request is not valid as we have no knowledge of the token passed
+ in the conditional request so we can't match against it.
+
+ >>> zope.component.getGlobalSiteManager().unregisterAdapter(
+ ... Statetokens, (None, TestRequest, None))
+ True
+
+ >>> request._environ['IF'] = '</> (<roottest>)'
+ >>> validator.valid(root, request, None)
+ False
+
Cleanup
=======
@@ -687,9 +729,6 @@
... ETag, (None, TestRequest, None))
True
>>> zope.component.getGlobalSiteManager().unregisterAdapter(
- ... Statetokens, (None, TestRequest, None))
- True
- >>> zope.component.getGlobalSiteManager().unregisterAdapter(
... PhysicallyLocatable, (Demo,))
True
>>> zope.component.getGlobalSiteManager().unregisterAdapter(
@@ -749,7 +788,8 @@
ListCondition(notted, state_token, entity_tag))
if not conditions:
- break
+ raise z3c.dav.interfaces.BadRequest(
+ request, "Invalid IF header: no conditions present")
yield resource, conditions
@@ -827,7 +867,9 @@
# is False.
result = False
else:
- result = True
+ # No known state tokens so this condition is False as
+ # we didn't match the conditional request.
+ result = False
if condition.notted:
result = not result
More information about the Checkins
mailing list