diff --git a/src/app/Http/Middleware/TrimStrings.php b/src/app/Http/Middleware/TrimStrings.php
index 5a50e7b5..e763dfb7 100644
--- a/src/app/Http/Middleware/TrimStrings.php
+++ b/src/app/Http/Middleware/TrimStrings.php
@@ -1,18 +1,18 @@
*/
protected $except = [
'password',
'password_confirmation',
];
}
diff --git a/src/tests/Infrastructure/DavTest.php b/src/tests/Infrastructure/DavTest.php
index 72c92f64..9587b5a1 100644
--- a/src/tests/Infrastructure/DavTest.php
+++ b/src/tests/Infrastructure/DavTest.php
@@ -1,293 +1,294 @@
getTestUser('davtest@kolab.org', ['password' => 'simple123'], true);
}
if (!self::$client) {
self::$client = new \GuzzleHttp\Client([
'http_errors' => false, // No exceptions
'base_uri' => \config("services.dav.uri"),
'verify' => false,
'auth' => [self::$user->email, 'simple123'],
'connect_timeout' => 10,
'timeout' => 10,
'headers' => [
"Content-Type" => "application/xml; charset=utf-8",
"Depth" => "1",
]
]);
}
}
public function testDiscoverPrincipal()
{
$user = self::$user;
$body = "";
$response = self::$client->request('PROPFIND', '/iRony/', ['body' => $body]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("/iRony/principals/{$user->email}/", $data);
$this->assertStringContainsString('/iRony/calendars/', $data);
$this->assertStringContainsString('/iRony/addressbooks/', $data);
}
/**
* This codepath is triggerd by MacOS CalDAV when it tries to login.
* Verify we don't crash and end up with a 500 status code.
*/
public function testFailingLogin()
{
$body = "";
$headers = [
"Content-Type" => "application/xml; charset=utf-8",
"Depth" => "1",
'body' => $body,
'auth' => ['invaliduser@kolab.org', 'invalid']
];
$response = self::$client->request('PROPFIND', '/iRony/', $headers);
$this->assertEquals(403, $response->getStatusCode());
}
/**
* This codepath is triggerd by MacOS CardDAV when it tries to login.
* NOTE: This depends on the username_domain roundcube config option.
*/
public function testShortlogin()
{
- $this->markTestSkipped(
- 'Shortlogins dont work with the nginx proxy.'
- );
+ $this->markTestSkipped('Shortlogins dont work with the nginx proxy.');
+
+ // @phpstan-ignore-next-line "Code above always terminates"
$body = "";
$response = self::$client->request('PROPFIND', '/iRony/', [
'body' => $body,
'auth' => ['davtest', 'simple123']
]);
+
$this->assertEquals(207, $response->getStatusCode());
}
public function testDiscoverCalendarHomeset()
{
$user = self::$user;
$body = <<
EOF;
$response = self::$client->request('PROPFIND', '/iRony/', ['body' => $body]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("/iRony/calendars/{$user->email}/", $data);
}
public function testDiscoverCalendars()
{
$user = self::$user;
$body = <<
EOF;
$response = self::$client->request('PROPFIND', "/iRony/calendars/{$user->email}", [
'headers' => [
"Depth" => "infinity",
],
'body' => $body
]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("/iRony/calendars/{$user->email}/", $data);
$doc = new \DOMDocument('1.0', 'UTF-8');
$doc->loadXML($data);
$response = $doc->getElementsByTagName('response')->item(1);
$doc->getElementsByTagName('href')->item(0);
$this->assertEquals("d:href", $response->childNodes->item(0)->nodeName);
$href = $response->childNodes->item(0)->nodeValue;
return $href;
}
/**
* @depends testDiscoverCalendars
*/
public function testPropfindCalendar($href)
{
$body = <<
EOF;
$response = self::$client->request('PROPFIND', $href, [
'headers' => [
"Depth" => "0",
],
'body' => $body,
]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("$href", $data);
}
/**
* Thunderbird does this and relies on the WWW-Authenticate header response to
* start sending authenticated requests.
*
* @depends testDiscoverCalendars
*/
public function testPropfindCalendarWithoutAuth($href)
{
$body = <<
EOF;
$response = self::$client->request('PROPFIND', $href, [
'headers' => [
"Depth" => "0",
],
'body' => $body,
'auth' => []
]);
$this->assertEquals(401, $response->getStatusCode());
$this->assertStringContainsString('Basic realm=', $response->getHeader('WWW-Authenticate')[0]);
$data = $response->getBody();
$this->assertStringContainsString("Sabre\DAV\Exception\NotAuthenticated", $data);
}
/**
* Required for MacOS autoconfig
*/
public function testOptions()
{
$user = self::$user;
$body = <<
EOF;
$response = self::$client->request('OPTIONS', "/iRony/principals/{$user->email}/", ['body' => $body]);
$this->assertEquals(200, $response->getStatusCode());
$this->assertStringContainsString('PROPFIND', $response->getHeader('Allow')[0]);
}
public function testWellKnown()
{
$user = self::$user;
$body = <<
EOF;
// The base URL needs to work as a redirect
$response = self::$client->request('PROPFIND', '/.well-known/caldav', [
'headers' => [
"Depth" => "infinity",
],
'body' => $body,
'allow_redirects' => false
]);
$this->assertEquals(301, $response->getStatusCode());
$redirectTarget = $response->getHeader('location')[0];
$this->assertEquals(\config('services.dav.uri') . "iRony/", $redirectTarget);
// Follow the redirect
$response = self::$client->request('PROPFIND', $redirectTarget, [
'headers' => [
"Depth" => "infinity",
],
'body' => $body,
'allow_redirects' => false
]);
$this->assertEquals(207, $response->getStatusCode());
// Any URL should result in a redirect to the same path
$response = self::$client->request('PROPFIND', "/.well-known/caldav/calendars/{$user->email}", [
'headers' => [
"Depth" => "infinity",
],
'body' => $body,
'allow_redirects' => false
]);
$this->assertEquals(301, $response->getStatusCode());
$redirectTarget = $response->getHeader('location')[0];
//FIXME we have an extra slash that we don't technically want here
$this->assertEquals(\config('services.dav.uri') . "iRony//calendars/{$user->email}", $redirectTarget);
// Follow the redirect
$response = self::$client->request('PROPFIND', $redirectTarget, [
'headers' => [
"Depth" => "infinity",
],
'body' => $body,
'allow_redirects' => false
]);
$this->assertEquals(207, $response->getStatusCode());
$data = $response->getBody();
$this->assertStringContainsString("/iRony/calendars/{$user->email}/", $data);
}
/**
* @doesNotPerformAssertions
*/
public function testCleanup(): void
{
$this->deleteTestUser(self::$user->email);
}
}