From 0d354df7686565b9e01c75d83cb88c83ba746a9f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= <jfd@butonic.de>
Date: Wed, 4 Nov 2020 17:05:27 +0100
Subject: [PATCH] check status codes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
---
 .../unreleased/ocdav-check-status-code.md     |  5 ++++
 .../services/owncloud/ocdav/publicfile.go     | 27 +++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 changelog/unreleased/ocdav-check-status-code.md

diff --git a/changelog/unreleased/ocdav-check-status-code.md b/changelog/unreleased/ocdav-check-status-code.md
new file mode 100644
index 0000000000..fc8bc870f2
--- /dev/null
+++ b/changelog/unreleased/ocdav-check-status-code.md
@@ -0,0 +1,5 @@
+Bugfix: check the err and the response status code
+
+The publicfile handler needs to check the response status code to return proper not pound and permission errors in the webdav api.
+
+https://github.com/cs3org/reva/pull/1297
diff --git a/internal/http/services/owncloud/ocdav/publicfile.go b/internal/http/services/owncloud/ocdav/publicfile.go
index 5de160381e..9dc0c228e2 100644
--- a/internal/http/services/owncloud/ocdav/publicfile.go
+++ b/internal/http/services/owncloud/ocdav/publicfile.go
@@ -22,6 +22,7 @@ import (
 	"net/http"
 	"path"
 
+	rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
 	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
 	"github.com/cs3org/reva/pkg/appctx"
 	"github.com/cs3org/reva/pkg/rhttp/router"
@@ -106,6 +107,19 @@ func (s *svc) adjustResourcePathInURL(w http.ResponseWriter, r *http.Request) bo
 		w.WriteHeader(http.StatusNotFound)
 		return false
 	}
+	if pathRes.Status.Code != rpc.Code_CODE_OK {
+		switch pathRes.Status.Code {
+		case rpc.Code_CODE_NOT_FOUND:
+			w.WriteHeader(http.StatusNotFound)
+			return false
+		case rpc.Code_CODE_PERMISSION_DENIED:
+			w.WriteHeader(http.StatusForbidden)
+			return false
+		default:
+			w.WriteHeader(http.StatusInternalServerError)
+			return false
+		}
+	}
 	if path.Base(r.URL.Path) != path.Base(pathRes.Path) {
 		w.WriteHeader(http.StatusNotFound)
 		return false
@@ -165,6 +179,19 @@ func (s *svc) handlePropfindOnToken(w http.ResponseWriter, r *http.Request, ns s
 		w.WriteHeader(http.StatusNotFound)
 		return
 	}
+	if pathRes.Status.Code != rpc.Code_CODE_OK {
+		switch pathRes.Status.Code {
+		case rpc.Code_CODE_NOT_FOUND:
+			w.WriteHeader(http.StatusNotFound)
+			return
+		case rpc.Code_CODE_PERMISSION_DENIED:
+			w.WriteHeader(http.StatusForbidden)
+			return
+		default:
+			w.WriteHeader(http.StatusInternalServerError)
+			return
+		}
+	}
 
 	infos := []*provider.ResourceInfo{}