[Checkins] SVN: z3c.dav/trunk/ Be more pedantic in parsing `IF' conditional header. Raise `BadRequest'

Michael Kerrin michael.kerrin at openapp.ie
Thu Feb 21 13:07:37 EST 2008


Log message for revision 84118:
  Be more pedantic in parsing `IF' conditional header. Raise `BadRequest'
  exception when no conditions are present in the header. Handle condition
  when there are no state tokens known by the system, here the conditional
  request should fail.
  

Changed:
  U   z3c.dav/trunk/CHANGES.txt
  U   z3c.dav/trunk/src/z3c/dav/ifvalidator.py

-=-
Modified: z3c.dav/trunk/CHANGES.txt
===================================================================
--- z3c.dav/trunk/CHANGES.txt	2008-02-21 16:09:42 UTC (rev 84117)
+++ z3c.dav/trunk/CHANGES.txt	2008-02-21 18:07:37 UTC (rev 84118)
@@ -5,6 +5,11 @@
 1.0b2
 =====
 
+- Be more pedantic in parsing `IF' conditional header. Raise `BadRequest'
+  exception when no conditions are present in the header. Handle condition
+  when there are no state tokens known by the system, here the conditional
+  request should fail.
+
 - Improved the handling of `Unauthorized' and `Forbidden' errors during the
   processing of `PROPFIND' requests. Basically we return a `Unauthorized'
   response requesting the user to log-in when the problem occurs on the

Modified: z3c.dav/trunk/src/z3c/dav/ifvalidator.py
===================================================================
--- z3c.dav/trunk/src/z3c/dav/ifvalidator.py	2008-02-21 16:09:42 UTC (rev 84117)
+++ z3c.dav/trunk/src/z3c/dav/ifvalidator.py	2008-02-21 18:07:37 UTC (rev 84118)
@@ -569,6 +569,22 @@
       >>> getStateResults(request)
       {}
 
+    The specification for the `If' header requires at list one condition be
+    present.
+
+      >>> request._environ['IF'] = '</ddd> ()'
+      >>> validator.valid(demo, request, None)
+      Traceback (most recent call last):
+      ...
+      BadRequest: <zope.publisher.browser.TestRequest instance URL=http://127.0.0.1>, 'Invalid IF header: no conditions present'
+
+      >>> request._environ['IF'] = '()'
+      >>> validator.valid(demo, request, None)
+      Traceback (most recent call last):
+      ...
+      BadRequest: <zope.publisher.browser.TestRequest instance URL=http://127.0.0.1>, 'Invalid IF header: no conditions present'
+
+
     matchesIfHeader method
     ======================
 
@@ -677,6 +693,32 @@
       >>> matchesIfHeader(demo, request)
       True
 
+    Update response
+    ===============
+
+    After validating a request the `updateResponse' method is called. This
+    does nothing.
+
+      >>> headers = dict(request.response.getHeaders())
+      >>> validator.updateResponse(demo, request, None)
+      >>> dict(request.response.getHeaders()) == headers
+      True
+
+    Each cases 1
+    ============
+
+    Test case when there are no state tokens known by the system. In this
+    case the request is not valid as we have no knowledge of the token passed
+    in the conditional request so we can't match against it.
+
+      >>> zope.component.getGlobalSiteManager().unregisterAdapter(
+      ...    Statetokens, (None, TestRequest, None))
+      True
+
+      >>> request._environ['IF'] = '</> (<roottest>)'
+      >>> validator.valid(root, request, None)
+      False
+
     Cleanup
     =======
 
@@ -687,9 +729,6 @@
       ...    ETag, (None, TestRequest, None))
       True
       >>> zope.component.getGlobalSiteManager().unregisterAdapter(
-      ...    Statetokens, (None, TestRequest, None))
-      True
-      >>> zope.component.getGlobalSiteManager().unregisterAdapter(
       ...    PhysicallyLocatable, (Demo,))
       True
       >>> zope.component.getGlobalSiteManager().unregisterAdapter(
@@ -749,7 +788,8 @@
                     ListCondition(notted, state_token, entity_tag))
 
             if not conditions:
-                break
+                raise z3c.dav.interfaces.BadRequest(
+                    request, "Invalid IF header: no conditions present")
 
             yield resource, conditions
 
@@ -827,7 +867,9 @@
                             # is False.
                             result = False
                     else:
-                        result = True
+                        # No known state tokens so this condition is False as
+                        # we didn't match the conditional request.
+                        result = False
                     if condition.notted:
                         result = not result
 



More information about the Checkins mailing list