Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Correct the HTTP return codes (401 only if not authorized, 405 in case of error)

Browse Source 
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@1481 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
Dominique Fournier
2014-06-20 14:03:22 +00:00
parent bde592292a
commit 29bc34a07b
1 changed files with 38 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
authorizationdb.php
View File

@@ -63,7 +63,7 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated"), 401); throw new Exception (_("Not authenticated"), 401);
@@ -73,7 +73,7 @@ class authorizationdb extends authorization
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -137,21 +137,21 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated !!"), 401); throw new Exception (_("Not authenticated"), 401);
if ($this->authiduser !== 0 && $this->authiduser !== $ownerid) if ($this->authiduser !== 0 && $this->authiduser !== $ownerid)
throw new Exception (_("Can't create object not owned by myself"), 412); throw new Exception (_("Can't create object not owned by myself"), 406);
if ($this->authiduser !== 0 && !in_array ($groupid, $this->authgroups)) if ($this->authiduser !== 0 && !in_array ($groupid, $this->authgroups))
throw new Exception (_("Can't create object with not owned group"), 412); throw new Exception (_("Can't create object with not owned group"), 406);
try try
{ {
$this->treecheckExecute ($object); $this->treecheckExecute ($object);
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -178,7 +178,7 @@ class authorizationdb extends authorization
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
$this->db->create (array ("object"=>$object, $this->db->create (array ("object"=>$object,
@@ -198,19 +198,19 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated"), 401); throw new Exception (_("Not authenticated"), 401);
if ($object === "/") if ($object === "/")
throw new Exception (_("The root can not be removed"), 412); throw new Exception (_("The root can not be removed"), 406);
try try
{ {
$this->treecheckExecute ($object); $this->treecheckExecute ($object);
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -226,9 +226,9 @@ class authorizationdb extends authorization
{ {
$rc = $this->db->delete ($object); $rc = $this->db->delete ($object);
if ($rc > 1) if ($rc > 1)
throw new Exception (_("Removing more than one object"), 412); throw new Exception (_("Removing more than one object"), 406);
if ($rc == 0) if ($rc == 0)
throw new Exception (_("No object removed"), 412); throw new Exception (_("No object removed"), 406);
$rc = $this->db->delete ("$object$this->separator%"); $rc = $this->db->delete ("$object$this->separator%");
return TRUE; return TRUE;
} }
@@ -239,14 +239,14 @@ class authorizationdb extends authorization
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
$rc = $this->db->delete ($object); $rc = $this->db->delete ($object);
if ($rc > 1) if ($rc > 1)
throw new Exception (_("Removing more than one object"), 412); throw new Exception (_("Removing more than one object"), 406);
if ($rc == 0) if ($rc == 0)
throw new Exception (_("No object removed"), 412); throw new Exception (_("No object removed"), 406);
$rc = $this->db->delete ("$object$this->separator%"); $rc = $this->db->delete ("$object$this->separator%");
return TRUE; return TRUE;
} }
@@ -263,19 +263,19 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated !!"), 401); throw new Exception (_("Not authenticated"), 401);
if ($this->authiduser !== 0) if ($this->authiduser !== 0)
throw new Exception (_("The chown is reserved to root user"), 401); throw new Exception (_("The chown is reserved to root user"), 405);
try try
{ {
$this->treecheckExecute ($object); $this->treecheckExecute ($object);
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -301,21 +301,21 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated"), 401); throw new Exception (_("Not authenticated"), 401);
if ($this->authiduser !== 0 && !in_array ($groupid, $this->authgroups)) if ($this->authiduser !== 0 && !in_array ($groupid, $this->authgroups))
throw new Exception (_("The user must be in the wanted group"), 401); throw new Exception (_("The user must be in the wanted group"), 405);
if (!in_array ("WRITE", $this->validate ($object))) if (!in_array ("WRITE", $this->validate ($object)))
throw new Exception (sprintf (_("%s is write protected"), $object), 401); throw new Exception (sprintf (_("%s is write protected"), $object), 405);
try try
{ {
$this->treecheckExecute ($object); $this->treecheckExecute ($object);
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -341,19 +341,19 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated"), 401); throw new Exception (_("Not authenticated"), 401);
if (!in_array ("WRITE", $this->validate ($object))) if (!in_array ("WRITE", $this->validate ($object)))
throw new Exception (sprintf (_("%s is write protected"), $object), 401); throw new Exception (sprintf (_("%s is write protected"), $object), 405);
try try
{ {
$this->treecheckExecute ($object); $this->treecheckExecute ($object);
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -379,7 +379,7 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated"), 401); throw new Exception (_("Not authenticated"), 401);
@@ -389,7 +389,7 @@ class authorizationdb extends authorization
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -413,17 +413,17 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated !!"), 401); throw new Exception (_("Not authenticated"), 401);
try try
{ {
$this->treecheckExecute ($object); $this->treecheckExecute ($object);
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -447,17 +447,17 @@ class authorizationdb extends authorization
if (substr ($object, -1) === "/") if (substr ($object, -1) === "/")
$object = substr ($object, 0, -1); $object = substr ($object, 0, -1);
if (substr ($object, 0, 1) !== "/") if (substr ($object, 0, 1) !== "/")
throw new Exception (_("Object don't start by slash"), 412); throw new Exception (_("Object don't start by slash"), 406);
$object = preg_replace ("#//+#", "/", $object); $object = preg_replace ("#//+#", "/", $object);
if ($this->authiduser === "") if ($this->authiduser === "")
throw new Exception (_("Not authenticated !!"), 401); throw new Exception (_("Not authenticated"), 401);
try try
{ {
$this->treecheckExecute ($object); $this->treecheckExecute ($object);
} }
catch (Exception $e) catch (Exception $e)
{ {
throw new Exception ($e->getMessage(), 401); throw new Exception ($e->getMessage(), 405);
} }
// All the folder structure is accessible. Check if the object already // All the folder structure is accessible. Check if the object already
@@ -465,7 +465,7 @@ class authorizationdb extends authorization
$search = $this->db->read (array (array ("object", $object))); $search = $this->db->read (array (array ("object", $object)));
if (count ($search) === 0) if (count ($search) === 0)
throw new Exception (sprintf (_("Object %s doesn't exists"), $object), throw new Exception (sprintf (_("Object %s doesn't exists"), $object),
400); 404);
$search = reset ($search); $search = reset ($search);
return intval ($search["groupid"]); return intval ($search["groupid"]);
} }
@@ -539,7 +539,7 @@ class authorizationdb extends authorization
if (($parentModbits & 0001) === 1) if (($parentModbits & 0001) === 1)
continue; continue;
throw new Exception (sprintf (_("No execute rights on %s"), $p), 401); throw new Exception (sprintf (_("No execute rights on %s"), $p), 405);
} }
} }
return TRUE; return TRUE;
@@ -569,6 +569,6 @@ class authorizationdb extends authorization
if (($parentModbits & 0002) === 2) if (($parentModbits & 0002) === 2)
return TRUE; return TRUE;
throw new Exception (sprintf (_("No write rights on %s"), $parent), 401); throw new Exception (sprintf (_("No write rights on %s"), $parent), 405);
} }
} }