diff --git a/lib/calligraphy/rails/web_dav_requests_controller.rb b/lib/calligraphy/rails/web_dav_requests_controller.rb index 982bbf5..3084deb 100644 --- a/lib/calligraphy/rails/web_dav_requests_controller.rb +++ b/lib/calligraphy/rails/web_dav_requests_controller.rb @@ -29,6 +29,7 @@ module Calligraphy::Rails private + # Prevent any request with `.` or `..` as part of the resource ID. def verify_resource_scope head :forbidden if %w(. ..).any? { |seg| params[:resource].include? seg } end @@ -52,6 +53,7 @@ module Calligraphy::Rails @resource_class = params[:resource_class] || Calligraphy::Resource @resource_root_path = params[:resource_root_path] + @resource = @resource_class.new resource: resource_id, req: request, root_dir: @resource_root_path end @@ -137,6 +139,7 @@ module Calligraphy::Rails def validate_etag(etag_validators, validate_against) cache_key = ActiveSupport::Cache.expand_cache_key etag_validators + "W/\"#{Digest::MD5.hexdigest(cache_key)}\"" == validate_against end @@ -156,7 +159,8 @@ module Calligraphy::Rails end def options - response.headers['DAV'] = '1, 2, 3' + response.headers['DAV'] = @resource.dav_compliance + :ok end diff --git a/lib/calligraphy/resource/resource.rb b/lib/calligraphy/resource/resource.rb index 59681c0..5c75214 100644 --- a/lib/calligraphy/resource/resource.rb +++ b/lib/calligraphy/resource/resource.rb @@ -30,6 +30,10 @@ module Calligraphy raise NotImplementedError end + def dav_compliance + '1, 2, 3' + end + def delete_collection raise NotImplementedError end diff --git a/spec/resource/resource_spec.rb b/spec/resource/resource_spec.rb index 84cc30e..092ba2b 100644 --- a/spec/resource/resource_spec.rb +++ b/spec/resource/resource_spec.rb @@ -29,5 +29,12 @@ RSpec.describe 'Resource' do end end end + + describe '#dav_compliance' do + it 'advertises full WebDAV compliance' do + resource = Calligraphy::Resource.new + expect(resource.dav_compliance).to eq('1, 2, 3') + end + end end end