Skip to content

Commit

Permalink
Merge pull request #3903 from nextcloud/backport/3901/stable26
Browse files Browse the repository at this point in the history 
[stable26] fix: 403 when session is closed during push
  • Loading branch information
@juliusknorr
juliusknorr authored Mar 6, 2023
2 parents d79cdaf + 5b9c783 commit cacdb8d
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 10 deletions.
7 changes: 6 additions & 1 deletion cypress/support/sessions.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,12 @@ Cypress.Commands.add('pushAndClose', ({ connection, steps, version, awareness =
cy.log('Race between push and close')
.then(() => {
const push = connection.push({ steps, version, awareness })
.catch(e => e) // handle 403 gracefully
.catch(error => {
// handle 403 gracefully
if (error.response?.status !== 403) {
throw error
}
})
const close = connection.close()
return Promise.all([push, close])
})
Expand Down
29 changes: 20 additions & 9 deletions lib/Service/ApiService.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,20 +194,31 @@ public function push($documentId, $sessionId, $sessionToken, $version, $steps, $
return new DataResponse([], 403);
}
$session = $this->sessionService->getSession($documentId, $sessionId, $sessionToken);
$this->sessionService->updateSessionAwareness($documentId, $sessionId, $sessionToken, $awareness);
if (!$session) {
return new DataResponse([], 403);
}
try {
$this->sessionService->updateSessionAwareness($documentId, $sessionId, $sessionToken, $awareness);
} catch (DoesNotExistException $e) {
// Session was removed in the meantime. #3875
return new DataResponse([], 403);
}
if (empty($steps)) {
return new DataResponse([]);
}
$file = $this->documentService->getFileForSession($session, $token);
if (!$this->documentService->isReadOnly($file, $token)) {
try {
$result = $this->documentService->addStep($documentId, $sessionId, $steps, $version);
} catch (InvalidArgumentException $e) {
return new DataResponse($e->getMessage(), 422);
}
return new DataResponse($result);
if ($this->documentService->isReadOnly($file, $token)) {
return new DataResponse([], 403);
}
try {
$result = $this->documentService->addStep($documentId, $sessionId, $steps, $version);
} catch (InvalidArgumentException $e) {
return new DataResponse($e->getMessage(), 422);
} catch (DoesNotExistException $e) {
// Session was removed in the meantime. #3875
return new DataResponse([], 403);
}
return new DataResponse([], 403);
return new DataResponse($result);
}

public function sync($documentId, $sessionId, $sessionToken, $version = 0, $autosaveContent = null, $documentState = null, bool $force = false, bool $manualSave = false, $token = null): DataResponse {
Expand Down

0 comments on commit cacdb8d

Please sign in to comment.