from fastapi import APIRouter, Request, Response, Depends, HTTPException, status, Header
from fastapi.responses import StreamingResponse
from typing import Optional
from xml.etree import ElementTree as ET
from datetime import datetime
import hashlib
import mimetypes
import os
import base64
from urllib.parse import unquote, urlparse
from .auth import get_current_user, verify_password
from .models import User, File, Folder, WebDAVProperty
from .storage import storage_manager
from .activity import log_activity
from .settings import settings
from jose import JWTError, jwt
router = APIRouter(
prefix="/webdav",
tags=["webdav"],
)
class WebDAVLock:
locks = {}
@classmethod
def create_lock(cls, path: str, user_id: int, timeout: int = 3600):
lock_token = f"opaquelocktoken:{hashlib.md5(f'{path}{user_id}{datetime.now()}'.encode()).hexdigest()}"
cls.locks[path] = {
"token": lock_token,
"user_id": user_id,
"created_at": datetime.now(),
"timeout": timeout,
}
return lock_token
@classmethod
def get_lock(cls, path: str):
return cls.locks.get(path)
@classmethod
def remove_lock(cls, path: str):
if path in cls.locks:
del cls.locks[path]
async def basic_auth(authorization: Optional[str] = Header(None)):
if not authorization:
return None
try:
scheme, credentials = authorization.split()
if scheme.lower() != "basic":
return None
decoded = base64.b64decode(credentials).decode("utf-8")
username, password = decoded.split(":", 1)
user = await User.get_or_none(username=username)
if user and verify_password(password, user.hashed_password):
return user
except (ValueError, UnicodeDecodeError, base64.binascii.Error):
return None
return None
async def webdav_auth(request: Request, authorization: Optional[str] = Header(None)):
# First, try Basic Auth, which is common for WebDAV clients
user = await basic_auth(authorization)
if user:
return user
# If Basic Auth fails or is not provided, try to authenticate using the session cookie
token = request.cookies.get("access_token")
if token:
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM]
)
username: str = payload.get("sub")
if username:
user = await User.get_or_none(username=username)
if user:
return user
except JWTError:
# Token is invalid, fall through to the final exception
pass
# If all authentication methods fail, raise 401
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
headers={"WWW-Authenticate": 'Basic realm="MyWebdav WebDAV"'},
)
async def resolve_path(path_str: str, user: User):
"""
Resolves a path string to a resource.
Returns a tuple: (resource, parent_folder, exists)
- resource: The File or Folder object at the path, or None if not found.
- parent_folder: The parent Folder object, or None if root.
- exists: Boolean indicating if the resource at the given path exists.
"""
path_str = path_str.strip("/")
if not path_str: # Root directory
# The root exists conceptually, but has no specific resource object.
# It contains top-level files and folders.
return None, None, True
parts = [p for p in path_str.split("/") if p]
current_folder = None
# Traverse the path to find the parent of the target resource
for i, part in enumerate(parts[:-1]):
folder = await Folder.get_or_none(
name=part, parent=current_folder, owner=user, is_deleted=False
)
if not folder:
# A component in the middle of the path does not exist, so the full path cannot exist.
return None, None, False
current_folder = folder
last_part = parts[-1]
# Check for the target resource itself (can be a folder or a file)
folder = await Folder.get_or_none(
name=last_part, parent=current_folder, owner=user, is_deleted=False
)
if folder:
return folder, current_folder, True
file = await File.get_or_none(
name=last_part, parent=current_folder, owner=user, is_deleted=False
)
if file:
return file, current_folder, True
# The resource itself was not found, but the path to its parent is valid.
return None, current_folder, False
def build_href(base_path: str, name: str, is_collection: bool):
path = f"{base_path.rstrip('/')}/{name}"
if is_collection:
path += "/"
return path
async def get_custom_properties(resource_type: str, resource_id: int):
props = await WebDAVProperty.filter(
resource_type=resource_type, resource_id=resource_id
)
return {(prop.namespace, prop.name): prop.value for prop in props}
def create_propstat_element(
props: dict, custom_props: dict = None, status: str = "HTTP/1.1 200 OK"
):
propstat = ET.Element("D:propstat")
prop = ET.SubElement(propstat, "D:prop")
for key, value in props.items():
if key == "resourcetype":
resourcetype = ET.SubElement(prop, "D:resourcetype")
if value == "collection":
ET.SubElement(resourcetype, "D:collection")
elif key == "getcontentlength":
elem = ET.SubElement(prop, f"D:{key}")
elem.text = str(value)
elif key == "getcontenttype":
elem = ET.SubElement(prop, f"D:{key}")
elem.text = value
elif key == "getlastmodified":
elem = ET.SubElement(prop, f"D:{key}")
elem.text = value.strftime("%a, %d %b %Y %H:%M:%S GMT")
elif key == "creationdate":
elem = ET.SubElement(prop, f"D:{key}")
elem.text = value.isoformat() + "Z"
elif key == "displayname":
elem = ET.SubElement(prop, f"D:{key}")
elem.text = value
elif key == "getetag":
elem = ET.SubElement(prop, f"D:{key}")
elem.text = value
if custom_props:
for (namespace, name), value in custom_props.items():
if namespace == "DAV:":
continue
elem = ET.SubElement(prop, f"{{{namespace}}}{name}")
elem.text = value
status_elem = ET.SubElement(propstat, "D:status")
status_elem.text = status
return propstat
def parse_propfind_body(body: bytes):
if not body:
return None
try:
root = ET.fromstring(body)
allprop = root.find(".//{DAV:}allprop")
if allprop is not None:
return "allprop"
propname = root.find(".//{DAV:}propname")
if propname is not None:
return "propname"
prop = root.find(".//{DAV:}prop")
if prop is not None:
requested_props = []
for child in prop:
ns = child.tag.split("}")[0][1:] if "}" in child.tag else "DAV:"
name = child.tag.split("}")[1] if "}" in child.tag else child.tag
requested_props.append((ns, name))
return requested_props
except ET.ParseError:
return None
return None
@router.api_route("/{full_path:path}", methods=["OPTIONS"])
async def webdav_options(full_path: str):
return Response(
status_code=200,
headers={
"DAV": "1, 2",
"Allow": "OPTIONS, GET, HEAD, POST, PUT, DELETE, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK",
"MS-Author-Via": "DAV",
},
)
@router.api_route("/{full_path:path}", methods=["PROPFIND"])
async def handle_propfind(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
depth = request.headers.get("Depth", "1")
full_path_str = unquote(full_path).strip("/")
body = await request.body()
requested_props = parse_propfind_body(body)
resource, parent_folder, exists = await resolve_path(full_path_str, current_user)
if not exists:
raise HTTPException(status_code=404, detail="Not found")
multistatus = ET.Element("D:multistatus", {"xmlns:D": "DAV:"})
base_href = f"/webdav/{full_path_str}" if full_path_str else "/webdav/"
# This function adds a single resource to the multistatus response
async def add_resource_to_response(res, res_href):
response = ET.SubElement(multistatus, "D:response")
href = ET.SubElement(response, "D:href")
href.text = res_href
props = {}
custom_props = None
res_type = ""
res_id = None
if isinstance(res, Folder):
res_type, res_id = "folder", res.id
props = {
"resourcetype": "collection", "displayname": res.name,
"creationdate": res.created_at, "getlastmodified": res.updated_at,
}
elif isinstance(res, File):
res_type, res_id = "file", res.id
props = {
"resourcetype": "", "displayname": res.name,
"getcontentlength": res.size, "getcontenttype": res.mime_type,
"creationdate": res.created_at, "getlastmodified": res.updated_at,
"getetag": f'"{res.file_hash}"',
}
elif res is None and (full_path_str == "" or isinstance(resource, Folder)): # Root or empty folder
props = {
"resourcetype": "collection", "displayname": resource.name if resource else "Root",
"creationdate": resource.created_at if resource else datetime.now(),
"getlastmodified": resource.updated_at if resource else datetime.now(),
}
if res_type and (requested_props == "allprop" or (isinstance(requested_props, list) and any(ns != "DAV:" for ns, _ in requested_props))):
custom_props = await get_custom_properties(res_type, res_id)
response.append(create_propstat_element(props, custom_props))
# Add the main resource itself to the response
res_href = base_href if isinstance(resource, File) else (base_href if base_href.endswith('/') else base_href + '/')
await add_resource_to_response(resource, res_href)
# If depth is 1 or infinity, add children
if depth in ["1", "infinity"]:
target_folder = resource if isinstance(resource, Folder) else (None if full_path_str == "" else parent_folder)
folders = await Folder.filter(owner=current_user, parent=target_folder, is_deleted=False)
files = await File.filter(owner=current_user, parent=target_folder, is_deleted=False)
for folder in folders:
child_href = build_href(base_href, folder.name, True)
await add_resource_to_response(folder, child_href)
for file in files:
child_href = build_href(base_href, file.name, False)
await add_resource_to_response(file, child_href)
xml_content = ET.tostring(multistatus, encoding="utf-8", xml_declaration=True)
return Response(content=xml_content, media_type="application/xml; charset=utf-8", status_code=207)
@router.api_route("/{full_path:path}", methods=["GET", "HEAD"])
async def handle_get(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
resource, _, exists = await resolve_path(full_path, current_user)
if not exists or not isinstance(resource, File):
raise HTTPException(status_code=404, detail="File not found")
try:
if request.method == "HEAD":
return Response(
status_code=200,
headers={
"Content-Length": str(resource.size),
"Content-Type": resource.mime_type,
"ETag": f'"{resource.file_hash}"',
"Last-Modified": resource.updated_at.strftime("%a, %d %b %Y %H:%M:%S GMT"),
},
)
async def file_iterator():
async for chunk in storage_manager.get_file(current_user.id, resource.path):
yield chunk
return StreamingResponse(
content=file_iterator(),
media_type=resource.mime_type,
headers={
"Content-Disposition": f'attachment; filename="{resource.name}"',
"ETag": f'"{resource.file_hash}"',
"Last-Modified": resource.updated_at.strftime("%a, %d %b %Y %H:%M:%S GMT"),
},
)
except FileNotFoundError:
raise HTTPException(status_code=404, detail="File not found in storage")
@router.api_route("/{full_path:path}", methods=["PUT"])
async def handle_put(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
if not full_path:
raise HTTPException(status_code=400, detail="Cannot PUT to root")
parts = [p for p in full_path.split("/") if p]
file_name = parts[-1]
parent_path = "/".join(parts[:-1])
parent_resource, _, parent_exists = await resolve_path(parent_path, current_user)
if not parent_exists or (parent_path and not isinstance(parent_resource, Folder)):
raise HTTPException(status_code=409, detail="Parent collection does not exist")
parent_folder = parent_resource if isinstance(parent_resource, Folder) else None
file_content = await request.body()
file_size = len(file_content)
if current_user.used_storage_bytes + file_size > current_user.storage_quota_bytes:
raise HTTPException(status_code=507, detail="Storage quota exceeded")
file_hash = hashlib.sha256(file_content).hexdigest()
file_extension = os.path.splitext(file_name)[1]
unique_filename = f"{file_hash}{file_extension}"
storage_path = os.path.join(str(current_user.id), unique_filename)
await storage_manager.save_file(current_user.id, storage_path, file_content)
mime_type, _ = mimetypes.guess_type(file_name)
mime_type = mime_type or "application/octet-stream"
existing_file = await File.get_or_none(
name=file_name, parent=parent_folder, owner=current_user, is_deleted=False
)
if existing_file:
old_size = existing_file.size
existing_file.path, existing_file.size, existing_file.mime_type, existing_file.file_hash = \
storage_path, file_size, mime_type, file_hash
existing_file.updated_at = datetime.now()
await existing_file.save()
current_user.used_storage_bytes += (file_size - old_size)
await current_user.save()
await log_activity(current_user, "file_updated", "file", existing_file.id)
return Response(status_code=204)
else:
db_file = await File.create(
name=file_name, path=storage_path, size=file_size, mime_type=mime_type,
file_hash=file_hash, owner=current_user, parent=parent_folder
)
current_user.used_storage_bytes += file_size
await current_user.save()
await log_activity(current_user, "file_created", "file", db_file.id)
return Response(status_code=201)
@router.api_route("/{full_path:path}", methods=["DELETE"])
async def handle_delete(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
if not full_path:
raise HTTPException(status_code=400, detail="Cannot DELETE root")
resource, _, exists = await resolve_path(full_path, current_user)
if not exists:
raise HTTPException(status_code=404, detail="Resource not found")
if isinstance(resource, File):
resource.is_deleted = True
resource.deleted_at = datetime.now()
await resource.save()
await log_activity(current_user, "file_deleted", "file", resource.id)
elif isinstance(resource, Folder):
child_files = await File.filter(parent=resource, is_deleted=False).count()
child_folders = await Folder.filter(parent=resource, is_deleted=False).count()
if child_files > 0 or child_folders > 0:
raise HTTPException(status_code=409, detail="Folder is not empty")
resource.is_deleted = True
resource.deleted_at = datetime.now()
await resource.save()
await log_activity(current_user, "folder_deleted", "folder", resource.id)
return Response(status_code=204)
@router.api_route("/{full_path:path}", methods=["MKCOL"])
async def handle_mkcol(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
if not full_path:
raise HTTPException(status_code=405, detail="Cannot MKCOL at root")
resource, _, exists = await resolve_path(full_path, current_user)
if exists:
raise HTTPException(status_code=405, detail="Resource already exists")
parts = [p for p in full_path.split("/") if p]
folder_name = parts[-1]
parent_path = "/".join(parts[:-1])
parent_resource, _, parent_exists = await resolve_path(parent_path, current_user)
if not parent_exists or (parent_path and not isinstance(parent_resource, Folder)):
raise HTTPException(status_code=409, detail="Parent collection does not exist")
parent_folder = parent_resource if isinstance(parent_resource, Folder) else None
folder = await Folder.create(name=folder_name, parent=parent_folder, owner=current_user)
await log_activity(current_user, "folder_created", "folder", folder.id)
return Response(status_code=201)
@router.api_route("/{full_path:path}", methods=["COPY"])
async def handle_copy(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
destination = request.headers.get("Destination")
overwrite = request.headers.get("Overwrite", "T").upper()
if not destination:
raise HTTPException(status_code=400, detail="Destination header required")
dest_path = unquote(urlparse(destination).path).replace("/webdav/", "", 1).strip("/")
source_resource, _, source_exists = await resolve_path(full_path, current_user)
if not source_exists:
raise HTTPException(status_code=404, detail="Source not found")
if not isinstance(source_resource, File):
raise HTTPException(status_code=501, detail="Only file copy is implemented")
dest_name = dest_path.split("/")[-1]
dest_parent_path = "/".join(dest_path.split("/")[:-1])
dest_parent_resource, _, dest_parent_exists = await resolve_path(dest_parent_path, current_user)
if not dest_parent_exists or (dest_parent_path and not isinstance(dest_parent_resource, Folder)):
raise HTTPException(status_code=409, detail="Destination parent collection does not exist")
dest_parent_folder = dest_parent_resource if isinstance(dest_parent_resource, Folder) else None
existing_dest, _, existing_dest_exists = await resolve_path(dest_path, current_user)
if existing_dest_exists and overwrite == "F":
raise HTTPException(status_code=412, detail="Destination exists and Overwrite is 'F'")
if existing_dest_exists:
# Update existing_dest instead of deleting and recreating
existing_dest.path = source_resource.path
existing_dest.size = source_resource.size
existing_dest.mime_type = source_resource.mime_type
existing_dest.file_hash = source_resource.file_hash
existing_dest.updated_at = datetime.now()
await existing_dest.save()
await log_activity(current_user, "file_copied", "file", existing_dest.id)
return Response(status_code=204)
else:
new_file = await File.create(
name=dest_name, path=source_resource.path, size=source_resource.size,
mime_type=source_resource.mime_type, file_hash=source_resource.file_hash,
owner=current_user, parent=dest_parent_folder
)
await log_activity(current_user, "file_copied", "file", new_file.id)
return Response(status_code=201)
@router.api_route("/{full_path:path}", methods=["MOVE"])
async def handle_move(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
destination = request.headers.get("Destination")
overwrite = request.headers.get("Overwrite", "T").upper()
if not destination:
raise HTTPException(status_code=400, detail="Destination header required")
dest_path = unquote(urlparse(destination).path).replace("/webdav/", "", 1).strip("/")
source_resource, _, source_exists = await resolve_path(full_path, current_user)
if not source_exists:
raise HTTPException(status_code=404, detail="Source not found")
dest_name = dest_path.split("/")[-1]
dest_parent_path = "/".join(dest_path.split("/")[:-1])
dest_parent_resource, _, dest_parent_exists = await resolve_path(dest_parent_path, current_user)
if not dest_parent_exists or (dest_parent_path and not isinstance(dest_parent_resource, Folder)):
raise HTTPException(status_code=409, detail="Destination parent collection does not exist")
dest_parent_folder = dest_parent_resource if isinstance(dest_parent_resource, Folder) else None
existing_dest, _, existing_dest_exists = await resolve_path(dest_path, current_user)
if existing_dest_exists and overwrite == "F":
raise HTTPException(status_code=412, detail="Destination exists and Overwrite is 'F'")
# Handle overwrite scenario
if existing_dest_exists:
if isinstance(source_resource, File):
# Update existing_dest with source_resource's properties
existing_dest.name = dest_name
existing_dest.path = source_resource.path
existing_dest.size = source_resource.size
existing_dest.mime_type = source_resource.mime_type
existing_dest.file_hash = source_resource.file_hash
existing_dest.parent = dest_parent_folder
existing_dest.updated_at = datetime.now()
await existing_dest.save()
await log_activity(current_user, "file_moved_overwrite", "file", existing_dest.id)
elif isinstance(source_resource, Folder):
raise HTTPException(status_code=501, detail="Folder move overwrite not implemented")
# Mark source as deleted
source_resource.is_deleted = True
source_resource.deleted_at = datetime.now()
await source_resource.save()
await log_activity(current_user, "file_deleted_after_move", "file", source_resource.id)
return Response(status_code=204) # Overwrite means 204 No Content
# Handle non-overwrite scenario (create new resource at destination)
else:
if isinstance(source_resource, File):
new_file = await File.create(
name=dest_name, path=source_resource.path, size=source_resource.size,
mime_type=source_resource.mime_type, file_hash=source_resource.file_hash,
owner=current_user, parent=dest_parent_folder
)
await log_activity(current_user, "file_moved_created", "file", new_file.id)
elif isinstance(source_resource, Folder):
raise HTTPException(status_code=501, detail="Folder move not implemented")
# Mark source as deleted
source_resource.is_deleted = True
source_resource.deleted_at = datetime.now()
await source_resource.save()
await log_activity(current_user, "file_deleted_after_move", "file", source_resource.id)
return Response(status_code=201) # New resource created means 201 Created
@router.api_route("/{full_path:path}", methods=["LOCK"])
async def handle_lock(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
timeout_header = request.headers.get("Timeout", "Second-3600")
timeout = 3600
if timeout_header.startswith("Second-"):
try:
timeout = int(timeout_header.split("-")[1])
except (ValueError, IndexError):
pass
lock_token = WebDAVLock.create_lock(full_path, current_user.id, timeout)
lockinfo = ET.Element("D:prop", {"xmlns:D": "DAV:"})
lockdiscovery = ET.SubElement(lockinfo, "D:lockdiscovery")
activelock = ET.SubElement(lockdiscovery, "D:activelock")
locktype = ET.SubElement(activelock, "D:locktype")
ET.SubElement(locktype, "D:write")
lockscope = ET.SubElement(activelock, "D:lockscope")
ET.SubElement(lockscope, "D:exclusive")
depth_elem = ET.SubElement(activelock, "D:depth")
depth_elem.text = "0"
owner = ET.SubElement(activelock, "D:owner")
owner_href = ET.SubElement(owner, "D:href")
owner_href.text = current_user.username
timeout_elem = ET.SubElement(activelock, "D:timeout")
timeout_elem.text = f"Second-{timeout}"
locktoken_elem = ET.SubElement(activelock, "D:locktoken")
href = ET.SubElement(locktoken_elem, "D:href")
href.text = lock_token
xml_content = ET.tostring(lockinfo, encoding="utf-8", xml_declaration=True)
return Response(
content=xml_content,
media_type="application/xml; charset=utf-8",
status_code=200,
headers={"Lock-Token": f"<{lock_token}>"},
)
@router.api_route("/{full_path:path}", methods=["UNLOCK"])
async def handle_unlock(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
lock_token_header = request.headers.get("Lock-Token")
if not lock_token_header:
raise HTTPException(status_code=400, detail="Lock-Token header required")
lock_token = lock_token_header.strip("<>")
existing_lock = WebDAVLock.get_lock(full_path)
if not existing_lock or existing_lock["token"] != lock_token:
raise HTTPException(status_code=409, detail="Invalid lock token")
if existing_lock["user_id"] != current_user.id:
raise HTTPException(status_code=403, detail="Not lock owner")
WebDAVLock.remove_lock(full_path)
return Response(status_code=204)
@router.api_route("/{full_path:path}", methods=["PROPPATCH"])
async def handle_proppatch(
request: Request, full_path: str, current_user: User = Depends(webdav_auth)
):
full_path = unquote(full_path).strip("/")
resource, parent, exists = await resolve_path(full_path, current_user)
if not resource:
raise HTTPException(status_code=404, detail="Resource not found")
body = await request.body()
if not body:
raise HTTPException(status_code=400, detail="Request body required")
try:
root = ET.fromstring(body)
except Exception:
raise HTTPException(status_code=400, detail="Invalid XML")
resource_type = "file" if isinstance(resource, File) else "folder"
resource_id = resource.id
set_props = []
remove_props = []
failed_props = []
set_element = root.find(".//{DAV:}set")
if set_element is not None:
prop_element = set_element.find(".//{DAV:}prop")
if prop_element is not None:
for child in prop_element:
ns = child.tag.split("}")[0][1:] if "}" in child.tag else "DAV:"
name = child.tag.split("}")[1] if "}" in child.tag else child.tag
value = child.text or ""
if ns == "DAV:":
live_props = [
"creationdate",
"getcontentlength",
"getcontenttype",
"getetag",
"getlastmodified",
"resourcetype",
]
if name in live_props:
failed_props.append((ns, name, "409 Conflict"))
continue
try:
existing_prop = await WebDAVProperty.get_or_none(
resource_type=resource_type,
resource_id=resource_id,
namespace=ns,
name=name,
)
if existing_prop:
existing_prop.value = value
await existing_prop.save()
else:
await WebDAVProperty.create(
resource_type=resource_type,
resource_id=resource_id,
namespace=ns,
name=name,
value=value,
)
set_props.append((ns, name))
except Exception:
failed_props.append((ns, name, "500 Internal Server Error"))
remove_element = root.find(".//{DAV:}remove")
if remove_element is not None:
prop_element = remove_element.find(".//{DAV:}prop")
if prop_element is not None:
for child in prop_element:
ns = child.tag.split("}")[0][1:] if "}" in child.tag else "DAV:"
name = child.tag.split("}")[1] if "}" in child.tag else child.tag
if ns == "DAV:":
failed_props.append((ns, name, "409 Conflict"))
continue
try:
existing_prop = await WebDAVProperty.get_or_none(
resource_type=resource_type,
resource_id=resource_id,
namespace=ns,
name=name,
)
if existing_prop:
await existing_prop.delete()
remove_props.append((ns, name))
else:
failed_props.append((ns, name, "404 Not Found"))
except Exception:
failed_props.append((ns, name, "500 Internal Server Error"))
multistatus = ET.Element("D:multistatus", {"xmlns:D": "DAV:"})
response_elem = ET.SubElement(multistatus, "D:response")
href = ET.SubElement(response_elem, "D:href")
href.text = f"/webdav/{full_path}"
if set_props or remove_props:
propstat = ET.SubElement(response_elem, "D:propstat")
prop = ET.SubElement(propstat, "D:prop")
for ns, name in set_props + remove_props:
if ns == "DAV:":
ET.SubElement(prop, f"D:{name}")
else:
ET.SubElement(prop, f"{{{ns}}}{name}")
status_elem = ET.SubElement(propstat, "D:status")
status_elem.text = "HTTP/1.1 200 OK"
if failed_props:
prop_by_status = {}
for ns, name, status_text in failed_props:
if status_text not in prop_by_status:
prop_by_status[status_text] = []
prop_by_status[status_text].append((ns, name))
for status_text, props_list in prop_by_status.items():
propstat = ET.SubElement(response_elem, "D:propstat")
prop = ET.SubElement(propstat, "D:prop")
for ns, name in props_list:
if ns == "DAV:":
ET.SubElement(prop, f"D:{name}")
else:
ET.SubElement(prop, f"{{{ns}}}{name}")
status_elem = ET.SubElement(propstat, "D:status")
status_elem.text = f"HTTP/1.1 {status_text}"
await log_activity(current_user, "properties_modified", resource_type, resource_id)
xml_content = ET.tostring(multistatus, encoding="utf-8", xml_declaration=True)
return Response(
content=xml_content,
media_type="application/xml; charset=utf-8",
status_code=207,
)
Reference in New Issue View Git Blame Copy Permalink