From 95de8f584bbd94cbab88b506b12b1efcecec83dd Mon Sep 17 00:00:00 2001
From: Roman Perekhod <rperekhod@owncloud.com>
Date: Wed, 17 Jul 2024 12:15:30 +0200
Subject: [PATCH] [full-ci] skip the file name validation if nodeid used

---
 changelog/unreleased/fix-filename-validation.md |  6 ++++++
 go.mod                                          |  2 +-
 go.sum                                          |  4 ++--
 .../createFileFolder.feature                    |  6 +++---
 .../http/services/owncloud/ocdav/put.go         | 17 ++++++++++-------
 vendor/modules.txt                              |  2 +-
 6 files changed, 23 insertions(+), 14 deletions(-)
 create mode 100644 changelog/unreleased/fix-filename-validation.md

diff --git a/changelog/unreleased/fix-filename-validation.md b/changelog/unreleased/fix-filename-validation.md
new file mode 100644
index 0000000000..bd62c2ae2a
--- /dev/null
+++ b/changelog/unreleased/fix-filename-validation.md
@@ -0,0 +1,6 @@
+Bugfix: Fixed the file name validation if nodeid is used
+
+We have fixed the file name validation if nodeid is used
+
+https://github.com/owncloud/ocis/pull/9634
+https://github.com/owncloud/ocis/issues/9568
diff --git a/go.mod b/go.mod
index d9e3f31693..2b91342696 100644
--- a/go.mod
+++ b/go.mod
@@ -15,7 +15,7 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/coreos/go-oidc/v3 v3.10.0
 	github.com/cs3org/go-cs3apis v0.0.0-20240425114016-d2cb31692b4e
-	github.com/cs3org/reva/v2 v2.21.1-0.20240716111044-11ee452e19a7
+	github.com/cs3org/reva/v2 v2.21.1-0.20240717160526-d6bf8567005a
 	github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25
 	github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
 	github.com/egirna/icap-client v0.1.1
diff --git a/go.sum b/go.sum
index e78eee350d..c59a3a47d9 100644
--- a/go.sum
+++ b/go.sum
@@ -1025,8 +1025,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c=
 github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME=
 github.com/cs3org/go-cs3apis v0.0.0-20240425114016-d2cb31692b4e h1:Cm2l8m2riLa79eh7V2wHd1Ra7wR3TbngmeLZBJ9MxTU=
 github.com/cs3org/go-cs3apis v0.0.0-20240425114016-d2cb31692b4e/go.mod h1:yyP8PRo0EZou3nSH7H4qjlzQwaydPeIRNgX50npQHpE=
-github.com/cs3org/reva/v2 v2.21.1-0.20240716111044-11ee452e19a7 h1:3iy7UjtZQ0KtkuC0SM0HI7GF4nnwQGUCVzm9Vfrwh50=
-github.com/cs3org/reva/v2 v2.21.1-0.20240716111044-11ee452e19a7/go.mod h1:+5pteFc4ymQnhYG2cOtg/jzaIZKgxrgIeH0D4fuC6gA=
+github.com/cs3org/reva/v2 v2.21.1-0.20240717160526-d6bf8567005a h1:QWtMu+iHKoM69CT2VqLgQkzeuVR5kACvwFhaldo6OpE=
+github.com/cs3org/reva/v2 v2.21.1-0.20240717160526-d6bf8567005a/go.mod h1:+5pteFc4ymQnhYG2cOtg/jzaIZKgxrgIeH0D4fuC6gA=
 github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
 github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
 github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
diff --git a/tests/acceptance/features/coreApiWebdavProperties/createFileFolder.feature b/tests/acceptance/features/coreApiWebdavProperties/createFileFolder.feature
index 89a013d742..dedcdcb619 100644
--- a/tests/acceptance/features/coreApiWebdavProperties/createFileFolder.feature
+++ b/tests/acceptance/features/coreApiWebdavProperties/createFileFolder.feature
@@ -184,10 +184,10 @@ Feature: create files and folder
       | new              | /..       | 405              |
       | new              | /../lorem | 400              |
       | new              |           | 400              |
-      | spaces           | /.        | 500              |
+      | spaces           | /.        | 400              |
       | spaces           | /..       | 405              |
-      | spaces           | /../lorem | 404              |
-      | spaces           |           | 500              |
+      | spaces           | /../lorem | 400              |
+      | spaces           |           | 400              |
 
 
   Scenario Outline: try to create folder with '.', '..' and 'empty'
diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/put.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/put.go
index 9811efd385..b89e835d8f 100644
--- a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/put.go
+++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/put.go
@@ -412,13 +412,16 @@ func (s *svc) handleSpacesPut(w http.ResponseWriter, r *http.Request, spaceID st
 		return
 	}
 
-	if r.URL.Path != "/" {
-		if err := ValidateName(filepath.Base(ref.Path), s.nameValidators); err != nil {
-			w.WriteHeader(http.StatusBadRequest)
-			b, err := errors.Marshal(http.StatusBadRequest, err.Error(), "", "")
-			errors.HandleWebdavError(&sublog, w, b, err)
-			return
-		}
+	if ref.GetResourceId().GetOpaqueId() != "" && ref.GetResourceId().GetSpaceId() != ref.GetResourceId().GetOpaqueId() && r.URL.Path == "/" {
+		s.handlePut(ctx, w, r, &ref, sublog)
+		return
+	}
+
+	if err := ValidateName(filename(ref.Path), s.nameValidators); err != nil {
+		w.WriteHeader(http.StatusBadRequest)
+		b, err := errors.Marshal(http.StatusBadRequest, err.Error(), "", "")
+		errors.HandleWebdavError(&sublog, w, b, err)
+		return
 	}
 
 	s.handlePut(ctx, w, r, &ref, sublog)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 7fa20163a0..ec69ec1d9e 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -366,7 +366,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1
 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1
 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1
 github.com/cs3org/go-cs3apis/cs3/types/v1beta1
-# github.com/cs3org/reva/v2 v2.21.1-0.20240716111044-11ee452e19a7
+# github.com/cs3org/reva/v2 v2.21.1-0.20240717160526-d6bf8567005a
 ## explicit; go 1.21
 github.com/cs3org/reva/v2/cmd/revad/internal/grace
 github.com/cs3org/reva/v2/cmd/revad/runtime