Skip to content

Commit 131f666

Browse files
max-nextcloudmax-nextcloud
committed
fix: 403 when session is closed during push
Signed-off-by: Max <[email protected]>
1 parent 248ce79 commit 131f666

2 files changed

Lines changed: 26 additions & 10 deletions

File tree

cypress/support/sessions.js

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,12 @@ Cypress.Commands.add('pushAndClose', ({ connection, steps, version, awareness =
5757
cy.log('Race between push and close')
5858
.then(() => {
5959
const push = connection.push({ steps, version, awareness })
60-
.catch(e => e) // handle 403 gracefully
60+
.catch(error => {
61+
// handle 403 gracefully
62+
if (error.response?.status !== 403) {
63+
throw error
64+
}
65+
})
6166
const close = connection.close()
6267
return Promise.all([push, close])
6368
})

lib/Service/ApiService.php

Lines changed: 20 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -194,20 +194,31 @@ public function push($documentId, $sessionId, $sessionToken, $version, $steps, $
194194
return new DataResponse([], 403);
195195
}
196196
$session = $this->sessionService->getSession($documentId, $sessionId, $sessionToken);
197-
$this->sessionService->updateSessionAwareness($documentId, $sessionId, $sessionToken, $awareness);
197+
if (!$session) {
198+
return new DataResponse([], 403);
199+
}
200+
try {
201+
$this->sessionService->updateSessionAwareness($documentId, $sessionId, $sessionToken, $awareness);
202+
} catch (DoesNotExistException $e) {
203+
// Session was removed in the meantime. #3875
204+
return new DataResponse([], 403);
205+
}
198206
if (empty($steps)) {
199207
return new DataResponse([]);
200208
}
201209
$file = $this->documentService->getFileForSession($session, $token);
202-
if (!$this->documentService->isReadOnly($file, $token)) {
203-
try {
204-
$result = $this->documentService->addStep($documentId, $sessionId, $steps, $version);
205-
} catch (InvalidArgumentException $e) {
206-
return new DataResponse($e->getMessage(), 422);
207-
}
208-
return new DataResponse($result);
210+
if ($this->documentService->isReadOnly($file, $token)) {
211+
return new DataResponse([], 403);
212+
}
213+
try {
214+
$result = $this->documentService->addStep($documentId, $sessionId, $steps, $version);
215+
} catch (InvalidArgumentException $e) {
216+
return new DataResponse($e->getMessage(), 422);
217+
} catch (DoesNotExistException $e) {
218+
// Session was removed in the meantime. #3875
219+
return new DataResponse([], 403);
209220
}
210-
return new DataResponse([], 403);
221+
return new DataResponse($result);
211222
}
212223

213224
public function sync($documentId, $sessionId, $sessionToken, $version = 0, $autosaveContent = null, $documentState = null, bool $force = false, bool $manualSave = false, $token = null): DataResponse {

0 commit comments

Comments
 (0)