cloudreve/pkg/webdav/webdav.go

// Copyright 2014 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// Package webdav provides a WebDAV server implementation.
package webdav // import "golang.org/x/net/webdav"

import (
	"context"
	"errors"
	"fmt"
	"net/http"
	"net/url"
	"path"
	"strconv"
	"strings"
	"sync"
	"time"

	model "github.com/cloudreve/Cloudreve/v3/models"
	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem"
	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/driver/local"
	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/fsctx"
	"github.com/cloudreve/Cloudreve/v3/pkg/util"
)

type Handler struct {
	// Prefix is the URL path prefix to strip from WebDAV resource paths.
	Prefix string
	// LockSystem is the lock management system.
	LockSystem map[uint]LockSystem
	// Logger is an optional error logger. If non-nil, it will be called
	// for all HTTP requests.
	Logger func(*http.Request, error)
}

func (h *Handler) stripPrefix(p string, uid uint) (string, int, error) {
	if h.Prefix == "" {
		return p, http.StatusOK, nil
	}
	prefix := h.Prefix
	if r := strings.TrimPrefix(p, prefix); len(r) < len(p) {
		if len(r) == 0 {
			r = "/"
		}
		return util.RemoveSlash(r), http.StatusOK, nil
	}
	return p, http.StatusNotFound, errPrefixMismatch
}

// isPathExist 路径是否存在
func isPathExist(ctx context.Context, fs *filesystem.FileSystem, path string) (bool, FileInfo) {
	// 尝试目录
	if ok, folder := fs.IsPathExist(path); ok {
		return ok, folder
	}
	if ok, file := fs.IsFileExist(path); ok {
		return ok, file
	}
	return false, nil
}

func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) {
	status, err := http.StatusBadRequest, errUnsupportedMethod
	if h.LockSystem == nil {
		status, err = http.StatusInternalServerError, errNoLockSystem
	} else {
		// 检查并新建LockSystem
		if _, ok := h.LockSystem[fs.User.ID]; !ok {
			h.LockSystem[fs.User.ID] = NewMemLS()
		}
		switch r.Method {
		case "OPTIONS":
			status, err = h.handleOptions(w, r, fs)
		case "GET", "HEAD", "POST":
			status, err = h.handleGetHeadPost(w, r, fs)
		case "DELETE":
			status, err = h.handleDelete(w, r, fs)
		case "PUT":
			status, err = h.handlePut(w, r, fs)
		case "MKCOL":
			status, err = h.handleMkcol(w, r, fs)
		case "COPY", "MOVE":
			status, err = h.handleCopyMove(w, r, fs)
		case "LOCK":
			status, err = h.handleLock(w, r, fs)
		case "UNLOCK":
			status, err = h.handleUnlock(w, r, fs)
		case "PROPFIND":
			status, err = h.handlePropfind(w, r, fs)
		case "PROPPATCH":
			status, err = h.handleProppatch(w, r, fs)
		}
	}

	if status != 0 {
		w.WriteHeader(status)
		if status != http.StatusNoContent {
			w.Write([]byte(StatusText(status)))
		}
	}
	if h.Logger != nil {
		h.Logger(r, err)
	}
}

// OK
func (h *Handler) lock(now time.Time, root string, fs *filesystem.FileSystem) (token string, status int, err error) {
	token, err = h.LockSystem[fs.User.ID].Create(now, LockDetails{
		Root:      root,
		Duration:  infiniteTimeout,
		ZeroDepth: true,
	})
	if err != nil {
		if err == ErrLocked {
			return "", StatusLocked, err
		}
		return "", http.StatusInternalServerError, err
	}
	return token, 0, nil
}

// ok
func (h *Handler) confirmLocks(r *http.Request, src, dst string, fs *filesystem.FileSystem) (release func(), status int, err error) {
	hdr := r.Header.Get("If")
	if hdr == "" {
		// An empty If header means that the client hasn't previously created locks.
		// Even if this client doesn't care about locks, we still need to check that
		// the resources aren't locked by another client, so we create temporary
		// locks that would conflict with another client's locks. These temporary
		// locks are unlocked at the end of the HTTP request.
		now, srcToken, dstToken := time.Now(), "", ""
		if src != "" {
			srcToken, status, err = h.lock(now, src, fs)
			if err != nil {
				return nil, status, err
			}
		}
		if dst != "" {
			dstToken, status, err = h.lock(now, dst, fs)
			if err != nil {
				if srcToken != "" {
					h.LockSystem[fs.User.ID].Unlock(now, srcToken)
				}
				return nil, status, err
			}
		}

		return func() {
			if dstToken != "" {
				h.LockSystem[fs.User.ID].Unlock(now, dstToken)
			}
			if srcToken != "" {
				h.LockSystem[fs.User.ID].Unlock(now, srcToken)
			}
		}, 0, nil
	}

	ih, ok := parseIfHeader(hdr)
	if !ok {
		return nil, http.StatusBadRequest, errInvalidIfHeader
	}
	// ih is a disjunction (OR) of ifLists, so any ifList will do.
	for _, l := range ih.lists {
		lsrc := l.resourceTag
		if lsrc == "" {
			lsrc = src
		} else {
			u, err := url.Parse(lsrc)
			if err != nil {
				continue
			}
			//if u.Host != r.Host {
			//	continue
			//}
			lsrc, status, err = h.stripPrefix(u.Path, fs.User.ID)
			if err != nil {
				return nil, status, err
			}
		}
		release, err = h.LockSystem[fs.User.ID].Confirm(
			time.Now(),
			lsrc,
			dst,
			l.conditions...,
		)
		if err == ErrConfirmationFailed {
			continue
		}
		if err != nil {
			return nil, http.StatusInternalServerError, err
		}
		return release, 0, nil
	}
	// Section 10.4.1 says that "If this header is evaluated and all state lists
	// fail, then the request must fail with a 412 (Precondition Failed) status."
	// We follow the spec even though the cond_put_corrupt_token test case from
	// the litmus test warns on seeing a 412 instead of a 423 (Locked).
	return nil, http.StatusPreconditionFailed, ErrLocked
}

//OK
func (h *Handler) handleOptions(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	reqPath, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
	if err != nil {
		return status, err
	}
	ctx := r.Context()
	allow := "OPTIONS, LOCK, PUT, MKCOL"
	if exist, fi := isPathExist(ctx, fs, reqPath); exist {
		if fi.IsDir() {
			allow = "OPTIONS, LOCK, DELETE, PROPPATCH, COPY, MOVE, UNLOCK, PROPFIND"
		} else {
			allow = "OPTIONS, LOCK, GET, HEAD, POST, DELETE, PROPPATCH, COPY, MOVE, UNLOCK, PROPFIND, PUT"
		}
	}
	w.Header().Set("Allow", allow)
	// http://www.webdav.org/specs/rfc4918.html#dav.compliance.classes
	w.Header().Set("DAV", "1, 2")
	// http://msdn.microsoft.com/en-au/library/cc250217.aspx
	w.Header().Set("MS-Author-Via", "DAV")
	return 0, nil
}

// OK
func (h *Handler) handleGetHeadPost(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	defer fs.Recycle()

	reqPath, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
	if err != nil {
		return status, err
	}

	ctx := r.Context()

	exist, file := fs.IsFileExist(reqPath)
	if !exist {
		return http.StatusNotFound, nil
	}
	fs.SetTargetFile(&[]model.File{*file})

	rs, err := fs.Preview(ctx, 0, false)
	if err != nil {
		if err == filesystem.ErrObjectNotExist {
			return http.StatusNotFound, err
		}
		return http.StatusInternalServerError, err
	}

	etag, err := findETag(ctx, fs, h.LockSystem[fs.User.ID], reqPath, &fs.FileTarget[0])
	if err != nil {
		return http.StatusInternalServerError, err
	}
	w.Header().Set("ETag", etag)

	if !rs.Redirect {
		defer rs.Content.Close()
		// 获取文件内容
		http.ServeContent(w, r, reqPath, fs.FileTarget[0].UpdatedAt, rs.Content)
		return 0, nil
	}

	http.Redirect(w, r, rs.URL, 301)

	return 0, nil
}

// OK
func (h *Handler) handleDelete(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	defer fs.Recycle()

	reqPath, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
	if err != nil {
		return status, err
	}
	release, status, err := h.confirmLocks(r, reqPath, "", fs)
	if err != nil {
		return status, err
	}
	defer release()

	ctx := r.Context()

	// 尝试作为文件删除
	if ok, file := fs.IsFileExist(reqPath); ok {
		if err := fs.Delete(ctx, []uint{}, []uint{file.ID}, false); err != nil {
			return http.StatusMethodNotAllowed, err
		}
		return http.StatusNoContent, nil
	}

	// 尝试作为目录删除
	if ok, folder := fs.IsPathExist(reqPath); ok {
		if err := fs.Delete(ctx, []uint{folder.ID}, []uint{}, false); err != nil {
			return http.StatusMethodNotAllowed, err
		}
		return http.StatusNoContent, nil
	}

	return http.StatusNotFound, nil
}

// OK
func (h *Handler) handlePut(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	reqPath, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
	if err != nil {
		return status, err
	}
	release, status, err := h.confirmLocks(r, reqPath, "", fs)
	if err != nil {
		return status, err
	}
	defer release()
	// TODO(rost): Support the If-Match, If-None-Match headers? See bradfitz'
	// comments in http.checkEtag.
	ctx, cancel := context.WithCancel(context.Background())
	defer cancel()
	ctx = context.WithValue(ctx, fsctx.HTTPCtx, r.Context())
	ctx = context.WithValue(ctx, fsctx.CancelFuncCtx, cancel)
	ctx = context.WithValue(ctx, fsctx.ValidateCapacityOnceCtx, &sync.Once{})

	fileSize, err := strconv.ParseUint(r.Header.Get("Content-Length"), 10, 64)
	if err != nil {
		return http.StatusMethodNotAllowed, err
	}
	fileName := path.Base(reqPath)
	filePath := path.Dir(reqPath)
	fileData := local.FileStream{
		MIMEType:    r.Header.Get("Content-Type"),
		File:        r.Body,
		Size:        fileSize,
		Name:        fileName,
		VirtualPath: filePath,
	}

	// 判断文件是否已存在
	exist, originFile := fs.IsFileExist(reqPath)
	if exist {
		// 已存在，为更新操作

		// 检查此文件是否有软链接
		fileList, err := model.RemoveFilesWithSoftLinks([]model.File{*originFile})
		if err == nil && len(fileList) == 0 {
			// 如果包含软连接，应重新生成新文件副本，并更新source_name
			originFile.SourceName = fs.GenerateSavePath(ctx, fileData)
			fs.Use("AfterUpload", filesystem.HookUpdateSourceName)
			fs.Use("AfterUploadCanceled", filesystem.HookUpdateSourceName)
			fs.Use("AfterValidateFailed", filesystem.HookUpdateSourceName)
		}

		fs.Use("BeforeUpload", filesystem.HookResetPolicy)
		fs.Use("BeforeUpload", filesystem.HookValidateFile)
		fs.Use("BeforeUpload", filesystem.HookChangeCapacity)
		fs.Use("AfterUploadCanceled", filesystem.HookCleanFileContent)
		fs.Use("AfterUploadCanceled", filesystem.HookClearFileSize)
		fs.Use("AfterUploadCanceled", filesystem.HookGiveBackCapacity)
		fs.Use("AfterUploadCanceled", filesystem.HookCancelContext)
		fs.Use("AfterUpload", filesystem.GenericAfterUpdate)
		fs.Use("AfterValidateFailed", filesystem.HookCleanFileContent)
		fs.Use("AfterValidateFailed", filesystem.HookClearFileSize)
		fs.Use("AfterValidateFailed", filesystem.HookGiveBackCapacity)
		ctx = context.WithValue(ctx, fsctx.FileModelCtx, *originFile)
	} else {
		// 给文件系统分配钩子
		fs.Use("BeforeUpload", filesystem.HookValidateFile)
		fs.Use("BeforeUpload", filesystem.HookValidateCapacity)
		fs.Use("AfterUploadCanceled", filesystem.HookDeleteTempFile)
		fs.Use("AfterUploadCanceled", filesystem.HookGiveBackCapacity)
		fs.Use("AfterUploadCanceled", filesystem.HookCancelContext)
		fs.Use("AfterUpload", filesystem.GenericAfterUpload)
		fs.Use("AfterValidateFailed", filesystem.HookDeleteTempFile)
		fs.Use("AfterValidateFailed", filesystem.HookGiveBackCapacity)
		fs.Use("AfterUploadFailed", filesystem.HookGiveBackCapacity)

		// 禁止覆盖
		ctx = context.WithValue(ctx, fsctx.DisableOverwrite, true)
	}

	// 执行上传
	err = fs.Upload(ctx, fileData)
	if err != nil {
		return http.StatusMethodNotAllowed, err
	}

	etag, err := findETag(ctx, fs, h.LockSystem[fs.User.ID], reqPath, &fs.FileTarget[0])
	if err != nil {
		return http.StatusInternalServerError, err
	}
	w.Header().Set("ETag", etag)
	return http.StatusCreated, nil
}

// OK
func (h *Handler) handleMkcol(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	defer fs.Recycle()

	reqPath, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
	if err != nil {
		return status, err
	}
	release, status, err := h.confirmLocks(r, reqPath, "", fs)
	if err != nil {
		return status, err
	}
	defer release()

	ctx := r.Context()

	if r.ContentLength > 0 {
		return http.StatusUnsupportedMediaType, nil
	}
	if strings.Contains(r.UserAgent(), "rclone") {
		if _, ok := ctx.Value(fsctx.IgnoreDirectoryConflictCtx).(bool); !ok {
			ctx = context.WithValue(ctx, fsctx.IgnoreDirectoryConflictCtx, true)
		}
	}
	if _, err := fs.CreateDirectory(ctx, reqPath); err != nil {
		return http.StatusConflict, err
	}
	return http.StatusCreated, nil
}

// OK
func (h *Handler) handleCopyMove(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	defer fs.Recycle()

	hdr := r.Header.Get("Destination")
	if hdr == "" {
		return http.StatusBadRequest, errInvalidDestination
	}
	u, err := url.Parse(hdr)
	if err != nil {
		return http.StatusBadRequest, errInvalidDestination
	}
	//if u.Host != "" && u.Host != r.Host {
	//	return http.StatusBadGateway, errInvalidDestination
	//}

	src, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
	if err != nil {
		return status, err
	}

	dst, status, err := h.stripPrefix(u.Path, fs.User.ID)
	if err != nil {
		return status, err
	}

	if dst == "" {
		return http.StatusBadGateway, errInvalidDestination
	}
	if dst == src {
		return http.StatusForbidden, errDestinationEqualsSource
	}

	ctx := r.Context()

	isExist, target := isPathExist(ctx, fs, src)

	if !isExist {
		return http.StatusNotFound, nil
	}

	if r.Method == "COPY" {
		// Section 7.5.1 says that a COPY only needs to lock the destination,
		// not both destination and source. Strictly speaking, this is racy,
		// even though a COPY doesn't modify the source, if a concurrent
		// operation modifies the source. However, the litmus test explicitly
		// checks that COPYing a locked-by-another source is OK.
		release, status, err := h.confirmLocks(r, "", dst, fs)
		if err != nil {
			return status, err
		}
		defer release()

		// Section 9.8.3 says that "The COPY method on a collection without a Depth
		// header must act as if a Depth header with value "infinity" was included".
		depth := infiniteDepth
		if hdr := r.Header.Get("Depth"); hdr != "" {
			depth = parseDepth(hdr)
			if depth != 0 && depth != infiniteDepth {
				// Section 9.8.3 says that "A client may submit a Depth header on a
				// COPY on a collection with a value of "0" or "infinity"."
				return http.StatusBadRequest, errInvalidDepth
			}
		}
		return copyFiles(ctx, fs, target, dst, r.Header.Get("Overwrite") != "F", depth, 0)
	}

	// windows下，某些情况下（网盘根目录下）Office保存文件时附带的锁token只包含源文件，
	// 此处暂时去除了对dst锁的检查
	release, status, err := h.confirmLocks(r, src, "", fs)
	if err != nil {
		return status, err
	}
	defer release()

	// Section 9.9.2 says that "The MOVE method on a collection must act as if
	// a "Depth: infinity" header was used on it. A client must not submit a
	// Depth header on a MOVE on a collection with any value but "infinity"."
	if hdr := r.Header.Get("Depth"); hdr != "" {
		if parseDepth(hdr) != infiniteDepth {
			return http.StatusBadRequest, errInvalidDepth
		}
	}
	return moveFiles(ctx, fs, target, dst, r.Header.Get("Overwrite") == "T")
}

// OK
func (h *Handler) handleLock(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (retStatus int, retErr error) {
	defer fs.Recycle()

	duration, err := parseTimeout(r.Header.Get("Timeout"))
	if err != nil {
		return http.StatusBadRequest, err
	}
	li, status, err := readLockInfo(r.Body)
	if err != nil {
		return status, err
	}

	//ctx := r.Context()
	token, ld, now, created := "", LockDetails{}, time.Now(), false
	if li == (lockInfo{}) {
		// An empty lockInfo means to refresh the lock.
		ih, ok := parseIfHeader(r.Header.Get("If"))
		if !ok {
			return http.StatusBadRequest, errInvalidIfHeader
		}
		if len(ih.lists) == 1 && len(ih.lists[0].conditions) == 1 {
			token = ih.lists[0].conditions[0].Token
		}
		if token == "" {
			return http.StatusBadRequest, errInvalidLockToken
		}
		ld, err = h.LockSystem[fs.User.ID].Refresh(now, token, duration)
		if err != nil {
			if err == ErrNoSuchLock {
				return http.StatusPreconditionFailed, err
			}
			return http.StatusInternalServerError, err
		}

	} else {
		// Section 9.10.3 says that "If no Depth header is submitted on a LOCK request,
		// then the request MUST act as if a "Depth:infinity" had been submitted."
		depth := infiniteDepth
		if hdr := r.Header.Get("Depth"); hdr != "" {
			depth = parseDepth(hdr)
			if depth != 0 && depth != infiniteDepth {
				// Section 9.10.3 says that "Values other than 0 or infinity must not be
				// used with the Depth header on a LOCK method".
				return http.StatusBadRequest, errInvalidDepth
			}
		}
		reqPath, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
		if err != nil {
			return status, err
		}
		ld = LockDetails{
			Root:      reqPath,
			Duration:  duration,
			OwnerXML:  li.Owner.InnerXML,
			ZeroDepth: depth == 0,
		}
		token, err = h.LockSystem[fs.User.ID].Create(now, ld)
		if err != nil {
			if err == ErrLocked {
				return StatusLocked, err
			}
			return http.StatusInternalServerError, err
		}
		defer func() {
			if retErr != nil {
				h.LockSystem[fs.User.ID].Unlock(now, token)
			}
		}()

		// Create the resource if it didn't previously exist.
		//if _, err := h.FileSystem.Stat(ctx, reqPath); err != nil {
		//	f, err := h.FileSystem.OpenFile(ctx, reqPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
		//	if err != nil {
		//		// TODO: detect missing intermediate dirs and return http.StatusConflict?
		//		return http.StatusInternalServerError, err
		//	}
		//	f.Close()
		//	created = true
		//}

		// http://www.webdav.org/specs/rfc4918.html#HEADER_Lock-Token says that the
		// Lock-Token value is a Coded-URL. We add angle brackets.
		w.Header().Set("Lock-Token", "<"+token+">")
	}

	w.Header().Set("Content-Type", "application/xml; charset=utf-8")
	if created {
		// This is "w.WriteHeader(http.StatusCreated)" and not "return
		// http.StatusCreated, nil" because we write our own (XML) response to w
		// and Handler.ServeHTTP would otherwise write "Created".
		w.WriteHeader(http.StatusCreated)
	}
	writeLockInfo(w, token, ld)
	return 0, nil
}

// OK
func (h *Handler) handleUnlock(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	defer fs.Recycle()

	// http://www.webdav.org/specs/rfc4918.html#HEADER_Lock-Token says that the
	// Lock-Token value is a Coded-URL. We strip its angle brackets.
	t := r.Header.Get("Lock-Token")
	if len(t) < 2 || t[0] != '<' || t[len(t)-1] != '>' {
		return http.StatusBadRequest, errInvalidLockToken
	}
	t = t[1 : len(t)-1]

	switch err = h.LockSystem[fs.User.ID].Unlock(time.Now(), t); err {
	case nil:
		return http.StatusNoContent, err
	case ErrForbidden:
		return http.StatusForbidden, err
	case ErrLocked:
		return StatusLocked, err
	case ErrNoSuchLock:
		return http.StatusConflict, err
	default:
		return http.StatusInternalServerError, err
	}
}

// OK
func (h *Handler) handlePropfind(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	defer fs.Recycle()

	reqPath, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
	if err != nil {
		return status, err
	}
	ctx := r.Context()
	ok, fi := isPathExist(ctx, fs, reqPath)
	if !ok {
		return http.StatusNotFound, err
	}

	depth := infiniteDepth
	if hdr := r.Header.Get("Depth"); hdr != "" {
		depth = parseDepth(hdr)
		if depth == invalidDepth {
			return http.StatusBadRequest, errInvalidDepth
		}
	}
	pf, status, err := readPropfind(r.Body)
	if err != nil {
		return status, err
	}

	mw := multistatusWriter{w: w}

	walkFn := func(reqPath string, info FileInfo, err error) error {

		if err != nil {
			return err
		}
		var pstats []Propstat
		if pf.Propname != nil {
			pnames, err := propnames(ctx, fs, h.LockSystem[fs.User.ID], info)
			if err != nil {
				return err
			}
			pstat := Propstat{Status: http.StatusOK}
			for _, xmlname := range pnames {
				pstat.Props = append(pstat.Props, Property{XMLName: xmlname})
			}
			pstats = append(pstats, pstat)
		} else if pf.Allprop != nil {
			pstats, err = allprop(ctx, fs, h.LockSystem[fs.User.ID], info, pf.Prop)
		} else {
			pstats, err = props(ctx, fs, h.LockSystem[fs.User.ID], info, pf.Prop)
		}
		if err != nil {
			return err
		}
		href := path.Join(h.Prefix, reqPath)
		if href != "/" && info.IsDir() {
			href += "/"
		}
		return mw.write(makePropstatResponse(href, pstats))
	}

	walkErr := walkFS(ctx, fs, depth, reqPath, fi, walkFn)
	closeErr := mw.close()
	if walkErr != nil {
		return http.StatusInternalServerError, walkErr
	}
	if closeErr != nil {
		return http.StatusInternalServerError, closeErr
	}
	return 0, nil
}

func (h *Handler) handleProppatch(w http.ResponseWriter, r *http.Request, fs *filesystem.FileSystem) (status int, err error) {
	defer fs.Recycle()

	reqPath, status, err := h.stripPrefix(r.URL.Path, fs.User.ID)
	if err != nil {
		return status, err
	}
	release, status, err := h.confirmLocks(r, reqPath, "", fs)
	if err != nil {
		return status, err
	}
	defer release()

	ctx := r.Context()

	if exist, _ := isPathExist(ctx, fs, reqPath); !exist {
		return http.StatusNotFound, nil
	}
	patches, status, err := readProppatch(r.Body)
	if err != nil {
		return status, err
	}
	pstats, err := patch(ctx, fs, h.LockSystem[fs.User.ID], reqPath, patches)
	if err != nil {
		return http.StatusInternalServerError, err
	}
	mw := multistatusWriter{w: w}
	writeErr := mw.write(makePropstatResponse(r.URL.Path, pstats))
	closeErr := mw.close()
	if writeErr != nil {
		return http.StatusInternalServerError, writeErr
	}
	if closeErr != nil {
		return http.StatusInternalServerError, closeErr
	}
	return 0, nil
}

func makePropstatResponse(href string, pstats []Propstat) *response {
	resp := response{
		Href:     []string{(&url.URL{Path: href}).EscapedPath()},
		Propstat: make([]propstat, 0, len(pstats)),
	}
	for _, p := range pstats {
		var xmlErr *xmlError
		if p.XMLError != "" {
			xmlErr = &xmlError{InnerXML: []byte(p.XMLError)}
		}
		resp.Propstat = append(resp.Propstat, propstat{
			Status:              fmt.Sprintf("HTTP/1.1 %d %s", p.Status, StatusText(p.Status)),
			Prop:                p.Props,
			ResponseDescription: p.ResponseDescription,
			Error:               xmlErr,
		})
	}
	return &resp
}

const (
	infiniteDepth = -1
	invalidDepth  = -2
)

// parseDepth maps the strings "0", "1" and "infinity" to 0, 1 and
// infiniteDepth. Parsing any other string returns invalidDepth.
//
// Different WebDAV methods have further constraints on valid depths:
//	- PROPFIND has no further restrictions, as per section 9.1.
//	- COPY accepts only "0" or "infinity", as per section 9.8.3.
//	- MOVE accepts only "infinity", as per section 9.9.2.
//	- LOCK accepts only "0" or "infinity", as per section 9.10.3.
// These constraints are enforced by the handleXxx methods.
func parseDepth(s string) int {
	switch s {
	case "0":
		return 0
	case "1":
		return 1
	case "infinity":
		return infiniteDepth
	}
	return invalidDepth
}

// http://www.webdav.org/specs/rfc4918.html#status.code.extensions.to.http11
const (
	StatusMulti               = 207
	StatusUnprocessableEntity = 422
	StatusLocked              = 423
	StatusFailedDependency    = 424
	StatusInsufficientStorage = 507
)

func StatusText(code int) string {
	switch code {
	case StatusMulti:
		return "Multi-Status"
	case StatusUnprocessableEntity:
		return "Unprocessable Entity"
	case StatusLocked:
		return "Locked"
	case StatusFailedDependency:
		return "Failed Dependency"
	case StatusInsufficientStorage:
		return "Insufficient Storage"
	}
	return http.StatusText(code)
}

var (
	errDestinationEqualsSource = errors.New("webdav: destination equals source")
	errDirectoryNotEmpty       = errors.New("webdav: directory not empty")
	errInvalidDepth            = errors.New("webdav: invalid depth")
	errInvalidDestination      = errors.New("webdav: invalid destination")
	errInvalidIfHeader         = errors.New("webdav: invalid If header")
	errInvalidLockInfo         = errors.New("webdav: invalid lock info")
	errInvalidLockToken        = errors.New("webdav: invalid lock token")
	errInvalidPropfind         = errors.New("webdav: invalid propfind")
	errInvalidProppatch        = errors.New("webdav: invalid proppatch")
	errInvalidResponse         = errors.New("webdav: invalid response")
	errInvalidTimeout          = errors.New("webdav: invalid timeout")
	errNoFileSystem            = errors.New("webdav: no file system")
	errNoLockSystem            = errors.New("webdav: no lock system")
	errNotADirectory           = errors.New("webdav: not a directory")
	errPrefixMismatch          = errors.New("webdav: prefix mismatch")
	errRecursionTooDeep        = errors.New("webdav: recursion too deep")
	errUnsupportedLockInfo     = errors.New("webdav: unsupported lock info")
	errUnsupportedMethod       = errors.New("webdav: unsupported method")
)