up

internal/route/main.go

@@ -95,7 +95,7 @@ func RoutesPublic(r *mux.Router, bd *gorm.DB) {
 			http.Error(w, "Erreur lors de la génération de la playlist", http.StatusInternalServerError)
 		}
 	})
-r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 			authHeader := req.Header.Get("Authorization")
 			if authHeader == "" {
 				w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
@@ -110,8 +110,8 @@ r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, re
 				http.Error(w, "Unauthorized", http.StatusUnauthorized)
 				return
 			}
-    log.Printf("✅ email saisie: %s", email)
+			log.Printf("✅ email saisi: %s", email)
-    log.Printf("✅ passw saisie: %s", password)
+			log.Printf("✅ password saisi: %s", password)
 
 			var user models.User
 			result := bd.Where("email = ?", email).First(&user)
@@ -128,17 +128,14 @@ r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, re
 				return
 			}
 
-    // Lecture seule
+			// ✅ Ici on autorise TOUTES les méthodes WebDAV (lecture/écriture/suppression)
-    if req.Method != "GET" && req.Method != "HEAD" && req.Method != "OPTIONS" && req.Method != "PROPFIND" {
+			log.Printf("✅ WebDAV FULL ACCESS for user: %s", email)
-        http.Error(w, "Read-Only", http.StatusForbidden)
-        return
-    }
-
-    log.Printf("✅ WebDAV access for user: %s", email)
 
+			// Headers WebDAV que certains clients attendent
 			w.Header().Set("DAV", "1,2")
 			w.Header().Set("MS-Author-Via", "DAV")
 
+			// Handler WebDAV complet
 			webdavHandler := &webdav.Handler{
 				Prefix:     "/webdav/",
 				FileSystem: webdav.Dir("/app/upload"),
@@ -146,7 +143,7 @@ r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, re
 			}
 
 			webdavHandler.ServeHTTP(w, req)
-}))
+		}))
 
 	// WebDAV sécurisé
 	// username := "tonuser"       // ton login