From e48e169002873e9a85c7fcb218083c926cfc7fa3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= <jfd@butonic.de>
Date: Wed, 2 Dec 2020 08:09:43 +0000
Subject: [PATCH] OCDAV: map bad request and unimplemented codes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
---
 .../unreleased/ocdav-handle-bad-request.md    |  5 ++
 internal/http/services/owncloud/ocdav/copy.go | 32 ++++++--
 .../http/services/owncloud/ocdav/delete.go    |  6 ++
 internal/http/services/owncloud/ocdav/get.go  | 12 +++
 internal/http/services/owncloud/ocdav/head.go |  6 ++
 .../http/services/owncloud/ocdav/mkcol.go     | 12 +++
 internal/http/services/owncloud/ocdav/move.go | 62 +++++++++++----
 .../http/services/owncloud/ocdav/propfind.go  | 18 +++++
 .../http/services/owncloud/ocdav/proppatch.go | 18 +++++
 .../services/owncloud/ocdav/publicfile.go     | 76 +++++++++++++++++--
 internal/http/services/owncloud/ocdav/put.go  | 18 +++++
 .../http/services/owncloud/ocdav/trashbin.go  | 42 ++++++++++
 internal/http/services/owncloud/ocdav/tus.go  | 14 +++-
 .../http/services/owncloud/ocdav/versions.go  | 18 +++++
 14 files changed, 310 insertions(+), 29 deletions(-)
 create mode 100644 changelog/unreleased/ocdav-handle-bad-request.md

diff --git a/changelog/unreleased/ocdav-handle-bad-request.md b/changelog/unreleased/ocdav-handle-bad-request.md
new file mode 100644
index 00000000000..021eeff6a72
--- /dev/null
+++ b/changelog/unreleased/ocdav-handle-bad-request.md
@@ -0,0 +1,5 @@
+Enhancement: Map bad request and unimplement to http status codes
+
+We now return a 400 bad request when a grpc call fails with an invalid argument status and a 501 not implemented when it fails with an unimplemented status. This prevents 500 errors when a user tries to add resources to the Share folder or a storage does not implement an action.
+
+https://github.com/cs3org/reva/pull/1354
diff --git a/internal/http/services/owncloud/ocdav/copy.go b/internal/http/services/owncloud/ocdav/copy.go
index f8a350bf5c1..14d43bcb537 100644
--- a/internal/http/services/owncloud/ocdav/copy.go
+++ b/internal/http/services/owncloud/ocdav/copy.go
@@ -55,7 +55,7 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
 	}
 	dst = path.Join(ns, dst)
 
-	log.Info().Str("source", src).Str("destination", dst).
+	log.Debug().Str("source", src).Str("destination", dst).
 		Str("overwrite", overwrite).Str("depth", depth).Msg("copy")
 
 	overwrite = strings.ToUpper(overwrite)
@@ -87,7 +87,7 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
 	srcStatReq := &provider.StatRequest{Ref: ref}
 	srcStatRes, err := client.Stat(ctx, srcStatReq)
 	if err != nil {
-		log.Error().Err(err).Msg("error sending grpc stat request")
+		log.Error().Err(err).Str("src", src).Str("dst", dst).Msg("error sending grpc stat request")
 		w.WriteHeader(http.StatusInternalServerError)
 		return
 	}
@@ -95,13 +95,19 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
 	if srcStatRes.Status.Code != rpc.Code_CODE_OK {
 		switch srcStatRes.Status.Code {
 		case rpc.Code_CODE_NOT_FOUND:
-			log.Debug().Str("src", src).Interface("status", srcStatRes.Status).Msg("resource not found")
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("resource not found")
 			w.WriteHeader(http.StatusNotFound)
 		case rpc.Code_CODE_PERMISSION_DENIED:
-			log.Debug().Str("src", src).Interface("status", srcStatRes.Status).Msg("permission denied")
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
-			log.Error().Str("src", src).Interface("status", srcStatRes.Status).Msg("grpc stat request failed")
+			log.Error().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
 		}
 		return
@@ -121,10 +127,16 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
 	if dstStatRes.Status.Code != rpc.Code_CODE_OK && dstStatRes.Status.Code != rpc.Code_CODE_NOT_FOUND {
 		switch dstStatRes.Status.Code {
 		case rpc.Code_CODE_PERMISSION_DENIED:
-			log.Debug().Str("dst", dst).Interface("status", dstStatRes.Status).Msg("permission denied")
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
-			log.Error().Str("dst", dst).Interface("status", dstStatRes.Status).Msg("grpc stat request failed")
+			log.Error().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
 		}
 		return
@@ -161,6 +173,12 @@ func (s *svc) handleCopy(w http.ResponseWriter, r *http.Request, ns string) {
 			case rpc.Code_CODE_PERMISSION_DENIED:
 				log.Debug().Str("dst", dst).Interface("status", intStatRes.Status).Msg("permission denied")
 				w.WriteHeader(http.StatusForbidden)
+			case rpc.Code_CODE_INVALID_ARGUMENT:
+				log.Debug().Str("dst", dst).Interface("status", intStatRes.Status).Msg("bad request")
+				w.WriteHeader(http.StatusBadRequest)
+			case rpc.Code_CODE_UNIMPLEMENTED:
+				log.Debug().Str("dst", dst).Interface("status", intStatRes.Status).Msg("not implemented")
+				w.WriteHeader(http.StatusNotImplemented)
 			default:
 				log.Error().Str("dst", dst).Interface("status", intStatRes.Status).Msg("grpc stat request failed")
 				w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/delete.go b/internal/http/services/owncloud/ocdav/delete.go
index 4cbeb94cb13..eb85f421a1e 100644
--- a/internal/http/services/owncloud/ocdav/delete.go
+++ b/internal/http/services/owncloud/ocdav/delete.go
@@ -62,6 +62,12 @@ func (s *svc) handleDelete(w http.ResponseWriter, r *http.Request, ns string) {
 	case rpc.Code_CODE_PERMISSION_DENIED:
 		log.Debug().Str("path", fn).Interface("status", res.Status).Msg("permission denied")
 		w.WriteHeader(http.StatusForbidden)
+	case rpc.Code_CODE_INVALID_ARGUMENT:
+		log.Debug().Str("path", fn).Interface("status", res.Status).Msg("bad request")
+		w.WriteHeader(http.StatusBadRequest)
+	case rpc.Code_CODE_UNIMPLEMENTED:
+		log.Debug().Str("path", fn).Interface("status", res.Status).Msg("not implemented")
+		w.WriteHeader(http.StatusNotImplemented)
 	default:
 		log.Error().Str("path", fn).Interface("status", res.Status).Msg("grpc delete request failed")
 		w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/get.go b/internal/http/services/owncloud/ocdav/get.go
index 806dede12f1..0e7951063a1 100644
--- a/internal/http/services/owncloud/ocdav/get.go
+++ b/internal/http/services/owncloud/ocdav/get.go
@@ -69,6 +69,12 @@ func (s *svc) handleGet(w http.ResponseWriter, r *http.Request, ns string) {
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", sRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -104,6 +110,12 @@ func (s *svc) handleGet(w http.ResponseWriter, r *http.Request, ns string) {
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", dRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", dRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", dRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", dRes.Status).Msg("grpc initiate file download request failed")
 			w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/head.go b/internal/http/services/owncloud/ocdav/head.go
index d81452b5774..75434a2e04f 100644
--- a/internal/http/services/owncloud/ocdav/head.go
+++ b/internal/http/services/owncloud/ocdav/head.go
@@ -64,6 +64,12 @@ func (s *svc) handleHead(w http.ResponseWriter, r *http.Request, ns string) {
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", res.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", res.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", res.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", res.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/mkcol.go b/internal/http/services/owncloud/ocdav/mkcol.go
index f167ea88225..e9134608aaa 100644
--- a/internal/http/services/owncloud/ocdav/mkcol.go
+++ b/internal/http/services/owncloud/ocdav/mkcol.go
@@ -70,6 +70,12 @@ func (s *svc) handleMkcol(w http.ResponseWriter, r *http.Request, ns string) {
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", statRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -94,6 +100,12 @@ func (s *svc) handleMkcol(w http.ResponseWriter, r *http.Request, ns string) {
 	case rpc.Code_CODE_PERMISSION_DENIED:
 		log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("permission denied")
 		w.WriteHeader(http.StatusForbidden)
+	case rpc.Code_CODE_INVALID_ARGUMENT:
+		log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("bad request")
+		w.WriteHeader(http.StatusBadRequest)
+	case rpc.Code_CODE_UNIMPLEMENTED:
+		log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("not implemented")
+		w.WriteHeader(http.StatusNotImplemented)
 	default:
 		log.Error().Str("path", fn).Interface("status", statRes.Status).Msg("grpc create container request failed")
 		w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/move.go b/internal/http/services/owncloud/ocdav/move.go
index cc94cdd2859..adc31de5bf8 100644
--- a/internal/http/services/owncloud/ocdav/move.go
+++ b/internal/http/services/owncloud/ocdav/move.go
@@ -45,7 +45,7 @@ func (s *svc) handleMove(w http.ResponseWriter, r *http.Request, ns string) {
 	}
 	dst = path.Join(ns, dst)
 
-	log.Info().Str("src", src).Str("dst", dst).Str("overwrite", overwrite).Msg("move")
+	log.Debug().Str("src", src).Str("dst", dst).Str("overwrite", overwrite).Msg("move")
 
 	overwrite = strings.ToUpper(overwrite)
 	if overwrite == "" {
@@ -79,13 +79,19 @@ func (s *svc) handleMove(w http.ResponseWriter, r *http.Request, ns string) {
 	if srcStatRes.Status.Code != rpc.Code_CODE_OK {
 		switch srcStatRes.Status.Code {
 		case rpc.Code_CODE_NOT_FOUND:
-			log.Debug().Str("src", src).Interface("status", srcStatRes.Status).Msg("resource not found")
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("resource not found")
 			w.WriteHeader(http.StatusNotFound)
 		case rpc.Code_CODE_PERMISSION_DENIED:
-			log.Debug().Str("src", src).Interface("status", srcStatRes.Status).Msg("permission denied")
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
-			log.Error().Str("src", src).Interface("status", srcStatRes.Status).Msg("grpc stat request failed")
+			log.Error().Str("src", src).Str("dst", dst).Interface("status", srcStatRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
 		}
 		return
@@ -105,10 +111,16 @@ func (s *svc) handleMove(w http.ResponseWriter, r *http.Request, ns string) {
 	if dstStatRes.Status.Code != rpc.Code_CODE_OK && dstStatRes.Status.Code != rpc.Code_CODE_NOT_FOUND {
 		switch dstStatRes.Status.Code {
 		case rpc.Code_CODE_PERMISSION_DENIED:
-			log.Debug().Str("dst", dst).Interface("status", dstStatRes.Status).Msg("permission denied")
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
-			log.Error().Str("dst", dst).Interface("status", dstStatRes.Status).Msg("grpc stat request failed")
+			log.Error().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
 		}
 		return
@@ -136,10 +148,16 @@ func (s *svc) handleMove(w http.ResponseWriter, r *http.Request, ns string) {
 		if delRes.Status.Code != rpc.Code_CODE_OK && delRes.Status.Code != rpc.Code_CODE_NOT_FOUND {
 			switch delRes.Status.Code {
 			case rpc.Code_CODE_PERMISSION_DENIED:
-				log.Debug().Str("dst", dst).Interface("status", delRes.Status).Msg("permission denied")
+				log.Debug().Str("src", src).Str("dst", dst).Interface("status", delRes.Status).Msg("permission denied")
 				w.WriteHeader(http.StatusForbidden)
+			case rpc.Code_CODE_INVALID_ARGUMENT:
+				log.Debug().Str("src", src).Str("dst", dst).Interface("status", delRes.Status).Msg("bad request")
+				w.WriteHeader(http.StatusBadRequest)
+			case rpc.Code_CODE_UNIMPLEMENTED:
+				log.Debug().Str("src", src).Str("dst", dst).Interface("status", delRes.Status).Msg("not implemented")
+				w.WriteHeader(http.StatusNotImplemented)
 			default:
-				log.Error().Str("dst", dst).Interface("status", delRes.Status).Msg("grpc delete request failed")
+				log.Error().Str("src", src).Str("dst", dst).Interface("status", delRes.Status).Msg("grpc delete request failed")
 				w.WriteHeader(http.StatusInternalServerError)
 			}
 			return
@@ -163,10 +181,16 @@ func (s *svc) handleMove(w http.ResponseWriter, r *http.Request, ns string) {
 				// 409 if intermediate dir is missing, see https://tools.ietf.org/html/rfc4918#section-9.8.5
 				w.WriteHeader(http.StatusConflict)
 			case rpc.Code_CODE_PERMISSION_DENIED:
-				log.Debug().Str("parent", intermediateDir).Interface("status", intStatRes.Status).Msg("permission denied")
+				log.Debug().Str("src", src).Str("dst", dst).Str("parent", intermediateDir).Interface("status", intStatRes.Status).Msg("permission denied")
 				w.WriteHeader(http.StatusForbidden)
+			case rpc.Code_CODE_INVALID_ARGUMENT:
+				log.Debug().Str("src", src).Str("dst", dst).Str("parent", intermediateDir).Interface("status", intStatRes.Status).Msg("bad request")
+				w.WriteHeader(http.StatusBadRequest)
+			case rpc.Code_CODE_UNIMPLEMENTED:
+				log.Debug().Str("src", src).Str("dst", dst).Str("parent", intermediateDir).Interface("status", intStatRes.Status).Msg("not implemented")
+				w.WriteHeader(http.StatusNotImplemented)
 			default:
-				log.Error().Str("parent", intermediateDir).Interface("status", intStatRes.Status).Msg("grpc stat request failed")
+				log.Error().Str("src", src).Str("dst", dst).Str("parent", intermediateDir).Interface("status", intStatRes.Status).Msg("grpc stat request failed")
 				w.WriteHeader(http.StatusInternalServerError)
 			}
 			return
@@ -196,6 +220,12 @@ func (s *svc) handleMove(w http.ResponseWriter, r *http.Request, ns string) {
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("src", src).Str("dst", dst).Interface("status", mRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", mRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", mRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("src", src).Str("dst", dst).Interface("status", mRes.Status).Msg("grpc move request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -213,13 +243,19 @@ func (s *svc) handleMove(w http.ResponseWriter, r *http.Request, ns string) {
 	if dstStatRes.Status.Code != rpc.Code_CODE_OK {
 		switch dstStatRes.Status.Code {
 		case rpc.Code_CODE_NOT_FOUND:
-			log.Debug().Str("dst", dst).Interface("status", dstStatRes.Status).Msg("resource not found")
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("resource not found")
 			w.WriteHeader(http.StatusNotFound)
 		case rpc.Code_CODE_PERMISSION_DENIED:
-			log.Debug().Str("dst", dst).Interface("status", dstStatRes.Status).Msg("permission denied")
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
-			log.Error().Str("dst", dst).Interface("status", dstStatRes.Status).Msg("grpc stat request failed")
+			log.Error().Str("src", src).Str("dst", dst).Interface("status", dstStatRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
 		}
 		return
diff --git a/internal/http/services/owncloud/ocdav/propfind.go b/internal/http/services/owncloud/ocdav/propfind.go
index 57fecfebf48..170f4197a7b 100644
--- a/internal/http/services/owncloud/ocdav/propfind.go
+++ b/internal/http/services/owncloud/ocdav/propfind.go
@@ -96,6 +96,12 @@ func (s *svc) handlePropfind(w http.ResponseWriter, r *http.Request, ns string)
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", res.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusMultiStatus)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", res.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", res.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", res.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -124,6 +130,12 @@ func (s *svc) handlePropfind(w http.ResponseWriter, r *http.Request, ns string)
 			case rpc.Code_CODE_PERMISSION_DENIED:
 				log.Debug().Str("path", fn).Interface("status", res.Status).Msg("permission denied")
 				w.WriteHeader(http.StatusForbidden)
+			case rpc.Code_CODE_INVALID_ARGUMENT:
+				log.Debug().Str("path", fn).Interface("status", res.Status).Msg("bad request")
+				w.WriteHeader(http.StatusBadRequest)
+			case rpc.Code_CODE_UNIMPLEMENTED:
+				log.Debug().Str("path", fn).Interface("status", res.Status).Msg("not implemented")
+				w.WriteHeader(http.StatusNotImplemented)
 			default:
 				log.Error().Str("path", fn).Interface("status", res.Status).Msg("grpc list container request failed")
 				w.WriteHeader(http.StatusInternalServerError)
@@ -158,6 +170,12 @@ func (s *svc) handlePropfind(w http.ResponseWriter, r *http.Request, ns string)
 				case rpc.Code_CODE_PERMISSION_DENIED:
 					log.Debug().Str("path", fn).Interface("status", res.Status).Msg("permission denied")
 					w.WriteHeader(http.StatusForbidden)
+				case rpc.Code_CODE_INVALID_ARGUMENT:
+					log.Debug().Str("path", fn).Interface("status", res.Status).Msg("bad request")
+					w.WriteHeader(http.StatusBadRequest)
+				case rpc.Code_CODE_UNIMPLEMENTED:
+					log.Debug().Str("path", fn).Interface("status", res.Status).Msg("not implemented")
+					w.WriteHeader(http.StatusNotImplemented)
 				default:
 					log.Error().Str("path", fn).Interface("status", res.Status).Msg("grpc list container request failed")
 					w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/proppatch.go b/internal/http/services/owncloud/ocdav/proppatch.go
index 60e2492e772..0a36cb6e0a1 100644
--- a/internal/http/services/owncloud/ocdav/proppatch.go
+++ b/internal/http/services/owncloud/ocdav/proppatch.go
@@ -84,6 +84,12 @@ func (s *svc) handleProppatch(w http.ResponseWriter, r *http.Request, ns string)
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", statRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", statRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -144,6 +150,12 @@ func (s *svc) handleProppatch(w http.ResponseWriter, r *http.Request, ns string)
 					case rpc.Code_CODE_PERMISSION_DENIED:
 						log.Debug().Str("path", fn).Interface("status", res.Status).Msg("permission denied")
 						w.WriteHeader(http.StatusForbidden)
+					case rpc.Code_CODE_INVALID_ARGUMENT:
+						log.Debug().Str("path", fn).Interface("status", res.Status).Msg("bad request")
+						w.WriteHeader(http.StatusBadRequest)
+					case rpc.Code_CODE_UNIMPLEMENTED:
+						log.Debug().Str("path", fn).Interface("status", res.Status).Msg("not implemented")
+						w.WriteHeader(http.StatusNotImplemented)
 					default:
 						log.Error().Str("path", fn).Interface("status", res.Status).Msg("grpc unset arbitrary metadata request failed")
 						w.WriteHeader(http.StatusInternalServerError)
@@ -168,6 +180,12 @@ func (s *svc) handleProppatch(w http.ResponseWriter, r *http.Request, ns string)
 					case rpc.Code_CODE_PERMISSION_DENIED:
 						log.Debug().Str("path", fn).Interface("status", res.Status).Msg("permission denied")
 						w.WriteHeader(http.StatusForbidden)
+					case rpc.Code_CODE_INVALID_ARGUMENT:
+						log.Debug().Str("path", fn).Interface("status", res.Status).Msg("bad request")
+						w.WriteHeader(http.StatusBadRequest)
+					case rpc.Code_CODE_UNIMPLEMENTED:
+						log.Debug().Str("path", fn).Interface("status", res.Status).Msg("not implemented")
+						w.WriteHeader(http.StatusNotImplemented)
 					default:
 						log.Error().Str("path", fn).Interface("status", res.Status).Msg("grpc set arbitrary metadata request failed")
 						w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/publicfile.go b/internal/http/services/owncloud/ocdav/publicfile.go
index 9dc0c228e2e..4702199a422 100644
--- a/internal/http/services/owncloud/ocdav/publicfile.go
+++ b/internal/http/services/owncloud/ocdav/publicfile.go
@@ -104,24 +104,57 @@ func (s *svc) adjustResourcePathInURL(w http.ResponseWriter, r *http.Request) bo
 			Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
 			Str("tokenStatInfo.Path", tokenStatInfo.Path).
 			Msg("Could not get path of resource")
-		w.WriteHeader(http.StatusNotFound)
+		w.WriteHeader(http.StatusInternalServerError)
 		return false
 	}
 	if pathRes.Status.Code != rpc.Code_CODE_OK {
 		switch pathRes.Status.Code {
 		case rpc.Code_CODE_NOT_FOUND:
+			log.Debug().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("not found")
 			w.WriteHeader(http.StatusNotFound)
-			return false
 		case rpc.Code_CODE_PERMISSION_DENIED:
+			log.Debug().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
-			return false
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
+			log.Error().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("grpc get path request failed")
 			w.WriteHeader(http.StatusInternalServerError)
-			return false
 		}
+		return false
 	}
 	if path.Base(r.URL.Path) != path.Base(pathRes.Path) {
-		w.WriteHeader(http.StatusNotFound)
+		log.Debug().
+			Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+			Str("tokenStatInfo.Path", tokenStatInfo.Path).
+			Str("requestbase", path.Base(r.URL.Path)).
+			Str("pathbase", path.Base(pathRes.Path)).
+			Msg("base paths don't match")
+		w.WriteHeader(http.StatusConflict)
 		return false
 	}
 
@@ -182,15 +215,42 @@ func (s *svc) handlePropfindOnToken(w http.ResponseWriter, r *http.Request, ns s
 	if pathRes.Status.Code != rpc.Code_CODE_OK {
 		switch pathRes.Status.Code {
 		case rpc.Code_CODE_NOT_FOUND:
+			log.Debug().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("not found")
 			w.WriteHeader(http.StatusNotFound)
-			return
 		case rpc.Code_CODE_PERMISSION_DENIED:
+			log.Debug().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
-			return
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
+			log.Error().
+				Str("tokenStatInfo.Id", tokenStatInfo.GetId().String()).
+				Str("tokenStatInfo.Path", tokenStatInfo.Path).
+				Interface("status", pathRes.Status).
+				Msg("grpc get path request failed")
 			w.WriteHeader(http.StatusInternalServerError)
-			return
 		}
+		return
 	}
 
 	infos := []*provider.ResourceInfo{}
diff --git a/internal/http/services/owncloud/ocdav/put.go b/internal/http/services/owncloud/ocdav/put.go
index 935a67bae00..2b0ed285f64 100644
--- a/internal/http/services/owncloud/ocdav/put.go
+++ b/internal/http/services/owncloud/ocdav/put.go
@@ -167,6 +167,12 @@ func (s *svc) handlePutHelper(w http.ResponseWriter, r *http.Request, content io
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", sRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -230,6 +236,12 @@ func (s *svc) handlePutHelper(w http.ResponseWriter, r *http.Request, content io
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", uRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", uRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", uRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", uRes.Status).Msg("grpc initiate file upload request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -306,6 +318,12 @@ func (s *svc) handlePutHelper(w http.ResponseWriter, r *http.Request, content io
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", sRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/trashbin.go b/internal/http/services/owncloud/ocdav/trashbin.go
index 6ffe67fe423..df6006ac4bf 100644
--- a/internal/http/services/owncloud/ocdav/trashbin.go
+++ b/internal/http/services/owncloud/ocdav/trashbin.go
@@ -160,6 +160,12 @@ func (h *TrashbinHandler) listTrashbin(w http.ResponseWriter, r *http.Request, s
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("grpc get home request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -191,6 +197,12 @@ func (h *TrashbinHandler) listTrashbin(w http.ResponseWriter, r *http.Request, s
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", getHomeRes.Path).Interface("status", getRecycleRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", getRecycleRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", getRecycleRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", getHomeRes.Path).Interface("status", getRecycleRes.Status).Msg("grpc list recycle request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -391,6 +403,12 @@ func (h *TrashbinHandler) restore(w http.ResponseWriter, r *http.Request, s *svc
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("grpc get home request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -428,6 +446,12 @@ func (h *TrashbinHandler) restore(w http.ResponseWriter, r *http.Request, s *svc
 	case rpc.Code_CODE_PERMISSION_DENIED:
 		log.Debug().Str("key", key).Str("dst", dst).Interface("status", res.Status).Msg("permission denied")
 		w.WriteHeader(http.StatusForbidden)
+	case rpc.Code_CODE_INVALID_ARGUMENT:
+		log.Debug().Str("key", key).Str("dst", dst).Interface("status", res.Status).Msg("bad request")
+		w.WriteHeader(http.StatusBadRequest)
+	case rpc.Code_CODE_UNIMPLEMENTED:
+		log.Debug().Str("key", key).Str("dst", dst).Interface("status", res.Status).Msg("not implemented")
+		w.WriteHeader(http.StatusNotImplemented)
 	default:
 		log.Error().Str("key", key).Str("dst", dst).Interface("status", res.Status).Msg("grpc restore recycle item request failed")
 		w.WriteHeader(http.StatusInternalServerError)
@@ -461,6 +485,12 @@ func (h *TrashbinHandler) delete(w http.ResponseWriter, r *http.Request, s *svc,
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", getHomeRes.Path).Interface("status", getHomeRes.Status).Msg("grpc get home request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -487,6 +517,12 @@ func (h *TrashbinHandler) delete(w http.ResponseWriter, r *http.Request, s *svc,
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", getHomeRes.Path).Interface("status", sRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", sRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", getHomeRes.Path).Interface("status", sRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", getHomeRes.Path).Interface("status", sRes.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -523,6 +559,12 @@ func (h *TrashbinHandler) delete(w http.ResponseWriter, r *http.Request, s *svc,
 	case rpc.Code_CODE_PERMISSION_DENIED:
 		log.Debug().Str("storageid", sRes.Info.Id.StorageId).Str("key", key).Interface("status", res.Status).Msg("permission denied")
 		w.WriteHeader(http.StatusForbidden)
+	case rpc.Code_CODE_INVALID_ARGUMENT:
+		log.Debug().Str("storageid", sRes.Info.Id.StorageId).Str("key", key).Interface("status", res.Status).Msg("bad request")
+		w.WriteHeader(http.StatusBadRequest)
+	case rpc.Code_CODE_UNIMPLEMENTED:
+		log.Debug().Str("storageid", sRes.Info.Id.StorageId).Str("key", key).Interface("status", res.Status).Msg("not implemented")
+		w.WriteHeader(http.StatusNotImplemented)
 	default:
 		log.Error().Str("storageid", sRes.Info.Id.StorageId).Str("key", key).Interface("status", res.Status).Msg("grpc purge recycle request failed")
 		w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/tus.go b/internal/http/services/owncloud/ocdav/tus.go
index 8ef8d8ddf8b..2219ff4f589 100644
--- a/internal/http/services/owncloud/ocdav/tus.go
+++ b/internal/http/services/owncloud/ocdav/tus.go
@@ -161,6 +161,12 @@ func (s *svc) handleTusPost(w http.ResponseWriter, r *http.Request, ns string) {
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Str("path", fn).Interface("status", uRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Str("path", fn).Interface("status", uRes.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Str("path", fn).Interface("status", uRes.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Str("path", fn).Interface("status", uRes.Status).Msg("grpc initiate file upload request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -231,7 +237,7 @@ func (s *svc) handleTusPost(w http.ResponseWriter, r *http.Request, ns string) {
 				return
 			}
 		} else {
-			log.Info().Msg("Skipping sending a Patch request as body is empty")
+			log.Debug().Msg("Skipping sending a Patch request as body is empty")
 		}
 
 		// check if upload was fully completed
@@ -249,6 +255,12 @@ func (s *svc) handleTusPost(w http.ResponseWriter, r *http.Request, ns string) {
 				case rpc.Code_CODE_PERMISSION_DENIED:
 					log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("permission denied")
 					w.WriteHeader(http.StatusForbidden)
+				case rpc.Code_CODE_INVALID_ARGUMENT:
+					log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("bad request")
+					w.WriteHeader(http.StatusBadRequest)
+				case rpc.Code_CODE_UNIMPLEMENTED:
+					log.Debug().Str("path", fn).Interface("status", sRes.Status).Msg("not implemented")
+					w.WriteHeader(http.StatusNotImplemented)
 				default:
 					log.Error().Str("path", fn).Interface("status", sRes.Status).Msg("grpc stat request failed")
 					w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/versions.go b/internal/http/services/owncloud/ocdav/versions.go
index ca9f1432e0c..cfcf14b00b5 100644
--- a/internal/http/services/owncloud/ocdav/versions.go
+++ b/internal/http/services/owncloud/ocdav/versions.go
@@ -108,6 +108,12 @@ func (h *VersionsHandler) doListVersions(w http.ResponseWriter, r *http.Request,
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Interface("resourceid", rid).Interface("status", res.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Interface("resourceid", rid).Interface("status", res.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Interface("resourceid", rid).Interface("status", res.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Interface("resourceid", rid).Interface("status", res.Status).Msg("grpc stat request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -134,6 +140,12 @@ func (h *VersionsHandler) doListVersions(w http.ResponseWriter, r *http.Request,
 		case rpc.Code_CODE_PERMISSION_DENIED:
 			log.Debug().Interface("resourceid", rid).Interface("status", lvRes.Status).Msg("permission denied")
 			w.WriteHeader(http.StatusForbidden)
+		case rpc.Code_CODE_INVALID_ARGUMENT:
+			log.Debug().Interface("resourceid", rid).Interface("status", res.Status).Msg("bad request")
+			w.WriteHeader(http.StatusBadRequest)
+		case rpc.Code_CODE_UNIMPLEMENTED:
+			log.Debug().Interface("resourceid", rid).Interface("status", res.Status).Msg("not implemented")
+			w.WriteHeader(http.StatusNotImplemented)
 		default:
 			log.Error().Interface("resourceid", rid).Interface("status", lvRes.Status).Msg("grpc list file revisions request failed")
 			w.WriteHeader(http.StatusInternalServerError)
@@ -233,6 +245,12 @@ func (h *VersionsHandler) doRestore(w http.ResponseWriter, r *http.Request, s *s
 	case rpc.Code_CODE_PERMISSION_DENIED:
 		log.Debug().Interface("resourceid", rid).Str("key", key).Interface("status", res.Status).Msg("permission denied")
 		w.WriteHeader(http.StatusForbidden)
+	case rpc.Code_CODE_INVALID_ARGUMENT:
+		log.Debug().Interface("resourceid", rid).Str("key", key).Interface("status", res.Status).Msg("bad request")
+		w.WriteHeader(http.StatusBadRequest)
+	case rpc.Code_CODE_UNIMPLEMENTED:
+		log.Debug().Interface("resourceid", rid).Str("key", key).Interface("status", res.Status).Msg("not implemented")
+		w.WriteHeader(http.StatusNotImplemented)
 	default:
 		log.Error().Interface("resourceid", rid).Str("key", key).Interface("status", res.Status).Msg("grpc restore file revision request failed")
 		w.WriteHeader(http.StatusInternalServerError)