Commit 615219b1 authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼

software/theia: public folder is not public in Theia

This is a fixup of 665166e2 (see
especially nexedi/slapos@665166e2 (comment 177402))
parent 526cc23e
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
[instance-theia] [instance-theia]
_update_hash_filename_ = instance-theia.cfg.jinja.in _update_hash_filename_ = instance-theia.cfg.jinja.in
md5sum = 4b69822605e3f20fcec8f44a0bdf80bb md5sum = 8a6efc1054b60f3cbd114a9f6097bae5
[instance] [instance]
_update_hash_filename_ = instance.cfg.in _update_hash_filename_ = instance.cfg.in
......
...@@ -261,14 +261,13 @@ content = ...@@ -261,14 +261,13 @@ content =
log global log global
bind $${:ip}:$${:port} ssl crt $${frontend-instance-certificate:cert-file} alpn h2,http/1.1 bind $${:ip}:$${:port} ssl crt $${frontend-instance-certificate:cert-file} alpn h2,http/1.1
# writing twice the same ACL is doing OR # writing twice the same ACL is doing OR
acl is_public path_beg /public/
acl is_public path /$${frontend-instance-favicon.ico:filename} acl is_public path /$${frontend-instance-favicon.ico:filename}
acl is_public path /$${frontend-instance-theia.webmanifest:filename} acl is_public path /$${frontend-instance-theia.webmanifest:filename}
acl is_public path /$${frontend-instance-theia-serviceworker.js:filename} acl is_public path /$${frontend-instance-theia-serviceworker.js:filename}
acl auth_ok http_auth(basic-auth-list) acl auth_ok http_auth(basic-auth-list)
# No authentication for public folder # No authentication for some files
http-request auth unless auth_ok || is_public http-request auth unless auth_ok || is_public
use_backend static if { path_beg /$${frontend-instance-fonts:folder-name} } || { path_beg /$${frontend-instance-slapos.css:folder-name} } || { path /$${frontend-instance-logo:filename} } || is_public use_backend static if { path_beg /$${frontend-instance-fonts:folder-name} } || { path_beg /$${frontend-instance-slapos.css:folder-name} } || { path /$${frontend-instance-logo:filename} } || { path_beg /public/ } || is_public
default_backend nodejs default_backend nodejs
backend nodejs backend nodejs
......
...@@ -146,14 +146,17 @@ class TestTheia(TheiaTestCase): ...@@ -146,14 +146,17 @@ class TestTheia(TheiaTestCase):
)).geturl() )).geturl()
self.get(authenticated_url) self.get(authenticated_url)
# there's a public folder to serve file (no need for authentication) # there's a public folder to serve file
with open('{}/srv/frontend-static/public/test_file'.format( with open('{}/srv/frontend-static/public/test_file'.format(
self.getPath()), 'w') as f: self.getPath()), 'w') as f:
f.write("hello") f.write("hello")
resp = self.get(urljoin(url, '/public/')) resp = self.get(urljoin(authenticated_url, '/public/'))
self.assertIn('test_file', resp.text) self.assertIn('test_file', resp.text)
resp = self.get(urljoin(url, '/public/test_file')) resp = self.get(urljoin(authenticated_url, '/public/test_file'))
self.assertEqual('hello', resp.text) self.assertEqual('hello', resp.text)
# make sure public folder is protected
resp = self.get(urljoin(url, '/public/test_file'))
self.assertEqual(resp.status_code, requests.codes.unauthorized)
# there's a (not empty) favicon (no need for authentication) # there's a (not empty) favicon (no need for authentication)
resp = self.get(urljoin(url, '/favicon.ico')) resp = self.get(urljoin(url, '/favicon.ico'))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment