Commit 615219b1 authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼

software/theia: public folder is not public in Theia

This is a fixup of 665166e2 (see
especially nexedi/slapos@665166e2 (comment 177402))
parent 526cc23e
......@@ -15,7 +15,7 @@
[instance-theia]
_update_hash_filename_ = instance-theia.cfg.jinja.in
md5sum = 4b69822605e3f20fcec8f44a0bdf80bb
md5sum = 8a6efc1054b60f3cbd114a9f6097bae5
[instance]
_update_hash_filename_ = instance.cfg.in
......
......@@ -261,14 +261,13 @@ content =
log global
bind $${:ip}:$${:port} ssl crt $${frontend-instance-certificate:cert-file} alpn h2,http/1.1
# writing twice the same ACL is doing OR
acl is_public path_beg /public/
acl is_public path /$${frontend-instance-favicon.ico:filename}
acl is_public path /$${frontend-instance-theia.webmanifest:filename}
acl is_public path /$${frontend-instance-theia-serviceworker.js:filename}
acl auth_ok http_auth(basic-auth-list)
# No authentication for public folder
# No authentication for some files
http-request auth unless auth_ok || is_public
use_backend static if { path_beg /$${frontend-instance-fonts:folder-name} } || { path_beg /$${frontend-instance-slapos.css:folder-name} } || { path /$${frontend-instance-logo:filename} } || is_public
use_backend static if { path_beg /$${frontend-instance-fonts:folder-name} } || { path_beg /$${frontend-instance-slapos.css:folder-name} } || { path /$${frontend-instance-logo:filename} } || { path_beg /public/ } || is_public
default_backend nodejs
backend nodejs
......
......@@ -146,14 +146,17 @@ class TestTheia(TheiaTestCase):
)).geturl()
self.get(authenticated_url)
# there's a public folder to serve file (no need for authentication)
# there's a public folder to serve file
with open('{}/srv/frontend-static/public/test_file'.format(
self.getPath()), 'w') as f:
f.write("hello")
resp = self.get(urljoin(url, '/public/'))
resp = self.get(urljoin(authenticated_url, '/public/'))
self.assertIn('test_file', resp.text)
resp = self.get(urljoin(url, '/public/test_file'))
resp = self.get(urljoin(authenticated_url, '/public/test_file'))
self.assertEqual('hello', resp.text)
# make sure public folder is protected
resp = self.get(urljoin(url, '/public/test_file'))
self.assertEqual(resp.status_code, requests.codes.unauthorized)
# there's a (not empty) favicon (no need for authentication)
resp = self.get(urljoin(url, '/favicon.ico'))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment