From 957599ae01687d6b3d02a3c34fdbe2ac6bd920f9 Mon Sep 17 00:00:00 2001
From: Anike Arni <aarni@thoughtworks.com>
Date: Thu, 16 Feb 2017 18:51:26 -0200
Subject: [#907] Bundles login static files separately

Due to conflicts with public and protected urls, login and interstitial
files have to be on a different public url from inbox and resources that
require login. Therefore, here, we delegate that logic to webpack. Now
we have a '/public' url and a '/assets' url for those static assets.
---
 service/pixelated/resources/__init__.py                | 11 +++++++----
 service/pixelated/resources/backup_account_resource.py |  4 ++--
 service/pixelated/resources/login_resource.py          | 10 +++++-----
 service/pixelated/resources/root_resource.py           | 14 ++++++++------
 service/test/unit/resources/test_helpers.py            |  7 +++++++
 service/test/unit/resources/test_login_resource.py     |  2 +-
 6 files changed, 30 insertions(+), 18 deletions(-)

(limited to 'service')

diff --git a/service/pixelated/resources/__init__.py b/service/pixelated/resources/__init__.py
index 6bac2f59..f5512644 100644
--- a/service/pixelated/resources/__init__.py
+++ b/service/pixelated/resources/__init__.py
@@ -57,12 +57,15 @@ def handle_error_deferred(e, request):
     request.finish()
 
 
-def get_startup_folder():
-    path = os.path.dirname(os.path.abspath(__file__))
-    return os.path.join(path, '..', 'assets')
+def get_protected_static_folder():
+    return os.path.join(_get_static_folder(), 'protected')
 
 
-def get_static_folder():
+def get_public_static_folder():
+    return os.path.join(_get_static_folder(), 'public')
+
+
+def _get_static_folder():
     static_folder = os.path.abspath(os.path.join(os.path.abspath(__file__), "..", "..", "..", "..", "web-ui", "dist"))
     if not os.path.exists(static_folder):
         static_folder = os.path.join('/', 'usr', 'share', 'pixelated-user-agent')
diff --git a/service/pixelated/resources/backup_account_resource.py b/service/pixelated/resources/backup_account_resource.py
index 5d9cb032..f1eeee53 100644
--- a/service/pixelated/resources/backup_account_resource.py
+++ b/service/pixelated/resources/backup_account_resource.py
@@ -19,13 +19,13 @@ from xml.sax import SAXParseException
 
 from pixelated.resources import BaseResource
 from twisted.python.filepath import FilePath
-from pixelated.resources import get_static_folder
+from pixelated.resources import get_protected_static_folder
 from twisted.web.http import OK
 from twisted.web.template import Element, XMLFile, renderElement
 
 
 class BackupAccountPage(Element):
-    loader = XMLFile(FilePath(os.path.join(get_static_folder(), 'backup_account.html')))
+    loader = XMLFile(FilePath(os.path.join(get_protected_static_folder(), 'backup_account.html')))
 
     def __init__(self):
         super(BackupAccountPage, self).__init__()
diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py
index 160f12bf..bb05489e 100644
--- a/service/pixelated/resources/login_resource.py
+++ b/service/pixelated/resources/login_resource.py
@@ -20,7 +20,7 @@ from xml.sax import SAXParseException
 from pixelated.authentication import Authenticator
 from pixelated.config.leap import BootstrapUserServices
 from pixelated.resources import BaseResource, UnAuthorizedResource, IPixelatedSession
-from pixelated.resources import get_static_folder, respond_json
+from pixelated.resources import get_public_static_folder, respond_json
 from twisted.cred.error import UnauthorizedLogin
 from twisted.internet import defer
 from twisted.logger import Logger
@@ -45,7 +45,7 @@ def parse_accept_language(all_headers):
 
 
 class DisclaimerElement(Element):
-    loader = XMLFile(FilePath(os.path.join(get_static_folder(), '_login_disclaimer_banner.html')))
+    loader = XMLFile(FilePath(os.path.join(get_public_static_folder(), '_login_disclaimer_banner.html')))
 
     def __init__(self, banner):
         super(DisclaimerElement, self).__init__()
@@ -68,7 +68,7 @@ class DisclaimerElement(Element):
 
 
 class LoginWebSite(Element):
-    loader = XMLFile(FilePath(os.path.join(get_static_folder(), 'login.html')))
+    loader = XMLFile(FilePath(os.path.join(get_public_static_folder(), 'login.html')))
 
     def __init__(self, error_msg=None, disclaimer_banner_file=None):
         super(LoginWebSite, self).__init__()
@@ -96,8 +96,8 @@ class LoginResource(BaseResource):
         self._authenticator = authenticator or Authenticator(provider)
         self._bootstrap_user_services = BootstrapUserServices(services_factory, provider)
 
-        static_folder = get_static_folder()
-        self.putChild('assets', File(static_folder))
+        static_folder = get_public_static_folder()
+        self.putChild('public', File(static_folder))
         with open(os.path.join(static_folder, 'interstitial.html')) as f:
             self.interstitial = f.read()
 
diff --git a/service/pixelated/resources/root_resource.py b/service/pixelated/resources/root_resource.py
index 37a0013e..320a1204 100644
--- a/service/pixelated/resources/root_resource.py
+++ b/service/pixelated/resources/root_resource.py
@@ -20,7 +20,7 @@ from string import Template
 from pixelated.resources.users import UsersResource
 
 from pixelated.resources import BaseResource, UnAuthorizedResource, UnavailableResource
-from pixelated.resources import get_static_folder
+from pixelated.resources import get_public_static_folder, get_protected_static_folder
 from pixelated.resources.attachments_resource import AttachmentsResource
 from pixelated.resources.sandbox_resource import SandboxResource
 from pixelated.resources.backup_account_resource import BackupAccountResource
@@ -51,16 +51,17 @@ MODE_RUNNING = 2
 class RootResource(BaseResource):
     def __init__(self, services_factory):
         BaseResource.__init__(self, services_factory)
-        self._static_folder = get_static_folder()
-        self._html_template = open(os.path.join(self._static_folder, 'index.html')).read()
+        self._public_static_folder = get_public_static_folder()
+        self._protected_static_folder = get_protected_static_folder()
+        self._html_template = open(os.path.join(self._protected_static_folder, 'index.html')).read()
         self._services_factory = services_factory
         self._child_resources = ChildResourcesMap()
-        with open(os.path.join(self._static_folder, 'interstitial.html')) as f:
+        with open(os.path.join(self._public_static_folder, 'interstitial.html')) as f:
             self.interstitial = f.read()
         self._startup_mode()
 
     def _startup_mode(self):
-        self.putChild('assets', File(self._static_folder))
+        self.putChild('public', File(self._public_static_folder))
         self.putChild('status', LoginStatusResource(self._services_factory))
         self._mode = MODE_STARTUP
 
@@ -89,8 +90,9 @@ class RootResource(BaseResource):
         return csrf_input and csrf_input == xsrf_token
 
     def initialize(self, provider=None, disclaimer_banner=None, authenticator=None):
+        self._child_resources.add('assets', File(self._protected_static_folder))
         self._child_resources.add('backup-account', BackupAccountResource(self._services_factory))
-        self._child_resources.add('sandbox', SandboxResource(self._static_folder))
+        self._child_resources.add('sandbox', SandboxResource(self._protected_static_folder))
         self._child_resources.add('keys', KeysResource(self._services_factory))
         self._child_resources.add(AttachmentsResource.BASE_URL, AttachmentsResource(self._services_factory))
         self._child_resources.add('contacts', ContactsResource(self._services_factory))
diff --git a/service/test/unit/resources/test_helpers.py b/service/test/unit/resources/test_helpers.py
index e21c5373..6c456f51 100644
--- a/service/test/unit/resources/test_helpers.py
+++ b/service/test/unit/resources/test_helpers.py
@@ -18,6 +18,7 @@ from twisted.trial import unittest
 import re
 
 from pixelated.resources import respond_json, respond_json_deferred
+from pixelated.resources import get_public_static_folder, get_protected_static_folder
 from test.unit.resources import DummySite
 from twisted.web.test.requesthelper import DummyRequest
 
@@ -44,3 +45,9 @@ class TestHelpers(unittest.TestCase):
         self.assertEqual(b"{\"test\": \"yep\"}", request.written[0])
         self.assertEqual([b"application/json"],
                          request.responseHeaders.getRawHeaders("Content-Type"))
+
+    def test_getting_public_folder_returns_path(self):
+        self.assertIn('web-ui/dist/public', get_public_static_folder())
+
+    def test_getting_protected_folder_returns_path(self):
+        self.assertIn('web-ui/dist/protected', get_protected_static_folder())
diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py
index 29592c1d..bd0f9122 100644
--- a/service/test/unit/resources/test_login_resource.py
+++ b/service/test/unit/resources/test_login_resource.py
@@ -230,7 +230,7 @@ class TestLoginPOST(unittest.TestCase):
 
         def assert_interstitial_in_response(_):
             mock_authenticate.assert_called_once_with(self.username, self.password)
-            interstitial_js_in_template = '<script src="/assets/interstitial.js"></script>'
+            interstitial_js_in_template = '<script src="/public/interstitial.js"></script>'
             self.assertIn(interstitial_js_in_template, self.request.written[0])
 
         d.addCallback(assert_interstitial_in_response)
-- 
cgit v1.2.3