From 3320776a89785dc8c1f70f32ca25ba53579c82ab Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Mon, 4 Jul 2022 15:50:54 +0200 Subject: [PATCH 1/3] support new env variable for blocking public access --- src/api/disabled.js | 5 +++-- src/api/index.js | 5 ++++- src/utils.js | 18 ++++++++++++++++++ 3 files changed, 25 insertions(+), 3 deletions(-) diff --git a/src/api/disabled.js b/src/api/disabled.js index 6471ad2..b48cf40 100644 --- a/src/api/disabled.js +++ b/src/api/disabled.js @@ -1,8 +1,9 @@ const db = require("../db"); +const { getDisabledServerReason } = require("../utils"); // returns a disabled flag status module.exports = (req, res) => { - const disabled = db.get("disabled").value(); + const manualDisabledReason = db.get("disabled").value(); - res.send({ disabled }); + return getDisabledServerReason(manualDisabledReason); }; diff --git a/src/api/index.js b/src/api/index.js index 641b154..10e5128 100644 --- a/src/api/index.js +++ b/src/api/index.js @@ -1,6 +1,7 @@ const { StatusCodes } = require("http-status-codes"); const { sum, sumBy } = require("lodash"); const db = require("../db"); +const { getDisabledServerReason } = require("../utils"); /** * Get status code that should be returned in the API response. @@ -54,7 +55,9 @@ function getMostRecentCriticalEntry() { * Get the disabled flag state (manual portal disable) */ function getDisabled() { - return db.get("disabled").value(); + const manualDisabledReason = db.get("disabled").value(); + + return getDisabledServerReason(manualDisabledReason); } module.exports = (req, res) => { diff --git a/src/utils.js b/src/utils.js index 8dbab0d..f17d39b 100644 --- a/src/utils.js +++ b/src/utils.js @@ -132,6 +132,23 @@ function isPortalModuleEnabled(module) { return process.env.PORTAL_MODULES && process.env.PORTAL_MODULES.indexOf(module) !== -1; } +/** + * Compute and generate a message indicating a disabled server. Server is disabled when either: + * - disable reason is set manually (non empty) + * - DENY_PUBLIC_ACCESS env variable is set to true (server on takedown) + */ +function getDisabledServerReason(manualDisabledReason) { + const accessDeniedReason = "Server public access denied"; // generic reason message + + // check if a flag that indicates that server should disable public traffic is enabled + if (process.env.DENY_PUBLIC_ACCESS === "true") { + // include manual disable reason if server has been manually disabled + return manualDisabledReason ? `${manualDisabledReason} & ${accessDeniedReason}` : accessDeniedReason; + } + + return manualDisabledReason; +} + module.exports = { calculateElapsedTime, getYesterdayISOString, @@ -139,6 +156,7 @@ module.exports = { ensureValidJSON, getAuthCookie, isPortalModuleEnabled, + getDisabledServerReason, ipCheckService, ipRegex, }; From 1df6376e3d72a5c020e717b524f85805e9256954 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Mon, 4 Jul 2022 20:40:57 +0200 Subject: [PATCH 2/3] move constant inside condition --- src/utils.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/utils.js b/src/utils.js index f17d39b..e5fb387 100644 --- a/src/utils.js +++ b/src/utils.js @@ -138,10 +138,10 @@ function isPortalModuleEnabled(module) { * - DENY_PUBLIC_ACCESS env variable is set to true (server on takedown) */ function getDisabledServerReason(manualDisabledReason) { - const accessDeniedReason = "Server public access denied"; // generic reason message - // check if a flag that indicates that server should disable public traffic is enabled if (process.env.DENY_PUBLIC_ACCESS === "true") { + const accessDeniedReason = "Server public access denied"; // generic reason message + // include manual disable reason if server has been manually disabled return manualDisabledReason ? `${manualDisabledReason} & ${accessDeniedReason}` : accessDeniedReason; } From 1f16f21e64c497ee588afd7ed1aac54515cff48a Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Mon, 4 Jul 2022 20:41:29 +0200 Subject: [PATCH 3/3] fix api response object --- src/api/disabled.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/api/disabled.js b/src/api/disabled.js index b48cf40..27bd268 100644 --- a/src/api/disabled.js +++ b/src/api/disabled.js @@ -5,5 +5,5 @@ const { getDisabledServerReason } = require("../utils"); module.exports = (req, res) => { const manualDisabledReason = db.get("disabled").value(); - return getDisabledServerReason(manualDisabledReason); + res.send({ disabled: getDisabledServerReason(manualDisabledReason) }); };