Merge pull request #1955 from Automattic/update/mv-files-acl-endpoint

Move Files ACL endpoint
Automattic · Jan 26, 2021 · ea80046 · ea80046
2 parents f5794f8 + 3be3ac7
commit ea80046
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 6 deletions.
diff --git a/files/acl/acl.php b/files/acl/acl.php
@@ -6,6 +6,19 @@
 const FILE_IS_PRIVATE_AND_ALLOWED = 'FILE_IS_PRIVATE_AND_ALLOWED';
 const FILE_IS_PRIVATE_AND_DENIED = 'FILE_IS_PRIVATE_AND_DENIED';
 
+/**
+ * Sends the correct response code and headers based on the specified file availability.
+ *
+ * Note: the nginx module for using for the subrequest limits what status codes can be returned.
+ *
+ * Specifically, we can only send 2xx, 401, and 403. Everything else is sent to the client as a 500.
+ *
+ * Also note: for success responses, it's very important to not use 200 since that can be returned by
+ * fatal errors as well which could result in leaking data.
+ *
+ * @param string $file_visibility One of the allowed visibility constants.
+ * @param string $file_path Path to the file, minus the wp-content/uploads/ bits.
+ */
 function send_visibility_headers( $file_visibility, $file_path ) {
 	// Default to throwing an error so we can catch unexpected problems more easily.
 	$status_code = 500;

diff --git a/endpoints/internal-check-file-acl.php → files/acl/endpoint-check-file-acl.php b/endpoints/internal-check-file-acl.php → files/acl/endpoint-check-file-acl.php
@@ -2,12 +2,13 @@
 
 namespace Automattic\VIP\Files\Acl;
 
-require_once __DIR__ . '/../files/acl/pre-wp-utils.php';
+require_once __DIR__ . '/pre-wp-utils.php';
 
 $vip_files_acl_paths = Pre_WP_Utils\prepare_request( $_SERVER['HTTP_X_ORIGINAL_URI'] ?? null );
 
 if ( ! $vip_files_acl_paths ) {
-	// TODO: verify code to return
+	// Note: a 400 might be more appropriate but we're limited in terms of response codes.
+	// See `send_visibility_headers()` for more details.
 	http_response_code( 500 );
 
 	exit;
@@ -19,17 +20,20 @@
 	$_SERVER['REQUEST_URI'] = $vip_files_acl_subsite_path . ( $_SERVER['REQUEST_URI'] ?? '' );
 }
 
-// Bootstap WordPress
-require __DIR__ . '/../../../wp-load.php';
+// Load WordPress
+require __DIR__ . '/../../../../wp-load.php';
 
-// Temp transitional check
+// START == Temporary Check ==
+// Can be removed once nginx configs to restrict direct access to this file are in place.
 if ( defined( 'VIP_GO_ENV' ) && VIP_GO_ENV
 	&& true !== WPCOM_SANDBOXED ) {
 	die( 'Sorry, internal testing only.' );
 }
+// END == Temporary Check ==
 
 // Load the ACL lib
-require_once __DIR__ . '/../files/acl/acl.php';
+// TODO: not needed after https://github.com/Automattic/vip-go-mu-plugins/pull/1948
+require_once __DIR__ . '/acl.php';
 
 /**
  * Hook in here to adjust the visibility of a given file.