From 5a85515b65b5f3759583a66c7ff3fb79d6679bcc Mon Sep 17 00:00:00 2001
From: Mohammad Jangda <batmoo@gmail.com>
Date: Fri, 22 Jan 2021 15:07:24 -0500
Subject: [PATCH 1/3] Move Files ACL endpoint under files subdirectory

---
 .../acl/endpoint-check-file-acl.php                               | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename endpoints/internal-check-file-acl.php => files/acl/endpoint-check-file-acl.php (100%)

diff --git a/endpoints/internal-check-file-acl.php b/files/acl/endpoint-check-file-acl.php
similarity index 100%
rename from endpoints/internal-check-file-acl.php
rename to files/acl/endpoint-check-file-acl.php

From 6498638aea7a933fbc4f4f42219ffaac598d51ab Mon Sep 17 00:00:00 2001
From: Mohammad Jangda <batmoo@gmail.com>
Date: Sat, 23 Jan 2021 00:35:19 -0500
Subject: [PATCH 2/3] Update file paths after move

---
 files/acl/endpoint-check-file-acl.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/files/acl/endpoint-check-file-acl.php b/files/acl/endpoint-check-file-acl.php
index bb704e4eb3..95fe131f7c 100644
--- a/files/acl/endpoint-check-file-acl.php
+++ b/files/acl/endpoint-check-file-acl.php
@@ -2,7 +2,7 @@
 
 namespace Automattic\VIP\Files\Acl;
 
-require_once __DIR__ . '/../files/acl/pre-wp-utils.php';
+require_once __DIR__ . '/pre-wp-utils.php';
 
 $vip_files_acl_paths = Pre_WP_Utils\prepare_request( $_SERVER['HTTP_X_ORIGINAL_URI'] ?? null );
 
@@ -19,8 +19,8 @@
 	$_SERVER['REQUEST_URI'] = $vip_files_acl_subsite_path . ( $_SERVER['REQUEST_URI'] ?? '' );
 }
 
-// Bootstap WordPress
-require __DIR__ . '/../../../wp-load.php';
+// Load WordPress
+require __DIR__ . '/../../../../wp-load.php';
 
 // Temp transitional check
 if ( defined( 'VIP_GO_ENV' ) && VIP_GO_ENV
@@ -29,7 +29,8 @@
 }
 
 // Load the ACL lib
-require_once __DIR__ . '/../files/acl/acl.php';
+// TODO: not needed after https://github.com/Automattic/vip-go-mu-plugins/pull/1948
+require_once __DIR__ . '/acl.php';
 
 /**
  * Hook in here to adjust the visibility of a given file.

From 1f928f69dbe82934856050447f78e403b0153320 Mon Sep 17 00:00:00 2001
From: Mohammad Jangda <batmoo@gmail.com>
Date: Sat, 23 Jan 2021 00:50:47 -0500
Subject: [PATCH 3/3] Update inline comments

Clearer about what's temporary code and more details about response
codes.
---
 files/acl/acl.php                     | 13 +++++++++++++
 files/acl/endpoint-check-file-acl.php |  7 +++++--
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/files/acl/acl.php b/files/acl/acl.php
index ba6252691b..f9c8f25ab6 100644
--- a/files/acl/acl.php
+++ b/files/acl/acl.php
@@ -6,6 +6,19 @@
 const FILE_IS_PRIVATE_AND_ALLOWED = 'FILE_IS_PRIVATE_AND_ALLOWED';
 const FILE_IS_PRIVATE_AND_DENIED = 'FILE_IS_PRIVATE_AND_DENIED';
 
+/**
+ * Sends the correct response code and headers based on the specified file availability.
+ *
+ * Note: the nginx module for using for the subrequest limits what status codes can be returned.
+ *
+ * Specifically, we can only send 2xx, 401, and 403. Everything else is sent to the client as a 500.
+ *
+ * Also note: for success responses, it's very important to not use 200 since that can be returned by
+ * fatal errors as well which could result in leaking data.
+ *
+ * @param string $file_visibility One of the allowed visibility constants.
+ * @param string $file_path Path to the file, minus the wp-content/uploads/ bits.
+ */
 function send_visibility_headers( $file_visibility, $file_path ) {
 	// Default to throwing an error so we can catch unexpected problems more easily.
 	$status_code = 500;
diff --git a/files/acl/endpoint-check-file-acl.php b/files/acl/endpoint-check-file-acl.php
index 95fe131f7c..8b855ef6be 100644
--- a/files/acl/endpoint-check-file-acl.php
+++ b/files/acl/endpoint-check-file-acl.php
@@ -7,7 +7,8 @@
 $vip_files_acl_paths = Pre_WP_Utils\prepare_request( $_SERVER['HTTP_X_ORIGINAL_URI'] ?? null );
 
 if ( ! $vip_files_acl_paths ) {
-	// TODO: verify code to return
+	// Note: a 400 might be more appropriate but we're limited in terms of response codes.
+	// See `send_visibility_headers()` for more details.
 	http_response_code( 500 );
 
 	exit;
@@ -22,11 +23,13 @@
 // Load WordPress
 require __DIR__ . '/../../../../wp-load.php';
 
-// Temp transitional check
+// START == Temporary Check ==
+// Can be removed once nginx configs to restrict direct access to this file are in place.
 if ( defined( 'VIP_GO_ENV' ) && VIP_GO_ENV
 	&& true !== WPCOM_SANDBOXED ) {
 	die( 'Sorry, internal testing only.' );
 }
+// END == Temporary Check ==
 
 // Load the ACL lib
 // TODO: not needed after https://github.com/Automattic/vip-go-mu-plugins/pull/1948