cleaning

Author: bourgeoa

lib/acl-checker.js

@@ -5,7 +5,6 @@ const { dirname } = require('path')
 const rdf = require('rdflib')
 const debug = require('./debug').ACL
 // const debugCache = require('./debug').cache
-// const debugAccounts = require('./debug').accounts
 const HTTPError = require('./http-error')
 const aclCheck = require('@solid/acl-check')
 const { URL } = require('url')
@@ -56,6 +55,7 @@ class ACLChecker {
     }
     this.messagesCached[cacheKey] = this.messagesCached[cacheKey] || []
 
+    // for method DELETE nearestACL and ACL from parent resource
     const acl = await this.getNearestACL(method).catch(err => {
       this.messagesCached[cacheKey].push(new HTTPError(err.status || 500, err.message || err))
     })
@@ -95,56 +95,56 @@ class ACLChecker {
       // FIXME: https://github.com/solid/acl-check/issues/23
       // console.error(e.message)
     }
+
     function resourceAccessDenied (modes) {
-      accessDenied = aclCheck.accessDenied(aclGraph, resource, directory, aclFile, agent, modes, agentOrigin, trustedOrigins, originTrustedModes)
+      return aclCheck.accessDenied(aclGraph, resource, directory, aclFile, agent, modes, agentOrigin, trustedOrigins, originTrustedModes)
     }
-
     function accessDeniedForAccessTo (modes) {
       const accessDeniedAccessTo = aclCheck.accessDenied(aclGraph, directory, null, aclFile, agent, modes, agentOrigin, trustedOrigins, originTrustedModes)
       const accessResult = !accessDenied && !accessDeniedAccessTo
-      accessDenied = accessResult ? false : accessDenied || accessDeniedAccessTo
-      // debugCache('accessDenied result ' + accessDenied)
+      return accessResult ? false : accessDenied || accessDeniedAccessTo
     }
     async function accessdeniedFromParent (modes) {
       const parentAclDirectory = ACLChecker.getDirectory(acl.parentAcl)
       const parentDirectory = parentResource === parentAclDirectory ? null : rdf.sym(parentAclDirectory)
-      // if (acl.parentAcl.endWith('/.acl')) parentDirectory = rdf.sym(parentAclDirectory)
       const accessDeniedParent = aclCheck.accessDenied(acl.parentGraph, parentResource, parentDirectory, rdf.sym(acl.parentAcl), agent, modes, agentOrigin, trustedOrigins, originTrustedModes)
       const accessResult = !accessDenied && !accessDeniedParent
-      accessDenied = accessResult ? false : accessDenied || accessDeniedParent
-      // debugCache('accessDenied result ' + accessDenied)
+      return accessResult ? false : accessDenied || accessDeniedParent
     }
 
-    let accessDenied
-    resourceAccessDenied(modes)
+    let accessDenied = resourceAccessDenied(modes)
+    // debugCache('accessDenied resource ' + accessDenied)
+
     // For create and update HTTP methods
     if ((method === 'PUT' || method === 'PATCH' || method === 'COPY')) {
       // if resource and acl have same parent container,
       // and resource does not exist, then accessTo Append from parent is required
       if (directory && directory.value === dirname(aclFile.value) + '/' && !resourceExists) {
-        accessDeniedForAccessTo([ACL('Append')])
+        accessDenied = accessDeniedForAccessTo([ACL('Append')])
       }
+      // debugCache('accessDenied PUT/PATCH ' + accessDenied)
     }
 
     // For delete HTTP method
     if ((method === 'DELETE')) {
       if (resourceExists) {
         // deleting a Container
         // without Read, the response code will reveal whether a Container is empty or not
-        if (directory && this.resource.endsWith('/')) resourceAccessDenied([ACL('Read'), ACL('Write')])
+        if (directory && this.resource.endsWith('/')) accessDenied = resourceAccessDenied([ACL('Read'), ACL('Write')])
         // if resource and acl have same parent container,
         // then both Read and Write on parent is required
-        else if (!directory && aclFile.value.endsWith(`/${this.suffix}`)) await accessdeniedFromParent([ACL('Read'), ACL('Write')])
+        else if (!directory && aclFile.value.endsWith(`/${this.suffix}`)) accessDenied = await accessdeniedFromParent([ACL('Read'), ACL('Write')])
 
         // deleting a Document
         else if (directory && directory.value === dirname(aclFile.value) + '/') {
-          accessDeniedForAccessTo([ACL('Write')])
+          accessDenied = accessDeniedForAccessTo([ACL('Write')])
         } else {
-          await accessdeniedFromParent([ACL('Write')])
+          accessDenied = await accessdeniedFromParent([ACL('Write')])
         }
 
       // https://github.com/solid/specification/issues/14#issuecomment-1712773516
       } else { accessDenied = true }
+      // debugCache('accessDenied DELETE ' + accessDenied)
     }
 
     if (accessDenied && user) {
@@ -184,7 +184,6 @@ class ACLChecker {
     let parentGraph = null
     let docAcl = null
     let docGraph = null
-    // while (possibleACLs.length > 0 && !returnParentAcl) {
     while (possibleACLs.length > 0 && !returnParentAcl) {
       const acl = possibleACLs.shift()
       let graph
@@ -193,7 +192,7 @@ class ACLChecker {
         graph = await this.requests[acl]
       } catch (err) {
         if (err && (err.code === 'ENOENT' || err.status === 404)) {
-          // only set isContainer before docAcl // alain
+          // only set isContainer before docAcl
           if (!docAcl) isContainer = true
           continue
         }
@@ -205,7 +204,7 @@ class ACLChecker {
       if (!docAcl) {
         docAcl = acl
         docGraph = graph
-        // parentAcl is only needed for DELETE // alain
+        // parentAcl is only needed for DELETE
         if (method !== 'DELETE') returnParentAcl = true
       } else {
         parentAcl = acl

lib/create-app.js

@@ -27,7 +27,6 @@ const { routeResolvedFile } = require('./utils')
 const ResourceMapper = require('./resource-mapper')
 const aclCheck = require('@solid/acl-check')
 const { version } = require('../package.json')
-// const preconditions = require('express-preconditions')
 
 const corsSettings = cors({
   methods: [
@@ -115,14 +114,6 @@ function createApp (argv = {}) {
     authProxy(app, argv.authProxy)
   }
 
-  // redirect http to https
-  app.use(function (req, res, next) {
-    if (req.protocol === 'http:') {
-      return res.redirect('https://' + req.headers.host + req.url)
-    }
-    next()
-  })
-
   // Attach the LDP middleware
   app.use('/', LdpMiddleware(corsSettings))
 

test/integration/acl-oidc-test.js

@@ -138,7 +138,7 @@ describe('ACL with WebID+OIDC over HTTP', function () {
           done()
         })
       })
-      it('user1 as solid:owner should let edit the .acl', function (done) { // alain
+      it('user1 as solid:owner should let edit the .acl', function (done) {
         const options = createOptions('/empty-acl/.acl', 'user1', 'text/turtle')
         options.body = ''
         request.put(options, function (error, response, body) {
@@ -209,7 +209,7 @@ describe('ACL with WebID+OIDC over HTTP', function () {
           done()
         })
       })
-      it('Should not create empty acl file', function (done) { // alain
+      it('Should not create empty acl file', function (done) {
         const options = createOptions('/write-acl/empty-acl/another-empty-folder/.acl', 'user1', 'text/turtle')
         options.body = ''
         request.put(options, function (error, response, body) {
@@ -273,7 +273,7 @@ describe('ACL with WebID+OIDC over HTTP', function () {
   })
 
   describe('no-control', function () {
-    it('user1 as owner should edit acl file', function (done) { // alain
+    it('user1 as owner should edit acl file', function (done) {
       const options = createOptions('/no-control/.acl', 'user1', 'text/turtle')
       options.body = '<#0>' +
       '\n a <http://www.w3.org/ns/auth/acl#Authorization>;' +
@@ -551,7 +551,7 @@ describe('ACL with WebID+OIDC over HTTP', function () {
         done()
       })
     })
-    it('user1 should be able to PATCH (which CREATEs) a nonexistent resource', function (done) {
+    it('user1 should be able to PATCH a nonexistent resource (which CREATEs)', function (done) {
       const options = createOptions('/append-inherited/test.ttl', 'user1')
       options.body = 'INSERT DATA { :test  :hello 456 .}'
       options.headers['content-type'] = 'application/sparql-update'
@@ -571,7 +571,7 @@ describe('ACL with WebID+OIDC over HTTP', function () {
         done()
       })
     })
-    it('user1 should be able to PUT (which CREATEs) (non existent resource)', function (done) {
+    it('user1 should be able to PUT to non existent resource (which CREATEs)', function (done) {
       const options = createOptions('/append-inherited/test1.ttl', 'user1')
       options.body = '<a> <b> <c> .\n'
       options.headers['content-type'] = 'text/turtle'
@@ -610,7 +610,7 @@ describe('ACL with WebID+OIDC over HTTP', function () {
         done()
       })
     })
-    it('user2 should be able to PATCH INSERT to (which CREATEs) a nonexistent resource', function (done) {
+    it('user2 should be able to PATCH INSERT to a nonexistent resource (which CREATEs)', function (done) {
       const options = createOptions('/append-inherited/new.ttl', 'user2')
       options.body = 'INSERT DATA { :test  :hello 789 .}'
       options.headers['content-type'] = 'application/sparql-update'
@@ -620,7 +620,7 @@ describe('ACL with WebID+OIDC over HTTP', function () {
         done()
       })
     })
-    it('user2 should be able to PUT to (which CREATEs) a non existent resource', function (done) { // alain
+    it('user2 should be able to PUT to a non existent resource (which CREATEs)', function (done) {
       const options = createOptions('/append-inherited/new1.ttl', 'user1')
       options.body = '<a> <b> <c> .\n'
       options.headers['content-type'] = 'text/turtle'

test/integration/http-test.js

@@ -472,7 +472,7 @@ describe('HTTP APIs', function () {
     })
     it('should have set acl and describedBy Links for resource',
       function (done) {
-        server.head('/sampleContainer2/example1.ttl') // get
+        server.head('/sampleContainer2/example1.ttl')
           .expect(hasHeader('acl', 'example1.ttl' + suffixAcl))
           .expect(hasHeader('describedBy', 'example1.ttl' + suffixMeta))
           .end(done)

test/unit/resource-mapper-test.js

@@ -282,7 +282,7 @@ describe('ResourceMapper', () => {
       ],
       {
         path: `${rootPath}space/`,
-        contentType: 'text/turtle' // 'application/octet-stream'
+        contentType: 'text/turtle'
       })
 
     itMapsUrl(mapper, 'a URL ending with a slash when index$.html is available',
@@ -295,7 +295,7 @@ describe('ResourceMapper', () => {
       ],
       {
         path: `${rootPath}space/`,
-        contentType: 'text/turtle' // 'application/octet-stream'
+        contentType: 'text/turtle'
       })
 
     itMapsUrl(mapper, 'a URL ending with a slash when index$.ttl is available',
@@ -307,7 +307,7 @@ describe('ResourceMapper', () => {
       ],
       {
         path: `${rootPath}space/`,
-        contentType: 'text/turtle' // 'application/octet-stream'
+        contentType: 'text/turtle'
       })
 
     itMapsUrl(mapper, 'a URL ending with a slash to a folder when index.html is available but index is skipped',
@@ -321,7 +321,7 @@ describe('ResourceMapper', () => {
       ],
       {
         path: `${rootPath}space/`,
-        contentType: 'text/turtle' // 'application/octet-stream'
+        contentType: 'text/turtle'
       })
 
     itMapsUrl(mapper, 'a URL ending with a slash to a folder when no index is available',
@@ -330,7 +330,7 @@ describe('ResourceMapper', () => {
       },
       {
         path: `${rootPath}space/`,
-        contentType: 'text/turtle' // 'application/octet-stream'
+        contentType: 'text/turtle'
       })
 
     itMapsUrl(mapper, 'a URL of that has an accompanying acl file, but no actual file',
@@ -342,7 +342,7 @@ describe('ResourceMapper', () => {
       ],
       {
         path: `${rootPath}space/`,
-        contentType: 'text/turtle' // 'application/octet-stream'
+        contentType: 'text/turtle'
       })
 
     itMapsUrl(mapper, 'a URL ending with a slash for text/html when index.html is not available',
@@ -373,13 +373,13 @@ describe('ResourceMapper', () => {
     itMapsUrl(mapper, 'a URL ending with a slash to a folder when index is skipped',
       {
         url: 'http://localhost/space/',
-        contentType: 'text/turtle', // 'application/octet-stream',
+        contentType: 'text/turtle',
         createIfNotExists: true,
         searchIndex: false
       },
       {
         path: `${rootPath}space/`,
-        contentType: 'text/turtle' // 'application/octet-stream'
+        contentType: 'text/turtle'
       })
 
     itMapsUrl(mapper, 'a URL ending with a slash for text/turtle',