From a54b61e68c288d6eca5ce6e48cfc7658c817233b Mon Sep 17 00:00:00 2001
From: Jaime Martinez <jmartinez@gitlab.com>
Date: Wed, 14 Apr 2021 14:12:09 +1000
Subject: Update unit tests

---
 internal/httpfs/http_fs.go      | 12 +++---------
 internal/httpfs/http_fs_test.go | 10 +++++-----
 2 files changed, 8 insertions(+), 14 deletions(-)

(limited to 'internal/httpfs')

diff --git a/internal/httpfs/http_fs.go b/internal/httpfs/http_fs.go
index 17518301..3578352f 100644
--- a/internal/httpfs/http_fs.go
+++ b/internal/httpfs/http_fs.go
@@ -73,7 +73,7 @@ func (p *fileSystemPaths) Open(name string) (http.File, error) {
 	// https://gitlab.com/gitlab-org/gitlab-pages/-/issues/561
 	strippedPath, err := stripChrootPath(cleanedPath, p.chrootPath)
 	if err != nil {
-		log.WithError(err).Error()
+		log.WithError(err).Error(os.ErrPermission)
 
 		return nil, os.ErrPermission
 	}
@@ -83,14 +83,8 @@ func (p *fileSystemPaths) Open(name string) (http.File, error) {
 		return nil, err
 	}
 	for _, allowedPath := range p.allowedPaths {
-		// filepath.Abs(allowedPath) in NewFileSystemPath resolves an allowedPath to be `/` when
-		// chrootPath == allowedPath, so we need to return early if in chroot
-		//and we have stripped p.chrootPath from absPath && allowedPath
-		if p.chrootPath != "" && allowedPath == "/" {
-			return os.Open(absPath)
-		}
-
-		if strings.HasPrefix(absPath, allowedPath+"/") {
+		// allowedPath may be a single / in chroot so we need to ensure it's not double slash
+		if strings.HasPrefix(absPath, ensureEndingSlash(allowedPath)) {
 			return os.Open(absPath)
 		}
 	}
diff --git a/internal/httpfs/http_fs_test.go b/internal/httpfs/http_fs_test.go
index 1f779000..7885dbf2 100644
--- a/internal/httpfs/http_fs_test.go
+++ b/internal/httpfs/http_fs_test.go
@@ -59,10 +59,10 @@ func TestFSOpen(t *testing.T) {
 			fileName:       wd + "/../httpfs/testdata/file1.txt",
 			expectedErrMsg: os.ErrPermission.Error(),
 		},
-		"chroot_path_not_allowed_when_not_in_real_chroot": {
+		"chroot_path_not_found_when_not_in_real_chroot": {
 			allowedPaths:   []string{wd + "/testdata"},
 			fileName:       wd + "/testdata/file1.txt",
-			expectedErrMsg: os.ErrPermission.Error(),
+			expectedErrMsg: "no such file or directory",
 			chrootPath:     wd + "/testdata",
 		},
 	}
@@ -144,12 +144,12 @@ func TestFileSystemPathCanServeHTTP(t *testing.T) {
 			expectedStatusCode: http.StatusForbidden,
 			expectedContent:    "403 Forbidden\n",
 		},
-		"chroot_path_fails_in_unit_test_forbidden_when_not_in_real_chroot": {
+		"chroot_path_fails_in_unit_test_not_found_when_not_in_real_chroot": {
 			path:               wd + "/testdata",
 			fileName:           "file1.txt",
 			chrootPath:         wd + "/testdata",
-			expectedStatusCode: http.StatusForbidden,
-			expectedContent:    "403 Forbidden\n",
+			expectedStatusCode: http.StatusNotFound,
+			expectedContent:    "404 page not found\n",
 		},
 	}
 
-- 
cgit v1.2.3