From 3317489f437b3b2084583ef6cc5c39bfe28aa280 Mon Sep 17 00:00:00 2001 From: Rory McNicholl Date: Thu, 8 Jan 2026 18:07:49 +0000 Subject: [PATCH 1/3] reinstate basic_auth crawl protection for demo sites :| --- app/controllers/application_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index bfec3e25..e91afb84 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -54,7 +54,7 @@ def is_staging def authenticate_if_needed # Disable this extra authentication in test mode return true if Rails.env.test? - return true # any hint of basic auth will stop BL staff from accessing site so instead we open all the "private" demo sites + #return true # any hint of basic auth will stop BL staff from accessing site so instead we open all the "private" demo sites if (is_hidden || is_staging) && !is_api_or_pdf # rubocop:disable Lint/UnreachableCode authenticate_or_request_with_http_basic do |username, password| username == ENV.fetch("HYKU_DEMO_USER", "bl_demo_user") && password == ENV.fetch("HYKU_DEMO_PASSWORD", "resu_omed_lb") From 42776c56703afdea4ed6f3fabfc0834e52a4348a Mon Sep 17 00:00:00 2001 From: Rory McNicholl Date: Fri, 9 Jan 2026 09:58:47 +0000 Subject: [PATCH 2/3] remove now unecessary lint avoidance --- app/controllers/application_controller.rb | 2 +- docker-compose.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e91afb84..027be2bd 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -55,7 +55,7 @@ def authenticate_if_needed # Disable this extra authentication in test mode return true if Rails.env.test? #return true # any hint of basic auth will stop BL staff from accessing site so instead we open all the "private" demo sites - if (is_hidden || is_staging) && !is_api_or_pdf # rubocop:disable Lint/UnreachableCode + if (is_hidden || is_staging) && !is_api_or_pdf authenticate_or_request_with_http_basic do |username, password| username == ENV.fetch("HYKU_DEMO_USER", "bl_demo_user") && password == ENV.fetch("HYKU_DEMO_PASSWORD", "resu_omed_lb") end diff --git a/docker-compose.yml b/docker-compose.yml index 864fc6ca..c8d610f0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -147,6 +147,7 @@ services: ## interact with the breakpoints. ## # command: sh -l -c "bundle && tail -f /dev/null" + command: tail -f /dev/null depends_on: db: condition: service_started From 8a8104c75b266e57593373c8b849bb615f4e4fef Mon Sep 17 00:00:00 2001 From: Rory McNicholl Date: Fri, 9 Jan 2026 10:41:46 +0000 Subject: [PATCH 3/3] trailing bloomin whitespace --- app/controllers/application_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 027be2bd..3270f06a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -55,7 +55,7 @@ def authenticate_if_needed # Disable this extra authentication in test mode return true if Rails.env.test? #return true # any hint of basic auth will stop BL staff from accessing site so instead we open all the "private" demo sites - if (is_hidden || is_staging) && !is_api_or_pdf + if (is_hidden || is_staging) && !is_api_or_pdf authenticate_or_request_with_http_basic do |username, password| username == ENV.fetch("HYKU_DEMO_USER", "bl_demo_user") && password == ENV.fetch("HYKU_DEMO_PASSWORD", "resu_omed_lb") end