From 88a1b94a4b3dc244b1d230153dfa361ad791efda Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Mon, 3 May 2021 14:46:26 +0530
Subject: [PATCH 1/2] new tests for checkup page

---
 .../checkup/app-checkup.less                  | 20 ++++---
 www/checkup/main.js                           | 54 ++++++++++++++++---
 2 files changed, 59 insertions(+), 15 deletions(-)
 rename customize.dist/src/less2/pages/page-checkup.less => www/checkup/app-checkup.less (66%)

diff --git a/customize.dist/src/less2/pages/page-checkup.less b/www/checkup/app-checkup.less
similarity index 66%
rename from customize.dist/src/less2/pages/page-checkup.less
rename to www/checkup/app-checkup.less
index 751db910d..ad8cecbb1 100644
--- a/customize.dist/src/less2/pages/page-checkup.less
+++ b/www/checkup/app-checkup.less
@@ -1,7 +1,6 @@
-@import (reference) "../include/colortheme-all.less";
-@import (reference) "../include/font.less";
-//@import (reference) "../include/forms.less";
-@import (reference) "../include/alertify.less";
+@import (reference) "../../customize/src/less2/include/colortheme-all.less";
+@import (reference) "../../customize/src/less2/include/font.less";
+@import (reference) "../../customize/src/less2/include/alertify.less";
 
 html, body {
     .font_main();
@@ -55,9 +54,16 @@ html, body {
         word-break: break-word;
         padding: 5px;
         //font-size: 16px;
-        border: 1px solid red;
-        background-color: @cp_alerts-danger-bg;
-        color: @cp_alerts-danger-text;
+        &.cp-danger {
+            border: 1px solid @cp_alerts-danger-bg;
+            background-color: @cp_alerts-danger-bg;
+            color: @cp_alerts-danger-text;
+        }
+        &.cp-warning {
+            border: 1px solid @cp_alerts-warning-bg;
+            background-color: @cp_alerts-warning-bg;
+            color: @cp_alerts-warning-text;
+        }
         code {
             word-break: keep-all;
             font-style: italic;
diff --git a/www/checkup/main.js b/www/checkup/main.js
index 9674dfd92..8133a9c8b 100644
--- a/www/checkup/main.js
+++ b/www/checkup/main.js
@@ -15,7 +15,7 @@ define([
 
     '/bower_components/tweetnacl/nacl-fast.min.js',
     'css!/bower_components/components-font-awesome/css/font-awesome.min.css',
-    'less!/customize/src/less2/pages/page-checkup.less',
+    'less!/checkup/app-checkup.less',
 ], function ($, ApiConfig, Assertions, h, Messages, DomReady,
             nThen, SFCommonO, Login, Hash, Util, Pinpad,
             NetConfig) {
@@ -26,7 +26,7 @@ define([
     };
 
     var assert = function (f, msg) {
-        Assert(f, msg || h('span.advisory-text'));
+        Assert(f, msg || h('span.advisory-text.cp-danger'));
     };
 
     var CONFIG_PATH = function () {
@@ -412,10 +412,7 @@ define([
             dataType: 'text',
             complete: function (xhr) {
                 var allHeaders = xhr.getAllResponseHeaders();
-                console.error(allHeaders);
-
                 var headers = {};
-
                 var duplicated = allHeaders.split('\n').some(function (header) {
                     var duplicate;
                     header.replace(/([^:]+):(.*)/, function (all, type, value) {
@@ -428,8 +425,6 @@ define([
                     return duplicate;
                 });
 
-                if (duplicated) { return void cb(false); }
-
                 var expect = {
                     'cross-origin-resource-policy': 'cross-origin',
                 };
@@ -440,7 +435,8 @@ define([
                     }
                 });
 
-                cb(!incorrect);
+                if (duplicated || incorrect) { console.error(allHeaders); }
+                cb(!duplicated && !incorrect);
             },
         });
     };
@@ -459,6 +455,48 @@ define([
         checkAPIHeaders(url, cb);
     });
 
+    var setWarningClass = function (msg) {
+        $(msg).removeClass('cp-danger').addClass('cp-warning');
+    };
+
+    assert(function (cb, msg) {
+        var email = ApiConfig.adminEmail;
+        if (typeof(email) === 'string' && email && email !== 'i.did.not.read.my.config@cryptpad.fr') {
+            return void cb(true);
+        }
+
+        setWarningClass(msg);
+        msg.appendChild(h('span', [
+            'This instance does not provide a valid ',
+            h('code', 'adminEmail'),
+            ' which can make it difficult to contact its adminstrator in the event of a critical vulnerability.',
+            ' This can be corrected in ', CONFIG_PATH(), '.',
+        ]));
+        cb(email);
+    });
+
+    assert(function (cb, msg) {
+        var support = ApiConfig.supportMailbox;
+        setWarningClass(msg);
+        msg.appendChild(h('span', [
+            '// XXX ApiConfig.supportMailbox',
+        ]));
+        cb(false && support && typeof(support) === 'string' && support.length === 44);
+    });
+
+    assert(function (cb, msg) {
+        var adminKeys = ApiConfig.adminKeys;
+        if (false && 
+            Array.isArray(adminKeys) && adminKeys.length >= 1 && typeof(adminKeys[0]) === 'string' && adminKeys[0].length === 44) {
+            return void cb(true);
+        }
+        setWarningClass(msg);
+        msg.appendChild(h('span', [
+            '// XXX ApiConfig.adminKeys',
+        ]));
+        cb(false);
+    });
+
     var row = function (cells) {
         return h('tr', cells.map(function (cell) {
             return h('td', cell);

From 005573c5127d66ba46a4b9303cbca74c55195b25 Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Mon, 3 May 2021 16:09:38 +0530
Subject: [PATCH 2/2] provide detailed descriptions for addressing warnings on
 the checkup page

---
 www/checkup/main.js | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/www/checkup/main.js b/www/checkup/main.js
index 8133a9c8b..6e5627215 100644
--- a/www/checkup/main.js
+++ b/www/checkup/main.js
@@ -469,8 +469,9 @@ define([
         msg.appendChild(h('span', [
             'This instance does not provide a valid ',
             h('code', 'adminEmail'),
-            ' which can make it difficult to contact its adminstrator in the event of a critical vulnerability.',
-            ' This can be corrected in ', CONFIG_PATH(), '.',
+            ' which can make it difficult to contact its adminstrator to report vulnerabilities or abusive content.',
+            ' This can be configured in ', CONFIG_PATH(), '. ',
+            RESTART_WARNING(),
         ]));
         cb(email);
     });
@@ -479,20 +480,30 @@ define([
         var support = ApiConfig.supportMailbox;
         setWarningClass(msg);
         msg.appendChild(h('span', [
-            '// XXX ApiConfig.supportMailbox',
+            "This instance's encrypted support ticket functionality has not been enabled. This can make it difficult for its users to safely report issues that concern sensitive information. ",
+            "This can be configured via the ",
+            h('code', 'supportMailbox'),
+            " attribute in ",
+            CONFIG_PATH(),
+            ". ",
+            RESTART_WARNING(),
         ]));
-        cb(false && support && typeof(support) === 'string' && support.length === 44);
+        cb(support && typeof(support) === 'string' && support.length === 44);
     });
 
     assert(function (cb, msg) {
         var adminKeys = ApiConfig.adminKeys;
-        if (false && 
-            Array.isArray(adminKeys) && adminKeys.length >= 1 && typeof(adminKeys[0]) === 'string' && adminKeys[0].length === 44) {
+        if (Array.isArray(adminKeys) && adminKeys.length >= 1 && typeof(adminKeys[0]) === 'string' && adminKeys[0].length === 44) {
             return void cb(true);
         }
         setWarningClass(msg);
         msg.appendChild(h('span', [
-            '// XXX ApiConfig.adminKeys',
+            "This instance has not been configured to support web administration. This can be enabled by adding a registered user's public signing key to the ",
+            h('code', 'adminKeys'),
+            ' array in ',
+            CONFIG_PATH(),
+            '. ',
+            RESTART_WARNING(),
         ]));
         cb(false);
     });