make sure admin pages are protected

simonLeary42 · simonLeary42 · commit e0393fe72671 · 2025-12-16T12:44:47.000-05:00
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -110,3 +110,8 @@ repos:
         language: system
         files: ^resources/.*\.php$
         exclude: ^resources/lib/UnityHTTPD\.php$
+      - id: assert-forbidden-used
+        name: Assert forbidden() is used
+        entry: bash ./test/assert-forbidden-used.bash
+        language: system
+        files: ^webroot/admin/.*\.php$
diff --git a/test/assert-forbidden-used.bash b/test/assert-forbidden-used.bash
@@ -0,0 +1,21 @@
+set -euo pipefail
+trap 's=$?; echo "$0: Error on line "$LINENO": $BASH_COMMAND"; exit $s' ERR
+if [[ $# -lt 1 ]]; then
+    echo "at least one argument required"
+    exit 1
+fi
+
+rc=0
+for file in "$@"; do
+    # --color=never because magit git output log doesn't support it
+    grep_rc=0; grep -q UnityHTTPD::forbidden "$file" || grep_rc=$?
+    case "$grep_rc" in
+        0)
+            : ;; # code is good, do nothing
+        1)
+            echo "UnityHTTPD::forbidden() was not called in file '$file'!"; rc=1 ;;
+        *)
+            echo "grep failed!";  rc=1 ;;
+    esac
+done
+exit "$rc"
