From d2ea93595c410e42eb45b052dc97a62fb07e12e3 Mon Sep 17 00:00:00 2001
From: Nassim Tabchiche <n.tabchiche2@gmail.com>
Date: Thu, 10 Oct 2024 13:59:37 +0200
Subject: [PATCH 1/4] Add show_images_unauthenticated field

---
 ...gs_show_images_unauthenticated_and_more.py | 26 +++++++++++++++++++
 enterprise/backend/enterprise_core/models.py  | 15 +++++++----
 2 files changed, 36 insertions(+), 5 deletions(-)
 create mode 100644 enterprise/backend/enterprise_core/migrations/0002_clientsettings_show_images_unauthenticated_and_more.py

diff --git a/enterprise/backend/enterprise_core/migrations/0002_clientsettings_show_images_unauthenticated_and_more.py b/enterprise/backend/enterprise_core/migrations/0002_clientsettings_show_images_unauthenticated_and_more.py
new file mode 100644
index 000000000..367c271ac
--- /dev/null
+++ b/enterprise/backend/enterprise_core/migrations/0002_clientsettings_show_images_unauthenticated_and_more.py
@@ -0,0 +1,26 @@
+# Generated by Django 5.1.1 on 2024-10-10 11:59
+
+import django.db.models.deletion
+import iam.models
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('enterprise_core', '0001_initial'),
+        ('iam', '0008_user_is_third_party'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='clientsettings',
+            name='show_images_unauthenticated',
+            field=models.BooleanField(default=True, help_text='Show logo and favicon to unauthenticated users'),
+        ),
+        migrations.AlterField(
+            model_name='clientsettings',
+            name='folder',
+            field=models.ForeignKey(default=iam.models.Folder.get_root_folder_id, on_delete=django.db.models.deletion.CASCADE, related_name='%(class)s_folder', to='iam.folder'),
+        ),
+    ]
diff --git a/enterprise/backend/enterprise_core/models.py b/enterprise/backend/enterprise_core/models.py
index ac82a1e16..f336641ce 100644
--- a/enterprise/backend/enterprise_core/models.py
+++ b/enterprise/backend/enterprise_core/models.py
@@ -1,13 +1,15 @@
-from enum import Enum
+import base64
 import os
+from enum import Enum
+
+import magic
 from django.core.validators import FileExtensionValidator
 from django.db import models
-from iam.models import FolderMixin
+from django.utils.translation import gettext_lazy as _
+
 from core.base_models import AbstractBaseModel
 from core.utils import sha256
-
-import base64
-import magic
+from iam.models import FolderMixin
 
 
 class ClientSettings(AbstractBaseModel, FolderMixin):
@@ -28,6 +30,9 @@ class FileField(Enum):
         blank=True,
         validators=[FileExtensionValidator(["ico", "png", "jpeg", "jpg", "webp"])],
     )
+    show_images_unauthenticated = models.BooleanField(
+        default=True, help_text=_("Show logo and favicon to unauthenticated users")
+    )
 
     @property
     def logo_base64(self):

From b11633a92ad5a084ff32e153f9bc8b509c625316 Mon Sep 17 00:00:00 2001
From: Nassim Tabchiche <n.tabchiche2@gmail.com>
Date: Thu, 10 Oct 2024 14:16:45 +0200
Subject: [PATCH 2/4] Translate use_images_unauthenticated form messages

---
 frontend/messages/en.json | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/frontend/messages/en.json b/frontend/messages/en.json
index 48ce42c9c..8355ae616 100644
--- a/frontend/messages/en.json
+++ b/frontend/messages/en.json
@@ -752,5 +752,7 @@
 	"ShowOnlyAssessable": "Only assessable",
 	"NoPreviewMessage": "No preview available.",
 	"errorLicenseSeatsExceeded": "The number of license seats is exceeded, you will not be able to grant editing rights to this user. Please contact your administrator.",
-	"availableSeats": "Available seats"
+	"availableSeats": "Available seats",
+	"showImagesUnauthenticated": "Show logo and favicon to unauthenticated users",
+	"showImagesUnauthenticatedHelpText": "If disabled, the regular CISO Assistant logo and favicon will be displayed on the login screen"
 }

From 2b73c45ff655cf7046626cb4509d03d20885ba5f Mon Sep 17 00:00:00 2001
From: Nassim Tabchiche <n.tabchiche2@gmail.com>
Date: Thu, 10 Oct 2024 14:17:09 +0200
Subject: [PATCH 3/4] Implement use_images_unauthenticated in frontend

---
 enterprise/frontend/src/lib/utils/client-settings.ts       | 5 +++--
 .../(app)/(internal)/settings/client-settings/+page.svelte | 7 +++++++
 enterprise/frontend/src/routes/+layout.server.ts           | 7 +++++++
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/enterprise/frontend/src/lib/utils/client-settings.ts b/enterprise/frontend/src/lib/utils/client-settings.ts
index 9cfa89cb5..3b3207211 100644
--- a/enterprise/frontend/src/lib/utils/client-settings.ts
+++ b/enterprise/frontend/src/lib/utils/client-settings.ts
@@ -2,7 +2,8 @@ import { z } from 'zod';
 
 export const ClientSettingsSchema = z.object({
 	id: z.string().uuid(),
-	name: z.string().optional().nullable(),
+	name: z.string().optional().nullable().default(''),
 	logo: z.any().optional().nullable(),
-	favicon: z.any().optional().nullable()
+	favicon: z.any().optional().nullable(),
+  show_images_unauthenticated: z.boolean().default(true),
 });
diff --git a/enterprise/frontend/src/routes/(app)/(internal)/settings/client-settings/+page.svelte b/enterprise/frontend/src/routes/(app)/(internal)/settings/client-settings/+page.svelte
index 3baa184f9..c00452c49 100644
--- a/enterprise/frontend/src/routes/(app)/(internal)/settings/client-settings/+page.svelte
+++ b/enterprise/frontend/src/routes/(app)/(internal)/settings/client-settings/+page.svelte
@@ -6,6 +6,7 @@
 	import { ClientSettingsSchema } from '$lib/utils/client-settings';
 	import { zod } from 'sveltekit-superforms/adapters';
 	import FileInput from '$lib/components/Forms/FileInput.svelte';
+	import Checkbox from '$lib/components/Forms/Checkbox.svelte';
 	import * as m from '$paraglide/messages.js';
 
 	export let data: PageData;
@@ -41,6 +42,12 @@
 				: m.faviconHelpText()}
 			accept="image/*"
 		/>
+		<Checkbox
+			{form}
+			field="show_images_unauthenticated"
+			label={m.showImagesUnauthenticated()}
+			helpText={m.showImagesUnauthenticatedHelpText()}
+		/>
 		<button
 			class="btn variant-filled-primary font-semibold w-full"
 			data-testid="save-button"
diff --git a/enterprise/frontend/src/routes/+layout.server.ts b/enterprise/frontend/src/routes/+layout.server.ts
index 5e63d8b95..7cface5f1 100644
--- a/enterprise/frontend/src/routes/+layout.server.ts
+++ b/enterprise/frontend/src/routes/+layout.server.ts
@@ -7,5 +7,12 @@ export const load: LayoutServerLoad = async ({ fetch, locals }) => {
 		const _settings = await fetch('/settings/client-settings').then((res) => res.json());
 		clientSettings = { name: 'clientSettings', settings: _settings };
 	} else clientSettings = locals.globalSettings;
+  if (!locals.user && clientSettings.settings.show_images_unauthenticated !== true) {
+    clientSettings.settings.logo = '';
+    clientSettings.settings.favicon = '';
+    clientSettings.settings.logo_hash = '';
+    clientSettings.settings.favicon_hash = '';
+    console.log(clientSettings.settings)
+  }
 	return { featureFlags: locals.featureFlags, clientSettings };
 };

From 3b991a2fb4749f6bef11371ccc997df7cff6a360 Mon Sep 17 00:00:00 2001
From: Nassim Tabchiche <n.tabchiche2@gmail.com>
Date: Thu, 10 Oct 2024 14:17:48 +0200
Subject: [PATCH 4/4] Remove debug log

---
 enterprise/frontend/src/routes/+layout.server.ts | 1 -
 1 file changed, 1 deletion(-)

diff --git a/enterprise/frontend/src/routes/+layout.server.ts b/enterprise/frontend/src/routes/+layout.server.ts
index 7cface5f1..bfb65139d 100644
--- a/enterprise/frontend/src/routes/+layout.server.ts
+++ b/enterprise/frontend/src/routes/+layout.server.ts
@@ -12,7 +12,6 @@ export const load: LayoutServerLoad = async ({ fetch, locals }) => {
     clientSettings.settings.favicon = '';
     clientSettings.settings.logo_hash = '';
     clientSettings.settings.favicon_hash = '';
-    console.log(clientSettings.settings)
   }
 	return { featureFlags: locals.featureFlags, clientSettings };
 };