fix: negative sentiment → neutral language (#39522)

The existing terminology carries negative sentiment that can be
interpreted in a racial or sense. Updating the name to have no
potential for such a connection.

Co-authored-by: Justin Rogers <justrog@gmail.com>

api-server/server/middlewares/add-return-to.js

@@ -11,10 +11,10 @@ const pathsOfNoReturn = [
   'css'
 ];
 
-const pathsWhiteList = ['challenges', 'map', 'commit'];
+const pathsAllowedList = ['challenges', 'map', 'commit'];
 
 const pathsOfNoReturnRegex = new RegExp(pathsOfNoReturn.join('|'), 'i');
-const whiteListRegex = new RegExp(pathsWhiteList.join('|'), 'i');
+const pathsAllowedRegex = new RegExp(pathsAllowedList.join('|'), 'i');
 
 export default function addReturnToUrl() {
   return function(req, res, next) {
@@ -24,7 +24,7 @@ export default function addReturnToUrl() {
     if (
       req.method !== 'GET' ||
       pathsOfNoReturnRegex.test(path) ||
-      !whiteListRegex.test(path) ||
+      !pathsAllowedRegex.test(path) ||
       /hot/i.test(req.path)
     ) {
       return next();

api-server/server/middlewares/constant-headers.js

@@ -1,12 +1,12 @@
 import { homeLocation } from '../../../config/env';
-import { whitelistOrigins } from '../../../config/cors-settings';
+import { allowedOrigins } from '../../../config/cors-settings';
 
 export default function constantHeaders() {
   return function(req, res, next) {
     if (
       req.headers &&
       req.headers.origin &&
-      whitelistOrigins.includes(req.headers.origin)
+      allowedOrigins.includes(req.headers.origin)
     ) {
       res.header('Access-Control-Allow-Origin', req.headers.origin);
     } else {

api-server/server/middlewares/request-authorization.js

@@ -28,7 +28,7 @@ const updateHooksRE = /^\/hooks\/update-paypal$|^\/hooks\/update-stripe$/;
 // note: this would be replaced by webhooks later
 const donateRE = /^\/donate\/charge-stripe$/;
 
-const _whiteListREs = [
+const _pathsAllowedREs = [
   authRE,
   confirmEmailRE,
   newsShortLinksRE,
@@ -44,14 +44,14 @@ const _whiteListREs = [
   donateRE
 ];
 
-export function isWhiteListedPath(path, whiteListREs = _whiteListREs) {
-  return whiteListREs.some(re => re.test(path));
+export function isAllowedPath(path, pathsAllowedREs = _pathsAllowedREs) {
+  return pathsAllowedREs.some(re => re.test(path));
 }
 
 export default ({ jwtSecret = _jwtSecret, getUserById = _getUserById } = {}) =>
   function requestAuthorisation(req, res, next) {
     const { path } = req;
-    if (!isWhiteListedPath(path)) {
+    if (!isAllowedPath(path)) {
       const { accessToken, error, jwt } = getAccessTokenFromRequest(
         req,
         jwtSecret

api-server/server/middlewares/request-authorization.test.js

@@ -4,7 +4,7 @@ import { mockReq, mockRes } from 'sinon-express-mock';
 import jwt from 'jsonwebtoken';
 
 import createRequestAuthorization, {
-  isWhiteListedPath
+  isAllowedPath
 } from './request-authorization';
 
 const validJWTSecret = 'this is a super secret string';
@@ -27,7 +27,7 @@ const mockGetUserById = id =>
   id in users ? Promise.resolve(users[id]) : Promise.reject('No user found');
 
 describe('request-authorization', () => {
-  describe('isWhiteListedPath', () => {
+  describe('isAllowedPath', () => {
     const authRE = /^\/auth\//;
     const confirmEmailRE = /^\/confirm-email$/;
     const newsShortLinksRE = /^\/n\/|^\/p\//;
@@ -42,7 +42,7 @@ describe('request-authorization', () => {
     const unsubscribeRE = /^\/u\/|^\/unsubscribe\/|^\/ue\//;
     const updateHooksRE = /^\/hooks\/update-paypal$|^\/hooks\/update-stripe$/;
 
-    const whiteList = [
+    const allowedPathsList = [
       authRE,
       confirmEmailRE,
       newsShortLinksRE,
@@ -58,18 +58,21 @@ describe('request-authorization', () => {
     ];
 
     it('returns a boolean', () => {
-      const result = isWhiteListedPath();
+      const result = isAllowedPath();
       expect(typeof result).toBe('boolean');
     });
 
     it('returns true for a white listed path', () => {
-      const resultA = isWhiteListedPath(
+      const resultA = isAllowedPath(
         '/auth/auth0/callback?code=yF_mGjswLsef-_RLo',
-        whiteList
+        allowedPathsList
       );
-      const resultB = isWhiteListedPath('/ue/WmjInLerysPrcon6fMb/', whiteList);
-      const resultC = isWhiteListedPath('/hooks/update-paypal', whiteList);
-      const resultD = isWhiteListedPath('/hooks/update-stripe', whiteList);
+      const resultB = isAllowedPath(
+        '/ue/WmjInLerysPrcon6fMb/',
+        allowedPathsList
+      );
+      const resultC = isAllowedPath('/hooks/update-paypal', allowedPathsList);
+      const resultD = isAllowedPath('/hooks/update-stripe', allowedPathsList);
       expect(resultA).toBe(true);
       expect(resultB).toBe(true);
       expect(resultC).toBe(true);
@@ -77,8 +80,11 @@ describe('request-authorization', () => {
     });
 
     it('returns false for a non-white-listed path', () => {
-      const resultA = isWhiteListedPath('/hax0r-42/no-go', whiteList);
-      const resultB = isWhiteListedPath('/update-current-challenge', whiteList);
+      const resultA = isAllowedPath('/hax0r-42/no-go', allowedPathsList);
+      const resultB = isAllowedPath(
+        '/update-current-challenge',
+        allowedPathsList
+      );
       expect(resultA).toBe(false);
       expect(resultB).toBe(false);
     });