Source of file HealthCheckProviderSecurity.php
Size: 5,623 Bytes - Last Modified: 2021-12-23T10:41:57+00:00
/var/www/docs.ssmods.com/process/src/src/Model/HealthCheckProviderSecurity.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200 | <?php namespace Sunnysideup\HealthCheckProvider\Model; use SilverStripe\Forms\CheckboxField; use SilverStripe\Forms\ReadonlyField; use SilverStripe\ORM\DataObject; use SilverStripe\Security\Member; use SilverStripe\Security\Security; class HealthCheckProviderSecurity extends DataObject { ####################### ### Names Section ####################### private static $singular_name = 'Security Check'; private static $plural_name = 'Security Checks'; private static $table_name = 'HealthCheckProviderSecurity'; ####################### ### Model Section ####################### private static $db = [ 'Secret' => 'Varchar(255)', 'IpAddress' => 'Varchar(64)', 'Allowed' => 'Boolean', 'AllowAllData' => 'Boolean', 'DefinitelyNotOk' => 'Boolean', 'AccessCount' => 'Int', ]; private static $has_one = [ 'Editor' => Member::class, ]; ####################### ### Further DB Field Details ####################### private static $default_sort = [ 'Allowed' => 'DESC', 'Created' => 'DESC', ]; ####################### ### Field Names and Presentation Section ####################### private static $field_labels = [ 'Secret' => 'Api Key Provided by Retriever', 'IpAddress' => 'IP Address of Retriever', 'Allowed' => 'Allow this key from this IP address?', 'Editor' => 'Report Editor', 'EditorID' => 'Report Editor', ]; private static $summary_fields = [ 'Created' => 'First Access', 'Allowed.Nice' => 'Allow', 'Editor.Title' => 'Editor', 'Secret' => 'Api Key Provided', 'IpAddress' => 'IP', 'AccessCount' => 'Access Count', ]; ####################### ### Casting Section ####################### private static $casting = [ 'Title' => 'Varchar', ]; public static function check(string $key, string $ip): bool { $obj = self::get_object_from_filter($key, $ip); return (bool) $obj->Allowed; } public static function get_editor_id(string $key, string $ip): int { $obj = self::get_object_from_filter($key, $ip); return (int) $obj->EditorID; } /** * casted variable */ public function getTitle(): string { return 'Retrieval attempt from "' . $this->IpAddress . '" using "' . $this->Secret . '" as key'; } ####################### ### can Section ####################### public function canCreate($member = null, $context = []) { return false; } public function canDelete($member = null) { return false; } public function canEdit($member = null) { return $this->DefinitelyNotOk ? false : parent::canEdit($member); } ####################### ### write Section ####################### protected function onBeforeWrite() { parent::onBeforeWrite(); if (! $this->EditorID) { $user = Security::getCurrentUser(); if ($user) { $this->EditorID = Security::getCurrentUser()->ID; } } if (! $this->Secret) { $this->Secret = 'Careful: no key set - ' . mt_rand(0, 9999999999999999); } if (! $this->IpAddress) { $this->IpAddress = 'Careful: no IP Set'; } if ($this->DefinitelyNotOk) { $this->Allowed = false; } } protected function onAfterWrite() { parent::onAfterWrite(); if ($this->AllowAllData) { $items = HealthCheckItemProvider::get()->filter(['Include' => false]); foreach ($items as $item) { $item->Include = true; $item->write(); } } } ####################### ### CMS Edit Section ####################### public function getCMSFields() { $fields = parent::getCMSFields(); $fields->addFieldsToTab( 'Root.Main', [ ReadonlyField::create('Secret', 'Secret Key'), ReadonlyField::create('IpAddress', 'IP'), ReadonlyField::create('AccessCount', 'Access Count'), CheckboxField::create('Allowed', 'Allow this IP with this Key? If unsure, please double-check!') ->setDescription('Make sure that you are OK with both the key and the IP address to ensure security.'), CheckboxField::create('DefinitelyNotOk', 'Check if you think this is a bad request') ->setDescription('Careful, checking this will stop any future retrievals with this key and IP.'), CheckboxField::create('AllowAllData', 'Check this box to allow access to all for any IPs granted access') ->setDescription('Carefully consider if you are ok with this'), ] ); return $fields; } protected static function get_object_from_filter(string $key, string $ip): HealthCheckProviderSecurity { $filter = [ 'Secret' => $key, 'IpAddress' => $ip, ]; //we make sure we get the last one! Just in case there is more one. /** @var HealthCheckProviderSecurity|null $obj */ $obj = HealthCheckProviderSecurity::get()->filter($filter)->last(); if (! $obj) { $obj = HealthCheckProviderSecurity::create($filter); } ++$obj->AccessCount; $obj->write(); return $obj; } } |