Shield::shouldDenyAccess() - Code Metrics - Inspection of "Add options to only allow whitelisted IP's" - codezero-be/laravel-stagefront - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 9ae060...c1a071 )

by Ivan

created 2020-01-02 18:27 UTC

Shield::shouldDenyAccess() A

↳ Parent: Shield

Complexity

Conditions	4
Paths	4

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	4

Importance

Changes

Metric	Value
dl	0
loc	5
ccs	3
cts	3
cp	1
rs	10
c	0
b	0
f	0
cc	4
nc	4
nop	0
crap	4

<?php

namespace CodeZero\StageFront;

use Illuminate\Support\Facades\Config;
use Illuminate\Support\Facades\Request;
use Illuminate\Support\Facades\Session;

class Shield
{
    /**
     * Check if StageFront should deny access to the user
     * with a 403 Forbidden HTTP status.
     *
     * @return bool
     */
    public function shouldDenyAccess()
    {
        return $this->isActive()
            && ($this->hasIpWhitelist() && ! $this->clientIpIsWhitelisted() && $this->allowWhitelistedIpsOnly());
    }

    /**
     * Check if StageFront requires the user to log in.
     *
     * @return bool
     */
    public function requiresLogin()
    {
        return $this->isActive()
            && ( ! $this->hasIpWhitelist()
                || ($this->clientIpIsWhitelisted() && $this->whitelistRequiresLogin())
                || ( ! $this->clientIpIsWhitelisted() && ! $this->allowWhitelistedIpsOnly())
            );
    }

    /**
     * Check if StageFront is active.
     * Once a user logs in, the shield is considered inactive.
     *
     * @return bool
     */
    protected function isActive()
    {
        $enabled = Config::get('stagefront.enabled', false);
        $unlocked = Session::get('stagefront.unlocked', false);

        return $enabled && ! $unlocked && ! $this->currentUrlIsIgnored();
    }

    /**
     * Check if the current URL should be ignored.
     *
     * @return bool
     */
    protected function currentUrlIsIgnored()
    {
        $ignoredUrls = Config::get('stagefront.ignore_urls', []);
        $ignoredUrls[] = Config::get('stagefront.url');

        foreach ($ignoredUrls as $url) {
            $url = trim($url, '/');

            if (Request::is($url)) {
                return true;
            }
        }

        return false;
    }

    /**
     * Check if the client IP is whitelisted.
     *
     * @return bool
     */
    protected function clientIpIsWhitelisted()
    {
        $clientIp = Request::ip();
        $whitelist = explode(',', $this->getIpWhitelist());
        $ips = array_map('trim', $whitelist);

        return in_array($clientIp, $ips);
    }

    /**
     * Check if a IP whitelist is configured.
     *
     * @return bool
     */
    protected function hasIpWhitelist()
    {
        return ! empty(trim($this->getIpWhitelist()));
    }

    /**
     * Get the IP whitelist from the config file.
     *
     * @return string
     */
    protected function getIpWhitelist()
    {
        return Config::get('stagefront.ip_whitelist', '');
    }

    /**
     * Get the option to grant access to whitelisted IP's only.
     *
     * @return bool
     */
    protected function allowWhitelistedIpsOnly()
    {
        return Config::get('stagefront.ip_whitelist_only', false);
    }

    /**
     * Get the option to require users with whitelisted IP's to login.
     *
     * @return bool
     */
    public function whitelistRequiresLogin()
    {
        return Config::get('stagefront.ip_whitelist_require_login', false);
    }
}


1		<?php
2
3		namespace CodeZero\StageFront;
4
5		use Illuminate\Support\Facades\Config;
6		use Illuminate\Support\Facades\Request;
7		use Illuminate\Support\Facades\Session;
8
9		class Shield
10		{
11		/**
12		* Check if StageFront should deny access to the user
13		* with a 403 Forbidden HTTP status.
14		*
15		* @return bool
16		*/
17	15	public function shouldDenyAccess()
18		{
19	15	return $this->isActive()
20	15	&& ($this->hasIpWhitelist() && ! $this->clientIpIsWhitelisted() && $this->allowWhitelistedIpsOnly());
21		}
22
23		/**
24		* Check if StageFront requires the user to log in.
25		*
26		* @return bool
27		*/
28	15	public function requiresLogin()
29		{
30	15	return $this->isActive()
31	5	&& ( ! $this->hasIpWhitelist()
32	3	\|\| ($this->clientIpIsWhitelisted() && $this->whitelistRequiresLogin())
33	15	\|\| ( ! $this->clientIpIsWhitelisted() && ! $this->allowWhitelistedIpsOnly())
34		);
35		}
36
37		/**
38		* Check if StageFront is active.
39		* Once a user logs in, the shield is considered inactive.
40		*
41		* @return bool
42		*/
43	15	protected function isActive()
44		{
45	15	$enabled = Config::get('stagefront.enabled', false);
46	15	$unlocked = Session::get('stagefront.unlocked', false);
47
48	15	return $enabled && ! $unlocked && ! $this->currentUrlIsIgnored();
49		}
50
51		/**
52		* Check if the current URL should be ignored.
53		*
54		* @return bool
55		*/
56	14	protected function currentUrlIsIgnored()
57		{
58	14	$ignoredUrls = Config::get('stagefront.ignore_urls', []);
59	14	$ignoredUrls[] = Config::get('stagefront.url');
60
61	14	foreach ($ignoredUrls as $url) {
62	14	$url = trim($url, '/');
63
64	14	if (Request::is($url)) {
65	14	return true;
66		}
67		}
68
69	6	return false;
70		}
71
72		/**
73		* Check if the client IP is whitelisted.
74		*
75		* @return bool
76		*/
77	4	protected function clientIpIsWhitelisted()
78		{
79	4	$clientIp = Request::ip();
80	4	$whitelist = explode(',', $this->getIpWhitelist());
81	4	$ips = array_map('trim', $whitelist);
82
83	4	return in_array($clientIp, $ips);
84		}
85
86		/**
87		* Check if a IP whitelist is configured.
88		*
89		* @return bool
90		*/
91	6	protected function hasIpWhitelist()
92		{
93	6	return ! empty(trim($this->getIpWhitelist()));
94		}
95
96		/**
97		* Get the IP whitelist from the config file.
98		*
99		* @return string
100		*/
101	6	protected function getIpWhitelist()
102		{
103	6	return Config::get('stagefront.ip_whitelist', '');
104		}
105
106		/**
107		* Get the option to grant access to whitelisted IP's only.
108		*
109		* @return bool
110		*/
111	4	protected function allowWhitelistedIpsOnly()
112		{
113	4	return Config::get('stagefront.ip_whitelist_only', false);
114		}
115
116		/**
117		* Get the option to require users with whitelisted IP's to login.
118		*
119		* @return bool
120		*/
121	3	public function whitelistRequiresLogin()
122		{
123	3	return Config::get('stagefront.ip_whitelist_require_login', false);
124		}
125		}
126

codezero-be / laravel-stagefront

Push — master ( 9ae060...c1a071 )

Shield::shouldDenyAccess() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like