|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Cloudflare\Zone\Firewall; |
|
4
|
|
|
|
|
5
|
|
|
use Cloudflare\Api; |
|
6
|
|
|
use Cloudflare\Zone; |
|
7
|
|
|
|
|
8
|
|
|
/** |
|
9
|
|
|
* CloudFlare API wrapper |
|
10
|
|
|
* |
|
11
|
|
|
* Firewall access rules for a Zone |
|
12
|
|
|
* |
|
13
|
|
|
* @author James Bell <[email protected]> |
|
14
|
|
|
* |
|
15
|
|
|
* @version 1 |
|
16
|
|
|
*/ |
|
17
|
|
|
class AccessRules extends Api |
|
18
|
|
|
{ |
|
19
|
|
|
/** |
|
20
|
|
|
* List access rules (permission needed: #zone:read) |
|
21
|
|
|
* Search, sort, and filter IP/country access rule |
|
22
|
|
|
* |
|
23
|
|
|
* @param string $zone_id |
|
24
|
|
|
* @param string|null $scope_type The scope of the rules |
|
25
|
|
|
* @param string|null $mode The action to apply to a matched request |
|
26
|
|
|
* @param string|null $configuration_target The rule configuration target |
|
27
|
|
|
* @param string|null $configuration_value Search by IP, range, or country code |
|
28
|
|
|
* @param int|null $page Page number of paginated results |
|
29
|
|
|
* @param int|null $per_page Number of rules per page |
|
30
|
|
|
* @param string|null $order Field to order rules by |
|
31
|
|
|
* @param string|null $direction Direction to order rules |
|
32
|
|
|
* @param string|null $match Whether to match all search requirements or at least one (any) |
|
33
|
|
|
* @param string|null $notes Search in the access rules by notes. |
|
34
|
|
|
*/ |
|
35
|
|
|
public function rules($zone_id, $scope_type = null, $mode = null, $configuration_target = null, $configuration_value = null, $page = null, $per_page = null, $order = null, $direction = null, $match = null, $notes = null) |
|
36
|
|
|
{ |
|
37
|
|
|
$data = [ |
|
38
|
|
|
'scope_type' => $scope_type, |
|
39
|
|
|
'mode' => $mode, |
|
40
|
|
|
'configuration_target' => $configuration_target, |
|
41
|
|
|
'configuration_value' => $configuration_value, |
|
42
|
|
|
'page' => $page, |
|
43
|
|
|
'per_page' => $per_page, |
|
44
|
|
|
'order' => $order, |
|
45
|
|
|
'direction' => $direction, |
|
46
|
|
|
'match' => $match, |
|
47
|
|
|
'notes' => $notes, |
|
48
|
|
|
]; |
|
49
|
|
|
|
|
50
|
|
|
return $this->get('/zones/'.$zone_id.'/firewall/access_rules/rules', $data); |
|
51
|
|
|
} |
|
52
|
|
|
|
|
53
|
|
|
/** |
|
54
|
|
|
* Create access rule (permission needed: #zone:edit) |
|
55
|
|
|
* Make a new IP, IP range, or country access rule for the zone. |
|
56
|
|
|
* Note: If you would like to create an access rule that applies across all of your owned zones, use the user or organization firewall endpoints as appropriate. |
|
57
|
|
|
* |
|
58
|
|
|
* @param string $zone_id |
|
59
|
|
|
* @param string $mode The action to apply to a matched request |
|
60
|
|
|
* @param object $configuration Rule configuration |
|
61
|
|
|
* @param string|null $notes A personal note about the rule. Typically used as a reminder or explanation for the rule. |
|
62
|
|
|
*/ |
|
63
|
|
|
public function create($zone_id, $mode, $configuration, $notes = null) |
|
|
|
|
|
|
64
|
|
|
{ |
|
65
|
|
|
$data = [ |
|
66
|
|
|
'mode' => $mode, |
|
67
|
|
|
'configuration' => $configuration, |
|
68
|
|
|
'notes' => $notes, |
|
69
|
|
|
]; |
|
70
|
|
|
|
|
71
|
|
|
return $this->post('/zones/'.$zone_id.'/firewall/access_rules/rules', $data); |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
/** |
|
75
|
|
|
* Update access rule (permission needed: #zone:edit) |
|
76
|
|
|
* Update rule state and/or configuration for the zone. |
|
77
|
|
|
* Note: you can only edit rules in the 'zone' group via this endpoint. Use the appropriate owner rules endpoint if trying to manage owner-level rules |
|
78
|
|
|
* |
|
79
|
|
|
* @param string $zone_id |
|
80
|
|
|
* @param string $identifier |
|
81
|
|
|
* @param string|null $mode The action to apply to a matched request |
|
82
|
|
|
* @param string|null $notes A personal note about the rule. Typically used as a reminder or explanation for the rule. |
|
83
|
|
|
*/ |
|
84
|
|
|
public function update($zone_id, $identifier, $mode = null, $notes = null) |
|
85
|
|
|
{ |
|
86
|
|
|
$data = [ |
|
87
|
|
|
'mode' => $mode, |
|
88
|
|
|
'notes' => $notes, |
|
89
|
|
|
]; |
|
90
|
|
|
|
|
91
|
|
|
return $this->patch('/zones/'.$zone_id.'/firewall/access_rules/rules/'.$identifier, $data); |
|
92
|
|
|
} |
|
93
|
|
|
|
|
94
|
|
|
/** |
|
95
|
|
|
* Delete access rule (permission needed: #zone:edit) |
|
96
|
|
|
* Remove an access rule so it is no longer evaluated during requests. |
|
97
|
|
|
* Optionally, specify how to delete rules that match the mode and configuration across all other zones that this zone owner manages. |
|
98
|
|
|
* 'none' is the default, and will only delete this rule. |
|
99
|
|
|
* 'basic' will delete rules that match the same mode and configuration. |
|
100
|
|
|
* 'aggressive' will delete rules that match the same configuration. |
|
101
|
|
|
* |
|
102
|
|
|
* @param string $zone_id |
|
103
|
|
|
* @param string $identifier |
|
104
|
|
|
* @param string|null $cascade The level to attempt to delete rules defined on other zones that are similar to this rule |
|
105
|
|
|
*/ |
|
106
|
|
|
public function delete_rule($zone_id, $identifier, $cascade = null) |
|
107
|
|
|
{ |
|
108
|
|
|
$data = [ |
|
109
|
|
|
'cascade' => $cascade, |
|
110
|
|
|
]; |
|
111
|
|
|
|
|
112
|
|
|
return $this->delete('/zones/'.$zone_id.'/firewall/access_rules/rules/'.$identifier, $data); |
|
113
|
|
|
} |
|
114
|
|
|
} |
|
115
|
|
|
|
jamesryanbell /
cloudflare
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.