View GitHub Repository server

Schedule Inspection
Subscribe
Completed
Push — master ( 4954fb...30fb9e )
by Maxence
26:40 queued 16s
created
Status
Category
Toggle Patches
lib/private/Security/Ip/BruteforceAllowList.php 1 patch
Indentation   +42 added lines, -42 removed lines patch added patch discarded remove patch 
@@ -12,46 +12,46 @@
 
 block discarded – undo
12 12 
 use OCP\Security\Ip\IFactory;
13 13
14 14 
 class BruteforceAllowList {
15 
-	/** @var array<string, bool> */
16 
-	protected array $ipIsAllowListed = [];
17 
-
18 
-	public function __construct(
19 
-		private readonly IAppConfig $appConfig,
20 
-		private readonly IFactory $factory,
21 
-	) {
22 
-	}
23 
-
24 
-	/**
25 
-	 * Check if the IP is allowed to bypass bruteforce protection
26 
-	 */
27 
-	public function isBypassListed(string $ip): bool {
28 
-		if (isset($this->ipIsAllowListed[$ip])) {
29 
-			return $this->ipIsAllowListed[$ip];
30 
-		}
31 
-
32 
-		try {
33 
-			$address = $this->factory->addressFromString($ip);
34 
-		} catch (\InvalidArgumentException) {
35 
-			$this->ipIsAllowListed[$ip] = false;
36 
-			return false;
37 
-		}
38 
-
39 
-		foreach ($this->appConfig->searchKeys('bruteForce', 'whitelist_') as $key) {
40 
-			$rangeString = $this->appConfig->getValueString('bruteForce', $key);
41 
-			try {
42 
-				$range = $this->factory->rangeFromString($rangeString);
43 
-			} catch (\InvalidArgumentException) {
44 
-				continue;
45 
-			}
46 
-
47 
-			$allowed = $range->contains($address);
48 
-			if ($allowed) {
49 
-				$this->ipIsAllowListed[$ip] = true;
50 
-				return true;
51 
-			}
52 
-		}
53 
-
54 
-		$this->ipIsAllowListed[$ip] = false;
55 
-		return false;
56 
-	}
15 
+    /** @var array<string, bool> */
16 
+    protected array $ipIsAllowListed = [];
17 
+
18 
+    public function __construct(
19 
+        private readonly IAppConfig $appConfig,
20 
+        private readonly IFactory $factory,
21 
+    ) {
22 
+    }
23 
+
24 
+    /**
25 
+     * Check if the IP is allowed to bypass bruteforce protection
26 
+     */
27 
+    public function isBypassListed(string $ip): bool {
28 
+        if (isset($this->ipIsAllowListed[$ip])) {
29 
+            return $this->ipIsAllowListed[$ip];
30 
+        }
31 
+
32 
+        try {
33 
+            $address = $this->factory->addressFromString($ip);
34 
+        } catch (\InvalidArgumentException) {
35 
+            $this->ipIsAllowListed[$ip] = false;
36 
+            return false;
37 
+        }
38 
+
39 
+        foreach ($this->appConfig->searchKeys('bruteForce', 'whitelist_') as $key) {
40 
+            $rangeString = $this->appConfig->getValueString('bruteForce', $key);
41 
+            try {
42 
+                $range = $this->factory->rangeFromString($rangeString);
43 
+            } catch (\InvalidArgumentException) {
44 
+                continue;
45 
+            }
46 
+
47 
+            $allowed = $range->contains($address);
48 
+            if ($allowed) {
49 
+                $this->ipIsAllowListed[$ip] = true;
50 
+                return true;
51 
+            }
52 
+        }
53 
+
54 
+        $this->ipIsAllowListed[$ip] = false;
55 
+        return false;
56 
+    }
57 57 
 }
Please login to merge, or discard this patch.
tests/lib/Security/Ip/BruteforceAllowListTest.php 1 patch
Indentation   +128 added lines, -128 removed lines patch added patch discarded remove patch 
@@ -23,139 +23,139 @@
 
 block discarded – undo
23 23 
  * @package Test\Security\Bruteforce
24 24 
  */
25 25 
 class BruteforceAllowListTest extends TestCase {
26 
-	/** @var IAppConfig|MockObject */
27 
-	private $appConfig;
28 
-	/** @var IFactory|MockObject */
29 
-	private $factory;
30 
-	/** @var BruteforceAllowList */
31 
-	private $allowList;
26 
+    /** @var IAppConfig|MockObject */
27 
+    private $appConfig;
28 
+    /** @var IFactory|MockObject */
29 
+    private $factory;
30 
+    /** @var BruteforceAllowList */
31 
+    private $allowList;
32 32
33 
-	protected function setUp(): void {
34 
-		parent::setUp();
33 
+    protected function setUp(): void {
34 
+        parent::setUp();
35 35
36 
-		$this->appConfig = $this->createMock(IAppConfig::class);
37 
-		$this->factory = new Factory();
36 
+        $this->appConfig = $this->createMock(IAppConfig::class);
37 
+        $this->factory = new Factory();
38 38
39 
-		$this->allowList = new BruteforceAllowList(
40 
-			$this->appConfig,
41 
-			$this->factory,
42 
-		);
43 
-	}
39 
+        $this->allowList = new BruteforceAllowList(
40 
+            $this->appConfig,
41 
+            $this->factory,
42 
+        );
43 
+    }
44 44
45 
-	public static function dataIsBypassListed(): array {
46 
-		return [
47 
-			[
48 
-				'10.10.10.10',
49 
-				[
50 
-					'whitelist_0' => '10.10.10.0/24',
51 
-				],
52 
-				true,
53 
-			],
54 
-			[
55 
-				'10.10.10.10',
56 
-				[
57 
-					'whitelist_0' => '192.168.0.0/16',
58 
-				],
59 
-				false,
60 
-			],
61 
-			[
62 
-				'10.10.10.10',
63 
-				[
64 
-					'whitelist_0' => '192.168.0.0/16',
65 
-					'whitelist_1' => '10.10.10.0/24',
66 
-				],
67 
-				true,
68 
-			],
69 
-			[
70 
-				'10.10.10.10',
71 
-				[
72 
-					'whitelist_0' => '10.10.10.11/31',
73 
-				],
74 
-				true,
75 
-			],
76 
-			[
77 
-				'10.10.10.10',
78 
-				[
79 
-					'whitelist_0' => '10.10.10.9/31',
80 
-				],
81 
-				false,
82 
-			],
83 
-			[
84 
-				'10.10.10.10',
85 
-				[
86 
-					'whitelist_0' => '10.10.10.15/29',
87 
-				],
88 
-				true,
89 
-			],
90 
-			[
91 
-				'dead:beef:cafe::1',
92 
-				[
93 
-					'whitelist_0' => '192.168.0.0/16',
94 
-					'whitelist_1' => '10.10.10.0/24',
95 
-					'whitelist_2' => 'deaf:beef:cafe:1234::/64'
96 
-				],
97 
-				false,
98 
-			],
99 
-			[
100 
-				'dead:beef:cafe::1',
101 
-				[
102 
-					'whitelist_0' => '192.168.0.0/16',
103 
-					'whitelist_1' => '10.10.10.0/24',
104 
-					'whitelist_2' => 'deaf:beef::/64'
105 
-				],
106 
-				false,
107 
-			],
108 
-			[
109 
-				'dead:beef:cafe::1',
110 
-				[
111 
-					'whitelist_0' => '192.168.0.0/16',
112 
-					'whitelist_1' => '10.10.10.0/24',
113 
-					'whitelist_2' => 'deaf:cafe::/8'
114 
-				],
115 
-				true,
116 
-			],
117 
-			[
118 
-				'dead:beef:cafe::1111',
119 
-				[
120 
-					'whitelist_0' => 'dead:beef:cafe::1100/123',
121 
-				],
122 
-				true,
123 
-			],
124 
-			[
125 
-				'invalid',
126 
-				[],
127 
-				false,
128 
-			],
129 
-		];
130 
-	}
45 
+    public static function dataIsBypassListed(): array {
46 
+        return [
47 
+            [
48 
+                '10.10.10.10',
49 
+                [
50 
+                    'whitelist_0' => '10.10.10.0/24',
51 
+                ],
52 
+                true,
53 
+            ],
54 
+            [
55 
+                '10.10.10.10',
56 
+                [
57 
+                    'whitelist_0' => '192.168.0.0/16',
58 
+                ],
59 
+                false,
60 
+            ],
61 
+            [
62 
+                '10.10.10.10',
63 
+                [
64 
+                    'whitelist_0' => '192.168.0.0/16',
65 
+                    'whitelist_1' => '10.10.10.0/24',
66 
+                ],
67 
+                true,
68 
+            ],
69 
+            [
70 
+                '10.10.10.10',
71 
+                [
72 
+                    'whitelist_0' => '10.10.10.11/31',
73 
+                ],
74 
+                true,
75 
+            ],
76 
+            [
77 
+                '10.10.10.10',
78 
+                [
79 
+                    'whitelist_0' => '10.10.10.9/31',
80 
+                ],
81 
+                false,
82 
+            ],
83 
+            [
84 
+                '10.10.10.10',
85 
+                [
86 
+                    'whitelist_0' => '10.10.10.15/29',
87 
+                ],
88 
+                true,
89 
+            ],
90 
+            [
91 
+                'dead:beef:cafe::1',
92 
+                [
93 
+                    'whitelist_0' => '192.168.0.0/16',
94 
+                    'whitelist_1' => '10.10.10.0/24',
95 
+                    'whitelist_2' => 'deaf:beef:cafe:1234::/64'
96 
+                ],
97 
+                false,
98 
+            ],
99 
+            [
100 
+                'dead:beef:cafe::1',
101 
+                [
102 
+                    'whitelist_0' => '192.168.0.0/16',
103 
+                    'whitelist_1' => '10.10.10.0/24',
104 
+                    'whitelist_2' => 'deaf:beef::/64'
105 
+                ],
106 
+                false,
107 
+            ],
108 
+            [
109 
+                'dead:beef:cafe::1',
110 
+                [
111 
+                    'whitelist_0' => '192.168.0.0/16',
112 
+                    'whitelist_1' => '10.10.10.0/24',
113 
+                    'whitelist_2' => 'deaf:cafe::/8'
114 
+                ],
115 
+                true,
116 
+            ],
117 
+            [
118 
+                'dead:beef:cafe::1111',
119 
+                [
120 
+                    'whitelist_0' => 'dead:beef:cafe::1100/123',
121 
+                ],
122 
+                true,
123 
+            ],
124 
+            [
125 
+                'invalid',
126 
+                [],
127 
+                false,
128 
+            ],
129 
+        ];
130 
+    }
131 131
132 
-	/**
133 
-	 * @param string[] $allowList
134 
-	 */
135 
-	#[\PHPUnit\Framework\Attributes\DataProvider('dataIsBypassListed')]
136 
-	public function testIsBypassListed(
137 
-		string $ip,
138 
-		array $allowList,
139 
-		bool $isAllowListed,
140 
-	): void {
141 
-		$this->appConfig->method('searchKeys')
142 
-			->with($this->equalTo('bruteForce'), $this->equalTo('whitelist_'))
143 
-			->willReturn(array_keys($allowList));
132 
+    /**
133 
+     * @param string[] $allowList
134 
+     */
135 
+    #[\PHPUnit\Framework\Attributes\DataProvider('dataIsBypassListed')]
136 
+    public function testIsBypassListed(
137 
+        string $ip,
138 
+        array $allowList,
139 
+        bool $isAllowListed,
140 
+    ): void {
141 
+        $this->appConfig->method('searchKeys')
142 
+            ->with($this->equalTo('bruteForce'), $this->equalTo('whitelist_'))
143 
+            ->willReturn(array_keys($allowList));
144 144
145 
-		$this->appConfig->method('getValueString')
146 
-			->willReturnCallback(function ($app, $key, $default) use ($allowList) {
147 
-				if ($app !== 'bruteForce') {
148 
-					return $default;
149 
-				}
150 
-				if (isset($allowList[$key])) {
151 
-					return $allowList[$key];
152 
-				}
153 
-				return $default;
154 
-			});
145 
+        $this->appConfig->method('getValueString')
146 
+            ->willReturnCallback(function ($app, $key, $default) use ($allowList) {
147 
+                if ($app !== 'bruteForce') {
148 
+                    return $default;
149 
+                }
150 
+                if (isset($allowList[$key])) {
151 
+                    return $allowList[$key];
152 
+                }
153 
+                return $default;
154 
+            });
155 155
156 
-		$this->assertSame(
157 
-			$isAllowListed,
158 
-			$this->allowList->isBypassListed($ip)
159 
-		);
160 
-	}
156 
+        $this->assertSame(
157 
+            $isAllowListed,
158 
+            $this->allowList->isBypassListed($ip)
159 
+        );
160 
+    }
161 161 
 }
Please login to merge, or discard this patch.