dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow access for addresses that have been unblocked

This commit is contained in:
FusionPBX 2022-09-15 17:34:38 -06:00 committed by GitHub
parent 1d55981cbb
commit 410bab6d05
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 52 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
app/event_guard/resources/service/event_guard.php
View File

@ -452,7 +452,7 @@
return true; return true;
} }
//allow access if the cidr address is allowed //allow access for addresses with authentication status success
if (user_log_allowed($ip_address)) { if (user_log_allowed($ip_address)) {
//save address to the cache as allowed //save address to the cache as allowed
$cache->set("switch:allowed:".$ip_address, 'true'); $cache->set("switch:allowed:".$ip_address, 'true');
@ -466,6 +466,20 @@
return true; return true;
} }
//allow access for addresses that have been unblocked
if (event_guard_log_allowed($ip_address)) {
//save address to the cache as allowed
$cache->set("switch:allowed:".$ip_address, 'true');
//debug info
if ($debug) {
echo "address: ".$ip_address." allowed by: unblocked\n";
}
//return boolean true
return true;
}
//allow access if the cidr address is allowed //allow access if the cidr address is allowed
if (access_control_allowed($ip_address)) { if (access_control_allowed($ip_address)) {
//save address to the cache as allowed //save address to the cache as allowed
@ -494,8 +508,6 @@
return true; return true;
} }
//return //return
return false; return false;
} }
@ -567,7 +579,7 @@
return $allowed; return $allowed;
} }
//determine if the IP address has been allowed by the user log authentication success //determine if the IP address has been allowed by a successful authentication
function user_log_allowed($ip_address) { function user_log_allowed($ip_address) {
//invalid ip address //invalid ip address
@ -601,4 +613,40 @@
//return //return
return $allowed; return $allowed;
} }
//determine if the IP address has been unblocked in the event guard log
function event_guard_log_allowed($ip_address) {
//invalid ip address
if (!filter_var($ip_address, FILTER_VALIDATE_IP)) {
return false;
}
//get the access control allowed nodes
$sql = "select count(event_guard_log_uuid) ";
$sql .= "from v_event_guard_logs ";
$sql .= "where ip_address = :ip_address ";
$sql .= "and log_status = 'unblocked' ";
$parameters['ip_address'] = $ip_address;
$database = new database;
$user_log_count = $database->select($sql, $parameters, 'field');
unset($database);
//debug info
if ($debug) {
echo "address ".$ip_address." count ".$user_log_count."\n";
}
//default authorized to false
$allowed = false;
//use the ip address to get the authorized nodes
if ($user_log_count > 0) {
$allowed = true;
}
//return
return $allowed;
}
?> ?>