includes/utils/MWRestrictions.php

   1 <?php
   2 /**
   3  * A class to check request restrictions expressed as a JSON object
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  */
  20
  21 /**
  22  * A class to check request restrictions expressed as a JSON object
  23  */
  24 class MWRestrictions {
  25
  26         private $ipAddresses = [ '0.0.0.0/0', '::/0' ];
  27
  28         /**
  29          * @param array $restrictions
  30          * @throws InvalidArgumentException
  31          */
  32         protected function __construct( array $restrictions = null ) {
  33                 if ( $restrictions !== null ) {
  34                         $this->loadFromArray( $restrictions );
  35                 }
  36         }
  37
  38         /**
  39          * @return MWRestrictions
  40          */
  41         public static function newDefault() {
  42                 return new self();
  43         }
  44
  45         /**
  46          * @param array $restrictions
  47          * @return MWRestrictions
  48          * @throws InvalidArgumentException
  49          */
  50         public static function newFromArray( array $restrictions ) {
  51                 return new self( $restrictions );
  52         }
  53
  54         /**
  55          * @param string $json JSON representation of the restrictions
  56          * @return MWRestrictions
  57          * @throws InvalidArgumentException
  58          */
  59         public static function newFromJson( $json ) {
  60                 $restrictions = FormatJson::decode( $json, true );
  61                 if ( !is_array( $restrictions ) ) {
  62                         throw new InvalidArgumentException( 'Invalid restrictions JSON' );
  63                 }
  64                 return new self( $restrictions );
  65         }
  66
  67         private function loadFromArray( array $restrictions ) {
  68                 static $validKeys = [ 'IPAddresses' ];
  69                 static $neededKeys = [ 'IPAddresses' ];
  70
  71                 $keys = array_keys( $restrictions );
  72                 $invalidKeys = array_diff( $keys, $validKeys );
  73                 if ( $invalidKeys ) {
  74                         throw new InvalidArgumentException(
  75                                 'Array contains invalid keys: ' . implode( ', ', $invalidKeys )
  76                         );
  77                 }
  78                 $missingKeys = array_diff( $neededKeys, $keys );
  79                 if ( $missingKeys ) {
  80                         throw new InvalidArgumentException(
  81                                 'Array is missing required keys: ' . implode( ', ', $missingKeys )
  82                         );
  83                 }
  84
  85                 if ( !is_array( $restrictions['IPAddresses'] ) ) {
  86                         throw new InvalidArgumentException( 'IPAddresses is not an array' );
  87                 }
  88                 foreach ( $restrictions['IPAddresses'] as $ip ) {
  89                         if ( !\IP::isIPAddress( $ip ) ) {
  90                                 throw new InvalidArgumentException( "Invalid IP address: $ip" );
  91                         }
  92                 }
  93                 $this->ipAddresses = $restrictions['IPAddresses'];
  94         }
  95
  96         /**
  97          * Return the restrictions as an array
  98          * @return array
  99          */
 100         public function toArray() {
 101                 return [
 102                         'IPAddresses' => $this->ipAddresses,
 103                 ];
 104         }
 105
 106         /**
 107          * Return the restrictions as a JSON string
 108          * @param bool|string $pretty Pretty-print the JSON output, see FormatJson::encode
 109          * @return string
 110          */
 111         public function toJson( $pretty = false ) {
 112                 return FormatJson::encode( $this->toArray(), $pretty, FormatJson::ALL_OK );
 113         }
 114
 115         public function __toString() {
 116                 return $this->toJson();
 117         }
 118
 119         /**
 120          * Test against the passed WebRequest
 121          * @param WebRequest $request
 122          * @return Status
 123          */
 124         public function check( WebRequest $request ) {
 125                 $ok = [
 126                         'ip' => $this->checkIP( $request->getIP() ),
 127                 ];
 128                 $status = Status::newGood();
 129                 $status->setResult( $ok === array_filter( $ok ), $ok );
 130                 return $status;
 131         }
 132
 133         /**
 134          * Test an IP address
 135          * @param string $ip
 136          * @return bool
 137          */
 138         public function checkIP( $ip ) {
 139                 foreach ( $this->ipAddresses as $range ) {
 140                         if ( \IP::isInRange( $ip, $range ) ) {
 141                                 return true;
 142                         }
 143                 }
 144
 145                 return false;
 146         }
 147 }