Add new sql table in update file

modifié: core/lib/Thelia/Form/FirewallForm.php modifié: setup/insert.sql modifié: setup/update/2.0.3.sql
2014-07-16 08:50:50 +02:00
parent ee11915feb
commit 3469a56c17
3 changed files with 62 additions and 11 deletions
--- a/core/lib/Thelia/Form/FirewallForm.php
+++ b/core/lib/Thelia/Form/FirewallForm.php
@@ -23,28 +23,28 @@ use Thelia\Model\FormFirewallQuery;
 abstract class FirewallForm extends BaseForm
 {
    /**
-     * Those values are for a "normal" security context
+     * Those values are for a "normal" security policy
     */
    const DEFAULT_TIME_TO_WAIT = 1;
-    const DEFAULT_ATTEMPTS = 3;
+    const DEFAULT_ATTEMPTS = 6;

    /** @var  \Thelia\Model\FormFirewall */
-    protected static $cachedInstance;
+    protected $firewallInstance;

    public function __construct(Request $request, $type = "form", $data = array(), $options = array())
    {
-        parent::__construct($request, $type, $data, $options);
-
-        static::$cachedInstance = FormFirewallQuery::create()
+        $this->firewallInstance = FormFirewallQuery::create()
            ->filterByFormName($this->getName())
            ->filterByIpAddress($this->request->getClientIp())
            ->findOne()
        ;
+        parent::__construct($request, $type, $data, $options);
    }

    public function isFirewallOk()
    {
-        if (null !== $firewallRow = &static::$cachedInstance) {
+
+        if ($this->isFirewallActive() && null !== $firewallRow = &$this->firewallInstance) {
            /** @var \DateTime $lastRequestDateTime */
            $lastRequestDateTime = $firewallRow->getUpdatedAt();

@@ -68,13 +68,12 @@ abstract class FirewallForm extends BaseForm
                return false;
            }
        } else {
-            $firewallRow = (new FormFirewall())
+            $this->firewallInstance = $firewallRow = (new FormFirewall())
                ->setIpAddress($this->request->getClientIp())
                ->setFormName($this->getName())
            ;
            $firewallRow->save();

-            static::$cachedInstance = $firewallRow;
        }

        return true;
@@ -99,4 +98,9 @@ abstract class FirewallForm extends BaseForm
    {
        return ConfigQuery::read("form_firewall_attempts", static::DEFAULT_ATTEMPTS);
    }
+
+    public function isFirewallActive()
+    {
+        return ConfigQuery::read("form_firewall_active", true);
+    }
 }
--- a/setup/insert.sql
+++ b/setup/insert.sql
@@ -53,8 +53,9 @@ INSERT INTO `config` (`name`, `value`, `secured`, `hidden`, `created_at`, `updat
 ('sitemap_ttl','7200', 1, 1, NOW(), NOW()),
 ('feed_ttl','7200', 1, 1, NOW(), NOW()),

-('form_firewall_time_to_wait', '1', 1, 1, NOW(), NOW()),
-('form_firewall_attempts', '3', 1, 1, NOW(), NOW());
+('form_firewall_time_to_wait', '1', 0, 0, NOW(), NOW()),
+('form_firewall_attempts', '6', 0, 0, NOW(), NOW()),
+('from_firewall_active', '1', 0, 0, NOW(), NOW());


 INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
--- a/setup/update/2.0.3.sql
+++ b/setup/update/2.0.3.sql
@@ -264,6 +264,52 @@ SELECT @max := MAX(`id`) FROM `config`;
 INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
  (@max, 'en_US', 'Whitespace trim level of the generated HTML code (0 = none, 1 = medium, 2 = maximum)', NULL, NULL, NULL);

+-- ---------------------------------------------------------------------
+-- form_firewall
+-- ---------------------------------------------------------------------
+
+DROP TABLE IF EXISTS `form_firewall`;
+
+CREATE TABLE `form_firewall`
+(
+    `id` INTEGER NOT NULL AUTO_INCREMENT,
+    `form_name` VARCHAR(255) NOT NULL,
+    `ip_address` VARCHAR(15) NOT NULL,
+    `attempts` TINYINT DEFAULT 1,
+    `created_at` DATETIME,
+    `updated_at` DATETIME,
+    PRIMARY KEY (`id`),
+    INDEX `idx_form_firewall_form_name` (`form_name`),
+    INDEX `idx_form_firewall_ip_address` (`ip_address`)
+) ENGINE=InnoDB;
+
+
+INSERT INTO `config`(`name`, `value`, `secured`, `hidden`, `created_at`, `updated_at`) VALUES
+('form_firewall_time_to_wait', '1', 0, 0, NOW(), NOW()),
+('form_firewall_attempts', '6', 0, 0, NOW(), NOW())
+('from_firewall_active', '1', 0, 0, NOW(), NOW())
+;
+
+SELECT @time = `id` FROM `config` WHERE `name` =  'form_firewall_time_to_wait';
+SELECT @attempts = `id` FROM `config` WHERE `name` =  'form_firewall_attempts';
+SELECT @active = `id` FROM `config` WHERE `name` =  'from_firewall_active';
+
+INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
+  (@time, 'en_US', '[Firewall] Time to wait between X attempts', NULL, NULL, NULL),
+  (@time, 'fr_FR', '[Pare-feu] Temps à attendre entre X essais', NULL, NULL, NULL)
+;
+
+INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
+  (@attempts, 'en_US', '[Firewall] Number of allowed attemps', NULL, NULL, NULL),
+  (@attempts, 'fr_FR', '[Pare-feu] Nombre de tentatives autorisées', NULL, NULL, NULL)
+;
+
+INSERT INTO `config_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
+  (@active, 'en_US', '[Firewall] Activate the firewall', NULL, NULL, NULL),
+  (@active, 'fr_FR', '[Pare-feu] Activer le pare-feu', NULL, NULL, NULL)
+;
+
+
 # Done !
 # ------
 SET FOREIGN_KEY_CHECKS = 1;