Merge pull request #585 from lovenunu/firewall
Apply firewall rules only in prod environment
This commit is contained in:
Manuel Raynaud
@@ -201,7 +201,9 @@ abstract class BaseController extends ContainerAware
|
|||||||
$form->bind($aBaseForm->getRequest());
|
$form->bind($aBaseForm->getRequest());
|
||||||
|
|
||||||
if ($form->isValid()) {
|
if ($form->isValid()) {
|
||||||
if ($aBaseForm instanceof FirewallForm && !$aBaseForm->isFirewallOk()) {
|
$env = $this->container->getParameter("kernel.environment");
|
||||||
|
|
||||||
|
if ($aBaseForm instanceof FirewallForm && !$aBaseForm->isFirewallOk($env)) {
|
||||||
throw new FormValidationException(
|
throw new FormValidationException(
|
||||||
$this->getTranslator()->trans(
|
$this->getTranslator()->trans(
|
||||||
"You've submitted this form too many times. Further submissions will be ignored during %time",
|
"You've submitted this form too many times. Further submissions will be ignored during %time",
|
||||||
|
|||||||
@@ -32,41 +32,43 @@ abstract class FirewallForm extends BaseForm
|
|||||||
const DEFAULT_TIME_TO_WAIT = 60; // 1 hour
|
const DEFAULT_TIME_TO_WAIT = 60; // 1 hour
|
||||||
const DEFAULT_ATTEMPTS = 6;
|
const DEFAULT_ATTEMPTS = 6;
|
||||||
|
|
||||||
public function isFirewallOk()
|
public function isFirewallOk($env)
|
||||||
{
|
{
|
||||||
/**
|
if ($env === "prod") {
|
||||||
* Empty the firewall
|
/**
|
||||||
*/
|
* Empty the firewall
|
||||||
$deleteTime = date("Y-m-d G:i:s", time() - $this->getConfigTime() * 60 );
|
*/
|
||||||
$collection = FormFirewallQuery::create()
|
$deleteTime = date("Y-m-d G:i:s", time() - $this->getConfigTime() * 60 );
|
||||||
->filterByFormName($this->getName())
|
$collection = FormFirewallQuery::create()
|
||||||
->filterByUpdatedAt($deleteTime, Criteria::LESS_THAN)
|
->filterByFormName($this->getName())
|
||||||
->find();
|
->filterByUpdatedAt($deleteTime, Criteria::LESS_THAN)
|
||||||
|
->find();
|
||||||
|
|
||||||
$collection->delete();
|
$collection->delete();
|
||||||
|
|
||||||
$firewallInstance = FormFirewallQuery::create()
|
$firewallInstance = FormFirewallQuery::create()
|
||||||
->filterByFormName($this->getName())
|
->filterByFormName($this->getName())
|
||||||
->filterByIpAddress($this->request->getClientIp())
|
->filterByIpAddress($this->request->getClientIp())
|
||||||
->findOne()
|
->findOne()
|
||||||
;
|
;
|
||||||
|
|
||||||
if ($this->isFirewallActive() && null !== $firewallInstance) {
|
if ($this->isFirewallActive() && null !== $firewallInstance) {
|
||||||
if ($firewallInstance->getAttempts() < $this->getConfigAttempts()) {
|
if ($firewallInstance->getAttempts() < $this->getConfigAttempts()) {
|
||||||
$firewallInstance->incrementAttempts();
|
$firewallInstance->incrementAttempts();
|
||||||
|
} else {
|
||||||
|
/** Set updated_at at NOW() */
|
||||||
|
$firewallInstance->save();
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
/** Set updated_at at NOW() */
|
$firewallInstance = (new FormFirewall())
|
||||||
|
->setIpAddress($this->request->getClientIp())
|
||||||
|
->setFormName($this->getName())
|
||||||
|
;
|
||||||
$firewallInstance->save();
|
$firewallInstance->save();
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
$firewallInstance = (new FormFirewall())
|
|
||||||
->setIpAddress($this->request->getClientIp())
|
|
||||||
->setFormName($this->getName())
|
|
||||||
;
|
|
||||||
$firewallInstance->save();
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
|||||||
@@ -88,11 +88,11 @@ class FirewallTest extends \PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
if ($i > 6) {
|
if ($i > 6) {
|
||||||
$this->assertFalse(
|
$this->assertFalse(
|
||||||
$this->form->isFirewallOk()
|
$this->form->isFirewallOk("prod")
|
||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
$this->assertTrue(
|
$this->assertTrue(
|
||||||
$this->form->isFirewallOk()
|
$this->form->isFirewallOk("prod")
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -145,7 +145,7 @@ class FirewallTest extends \PHPUnit_Framework_TestCase
|
|||||||
public function testAutoDelete()
|
public function testAutoDelete()
|
||||||
{
|
{
|
||||||
/** Add two rows */
|
/** Add two rows */
|
||||||
$this->form->isFirewallOk();
|
$this->form->isFirewallOk("prod");
|
||||||
|
|
||||||
$this->form
|
$this->form
|
||||||
->expects($this->any())
|
->expects($this->any())
|
||||||
@@ -153,7 +153,7 @@ class FirewallTest extends \PHPUnit_Framework_TestCase
|
|||||||
->will($this->returnValue("test_form_firewall_2"))
|
->will($this->returnValue("test_form_firewall_2"))
|
||||||
;
|
;
|
||||||
|
|
||||||
$this->form->isFirewallOk();
|
$this->form->isFirewallOk("prod");
|
||||||
|
|
||||||
/** Set the time to 1h and 1s after the limit */
|
/** Set the time to 1h and 1s after the limit */
|
||||||
FormFirewallQuery::create()
|
FormFirewallQuery::create()
|
||||||
@@ -162,7 +162,7 @@ class FirewallTest extends \PHPUnit_Framework_TestCase
|
|||||||
->save()
|
->save()
|
||||||
;
|
;
|
||||||
|
|
||||||
$this->form->isFirewallOk();
|
$this->form->isFirewallOk("prod");
|
||||||
|
|
||||||
/** Assert that the table is empty */
|
/** Assert that the table is empty */
|
||||||
$this->assertEquals(
|
$this->assertEquals(
|
||||||
|
|||||||
Reference in New Issue
Block a user