Ana Sayfa Keşfet Yardım
Giriş Yap
TC
/
arozos
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: 137096e114
Dallar Biçim İmleri
arozos
/
mod
/
auth
/
accesscontrol
/
whitelist
/
whitelist.go

whitelist.go 2.7 KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 
  1. package whitelist
    2. 

  2. 

  3. import (
    4. 

  4. 	"errors"
    5. 

  5. 	"log"
    6. 

  6. 	"strings"
    7. 

  7. 

  8. 	"imuslab.com/arozos/mod/auth/accesscontrol"
    9. 

  9. 	"imuslab.com/arozos/mod/database"
    10. 

  10. )
    11. 

  11. 

  12. /*
    13. 

  13. 	Whitelist
    14. 

  14. 

  15. */
    16. 

  16. 

  17. type WhiteList struct {
    18. 

  18. 	database *database.Database
    19. 

  19. 	Enabled  bool
    20. 

  20. }
    21. 

  21. 

  22. func NewWhitelistManager(sysdb *database.Database) *WhiteList {
    23. 

  23. 	sysdb.NewTable("ipwhitelist")
    24. 

  24. 

  25. 	whitelistEnabled := false
    26. 

  26. 	if sysdb.KeyExists("ipwhitelist", "enable") {
    27. 

  27. 		err := sysdb.Read("ipwhitelist", "enable", &whitelistEnabled)
    28. 

  28. 		if err != nil {
    29. 

  29. 			log.Println("[Auth/Whitelist] Unable to load previous enable state from database. Using default.")
    30. 

  30. 		}
    31. 

  31. 	}
    32. 

  32. 

  33. 	return &WhiteList{
    34. 

  34. 		database: sysdb,
    35. 

  35. 		Enabled:  whitelistEnabled,
    36. 

  36. 	}
    37. 

  37. }
    38. 

  38. 

  39. func (wl *WhiteList) SetWhitelistEnabled(enable bool) {
    40. 

  40. 	if enable {
    41. 

  41. 		wl.Enabled = true
    42. 

  42. 		wl.database.Write("ipwhitelist", "enable", true)
    43. 

  43. 	} else {
    44. 

  44. 		wl.Enabled = false
    45. 

  45. 		wl.database.Write("ipwhitelist", "enable", false)
    46. 

  46. 	}
    47. 

  47. }
    48. 

  48. 

  49. func (wl *WhiteList) IsWhitelisted(ip string) bool {
    50. 

  50. 	//Check if whitelist is enabled
    51. 

  51. 	if wl.Enabled == false {
    52. 

  52. 		return true
    53. 

  53. 	}
    54. 

  54. 

  55. 	//Check if this is reserved IP address
    56. 

  56. 	if ip == "127.0.0.1" || ip == "localhost" {
    57. 

  57. 		return true
    58. 

  58. 	}
    59. 

  59. 

  60. 	//Check if this particular ip is whitelisted
    61. 

  61. 	if wl.database.KeyExists("ipwhitelist", ip) {
    62. 

  62. 		return true
    63. 

  63. 	}
    64. 

  64. 

  65. 	//The ip might be inside as a range. Do a range search.
    66. 

  66. 	//Need optimization, current implementation is O(N)
    67. 

  67. 	for _, thisIpRange := range wl.ListWhitelistedIpRanges() {
    68. 

  68. 		if accesscontrol.IpInRange(ip, thisIpRange) {
    69. 

  69. 			return true
    70. 

  70. 		}
    71. 

  71. 	}
    72. 

  72. 	return false
    73. 

  73. }
    74. 

  74. 

  75. func (wl *WhiteList) ListWhitelistedIpRanges() []string {
    76. 

  76. 	entries, err := wl.database.ListTable("ipwhitelist")
    77. 

  77. 	if err != nil {
    78. 

  78. 		return []string{}
    79. 

  79. 	}
    80. 

  80. 	results := []string{"127.0.0.1"}
    81. 

  81. 	for _, keypairs := range entries {
    82. 

  82. 		thisIpRange := keypairs[0]
    83. 

  83. 		if string(thisIpRange) == "enable" || accesscontrol.ValidateIpRange(string(thisIpRange)) != nil {
    84. 

  84. 			//Reserved key field
    85. 

  85. 			continue
    86. 

  86. 		}
    87. 

  87. 		results = append(results, string(thisIpRange))
    88. 

  88. 	}
    89. 

  89. 	return results
    90. 

  90. }
    91. 

  91. 

  92. func (wl *WhiteList) SetWhitelist(ipRange string) error {
    93. 

  93. 	//Check if the IP range is correct
    94. 

  94. 	err := accesscontrol.ValidateIpRange(ipRange)
    95. 

  95. 	if err != nil {
    96. 

  96. 		return err
    97. 

  97. 	}
    98. 

  98. 

  99. 	//Push it to the ban list
    100. 

  100. 	ipRange = strings.TrimSpace(ipRange)
    101. 

  101. 	ipRange = strings.ReplaceAll(ipRange, " ", "")
    102. 

  102. 	return wl.database.Write("ipwhitelist", ipRange, true)
    103. 

  103. }
    104. 

  104. 

  105. func (wl *WhiteList) UnsetWhitelist(ipRange string) error {
    106. 

  106. 	//Check if the IP range is correct
    107. 

  107. 	err := accesscontrol.ValidateIpRange(ipRange)
    108. 

  108. 	if err != nil {
    109. 

  109. 		return err
    110. 

  110. 	}
    111. 

  111. 

  112. 	//Check if the ip range is banned
    113. 

  113. 	if !wl.database.KeyExists("ipwhitelist", ipRange) {
    114. 

  114. 		return errors.New("invalid IP range given")
    115. 

  115. 	}
    116. 

  116. 

  117. 	//Ip range exists, remove it from database
    118. 

  118. 	return wl.database.Delete("ipwhitelist", ipRange)
    119. 

  119. }
    120.