You are here

class IpRule in Access Filter 8

Filter rule using IP address.

Plugin annotation


@AccessFilterRule(
  id = "ip",
  description = @Translation("IP address."),
  examples = {
    "- { type: ip, action: deny, address: '*' }",
    "- { type: ip, action: deny, address: 192.168.1.100 }",
    "- { type: ip, action: deny, address: 192.168.1.0/24 }",
    "- { type: ip, action: allow, address: 192.168.1.10-192.168.1.20 }"
  }
)

Hierarchy

Expanded class hierarchy of IpRule

File

src/Plugin/AccessFilter/Rule/IpRule.php, line 26

Namespace

Drupal\access_filter\Plugin\AccessFilter\Rule
View source
class IpRule extends PluginBase implements RuleInterface, ContainerFactoryPluginInterface {

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
    return new static($configuration, $plugin_id, $plugin_definition);
  }

  /**
   * {@inheritdoc}
   */
  public function summary() {
    $action = $this->configuration['action'];
    if ($action == 'allow') {
      return $this
        ->t('Allow from @ip', [
        '@ip' => $this->configuration['address'],
      ]);
    }
    elseif ($action == 'deny') {
      return $this
        ->t('Deny from @ip', [
        '@ip' => $this->configuration['address'],
      ]);
    }
    else {
      return $this
        ->t('Invalid configuration.');
    }
  }

  /**
   * {@inheritdoc}
   */
  public function validateConfiguration(array $configuration) {
    $errors = [];
    if (!isset($configuration['address']) || !strlen($configuration['address'])) {
      $errors[] = $this
        ->t("'@property' is required.", [
        '@property' => 'address',
      ]);
    }
    return $errors;
  }

  /**
   * {@inheritdoc}
   */
  public function check(Request $request) {
    $pattern = isset($this->configuration['address']) ? $this->configuration['address'] : '*';
    if ($pattern == '*') {
      $is_ip_matched = TRUE;
    }
    else {
      $ip = $request
        ->getClientIp();
      $ip_long = ip2long($ip);
      $patterns = explode('-', $pattern);
      if (isset($patterns[1])) {

        // Check as 2 IP address range format.
        $is_ip_matched = $ip_long >= ip2long($patterns[0]) && $ip_long <= ip2long($patterns[1]);
      }
      else {

        // Check as single IP address and subnet format.
        $check = explode('/', $pattern);
        if (!isset($check[1])) {
          $check[1] = 32;
        }
        $network_long = ip2long($check[0]);
        $mask_long = bindec(str_repeat('1', $check[1]) . str_repeat('0', 32 - $check[1]));
        $is_ip_matched = ($ip_long & $mask_long) == $network_long;
      }
    }
    if ($is_ip_matched) {
      if ($this->configuration['action'] == 'allow') {
        return AccessResult::allowed();
      }
      return AccessResult::forbidden();
    }
    return AccessResult::neutral();
  }

}

Members

Namesort descending Modifiers Type Description Overrides
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
IpRule::check public function Checks the current access by the rule. Overrides RuleInterface::check
IpRule::create public static function Creates an instance of the plugin. Overrides ContainerFactoryPluginInterface::create
IpRule::summary public function Gets summary text for the rule. Overrides RuleInterface::summary
IpRule::validateConfiguration public function Validates configuration data. Overrides RuleInterface::validateConfiguration
MessengerTrait::$messenger protected property The messenger. 29
MessengerTrait::messenger public function Gets the messenger. 29
MessengerTrait::setMessenger public function Sets the messenger.
PluginBase::$configuration protected property Configuration information passed into the plugin. 1
PluginBase::$pluginDefinition protected property The plugin implementation definition. 1
PluginBase::$pluginId protected property The plugin_id.
PluginBase::DERIVATIVE_SEPARATOR constant A string which is used to separate base plugin IDs from the derivative ID.
PluginBase::getBaseId public function Gets the base_plugin_id of the plugin instance. Overrides DerivativeInspectionInterface::getBaseId
PluginBase::getDerivativeId public function Gets the derivative_id of the plugin instance. Overrides DerivativeInspectionInterface::getDerivativeId
PluginBase::getPluginDefinition public function Gets the definition of the plugin implementation. Overrides PluginInspectionInterface::getPluginDefinition 3
PluginBase::getPluginId public function Gets the plugin_id of the plugin instance. Overrides PluginInspectionInterface::getPluginId
PluginBase::isConfigurable public function Determines if the plugin is configurable.
PluginBase::__construct public function Constructs a \Drupal\Component\Plugin\PluginBase object. 92
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.