You are here

function warden_access_callback in Warden 7

Same name and namespace in other branches
  1. 6 warden.module \warden_access_callback()

Access callback: Check authorized IP.

1 string reference to 'warden_access_callback'
warden_menu in ./warden.module
Implements hook_menu().

File

./warden.module, line 61
Drupal system status

Code

function warden_access_callback() {
  $allow_requests = variable_get('warden_allow_requests', FALSE);
  if (empty($allow_requests)) {
    watchdog('warden', 'Update request denied: warden_allow_requests is set to FALSE', array(), WATCHDOG_WARNING);
    return FALSE;
  }
  if (empty($_POST) || empty($_POST['token'])) {
    watchdog('warden', 'Update request denied: request body is empty or missing the security token', array(), WATCHDOG_WARNING);
    return FALSE;
  }
  if (!warden_get_api()
    ->isValidWardenToken($_POST['token'], REQUEST_TIME)) {
    watchdog('warden', 'Update request denied: Failed to validate security token in request at timestamp @time', array(
      '@time' => REQUEST_TIME,
    ), WATCHDOG_WARNING);
    return FALSE;
  }
  $allowed_ips = variable_get('warden_public_allow_ips', '127.0.0.1,::1');
  if (!empty($allowed_ips)) {
    $ip_address = ip_address();
    $allowed_ips = explode(',', variable_get('warden_public_allow_ips', '127.0.0.1,::1'));
    foreach ($allowed_ips as &$address) {
      if ($ip_address === $address) {
        return TRUE;
      }
    }

    // No IP addresses match.
    watchdog('warden', 'Update request denied: The requesting IP is not in the warden_public_allow_ips whitelist - @ip', array(
      '@ip' => $ip_address,
    ), WATCHDOG_WARNING);
    return FALSE;
  }
  return TRUE;
}