core: Refactor bridge whitelisting
- Move all whitelisting functionality inside Bridge.php
- Set default whitelist once in index.php using Bridge::setWhitelist()
- Include bridge sanitizing inside Bridge.php
Bridge::sanitizeBridgeName($name)
Bridge.php now maintains the whitelist internally.
This commit is contained in:
logmanoriginal
parent
a0490e3673
commit
e26d61ec0a
3 changed files with 89 additions and 34 deletions
|
|
@ -4,6 +4,12 @@ class Bridge {
|
|||
|
||||
static protected $dirBridge;
|
||||
|
||||
/**
|
||||
* Holds the active whitelist.
|
||||
* Use Bridge::getWhitelist() instead of accessing this parameter directly!
|
||||
*/
|
||||
private static $whitelist = array();
|
||||
|
||||
public function __construct(){
|
||||
throw new \LogicException('Please use ' . __CLASS__ . '::create for new object.');
|
||||
}
|
||||
|
|
@ -78,11 +84,80 @@ EOD;
|
|||
return $listBridge;
|
||||
}
|
||||
|
||||
static public function isWhitelisted($whitelist, $name){
|
||||
return in_array($name, $whitelist)
|
||||
|| in_array($name . '.php', $whitelist)
|
||||
|| in_array($name . 'bridge', $whitelist) // DEPRECATED
|
||||
|| in_array($name . 'bridge.php', $whitelist) // DEPRECATED
|
||||
|| (count($whitelist) === 1 && trim($whitelist[0]) === '*');
|
||||
/**
|
||||
* @return bool Returns true if the given bridge is whitelisted.
|
||||
*/
|
||||
static public function isWhitelisted($name){
|
||||
return in_array(Bridge::sanitizeBridgeName($name), Bridge::getWhitelist());
|
||||
}
|
||||
|
||||
/**
|
||||
* On first call reads the whitelist from WHITELIST. Each line in the file
|
||||
* specifies one bridge that will be placed on the whitelist. An empty file
|
||||
* disables all bridges. '*' enables all bridges.
|
||||
*
|
||||
* @return array Returns a list of whitelisted bridges
|
||||
*/
|
||||
public static function getWhitelist() {
|
||||
|
||||
static $firstCall = true; // Initialized on first call
|
||||
|
||||
if($firstCall) {
|
||||
|
||||
// Create initial whitelist or load from disk
|
||||
if (!file_exists(WHITELIST) && !empty(Bridge::$whitelist)) {
|
||||
file_put_contents(WHITELIST, implode("\n", Bridge::$whitelist));
|
||||
} else {
|
||||
|
||||
$contents = trim(file_get_contents(WHITELIST));
|
||||
|
||||
if($contents === '*') { // Whitelist all bridges
|
||||
Bridge::$whitelist = Bridge::listBridges();
|
||||
} else {
|
||||
Bridge::$whitelist = array_map('Bridge::sanitizeBridgeName', explode("\n", $contents));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return Bridge::$whitelist;
|
||||
|
||||
}
|
||||
|
||||
public static function setWhitelist($default = array()) {
|
||||
Bridge::$whitelist = array_map('Bridge::sanitizeBridgeName', $default);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string Returns a sanitized bridge name if the given name has been
|
||||
* found valid, null otherwise.
|
||||
*/
|
||||
private static function sanitizeBridgeName($name) {
|
||||
|
||||
if(is_string($name)) {
|
||||
|
||||
// Trim trailing '.php' if exists
|
||||
if(preg_match('/(.+)(?:\.php)/', $name, $matches)) {
|
||||
$name = $matches[1];
|
||||
}
|
||||
|
||||
// Trim trailing 'Bridge' if exists
|
||||
if(preg_match('/(.+)(?:Bridge)/i', $name, $matches)) {
|
||||
$name = $matches[1];
|
||||
}
|
||||
|
||||
// The name is valid if a corresponding bridge file is found on disk
|
||||
if(in_array(strtolower($name), array_map('strtolower', Bridge::listBridges()))) {
|
||||
$index = array_search(strtolower($name), array_map('strtolower', Bridge::listBridges()));
|
||||
return Bridge::listBridges()[$index];
|
||||
}
|
||||
|
||||
Debug::log('Invalid bridge name specified: "' . $name . '"!');
|
||||
|
||||
}
|
||||
|
||||
return null; // Bad parameter
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ final class BridgeList {
|
|||
EOD;
|
||||
}
|
||||
|
||||
private static function getBridges($whitelist, $showInactive, &$totalBridges, &$totalActiveBridges) {
|
||||
private static function getBridges($showInactive, &$totalBridges, &$totalActiveBridges) {
|
||||
|
||||
$body = '';
|
||||
$totalActiveBridges = 0;
|
||||
|
|
@ -35,7 +35,7 @@ EOD;
|
|||
|
||||
foreach($bridgeList as $bridgeName) {
|
||||
|
||||
if(Bridge::isWhitelisted($whitelist, strtolower($bridgeName))) {
|
||||
if(Bridge::isWhitelisted($bridgeName)) {
|
||||
|
||||
$body .= BridgeCard::displayBridgeCard($bridgeName, $formats);
|
||||
$totalActiveBridges++;
|
||||
|
|
@ -131,7 +131,7 @@ EOD;
|
|||
EOD;
|
||||
}
|
||||
|
||||
static function create($whitelist, $showInactive = true) {
|
||||
static function create($showInactive = true) {
|
||||
|
||||
$totalBridges = 0;
|
||||
$totalActiveBridges = 0;
|
||||
|
|
@ -141,7 +141,7 @@ EOD;
|
|||
. '<body onload="search()">'
|
||||
. BridgeList::getHeader()
|
||||
. BridgeList::getSearchbar()
|
||||
. BridgeList::getBridges($whitelist, $showInactive, $totalBridges, $totalActiveBridges)
|
||||
. BridgeList::getBridges($showInactive, $totalBridges, $totalActiveBridges)
|
||||
. BridgeList::getFooter($totalBridges, $totalActiveBridges, $showInactive)
|
||||
. '</body></html>';
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue