Discource-C/discourse
1
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-10 21:34:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
discourse/app/controllers/admin/screened_ip_addresses_controller.rb
Bianca Nenciu 5d35c38db2
FEATURE: Search screened IP address in blocks (#15461) 
An admin could search for all screened ip addresses in a block by
using wildcards. 192.168.* returned all IPs in range 192.168.0.0/16.
This feature allows admins to search for a single IP address in all
screened IP blocks. 192.168.0.1 returns all IP blocks that match it,
for example 192.168.0.0/16.

* FEATURE: Remove roll up button for screened IPs

* FIX: Match more specific screened IP address first
2022-01-11 09:16:51 +02:00

61 lines
1.6 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require_dependency 'ip_addr'
class Admin::ScreenedIpAddressesController < Admin::AdminController
before_action :fetch_screened_ip_address, only: [:update, :destroy]
def index
filter = params[:filter]
filter = IPAddr.handle_wildcards(filter)
screened_ip_addresses = ScreenedIpAddress
screened_ip_addresses = screened_ip_addresses.where("cidr :filter >>= ip_address OR ip_address >>= cidr :filter", filter: filter) if filter.present?
screened_ip_addresses = screened_ip_addresses.limit(200).order('match_count desc')
begin
screened_ip_addresses = screened_ip_addresses.to_a
rescue ActiveRecord::StatementInvalid
# postgresql throws a PG::InvalidTextRepresentation exception when filter isn't a valid cidr expression
screened_ip_addresses = []
end
render_serialized(screened_ip_addresses, ScreenedIpAddressSerializer)
end
def create
screened_ip_address = ScreenedIpAddress.new(allowed_params)
if screened_ip_address.save
render_serialized(screened_ip_address, ScreenedIpAddressSerializer)
else
render_json_error(screened_ip_address)
end
end
def update
if @screened_ip_address.update(allowed_params)
render_serialized(@screened_ip_address, ScreenedIpAddressSerializer)
else
render_json_error(@screened_ip_address)
end
end
def destroy
@screened_ip_address.destroy
render json: success_json
end
private
def allowed_params
params.require(:ip_address)
params.permit(:ip_address, :action_name)
end
def fetch_screened_ip_address
@screened_ip_address = ScreenedIpAddress.find(params[:id])
end
end
Reference in New Issue View Git Blame Copy Permalink