jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix #4736: Display network prefix length (if present) in API key IP whitelist.

Browse Source
This commit is contained in:
evazion
2021-03-01 02:23:05 -06:00
parent e5bbc039ae
commit 35a0c6b11f
8 changed files with 42 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
app/logical/danbooru/ip_address.rb Normal file
View File

@@ -0,0 +1,23 @@
# A wrapper around the IPAddress gem that adds some extra utility methods.
#
# https://github.com/ipaddress-gem/ipaddress
module Danbooru
class IpAddress
attr_reader :ip_address
delegate_missing_to :ip_address
def initialize(string)
@ip_address = ::IPAddress.parse(string)
end
# "1.2.3.4/24" if the address is a subnet, "1.2.3.4" otherwise.
def to_s
ip_address.size > 1 ? ip_address.to_string : ip_address.to_s
end
def inspect
"#<Danbooru::IpAddress #{to_s}>"
end
end
end

9
app/logical/ip_address_type.rb
View File

@@ -1,9 +1,14 @@
# See also config/initializers/types.rb
require "active_record/connection_adapters/postgresql_adapter"
class IpAddressType < ActiveRecord::ConnectionAdapters::PostgreSQL::OID::Inet class IpAddressType < ActiveRecord::ConnectionAdapters::PostgreSQL::OID::Inet
def cast(value) def cast(value)
super(IPAddress.parse(value)) return nil if value.blank?
super(Danbooru::IpAddress.new(value))
end end
def serialize(value) def serialize(value)
value.to_string value&.to_string
end end
end end

3
app/models/api_key.rb
View File

@@ -1,4 +1,7 @@
class ApiKey < ApplicationRecord class ApiKey < ApplicationRecord
attribute :permitted_ip_addresses, :ip_address, array: true
attribute :last_ip_address, :ip_address
array_attribute :permissions array_attribute :permissions
array_attribute :permitted_ip_addresses array_attribute :permitted_ip_addresses

5
app/models/ip_address.rb
View File

@@ -1,7 +1,7 @@
class IpAddress < ApplicationRecord class IpAddress < ApplicationRecord
belongs_to :model, polymorphic: true belongs_to :model, polymorphic: true
belongs_to :user belongs_to :user
attribute :ip_addr, IpAddressType.new attribute :ip_addr, :ip_address
def self.model_types def self.model_types
%w[Post User Comment Dmail ArtistVersion ArtistCommentaryVersion NoteVersion WikiPageVersion] %w[Post User Comment Dmail ArtistVersion ArtistCommentaryVersion NoteVersion WikiPageVersion]
@@ -41,8 +41,7 @@ class IpAddress < ApplicationRecord
end end
def to_s def to_s
# include the subnet mask only when the IP denotes a subnet. ip_addr.to_s
(ip_addr.size > 1) ? ip_addr.to_string : ip_addr.to_s
end end
def readonly? def readonly?

4
app/views/api_keys/_form.html.erb
View File

@@ -1,6 +1,6 @@
<%= edit_form_for(api_key, html: { class: "stacked-hints" }) do |f| %> <%= edit_form_for(api_key, html: { class: "stacked-hints" }) do |f| %>
<%= f.input :name, as: :string, hint: "An optional name to help you remember what this key is for." %> <%= f.input :name, as: :string, hint: "An optional name to help you remember what this key is for." %>
<%= f.input :permitted_ip_addresses, label: "IP Addresses", as: :string, hint: "An optional list of IPs allowed to use this key. Leave blank to allow all IPs." %> <%= f.input :permitted_ip_addresses, label: "IP Addresses", as: :string, hint: "An optional list of IPs allowed to use this key. Space separated, subnets allowed. Leave blank to allow all IPs." %>
<%= f.input :permissions, as: :select, collection: ApiKey.permissions_list, hint: "An optional list of API endpoints this key can use. Ctrl+click to select multiple endpoints. Leave blank to allow all API endpoints.", input_html: { multiple: true } %> <%= f.input :permissions, as: :select, collection: ApiKey.permissions_list, hint: "An optional list of API endpoints this key is allowed to use. Ctrl+click to select multiple endpoints. Leave blank to allow all API endpoints.", input_html: { multiple: true } %>
<%= f.submit "Create" %> <%= f.submit "Create" %>
<% end %> <% end %>

7
config/initializers/inflections.rb
View File

@@ -11,7 +11,6 @@ ActiveSupport::Inflector.inflections(:en) do |inflect|
# inflect.uncountable %w( fish sheep ) # inflect.uncountable %w( fish sheep )
end end
# These inflection rules are supported but not enabled by default: #ActiveSupport::Inflector.inflections(:en) do |inflect|
# ActiveSupport::Inflector.inflections(:en) do |inflect| # inflect.acronym "IP" # IPAddress
# inflect.acronym 'RESTful' #end
# end

1
config/initializers/types.rb Normal file
View File

@@ -0,0 +1 @@
ActiveRecord::Type.register(:ip_address, IpAddressType)

2
test/unit/api_key_test.rb
View File

@@ -24,10 +24,10 @@ class ApiKeyTest < ActiveSupport::TestCase
should allow_value([]).for(:permitted_ip_addresses) should allow_value([]).for(:permitted_ip_addresses)
should allow_value(["1.2.3.4"]).for(:permitted_ip_addresses) should allow_value(["1.2.3.4"]).for(:permitted_ip_addresses)
should allow_value(["1.2.3.4/24"]).for(:permitted_ip_addresses) should allow_value(["1.2.3.4/24"]).for(:permitted_ip_addresses)
should allow_value(["1.2.3.4/24 4.5.6.7/24"]).for(:permitted_ip_addresses)
should allow_value(["0.0.0.0/0"]).for(:permitted_ip_addresses) should allow_value(["0.0.0.0/0"]).for(:permitted_ip_addresses)
should allow_value(["2600::1/64"]).for(:permitted_ip_addresses) should allow_value(["2600::1/64"]).for(:permitted_ip_addresses)
#should allow_value(["1.2.3.4/24 4.5.6.7/24"]).for(:permitted_ip_addresses)
#should_not allow_value(["blah"]).for(:permitted_ip_addresses) #should_not allow_value(["blah"]).for(:permitted_ip_addresses)
#should_not allow_value(["1.2.3.4/64"]).for(:permitted_ip_addresses) #should_not allow_value(["1.2.3.4/64"]).for(:permitted_ip_addresses)
end end