Class: ForestAdminAgent::Services::IpWhitelist

Inherits:

Object

• Object
• ForestAdminAgent::Services::IpWhitelist

Defined in:

lib/forest_admin_agent/services/ip_whitelist.rb

Constant Summary

RULE_MATCH_IP =

0

RULE_MATCH_RANGE =

1

RULE_MATCH_SUBNET =

2

Instance Attribute Summary

• #forest_api ⇒ Object readonly

  Returns the value of attribute forest_api.

Instance Method Summary

• #both_loopback?(ip1, ip2) ⇒ Boolean
• #enabled? ⇒ Boolean
• #initialize ⇒ IpWhitelist constructor

  A new instance of IpWhitelist.

• #ip_match_ip?(ip1, ip2) ⇒ Boolean
• #ip_match_range?(ip, min, max) ⇒ Boolean
• #ip_match_subnet?(ip, subnet) ⇒ Boolean
• #ip_matches_any_rule?(ip) ⇒ Boolean
• #ip_matches_rule?(ip, rule) ⇒ Boolean
• #ip_version(ip) ⇒ Object
• #rules ⇒ Object
• #same_ip_version?(ip1, ip2) ⇒ Boolean
• #use_ip_whitelist ⇒ Object

Constructor Details

#initialize ⇒ IpWhitelist

Returns a new instance of IpWhitelist.

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 12

def initialize
  @forest_api = ForestAdminAgent::Http::ForestAdminApiRequester.new
end

Instance Attribute Details

#forest_api ⇒ Object (readonly)

Returns the value of attribute forest_api.

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 10

def forest_api
  @forest_api
end

Instance Method Details

#both_loopback?(ip1, ip2) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 65

def both_loopback?(ip1, ip2)
  IPAddress(ip1).loopback? && IPAddress(ip2).loopback?
end

#enabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 26

def enabled?
  use_ip_whitelist && !rules.empty?
end

#ip_match_ip?(ip1, ip2) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 47

def ip_match_ip?(ip1, ip2)
  return both_loopback?(ip1, ip2) unless same_ip_version?(ip1, ip2)

  if ip1 == ip2
    true
  else
    both_loopback?(ip1, ip2)
  end
end

#ip_match_range?(ip, min, max) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 69

def ip_match_range?(ip, min, max)
  return false unless same_ip_version?(ip, min)

  ip_range_minimum = (IPAddress min)
  ip_range_maximum = (IPAddress max)
  ip_value = (IPAddress ip)

  ip_value.between?(ip_range_minimum, ip_range_maximum)
end

#ip_match_subnet?(ip, subnet) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 79

def ip_match_subnet?(ip, subnet)
  return false unless same_ip_version?(ip, subnet)

  IPAddress(subnet).include?(IPAddress(ip))
end

#ip_matches_any_rule?(ip) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 30

def ip_matches_any_rule?(ip)
  rules.any? { |rule| ip_matches_rule?(ip, rule) }
end

#ip_matches_rule?(ip, rule) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 34

def ip_matches_rule?(ip, rule)
  case rule['type']
  when RULE_MATCH_IP
    ip_match_ip?(ip, rule['ip'])
  when RULE_MATCH_RANGE
    ip_match_range?(ip, rule['ipMinimum'], rule['ipMaximum'])
  when RULE_MATCH_SUBNET
    ip_match_subnet?(ip, rule['range'])
  else
    raise ForestAdminAgent::Http::Exceptions::InternalServerError, 'Invalid rule type'
  end
end

#ip_version(ip) ⇒ Object

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 61

def ip_version(ip)
  (IPAddress ip).is_a?(IPAddress::IPv4) ? :ip_v4 : :ip_v6
end

#rules ⇒ Object

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 21

def rules
  fetch_rules if @rules.nil?
  @rules ||= []
end

#same_ip_version?(ip1, ip2) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 57

def same_ip_version?(ip1, ip2)
  ip_version(ip1) == ip_version(ip2)
end

#use_ip_whitelist ⇒ Object

# File 'lib/forest_admin_agent/services/ip_whitelist.rb', line 16

def use_ip_whitelist
  fetch_rules if @use_ip_whitelist.nil?
  @use_ip_whitelist ||= false
end