Class: IPAccess::Net::HTTP

Inherits:

Net::HTTP

• Object
• Net::HTTP
• IPAccess::Net::HTTP

Includes:

Patches::Net::HTTP

Defined in:

lib/ipaccess/ghost_doc/ghost_doc_net_http.rb,
lib/ipaccess/net/http.rb

Overview

Net::HTTP class with IP access control. It uses output access lists and acts the same way as Net::HTTP class but provides special member called acl and a few new instance methods for controlling IP access.

:include:ghost_doc_patched_usage.rb

This documentation doesn’t cover description of all class and instance methods of the original Net::HTTP class, just the patched variants that make use of IP access control.

Examples

Simple method, global access set

require 'ipaccess/net/http'

# blacklist randomseed.pl in global access set
IPAccess::Set::Global.output.blacklist 'randomseed.pl'

# call get_print
IPAccess::Net::HTTP.get_print 'randomseed.pl', '/index.html'

Simple method, shared access set

require 'ipaccess/net/http'

# create access set
acl = IPAccess::Set.new

# blacklist randomseed.pl in shared access set
acl.output.blacklist 'randomseed.pl'

call get_print with shared access set passed
IPAccess::Net::HTTP.get_print 'randomseed.pl', '/index.html', acl

Class method start, shared access set

require 'ipaccess/net/http'
require 'uri'

# create access set
acl = IPAccess::Set.new

# blacklist randomseed.pl in shared access set
acl.output.blacklist 'randomseed.pl'

# parse URI
url = URI.parse('http://randomseed.pl/index.html')

# call start passing shared access set
res = IPAccess::Net::HTTP.start(url.host, url.port, acl) { |http|
  http.get("/")
}

Generic method, private access set

require 'ipaccess/net/http'

# create new GET request
req = Net::HTTP::Get.new('/index.html')           

htt = IPAccess::Net::HTTP.new('randomseed.pl',        # create Net::HTTP variant
                              80,                     
                              :private)               # with private access set

htt.blacklist 'randomseed.pl'                         # blacklist randomseed.pl and re-check
res = htt.start { |http|                              # start HTTP session
  http.request(req)                                   # and send the request
}

Generic method, shared access set, single object patched

require 'ipaccess/net/http'

# create custom access set with one blacklisted IP
acl = IPAccess::Set.new
acl.output.blacklist 'randomseed.pl'

# create HTTP request and Net::HTTP object
req = Net::HTTP::Get.new("/")
htt = Net::HTTP.new(url.host, url.port)

# patch newly created object
IPAccess.arm htt, acl

# start HTTP session
res = htt.start { |http|
  http.request(req)
}

Simple method, shared access set, class patched

require 'ipaccess/net/http'

# blacklist randomseed.pl in shared access set
acl = IPAccess::Set.new
acl.output.blacklist 'randomseed.pl'

# patch whole Net::HTTP class
IPAccess.arm Net::HTTP

# call get_print with passed access set
Net::HTTP.get_print 'randomseed.pl', '/index.html', acl

Instance Attribute Summary

• #acl ⇒ Object

  :include:ghost_doc_acl.rb === Example.

Attributes included from Patches::ACL

#opened_on_deny

Class Method Summary

• .get_response ⇒ Object

  :call-seq: get_response(uri_or_host, path, port, acl) {|http| …}|<br /> get_response(uri_or_host, path, acl) {|http| …}<br /> get_response(uri_or_host, acl) {|http| …}<br /> get_response(uri_or_host, path = nil, port = nil) {|http| …} Sends a GET request to the target and return the response as a Net::HTTPResponse object.

• .start ⇒ Object

  :call-seq: start(address, acl) {|http| …}<br /> start(address, port, acl) {|http| …}<br /> start(address, port, p_addr, acl) {|http| …}<br /> start(address, port , p_addr, p_port, acl) {|http| …}<br /> start(address, port, p_addr, p_port, p_user, p_pass, acl) {|http| …}<br /> start(address, port = nil, p_addr = nil, p_port = nil, p_user = nil, p_pass = nil) {|http| …}.

Instance Method Summary

• #acl_recheck ⇒ Object

  This method allows you to re-check access on demad.

• #blacklist ⇒ Object (also: #add_black, #deny, #block)

  :include:ghost_doc_p_blacklist.rb.

• #blacklist! ⇒ Object (also: #add_black!, #deny!, #block!)

  :include:ghost_doc_p_blacklist_e.rb.

• #blacklist_reasonable(reason, *addresses) ⇒ Object

  This method works like blacklist but allows to set reason.

• #blacklist_reasonable!(reason, *addresses) ⇒ Object

  This method works like blacklist! but allows to set reason.

• #initialize ⇒ HTTP constructor

  :call-seq: new(address)<br /> new(address, acl) <br /> new(address, port, acl).

• #unblacklist ⇒ Object (also: #unblock, #del_black)

  :include:ghost_doc_p_unblacklist.rb.

• #unblacklist! ⇒ Object (also: #unblock!, #del_black!)

  :include:ghost_doc_p_unblacklist_e.rb.

• #unwhitelist ⇒ Object (also: #del_white)

  :include:ghost_doc_p_unwhitelist.rb.

• #unwhitelist! ⇒ Object (also: #del_white!)

  :include:ghost_doc_p_unwhitelist_e.rb.

• #whitelist ⇒ Object

  :include:ghost_doc_p_whitelist.rb.

• #whitelist! ⇒ Object

  :include:ghost_doc_p_whitelist_e.rb.

• #whitelist_reasonable(reason, *addresses) ⇒ Object

  This method works like whitelist but allows to set reason.

• #whitelist_reasonable!(reason, *addresses) ⇒ Object

  This method works like whitelist! but allows to set reason.

Methods included from Patches::ACL

#__ipa_wrap_socket_call, #close_on_deny, #close_on_deny=, #default_list, #terminate, #valid_acl?

Constructor Details

#initialize ⇒ HTTP

:call-seq:

new(address)<br />
new(address, acl) <br />
new(address, port, acl)

Creates a new object for the specified address. This method does not open the TCP connection. It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 227

def initialize
  # Real code hidden.
end

Instance Attribute Details

#acl ⇒ Object

:include:ghost_doc_acl.rb

Example

require 'ipaccess/net/http'                         # load Net::HTTP variant

http = IPAccess::Net::HTTP.new('randomseed.pl', 80) # create HTTP object

http.acl = :global                      # use global access set
http.acl = :private                     # create and use individual access set
http.acl = IPAccess::Set.new                 # use external (shared) access set

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 201

def acl
  @acl
end

Class Method Details

.get_response ⇒ Object

:call-seq:

get_response(uri_or_host, path, port, acl) <tt>{|http| …}</tt>|<br />
get_response(uri_or_host, path, acl) <tt>{|http| …}</tt><br />
get_response(uri_or_host, acl) <tt>{|http| …}</tt><br />
get_response(uri_or_host, path = nil, port = nil) <tt>{|http| …}</tt>

Sends a GET request to the target and return the response as a Net::HTTPResponse object. The target can either be specified as (uri), or as (host, path, port = 80). It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 268

def self.get_response
  # Real code hidden.
end

.start ⇒ Object

:call-seq:

start(address, acl) <tt>{|http| …}</tt><br />
start(address, port, acl) <tt>{|http| …}</tt><br />
start(address, port, p_addr, acl) <tt>{|http| …}</tt><br />
start(address, port , p_addr, p_port, acl) <tt>{|http| …}</tt><br />
start(address, port, p_addr, p_port, p_user, p_pass, acl) <tt>{|http| …}</tt><br />
start(address, port = nil, p_addr = nil, p_port = nil, p_user = nil, p_pass = nil) <tt>{|http| …}</tt>

Creates a new object and opens its TCP connection and HTTP session. If the optional block is given, the newly created Net::HTTP object is passed to it and closed when the block finishes. In this case, the return value of this method is the return value of the block. If no block is given, the return value of this method is the newly created Net::HTTP object itself, and the caller is responsible for closing it upon completion. It optionally sets an access set given as the last parameter. If parameter is not given it sets ACL to IPAccess::Set.Global.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 251

def self.start
  # Real code hidden.
end

Instance Method Details

#acl_recheck ⇒ Object

This method allows you to re-check access on demad. It uses internal socket’s address and access set assigned to an object. It will close your communication session before throwing an exception in case of denied access – you can prevent it by setting the flag opened_on_deny to true. The flag can be set while initializing object (through argument :opened_on_deny) or by setting the attribute.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 212

def acl_recheck
  # Real code hidden.
end

#blacklist ⇒ Object Also known as: add_black, deny, block

:include:ghost_doc_p_blacklist.rb

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 146

def blacklist; end

#blacklist! ⇒ Object Also known as: add_black!, deny!, block!

:include:ghost_doc_p_blacklist_e.rb

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 143

def blacklist!; end

#blacklist_reasonable(reason, *addresses) ⇒ Object

This method works like blacklist but allows to set reason.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 187

def blacklist_reasonable(reason, *addresses); end

#blacklist_reasonable!(reason, *addresses) ⇒ Object

This method works like blacklist! but allows to set reason.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 183

def blacklist_reasonable!(reason, *addresses); end

#unblacklist ⇒ Object Also known as: unblock, del_black

:include:ghost_doc_p_unblacklist.rb

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 158

def unblacklist; end

#unblacklist! ⇒ Object Also known as: unblock!, del_black!

:include:ghost_doc_p_unblacklist_e.rb

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 155

def unblacklist!; end

#unwhitelist ⇒ Object Also known as: del_white

:include:ghost_doc_p_unwhitelist.rb

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 152

def unwhitelist; end

#unwhitelist! ⇒ Object Also known as: del_white!

:include:ghost_doc_p_unwhitelist_e.rb

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 149

def unwhitelist!; end

#whitelist ⇒ Object

:include:ghost_doc_p_whitelist.rb

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 140

def whitelist; end

#whitelist! ⇒ Object

:include:ghost_doc_p_whitelist_e.rb

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 137

def whitelist!; end

#whitelist_reasonable(reason, *addresses) ⇒ Object

This method works like whitelist but allows to set reason.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 179

def whitelist_reasonable(reason, *addresses); end

#whitelist_reasonable!(reason, *addresses) ⇒ Object

This method works like whitelist! but allows to set reason.

# File 'lib/ipaccess/ghost_doc/ghost_doc_net_http.rb', line 175

def whitelist_reasonable!(reason, *addresses); end