Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature/whitelist #477

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions app/Factories/LinkFactory.php
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ public static function createLink($long_url, $is_secret=false, $custom_ending=nu
* @return string $formatted_link
*/

// $lh = new LinkHelper(); // TODO: remove static access

if (strlen($long_url) > self::MAXIMUM_LINK_LENGTH) {
// If $long_url is longer than the maximum length, then
// throw an Exception
Expand All @@ -62,6 +64,22 @@ public static function createLink($long_url, $is_secret=false, $custom_ending=nu
return self::formatLink($existing_link);
}

if (!empty(env('SETTING_WHITELISTED_DOMAINS'))) {
// TODO: remove static access? maybe for all funct calls?
// $is_whitelisted = $lh::checkAuthUrl($long_url, env('SETTING_WHITELISTED_DOMAINS'));
$is_whitelisted = LinkHelper::checkAuthUrl($long_url, env('SETTING_WHITELISTED_DOMAINS'));
if (!$is_whitelisted) {
throw new \Exception('Sorry, only links from the whitelist are supported for shortening.');
}
}

if (!empty(env('SETTING_BLACKLISTED_DOMAINS'))) {
$is_blacklisted = !LinkHelper::checkAuthUrl($long_url, env('SETTING_BLACKLISTED_DOMAINS'));
if (!$is_blacklisted) {
throw new \Exception('Sorry, links from the blacklist are not permitted for shortening.');
}
}

if (isset($custom_ending) && $custom_ending !== '') {
// has custom ending
$ending_conforms = LinkHelper::validateEnding($custom_ending);
Expand Down
26 changes: 25 additions & 1 deletion app/Helpers/LinkHelper.php
Original file line number Diff line number Diff line change
Expand Up @@ -142,4 +142,28 @@ static public function findSuitableEnding() {

return $base_x_val;
}
}

static public function checkAuthUrl($long_link, $auth_ls) {
/**
* @param long_link a long link (string)
* @param auth_ls a list of (un)authorized urls for shortening
* checks whether the link is authorized or not
* @return boolean
*/

$auth_urls = explode(',', $auth_ls);
// echo "<script>console.log( 'ST_WHITELISTED_DOMAINS var_export: " . var_export(env('ST_WHITELISTED_DOMAINS'), true) . " ' );</script>";
// foreach ($auth_urls as $x) {echo "<script>console.log( 'ST_WHITELISTED_DOMAINS 8: " . $x . " ' );</script>";}

$url_host = parse_url($long_link, PHP_URL_HOST);
// echo "<script>console.log( 'url_host: " . print_r($url_host, true) . " ' );</script>";

foreach ($auth_urls as $auth_url) {
if (preg_match($auth_url, $url_host)) {
return true;
}
}
return false;
}

}
36 changes: 35 additions & 1 deletion app/Http/Controllers/SetupController.php
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,31 @@ public static function displaySetupPage(Request $request) {
return view('setup');
}

public static function createRegexForDomains($url) {
/**
* @param $url a tld domain (string)
* creates the corresponding regex
* @return string
*/

$url_arr = explode(',', $url);

// escapes all non word characters
$add_escapes = function ($url) { return preg_replace("/(?:(\w*)(\W)(\w*))/m", '$1\\\$2$3', $url); };
// replaces "*." in front of a domain with the regex for subdomains
$add_sub_domain = function ($url) { return preg_replace("/^(\\\\\*\\\\\.)(.*)$/m", '(?:.+\\\.)*$2', $url); };
// adds the missing regex syntax surrounding the actual regex
$add_start_end = function ($url) { return preg_replace("/^(.*)$/m", '/^$1\$/m', $url); };

$url_arr = array_map($add_escapes, $url_arr);
$url_arr = array_map($add_sub_domain, $url_arr);
$url_arr = array_map($add_start_end, $url_arr);

$url_regex = implode(',', $url_arr);

return $url_regex;
}

public static function performSetup(Request $request) {
if (env('POLR_SETUP_RAN')) {
return self::setupAlreadyRan();
Expand Down Expand Up @@ -119,6 +144,13 @@ public static function performSetup(Request $request) {
$st_restrict_email_domain = $request->input('setting:restrict_email_domain');
$st_allowed_email_domains = $request->input('setting:allowed_email_domains');

// sets the variables for the white/blacklist to '' or the corresponding regex
$st_whitelisted_domains = empty($request->input('setting:whitelisted_domains')) ? '' :
self::createRegexForDomains($request->input('setting:whitelisted_domains'));
$st_blacklisted_domains = empty($request->input('setting:blacklisted_domains')) ? '' :
self::createRegexForDomains($request->input('setting:blacklisted_domains'));


$st_base = $request->input('setting:base');
$st_auto_api_key = $request->input('setting:auto_api_key');
$st_anon_api = $request->input('setting:anon_api');
Expand Down Expand Up @@ -167,6 +199,8 @@ public static function performSetup(Request $request) {
'ST_ALLOWED_EMAIL_DOMAINS' => $st_allowed_email_domains,
'POLR_RECAPTCHA_SITE_KEY' => $polr_recaptcha_site_key,
'POLR_RECAPTCHA_SECRET' => $polr_recaptcha_secret_key,
'ST_WHITELISTED_DOMAINS' => $st_whitelisted_domains,
'ST_BLACKLISTED_DOMAINS' => $st_blacklisted_domains,

'MAIL_ENABLED' => $mail_enabled,
'MAIL_HOST' => $mail_host,
Expand Down Expand Up @@ -248,4 +282,4 @@ public static function finishSetup(Request $request) {

return view('setup_thanks')->with('success', 'Set up completed! Thanks for using Polr!');
}
}
}
7 changes: 7 additions & 0 deletions resources/views/env.blade.php
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,13 @@
# reCAPTCHA secret key
POLR_RECAPTCHA_SECRET_KEY="{{$POLR_RECAPTCHA_SECRET}}"

# A comma-separated list of whitelisted domains
SETTING_WHITELISTED_DOMAINS={{$ST_WHITELISTED_DOMAINS}}

# A comma-separated list of blacklisted domains
SETTING_BLACKLISTED_DOMAINS={{$ST_BLACKLISTED_DOMAINS}}


# Set each to blank to disable mail
@if($MAIL_ENABLED)
MAIL_DRIVER=smtp
Expand Down
14 changes: 13 additions & 1 deletion resources/views/setup.blade.php
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,18 @@
</p>
<input type='text' class='form-control' name='setting:allowed_email_domains' placeholder='company.com,company-corp.com'>

<p>
Whitelisted Domains:
<setup-tooltip content='A comma-separated list of whitelisted domains. To include subdomains use "*." as prefix (eg.: *.example.com)'></setup-tooltip>
</p>
<input type='text' class='form-control' name='setting:whitelisted_domains' placeholder='company.com,*.example.com'>

<p>
Blacklisted Domains:
<setup-tooltip content='A comma-separated list of blacklisted domains. To include subdomains use "*." as prefix (eg.: *.example.com)'></setup-tooltip>
</p>
<input type='text' class='form-control' name='setting:blacklisted_domains' placeholder='company.com,*.example.com'>

<p>
Password Recovery:
<setup-tooltip content="Password recovery allows users to reset their password through email."></setup-tooltip>
Expand Down Expand Up @@ -288,4 +300,4 @@
<script src='/js/angular.min.js'></script>
<script src='/js/base.js'></script>
<script src='/js/SetupCtrl.js'></script>
@endsection
@endsection