Check IP in registrar

2025-07-24 19:48:28 +02:00 · 2015-05-20 15:43:25 +03:00 · 2015-05-20 15:43:25 +03:00 · 940355a417
commit 940355a417
parent 19e133ec6a
4 changed files with 33 additions and 2 deletions
--- a/app/controllers/registrar/sessions_controller.rb
+++ b/app/controllers/registrar/sessions_controller.rb
@ -5,6 +5,8 @@ class Registrar::SessionsController < ::SessionsController
    false
  end

+  before_action :check_ip
+
  def login
    @depp_user = Depp::User.new
  end
@ -139,4 +141,11 @@ class Registrar::SessionsController < ::SessionsController
    return User.new unless idc
    ApiUser.find_by(identity_code: idc) || User.new
  end
+
+  private
+
+  def check_ip
+    return if WhiteIp.registrar_ip_white?(request.ip)
+    render text: t('ip_is_not_whitelisted') and return
+  end
 end
--- a/app/controllers/registrar_controller.rb
+++ b/app/controllers/registrar_controller.rb
@ -1,5 +1,6 @@
 class RegistrarController < ApplicationController
-  before_action :authenticate_user!
+  before_action :authenticate_user!, :check_ip
+  # before_action :check_ip
  layout 'registrar/application'

  include Registrar::ApplicationHelper
@ -9,6 +10,14 @@ class RegistrarController < ApplicationController
    false
  end

+  def check_ip
+    return unless current_user
+    return if current_user.registrar.registrar_ip_white?(request.ip)
+    flash[:alert] = t('ip_is_not_whitelisted')
+    sign_out(current_user)
+    redirect_to registrar_login_path and return
+  end
+
  helper_method :head_title_sufix
  def head_title_sufix
    t(:registrar_head_title_sufix)
--- a/app/models/depp/user.rb
+++ b/app/models/depp/user.rb
@ -84,7 +84,7 @@ module Depp
      res = server.send_request(xml)

      if Nokogiri::XML(res).css('result').first['code'] != '1000'
-        errors.add(:base, :authorization_error)
+        errors.add(:base, Nokogiri::XML(res).css('result').text)
      end

      server.close_connection
--- a/app/models/white_ip.rb
+++ b/app/models/white_ip.rb
@ -24,4 +24,17 @@ class WhiteIp < ActiveRecord::Base
  scope :repp, -> { where(interface: REPP) }
  scope :registrar, -> { where(interface: REGISTRAR) }
  scope :global, -> { where(interface: GLOBAL) }
+
+  class << self
+    def registrar_ip_white?(ip)
+      at = WhiteIp.arel_table
+      WhiteIp.where(
+        at[:interface].eq(REGISTRAR).or(
+          at[:interface].eq(GLOBAL)
+        ).and(
+          at[:ipv4].eq(ip)
+        )
+      )
+    end
+  end
 end