Update front controllers with better logic and support for environmen…

…t specific middlewares
joebordes · May 17, 2016 · 2a8923f · 2a8923f
1 parent 2a9390a
commit 2a8923f
Show file tree

Hide file tree

Showing 10 changed files with 244 additions and 154 deletions.
diff --git a/app/autoload.php b/app/autoload.php
@@ -5,20 +5,6 @@
 use Doctrine\Common\Annotations\AnnotationRegistry;
 use Composer\Autoload\ClassLoader;
 
-/** @deprecated When 5.6 is PHP minimum */
-if(! function_exists('hash_equals')) {
-    function hash_equals($str1, $str2) {
-        if(strlen($str1) != strlen($str2)) {
-            return false;
-        } else {
-            $res = $str1 ^ $str2;
-            $ret = 0;
-            for($i = strlen($res) - 1; $i >= 0; $i--) $ret |= ord($res[$i]);
-            return ! $ret;
-        }
-    }
-}
-
 /**
  * @var ClassLoader $loader
  */

diff --git a/app/middlewares/CatchExceptionMiddleware.php b/app/middlewares/CatchExceptionMiddleware.php
@@ -17,7 +17,7 @@
 
 class CatchExceptionMiddleware implements HttpKernelInterface, PrioritizedMiddlewareInterface
 {
-    const PRIORITY = 1;
+    const PRIORITY = 100;
 
     /**
      * @var HttpKernelInterface

diff --git a/app/middlewares/Dev/IpRestrictMiddleware.php b/app/middlewares/Dev/IpRestrictMiddleware.php
@@ -0,0 +1,70 @@
+<?php
+
+/**
+ * @package     Mautic
+ * @copyright   2016 Mautic Contributors. All rights reserved.
+ * @author      Mautic
+ * @link        http://mautic.org
+ * @license     GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
+ */
+
+namespace Mautic\Middleware\Dev;
+
+use Mautic\Middleware\PrioritizedMiddlewareInterface;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\HttpKernelInterface;
+
+class IpRestrictMiddleware implements HttpKernelInterface, PrioritizedMiddlewareInterface
+{
+    const PRIORITY = 20;
+
+    /**
+     * @var HttpKernelInterface
+     */
+    protected $app;
+
+    /**
+     * @var array
+     */
+    protected $allowedIps;
+
+    /**
+     * CatchExceptionMiddleware constructor.
+     *
+     * @param HttpKernelInterface $app
+     */
+    public function __construct(HttpKernelInterface $app)
+    {
+        $this->app = $app;
+        $this->allowedIps = ['127.0.0.1', 'fe80::1', '::1'];
+
+        if (isset($_SERVER['MAUTIC_DEV_HOSTS'])) {
+            $localIps         = explode(' ', $_SERVER['MAUTIC_DEV_HOSTS']);
+            $this->allowedIps = array_merge($this->allowedIps, $localIps);
+        }
+    }
+
+    /**
+     * This check prevents access to debug front controllers
+     * that are deployed by accident to production servers.
+     *
+     * {@inheritdoc}
+     */
+    public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = true)
+    {
+        if (in_array($request->getClientIp(), $this->allowedIps)) {
+            return $this->app->handle($request, $type, $catch);
+        }
+
+        return new Response('You are not allowed to access this file.', 403);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getPriority()
+    {
+        return self::PRIORITY;
+    }
+}
diff --git a/app/middlewares/MiddlewareBuilder.php b/app/middlewares/MiddlewareBuilder.php
@@ -17,14 +17,29 @@ class MiddlewareBuilder
 {
     protected $specs;
 
-    public function __construct()
+    public function __construct($env = 'prod')
     {
         $this->specs = new \SplPriorityQueue();
 
         $middlewares = glob(__DIR__ . '/*Middleware.php');
-
+
+        $this->addMiddlewares($middlewares);
+
+        if ($envMiddlewares = glob(__DIR__ . '/' . ucfirst($env) . '/*Middleware.php')) {
+            $this->addMiddlewares($envMiddlewares, $env);
+        }
+    }
+
+    public function addMiddlewares(array $middlewares, $env = null)
+    {
+        $prefix = 'Mautic\\Middleware\\';
+
+        if ($env) {
+            $prefix .= ucfirst($env) . '\\';
+        }
+
         foreach ($middlewares as $middleware) {
-            $this->push('Mautic\\Middleware\\' . basename(substr($middleware, 0, -4)));
+            $this->push($prefix . basename(substr($middleware, 0, -4)));
         }
     }
 

diff --git a/...middlewares/SetMauticHeaderMiddleware.php → ...ewares/Prod/SetMauticHeaderMiddleware.php b/...middlewares/SetMauticHeaderMiddleware.php → ...ewares/Prod/SetMauticHeaderMiddleware.php
@@ -8,14 +8,15 @@
  * @license     GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
  */
 
-namespace Mautic\Middleware;
+namespace Mautic\Middleware\Prod;
 
+use Mautic\Middleware\PrioritizedMiddlewareInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
 
 class SetMauticHeaderMiddleware implements HttpKernelInterface, PrioritizedMiddlewareInterface
 {
-    const PRIORITY = 2;
+    const PRIORITY = 20;
 
     /**
      * @var HttpKernelInterface

diff --git a/app/middlewares/VersionCheckMiddleware.php b/app/middlewares/VersionCheckMiddleware.php
@@ -0,0 +1,66 @@
+<?php
+
+/**
+ * @package     Mautic
+ * @copyright   2016 Mautic Contributors. All rights reserved.
+ * @author      Mautic
+ * @link        http://mautic.org
+ * @license     GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
+ */
+
+namespace Mautic\Middleware;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\HttpKernelInterface;
+
+class VersionCheckMiddleware implements HttpKernelInterface, PrioritizedMiddlewareInterface
+{
+    const PRIORITY = 10;
+
+    const MAUTIC_MINIMUM_PHP = '5.6.19';
+    const MAUTIC_MAXIMUM_PHP = '7.0.999';
+
+    /**
+     * @var HttpKernelInterface
+     */
+    protected $app;
+
+    /**
+     * CatchExceptionMiddleware constructor.
+     *
+     * @param HttpKernelInterface $app
+     */
+    public function __construct(HttpKernelInterface $app)
+    {
+        $this->app = $app;
+    }
+
+    /**
+     * Check Minimum / Maximum PHP versions
+     *
+     * {@inheritdoc}
+     */
+    public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = true)
+    {
+        // Are we running the minimum version?
+        if (version_compare(PHP_VERSION, self::MAUTIC_MINIMUM_PHP, 'lt')) {
+            return new Response('Your server does not meet the minimum PHP requirements. Mautic requires PHP version '.self::MAUTIC_MINIMUM_PHP.' while your server has '.PHP_VERSION.'. Please contact your host to update your PHP installation.', 500);
+        }
+
+        // Are we running a version newer than what Mautic supports?
+        if (version_compare(PHP_VERSION, self::MAUTIC_MAXIMUM_PHP, 'gt')) {
+            return new Response('Mautic does not support PHP version '.PHP_VERSION.' at this time. To use Mautic, you will need to downgrade to an earlier version.', 500);
+        }
+
+        return $this->app->handle($request, $type, $catch);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getPriority()
+    {
+        return self::PRIORITY;
+    }
+}
diff --git a/composer.json b/composer.json
@@ -15,7 +15,7 @@
         ]
     },
     "require": {
-        "php": "~5.4.9",
+        "php": "~5.6.19",
 
         "symfony/console": "~2.8",
         "symfony/debug": "~2.8",
@@ -30,6 +30,7 @@
         "symfony/yaml": "~2.8",
         "symfony/property-access": "~2.8",
         "symfony/dom-crawler": "~2.8",
+        "symfony/browser-kit": "~2.8",
 
         "symfony/asset": "~2.7",
         "symfony/class-loader": "~2.1",