/** * Get the throttling delay (in milliseconds) * * @param string $username * @param string $ip * @param string $action * @return int */ public function getDelay(string $username, string $ip, string $action = self::ACTION_LOGIN) : int { $attempts = (int) $this->db->cell('SELECT count(*) FROM airship_failed_logins WHERE action = ? AND ( username = ? OR subnet = ? ) AND occurred > ? ', $action, $username, $this->getSubnet($ip), (new \DateTime())->sub($this->getCutoff((int) ($this->config['expire'] ?? 43200)))->format(\AIRSHIP_DATE_FORMAT)); if ($attempts === 0) { return 0; } $max = (int) ($this->config['max-delay'] ?? 30); $value = (double) ($this->config['first-delay'] ?? 0.25); if ($attempts > 8 * PHP_INT_SIZE - 1) { // Don't ever overflow. Just assume the max time:s $value = $max; } else { $value *= 2 ** $attempts; if ($value > $max) { $value = $max; } } return (int) \ceil($value * 1000); }
/** * Is this user a super user? Do they belong in a superuser group? * * @param int $user_id - User ID * @param bool $ignore_groups - Don't look at their groups * @return bool */ public function isSuperUser(int $user_id = 0, bool $ignore_groups = false) : bool { if (empty($user_id)) { // We can short-circuit this for guests... return false; } $statements = ['check_user' => \Airship\queryStringRoot('security.permissions.is_superuser_user', $this->db->getDriver()), 'check_groups' => \Airship\queryStringRoot('security.permissions.is_superuser_group', $this->db->getDriver())]; if ($this->db->cell($statements['check_user'], $user_id) > 0) { return true; } elseif (!$ignore_groups) { return $this->db->cell($statements['check_groups'], $user_id) > 0; } return false; }