/**
* Check to see if a user's real email address should be used for the "From" field.
*
* @param object $from The user object for the user we are sending the email from.
* @param object $user The user object that we are sending the email to.
* @param array $alloweddomains An array of allowed domains that we can send email from.
* @return bool Returns true if we can use the from user's email adress in the "From" field.
*/
function can_send_from_real_email_address($from, $user, $alloweddomains)
{
// Email is in the list of allowed domains for sending email,
// and the senders email setting is either displayed to everyone, or display to only other users that are enrolled
// in a course with the sender.
if (\core\ip_utils::is_domain_in_allowed_list(substr($from->email, strpos($from->email, '@') + 1), $alloweddomains) && ($from->maildisplay == core_user::MAILDISPLAY_EVERYONE || $from->maildisplay == core_user::MAILDISPLAY_COURSE_MEMBERS_ONLY && enrol_get_shared_courses($user, $from, false, true))) {
return true;
}
return false;
}
/**
* Validate the contents of the textarea as either IP addresses, domain name or wildcard domain name (RFC 4592).
* Used to validate a new line separated list of entries collected from a textarea control.
*
* This setting provides support for internationalised domain names (IDNs), however, such UTF-8 names will be converted to
* their ascii-compatible encoding (punycode) on save, and converted back to their UTF-8 representation when fetched
* via the get_setting() method, which has been overriden.
*
* @param string $data A list of FQDNs, DNS wildcard format domains, and IP addresses, separated by new lines.
* @return mixed bool true for success or string:error on failure
*/
public function validate($data) {
if (empty($data)) {
return true;
}
$entries = explode("\n", $data);
$badentries = [];
foreach ($entries as $key => $entry) {
$entry = trim($entry);
if (empty($entry)) {
return get_string('validateemptylineerror', 'admin');
}
// Validate each string entry against the supported formats.
if (\core\ip_utils::is_ip_address($entry) || \core\ip_utils::is_ipv6_range($entry)
|| \core\ip_utils::is_ipv4_range($entry) || \core\ip_utils::is_domain_name($entry)
|| \core\ip_utils::is_domain_matching_pattern($entry)) {
continue;
}
// Otherwise, the entry is invalid.
$badentries[] = $entry;
}
if ($badentries) {
return get_string('validateerrorlist', 'admin', join(', ', $badentries));
}
return true;
}
/**
* Test checking domains against a list of allowed domains.
*
* @param bool $expected Expected result
* @param string $domain domain address
* @dataProvider data_domain_addresses
*/
public function test_check_domain_against_allowed_domains($expected, $domain)
{
$alloweddomains = ['example.com', '*.moodle.com', '*.per.this.penny-arcade.com', 'bad.*.url.com', ' trouble.com.au'];
$this->assertEquals($expected, \core\ip_utils::is_domain_in_allowed_list($domain, $alloweddomains));
}
/**
* Helper to get all entries from the admin setting, as an array, sorted by classification.
* Classifications include 'ipv4', 'ipv6', 'domain', 'domainwildcard'.
*
* @return array of host/domain/ip entries from the 'curlsecurityblockedhosts' config.
*/
protected function get_blacklisted_hosts_by_category()
{
// For each of the admin setting entries, check and place in the correct section of the config array.
$config = ['ipv6' => [], 'ipv4' => [], 'domain' => [], 'domainwildcard' => []];
$entries = $this->get_blacklisted_hosts();
foreach ($entries as $entry) {
if (ip_utils::is_ipv6_address($entry) || ip_utils::is_ipv6_range($entry)) {
$config['ipv6'][] = $entry;
} else {
if (ip_utils::is_ipv4_address($entry) || ip_utils::is_ipv4_range($entry)) {
$config['ipv4'][] = $entry;
} else {
if (ip_utils::is_domain_name($entry)) {
$config['domain'][] = $entry;
} else {
if (ip_utils::is_domain_matching_pattern($entry)) {
$config['domainwildcard'][] = $entry;
}
}
}
}
}
return $config;
}
