Exemple #1
0
 /**
  * @dataProvider listProvider
  */
 public function testLists($list, $ips, $expectedResults)
 {
     $firewall = new FirewallClass();
     $firewall->addList($list, 'list', true);
     foreach ($ips as $key => $ip) {
         $result = $firewall->setIpAddress($ip)->handle();
         $this->assert->boolean($result)->isIdenticalTo($expectedResults[$key]);
     }
 }
 /**
  * Execute the middleware.
  *
  * @param ServerRequestInterface $request
  * @param ResponseInterface      $response
  * @param callable               $next
  *
  * @return ResponseInterface
  */
 public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
 {
     if (!self::hasAttribute($request, ClientIp::KEY)) {
         throw new RuntimeException('Firewall middleware needs ClientIp executed before');
     }
     $ips = ClientIp::getIps($request) ?: [];
     $firewall = new IpFirewall();
     if (!empty($this->trusted)) {
         $firewall->addList($this->trusted, 'trusted', true);
     }
     if (!empty($this->untrusted)) {
         $firewall->addList($this->untrusted, 'untrusted', false);
     }
     foreach ($ips as $ip) {
         $ok = $firewall->setIpAddress($ip)->handle();
         if (!$ok) {
             return $response->withStatus(403);
         }
     }
     return $next($request, $response);
 }
Exemple #3
0
 /**
  * Do the actual deployment
  * Will exit with the right HTTP code whenever something.
  * Will only return after a succesful deployment.
  */
 public function run()
 {
     try {
         if (!$this->firewall->setIpAddress(@$_SERVER['REMOTE_ADDR'])->handle()) {
             header('HTTP/1.0 403 Forbidden');
             echo '<h1>403 Forbidden</h1>' . PHP_EOL;
             exit;
         }
         if (count($this->users) > 0) {
             $username = @$_SERVER['PHP_AUTH_USER'];
             $user = isset($this->users[$username]) ? $this->users[$username] : null;
             if (is_null($user) || !$user->authenticate(@$_SERVER['PHP_AUTH_PW'])) {
                 header('WWW-Authenticate: Basic realm="DeployHook"');
                 header('HTTP/1.0 401 Unauthorized');
                 echo '<h1>401 Unauthorized</h1>' . PHP_EOL;
                 exit;
             }
         }
         if (getenv('PATH') === false) {
             // Try common UNIX directories
             putenv('PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin');
         }
         $cwd = getcwd();
         chdir($this->rootPath);
         ob_start();
         // For debugging purposes only
         $this->executeCommand('pwd');
         $this->executeCommand('whoami');
         $output = $this->executeCommand('git status --short --branch');
         $firstLine = strtok($output, PHP_EOL);
         if (!preg_match('/^## (\\S+)\\.{3}(\\S+)\\/(\\S+)(\\s+.*)?$/', $firstLine, $matches)) {
             throw new \RuntimeException('Could not parse git status output');
         }
         $branch = $matches[1];
         $remote = $matches[2];
         $trackingBranch = $remote . '/' . $matches[3];
         echo '<i>Tracking branch is ' . $trackingBranch . '.</i><br/>' . PHP_EOL;
         $this->executeCommand('git remote --verbose show -n ' . $remote . ' | head -3');
         if ($this->revertLocalChanges) {
             // Revert local changes to mirror the tracking branch (so a merge can be fast forwarded)
             $this->executeCommand('git reset --hard ' . $trackingBranch);
             $this->executeCommand('git clean -d --force');
         }
         // Try a fast-forward merge
         $this->executeCommand('git pull --no-rebase --ff-only');
         // Sync / update submodules
         $this->executeCommand('git submodule sync');
         $this->executeCommand('git submodule update');
         if (file_exists('composer.json')) {
             if (file_exists('composer.phar')) {
                 $composer = './composer.phar';
                 $this->executeCommand("{$composer} self-update");
             } else {
                 exec('which composer', $output, $return);
                 if ($return == 0) {
                     $composer = 'composer';
                 } else {
                     exec('which composer.phar', $output, $return);
                     if ($return == 0) {
                         $composer = 'composer.phar';
                     } else {
                         // Attempt to install composer.phar in the root
                         $installer = file_get_contents('https://getcomposer.org/installer');
                         $php = popen('php', 'w');
                         fwrite($php, $installer);
                         $return = pclose($php);
                         if ($return != 0) {
                             throw new \RuntimeException('Installing composer failed');
                         }
                         $composer = './composer.phar';
                     }
                 }
             }
             $this->executeCommand("{$composer} --no-ansi --no-dev --no-interaction --optimize-autoloader install");
         }
         if (count($this->postDeployCommands) > 0) {
             echo '<i>Executing post-deploy commands:</i><br/>' . PHP_EOL;
             foreach ($this->postDeployCommands as $command) {
                 $this->executeCommand($command);
             }
         }
     } catch (\Exception $exception) {
         $output = ob_get_clean();
         header('HTTP/1.0 500 Internal Server Error');
         echo '<h1>500 Internal Server Error</h1>' . PHP_EOL;
         echo $output;
         echo '<br/><font color="#f00">ERROR: ' . $exception->getMessage() . '</font>' . PHP_EOL;
         exit;
     }
     $output = ob_get_clean();
     chdir($cwd);
     echo '<h1>Deployment succesful</h1>' . PHP_EOL;
     echo $output;
 }