/** * Checks whether the Web user is allowed to perform the specified action. * @param Action $action the action to be performed * @param User $user the user object * @param Request $request * @return boolean|null true if the user is allowed, false if the user is denied, null if the rule does not apply to the user */ public function allows($action, $user, $request) { if ($this->matchAction($action) && $this->matchRole($user) && $this->matchIP($request->getUserIP()) && $this->matchVerb($request->getMethod()) && $this->matchController($action->controller) && $this->matchCustom($action)) { return $this->allow ? true : false; } else { return null; } }
public function getUserIP() { return empty($_SERVER["HTTP_CF_CONNECTING_IP"]) ? empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? parent::getUserIP() : $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER["HTTP_CF_CONNECTING_IP"]; }