/**
* @dataProvider listProvider
*/
public function testLists($list, $ips, $expectedResults)
{
$firewall = new FirewallClass();
$firewall->addList($list, 'list', true);
foreach ($ips as $key => $ip) {
$result = $firewall->setIpAddress($ip)->handle();
$this->assert->boolean($result)->isIdenticalTo($expectedResults[$key]);
}
}
/**
* Execute the middleware.
*
* @param ServerRequestInterface $request
* @param ResponseInterface $response
* @param callable $next
*
* @return ResponseInterface
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
if (!self::hasAttribute($request, ClientIp::KEY)) {
throw new RuntimeException('Firewall middleware needs ClientIp executed before');
}
$ips = ClientIp::getIps($request) ?: [];
$firewall = new IpFirewall();
if (!empty($this->trusted)) {
$firewall->addList($this->trusted, 'trusted', true);
}
if (!empty($this->untrusted)) {
$firewall->addList($this->untrusted, 'untrusted', false);
}
foreach ($ips as $ip) {
$ok = $firewall->setIpAddress($ip)->handle();
if (!$ok) {
return $response->withStatus(403);
}
}
return $next($request, $response);
}
/**
* Do the actual deployment
* Will exit with the right HTTP code whenever something.
* Will only return after a succesful deployment.
*/
public function run()
{
try {
if (!$this->firewall->setIpAddress(@$_SERVER['REMOTE_ADDR'])->handle()) {
header('HTTP/1.0 403 Forbidden');
echo '<h1>403 Forbidden</h1>' . PHP_EOL;
exit;
}
if (count($this->users) > 0) {
$username = @$_SERVER['PHP_AUTH_USER'];
$user = isset($this->users[$username]) ? $this->users[$username] : null;
if (is_null($user) || !$user->authenticate(@$_SERVER['PHP_AUTH_PW'])) {
header('WWW-Authenticate: Basic realm="DeployHook"');
header('HTTP/1.0 401 Unauthorized');
echo '<h1>401 Unauthorized</h1>' . PHP_EOL;
exit;
}
}
if (getenv('PATH') === false) {
// Try common UNIX directories
putenv('PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin');
}
$cwd = getcwd();
chdir($this->rootPath);
ob_start();
// For debugging purposes only
$this->executeCommand('pwd');
$this->executeCommand('whoami');
$output = $this->executeCommand('git status --short --branch');
$firstLine = strtok($output, PHP_EOL);
if (!preg_match('/^## (\\S+)\\.{3}(\\S+)\\/(\\S+)(\\s+.*)?$/', $firstLine, $matches)) {
throw new \RuntimeException('Could not parse git status output');
}
$branch = $matches[1];
$remote = $matches[2];
$trackingBranch = $remote . '/' . $matches[3];
echo '<i>Tracking branch is ' . $trackingBranch . '.</i><br/>' . PHP_EOL;
$this->executeCommand('git remote --verbose show -n ' . $remote . ' | head -3');
if ($this->revertLocalChanges) {
// Revert local changes to mirror the tracking branch (so a merge can be fast forwarded)
$this->executeCommand('git reset --hard ' . $trackingBranch);
$this->executeCommand('git clean -d --force');
}
// Try a fast-forward merge
$this->executeCommand('git pull --no-rebase --ff-only');
// Sync / update submodules
$this->executeCommand('git submodule sync');
$this->executeCommand('git submodule update');
if (file_exists('composer.json')) {
if (file_exists('composer.phar')) {
$composer = './composer.phar';
$this->executeCommand("{$composer} self-update");
} else {
exec('which composer', $output, $return);
if ($return == 0) {
$composer = 'composer';
} else {
exec('which composer.phar', $output, $return);
if ($return == 0) {
$composer = 'composer.phar';
} else {
// Attempt to install composer.phar in the root
$installer = file_get_contents('https://getcomposer.org/installer');
$php = popen('php', 'w');
fwrite($php, $installer);
$return = pclose($php);
if ($return != 0) {
throw new \RuntimeException('Installing composer failed');
}
$composer = './composer.phar';
}
}
}
$this->executeCommand("{$composer} --no-ansi --no-dev --no-interaction --optimize-autoloader install");
}
if (count($this->postDeployCommands) > 0) {
echo '<i>Executing post-deploy commands:</i><br/>' . PHP_EOL;
foreach ($this->postDeployCommands as $command) {
$this->executeCommand($command);
}
}
} catch (\Exception $exception) {
$output = ob_get_clean();
header('HTTP/1.0 500 Internal Server Error');
echo '<h1>500 Internal Server Error</h1>' . PHP_EOL;
echo $output;
echo '<br/><font color="#f00">ERROR: ' . $exception->getMessage() . '</font>' . PHP_EOL;
exit;
}
$output = ob_get_clean();
chdir($cwd);
echo '<h1>Deployment succesful</h1>' . PHP_EOL;
echo $output;
}