/** * Check to see if a user's real email address should be used for the "From" field. * * @param object $from The user object for the user we are sending the email from. * @param object $user The user object that we are sending the email to. * @param array $alloweddomains An array of allowed domains that we can send email from. * @return bool Returns true if we can use the from user's email adress in the "From" field. */ function can_send_from_real_email_address($from, $user, $alloweddomains) { // Email is in the list of allowed domains for sending email, // and the senders email setting is either displayed to everyone, or display to only other users that are enrolled // in a course with the sender. if (\core\ip_utils::is_domain_in_allowed_list(substr($from->email, strpos($from->email, '@') + 1), $alloweddomains) && ($from->maildisplay == core_user::MAILDISPLAY_EVERYONE || $from->maildisplay == core_user::MAILDISPLAY_COURSE_MEMBERS_ONLY && enrol_get_shared_courses($user, $from, false, true))) { return true; } return false; }
/** * Validate the contents of the textarea as either IP addresses, domain name or wildcard domain name (RFC 4592). * Used to validate a new line separated list of entries collected from a textarea control. * * This setting provides support for internationalised domain names (IDNs), however, such UTF-8 names will be converted to * their ascii-compatible encoding (punycode) on save, and converted back to their UTF-8 representation when fetched * via the get_setting() method, which has been overriden. * * @param string $data A list of FQDNs, DNS wildcard format domains, and IP addresses, separated by new lines. * @return mixed bool true for success or string:error on failure */ public function validate($data) { if (empty($data)) { return true; } $entries = explode("\n", $data); $badentries = []; foreach ($entries as $key => $entry) { $entry = trim($entry); if (empty($entry)) { return get_string('validateemptylineerror', 'admin'); } // Validate each string entry against the supported formats. if (\core\ip_utils::is_ip_address($entry) || \core\ip_utils::is_ipv6_range($entry) || \core\ip_utils::is_ipv4_range($entry) || \core\ip_utils::is_domain_name($entry) || \core\ip_utils::is_domain_matching_pattern($entry)) { continue; } // Otherwise, the entry is invalid. $badentries[] = $entry; } if ($badentries) { return get_string('validateerrorlist', 'admin', join(', ', $badentries)); } return true; }
/** * Test checking domains against a list of allowed domains. * * @param bool $expected Expected result * @param string $domain domain address * @dataProvider data_domain_addresses */ public function test_check_domain_against_allowed_domains($expected, $domain) { $alloweddomains = ['example.com', '*.moodle.com', '*.per.this.penny-arcade.com', 'bad.*.url.com', ' trouble.com.au']; $this->assertEquals($expected, \core\ip_utils::is_domain_in_allowed_list($domain, $alloweddomains)); }
/** * Helper to get all entries from the admin setting, as an array, sorted by classification. * Classifications include 'ipv4', 'ipv6', 'domain', 'domainwildcard'. * * @return array of host/domain/ip entries from the 'curlsecurityblockedhosts' config. */ protected function get_blacklisted_hosts_by_category() { // For each of the admin setting entries, check and place in the correct section of the config array. $config = ['ipv6' => [], 'ipv4' => [], 'domain' => [], 'domainwildcard' => []]; $entries = $this->get_blacklisted_hosts(); foreach ($entries as $entry) { if (ip_utils::is_ipv6_address($entry) || ip_utils::is_ipv6_range($entry)) { $config['ipv6'][] = $entry; } else { if (ip_utils::is_ipv4_address($entry) || ip_utils::is_ipv4_range($entry)) { $config['ipv4'][] = $entry; } else { if (ip_utils::is_domain_name($entry)) { $config['domain'][] = $entry; } else { if (ip_utils::is_domain_matching_pattern($entry)) { $config['domainwildcard'][] = $entry; } } } } } return $config; }