- The first part

- Added CodeDocs config file for customization - Fixing LGTM alerts - LGTM bug fixed again - added token option to hyperion-remote - fix DBManager::getDB() - next bugfix - correct broken signal from SettingManager to Hyperion - Token list is created after the schema is fetched Signed-off-by: Paulchen-Panther <Paulchen-Panter@protonmail.com>
2025-03-01 10:33:28 +00:00 · 2019-07-12 16:54:26 +02:00
parent 4fc745e748
commit ea796160af
72 changed files with 2546 additions and 485 deletions
--- a/libsrc/utils/NetOrigin.cpp
+++ b/libsrc/utils/NetOrigin.cpp
@@ -0,0 +1,76 @@
+#include <utils/NetOrigin.h>
+
+#include <QJsonObject>
+
+NetOrigin* NetOrigin::instance = nullptr;
+
+NetOrigin::NetOrigin(QObject* parent, Logger* log)
+	: QObject(parent)
+	, _log(log)
+	, _internetAccessAllowed(false)
+	, _ipWhitelist()
+{
+	NetOrigin::instance = this;
+}
+
+bool NetOrigin::accessAllowed(const QHostAddress& address, const QHostAddress& local)
+{
+	if(_internetAccessAllowed)
+		return true;
+
+	if(_ipWhitelist.contains(address)) // v4 and v6
+		return true;
+
+	if(!isLocalAddress(address, local))
+	{
+		Warning(_log,"Client connection with IP address '%s' has been rejected! It's not whitelisted, access denied.",QSTRING_CSTR(address.toString()));
+		return false;
+	}
+	return true;
+}
+
+bool NetOrigin::isLocalAddress(const QHostAddress& address, const QHostAddress& local)
+{
+	if(address.protocol() == QAbstractSocket::IPv4Protocol)
+	{
+		if(!address.isInSubnet(local, 24)) // 255.255.255.xxx; IPv4 0-32
+		{
+			return false;
+		}
+	}
+	else if(address.protocol() == QAbstractSocket::IPv6Protocol)
+	{
+		if(!address.isInSubnet(local, 64)) // 2001:db8:abcd:0012:XXXX:XXXX:XXXX:XXXX; IPv6 0-128
+		{
+			return false;
+		}
+	}
+	return true;
+}
+
+void NetOrigin::handleSettingsUpdate(const settings::type& type, const QJsonDocument& config)
+{
+	if(type == settings::NETWORK)
+	{
+		const QJsonObject& obj = config.object();
+		_internetAccessAllowed = obj["internetAccessAPI"].toBool(false);
+
+		const QJsonArray& arr = obj["ipWhitelist"].toArray();
+		_ipWhitelist.clear();
+
+		for(const auto& e : arr)
+		{
+			const QString& entry = e.toString("");
+			if(entry.isEmpty())
+				continue;
+
+			QHostAddress host(entry);
+			if(host.isNull())
+			{
+				Warning(_log,"The whitelisted IP address '%s' isn't valid! Skipped",QSTRING_CSTR(entry));
+				continue;
+			}
+			_ipWhitelist << host;
+		}
+	}
+}