public async Task <IActionResult> AllowAll(string organizationId)
{
try
{
IPAddress userIp = _accessor.HttpContext.Connection.RemoteIpAddress;
var ipCheck = _iPFencingOptions.IPFencingCheck;
if (ipCheck.Equals("Disabled"))
{
throw new UnauthorizedOperationException("IPFencing rule could not be updated because IPFencingCheck is disabled", EntityOperationType.Update);
}
//get the organization's settings
_organizationSettingRepository.ForceIgnoreSecurity();
var existingOrganizationSettings = _organizationSettingRepository.Find(0, 1).Items.
Where(s => s.OrganizationId == Guid.Parse(organizationId)).FirstOrDefault();
if (existingOrganizationSettings == null)
{
throw new EntityDoesNotExistException("No OrganizationSettings exist for this Organization");
}
if (existingOrganizationSettings.IPFencingMode == IPFencingMode.AllowMode)
{
return(Ok("IPFencing Mode is already set to AllowAll"));
}
//check if user will be able to make requests under the new IP fencing
if (_iPFencingManager.IsRequestAllowed(userIp, IPFencingMode.AllowMode))
{
existingOrganizationSettings.IPFencingMode = IPFencingMode.AllowMode;
_organizationSettingRepository.Update(existingOrganizationSettings);
_organizationSettingRepository.ForceSecurity();
return(Ok("IPFencingMode has been set AllowAll"));
}
else
{
_organizationSettingRepository.ForceSecurity();
return(Conflict("This action would prevent you from making further requests to the server. Try updating the Fencing rules"));
}
}
catch (Exception ex)
{
return(ex.GetActionResult());
}
}
public async Task <IActionResult> AllowAll(string organizationId)
{
IPAddress userIp = _accessor.HttpContext.Connection.RemoteIpAddress;
var ipCheck = iPFencingOptions.IPFencingCheck;
if (ipCheck.Equals("Disabled"))
{
ModelState.AddModelError("AllowAll", "IP Fencing Mode could not be updated because IPFencingCheck is disabled");
return(BadRequest(ModelState));
}
//get the organization's settings
organizationSettingRepository.ForceIgnoreSecurity();
var existingOrganizationSettings = organizationSettingRepository.Find(0, 1).Items.
Where(s => s.OrganizationId == Guid.Parse(organizationId)).FirstOrDefault();
if (existingOrganizationSettings == null)
{
ModelState.AddModelError("AllowAll", "No OrganizationSettings exist for this Organization");
return(NotFound(ModelState));
}
if (existingOrganizationSettings.IPFencingMode == IPFencingMode.AllowMode)
{
return(Ok("IPFencing Mode is already set to AllowAll"));
}
//check if user will be able to make requests under the new IP fencing
if (iPFencingManager.IsRequestAllowed(userIp, IPFencingMode.AllowMode))
{
existingOrganizationSettings.IPFencingMode = IPFencingMode.AllowMode;
organizationSettingRepository.Update(existingOrganizationSettings);
organizationSettingRepository.ForceSecurity();
return(Ok("IPFencingMode has been set AllowAll"));
}
else
{
organizationSettingRepository.ForceSecurity();
return(Conflict("This action would prevent you from making further requests to the server. Try updating the Fencing rules"));
}
}
public async Task Invoke(HttpContext context,
IIPFencingManager iPFencingManager)
{
var ipAddress = context.Connection.RemoteIpAddress;
bool isAllowedRequest = iPFencingManager.IsRequestAllowed(ipAddress);
if (!isAllowedRequest)
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.WriteAsync("Current IP Address is blocked.");
return;
}
await _next.Invoke(context);
}
public async Task Invoke(HttpContext context,
IIPFencingManager iPFencingManager,
ILogger <IPFilter> logger)
{
try
{
var ipAddress = context.Connection.RemoteIpAddress;
bool isAllowedRequest = iPFencingManager.IsRequestAllowed(ipAddress);
if (!isAllowedRequest)
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.WriteAsync("Current IP Address is blocked.");
return;
}
await _next.Invoke(context);
}
catch (Exception ex)
{
logger.LogError(ex, ex.Message);
}
}