public HttpResponseMessage Create(string name, string ip) { IPSpec ipSpec = null; try { ipSpec = IPSpecManager.Create(name, ip); } catch (IPSpecExistsException ex) { return(Request.CreateErrorResponse(HttpStatusCode.Conflict, ex.Message)); } catch (Exception ex) { return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex)); } return(Request.CreateResponse(HttpStatusCode.Created, ipSpec)); }
public HttpResponseMessage Delete(int id) { IPSpec ipSpec = IPSpecManager.GetById(id); if (ipSpec == null) { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, "IP spec not found.")); } try { IPSpecManager.Delete(ipSpec); } catch (Exception ex) { return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "Failed to delete IP spec.")); } return(Request.CreateResponse(HttpStatusCode.NoContent)); }
public HttpResponseMessage Create(string ip) { IPSpec ipSpec = IPSpecManager.Create(ip); return(Request.CreateResponse(HttpStatusCode.Created, ipSpec)); }
public HttpResponseMessage GetAll() { List <IPSpec> ipSpecs = IPSpecManager.GetAll().ToList(); return(Request.CreateResponse(HttpStatusCode.OK, ipSpecs)); }
public override void OnActionExecuting(HttpActionContext actionContext) { base.OnActionExecuting(actionContext); bool authenticated = false; string message = "Access denied."; string forwardingAddress = null; string clientIpAddress = null; try { // There is a strong possibility that this is not the ip address of the machine // that sent the request. Being behind a load balancer with transparancy switched // off or being served through CloudFlare will both affect this value. clientIpAddress = HttpContext.Current.Request.UserHostAddress; // We need to get the X-Forwarded-For header from the request, if this is set we // should use it instead of the ip address from the request. string forwardedFor = HttpContext.Current.Request.Headers.Get("X-Forwarded-For"); // Forwarded for set? if (forwardedFor != null) { forwardingAddress = clientIpAddress; clientIpAddress = forwardedFor; } // Got the ip address? if (!string.IsNullOrEmpty(clientIpAddress)) { // Is it whitelisted or localhost? if (IPSpecManager.IsWhitelisted(clientIpAddress) || clientIpAddress.Equals("127.0.0.1")) { authenticated = true; } } } catch (Exception ex) { // Set appropriate message. message = "An error occurred while trying to authenticate this request."; EventLogManager.Log("AUTH_EXCEPTION", EventLogSeverity.Info, null, ex); } // If authentication failure occurs, return a response without carrying on executing actions. if (!authenticated) { string log = string.Format("Whitelist check failed for IP address: {0}.", clientIpAddress); // Was it forwarded? if (forwardingAddress != null) { log = string.Format("Whitelist check failed for IP address: {0}, forwarded by: {1}.", clientIpAddress, forwardingAddress); } EventLogManager.Log("AUTH_BAD_IPADDRESS", EventLogSeverity.Warning, log); actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, message); } }
public override void OnActionExecuting(HttpActionContext actionContext) { base.OnActionExecuting(actionContext); // Get whitelist state. bool whitelistDisabled; try { // Attempt to retrieve disabled state. whitelistDisabled = SettingManager.GetSetting("WHITELIST", "STATE").Value.ToLower() == "false"; } catch (SettingNotFoundException ex) { // Setting not set, default to off. whitelistDisabled = true; } // Get api user. string apiKey = actionContext.Request.GetApiKey(); APIUser apiUser = APIUserManager.GetByAPIKey(apiKey); // Is the whitelist disabled or does the api user have permission to // bypass it? if (whitelistDisabled || (apiUser != null && apiUser.BypassIPWhitelist)) { // No need to perform whitelisting checks, return early. return; } bool authenticated = false; string message = "Access denied."; string forwardingAddress = null; string clientIpAddress = null; try { // There is a strong possibility that this is not the ip address of the machine // that sent the request. Being behind a load balancer with transparancy switched // off or being served through CloudFlare will both affect this value. clientIpAddress = HttpContext.Current.Request.UserHostAddress; // We need to get the X-Forwarded-For header from the request, if this is set we // should use it instead of the ip address from the request. string forwardedFor = HttpContext.Current.Request.Headers.Get("X-Forwarded-For"); // Forwarded for set? if (forwardedFor != null) { forwardingAddress = clientIpAddress; clientIpAddress = forwardedFor; } // Got the ip address? if (!string.IsNullOrEmpty(clientIpAddress)) { // Is it whitelisted or localhost? if (IPSpecManager.IsWhitelisted(clientIpAddress) || clientIpAddress.Equals("127.0.0.1")) { authenticated = true; } } } catch (Exception ex) { // Set appropriate message. message = "An error occurred while trying to authenticate this request."; EventLogManager.Log("AUTH_EXCEPTION", EventLogSeverity.Info, null, ex); } // If authentication failure occurs, return a response without carrying on executing actions. if (!authenticated) { string log = string.Format("Whitelist check failed for IP address: {0}.", clientIpAddress); // Was it forwarded? if (forwardingAddress != null) { log = string.Format("Whitelist check failed for IP address: {0}, forwarded by: {1}.", clientIpAddress, forwardingAddress); } EventLogManager.Log("AUTH_BAD_IPADDRESS", EventLogSeverity.Warning, log); actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, message); } }