public async Task <IActionResult> AllowAll(string organizationId) { try { IPAddress userIp = _accessor.HttpContext.Connection.RemoteIpAddress; var ipCheck = _iPFencingOptions.IPFencingCheck; if (ipCheck.Equals("Disabled")) { throw new UnauthorizedOperationException("IPFencing rule could not be updated because IPFencingCheck is disabled", EntityOperationType.Update); } //get the organization's settings _organizationSettingRepository.ForceIgnoreSecurity(); var existingOrganizationSettings = _organizationSettingRepository.Find(0, 1).Items. Where(s => s.OrganizationId == Guid.Parse(organizationId)).FirstOrDefault(); if (existingOrganizationSettings == null) { throw new EntityDoesNotExistException("No OrganizationSettings exist for this Organization"); } if (existingOrganizationSettings.IPFencingMode == IPFencingMode.AllowMode) { return(Ok("IPFencing Mode is already set to AllowAll")); } //check if user will be able to make requests under the new IP fencing if (_iPFencingManager.IsRequestAllowed(userIp, IPFencingMode.AllowMode)) { existingOrganizationSettings.IPFencingMode = IPFencingMode.AllowMode; _organizationSettingRepository.Update(existingOrganizationSettings); _organizationSettingRepository.ForceSecurity(); return(Ok("IPFencingMode has been set AllowAll")); } else { _organizationSettingRepository.ForceSecurity(); return(Conflict("This action would prevent you from making further requests to the server. Try updating the Fencing rules")); } } catch (Exception ex) { return(ex.GetActionResult()); } }
public async Task <IActionResult> AllowAll(string organizationId) { IPAddress userIp = _accessor.HttpContext.Connection.RemoteIpAddress; var ipCheck = iPFencingOptions.IPFencingCheck; if (ipCheck.Equals("Disabled")) { ModelState.AddModelError("AllowAll", "IP Fencing Mode could not be updated because IPFencingCheck is disabled"); return(BadRequest(ModelState)); } //get the organization's settings organizationSettingRepository.ForceIgnoreSecurity(); var existingOrganizationSettings = organizationSettingRepository.Find(0, 1).Items. Where(s => s.OrganizationId == Guid.Parse(organizationId)).FirstOrDefault(); if (existingOrganizationSettings == null) { ModelState.AddModelError("AllowAll", "No OrganizationSettings exist for this Organization"); return(NotFound(ModelState)); } if (existingOrganizationSettings.IPFencingMode == IPFencingMode.AllowMode) { return(Ok("IPFencing Mode is already set to AllowAll")); } //check if user will be able to make requests under the new IP fencing if (iPFencingManager.IsRequestAllowed(userIp, IPFencingMode.AllowMode)) { existingOrganizationSettings.IPFencingMode = IPFencingMode.AllowMode; organizationSettingRepository.Update(existingOrganizationSettings); organizationSettingRepository.ForceSecurity(); return(Ok("IPFencingMode has been set AllowAll")); } else { organizationSettingRepository.ForceSecurity(); return(Conflict("This action would prevent you from making further requests to the server. Try updating the Fencing rules")); } }
public async Task Invoke(HttpContext context, IIPFencingManager iPFencingManager) { var ipAddress = context.Connection.RemoteIpAddress; bool isAllowedRequest = iPFencingManager.IsRequestAllowed(ipAddress); if (!isAllowedRequest) { context.Response.StatusCode = (int)HttpStatusCode.Forbidden; context.Response.WriteAsync("Current IP Address is blocked."); return; } await _next.Invoke(context); }
public async Task Invoke(HttpContext context, IIPFencingManager iPFencingManager, ILogger <IPFilter> logger) { try { var ipAddress = context.Connection.RemoteIpAddress; bool isAllowedRequest = iPFencingManager.IsRequestAllowed(ipAddress); if (!isAllowedRequest) { context.Response.StatusCode = (int)HttpStatusCode.Forbidden; context.Response.WriteAsync("Current IP Address is blocked."); return; } await _next.Invoke(context); } catch (Exception ex) { logger.LogError(ex, ex.Message); } }