gitlab-org--gitlab-foss/lib/gitlab/url_blockers/url_allowlist.rb

# frozen_string_literal: true

module Gitlab
  module UrlBlockers
    class UrlAllowlist
      class << self
        def ip_allowed?(ip_string, port: nil)
          return false if ip_string.blank?

          ip_allowlist, _ = outbound_local_requests_allowlist_arrays
          ip_obj = Gitlab::Utils.string_to_ip_object(ip_string)

          ip_allowlist.any? do |ip_allowlist_entry|
            ip_allowlist_entry.match?(ip_obj, port)
          end
        end

        def domain_allowed?(domain_string, port: nil)
          return false if domain_string.blank?

          _, domain_allowlist = outbound_local_requests_allowlist_arrays

          domain_allowlist.any? do |domain_allowlist_entry|
            domain_allowlist_entry.match?(domain_string, port)
          end
        end

        private

        # We cannot use Gitlab::CurrentSettings as ApplicationSetting itself
        # calls this class. This ends up in a cycle where
        # Gitlab::CurrentSettings creates an ApplicationSetting which then
        # calls this method.
        #
        # See https://gitlab.com/gitlab-org/gitlab/issues/9833
        def outbound_local_requests_allowlist_arrays
          return [[], []] unless ApplicationSetting.current

          ApplicationSetting.current.outbound_local_requests_allowlist_arrays
        end
      end
    end
  end
end
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`# frozen_string_literal: true`

			`module Gitlab`
			`module UrlBlockers`
Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`class UrlAllowlist`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`class << self`
Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`def ip_allowed?(ip_string, port: nil)`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`return false if ip_string.blank?`

Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`ip_allowlist, _ = outbound_local_requests_allowlist_arrays`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`ip_obj = Gitlab::Utils.string_to_ip_object(ip_string)`

Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`ip_allowlist.any? do \|ip_allowlist_entry\|`
			`ip_allowlist_entry.match?(ip_obj, port)`
Add latest changes from gitlab-org/gitlab@master 2020-03-15 23:09:14 -04:00			`end`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`end`

Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`def domain_allowed?(domain_string, port: nil)`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`return false if domain_string.blank?`

Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`_, domain_allowlist = outbound_local_requests_allowlist_arrays`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00
Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`domain_allowlist.any? do \|domain_allowlist_entry\|`
			`domain_allowlist_entry.match?(domain_string, port)`
Add latest changes from gitlab-org/gitlab@master 2020-03-15 23:09:14 -04:00			`end`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`end`

			`private`

			`# We cannot use Gitlab::CurrentSettings as ApplicationSetting itself`
			`# calls this class. This ends up in a cycle where`
			`# Gitlab::CurrentSettings creates an ApplicationSetting which then`
			`# calls this method.`
			`#`
Add latest changes from gitlab-org/gitlab@master 2019-09-18 10:02:45 -04:00			`# See https://gitlab.com/gitlab-org/gitlab/issues/9833`
Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`def outbound_local_requests_allowlist_arrays`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`return [[], []] unless ApplicationSetting.current`

Add latest changes from gitlab-org/gitlab@master 2020-10-29 02:08:45 -04:00			`ApplicationSetting.current.outbound_local_requests_allowlist_arrays`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00			`end`
			`end`
			`end`
			`end`
			`end`