parent
e3621d3bfe
commit
35a6edd6de
@ -0,0 +1,58 @@ |
|||||||
|
defmodule BlockScoutWeb.AccessHelpers do |
||||||
|
@moduledoc """ |
||||||
|
Helpers to restrict access to some pages filtering by address |
||||||
|
""" |
||||||
|
|
||||||
|
alias BlockScoutWeb.WebRouter.Helpers |
||||||
|
alias Plug.Conn |
||||||
|
|
||||||
|
defp get_restricted_key(%Phoenix.Socket{}) do |
||||||
|
nil |
||||||
|
end |
||||||
|
|
||||||
|
defp get_restricted_key(conn) do |
||||||
|
conn_with_params = Conn.fetch_query_params(conn) |
||||||
|
conn_with_params.query_params["key"] |
||||||
|
end |
||||||
|
|
||||||
|
def restricted_access?(address_hash, params) do |
||||||
|
formatted_address_hash = String.downcase(address_hash) |
||||||
|
key = if params && Map.has_key?(params, "key"), do: Map.get(params, "key"), else: nil |
||||||
|
|
||||||
|
restricted_list_var = Application.get_env(:block_scout_web, :restricted_list) |
||||||
|
restricted_list = (restricted_list_var && String.split(restricted_list_var, ",")) || [] |
||||||
|
|
||||||
|
formatted_restricted_list = |
||||||
|
restricted_list |
||||||
|
|> Enum.map(fn addr -> |
||||||
|
String.downcase(addr) |
||||||
|
end) |
||||||
|
|
||||||
|
address_restricted = |
||||||
|
formatted_restricted_list |
||||||
|
|> Enum.member?(formatted_address_hash) |
||||||
|
|
||||||
|
correct_key = key && key == Application.get_env(:block_scout_web, :restricted_list_key) |
||||||
|
|
||||||
|
if address_restricted && !correct_key, do: {:restricted_access, true}, else: {:ok, false} |
||||||
|
end |
||||||
|
|
||||||
|
def get_path(conn, path, template, address_hash) do |
||||||
|
basic_args = [conn, template, address_hash] |
||||||
|
key = get_restricted_key(conn) |
||||||
|
# credo:disable-for-next-line |
||||||
|
full_args = if key, do: basic_args ++ [%{:key => key}], else: basic_args |
||||||
|
|
||||||
|
apply(Helpers, path, full_args) |
||||||
|
end |
||||||
|
|
||||||
|
def get_path(conn, path, template, address_hash, additional_params) do |
||||||
|
basic_args = [conn, template, address_hash] |
||||||
|
key = get_restricted_key(conn) |
||||||
|
full_additional_params = if key, do: Map.put(additional_params, :key, key), else: additional_params |
||||||
|
# credo:disable-for-next-line |
||||||
|
full_args = basic_args ++ [full_additional_params] |
||||||
|
|
||||||
|
apply(Helpers, path, full_args) |
||||||
|
end |
||||||
|
end |
@ -1,4 +1,5 @@ |
|||||||
defmodule BlockScoutWeb.TransactionInternalTransactionView do |
defmodule BlockScoutWeb.TransactionInternalTransactionView do |
||||||
use BlockScoutWeb, :view |
use BlockScoutWeb, :view |
||||||
|
|
||||||
@dialyzer :no_match |
@dialyzer :no_match |
||||||
end |
end |
||||||
|
Loading…
Reference in new issue