added IP ban facility - IP addresses can now be blocked from logging into

Venice, either individually or in blocks
This commit is contained in:
Eric J. Bowersox 2004-05-31 03:38:41 +00:00
parent 55db78c0e9
commit 609d216148
19 changed files with 959 additions and 32 deletions

View File

@ -10,9 +10,9 @@
The Original Code is the Venice Web Communities System. The Original Code is the Venice Web Communities System.
The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
for Silverwrist Design Studios. Portions created by Eric J. Bowersox are for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
Copyright (C) 2001-02 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
Contributor(s): Contributor(s):
--> -->
@ -367,7 +367,7 @@ or create an account, using one of the links above.
<footer-text><![CDATA[ <footer-text><![CDATA[
All trademarks and copyrights on this page are owned by their respective companies.<BR> All trademarks and copyrights on this page are owned by their respective companies.<BR>
All messages posted by users on this page are owned by those users.<BR> All messages posted by users on this page are owned by those users.<BR>
The rest: Copyright &copy; 2001 <A HREF="http://www.silverwrist.com">Silverwrist Design Studios</A>, The rest: Copyright &copy; 2001-2004 <A HREF="http://www.silverwrist.com">Silverwrist Design Studios</A>,
All Rights Reserved.<BR> All Rights Reserved.<BR>
See our <A HREF="/TODO">Policy Page</A> for our copyright and privacy policies. See our <A HREF="/TODO">Policy Page</A> for our copyright and privacy policies.
]]></footer-text> ]]></footer-text>
@ -416,6 +416,7 @@ Text of this agreement is TBD.
<menudef id="system.admin"> <menudef id="system.admin">
<title>System Administration</title> <title>System Administration</title>
<link href="sysadmin/global.js.vs" type="servlet">Edit Global Properties</link> <link href="sysadmin/global.js.vs" type="servlet">Edit Global Properties</link>
<link href="sysadmin/ip_bans.js.vs" type="servlet">View/Edit IP Address Bans</link>
<link href="TODO" disabled="true" type="servlet">View/Edit Banned Users</link> <link href="TODO" disabled="true" type="servlet">View/Edit Banned Users</link>
<link href="sysadmin/find_user.js.vs" type="servlet">User Account Management</link> <link href="sysadmin/find_user.js.vs" type="servlet">User Account Management</link>
<link href="sysadmin/audit.js.vs" type="servlet">System Audit Logs</link> <link href="sysadmin/audit.js.vs" type="servlet">System Audit Logs</link>
@ -754,6 +755,24 @@ the community's host, or via an invitation e-mail message. Please enter it in th
<imagebutton id="cancel"/> <imagebutton id="cancel"/>
</dialog> </dialog>
<dialog name="ipban.add" formname="ipbanform" menusel="nochange">
<title>Add IP Address Ban</title>
<action>sysadmin/ip_ban_add.js.vs</action>
<ip-address name="address" capt="IP address" required="true"/>
<ip-address name="mask" capt="IP address mask" required="true"/>
<checkbox name="echeck" capt="IP address ban expires"/>
<int name="etime" capt="Expires in" required="true" min="1" max="100000"/>
<list name="eunit" capt="Expires in" capt2="(units)" required="true">
<choice id="D">days</choice>
<choice id="W">weeks</choice>
<choice id="M">months</choice>
<choice id="Y">years</choice>
</list>
<text name="msg" capt="Message to display" size="64" maxlength="255"/>
<imagebutton id="add"/>
<imagebutton id="cancel"/>
</dialog>
</dialog-definitions> </dialog-definitions>
</ui-config> </ui-config>

View File

@ -8,9 +8,9 @@
// //
// The Original Code is the Venice Web Communities System. // The Original Code is the Venice Web Communities System.
// //
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, // The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are // for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. // Copyright (C) 2002-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
// //
// Contributor(s): // Contributor(s):
@ -55,7 +55,15 @@ if ("login"==call_name)
if (rinput.user.isLoggedIn()) if (rinput.user.isLoggedIn())
vlib.output(new XmlRpcFault(XmlRpcFault.DEFAULT_ERROR,"user already logged in")); vlib.output(new XmlRpcFault(XmlRpcFault.DEFAULT_ERROR,"user already logged in"));
else else
rinput.user.authenticate(username,password); { // make sure IP address is not banned yet
banmsg = rinput.engine.testIPBan(rinput.sourceAddress);
if (banmsg==null)
rinput.user.authenticate(username,password);
else
vlib.output(new XmlRpcFault(XmlRpcFault.DEFAULT_ERROR,"IP address banned: " + banmsg);
} // end else
vlib.output(vlib.booleanObject(true)); vlib.output(vlib.booleanObject(true));
} // end else } // end else

View File

@ -8,9 +8,9 @@
// //
// The Original Code is the Venice Web Communities System. // The Original Code is the Venice Web Communities System.
// //
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, // The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are // for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2001-2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. // Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
// //
// Contributor(s): // Contributor(s):
@ -35,6 +35,15 @@ if (user.isLoggedIn())
} // end if } // end if
// Test to see if the IP address has been banned.
banmsg = rinput.engine.testIPBan(rinput.sourceAddress);
if (banmsg!=null)
{ // this IP address has been banned - you are Not Allowed
vlib.output(new ErrorBox("This IP address has been banned",banmsg,target));
vlib.done();
} // end if
dlg = rinput.getDialog("login"); dlg = rinput.getDialog("login");
if ("GET"==rinput.verb) if ("GET"==rinput.verb)

View File

@ -8,9 +8,9 @@
// //
// The Original Code is the Venice Web Communities System. // The Original Code is the Venice Web Communities System.
// //
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, // The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are // for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2001-04 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. // Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
// //
// Contributor(s): // Contributor(s):
@ -35,6 +35,15 @@ if (user.isLoggedIn())
} // end if } // end if
// Test to see if the IP address has been banned.
banmsg = rinput.engine.testIPBan(rinput.sourceAddress);
if (banmsg!=null)
{ // this IP address has been banned - you are Not Allowed
vlib.output(new ErrorBox("This IP address has been banned",banmsg,target));
vlib.done();
} // end if
// Return the text of the User Agreement. // Return the text of the User Agreement.
rinput.displayLogin = false; rinput.displayLogin = false;
html = vlib.queryHTMLRendering(rinput); html = vlib.queryHTMLRendering(rinput);

View File

@ -8,9 +8,9 @@
// //
// The Original Code is the Venice Web Communities System. // The Original Code is the Venice Web Communities System.
// //
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, // The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are // for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. // Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
// //
// Contributor(s): // Contributor(s):
@ -36,6 +36,15 @@ if (user.isLoggedIn())
} // end if } // end if
// Test to see if the IP address has been banned.
banmsg = rinput.engine.testIPBan(rinput.sourceAddress);
if (banmsg!=null)
{ // this IP address has been banned - you are Not Allowed
vlib.output(new ErrorBox("This IP address has been banned",banmsg,target));
vlib.done();
} // end if
// create the new account dialog // create the new account dialog
dlg = rinput.getDialog("newacct"); dlg = rinput.getDialog("newacct");
@ -145,4 +154,4 @@ else
} // end else } // end else
vlib.output(rc); vlib.output(rc);

View File

@ -8,9 +8,9 @@
// //
// The Original Code is the Venice Web Communities System. // The Original Code is the Venice Web Communities System.
// //
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, // The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are // for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. // Copyright (C) 2002-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
// //
// Contributor(s): // Contributor(s):
@ -32,7 +32,9 @@ if (cctl.isCookiePresent(cookie_name))
logged_in = false; logged_in = false;
try try
{ // attempt to log the user in with the cookie { // attempt to log the user in with the cookie
logged_in = sess.user.authenticateWithToken(cctl.getCookie(cookie_name)); // but don't do it if they're IP-banned
if (rinput.engine.testIPBan(rinput.sourceAddress)==null)
logged_in = sess.user.authenticateWithToken(cctl.getCookie(cookie_name));
} // end try } // end try
catch (e) catch (e)

View File

@ -0,0 +1,116 @@
// The contents of this file are subject to the Mozilla Public License Version 1.1
// (the "License"); you may not use this file except in compliance with the License.
// You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
//
// Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
// WARRANTY OF ANY KIND, either express or implied. See the License for the specific
// language governing rights and limitations under the License.
//
// The Original Code is the Venice Web Communities System.
//
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
//
// Contributor(s):
importPackage(java.util);
importPackage(Packages.com.silverwrist.util);
importPackage(Packages.com.silverwrist.venice.core);
importPackage(Packages.com.silverwrist.venice.except);
importPackage(Packages.com.silverwrist.venice.ui);
importPackage(Packages.com.silverwrist.venice.ui.view);
// get the request object
rinput = bsf.lookupBean("request");
if (!(rinput.user.hasAdminAccess()))
{ // you don't have permission to administer the system
vlib.output(new ErrorBox("Access Error","You do not have permission to administer the system.",null));
vlib.done();
} // end if
// create the IP ban add dialog
dlg = rinput.getDialog("ipban.add");
if ("GET"==rinput.verb)
{ // fill in default values and put forth the dialog
dlg.setValue("mask","255.255.255.255");
dlg.setValue("etime","1");
vlib.output(dlg);
vlib.done();
} // end if
// everything that follows is for a POST operation
op = dlg.whichButton(rinput) + "";
if (op=="cancel")
{ // user cancelled create - bounce back to the target
vlib.output(new Redirect("sysadmin/ip_bans.js.vs",LinkTypes.SERVLET));
vlib.done();
} // end if
rc = null;
if (op=="add")
{ // load the dialog
dlg.load(rinput);
try
{ // validate the dialog
dlg.validate();
// load the admin interface
adm = rinput.user.adminInterface;
// determine the expire date
exp_date = null;
if (dlg.getValue("echeck"))
{ // create a GregorianCalendar and use it to figure the expiration date
cal = new java.util.GregorianCalendar();
unit = dlg.getValue("eunit");
if (unit=="D")
cal.add(Calendar.DATE,dlg.getValue("etime"));
else if (unit=="W")
cal.add(Calendar.DATE,dlg.getValue("etime") * 7);
else if (unit=="M")
cal.add(Calendar.MONTH,dlg.getValue("etime"));
else if (unit=="Y")
cal.add(Calendar.YEAR,dlg.getValue("etime"));
exp_date = cal.getTime();
} // end if
msg = dlg.getValue("msg");
if (StringUtil.isStringEmpty(msg))
msg = "This IP address has been banned from logging in by an administrator.";
adm.addIPBan(dlg.getValue("address"),dlg.getValue("mask"),exp_date,msg);
rc = new Redirect("sysadmin/ip_bans.js.vs",LinkTypes.SERVLET);
} // end try
catch (e)
{ // whoops!
etype = vlib.exceptionType(e) + "";
if (etype.match("ValidationException"))
{ // put the dialog back up on a validation error
dlg.setErrorMessage(e.message + " Please try again.");
rc = dlg;
} // end if
else if (etype.match("DataException"))
rc = new ErrorBox("Database Error",e.message);
else
rc = e;
} // end catch
} // end if
else
{ // no dialog present
logger.error("no known button click on POST to ip_ban_add.js");
rc = new ErrorBox("Internal Error","Unknown command button pressed","sysadmin/ip_bans.js.vs");
} // end else
vlib.output(rc);

View File

@ -0,0 +1,81 @@
// The contents of this file are subject to the Mozilla Public License Version 1.1
// (the "License"); you may not use this file except in compliance with the License.
// You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
//
// Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
// WARRANTY OF ANY KIND, either express or implied. See the License for the specific
// language governing rights and limitations under the License.
//
// The Original Code is the Venice Web Communities System.
//
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
//
// Contributor(s):
importPackage(java.util);
importPackage(Packages.com.silverwrist.venice.core);
importPackage(Packages.com.silverwrist.venice.except);
importPackage(Packages.com.silverwrist.venice.ui);
importPackage(Packages.com.silverwrist.venice.ui.view);
// get the request object
rinput = bsf.lookupBean("request");
if (!(rinput.user.hasAdminAccess()))
{ // you don't have permission to administer the system
vlib.output(new ErrorBox("Access Error","You do not have permission to administer the system.",null));
vlib.done();
} // end if
adm = rinput.user.adminInterface;
// get the list of IP bans
banlist = null;
try
{ // handle enables?
if (rinput.hasParameter("enable"))
{ // enable the identified ban
id = rinput.getParameterInt("enable",-1);
if (id>0)
adm.enableIPBan(id,true);
} // end if
if (rinput.hasParameter("disable"))
{ // disable the identified ban
id = rinput.getParameterInt("disable",-1);
if (id>0)
adm.enableIPBan(id,false);
} // end if
if (rinput.hasParameter("remove"))
{ // disable the identified ban
id = rinput.getParameterInt("remove",-1);
if (id>0)
adm.removeIPBan(id);
} // end if
// get the ban information list
banlist = adm.getIPBanInfo();
} // end try
catch (e)
{ // find the exception type
etype = vlib.exceptionType(e) + "";
if (etype.match("DataException"))
rc = new ErrorBox("Database Error",e.message);
else
rc = e;
vlib.output(rc);
vlib.done();
} // end catch
// display the list of IP bans
rinput.setRequestAttribute("ipbans.list",banlist);
vlib.output(new JSPView("Manage IP Address Bans","sysadmin/list_ip_bans.jsp"));

View File

@ -1,5 +1,5 @@
# MySQL script for initializing the Venice database. # MySQL script for initializing the Venice database.
# Written by Eric J. Bowersox <erbo@silcom.com> # Written by Eric J. Bowersox <erbo@ricochet.com>
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# The contents of this file are subject to the Mozilla Public License Version 1.1 # The contents of this file are subject to the Mozilla Public License Version 1.1
# (the "License"); you may not use this file except in compliance with the License. # (the "License"); you may not use this file except in compliance with the License.
@ -11,9 +11,9 @@
# #
# The Original Code is the Venice Web Communities System. # The Original Code is the Venice Web Communities System.
# #
# The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, # The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
# for Silverwrist Design Studios. Portions created by Eric J. Bowersox are # for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
# Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. # Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
# #
# Contributor(s): # Contributor(s):
# #
@ -429,6 +429,20 @@ CREATE TABLE imagestore (
data MEDIUMBLOB data MEDIUMBLOB
); );
# Table listing IP addresses that are banned from logging in or registering.
CREATE TABLE ipban (
id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
address BIGINT NOT NULL,
mask BIGINT NOT NULL,
enable TINYINT NOT NULL DEFAULT 1,
expire DATETIME,
message VARCHAR(255) NOT NULL,
block_by INT NOT NULL,
block_on DATETIME NOT NULL,
INDEX by_mask (mask),
INDEX by_date (block_on)
);
############################################################################## ##############################################################################
# Set table access rights # Set table access rights
############################################################################## ##############################################################################

View File

@ -0,0 +1,104 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Communities System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.util;
import org.apache.regexp.*;
public class IPv4Util
{
/*--------------------------------------------------------------------------------
* Static data members
*--------------------------------------------------------------------------------
*/
public static final long MAX_ADDRESS = 0xFFFFFFFFL;
private static final REProgram IPV4_PATTERN =
new RECompiler().compile("^\\s*(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\s*$");
/*--------------------------------------------------------------------------------
* Constructors
*--------------------------------------------------------------------------------
*/
public IPv4Util()
{ // only present for bean-like environments - do not construct this object directly
} // end constructor
/*--------------------------------------------------------------------------------
* External static operations
*--------------------------------------------------------------------------------
*/
public static final boolean isValid(String ip_addr)
{
if (ip_addr==null)
return false;
RE matcher = new RE(IPV4_PATTERN);
if (!matcher.match(ip_addr))
return false;
for (int i=1; i<=4; i++)
{ // parse long integers, assemble into return value
int val = Integer.parseInt(matcher.getParen(i));
if ((val<0) || (val>255))
return false;
} // end for
return true;
} // end isValid
public static final long stringToLongAddress(String ip_addr) throws IllegalArgumentException
{
RE matcher = new RE(IPV4_PATTERN);
if (!(matcher.match(ip_addr)))
throw new IllegalArgumentException("invalid IP address: " + ip_addr);
long rc = 0;
for (int i=1; i<=4; i++)
{ // parse long integers, assemble into return value
long val = Long.parseLong(matcher.getParen(i));
if ((val<0) || (val>255))
throw new IllegalArgumentException("invalid IP address: " + ip_addr);
rc = (rc << 8) | val;
} // end for
return rc;
} // end stringToLongAddress
public static final String longToStringAddress(long addr) throws IllegalArgumentException
{
if ((addr<0) || (addr>MAX_ADDRESS))
throw new IllegalArgumentException("invalid IP address: " + addr);
StringBuffer rc = new StringBuffer(16);
for (int i=0; i<4; i++)
{ // build string representation from the right up
rc.insert(0,addr & 0xFFL);
rc.insert(0,'.');
addr >>= 8;
} // end for
rc.delete(0,1);
return rc.toString();
} // end longToStringAddress
} // end class IPv4Util

View File

@ -9,9 +9,9 @@
* *
* The Original Code is the Venice Web Communities System. * The Original Code is the Venice Web Communities System.
* *
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are * for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001-02 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. * Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
* *
* Contributor(s): * Contributor(s):
*/ */
@ -49,4 +49,15 @@ public interface AdminOperations
String description, boolean auto_join) String description, boolean auto_join)
throws DataException, AccessError; throws DataException, AccessError;
public abstract List getIPBanInfo() throws DataException;
public abstract IPBanInfo getIPBanInfo(int id) throws DataException;
public abstract void enableIPBan(int id, boolean enab) throws DataException;
public abstract void removeIPBan(int id) throws DataException;
public abstract void addIPBan(String address, String mask, java.util.Date expires, String message)
throws DataException;
} // end interface AdminOperations } // end interface AdminOperations

View File

@ -0,0 +1,38 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Communities System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.core;
public interface IPBanInfo
{
public abstract int getID();
public abstract String getAddress();
public abstract String getMask();
public abstract boolean isEnabled();
public abstract java.util.Date getExpire();
public abstract String getMessage();
public abstract String getBlockedBy();
public abstract java.util.Date getBlockedOn();
} // end interface IPBanInfo

View File

@ -9,9 +9,9 @@
* *
* The Original Code is the Venice Web Communities System. * The Original Code is the Venice Web Communities System.
* *
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are * for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001-02 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. * Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
* *
* Contributor(s): * Contributor(s):
*/ */
@ -91,4 +91,6 @@ public interface VeniceEngine extends SearchMode, ServiceGroup
public abstract boolean useCategories(); public abstract boolean useCategories();
public abstract String testIPBan(String ip_address) throws DataException;
} // end interface VeniceEngine } // end interface VeniceEngine

View File

@ -9,9 +9,9 @@
* *
* The Original Code is the Venice Web Communities System. * The Original Code is the Venice Web Communities System.
* *
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are * for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001-02 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. * Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
* *
* Contributor(s): * Contributor(s):
*/ */
@ -20,6 +20,7 @@ package com.silverwrist.venice.core.impl;
import java.sql.*; import java.sql.*;
import java.util.*; import java.util.*;
import org.apache.log4j.*; import org.apache.log4j.*;
import com.silverwrist.util.*;
import com.silverwrist.venice.core.*; import com.silverwrist.venice.core.*;
import com.silverwrist.venice.core.internals.*; import com.silverwrist.venice.core.internals.*;
import com.silverwrist.venice.db.*; import com.silverwrist.venice.db.*;
@ -30,6 +31,113 @@ import com.silverwrist.venice.svc.GlobalSite;
class AdminOperationsImpl implements AdminOperations class AdminOperationsImpl implements AdminOperations
{ {
/*--------------------------------------------------------------------------------
* Internal class for IP ban listings
*--------------------------------------------------------------------------------
*/
private static class IPBanInfoImpl implements IPBanInfo
{
/*====================================================================
* Attributes
*====================================================================
*/
private int m_id;
private String m_address;
private String m_mask;
private boolean m_enabled;
private java.util.Date m_expires;
private String m_message;
private String m_blocked_by;
private java.util.Date m_blocked_on;
/*====================================================================
* Constructors
*====================================================================
*/
IPBanInfoImpl(ResultSet rs) throws SQLException
{
m_id = rs.getInt(1);
m_address = IPv4Util.longToStringAddress(rs.getLong(2));
m_mask = IPv4Util.longToStringAddress(rs.getLong(3));
m_enabled = (rs.getInt(4)!=0);
m_expires = SQLUtil.getFullDateTime(rs,5);
m_message = rs.getString(6);
m_blocked_by = rs.getString(7);
m_blocked_on = SQLUtil.getFullDateTime(rs,8);
} // end constructor
IPBanInfoImpl(int id, ResultSet rs) throws SQLException
{
m_id = id;
m_address = IPv4Util.longToStringAddress(rs.getLong(1));
m_mask = IPv4Util.longToStringAddress(rs.getLong(2));
m_enabled = (rs.getInt(3)!=0);
m_expires = SQLUtil.getFullDateTime(rs,4);
m_message = rs.getString(5);
m_blocked_by = rs.getString(6);
m_blocked_on = SQLUtil.getFullDateTime(rs,7);
} // end constructor
/*====================================================================
* Implementations from interface IPBanInfo
*====================================================================
*/
public final int getID()
{
return m_id;
} // end getID
public final String getAddress()
{
return m_address;
} // end getAddress
public final String getMask()
{
return m_mask;
} // end getMask
public final boolean isEnabled()
{
return m_enabled;
} // end isEnabled
public final java.util.Date getExpire()
{
return m_expires;
} // end getExpire
public final String getMessage()
{
return m_message;
} // end getMessage
public final String getBlockedBy()
{
return m_blocked_by;
} // end getBlockedBy
public final java.util.Date getBlockedOn()
{
return m_blocked_on;
} // end getBlockedOn
} // end class IPBanInfoImpl
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------
* Static data members * Static data members
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
@ -197,4 +305,183 @@ class AdminOperationsImpl implements AdminOperations
} // end createNewAccount } // end createNewAccount
public List getIPBanInfo() throws DataException
{
ArrayList rc = null;
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
try
{ // retrieve a connection from the data pool and get the audit records
conn = globalsite.getConnection(null);
stmt = conn.createStatement();
rs = stmt.executeQuery("SELECT b.id, b.address, b.mask, b.enable, b.expire, b.message, u.username, b.block_on "
+ "FROM ipban b, users u WHERE u.uid = b.block_by ORDER BY b.block_on;");
while (rs.next())
{ // extract the listing of IP blocks
if (rc==null)
rc = new ArrayList();
rc.add(new IPBanInfoImpl(rs));
} // end while
} // end try
catch (SQLException e)
{ // database error - this is a DataException
logger.error("error loading IP ban info: " + e.getMessage(),e);
throw new DataException("unable to load IP ban info: " + e.getMessage(),e);
} // end catch
finally
{ // make sure the connection is released before we go
SQLUtil.shutdown(rs);
SQLUtil.shutdown(stmt);
SQLUtil.shutdown(conn);
} // end finally
if ((rc==null) || rc.isEmpty())
return Collections.EMPTY_LIST;
rc.trimToSize();
return Collections.unmodifiableList(rc);
} // end getIPBanInfo
public IPBanInfo getIPBanInfo(int id) throws DataException
{
Connection conn = null;
PreparedStatement stmt = null;
ResultSet rs = null;
try
{ // retrieve a connection from the data pool and get the audit records
conn = globalsite.getConnection(null);
stmt = conn.prepareStatement("SELECT b.address, b.mask, b.enable, b.expire, b.message, u.username, b.block_on "
+ "FROM ipban b, users u WHERE u.uid = b.block_by AND b.id = ?;");
stmt.setInt(1,id);
rs = stmt.executeQuery();
if (rs.next())
return new IPBanInfoImpl(id,rs);
} // end try
catch (SQLException e)
{ // database error - this is a DataException
logger.error("error loading IP ban info: " + e.getMessage(),e);
throw new DataException("unable to load IP ban info: " + e.getMessage(),e);
} // end catch
finally
{ // make sure the connection is released before we go
SQLUtil.shutdown(rs);
SQLUtil.shutdown(stmt);
SQLUtil.shutdown(conn);
} // end finally
return null;
} // end getIPBanInfo
public void enableIPBan(int id, boolean enab) throws DataException
{
Connection conn = null;
PreparedStatement stmt = null;
try
{ // retrieve a connection from the data pool and get the audit records
conn = globalsite.getConnection(null);
stmt = conn.prepareStatement("UPDATE ipban SET enable = ? WHERE id = ?;");
stmt.setInt(1,enab ? 1 : 0);
stmt.setInt(2,id);
stmt.executeUpdate();
} // end try
catch (SQLException e)
{ // database error - this is a DataException
logger.error("error setting IP ban info: " + e.getMessage(),e);
throw new DataException("unable to change IP ban info: " + e.getMessage(),e);
} // end catch
finally
{ // make sure the connection is released before we go
SQLUtil.shutdown(stmt);
SQLUtil.shutdown(conn);
} // end finally
} // end enableIPBan
public void removeIPBan(int id) throws DataException
{
Connection conn = null;
PreparedStatement stmt = null;
try
{ // retrieve a connection from the data pool and get the audit records
conn = globalsite.getConnection(null);
stmt = conn.prepareStatement("DELETE FROM ipban WHERE id = ?;");
stmt.setInt(1,id);
stmt.executeUpdate();
} // end try
catch (SQLException e)
{ // database error - this is a DataException
logger.error("error setting IP ban info: " + e.getMessage(),e);
throw new DataException("unable to change IP ban info: " + e.getMessage(),e);
} // end catch
finally
{ // make sure the connection is released before we go
SQLUtil.shutdown(stmt);
SQLUtil.shutdown(conn);
} // end finally
} // end removeIPBan
public void addIPBan(String address, String mask, java.util.Date expires, String message) throws DataException
{
Connection conn = null;
PreparedStatement stmt = null;
try
{ // retrieve a connection from the data pool and get the audit records
conn = globalsite.getConnection(null);
stmt = conn.prepareStatement("INSERT INTO ipban (address, mask, expire, message, block_by, block_on) "
+ "VALUES (?, ?, ?, ?, ?, ?);");
try
{ // set the two IP address fields
stmt.setLong(1,IPv4Util.stringToLongAddress(address));
stmt.setLong(2,IPv4Util.stringToLongAddress(mask));
} // end try
catch (IllegalArgumentException e)
{ // translate to DataException
throw new DataException(e);
} // end catch
SQLUtil.setFullDateTime(stmt,3,expires);
stmt.setString(4,message);
stmt.setInt(5,env.getUserID());
SQLUtil.setFullDateTime(stmt,6,new java.util.Date());
stmt.executeUpdate();
} // end try
catch (SQLException e)
{ // database error - this is a DataException
logger.error("error setting IP ban info: " + e.getMessage(),e);
throw new DataException("unable to change IP ban info: " + e.getMessage(),e);
} // end catch
finally
{ // make sure the connection is released before we go
SQLUtil.shutdown(stmt);
SQLUtil.shutdown(conn);
} // end finally
} // end addIPBan
} // end class AdminOperationsImpl } // end class AdminOperationsImpl

View File

@ -9,9 +9,9 @@
* *
* The Original Code is the Venice Web Communities System. * The Original Code is the Venice Web Communities System.
* *
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are * for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001-02 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. * Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
* *
* Contributor(s): * Contributor(s):
*/ */
@ -1336,6 +1336,56 @@ public class VeniceEngineImpl implements VeniceEngine, ServiceProvider, EngineBa
} // end useCategories } // end useCategories
public String testIPBan(String ip_address) throws DataException
{
checkInitialized();
long addy = 0;
try
{ // convert the IP address parameter to a long integer
addy = IPv4Util.stringToLongAddress(ip_address);
} // end try
catch (IllegalArgumentException e)
{ // wrap the exception and return it
throw new DataException(e);
} // end catch
Connection conn = null;
PreparedStatement stmt = null;
ResultSet rs = null;
try
{ // Look for an IP ban that (a) matches this IP address (by mask), (b) has not yet expired (or does not
// expire), and (c) is enabled.
conn = globalsite.getConnection(null);
stmt = conn.prepareStatement("SELECT message FROM ipban WHERE (address & mask) = (? & mask) "
+ "AND (expire IS NULL OR expire >= ?) AND enable <> 0 ORDER BY mask DESC "
+ "LIMIT 1;");
stmt.setLong(1,addy);
stmt.setString(2,SQLUtil.encodeDate(new java.util.Date()));
rs = stmt.executeQuery();
if (rs.next()) // located an IP ban
return rs.getString(1);
} // end try
catch (SQLException e)
{ // bug out
throw new DataException("Error accessing IP ban database: " + e.getMessage(),e);
} // end catch
finally
{ // make sure the connection is released before we go
SQLUtil.shutdown(rs);
SQLUtil.shutdown(stmt);
SQLUtil.shutdown(conn);
} // end finally
return null; // no IP ban found
} // end testIPBan
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------
* Implementations from interface ServiceProvider * Implementations from interface ServiceProvider
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------

View File

@ -228,6 +228,15 @@ public class SQLUtil
} // end encodeDate } // end encodeDate
public static final void setFullDateTime(PreparedStatement stmt, int index, java.util.Date date) throws SQLException
{
if (date==null)
stmt.setNull(index,java.sql.Types.TIMESTAMP);
else
stmt.setString(index,encodeDate(date));
} // end setFullDateTime
/** /**
* Returns the value of a DATETIME column in the current row of an SQL result set, formatted as a date. * Returns the value of a DATETIME column in the current row of an SQL result set, formatted as a date.
* *

View File

@ -9,9 +9,9 @@
* *
* The Original Code is the Venice Web Communities System. * The Original Code is the Venice Web Communities System.
* *
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>, * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are * for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. * Copyright (C) 2001-2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
* *
* Contributor(s): * Contributor(s):
*/ */
@ -38,9 +38,9 @@ public class DialogElementLoader
private static final Class[] init_classes = { private static final Class[] init_classes = {
CategoryHeader.class, CheckBoxField.class, CommunityLogoField.class, CountryListField.class, CategoryHeader.class, CheckBoxField.class, CommunityLogoField.class, CountryListField.class,
EMailAddressField.class, HiddenField.class, ImageButton.class, IntegerField.class, EMailAddressField.class, HiddenField.class, ImageButton.class, IntegerField.class,
LanguageListField.class, LocaleListField.class, PasswordField.class, RoleListField.class, IPAddressField.class, LanguageListField.class, LocaleListField.class, PasswordField.class,
StaticPickListField.class, TextField.class, TimeZoneListField.class, UserPhotoField.class, RoleListField.class, StaticPickListField.class, TextField.class, TimeZoneListField.class,
VeniceIDField.class UserPhotoField.class, VeniceIDField.class
}; };
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------

View File

@ -0,0 +1,83 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Communities System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.ui.dlg;
import java.io.IOException;
import org.w3c.dom.*;
import com.silverwrist.util.*;
import com.silverwrist.venice.except.*;
import com.silverwrist.venice.ui.*;
import com.silverwrist.venice.util.XMLLoader;
public class IPAddressField extends TextField
{
/*--------------------------------------------------------------------------------
* Static data members
*--------------------------------------------------------------------------------
*/
public static final String TAGNAME = "ip-address";
/*--------------------------------------------------------------------------------
* Constructors
*--------------------------------------------------------------------------------
*/
public IPAddressField(String name, String caption, String caption2)
{
super(name,caption,caption2,true,15);
} // end constructor
public IPAddressField(Element elt) throws ConfigException
{
super(elt,15);
} // end constructor
protected IPAddressField(IPAddressField other)
{
super(other);
} // end constructor
/*--------------------------------------------------------------------------------
* Overrides from class TextField
*--------------------------------------------------------------------------------
*/
protected void validateContents(String value) throws ValidationException
{
super.validateContents(value);
if (!(IPv4Util.isValid(value)))
throw new ValidationException("Invalid IP address in the '" + getCaption() + "' field.");
} // end validateContents
/*--------------------------------------------------------------------------------
* Implementations from interface DialogField
*--------------------------------------------------------------------------------
*/
public DialogField duplicate()
{
return new IPAddressField(this);
} // end duplicate
} // end class IPAddressField

View File

@ -0,0 +1,76 @@
<%--
The contents of this file are subject to the Mozilla Public License Version 1.1
(the "License"); you may not use this file except in compliance with the License.
You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
WARRANTY OF ANY KIND, either express or implied. See the License for the specific
language governing rights and limitations under the License.
The Original Code is the Venice Web Communities System.
The Initial Developer of the Original Code is Eric J. Bowersox <erbo@ricochet.com>,
for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
Copyright (C) 2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
Contributor(s):
--%>
<%@ page import = "java.util.*" %>
<%@ page import = "com.silverwrist.venice.core.IPBanInfo" %>
<%@ page import = "com.silverwrist.venice.ui.view.JSPView" %>
<%@ taglib uri="/tlds/util" prefix="util" %>
<%
JSPView view = JSPView.get(request);
List ipbans = (List)(view.getRequestAttribute("ipbans.list"));
%>
<util:comment>IP Bans Display</util:comment>
<util:header title="Manage IP Address Bans"/>
<util:font color="content.fg" size="content"><util:link href="sysadmin/menu.js.vs" type="servlet">Return to
System Administration Menu</util:link></util:font><P>
<% if (ipbans.size()>0) { %>
<table border="0" width="100%" cellpadding="0" cellspacing="2">
<tr>
<th align="center"><util:font color="content.fg" size="content"><b><u>Enable</u></b></util:font></th>
<th align="left"><util:font color="content.fg" size="content"><b><u>Address</u></b></util:font></th>
<th align="left"><util:font color="content.fg" size="content"><b><u>Mask</u></b></util:font></th>
<th align="left"><util:font color="content.fg" size="content"><b><u>Expires</u></b></util:font></th>
<th align="left"><util:font color="content.fg" size="content"><b><u>Added By</u></b></util:font></th>
<th align="left"><util:font color="content.fg" size="content"><b><u>Added On</u></b></util:font></th>
<th>&nbsp;</th>
</tr>
<% for (Iterator it = ipbans.iterator(); it.hasNext(); ) { %>
<% IPBanInfo ban = (IPBanInfo)(it.next()); %>
<tr>
<td align="center">
<% if (ban.isEnabled()) { %>
<util:xlink>
<util:href type="servlet">sysadmin/ip_bans.js.vs?disable=<%= ban.getID() %></util:href>
<util:text><util:image src="icn_on.gif" fixup="true" alt="[Yes]" width="16" height="16"
border="0"/></util:text>
</util:xlink>
<% } else { %>
<util:xlink>
<util:href type="servlet">sysadmin/ip_bans.js.vs?enable=<%= ban.getID() %></util:href>
<util:text><util:image src="icn_off.gif" fixup="true" alt="[No]" width="16" height="16"
border="0"/></util:text>
</util:xlink>
<% } // end if %>
</td>
<td align="left"><util:font color="content.fg" size="content"><%= ban.getAddress() %></util:font></td>
<td align="left"><util:font color="content.fg" size="content"><%= ban.getMask() %></util:font></td>
<td align="left"><util:font color="content.fg" size="content">
<% if (ban.getExpire()==null) { %>Never<% } else { %><%= view.formatDate(ban.getExpire()) %><% } // end if %>
</util:font></td>
<td align="left"><util:font color="content.fg" size="content"><%= ban.getBlockedBy() %></util:font></td>
<td align="left"><util:font color="content.fg" size="content"><%= view.formatDate(ban.getBlockedOn()) %></util:font></td>
<td align="center"><util:xlink>
<util:href type="servlet">sysadmin/ip_bans.js.vs?remove=<%= ban.getID() %></util:href>
<util:text><util:button id="remove"/></util:text>
</util:xlink></td>
</tr>
<% } // end for %>
</table>
<% } else { %>
<div align="left"><i>No IP bans currently listed.</i></div>
<% } // end if %>
<util:link href="sysadmin/ip_ban_add.js.vs" type="servlet"><util:button id="add"/></util:link>