diff options
Diffstat (limited to 'library/X509/Model/Behavior')
| -rw-r--r-- | library/X509/Model/Behavior/DERBase64.php | 44 | ||||
| -rw-r--r-- | library/X509/Model/Behavior/ExpressionInjector.php | 62 | ||||
| -rw-r--r-- | library/X509/Model/Behavior/Ip.php | 39 |
3 files changed, 145 insertions, 0 deletions
diff --git a/library/X509/Model/Behavior/DERBase64.php b/library/X509/Model/Behavior/DERBase64.php new file mode 100644 index 0000000..f7b7215 --- /dev/null +++ b/library/X509/Model/Behavior/DERBase64.php @@ -0,0 +1,44 @@ +<?php + +/* Icinga Web 2 X.509 Module | (c) 2022 Icinga GmbH | GPLv2 */ + +namespace Icinga\Module\X509\Model\Behavior; + +use ipl\Orm\Contract\PropertyBehavior; + +/** + * Support automatically transformation of DER-encoded certificates to PEM and vice versa. + */ +class DERBase64 extends PropertyBehavior +{ + public function fromDb($value, $key, $_) + { + if (! $value) { + return null; + } + + $block = chunk_split(base64_encode($value), 64, "\n"); + + return "-----BEGIN CERTIFICATE-----\n{$block}-----END CERTIFICATE-----"; + } + + public function toDb($value, $key, $_) + { + if (! $value) { + return null; + } + + $lines = explode("\n", $value); + $der = ''; + + foreach ($lines as $line) { + if (strpos($line, '-----') === 0) { + continue; + } + + $der .= base64_decode($line); + } + + return $der; + } +} diff --git a/library/X509/Model/Behavior/ExpressionInjector.php b/library/X509/Model/Behavior/ExpressionInjector.php new file mode 100644 index 0000000..c3fa2cb --- /dev/null +++ b/library/X509/Model/Behavior/ExpressionInjector.php @@ -0,0 +1,62 @@ +<?php + +/* Icinga Web 2 X.509 Module | (c) 2022 Icinga GmbH | GPLv2 */ + +namespace Icinga\Module\X509\Model\Behavior; + +use ipl\Orm\Contract\QueryAwareBehavior; +use ipl\Orm\Contract\RewriteFilterBehavior; +use ipl\Orm\Query; +use ipl\Sql\ExpressionInterface; +use ipl\Stdlib\Filter; + +/** + * Support expression columns (which don't really exist in the database, but rather + * resulted e.g. from a `case..when` expression), being used as filter columns + */ +class ExpressionInjector implements RewriteFilterBehavior, QueryAwareBehavior +{ + /** @var array */ + protected $columns; + + /** @var Query */ + protected $query; + + public function __construct(...$columns) + { + $this->columns = $columns; + } + + public function setQuery(Query $query) + { + $this->query = $query; + + return $this; + } + + public function rewriteCondition(Filter\Condition $condition, $relation = null) + { + $columnName = $condition->metaData()->get('columnName'); + if (in_array($columnName, $this->columns, true)) { + $relationPath = $condition->metaData()->get('relationPath'); + if ($relationPath && $relationPath !== $this->query->getModel()->getTableAlias()) { + $subject = $this->query->getResolver()->resolveRelation($relationPath)->getTarget(); + } else { + $subject = $this->query->getModel(); + } + + /** @var ExpressionInterface $column */ + $column = $subject->getColumns()[$columnName]; + $expression = clone $column; + $expression->setColumns($this->query->getResolver()->qualifyColumns( + $this->query->getResolver()->requireAndResolveColumns( + $expression->getColumns(), + $subject + ), + $subject + )); + + $condition->setColumn($this->query->getDb()->getQueryBuilder()->buildExpression($expression)); + } + } +} diff --git a/library/X509/Model/Behavior/Ip.php b/library/X509/Model/Behavior/Ip.php new file mode 100644 index 0000000..79c9e80 --- /dev/null +++ b/library/X509/Model/Behavior/Ip.php @@ -0,0 +1,39 @@ +<?php + +/* Icinga Web 2 X.509 Module | (c) 2022 Icinga GmbH | GPLv2 */ + +namespace Icinga\Module\X509\Model\Behavior; + +use ipl\Orm\Behavior\Binary; +use ipl\Orm\Contract\PropertyBehavior; + +/** + * Support automatically transformation of human-readable IP addresses into their respective packed + * binary representation and vice versa. + */ +class Ip extends Binary +{ + public function fromDb($value, $key, $_) + { + $value = parent::fromDb($value, $key, $_); + if ($value === null) { + return null; + } + + $ipv4 = ltrim($value, "\0"); + if (strlen($ipv4) === 4) { + $value = $ipv4; + } + + return inet_ntop($value); + } + + public function toDb($value, $key, $_) + { + if ($value === null || $value === '*' || ! ctype_print($value)) { + return $value; + } + + return parent::toDb(str_pad(inet_pton($value), 16, "\0", STR_PAD_LEFT), $key, $_); + } +} |