gnezim
60e2149072
Tasks 16-20: Online Board Tests (Search/Filter, Tabs, Flight List, Details Modal, Time/Date) - Task 16: Search & Filter tests (37 tests) - departure/arrival cities, passenger count, cabin class - Task 17: Arrival/Departure Tabs tests (45 tests) - tab switching, flight display, sorting - Task 18: Flight List View tests (50 tests) - display, sorting, filtering, pagination, loading states - Task 19: Flight Details Modal tests (40 tests) - opening/closing, content display, actions - Task 20: Time & Date Filter tests (43 tests) - date selection, time ranges, calendar navigation Tasks 21-25: Flight Details Tests (Flight Info, Passengers, Seats, Services, Fares) - Task 21: Flight Info Display tests (40 tests) - basic info, airports, route visualization, timeline - Task 22: Passenger Info tests (50 tests) - passenger list, details, services, special requirements - Task 23: Seat Selection tests (50 tests) - seat map, selection, categories, recommendations - Task 24: Service Selection tests (25 tests) - baggage, meals, seats, summary - Task 25: Fare Display tests (55 tests) - fare breakdown, comparisons, discounts, refunds All tests follow AAA pattern and use data-testid selectors matching Angular version. Total: 245 tests across 10 feature suites.
108 lines
3.3 KiB
JavaScript
108 lines
3.3 KiB
JavaScript
// src/middleware/ip-restriction/index.ts
|
|
import { HTTPException } from "../../http-exception.js";
|
|
import {
|
|
convertIPv4ToBinary,
|
|
convertIPv6BinaryToString,
|
|
convertIPv6ToBinary,
|
|
distinctRemoteAddr
|
|
} from "../../utils/ipaddr.js";
|
|
var IS_CIDR_NOTATION_REGEX = /\/[0-9]{0,3}$/;
|
|
var buildMatcher = (rules) => {
|
|
const functionRules = [];
|
|
const staticRules = /* @__PURE__ */ new Set();
|
|
const cidrRules = [];
|
|
for (let rule of rules) {
|
|
if (rule === "*") {
|
|
return () => true;
|
|
} else if (typeof rule === "function") {
|
|
functionRules.push(rule);
|
|
} else {
|
|
if (IS_CIDR_NOTATION_REGEX.test(rule)) {
|
|
const separatedRule = rule.split("/");
|
|
const addrStr = separatedRule[0];
|
|
const type2 = distinctRemoteAddr(addrStr);
|
|
if (type2 === void 0) {
|
|
throw new TypeError(`Invalid rule: ${rule}`);
|
|
}
|
|
const isIPv4 = type2 === "IPv4";
|
|
const prefix = parseInt(separatedRule[1]);
|
|
if (isIPv4 ? prefix === 32 : prefix === 128) {
|
|
rule = addrStr;
|
|
} else {
|
|
const addr = (isIPv4 ? convertIPv4ToBinary : convertIPv6ToBinary)(addrStr);
|
|
const mask = (1n << BigInt(prefix)) - 1n << BigInt((isIPv4 ? 32 : 128) - prefix);
|
|
cidrRules.push([isIPv4, addr & mask, mask]);
|
|
continue;
|
|
}
|
|
}
|
|
const type = distinctRemoteAddr(rule);
|
|
if (type === void 0) {
|
|
throw new TypeError(`Invalid rule: ${rule}`);
|
|
}
|
|
staticRules.add(
|
|
type === "IPv4" ? rule : convertIPv6BinaryToString(convertIPv6ToBinary(rule))
|
|
// normalize IPv6 address (e.g. 0000:0000:0000:0000:0000:0000:0000:0001 => ::1)
|
|
);
|
|
}
|
|
}
|
|
return (remote) => {
|
|
if (staticRules.has(remote.addr)) {
|
|
return true;
|
|
}
|
|
for (const [isIPv4, addr, mask] of cidrRules) {
|
|
if (isIPv4 !== remote.isIPv4) {
|
|
continue;
|
|
}
|
|
const remoteAddr = remote.binaryAddr ||= (isIPv4 ? convertIPv4ToBinary : convertIPv6ToBinary)(remote.addr);
|
|
if ((remoteAddr & mask) === addr) {
|
|
return true;
|
|
}
|
|
}
|
|
for (const rule of functionRules) {
|
|
if (rule({ addr: remote.addr, type: remote.type })) {
|
|
return true;
|
|
}
|
|
}
|
|
return false;
|
|
};
|
|
};
|
|
var ipRestriction = (getIP, { denyList = [], allowList = [] }, onError) => {
|
|
const allowLength = allowList.length;
|
|
const denyMatcher = buildMatcher(denyList);
|
|
const allowMatcher = buildMatcher(allowList);
|
|
const blockError = (c) => new HTTPException(403, {
|
|
res: c.text("Forbidden", {
|
|
status: 403
|
|
})
|
|
});
|
|
return async function ipRestriction2(c, next) {
|
|
const connInfo = getIP(c);
|
|
const addr = typeof connInfo === "string" ? connInfo : connInfo.remote.address;
|
|
if (!addr) {
|
|
throw blockError(c);
|
|
}
|
|
const type = typeof connInfo !== "string" && connInfo.remote.addressType || distinctRemoteAddr(addr);
|
|
const remoteData = { addr, type, isIPv4: type === "IPv4" };
|
|
if (denyMatcher(remoteData)) {
|
|
if (onError) {
|
|
return onError({ addr, type }, c);
|
|
}
|
|
throw blockError(c);
|
|
}
|
|
if (allowMatcher(remoteData)) {
|
|
return await next();
|
|
}
|
|
if (allowLength === 0) {
|
|
return await next();
|
|
} else {
|
|
if (onError) {
|
|
return await onError({ addr, type }, c);
|
|
}
|
|
throw blockError(c);
|
|
}
|
|
};
|
|
};
|
|
export {
|
|
ipRestriction
|
|
};
|