idcjp/cfmgrv4
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
af72a4f7c3
cfmgrv4/app/Services/Cloudflare/Firewall.php
최준흠 af72a4f7c3 cfmgrv4 init...3
2024-10-19 18:22:08 +09:00

163 lines
7.1 KiB
PHP
Raw Blame History

<?php
namespace App\Services\Cloudflare;
use App\Entities\Cloudflare\FirewallEntity;
use App\Entities\Cloudflare\ZoneEntity;
use App\Models\Cloudflare\AccountModel;
use App\Models\Cloudflare\FirewallModel;
class Firewall extends Cloudflare
{
private ?ZoneEntity $_parent_entity = null;
private ?FirewallModel $_model = null;
private ?AccountModel $_accountModel = null;
public function __construct(ZoneEntity $zone_entity)
{
$this->_parent_entity = $zone_entity;
$account_entity = $this->getAccountModel()->getEntityByPK($this->getParentEntity()->getParent());
if ($account_entity === null) {
throw new \Exception("해당 계정정보를 찾을수 없습니다.");
}
$auth_entity = $this->getAuthModel()->getEntityByPK($account_entity->getParent());
if ($auth_entity === null) {
throw new \Exception("해당 계정정보를 찾을수 없습니다.");
}
parent::__construct($auth_entity);
}
protected function getParentEntity(): ZoneEntity
{
if ($this->_parent_entity === null) {
throw new \Exception(__FUNCTION__ . "에서 부모정보가 없습니다.");
}
return $this->_parent_entity;
}
protected function getModel(): FirewallModel
{
if ($this->_model === null) {
$this->_model = new FirewallModel();
}
return $this->_model;
}
protected function getAccountModel(): AccountModel
{
if ($this->_accountModel === null) {
$this->_accountModel = new AccountModel();
}
return $this->_accountModel;
}
protected function getArrayByResult(\stdClass $result, array $formDatas = []): array
{
// log_message("debug", var_export($result, true));
$formDatas[FirewallModel::PK] = $result->id;
$formDatas[FirewallModel::PARENT] = $result->zone_id;
$formDatas[FirewallModel::TITLE] = $result->name;
$formDatas['action'] = $result->action;
$formDatas['description'] = $result->description;
$formDatas['priority'] = (int) $result->priority;
$formDatas['filter_id'] = $result->filter->id;
$formDatas['filter_expression'] = $result->filter->expression;
$formDatas['filter_paused'] = isset($result->filter->paused) && $result->filter->paused ? "off" : "on";
$formDatas['updated_at'] = date("Y-m-d H:i:s");
$formDatas['created_at'] = $result->created_on;
// log_message("debug", print_r($formDatas, true));
return $formDatas;
}
public function create(string $mode, string $description, string $expression, string $paused, string $ref = "FIL-100"): FirewallEntity
{
//Socket용
//호스트생성을 위해 Cloudflare에 전송
$datas = [
'action' => [
'mode' => $mode,
'response' => [
'body' => "<error>This request has been rate-limited.</error>",
'content_type' => 'text/xml',
],
'timeout' => 86400,
],
'filter' => [
'description' => $description,
'expression' => $expression,
'paused' => $paused === 'on' ? true : false,
"ref" => $ref
]
];
$response = $this->getMySocket()->post("zones/{$this->getParentEntity()->getPK()}/firewall/rules", $datas);
$body = json_decode($response->getBody());
//DB생성
return $this->getModel()->create($this->getArrayByResult($body->result));
}
public function modify(FirewallEntity $entity, array $formDatas): FirewallEntity
{
//TTL값은 CDN(proxied)가 사용함일때는 무조건 1, 않함일때는 120이 적용
$datas = [
'action' => [
'mode' => $formDatas['mode'],
'response' => [
'body' => "<error>This request has been rate-limited.</error>",
'content_type' => 'text/xml',
],
'timeout' => 86400,
],
'filter' => [
'description' => $formDatas['description'],
'expression' => $formDatas['expression'],
'paused' => $formDatas['paused'] === 'on' ? true : false,
"ref" => $formDatas['ref']
]
];
// 인코딩된 JSON을 확인
// throw new \Exception("Firewall:" . __FUNCTION__ . "\n" . json_encode($datas, JSON_PRETTY_PRINT) . "\n" . var_export($datas, true));
$response = $this->getMySocket()->put("zones/{$this->getParentEntity()->getPK()}/firewall/rules/{$entity->getPK()}", $datas);
$body = json_decode($response->getBody());
// DB 수정
return $this->getModel()->modify($entity, $this->getArrayByResult($body->result));
}
public function delete(FirewallEntity $entity): FirewallEntity
{
$this->getMySocket()->delete("zones/{$this->getParentEntity()->getPK()}/firewall/rules/{$entity->getPK()}");
//DB삭제
$this->getModel()->delete($entity->getPK());
log_message("debug", $this->getModel()->getLastQuery());
return $entity;
}
public function sync(FirewallEntity $entity): FirewallEntity
{
// 기존 Sync형태
$response = $this->getMySocket()->get("zones/{$this->getParentEntity()->getPK()}/firewall/rules/{$entity->getPK()}");
$body = json_decode($response->getBody());
// DB수정
// log_message("debug", var_export($cf->result, true));
$entity = $this->getModel()->modify($entity, $this->getArrayByResult($body->result));
return $entity;
}
//Reload
public function reload(): array
{
log_message("notice", "\n-----------Zone {$this->getParentEntity()->getTitle()}의 Firewall 처리 시작-----------");
$entitys = [];
try {
$results_array = $this->reload_procedure("zones/{$this->getParentEntity()->getPK()}/dns_records");
if (count(value: $results_array) > 0) {
foreach ($results_array as $results) {
foreach ($results as $result) {
$formDatas = $this->getArrayByResult($result);
$entitys[$formDatas[FirewallModel::PK]] = $this->getModel()->modify(new FirewallEntity(), $formDatas);
}
}
//부모키를 기준으로 CF에 존재하지 않는 데이터 DB삭제
$this->getModel()->where(FirewallModel::PARENT, $this->getParentEntity()->getPK());
$this->getModel()->whereNotIn(FirewallModel::PK, array_keys($entitys));
$this->getModel()->delete();
log_message("debug", $this->getModel()->getLastQuery());
}
} catch (\Exception $e) {
log_message("error", $e->getMessage());
throw new \Exception($e->getMessage());
}
log_message("notice", "\n-----------Zone {$this->getParentEntity()->getTitle()}의 Firewall처리[" . count($entitys) . "개] 완료-----------");
return $entitys;
}
}
Reference in New Issue View Git Blame Copy Permalink