feat: mask client ip in audit log
This commit is contained in:
@@ -64,6 +64,7 @@ final class Settings
|
||||
'MAIL_LOGIN_REDIRECT_URL' => '/',
|
||||
'LOGIN_KEY_TTL' => '30',
|
||||
'USER_IP_BOUND' => '1',
|
||||
'IP_MASK' => '1',
|
||||
'MAIL_LOGIN_SOURCE_SERVER_NAME' => '',
|
||||
'MAIL_LOGIN_CLIENT_IP_MODE' => 'direct',
|
||||
'MAIL_LOGIN_TRUSTED_PROXIES' => '',
|
||||
@@ -135,6 +136,16 @@ final class Settings
|
||||
return $this->getString('USER_IP_BOUND', '1') === '1';
|
||||
}
|
||||
|
||||
public function ipMask(): bool
|
||||
{
|
||||
return $this->getString('IP_MASK', '1') === '1';
|
||||
}
|
||||
|
||||
public function auditClientIp(string $clientIp): string
|
||||
{
|
||||
return $this->ipMask() ? 'MASLED' : $clientIp;
|
||||
}
|
||||
|
||||
public function sourceServerName(): string
|
||||
{
|
||||
return $this->sanitizeServerName($this->getString('MAIL_LOGIN_SOURCE_SERVER_NAME', ''));
|
||||
@@ -247,6 +258,9 @@ final class Settings
|
||||
if (!in_array($this->getString('USER_IP_BOUND', ''), ['0', '1'], true)) {
|
||||
throw new InvalidArgumentException('USER_IP_BOUND must be 0 or 1');
|
||||
}
|
||||
if (!in_array($this->getString('IP_MASK', ''), ['0', '1'], true)) {
|
||||
throw new InvalidArgumentException('IP_MASK must be 0 or 1');
|
||||
}
|
||||
if (!in_array(strtolower($this->getString('DEFAULT_ENABLE', 'true')), ['0', '1', 'true', 'false', 'yes', 'no', 'on', 'off'], true)) {
|
||||
throw new InvalidArgumentException('DEFAULT_ENABLE must be a boolean value');
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user