harry/keystone
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
66f0ee9e50bcf1762048979e1936731e523ea7d1
keystone/app/Models/FirewallRule.php
Harry Bayliss 66f0ee9e50
All checks were successful
CI / Tests (push) Successful in 43s
Details
CI / Lint (push) Successful in 1m3s
Details
Migrate to Gitea, switch JS tooling to oxlint/oxfmt, lift test coverage to 95% 
- Add .gitea/workflows/ci.yml ported from lifeos (lint + tests with coverage gate)
- Set up phpstan (larastan + peststan, baseline at level max)
- Replace eslint/prettier with oxlint/oxfmt; reformat resources/
- Add composer phpstan/coverage/quality scripts; restore --min=95 coverage gate
- Exclude integration plumbing (Saloon Hetzner classes, SSH wrappers, console
  commands, DTOs) from coverage to keep the gate focused on business logic
- Add ~12 new test files covering models, drivers, controllers, jobs, auth
  flows, request validators, and the IP CIDR helper
- Fix Support\Ip::inNetwork PHP 8.4 TypeError in CIDR mask check
- Fix FirewallRule::command comparing the enum-cast type column to a string
- Fix Server::network using the wrong foreign key column
- Remove unreachable code under abort(403) in RegisteredUserController
2026-05-13 16:51:07 +01:00

61 lines
1.3 KiB
PHP
Raw Blame History

<?php
namespace App\Models;
use App\Actions\FirewallRules\InstallFirewallRule;
use App\Enums\FirewallRuleStatus;
use App\Enums\FirewallRuleType;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
class FirewallRule extends Model
{
protected $guarded = [];
public static function boot(): void
{
parent::boot();
static::created(function (self $firewallRule) {
app(InstallFirewallRule::class)->execute($firewallRule);
});
}
protected function casts(): array
{
return [
'status' => FirewallRuleStatus::class,
'type' => FirewallRuleType::class,
];
}
public function server(): BelongsTo
{
return $this->belongsTo(Server::class);
}
public function command(bool $delete = false): string
{
$command = 'ufw';
if ($delete) {
$command .= ' delete';
}
if ($this->type === FirewallRuleType::ALLOW) {
$command .= ' allow';
} elseif ($this->type === FirewallRuleType::DENY) {
$command .= ' deny';
}
if ($this->from) {
$command .= " from {$this->from}";
$command .= ' to any port';
}
$command .= " {$this->ports}";
return $command;
}
}
Reference in New Issue View Git Blame Copy Permalink