Sweetapple_Adminlockdownbyip

Version Notes

Supports Magento CE 1.7.0, 1.7.1 and 1.7.2.

Release Info

Developer	Sweet-Apple
Extension	Sweetapple_Adminlockdownbyip
Version	1.0.0
Comparing to
See all releases

Version 1.0.0

Files changed (6) hide show

app/code/local/Sweetapple/Adminlockdownbyip/Helper/Data.php +17 -0
app/code/local/Sweetapple/Adminlockdownbyip/Model/Admin/Observer.php +112 -0
app/code/local/Sweetapple/Adminlockdownbyip/etc/config.xml +72 -0
app/code/local/Sweetapple/Adminlockdownbyip/etc/system.xml +68 -0
app/etc/modules/Sweetapple_Adminlockdownbyip.xml +9 -0
package.xml +29 -0

app/code/local/Sweetapple/Adminlockdownbyip/Helper/Data.php ADDED Viewed

	@@ -0,0 +1,17 @@


1	+ <?php
2	+ /**
3	+ * Sweetapple_Adminlockdownbyip
4	+ *
5	+ * This module was developed by Sweet-Apple. If you require any
6	+ * support or have any questions please contact us at info@sweet-apple.co.uk.
7	+ *
8	+ * @category Sweetapple
9	+ * @package Sweetapple_Adminlockdownbyip
10	+ * @author Clive Sweeting, Sweet-Apple <info@sweet-apple.co.uk>
11	+ * @copyright Copyright (c) 2013 Sweet-Apple (http://www.sweet-apple.co.uk)
12	+ * @license OSL v3.0
13	+ */
14	+
15	+ class Sweetapple_Adminlockdownbyip_Helper_Data extends Mage_Core_Helper_Abstract {
16	+
17	+ }

app/code/local/Sweetapple/Adminlockdownbyip/Model/Admin/Observer.php ADDED Viewed

	@@ -0,0 +1,112 @@


1	+ <?php
2	+ /**
3	+ * Sweetapple_Adminlockdownbyip
4	+ *
5	+ * This module was developed by Sweet-Apple. If you require any
6	+ * support or have any questions please contact us at info@sweet-apple.co.uk.
7	+ *
8	+ * @category Sweetapple
9	+ * @package Sweetapple_Adminlockdownbyip
10	+ * @author Clive Sweeting, Sweet-Apple <info@sweet-apple.co.uk>
11	+ * @copyright Copyright (c) 2013 Sweet-Apple (http://www.sweet-apple.co.uk)
12	+ * @license OSL v3.0
13	+ */
14	+
15	+ /**
16	+ * Admin observer model
17	+ *
18	+ * @category Mage
19	+ * @package Mage_Admin
20	+ * @author Magento Core Team <core@magentocommerce.com>
21	+ */
22	+ class Sweetapple_Adminlockdownbyip_Model_Admin_Observer extends Mage_Admin_Model_Observer
23	+ {
24	+ const FLAG_NO_LOGIN = 'no-login';
25	+
26	+ const XML_IP_LOCKDOWN_ACTIVE = 'sweetapple_admin_ip_lockdown/iplockdown/status';
27	+
28	+ const XML_IP_LOCKDOWN_ADDRESSES = 'sweetapple_admin_ip_lockdown/iplockdown/ipaddresses';
29	+
30	+ /**
31	+ * Handler for controller_action_predispatch event
32	+ *
33	+ * @param Varien_Event_Observer $observer
34	+ * @return boolean
35	+ */
36	+ public function actionPreDispatchAdmin($observer)
37	+ {
38	+
39	+ //Admin Login Lockdown
40	+ $this->_validateIPAddress();
41	+
42	+ $session = Mage::getSingleton('admin/session');
43	+ /** @var $session Mage_Admin_Model_Session */
44	+ $request = Mage::app()->getRequest();
45	+ $user = $session->getUser();
46	+
47	+ $requestedActionName = $request->getActionName();
48	+ $openActions = array(
49	+ 'forgotpassword',
50	+ 'resetpassword',
51	+ 'resetpasswordpost',
52	+ 'logout',
53	+ 'refresh' // captcha refresh
54	+ );
55	+ if (in_array($requestedActionName, $openActions)) {
56	+ $request->setDispatched(true);
57	+ } else {
58	+ if($user) {
59	+ $user->reload();
60	+ }
61	+ if (!$user \|\| !$user->getId()) {
62	+ if ($request->getPost('login')) {
63	+ $postLogin = $request->getPost('login');
64	+ $username = isset($postLogin['username']) ? $postLogin['username'] : '';
65	+ $password = isset($postLogin['password']) ? $postLogin['password'] : '';
66	+ $session->login($username, $password, $request);
67	+ $request->setPost('login', null);
68	+ }
69	+ if (!$request->getParam('forwarded')) {
70	+ if ($request->getParam('isIframe')) {
71	+ $request->setParam('forwarded', true)
72	+ ->setControllerName('index')
73	+ ->setActionName('deniedIframe')
74	+ ->setDispatched(false);
75	+ } elseif($request->getParam('isAjax')) {
76	+ $request->setParam('forwarded', true)
77	+ ->setControllerName('index')
78	+ ->setActionName('deniedJson')
79	+ ->setDispatched(false);
80	+ } else {
81	+ $request->setParam('forwarded', true)
82	+ ->setRouteName('adminhtml')
83	+ ->setControllerName('index')
84	+ ->setActionName('login')
85	+ ->setDispatched(false);
86	+ }
87	+ return false;
88	+ }
89	+ }
90	+ }
91	+
92	+ $session->refreshAcl();
93	+ }
94	+
95	+
96	+ private function _validateIPAddress()
97	+ {
98	+ $active = Mage::getStoreConfig(self::XML_IP_LOCKDOWN_ACTIVE);
99	+ if($active){
100	+ //Kill any requests not from whilelisted IPs
101	+ $ipAddress = $_SERVER['REMOTE_ADDR'];
102	+ $allowedIPAddresses = explode(',',Mage::getStoreConfig(self::XML_IP_LOCKDOWN_ADDRESSES) );
103	+ $allowedIPAddresses = array_map('trim', $allowedIPAddresses);
104	+ if( !in_array($ipAddress, $allowedIPAddresses)){
105	+ print "Access Denied";
106	+ exit;
107	+ }
108	+ }
109	+ return true;
110	+ }
111	+
112	+ }

app/code/local/Sweetapple/Adminlockdownbyip/etc/config.xml ADDED Viewed

	@@ -0,0 +1,72 @@


1	+ <?xml version="1.0"?>
2	+ <!--
3	+ /**
4	+ * Sweetapple_Adminlockdownbyip
5	+ *
6	+ * This module was developed by Sweet-Apple. If you require any
7	+ * support or have any questions please contact us at info@sweet-apple.co.uk.
8	+ *
9	+ * @category Sweetapple
10	+ * @package Sweetapple_Adminlockdownbyip
11	+ * @author Clive Sweeting, Sweet-Apple <info@sweet-apple.co.uk>
12	+ * @copyright Copyright (c) 2013 Sweet-Apple (http://www.sweet-apple.co.uk)
13	+ * @license OSL v3.0
14	+ */
15	+ -->
16	+ <config>
17	+ <modules>
18	+ <Sweetapple_Adminlockdownbyip>
19	+ <version>0.1.0</version>
20	+ </Sweetapple_Adminlockdownbyip>
21	+ </modules>
22	+ <global>
23	+ <models>
24	+ <sweetapple_adminlockdownbyip>
25	+ <class>Sweetapple_Adminlockdownbyip_Model</class>
26	+ </sweetapple_adminlockdownbyip>
27	+ <admin>
28	+ <rewrite>
29	+ <observer>Sweetapple_Adminlockdownbyip_Model_Admin_Observer</observer>
30	+ </rewrite>
31	+ </admin>
32	+ </models>
33	+ <blocks>
34	+ <sweetapple_adminlockdownbyip>
35	+ <class>Sweetapple_Adminlockdownbyip_Block</class>
36	+ </sweetapple_adminlockdownbyip>
37	+ </blocks>
38	+ <helpers>
39	+ <sweetapple_adminlockdownbyip>
40	+ <class>Sweetapple_Adminlockdownbyip_Helper</class>
41	+ </sweetapple_adminlockdownbyip>
42	+ </helpers>
43	+ <resources>
44	+ <sweetapple_adminlockdownbyip_setup>
45	+ <setup>
46	+ <module>Sweetapple_Adminlockdownbyip</module>
47	+ </setup>
48	+ </sweetapple_adminlockdownbyip_setup>
49	+ </resources>
50	+ </global>
51	+ <adminhtml>
52	+ <acl>
53	+ <resources>
54	+ <admin>
55	+ <children>
56	+ <system>
57	+ <children>
58	+ <config>
59	+ <children>
60	+ <sweetapple_admin_ip_lockdown>
61	+ <title>Admin IP Address Lockdown</title>
62	+ </sweetapple_admin_ip_lockdown>
63	+ </children>
64	+ </config>
65	+ </children>
66	+ </system>
67	+ </children>
68	+ </admin>
69	+ </resources>
70	+ </acl>
71	+ </adminhtml>
72	+ </config>

app/code/local/Sweetapple/Adminlockdownbyip/etc/system.xml ADDED Viewed

	@@ -0,0 +1,68 @@


1	+ <?xml version="1.0"?>
2	+ <!--
3	+ /**
4	+ * Sweetapple_Adminlockdownbyip
5	+ *
6	+ * This module was developed by Sweet-Apple. If you require any
7	+ * support or have any questions please contact us at info@sweet-apple.co.uk.
8	+ *
9	+ * @category Sweetapple
10	+ * @package Sweetapple_Adminlockdownbyip
11	+ * @author Clive Sweeting, Sweet-Apple <info@sweet-apple.co.uk>
12	+ * @copyright Copyright (c) 2013 Sweet-Apple (http://www.sweet-apple.co.uk)
13	+ * @license OSL v3.0
14	+ */
15	+ -->
16	+ <config>
17	+ <tabs>
18	+ <sweetapple translate="label">
19	+ <label>Sweet-Apple</label>
20	+ <sort_order>999999</sort_order>
21	+ </sweetapple>
22	+ </tabs>
23	+ <sections>
24	+ <sweetapple_admin_ip_lockdown translate="label" module="sweetapple_adminlockdownbyip">
25	+ <label>Admin IP Address Restriction</label>
26	+ <tab>sweetapple</tab>
27	+ <frontend_type>text</frontend_type>
28	+ <sort_order>1</sort_order>
29	+ <show_in_default>1</show_in_default>
30	+ <groups>
31	+
32	+ <iplockdown translate="label">
33	+ <label>IP Address Restriction</label>
34	+ <comment>
35	+ <![CDATA[
36	+ <div style="padding:10px;background-color:#fff;border:1px solid #ddd;margin-bottom:7px;">
37	+ By changing the IP addresses listed you restrict the ability to even see the Admin pages of a Magento website. Use with care or you may lock yourself out of your own website!!!<br /><br />
38	+ If you lock yourself out of the admin area by failing to add your own IP address, there are <strong>instructions and a reset script available <a href="http://www.sweet-apple.co.uk/magento/extensions/adminiplockdown/ipaddresslockdownreset.zip">here</a></strong> (or just delete the key 'sweetapple_admin_ip_lockdown/iplockdown/status' from the 'core_config_data' table.<br /><br />
39	+ Still having trouble? <strong>Email <a href="mailto:info@sweet-apple.co.uk">info@sweet-apple.co.uk</a> for paid support.</strong>
40	+ </div>
41	+ ]]>
42	+ </comment>
43	+ <frontend_type>text</frontend_type>
44	+ <sort_order>1</sort_order>
45	+ <show_in_default>1</show_in_default>
46	+ <show_in_website>1</show_in_website>
47	+ <fields>
48	+ <status translate="label">
49	+ <label>Enabled</label>
50	+ <comment><![CDATA[Turn the Admin IP lockdown On or Off]]></comment>
51	+ <frontend_type>select</frontend_type>
52	+ <source_model>adminhtml/system_config_source_yesno</source_model>
53	+ <sort_order>10</sort_order>
54	+ <show_in_default>1</show_in_default>
55	+ </status>
56	+ <ipaddresses translate="label">
57	+ <label>Allowed IP Addresses</label>
58	+ <comment><![CDATA[Enter IP Addresses of networks allowed to access the store Admin interface, separated by commas.]]></comment>
59	+ <frontend_type>text</frontend_type>
60	+ <sort_order>20</sort_order>
61	+ <show_in_default>1</show_in_default>
62	+ </ipaddresses>
63	+ </fields>
64	+ </iplockdown>
65	+ </groups>
66	+ </sweetapple_admin_ip_lockdown>
67	+ </sections>
68	+ </config>

app/etc/modules/Sweetapple_Adminlockdownbyip.xml ADDED Viewed

	@@ -0,0 +1,9 @@


1	+ <?xml version="1.0"?>
2	+ <config>
3	+ <modules>
4	+ <Sweetapple_Adminlockdownbyip>
5	+ <active>true</active>
6	+ <codePool>local</codePool>
7	+ </Sweetapple_Adminlockdownbyip>
8	+ </modules>
9	+ </config>

package.xml ADDED Viewed

	@@ -0,0 +1,29 @@


1	+ <?xml version="1.0"?>
2	+ <package>
3	+ <name>Sweetapple_Adminlockdownbyip</name>
4	+ <version>1.0.0</version>
5	+ <stability>stable</stability>
6	+ <license uri="http://opensource.org/licenses/OSL-3.0">OSL v3.0</license>
7	+ <channel>community</channel>
8	+ <extends/>
9	+ <summary>Enables store administrators to restrict access to the Magento Admin backend to one or more IP Addresses.</summary>
10	+ <description><p>Easily restrict access to your Magento Administration backend just by adding a comma delimited list of IP addresses in <strong>System->Configration->Sweet-Apple->Admin IP Address Restriction</strong>.</p>
11	+
12	+ <p>The restriction can be toggled on and off at will.</p>
13	+
14	+ Please note:
15	+ <ol>
16	+ <li>Use this extension with care if you do not have a static address on your internet connection.<br /><br /></li>
17	+ <li>This extension overrides Mage_Admin_Model_Observer::actionPreDispatchAdmin method and hence should only be used with Magento 1.7.0, 1.7.1 and 1.7.2. It's easy to adapt for earlier versions should you wish by editing the corresponding Mage_Admin_Model_Observer for your installed Magento version.<br /><br /></li>
18	+ <li>If you lock yourself out of the admin area by failing to add your own IP address, there are <strong>instructions and a reset script available <a href="http://www.sweet-apple.co.uk/magento/extensions/adminiplockdown/ipaddresslockdownreset.zip">here</a></strong> (or just delete the key 'sweetapple_admin_ip_lockdown/iplockdown/status' from the 'core_config_data' table.<br /><br /></li>
19	+ <li>Still having trouble? <strong>Email <a href="mailto:info@sweet-apple.co.uk">info@sweet-apple.co.uk</a> for paid support.</strong>
20	+ </li>
21	+ </ol></description>
22	+ <notes>Supports Magento CE 1.7.0, 1.7.1 and 1.7.2.</notes>
23	+ <authors><author><name>Sweet-Apple</name><user>Sweet-Apple</user><email>info@sweet-apple.co.uk</email></author></authors>
24	+ <date>2013-03-09</date>
25	+ <time>15:02:38</time>
26	+ <contents><target name="magelocal"><dir name="Sweetapple"><dir name="Adminlockdownbyip"><dir name="Helper"><file name="Data.php" hash="d23d92dd02c8b7c470d2ae08b04d65b3"/></dir><dir name="Model"><dir name="Admin"><file name="Observer.php" hash="126b1777e237de3acebdd86a6c4270f4"/></dir></dir><dir name="etc"><file name="config.xml" hash="a50c1ebf4027b79d9bf03a38e237dc18"/><file name="system.xml" hash="9b1e6f69197ba1aa3371a2ad9159d695"/></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="Sweetapple_Adminlockdownbyip.xml" hash="ca2a62042354fc4b0f2fbbb156534beb"/></dir></target></contents>
27	+ <compatible/>
28	+ <dependencies><required><php><min>5.3.0</min><max>6.0.0</max></php></required></dependencies>
29	+ </package>

Sweetapple_Adminlockdownbyip - Version 1.0.0

Version Notes

Release Info

Version 1.0.0