Sweetapple_Adminlockdownbyip - Version 1.0.0

Version Notes

Supports Magento CE 1.7.0, 1.7.1 and 1.7.2.

Download this release

Release Info

Developer Sweet-Apple
Extension Sweetapple_Adminlockdownbyip
Version 1.0.0
Comparing to
See all releases


Version 1.0.0

app/code/local/Sweetapple/Adminlockdownbyip/Helper/Data.php ADDED
@@ -0,0 +1,17 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * Sweetapple_Adminlockdownbyip
4
+ *
5
+ * This module was developed by Sweet-Apple. If you require any
6
+ * support or have any questions please contact us at info@sweet-apple.co.uk.
7
+ *
8
+ * @category Sweetapple
9
+ * @package Sweetapple_Adminlockdownbyip
10
+ * @author Clive Sweeting, Sweet-Apple <info@sweet-apple.co.uk>
11
+ * @copyright Copyright (c) 2013 Sweet-Apple (http://www.sweet-apple.co.uk)
12
+ * @license OSL v3.0
13
+ */
14
+
15
+ class Sweetapple_Adminlockdownbyip_Helper_Data extends Mage_Core_Helper_Abstract {
16
+
17
+ }
app/code/local/Sweetapple/Adminlockdownbyip/Model/Admin/Observer.php ADDED
@@ -0,0 +1,112 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * Sweetapple_Adminlockdownbyip
4
+ *
5
+ * This module was developed by Sweet-Apple. If you require any
6
+ * support or have any questions please contact us at info@sweet-apple.co.uk.
7
+ *
8
+ * @category Sweetapple
9
+ * @package Sweetapple_Adminlockdownbyip
10
+ * @author Clive Sweeting, Sweet-Apple <info@sweet-apple.co.uk>
11
+ * @copyright Copyright (c) 2013 Sweet-Apple (http://www.sweet-apple.co.uk)
12
+ * @license OSL v3.0
13
+ */
14
+
15
+ /**
16
+ * Admin observer model
17
+ *
18
+ * @category Mage
19
+ * @package Mage_Admin
20
+ * @author Magento Core Team <core@magentocommerce.com>
21
+ */
22
+ class Sweetapple_Adminlockdownbyip_Model_Admin_Observer extends Mage_Admin_Model_Observer
23
+ {
24
+ const FLAG_NO_LOGIN = 'no-login';
25
+
26
+ const XML_IP_LOCKDOWN_ACTIVE = 'sweetapple_admin_ip_lockdown/iplockdown/status';
27
+
28
+ const XML_IP_LOCKDOWN_ADDRESSES = 'sweetapple_admin_ip_lockdown/iplockdown/ipaddresses';
29
+
30
+ /**
31
+ * Handler for controller_action_predispatch event
32
+ *
33
+ * @param Varien_Event_Observer $observer
34
+ * @return boolean
35
+ */
36
+ public function actionPreDispatchAdmin($observer)
37
+ {
38
+
39
+ //Admin Login Lockdown
40
+ $this->_validateIPAddress();
41
+
42
+ $session = Mage::getSingleton('admin/session');
43
+ /** @var $session Mage_Admin_Model_Session */
44
+ $request = Mage::app()->getRequest();
45
+ $user = $session->getUser();
46
+
47
+ $requestedActionName = $request->getActionName();
48
+ $openActions = array(
49
+ 'forgotpassword',
50
+ 'resetpassword',
51
+ 'resetpasswordpost',
52
+ 'logout',
53
+ 'refresh' // captcha refresh
54
+ );
55
+ if (in_array($requestedActionName, $openActions)) {
56
+ $request->setDispatched(true);
57
+ } else {
58
+ if($user) {
59
+ $user->reload();
60
+ }
61
+ if (!$user || !$user->getId()) {
62
+ if ($request->getPost('login')) {
63
+ $postLogin = $request->getPost('login');
64
+ $username = isset($postLogin['username']) ? $postLogin['username'] : '';
65
+ $password = isset($postLogin['password']) ? $postLogin['password'] : '';
66
+ $session->login($username, $password, $request);
67
+ $request->setPost('login', null);
68
+ }
69
+ if (!$request->getParam('forwarded')) {
70
+ if ($request->getParam('isIframe')) {
71
+ $request->setParam('forwarded', true)
72
+ ->setControllerName('index')
73
+ ->setActionName('deniedIframe')
74
+ ->setDispatched(false);
75
+ } elseif($request->getParam('isAjax')) {
76
+ $request->setParam('forwarded', true)
77
+ ->setControllerName('index')
78
+ ->setActionName('deniedJson')
79
+ ->setDispatched(false);
80
+ } else {
81
+ $request->setParam('forwarded', true)
82
+ ->setRouteName('adminhtml')
83
+ ->setControllerName('index')
84
+ ->setActionName('login')
85
+ ->setDispatched(false);
86
+ }
87
+ return false;
88
+ }
89
+ }
90
+ }
91
+
92
+ $session->refreshAcl();
93
+ }
94
+
95
+
96
+ private function _validateIPAddress()
97
+ {
98
+ $active = Mage::getStoreConfig(self::XML_IP_LOCKDOWN_ACTIVE);
99
+ if($active){
100
+ //Kill any requests not from whilelisted IPs
101
+ $ipAddress = $_SERVER['REMOTE_ADDR'];
102
+ $allowedIPAddresses = explode(',',Mage::getStoreConfig(self::XML_IP_LOCKDOWN_ADDRESSES) );
103
+ $allowedIPAddresses = array_map('trim', $allowedIPAddresses);
104
+ if( !in_array($ipAddress, $allowedIPAddresses)){
105
+ print "Access Denied";
106
+ exit;
107
+ }
108
+ }
109
+ return true;
110
+ }
111
+
112
+ }
app/code/local/Sweetapple/Adminlockdownbyip/etc/config.xml ADDED
@@ -0,0 +1,72 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <!--
3
+ /**
4
+ * Sweetapple_Adminlockdownbyip
5
+ *
6
+ * This module was developed by Sweet-Apple. If you require any
7
+ * support or have any questions please contact us at info@sweet-apple.co.uk.
8
+ *
9
+ * @category Sweetapple
10
+ * @package Sweetapple_Adminlockdownbyip
11
+ * @author Clive Sweeting, Sweet-Apple <info@sweet-apple.co.uk>
12
+ * @copyright Copyright (c) 2013 Sweet-Apple (http://www.sweet-apple.co.uk)
13
+ * @license OSL v3.0
14
+ */
15
+ -->
16
+ <config>
17
+ <modules>
18
+ <Sweetapple_Adminlockdownbyip>
19
+ <version>0.1.0</version>
20
+ </Sweetapple_Adminlockdownbyip>
21
+ </modules>
22
+ <global>
23
+ <models>
24
+ <sweetapple_adminlockdownbyip>
25
+ <class>Sweetapple_Adminlockdownbyip_Model</class>
26
+ </sweetapple_adminlockdownbyip>
27
+ <admin>
28
+ <rewrite>
29
+ <observer>Sweetapple_Adminlockdownbyip_Model_Admin_Observer</observer>
30
+ </rewrite>
31
+ </admin>
32
+ </models>
33
+ <blocks>
34
+ <sweetapple_adminlockdownbyip>
35
+ <class>Sweetapple_Adminlockdownbyip_Block</class>
36
+ </sweetapple_adminlockdownbyip>
37
+ </blocks>
38
+ <helpers>
39
+ <sweetapple_adminlockdownbyip>
40
+ <class>Sweetapple_Adminlockdownbyip_Helper</class>
41
+ </sweetapple_adminlockdownbyip>
42
+ </helpers>
43
+ <resources>
44
+ <sweetapple_adminlockdownbyip_setup>
45
+ <setup>
46
+ <module>Sweetapple_Adminlockdownbyip</module>
47
+ </setup>
48
+ </sweetapple_adminlockdownbyip_setup>
49
+ </resources>
50
+ </global>
51
+ <adminhtml>
52
+ <acl>
53
+ <resources>
54
+ <admin>
55
+ <children>
56
+ <system>
57
+ <children>
58
+ <config>
59
+ <children>
60
+ <sweetapple_admin_ip_lockdown>
61
+ <title>Admin IP Address Lockdown</title>
62
+ </sweetapple_admin_ip_lockdown>
63
+ </children>
64
+ </config>
65
+ </children>
66
+ </system>
67
+ </children>
68
+ </admin>
69
+ </resources>
70
+ </acl>
71
+ </adminhtml>
72
+ </config>
app/code/local/Sweetapple/Adminlockdownbyip/etc/system.xml ADDED
@@ -0,0 +1,68 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <!--
3
+ /**
4
+ * Sweetapple_Adminlockdownbyip
5
+ *
6
+ * This module was developed by Sweet-Apple. If you require any
7
+ * support or have any questions please contact us at info@sweet-apple.co.uk.
8
+ *
9
+ * @category Sweetapple
10
+ * @package Sweetapple_Adminlockdownbyip
11
+ * @author Clive Sweeting, Sweet-Apple <info@sweet-apple.co.uk>
12
+ * @copyright Copyright (c) 2013 Sweet-Apple (http://www.sweet-apple.co.uk)
13
+ * @license OSL v3.0
14
+ */
15
+ -->
16
+ <config>
17
+ <tabs>
18
+ <sweetapple translate="label">
19
+ <label>Sweet-Apple</label>
20
+ <sort_order>999999</sort_order>
21
+ </sweetapple>
22
+ </tabs>
23
+ <sections>
24
+ <sweetapple_admin_ip_lockdown translate="label" module="sweetapple_adminlockdownbyip">
25
+ <label>Admin IP Address Restriction</label>
26
+ <tab>sweetapple</tab>
27
+ <frontend_type>text</frontend_type>
28
+ <sort_order>1</sort_order>
29
+ <show_in_default>1</show_in_default>
30
+ <groups>
31
+
32
+ <iplockdown translate="label">
33
+ <label>IP Address Restriction</label>
34
+ <comment>
35
+ <![CDATA[
36
+ <div style="padding:10px;background-color:#fff;border:1px solid #ddd;margin-bottom:7px;">
37
+ By changing the IP addresses listed you restrict the ability to even see the Admin pages of a Magento website. Use with care or you may lock yourself out of your own website!!!<br /><br />
38
+ If you lock yourself out of the admin area by failing to add your own IP address, there are <strong>instructions and a reset script available <a href="http://www.sweet-apple.co.uk/magento/extensions/adminiplockdown/ipaddresslockdownreset.zip">here</a></strong> (or just delete the key 'sweetapple_admin_ip_lockdown/iplockdown/status' from the 'core_config_data' table.<br /><br />
39
+ Still having trouble? <strong>Email <a href="mailto:info@sweet-apple.co.uk">info@sweet-apple.co.uk</a> for paid support.</strong>
40
+ </div>
41
+ ]]>
42
+ </comment>
43
+ <frontend_type>text</frontend_type>
44
+ <sort_order>1</sort_order>
45
+ <show_in_default>1</show_in_default>
46
+ <show_in_website>1</show_in_website>
47
+ <fields>
48
+ <status translate="label">
49
+ <label>Enabled</label>
50
+ <comment><![CDATA[Turn the Admin IP lockdown On or Off]]></comment>
51
+ <frontend_type>select</frontend_type>
52
+ <source_model>adminhtml/system_config_source_yesno</source_model>
53
+ <sort_order>10</sort_order>
54
+ <show_in_default>1</show_in_default>
55
+ </status>
56
+ <ipaddresses translate="label">
57
+ <label>Allowed IP Addresses</label>
58
+ <comment><![CDATA[Enter IP Addresses of networks allowed to access the store Admin interface, separated by commas.]]></comment>
59
+ <frontend_type>text</frontend_type>
60
+ <sort_order>20</sort_order>
61
+ <show_in_default>1</show_in_default>
62
+ </ipaddresses>
63
+ </fields>
64
+ </iplockdown>
65
+ </groups>
66
+ </sweetapple_admin_ip_lockdown>
67
+ </sections>
68
+ </config>
app/etc/modules/Sweetapple_Adminlockdownbyip.xml ADDED
@@ -0,0 +1,9 @@
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <config>
3
+ <modules>
4
+ <Sweetapple_Adminlockdownbyip>
5
+ <active>true</active>
6
+ <codePool>local</codePool>
7
+ </Sweetapple_Adminlockdownbyip>
8
+ </modules>
9
+ </config>
package.xml ADDED
@@ -0,0 +1,29 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <package>
3
+ <name>Sweetapple_Adminlockdownbyip</name>
4
+ <version>1.0.0</version>
5
+ <stability>stable</stability>
6
+ <license uri="http://opensource.org/licenses/OSL-3.0">OSL v3.0</license>
7
+ <channel>community</channel>
8
+ <extends/>
9
+ <summary>Enables store administrators to restrict access to the Magento Admin backend to one or more IP Addresses.</summary>
10
+ <description>&lt;p&gt;Easily restrict access to your Magento Administration backend just by adding a comma delimited list of IP addresses in &lt;strong&gt;System-&gt;Configration-&gt;Sweet-Apple-&gt;Admin IP Address Restriction&lt;/strong&gt;.&lt;/p&gt;&#xD;
11
+ &#xD;
12
+ &lt;p&gt;The restriction can be toggled on and off at will.&lt;/p&gt;&#xD;
13
+ &#xD;
14
+ Please note:&#xD;
15
+ &lt;ol&gt;&#xD;
16
+ &lt;li&gt;Use this extension with care if you do not have a static address on your internet connection.&lt;br /&gt;&lt;br /&gt;&lt;/li&gt;&#xD;
17
+ &lt;li&gt;This extension overrides Mage_Admin_Model_Observer::actionPreDispatchAdmin method and hence should only be used with Magento 1.7.0, 1.7.1 and 1.7.2. It's easy to adapt for earlier versions should you wish by editing the corresponding Mage_Admin_Model_Observer for your installed Magento version.&lt;br /&gt;&lt;br /&gt;&lt;/li&gt;&#xD;
18
+ &lt;li&gt;If you lock yourself out of the admin area by failing to add your own IP address, there are &lt;strong&gt;instructions and a reset script available &lt;a href="http://www.sweet-apple.co.uk/magento/extensions/adminiplockdown/ipaddresslockdownreset.zip"&gt;here&lt;/a&gt;&lt;/strong&gt; (or just delete the key 'sweetapple_admin_ip_lockdown/iplockdown/status' from the 'core_config_data' table.&lt;br /&gt;&lt;br /&gt;&lt;/li&gt;&#xD;
19
+ &lt;li&gt;Still having trouble? &lt;strong&gt;Email &lt;a href="mailto:info@sweet-apple.co.uk"&gt;info@sweet-apple.co.uk&lt;/a&gt; for paid support.&lt;/strong&gt;&#xD;
20
+ &lt;/li&gt;&#xD;
21
+ &lt;/ol&gt;</description>
22
+ <notes>Supports Magento CE 1.7.0, 1.7.1 and 1.7.2.</notes>
23
+ <authors><author><name>Sweet-Apple</name><user>Sweet-Apple</user><email>info@sweet-apple.co.uk</email></author></authors>
24
+ <date>2013-03-09</date>
25
+ <time>15:02:38</time>
26
+ <contents><target name="magelocal"><dir name="Sweetapple"><dir name="Adminlockdownbyip"><dir name="Helper"><file name="Data.php" hash="d23d92dd02c8b7c470d2ae08b04d65b3"/></dir><dir name="Model"><dir name="Admin"><file name="Observer.php" hash="126b1777e237de3acebdd86a6c4270f4"/></dir></dir><dir name="etc"><file name="config.xml" hash="a50c1ebf4027b79d9bf03a38e237dc18"/><file name="system.xml" hash="9b1e6f69197ba1aa3371a2ad9159d695"/></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="Sweetapple_Adminlockdownbyip.xml" hash="ca2a62042354fc4b0f2fbbb156534beb"/></dir></target></contents>
27
+ <compatible/>
28
+ <dependencies><required><php><min>5.3.0</min><max>6.0.0</max></php></required></dependencies>
29
+ </package>