Skip to content

Commit

Permalink
Update approach to use a JETPACK_WAF_ENTRYPOINT constant
Browse files Browse the repository at this point in the history
  • Loading branch information
nateweller committed Oct 7, 2024
1 parent d51b780 commit c8ded65
Show file tree
Hide file tree
Showing 7 changed files with 31 additions and 10 deletions.
3 changes: 2 additions & 1 deletion projects/packages/waf/src/class-waf-cli.php
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,7 @@ public function teardown() {
*/
public function generate_rules() {
try {
Waf_Constants::define_entrypoint();
Waf_Rules_Manager::generate_automatic_rules();
Waf_Rules_Manager::generate_rules();
} catch ( \Exception $e ) {
Expand All @@ -159,7 +160,7 @@ public function generate_rules() {
sprintf(
/* translators: %1$s is the name of the mode that was just switched to. */
__( 'Jetpack WAF rules successfully created to: "%1$s".', 'jetpack-waf' ),
Waf_Runner::get_waf_file_path( Waf_Runner::ENTRYPOINT_FILE )
Waf_Runner::get_waf_file_path( JETPACK_WAF_ENTRYPOINT )
)
);
}
Expand Down
10 changes: 10 additions & 0 deletions projects/packages/waf/src/class-waf-constants.php
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ public static function initialize_bootstrap_constants() {
self::define_waf_directory();
self::define_wpconfig_path();
self::define_killswitch();
self::define_entrypoint();
}

/**
Expand Down Expand Up @@ -80,6 +81,15 @@ public static function define_mode() {
}
}

/**
* Set the entrypoint definition if it has not been set.
*/
public static function define_entrypoint() {
if ( ! defined( 'JETPACK_WAF_ENTRYPOINT' ) ) {
define( 'JETPACK_WAF_ENTRYPOINT', 'rules/rules.php' );
}
}

/**
* Set the share data definition if it has not been set.
*
Expand Down
5 changes: 3 additions & 2 deletions projects/packages/waf/src/class-waf-rules-manager.php
Original file line number Diff line number Diff line change
Expand Up @@ -220,17 +220,18 @@ private static function wrap_require( $required_file, $return_code = 'return;' )
public static function generate_rules() {
global $wp_filesystem;
Waf_Runner::initialize_filesystem();
Waf_Constants::define_entrypoint();

$rules = "<?php\n";
$entrypoint_file_path = Waf_Runner::get_waf_file_path( Waf_Runner::ENTRYPOINT_FILE );
$entrypoint_file_path = Waf_Runner::get_waf_file_path( JETPACK_WAF_ENTRYPOINT );

// Ensure that the folder exists
if ( ! $wp_filesystem->is_dir( dirname( $entrypoint_file_path ) ) ) {
$wp_filesystem->mkdir( dirname( $entrypoint_file_path ) );
}

// Ensure all potentially required rule files exist
$rule_files = array( Waf_Runner::ENTRYPOINT_FILE, self::AUTOMATIC_RULES_FILE, self::IP_ALLOW_RULES_FILE, self::IP_BLOCK_RULES_FILE );
$rule_files = array( JETPACK_WAF_ENTRYPOINT, self::AUTOMATIC_RULES_FILE, self::IP_ALLOW_RULES_FILE, self::IP_BLOCK_RULES_FILE );
foreach ( $rule_files as $rule_file ) {
$rule_file = Waf_Runner::get_waf_file_path( $rule_file );
if ( ! $wp_filesystem->is_file( $rule_file ) ) {
Expand Down
9 changes: 5 additions & 4 deletions projects/packages/waf/src/class-waf-runner.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ class Waf_Runner {
const MODE_OPTION_NAME = 'jetpack_waf_mode';
const SHARE_DATA_OPTION_NAME = 'jetpack_waf_share_data';
const SHARE_DEBUG_DATA_OPTION_NAME = 'jetpack_waf_share_debug_data';
const ENTRYPOINT_FILE = '/rules/rules.php';

/**
* Run the WAF
Expand All @@ -32,6 +31,7 @@ public static function initialize() {
return;
}
Waf_Constants::define_mode();
Waf_Constants::define_entrypoint();
Waf_Constants::define_share_data();

if ( ! self::is_allowed_mode( JETPACK_WAF_MODE ) ) {
Expand Down Expand Up @@ -257,7 +257,7 @@ public static function run() {
$waf = new Waf_Runtime( new Waf_Transforms(), new Waf_Operators() );

// execute waf rules.
$rules_file_path = self::get_waf_file_path( self::ENTRYPOINT_FILE );
$rules_file_path = self::get_waf_file_path( JETPACK_WAF_ENTRYPOINT );
if ( file_exists( $rules_file_path ) ) {
// phpcs:ignore
include $rules_file_path;
Expand Down Expand Up @@ -367,14 +367,15 @@ public static function deactivate() {

global $wp_filesystem;
self::initialize_filesystem();
Waf_Constants::define_entrypoint();

// If the rules file doesn't exist, there's nothing else to do.
if ( ! $wp_filesystem->exists( self::get_waf_file_path( self::ENTRYPOINT_FILE ) ) ) {
if ( ! $wp_filesystem->exists( self::get_waf_file_path( JETPACK_WAF_ENTRYPOINT ) ) ) {
return;
}

// Empty the rules entrypoint file.
if ( ! $wp_filesystem->put_contents( self::get_waf_file_path( self::ENTRYPOINT_FILE ), "<?php\n" ) ) {
if ( ! $wp_filesystem->put_contents( self::get_waf_file_path( JETPACK_WAF_ENTRYPOINT ), "<?php\n" ) ) {
throw new File_System_Exception( 'Failed to empty rules.php file.' );
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,7 @@ public function generate() {
. sprintf( "define( 'JETPACK_WAF_SHARE_DEBUG_DATA', %s );\n", var_export( $share_debug_data_option, true ) )
. sprintf( "define( 'JETPACK_WAF_DIR', %s );\n", var_export( JETPACK_WAF_DIR, true ) )
. sprintf( "define( 'JETPACK_WAF_WPCONFIG', %s );\n", var_export( JETPACK_WAF_WPCONFIG, true ) )
. sprintf( "define( 'JETPACK_WAF_ENTRYPOINT', %s );\n", var_export( JETPACK_WAF_ENTRYPOINT, true ) )
. 'require_once ' . var_export( $autoloader_file, true ) . ";\n"
. "Automattic\Jetpack\Waf\Waf_Runner::initialize();\n";
// phpcs:enable
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
*/

use Automattic\Jetpack\Constants;
use Automattic\Jetpack\Waf\Waf_Constants;
use Automattic\Jetpack\Waf\Waf_Initializer;
use Automattic\Jetpack\Waf\Waf_Rules_Manager;
use Automattic\Jetpack\Waf\Waf_Runner;
Expand Down Expand Up @@ -75,6 +76,9 @@ public function return_invalid_filesystem_method() {
* Test WAF activation.
*/
public function testActivation() {
// Ensure the JETPACK_WAF_ENTRYPOINT is defined.
Waf_Constants::define_entrypoint();

// Mock the WPCOM request for retrieving the automatic rules.
add_filter( 'pre_http_request', array( $this, 'return_sample_response' ) );

Expand All @@ -90,7 +94,7 @@ public function testActivation() {
$this->assertSame( false, get_option( Waf_Rules_Manager::AUTOMATIC_RULES_ENABLED_OPTION_NAME ) );

// Ensure the rule files were generated.
$this->assertFileExists( Waf_Runner::get_waf_file_path( Waf_Runner::ENTRYPOINT_FILE ) );
$this->assertFileExists( Waf_Runner::get_waf_file_path( JETPACK_WAF_ENTRYPOINT ) );
$this->assertFileExists( Waf_Runner::get_waf_file_path( Waf_Rules_Manager::AUTOMATIC_RULES_FILE ) );
$this->assertFileExists( Waf_Runner::get_waf_file_path( Waf_Rules_Manager::IP_ALLOW_RULES_FILE ) );
$this->assertFileExists( Waf_Runner::get_waf_file_path( Waf_Rules_Manager::IP_BLOCK_RULES_FILE ) );
Expand All @@ -106,6 +110,9 @@ public function testActivation() {
* Test WAF deactivation.
*/
public function testDeactivation() {
// Ensure the JETPACK_WAF_ENTRYPOINT is defined.
Waf_Constants::define_entrypoint();

$deactivated = Waf_Initializer::on_waf_deactivation();

// Ensure the WAF was deactivated successfully.
Expand All @@ -116,7 +123,7 @@ public function testDeactivation() {
$this->assertSame( false, get_option( Waf_Runner::MODE_OPTION_NAME ) );

// Ensure the rules entrypoint file was emptied.
$this->assertSame( "<?php\n", file_get_contents( Waf_Runner::get_waf_file_path( Waf_Runner::ENTRYPOINT_FILE ) ) );
$this->assertSame( "<?php\n", file_get_contents( Waf_Runner::get_waf_file_path( JETPACK_WAF_ENTRYPOINT ) ) );
}

/**
Expand Down
2 changes: 1 addition & 1 deletion projects/plugins/debug-helper/modules/class-waf-helper.php
Original file line number Diff line number Diff line change
Expand Up @@ -223,7 +223,7 @@ public function render_ui() {
<hr>

<h2>Rules Entrypoint</h2>
<?php $this->render_waf_file( Waf_Runner::ENTRYPOINT_FILE ); ?>
<?php $this->render_waf_file( defined( 'JETPACK_WAF_ENTRYPOINT' ) && JETPACK_WAF_ENTRYPOINT ); ?>

Check failure on line 226 in projects/plugins/debug-helper/modules/class-waf-helper.php

View workflow job for this annotation

GitHub Actions / Static analysis

TypeError PhanTypeMismatchArgument Argument 1 ($file) is (defined('JETPACK_WAF_ENTRYPOINT') && JETPACK_WAF_ENTRYPOINT) of type bool but \Waf_Helper::render_waf_file() takes string defined at modules/class-waf-helper.php:147

<hr>

Expand Down

0 comments on commit c8ded65

Please sign in to comment.