Fixed #47

Author: Rafael Grigorian

src/app/code/JetRails/Cloudflare/Controller/Adminhtml/Api/Firewall/ZoneLockdown/Create.php

@@ -0,0 +1,37 @@
+<?php
+
+	namespace JetRails\Cloudflare\Controller\Adminhtml\Api\Firewall\ZoneLockdown;
+
+	use JetRails\Cloudflare\Controller\Adminhtml\Action;
+
+	/**
+	 * This controller inherits from a generic controller that implements the
+	 * base functionality for interfacing with a getter model. This action
+	 * simply loads the initial value through the Cloudflare API. The rest of
+	 * this class extends on that functionality and adds more endpoints.
+	 * @version     1.2.6
+	 * @package     JetRails® Cloudflare
+	 * @author      Rafael Grigorian <[email protected]>
+	 * @copyright   © 2018 JETRAILS, All rights reserved
+	 * @license     MIT https://opensource.org/licenses/MIT
+	 */
+	class Create extends Action {
+
+		/**
+		 * This method takes in all the information that is necessary for
+		 * creating a page rule through the request parameters. It then asks the
+		 * Cloudflare API model to create said page rule.
+		 * @return  void
+		 */
+		public function execute () {
+			$response = $this->_api->create (
+				$this->_request->getParam ("description"),
+				$this->_request->getParam ("urls"),
+				$this->_request->getParam ("configurations"),
+				$this->_request->getParam ("paused") == "true",
+				$this->_request->getParam ("priority") ? intval ( $this->_request->getParam ("priority") ) : null
+			);
+			return $this->_sendResponse ( $response );
+		}
+
+	}

src/app/code/JetRails/Cloudflare/Controller/Adminhtml/Api/Firewall/ZoneLockdown/Delete.php

@@ -0,0 +1,31 @@
+<?php
+
+	namespace JetRails\Cloudflare\Controller\Adminhtml\Api\Firewall\ZoneLockdown;
+
+	use JetRails\Cloudflare\Controller\Adminhtml\Action;
+
+	/**
+	 * This controller inherits from a generic controller that implements the
+	 * base functionality for interfacing with a getter model. This action
+	 * simply loads the initial value through the Cloudflare API. The rest of
+	 * this class extends on that functionality and adds more endpoints.
+	 * @version     1.2.6
+	 * @package     JetRails® Cloudflare
+	 * @author      Rafael Grigorian <[email protected]>
+	 * @copyright   © 2018 JETRAILS, All rights reserved
+	 * @license     MIT https://opensource.org/licenses/MIT
+	 */
+	class Delete extends Action {
+
+		/**
+		 * This action takes in a page rule id through the request parameters.
+		 * It then asks the Cloudflare API model to delete the page rule with
+		 * the corresponding page rule id.
+		 * @return  void
+		 */
+		public function execute () {
+			$response = $this->_api->delete ( $this->_request->getParam ("id") );
+			return $this->_sendResponse ( $response );
+		}
+
+	}

src/app/code/JetRails/Cloudflare/Controller/Adminhtml/Api/Firewall/ZoneLockdown/Edit.php

@@ -0,0 +1,41 @@
+<?php
+
+	namespace JetRails\Cloudflare\Controller\Adminhtml\Api\Firewall\ZoneLockdown;
+
+	use JetRails\Cloudflare\Controller\Adminhtml\Action;
+
+	/**
+	 * This controller inherits from a generic controller that implements the
+	 * base functionality for interfacing with a getter model. This action
+	 * simply loads the initial value through the Cloudflare API. The rest of
+	 * this class extends on that functionality and adds more endpoints.
+	 * @version     1.2.6
+	 * @package     JetRails® Cloudflare
+	 * @author      Rafael Grigorian <[email protected]>
+	 * @copyright   © 2018 JETRAILS, All rights reserved
+	 * @license     MIT https://opensource.org/licenses/MIT
+	 */
+	class Edit extends Action {
+
+		/**
+		 * This action takes in all the information that is necessary for
+		 * editing a page rule though the request parameters. It then asks the
+		 * Cloudflare API model to update the values of the page rule with the
+		 * corresponding page rule id.
+		 * @return  void
+		 */
+		public function execute () {
+			$response = $this->_api->edit (
+				$this->_request->getParam ("id"),
+				$this->_request->getParam ("description"),
+				$this->_request->getParam ("urls"),
+				$this->_request->getParam ("configurations"),
+				$this->_request->getParam ("paused") == "true",
+				$this->_request->getParam ("priority")
+					? intval ( $this->_request->getParam ("priority") )
+					: null
+			);
+			return $this->_sendResponse ( $response );
+		}
+
+	}

src/app/code/JetRails/Cloudflare/Controller/Adminhtml/Api/Firewall/ZoneLockdown/Index.php

@@ -0,0 +1,18 @@
+<?php
+
+	namespace JetRails\Cloudflare\Controller\Adminhtml\Api\Firewall\ZoneLockdown;
+
+	use JetRails\Cloudflare\Controller\Adminhtml\Getter;
+
+	/**
+	 * This controller inherits from a generic controller that implements the
+	 * base functionality for interfacing with a getter model. This action
+	 * simply loads the initial value through the Cloudflare API. The rest of
+	 * this class extends on that functionality and adds more endpoints.
+	 * @version     1.2.6
+	 * @package     JetRails® Cloudflare
+	 * @author      Rafael Grigorian <[email protected]>
+	 * @copyright   © 2018 JETRAILS, All rights reserved
+	 * @license     MIT https://opensource.org/licenses/MIT
+	 */
+	class Index extends Getter {}

src/app/code/JetRails/Cloudflare/Model/Adminhtml/Api/Firewall/ZoneLockdown.php

@@ -0,0 +1,115 @@
+<?php
+
+	namespace JetRails\Cloudflare\Model\Adminhtml\Api\Firewall;
+
+	use JetRails\Cloudflare\Model\Adminhtml\Api\Getter;
+	use JetRails\Cloudflare\Model\Adminhtml\Api\Request;
+
+	/**
+	 * This model inherits from the basic Getter model. It inherits
+	 * functionality that asks the Cloudflare API for a current setting value.
+	 * It then adds on to that functionality by adding more methods that
+	 * interact with the Cloudflare API.
+	 * @version     1.2.6
+	 * @package     JetRails® Cloudflare
+	 * @author      Rafael Grigorian <[email protected]>
+	 * @copyright   © 2018 JETRAILS, All rights reserved
+	 * @license     MIT https://opensource.org/licenses/MIT
+	 */
+	class ZoneLockdown extends Getter {
+
+		/**
+		 * @var     string      _endpoint             Appended to zone endpoint
+		 * @var     boolean     _usePatchToSet        Use PUT HTTP method
+		 */
+		protected $_endpoint = "firewall/lockdowns";
+		protected $_usePatchToSet = false;
+
+		/**
+		 * This method wraps the parent method because we want to get the value
+		 * that the parent returns and then append the entitlements result to
+		 * it.
+		 * @return  stdClass                          CF response to request
+		 */
+		public function getValue () {
+			$result = (array) parent::getValue ();
+			$result ["entitlements"] = $this->getEntitlements ();
+			return (object) $result;
+		}
+
+		/**
+		 * This method simply contacts the Cloudflare API and asks for a list of
+		 * entitlements. It then only returns the entitlements that are related
+		 * to page rules.
+		 * @return  stdClass                          CF response to request
+		 */
+		public function getEntitlements () {
+			$endpoint = $this->getEndpoint ("entitlements");
+			$this->_requestModel->setType ( Request::REQUEST_GET );
+			$response = $this->_requestModel->resolve ( $endpoint );
+			return current ( array_filter ( $response->result, function ( $i ) {
+				return $i->id === "zonelockdown.max_rules";
+			}));
+		}
+
+		/**
+		 * This method takes in information about a zone lockdown and creates it
+		 * using Cloudflare's API.
+		 * @param   string       desc                 Zone lockdown description
+		 * @param   array        urls                 Array of URLs to use
+		 * @param   array        config               Mixtrure of IPs and IP Ranges
+		 * @param   boolean      paused               Is it paused?
+		 * @param   integer      priority             What is the priority, default: none
+		 * @return  stdClass                          CF response to request
+		 */
+		public function create ( $desc, $urls, $config, $paused, $priority = null ) {
+			$endpoint = $this->getEndpoint ();
+			$this->_requestModel->setType ( Request::REQUEST_POST );
+			$this->_requestModel->setData ( array (
+				"description" => $desc,
+				"urls" => $urls,
+				"configurations" => $config,
+				"paused" => $paused,
+				"priority" => $priority
+			));
+			return $this->_requestModel->resolve ( $endpoint );
+		}
+
+		/**
+		 * This method takes in information about an already created zone
+		 * lockdown and it updates it accordingly.
+		 * using Cloudflare's API.
+		 * @param   string       id                   Page rule ID
+		 * @param   string       desc                 Zone lockdown description
+		 * @param   array        urls                 Array of URLs to use
+		 * @param   array        config               Mixtrure of IPs and IP Ranges
+		 * @param   boolean      paused               Is it paused?
+		 * @param   integer      priority             What is the priority, default: none
+		 * @return  stdClass                          CF response to request
+		 */
+		public function edit ( $id, $desc, $urls, $config, $paused, $priority = null ) {
+			$endpoint = $this->getEndpoint ( $this->_endpoint . "/$id" );
+			$this->_requestModel->setType ( $this->_usePatchToSet ? Request::REQUEST_PATCH : Request::REQUEST_PUT );
+			$this->_requestModel->setData ( array (
+				"description" => $desc,
+				"urls" => $urls,
+				"configurations" => $config,
+				"paused" => $paused,
+				"priority" => $priority
+			));
+			return $this->_requestModel->resolve ( $endpoint );
+		}
+
+		/**
+		 * This method takes in a zone lockdown rule id and it attempts to
+		 * delete it using the Cloudflare API.
+		 * @param   string       id                   Page rule ID
+		 * @return  stdClass                          CF response to request
+		 */
+		public function delete ( $id ) {
+			$endpoint = $this->getEndpoint ( $this->_endpoint . "/$id" );
+			$this->_requestModel->setType ( Request::REQUEST_DELETE );
+			return $this->_requestModel->resolve ( $endpoint );
+		}
+
+	}

src/app/code/JetRails/Cloudflare/etc/acl.xml

@@ -128,6 +128,9 @@
 								<resource
 									id="JetRails_Cloudflare::unmetered_ddos_mitigation"
 									title="Unmetered DDoS Mitigation" />
+								<resource
+									id="JetRails_Cloudflare::zone_lockdown"
+									title="Zone Lockdown" />
 							</resource>
 							<resource
 								id="JetRails_Cloudflare::settings_tab"

src/app/code/JetRails/Cloudflare/view/adminhtml/templates/firewall.phtml

@@ -17,7 +17,8 @@
 			echo $block->renderSections ( "firewall/tools_tab", array (
 				"access_rules",
 				"user_agent_blocking",
-				"unmetered_ddos_mitigation"
+				"unmetered_ddos_mitigation",
+				"zone_lockdown"
 			));
 
 		?>

src/app/code/JetRails/Cloudflare/view/adminhtml/templates/firewall/zone_lockdown.phtml

@@ -0,0 +1,46 @@
+<section
+	class="cloudflare firewall zone_lockdown initialize loading"
+	data-endpoint="<?php echo $block->getApiEndpoint () ?>"
+	data-form-key="<?php echo $block->getFormKey () ?>"
+	data-tab-name="firewall"
+	data-section-name="zone_lockdown" >
+	<div class="row" >
+		<div class="wrapper_left" >
+			<span class="section_title" >Zone Lockdown</span>
+			<p>Lockdown a specific URL on your zone to specific IP addresses. This is useful to protect an admin or protected area from non-specified IP addresses.</p>
+			<p><strong>You have used <span id="rules_used" >0</span> of <span id="rules_total" >0</span> Zone Lockdown Rules</strong></p>
+		</div>
+		<div class="wrapper_right" >
+			<div>
+				<input id="action" class="trigger" type="button" value="Create Lockdown Rule" data-target="create" />
+			</div>
+		</div>
+	</div>
+	<div class="row" >
+		<table class="rules" cellpadding="0" cellspacing="0" >
+			<thead>
+				<tr>
+					<th>Rule Name/Description</th>
+					<th></th>
+				</tr>
+			</thead>
+			<tbody>
+				<tr>
+					<td colspan="2" >You currently have no Zone Lockdown Rules. To create some click on the button above.</td>
+				</tr>
+			</tbody>
+		</table>
+	</div>
+	<div class="lightbox" style="background-image: url(<?php echo $block->getViewFileUrl ('JetRails_Cloudflare/images/loading.svg') ?>)" ></div>
+	<div class="row collapsable" >
+		<div class="wrapper_bottom" >
+			<a data-tab="help" >Help</a>
+		</div>
+		<div data-tab-content="help" >
+			<p>Zone Lockdown allows you to allow specific IP addresses and IP ranges whereby all other IPs are effectively blocked. This is best used to protect an Administrative area of a website to, e.g. an office or VPN.</p>
+			<p>Zone Lockdown supports:<br>Specific sub-domains, allowing you to, for example, allow IP 1.2.3.4 to access domain foo.example.com and allow IP 5.6.7.8 to access domain bar.example.com, but not necessarily allow the vice versa.<br>Specific URLs, allowing you to, for example, allow IP 1.2.3.4 to access directory example.com/foo/<em> and allow IP 5.6.7.8 to access directory example.com/bar/</em>, but not necessarily allow the vice versa.<br>This is useful when you need more granularity in your IP Access Rules since, with the IP Firewall, you can only either apply the block to all sub-domains of the current domain, or all domains on your account, and you can not specify URIs.</p>
+			<p>Advanced Options:<br>In a scenario where you have multiple Zone Lockdown rules, which overlap, you can set a priority to ensure one Zone Lockdown rule is honored over another. For example, if you protected example.com/admin/<em> but also had example.com/admin/api/</em> - and the users to API had a different set of IP allowed IP addresses, then this would keep this area protected.</p>
+			<p>The <em>lower</em> the number, the <em>higher</em> the priority. Higher priority rules take precedence over those with lower priority.</p>
+		</div>
+	</div>
+</section>