-
Notifications
You must be signed in to change notification settings - Fork 415
WIP: New Component: IpAddress #11696
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Draft
phntxx
wants to merge
2
commits into
ILIAS-eLearning:trunk
Choose a base branch
from
urrz-lehre:sheriff/ip-addr2
base: trunk
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+123
−0
Draft
Changes from all commits
Commits
Show all changes
2 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| # IpAddress Privacy | ||
|
|
||
| > **Disclaimer: This documentation does not guarantee completeness or accuracy. Please report any missing or incorrect information via [Pull Request](docs/development/contributing.md#pull-request-to-the-repositories).** | ||
|
|
||
| ### General Information | ||
|
|
||
| IP address definitions themselves provide an interface to store IP address ranges, along with a title and description. | ||
| These IP address definitions then provide additional functionality to check whether an arbitrary IP address is within | ||
| the IP address range(s) defined within an IP address definition. | ||
|
|
||
| An IP address range herein consists of either one or two IP addresses: | ||
| - If a singular IP address is stored, it will be implicitly used for equality checks (i.e. if an arbitrary IP address equates to the stored IP address). | ||
| - If two IP addresses are stored, they will be implicitly used for range checks (i.e. if an arbitrary IP address is within the range outlined by the two stored addresses). | ||
|
|
||
| This may then be used to extend access control mechanisms of other components (e.g. Test & Assessment). | ||
|
|
||
| ### Integrated Services | ||
|
|
||
| - The IpAddress component employs the following services, please consult the respective privacy.mds | ||
|
phntxx marked this conversation as resolved.
|
||
| - [AccessControl](../AccessControl/PRIVACY.md) | ||
| - [Object](../ILIASObject/PRIVACY.md) | ||
|
|
||
| ### Configuration | ||
|
|
||
| - **Global** | ||
| - Enable/Disable IpAddress Permissions for object types (Administration > IP Address Definitions > Settings). | ||
|
|
||
| ## Data being stored | ||
|
|
||
| For an IP address definition, the following information is being stored: | ||
| - Title | ||
| - Description | ||
| - Online status | ||
|
|
||
| IP address ranges are stored in a separate database table and store the following information: | ||
| - `range_id`: Unique identifier of this IP address range | ||
| - `definition_id`: Reference ID of the IP address definition using this IP address range. | ||
| - `ip_range_from`: IP address, either used as an individual IP address or as a minimum IP address of a range. | ||
| - `ip_range_to`: Optional, IP address, used as the maximum IP address of a range. | ||
|
|
||
| ## Data being presented | ||
|
|
||
| Users with the according permissions may see the following: | ||
| - Title | ||
| - Description | ||
| - Online status | ||
| - IP address ranges | ||
| for all IP address definitions, within the "IP Address Definitions" | ||
| administration page. | ||
|
|
||
| When this component is used inside of other components, users may see | ||
| - Title | ||
| for all IP address definitions set to "online", within the dependant | ||
| component. | ||
|
|
||
| ## Data being deleted | ||
|
|
||
| - When deleting an IP address definition, all associated IP address ranges are deleted. | ||
|
|
||
| ## Data being exported | ||
|
|
||
| - XML exports of IP address definitions contain the following information, see above for more information: | ||
| - Title | ||
| - Description | ||
| - IP address ranges | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| # IpAddress Component | ||
|
|
||
| This directory contains the IpAddress component, which is responsible for managing named IP address | ||
| ranges (so-called IP address definitions) for later use in access control by other components. | ||
|
|
||
| Currently, this component is integrated into the Test component, with plans to integrate into the User | ||
| component (by replacing `ClientIP` (`components/ILIAS/User/src/Profile/Fields/Standard/ClientIP.php`) | ||
| once `ilFormPropertyGUI` has been removed. | ||
|
|
||
| ## Conceptual summary | ||
|
|
||
| This component stores named IP address ranges (so-called IP address definitions) as ILIAS objects. | ||
| These objects have the following properties: | ||
| - Title | ||
| - Description | ||
| - Online status | ||
| - Array of IP address ranges | ||
|
|
||
| An IP address range can consist of one ("check if the user's IP address is N") | ||
| or two ("check if the user's IP address is between N and M") IP addresses. | ||
|
|
||
| Only IP address definitions that are set to "online" can be used in other components. | ||
|
|
||
| ## Derived Tasks | ||
|
|
||
| If your component wants to access IP address definitions, the following APIs might | ||
| be of use to you: | ||
|
|
||
| 1. Using the `search` method within `ilObjIpAddressDefinition`, a list of "online" IP | ||
| address definitions whose title matches the search string is returned. | ||
| 2. An `IpAddressRangeRepository` can be instantiated using the `ref_id` of an IP address | ||
| definition. Using this object, one can check whether a given IP address is within | ||
| the range(s) outlined within an IP address definition. | ||
| 3. This component provides `ilObjIpAddressDefinitionInputFieldGUI`, which is a pre-built | ||
| UI component which can be used to query the user for IP addresses, IP subnets and IP | ||
| address definitions. We recommend that you use this component in yours also, as this | ||
| provides a unified interface to interact with IP addresses. Note that this component | ||
| itself simply returns whether a certain IP address is within the range(s) outlined | ||
| within an IP address definition, but **does not provide any functionality for access | ||
| control**. You will need to implement this within your component. | ||
|
|
||
| # JF Decisions | ||
|
|
||
| # Metrics | ||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # Roadmap | ||
|
|
||
| ## Short Term | ||
|
|
||
| ... | ||
|
|
||
| ## Mid Term | ||
|
|
||
| ... | ||
|
|
||
| ## Long Term | ||
|
|
||
| ... |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the document about privacy matters. Giving some general information is OK in my eyes, but take care not to depend on people having read this file when they actually want what belongs in
README.md. My feeling is that larger parts of this documentation would be better placed there. If they are urgently required to grasp the privacy-related parts of the component, then they should be summarised in thisPRIVACY.mdfile.In my opinion your descriptions here sound a bit better than those in
README.md. 😉