fallback remediation

mobula9 · mobula9 · commit 02d7e1fab474 · 2020-12-11T20:31:41.000+01:00
diff --git a/docs/configuration-reference.md b/docs/configuration-reference.md
@@ -20,6 +20,8 @@
        // Optional. Cap the remediation to the selected one. Select from 'bypass' (minimum remediation), 'captcha' or 'ban' (maximum remediation). Defaults to 'ban'.
        'max_remediation_level'=> 'ban',
 
+       // Optional. Handle unknown remediations as. Select from 'bypass' (minimum remediation), 'captcha' or 'ban' (maximum remediation). Defaults to 'captcha'.
+       'fallback_remediation'=> 'captcha',
 
        // Optional. Set the duration we keep in cache the fact that an IP is clean. In seconds. Defaults to 60 (1 minute).
        'cache_expiration_for_clean_ip'=> '60',
diff --git a/src/Bouncer.php b/src/Bouncer.php
@@ -83,6 +83,19 @@ private function capRemediationLevel(string $remediation): string
         return $remediation;
     }
 
+    /**
+     * If the CrowdSec remediation is not handled by this library,
+     * replace it with the value of the configuration "fallback_remediation".
+     */
+    private function handleUnknownRemediation(string $remediation): string
+    {
+        // TODO P3 test this
+        if (!in_array($remediation, Constants::ORDERED_REMEDIATIONS)) {
+            return $this->config['fallback_remediation'];
+        }
+        return $remediation;
+    }
+
     /**
      * Get the remediation for the specified IP. This method use the cache layer.
      * In live mode, when no remediation was found in cache,
@@ -97,6 +110,7 @@ public function getRemediationForIp(string $ip): string
             throw new BouncerException("IP $ip should looks like x.x.x.x, with x in 0-255. Ex: 1.2.3.4");
         }
         $remediation = $this->apiCache->get(long2ip($intIp));
+        $remediation = $this->handleUnknownRemediation($remediation);
         $remediation = $this->capRemediationLevel($remediation);
         return $remediation;
     }
diff --git a/src/Configuration.php b/src/Configuration.php
@@ -37,6 +37,10 @@ public function getConfigTreeBuilder()
             ->values(Constants::ORDERED_REMEDIATIONS)
             ->defaultValue(Constants::REMEDIATION_BAN)
             ->end()
+            ->enumNode('fallback_remediation')
+            ->values(Constants::ORDERED_REMEDIATIONS)
+            ->defaultValue(Constants::REMEDIATION_CAPTCHA)
+            ->end()
             ->integerNode('cache_expiration_for_clean_ip')
             ->defaultValue(Constants::CACHE_EXPIRATION_FOR_CLEAN_IP)
             ->end()
