From 8ae54193d23f92bfee7cf8a286e6c668c76bfdc2 Mon Sep 17 00:00:00 2001
From: Luuk Verhoeven <luuk@ldesign.nl>
Date: Sat, 20 Jul 2024 15:01:12 +0200
Subject: [PATCH] Update code and environment checks

---
 .github/workflows/AppScan.yml | 15 +++++++++++++
 README.md                     | 41 +++++++++++++++++------------------
 classes/condition.php         | 40 +++++++++-------------------------
 classes/frontend.php          |  3 ++-
 classes/privacy/provider.php  |  3 ++-
 environment.xml               |  6 +++++
 version.php                   |  5 +++--
 7 files changed, 58 insertions(+), 55 deletions(-)
 create mode 100644 .github/workflows/AppScan.yml
 create mode 100644 environment.xml

diff --git a/.github/workflows/AppScan.yml b/.github/workflows/AppScan.yml
new file mode 100644
index 0000000..fd23f2b
--- /dev/null
+++ b/.github/workflows/AppScan.yml
@@ -0,0 +1,15 @@
+name: "HCL AppScan SAST"
+on: [ push, pull_request ]
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Run AppScan SAST scan
+        uses: HCL-TECH-SOFTWARE/appscan-sast-action@v1.0.1
+        with:
+          asoc_key: ${{secrets.ASOC_KEY}}
+          asoc_secret: ${{secrets.ASOC_SECRET}}
+          application_id: ${{secrets.ASOC_APPID}}
diff --git a/README.md b/README.md
index b72f5e5..2db4658 100644
--- a/README.md
+++ b/README.md
@@ -1,24 +1,23 @@
 ## Moodle - availability ip address plugin
-Restrict access to any activity by ip-address. This plugin can be used to make any chosen activity unavailable based on the user's IP.
-
+Enhance activity security by restricting access based on IP address. This plugin allows you to control the availability of any chosen
+activity, making it accessible only to users from specified IP addresses.
 
 ## Author
-![MFreak.nl](http://MFreak.nl/logo_small.png)
-
-* Author: Luuk Verhoeven, [MFreak.nl](https://MFreak.nl/)
-* Min. required: Moodle 3.5.x
-* Supports PHP: 7.2
-
-[![Build Status](https://travis-ci.org/MFreakNL/moodle-availability_ipaddress.svg?branch=master)](https://travis-ci.org/MFreakNL/moodle-availability_ipaddress)
-![Moodle35](https://img.shields.io/badge/moodle-3.5-brightgreen.svg)
-![Moodle36](https://img.shields.io/badge/moodle-3.6-brightgreen.svg)
-![Moodle37](https://img.shields.io/badge/moodle-3.7-brightgreen.svg)
-![Moodle38](https://img.shields.io/badge/moodle-3.8-brightgreen.svg)
-![Moodle39](https://img.shields.io/badge/moodle-3.9-brightgreen.svg)
-![Moodle310](https://img.shields.io/badge/moodle-3.10-brightgreen.svg)
-![Moodle40](https://img.shields.io/badge/moodle-4.00-brightgreen.svg)
-![PHP7.2](https://img.shields.io/badge/PHP-7.2-brightgreen.svg)
-![PHP7.3](https://img.shields.io/badge/PHP-7.3-brightgreen.svg)
+![ldesignmedia.nl](http://ldesignmedia.nl/logo_small.png)
+
+* Author: Luuk Verhoeven, [ldesignmedia.nl](https://ldesignmedia.nl/)
+* Min. required: Moodle 4.0
+* Supports PHP: 7.4
+
+![Moodle400](https://img.shields.io/badge/moodle-4.0-brightgreen.svg?logo=moodle)
+![Moodle401](https://img.shields.io/badge/moodle-4.1-brightgreen.svg?logo=moodle)
+![Moodle402](https://img.shields.io/badge/moodle-4.2-brightgreen.svg?logo=moodle)
+![Moodle403](https://img.shields.io/badge/moodle-4.3-brightgreen.svg?logo=moodle)
+![Moodle404](https://img.shields.io/badge/moodle-4.4-brightgreen.svg?logo=moodle)
+
+![PHP7.4](https://img.shields.io/badge/PHP-7.4-brightgreen.svg?logo=php)
+![PHP8.0](https://img.shields.io/badge/PHP-8.0-brightgreen.svg?logo=php)
+![PHP8.1](https://img.shields.io/badge/PHP-8.1-brightgreen.svg?logo=php)
 
 ## List of features
 - Supports comma separate list of ip-addresses
@@ -32,7 +31,6 @@ Restrict access to any activity by ip-address. This plugin can be used to make a
 3.  Go to Site Administrator > Notification
 4.  Install the plugin
 
-
 ## Usage
 
 1. Add or edit an activity in a Moodle course.
@@ -47,7 +45,7 @@ Restrict access to any activity by ip-address. This plugin can be used to make a
 
 ## Security
 
-If you discover any security related issues, please email [luuk@MFreak.nl](mailto:luuk@MFreak.nl) instead of using the issue tracker.
+If you discover any security related issues, please email [luuk@ldesignmedia.nl](mailto:luuk@ldesignmedia.nl) instead of using the issue tracker.
 
 ## License
 
@@ -59,6 +57,7 @@ Contributions are welcome and will be fully credited. We accept contributions vi
 
 ## Changelog
 
+- 2024072000 Tested on Moodle 4.4
 - 2022021100 Thanks for adding ip-range support @[juacas](https://github.com/juacas)
-- 2022052800 Fixed the [issue 6](https://github.com/MFreakNL/moodle-availability_ipaddress/issues/6) @[hamzatamyachte](https://github.com/hamzatamyachte)
+- 2022052800 Fixed the [issue 6](https://github.com/ldesignmediaNL/moodle-availability_ipaddress/issues/6) @[hamzatamyachte](https://github.com/hamzatamyachte)
 - 2022052801 Test in Moodle 4.0 @[hamzatamyachte](https://github.com/hamzatamyachte)
diff --git a/classes/condition.php b/classes/condition.php
index 1abbe3c..d6fbdc8 100644
--- a/classes/condition.php
+++ b/classes/condition.php
@@ -40,7 +40,7 @@ class condition extends \core_availability\condition {
     /**
      * @var string
      */
-    protected $ipaddresses = '';
+    protected string $ipaddresses = '';
 
     /**
      * condition constructor.
@@ -73,11 +73,11 @@ public function __construct($structure) {
      * @param bool $grabthelot Performance hint: if true, caches information
      *                         required for all course-modules, to make the front page and similar
      *                         pages work more quickly (works only for current user)
-     * @param int  $userid     User ID to check availability for
+     * @param int $userid      User ID to check availability for
      *
      * @return bool True if available
      */
-    public function is_available($not, info $info, $grabthelot, $userid) : bool {
+    public function is_available($not, info $info, $grabthelot, $userid): bool {
 
         if (empty($this->ipaddresses)) {
             return !$not;
@@ -116,7 +116,7 @@ public function is_available($not, info $info, $grabthelot, $userid) : bool {
      *   this item
      * @throws \coding_exception
      */
-    public function get_description($full, $not, info $info) : string {
+    public function get_description($full, $not, info $info): string {
         return get_string('require_condition', 'availability_ipaddress', getremoteaddr());
     }
 
@@ -126,7 +126,7 @@ public function get_description($full, $not, info $info) : string {
      *
      * @return string Text representation of parameters
      */
-    protected function get_debug_string() : string {
+    protected function get_debug_string(): string {
         return !empty($this->ipaddresses) ? 'ipaddresses ON' : 'ipaddresses OFF';
     }
 
@@ -140,43 +140,23 @@ protected function get_debug_string() : string {
      *
      * @return \stdClass Object representing condition
      */
-    public static function get_json($ipaddresses) : \stdClass {
-        return (object)[
+    public static function get_json(string $ipaddresses): \stdClass {
+        return (object) [
             'type' => 'ipaddress',
             'ipaddresses' => $ipaddresses,
         ];
     }
 
-    /**
-     * Check if ip-address is valid
-     *
-     * @param string $ipaddresses
-     *
-     * @return bool
-     */
-    public static function is_valid_ipaddresses($ipaddresses) : bool {
-        $ipaddresses = implode(',', $ipaddresses);
-        foreach ($ipaddresses as $ipaddress) {
-            if ( is_ip_address($ipaddress) === false &&
-                    is_ipv4_range($ipaddress) === false &&
-                    is_ipv6_range($ipaddress) === false  ) {
-                return false;
-            }
-        }
-
-        return true;
-
-    }
-
     /**
      * Saves tree data back to a structure object.
      *
      * @return \stdClass Structure object (ready to be made into JSON format)
      */
-    public function save() : \stdClass {
-        return (object)[
+    public function save(): \stdClass {
+        return (object) [
             'type' => 'ipaddress',
             'ipaddresses' => $this->ipaddresses,
         ];
     }
+
 }
diff --git a/classes/frontend.php b/classes/frontend.php
index 1e66e3c..73bf21a 100644
--- a/classes/frontend.php
+++ b/classes/frontend.php
@@ -40,10 +40,11 @@ class frontend extends \core_availability\frontend {
      *
      * @return array
      */
-    protected function get_javascript_strings() : array {
+    protected function get_javascript_strings(): array {
         return [
             'js:ipaddress',
             'error_ipaddress',
         ];
     }
+
 }
diff --git a/classes/privacy/provider.php b/classes/privacy/provider.php
index 9208522..3587f26 100644
--- a/classes/privacy/provider.php
+++ b/classes/privacy/provider.php
@@ -40,7 +40,8 @@ class provider implements \core_privacy\local\metadata\null_provider {
      *
      * @return  string
      */
-    public static function get_reason() : string {
+    public static function get_reason(): string {
         return 'privacy:metadata';
     }
+
 }
diff --git a/environment.xml b/environment.xml
new file mode 100644
index 0000000..cff201b
--- /dev/null
+++ b/environment.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<COMPATIBILITY_MATRIX>
+    <PLUGIN name="availability_ipaddress">
+        <PHP version="7.4" level="required"/>
+    </PLUGIN>
+</COMPATIBILITY_MATRIX>
diff --git a/version.php b/version.php
index f97957e..62cc808 100644
--- a/version.php
+++ b/version.php
@@ -27,7 +27,8 @@
 defined('MOODLE_INTERNAL') || die();
 
 $plugin->component = 'availability_ipaddress';
-$plugin->version = 2022052801;
-$plugin->release = '3.11.2';
+$plugin->version = 2024072000;
+$plugin->release = '4.4.0';
 $plugin->requires = 2016120500;
 $plugin->maturity = MATURITY_STABLE;
+$plugin->supported = [400, 404];