KNEL/TSYSDevStack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(cloudron): add tirreno package artifacts

Browse Source 
- Add CloudronStack/output/CloudronPackages-Artifacts/tirreno/ directory and its contents
- Includes package manifest, Dockerfile, source code, documentation, and build artifacts
- Add tirreno-1761840148.tar.gz as a build artifact
- Add tirreno-cloudron-package-1761841304.tar.gz as the Cloudron package
- Include all necessary files for the tirreno Cloudron package

This adds the complete tirreno Cloudron package artifacts to the repository.
This commit is contained in:
Charles N Wyble - admin
2025-10-30 11:43:06 -05:00
parent 0ce353ea9d
commit 91d52d2de5
1692 changed files with 202851 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

515
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Data.php Normal file
View File

@@ -0,0 +1,515 @@
<?php
/**
* Tirreno ~ Open source user analytics
* Copyright (c) Tirreno Technologies Sàrl (https://www.tirreno.com)
*
* Licensed under GNU Affero General Public License version 3 of the or any later version.
* For full copyright and license information, please see the LICENSE
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Tirreno Technologies Sàrl (https://www.tirreno.com)
* @license https://opensource.org/licenses/AGPL-3.0 AGPL License
* @link https://www.tirreno.com Tirreno(tm)
*/
namespace Controllers\Admin\Rules;
class Data extends \Controllers\Base {
use \Traits\ApiKeys;
private \Controllers\Admin\Context\Data $contextController;
private \Controllers\Admin\User\Data $userController;
private \Models\OperatorsRules $rulesModel;
private array $totalModels;
private array $rulesMap;
public function proceedPostRequest(array $params): array {
return match ($params['cmd']) {
'changeThresholdValues' => $this->changeThresholdValues($params),
'refreshRules' => $this->refreshRules($params),
default => []
};
}
private function refreshRules(array $params): array {
$pageParams = [];
$errorCode = $this->validateRefreshRules($params);
if ($errorCode) {
$pageParams['ERROR_CODE'] = $errorCode;
} else {
$model = new \Models\Rules();
// get all rules from db by uid; will not return classes with filename mismatch or invalid classname
$currentRules = $model->getAll();
$sortedRules = [];
foreach ($currentRules as $rule) {
$sortedRules[$rule['uid']] = $rule;
}
$localClasses = \Utils\RulesClasses::getRulesClasses(false);
$mainClasses = \Utils\RulesClasses::getRulesClasses(true);
$iterates = [[], [], [], [], [], []];
$metUids = [];
$parentClass = \Controllers\Admin\Rules\Set\BaseRule::class;
$mtd = 'defineCondition';
// local classes first to keep ability to override default classes
$allClassesFromFiles = $localClasses['imported'] + $mainClasses['imported'];
foreach ($allClassesFromFiles as $uid => $cls) {
$valid = true;
$name = constant("$cls::NAME") ?? '';
$descr = constant("$cls::DESCRIPTION") ?? '';
$attr = constant("$cls::ATTRIBUTES") ?? [];
$obj = [
'uid' => $uid,
'name' => $name,
'descr' => $descr,
'attributes' => $attr,
];
// check constants
if (!is_string($name) || !is_string($descr) || !is_array($attr)) {
$valid = false;
$obj['name'] = '';
$obj['descr'] = '';
$obj['attributes'] = [];
// check if rule is child class of BaseRule and defineCondition() was implemented
} elseif (!is_subclass_of($cls, $parentClass) || (new \ReflectionMethod($cls, $mtd))->isAbstract()) {
$valid = false;
}
$status = $this->addRule($sortedRules, $obj, $valid, $model);
$iterates[($status === null ? 0 : 1 + intval($status)) * 2 + intval($valid)][] = $uid;
$metUids[] = $uid;
}
$flipMetUids = array_flip($metUids);
$newMissingRules = [];
$oldMissingCnt = 0;
foreach ($sortedRules as $uid => $rule) {
if (!array_key_exists($uid, $flipMetUids)) {
if (!$rule['missing']) {
$newMissingRules[$uid] = $rule;
$model->setMissingByUid($uid);
} else {
$oldMissingCnt += 1;
}
}
}
//$successCnt = count($iterates[5]) + count($iterates[3]);
//$warningCnt = count($iterates[4]) + count($iterates[2]);
$newValidCnt = count($iterates[5]);
$newInvalidCnt = count($iterates[4]);
$updValidCnt = count($iterates[3]);
$updInvalidCnt = count($iterates[2]);
$missingCnt = count($newMissingRules);
$messages = [];
$messages[] = $this->getStatusNotification($newValidCnt, 'Added %s rule%s: %s', $iterates[5]);
$messages[] = $this->getStatusNotification($updValidCnt, 'Updated %s rule%s: %s', $iterates[3]);
$msg = join(";\n", array_filter($messages));
if ($msg) {
$pageParams['SUCCESS_MESSAGE'] = $msg;
}
$messages = [];
$messages[] = $this->getStatusNotification($newInvalidCnt, 'Added %s invalid rule%s: %s', $iterates[4]);
$messages[] = $this->getStatusNotification($updInvalidCnt, 'Updated %s invalid rule%s: %s', $iterates[2]);
$messages[] = $this->getStatusNotification($missingCnt, 'Missing %s rule%s: %s', array_column($newMissingRules, 'uid'));
$msg = join(";\n", array_filter($messages));
if ($msg) {
$pageParams['ERROR_MESSAGE'] = $msg;
}
if (!array_key_exists('ERROR_MESSAGE', $pageParams) && !array_key_exists('SUCCESS_MESSAGE', $pageParams)) {
$activeCnt = count($iterates[1]);
$invalidCnt = count($iterates[0]);
$msg = sprintf('Rules refreshed (%s rule%s active', $activeCnt, ($activeCnt > 1 ? 's' : ''));
if ($invalidCnt) {
$msg .= sprintf(', %s invalid', $invalidCnt);
}
if ($oldMissingCnt) {
$msg .= sprintf(', %s missing', $oldMissingCnt);
}
$msg .= ')';
$pageParams['SUCCESS_MESSAGE'] = $msg;
}
}
return $pageParams;
}
private function getStatusNotification(int $cnt, string $template, array $data): ?string {
if (!$cnt) {
return null;
}
$s = join(', ', array_slice($data, 0, 10, true)) . ($cnt > 10 ? '&hellip;' : '.');
return sprintf($template, strval($cnt), ($cnt > 1 ? 's' : ''), $s);
}
private function addRule(array $existingArray, array $obj, bool $valid, \Models\Rules $model): ?bool {
$data = $existingArray[$obj['uid']] ?? null;
$r = null;
sort($obj['attributes']);
if ($data === null) {
$r = true;
} else {
$data['attributes'] = json_decode($data['attributes']);
sort($data['attributes']);
foreach ($obj as $key => $value) {
if ($value !== $data[$key]) {
$r = false;
break;
}
}
if ($r !== false && $data['validated'] !== $valid) {
$r = false;
}
}
if ($r !== null || $data['missing']) {
$model->addRule($obj['uid'], $obj['name'], $obj['descr'], $obj['attributes'], $valid);
}
return ($data !== null && $data['missing']) ? true : $r;
}
private function validateRefreshRules(array $params): int|false {
$errorCode = \Utils\Access::CSRFTokenValid($params, $this->f3);
if ($errorCode) {
return $errorCode;
}
return false;
}
public function changeThresholdValues(array $params): array {
$pageParams = [];
$errorCode = $this->validateThresholdValues($params);
if ($errorCode) {
$pageParams['ERROR_CODE'] = $errorCode;
} else {
$keyId = isset($params['keyId']) ? (int) $params['keyId'] : null;
$model = new \Models\ApiKeys();
$model->getKeyById($keyId);
$blacklistThreshold = (int) ($params['blacklist-threshold'] ?? -1);
$reviewQueueThreshold = (int) ($params['review-queue-threshold'] ?? 0);
$recalculateReviewQueueCnt = $model->review_queue_threshold !== $reviewQueueThreshold;
$model->updateBlacklistThreshold($blacklistThreshold);
$model->updateReviewQueueThreshold($reviewQueueThreshold);
if ($recalculateReviewQueueCnt) {
$controller = new \Controllers\Admin\ReviewQueue\Data();
$controller->getNumberOfNotReviewedUsers($keyId, false, true);
}
$pageParams['SUCCESS_MESSAGE'] = $this->f3->get('AdminThresholdValues_update_success_message');
}
return $pageParams;
}
private function validateThresholdValues(array $params): int|false {
$errorCode = \Utils\Access::CSRFTokenValid($params, $this->f3);
if ($errorCode) {
return $errorCode;
}
$keyId = isset($params['keyId']) ? (int) $params['keyId'] : null;
if (!$keyId) {
return \Utils\ErrorCodes::API_KEY_ID_DOESNT_EXIST;
}
if ($keyId !== $this->getCurrentOperatorApiKeyId()) {
return \Utils\ErrorCodes::API_KEY_WAS_CREATED_FOR_ANOTHER_USER;
}
$blacklistThreshold = (int) ($params['blacklist-threshold'] ?? -1);
if ($blacklistThreshold < -1 || $blacklistThreshold > 18) {
return \Utils\ErrorCodes::BLACKLIST_THRESHOLD_DOES_NOT_EXIST;
}
$reviewQueueThreshold = (int) ($params['review-queue-threshold'] ?? 0);
if ($reviewQueueThreshold < 0 || $reviewQueueThreshold > 100) {
return \Utils\ErrorCodes::REVIEW_QUEUE_THRESHOLD_DOES_NOT_EXIST;
}
if ($reviewQueueThreshold <= $blacklistThreshold) {
return \Utils\ErrorCodes::BLACKLIST_THRESHOLD_EXCEEDS_REVIEW_QUEUE_THRESHOLD;
}
return false;
}
public function getRulesForLoggedUser(): array {
$apiKey = $this->getCurrentOperatorApiKeyId();
return $this->getAllAttrFilteredRulesByApiKey($apiKey);
}
public function saveUserRule(string $ruleUid, int $score): void {
$apiKey = $this->getCurrentOperatorApiKeyId();
$model = new \Models\OperatorsRules();
$model->updateRule($ruleUid, $score, $apiKey);
}
public function saveRuleProportion(string $ruleUid, float $proportion): void {
$apiKey = $this->getCurrentOperatorApiKeyId();
$model = new \Models\OperatorsRules();
$model->updateRuleProportion($ruleUid, $proportion, $apiKey);
}
public function getRuleProportion(int $totalUsers, int $ruleUsers): float {
if ($ruleUsers === 0 || $totalUsers === 0) {
return 0.0;
}
$proportion = (float) (100 * $ruleUsers) / (float) $totalUsers;
// if number is too small make it a bit greater so it will be written in db as 0 < n < 1
return abs($proportion) < 0.001 ? 0.001 : $proportion;
}
// return array of uids on each account of triggered rules
private function evaluateRules(array $accountIds, array $rules, int $apiKey): array {
$result = array_fill_keys($accountIds, []);
$context = [];
$record = [];
foreach (array_chunk($accountIds, \Utils\Variables::getRuleUsersBatchSize()) as $batch) {
$context = $this->contextController->getContextByAccountIds($batch, $apiKey);
foreach ($batch as $user) {
$record = $context[$user] ?? null;
if ($record) {
foreach ($rules as $rule) {
if ($this->executeRule($rule, $record)) {
$result[$user][] = $rule->uid;
}
}
}
}
}
return $result;
}
private function executeRule(Set\BaseRule $rule, array $params): bool {
$executed = false;
try {
$rule->updateParams($params);
$executed = $rule->execute();
} catch (\Throwable $e) {
if (defined($rule->uid)) {
$model = new \Models\Rules();
$model->setInvalidByUid($rule->uid);
}
error_log('Failed to execute rule class ' . $rule->uid . ': ' . $e->getMessage());
}
return $executed;
}
public function checkRule(string $ruleUid): array {
$apiKey = $this->getCurrentOperatorApiKeyId();
$model = new \Models\Users();
$users = $model->getAllUsersIdsOrdered($apiKey);
$accounts = [];
foreach ($users as $user) {
$accounts[$user['accountid']] = $user;
}
$accountIds = array_keys($accounts);
$this->buildEvaluationModels($ruleUid);
$targetRule = $this->rulesModel->getRuleWithOperatorValue($ruleUid, $apiKey);
if ($targetRule === [] || !array_key_exists($ruleUid, $this->rulesMap)) {
return [0, []];
}
$results = $this->evaluateRules($accountIds, [$this->rulesMap[$ruleUid]], $apiKey);
$matchingAccountIds = array_keys(array_filter($results, static function ($value): bool {
return $value !== [];
}));
$result = [];
foreach ($matchingAccountIds as $id) {
if (array_key_exists($id, $accounts)) {
$result[$id] = $accounts[$id];
}
}
return [count($accountIds), $result];
}
public function evaluateUser(int $accountId, int $apiKey, bool $preparedModels = false): void {
if (!$preparedModels || !$this->rulesModel) {
$this->buildEvaluationModels();
}
foreach ($this->totalModels as $model) {
$model->updateTotalsByAccountIds([$accountId], $apiKey);
}
$operatorRules = $this->getAllRulesWithOperatorValues($this->rulesModel, $apiKey);
$rules = array_intersect_key($this->rulesMap, $operatorRules);
$result = $this->evaluateRules([$accountId], $rules, $apiKey);
$uids = $result[$accountId];
$details = [];
foreach ($uids as $uid) {
$details[] = ['uid' => $uid, 'score' => $operatorRules[$uid]['value']];
}
$data = [
'score' => $this->normalizeScore($details),
'details' => json_encode($details),
];
$this->userController->updateUserStatus($accountId, $data, $apiKey);
}
public function buildEvaluationModels(?string $uid = null): void {
$this->totalModels = [];
foreach (\Utils\Constants::get('RULES_TOTALS_MODELS') as $className) {
$this->totalModels[] = new $className();
}
$this->contextController = new \Controllers\Admin\Context\Data();
$this->userController = new \Controllers\Admin\User\Data();
$this->rulesModel = new \Models\OperatorsRules();
$rb = new \Ruler\RuleBuilder();
if ($uid) {
$ruleObj = \Utils\RulesClasses::getSingleRuleObject($uid, $rb);
$this->rulesMap = $ruleObj ? [$uid => $ruleObj] : [];
} else {
$this->rulesMap = \Utils\RulesClasses::getAllRulesObjects($rb);
}
}
private function normalizeScore(array $data): int {
$scores = array_column($data, 'score');
$totalScore = max(array_sum($scores), 0);
$filterScores = array_filter($scores, function ($value) {
return $value > 0;
});
$matches = count($filterScores);
return max((int) (99 - ($totalScore * (pow($matches, 1.1) - $matches + 1))), 0);
}
// only valid, not missing, with fitting attributes, returning associative array
private function getAllRulesWithOperatorValues(\Models\OperatorsRules $rulesModel, int $apiKey): array {
$model = new \Models\ApiKeys();
$skipAttributes = $model->getSkipEnrichingAttributes($apiKey);
$rules = $rulesModel->getAllValidRulesByOperator($apiKey);
$results = $this->filterRulesByAttributesAddTypes($rules, $skipAttributes);
return $results;
}
// with fitting attributes and sorted, returning as regular array
private function getAllAttrFilteredRulesByApiKey(int $apiKey): array {
$model = new \Models\ApiKeys();
$skipAttributes = $model->getSkipEnrichingAttributes($apiKey);
$model = new \Models\OperatorsRules();
$rules = $model->getAllRulesByOperator($apiKey);
$results = $this->filterRulesByAttributesAddTypes($rules, $skipAttributes);
usort($results, static function ($a, $b): int {
if ($a['validated'] !== $b['validated']) {
return ($b['validated'] <=> $a['validated']);
}
if ((int) ($a['missing'] === true) !== (int) ($b['missing'] === true)) {
return ((int) $a['missing'] <=> (int) $b['missing']);
}
return $a['uid'] <=> $b['uid'];
});
return $results;
}
// do not filter by attributes if data is needed only for rendering info
public function getAllRulesByApiKey(int $apiKey): array {
$model = new \Models\OperatorsRules();
$rules = $model->getAllRulesByOperator($apiKey);
$results = [];
foreach ($rules as $rule) {
$rule['type'] = \Utils\RulesClasses::getRuleTypeByUid($rule['uid']);
$results[] = $rule;
}
usort($results, static function ($a, $b): int {
if ($a['validated'] !== $b['validated']) {
return ($b['validated'] <=> $a['validated']);
}
if ((int) ($a['missing'] === true) !== (int) ($b['missing'] === true)) {
return ((int) $a['missing'] <=> (int) $b['missing']);
}
return $a['uid'] <=> $b['uid'];
});
return $results;
}
private function filterRulesByAttributesAddTypes(array $rules, array $skipAttributes): array {
$results = [];
foreach ($rules as $id => $row) {
if (!count(array_intersect(json_decode($row['attributes']), $skipAttributes))) {
$row['type'] = \Utils\RulesClasses::getRuleTypeByUid($row['uid']);
$results[$id] = $row;
}
}
return $results;
}
}

61
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Navigation.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
/**
* Tirreno ~ Open source user analytics
* Copyright (c) Tirreno Technologies Sàrl (https://www.tirreno.com)
*
* Licensed under GNU Affero General Public License version 3 of the or any later version.
* For full copyright and license information, please see the LICENSE
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Tirreno Technologies Sàrl (https://www.tirreno.com)
* @license https://opensource.org/licenses/AGPL-3.0 AGPL License
* @link https://www.tirreno.com Tirreno(tm)
*/
namespace Controllers\Admin\Rules;
class Navigation extends \Controllers\Base {
use \Traits\ApiKeys;
use \Traits\Navigation;
public function showIndexPage(): void {
$this->redirectIfUnlogged();
$pageController = new Page();
$this->response = new \Views\Frontend();
$this->response->data = $pageController->getPageParams();
}
public function saveRule(): array {
$params = $this->f3->get('POST');
$key = explode('_', $params['rule']);
$ruleUid = end($key);
$score = $params['value'];
$dataController = new Data();
$dataController->saveUserRule($ruleUid, $score);
return ['success' => true];
}
public function checkRule(): array {
set_time_limit(0);
ini_set('max_execution_time', 0);
$params = $this->f3->get('GET');
$ruleUid = $params['ruleUid'];
$dataController = new Data();
[$allUsersCnt, $users] = $dataController->checkRule($ruleUid);
$proportion = $dataController->getRuleProportion($allUsersCnt, count($users));
$dataController->saveRuleProportion($ruleUid, $proportion);
return [
'users' => array_slice($users, 0, \Utils\Constants::get('RULE_CHECK_USERS_PASSED_TO_CLIENT')),
'count' => count($users),
'proportion' => $proportion,
'proportion_updated_at' => date('Y-m-d H:i:s'),
];
}
}

67
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Page.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
/**
* Tirreno ~ Open source user analytics
* Copyright (c) Tirreno Technologies Sàrl (https://www.tirreno.com)
*
* Licensed under GNU Affero General Public License version 3 of the or any later version.
* For full copyright and license information, please see the LICENSE
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Tirreno Technologies Sàrl (https://www.tirreno.com)
* @license https://opensource.org/licenses/AGPL-3.0 AGPL License
* @link https://www.tirreno.com Tirreno(tm)
*/
namespace Controllers\Admin\Rules;
class Page extends \Controllers\Pages\Base {
use \Traits\ApiKeys;
public $page = 'AdminRules';
public function getPageParams(): array {
$dataController = new Data();
$rules = $dataController->getRulesForLoggedUser();
$searchPlacholder = $this->f3->get('AdminRules_search_placeholder');
$currentOperator = $this->f3->get('CURRENT_USER');
$operatorId = $currentOperator->id;
$ruleValues = [
['value' => -20, 'text' => $this->f3->get('AdminRules_weight_minus20')],
['value' => 0, 'text' => $this->f3->get('AdminRules_weight_0')],
['value' => 10, 'text' => $this->f3->get('AdminRules_weight_10')],
['value' => 20, 'text' => $this->f3->get('AdminRules_weight_20')],
['value' => 70, 'text' => $this->f3->get('AdminRules_weight_70')],
];
$pageParams = [
'LOAD_DATATABLE' => true,
'LOAD_AUTOCOMPLETE' => true,
'HTML_FILE' => 'admin/rules.html',
'JS' => 'admin_rules.js',
'RULE_VALUES' => $ruleValues,
'RULES' => $rules,
'SEARCH_PLACEHOLDER' => $searchPlacholder,
];
if ($this->isPostRequest()) {
$params = $this->f3->get('POST');
$params['id'] = $operatorId;
$operationResponse = $dataController->proceedPostRequest($params);
$pageParams = array_merge($pageParams, $operationResponse);
$pageParams['CMD'] = $params['cmd'];
$pageParams['RULES'] = $dataController->getRulesForLoggedUser();
}
// set api_keys param after proccessing POST request
[$isOwner, $apiKeys] = $dataController->getOperatorApiKeys($operatorId);
$pageParams['IS_OWNER'] = $isOwner;
$pageParams['API_KEYS'] = $apiKeys;
return parent::applyPageParams($pageParams);
}
}

45
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/A01.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
namespace Controllers\Admin\Rules\Set;
class A01 extends BaseRule {
public const NAME = 'Multiple login fail';
public const DESCRIPTION = 'User failed to login multiple times in a short term, which can be a sign of account takeover.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$maximumAttempts = \Utils\Constants::get('RULE_MAXIMUM_NUMBER_OF_LOGIN_ATTEMPTS');
$loginFail = \Utils\Constants::get('ACCOUNT_LOGIN_FAIL_EVENT_TYPE_ID');
$windowSize = \Utils\Constants::get('RULE_LOGIN_ATTEMPTS_WINDOW');
$tooManyLoginAttempts = false;
$cnt = 0;
$start = 0;
$iters = count($params['event_type']);
for ($end = 0; $end < $iters; ++$end) {
if ($params['event_type'][$end] === $loginFail) {
++$cnt;
}
if ($end >= $windowSize - 1) {
if ($cnt > $maximumAttempts) {
$tooManyLoginAttempts = true;
break;
}
if ($params['event_type'][$start] === $loginFail) {
--$cnt;
}
++$start;
}
}
$params['event_many_failed_login_attempts'] = $tooManyLoginAttempts;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_many_failed_login_attempts']->equalTo(true),
);
}
}

31
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/A02.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
namespace Controllers\Admin\Rules\Set;
class A02 extends BaseRule {
public const NAME = 'Login failed on new device';
public const DESCRIPTION = 'User failed to login with new device, which can be a sign of account takeover.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$suspiciousLoginFailed = false;
$loginFail = \Utils\Constants::get('ACCOUNT_LOGIN_FAIL_EVENT_TYPE_ID');
foreach ($params['event_type'] as $idx => $event) {
if ($event === $loginFail && \Utils\Rules::eventDeviceIsNew($params, $idx)) {
$suspiciousLoginFailed = true;
break;
}
}
$params['event_failed_login_on_new_device'] = $suspiciousLoginFailed;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_failed_login_on_new_device']->equalTo(true),
);
}
}

31
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/A03.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
namespace Controllers\Admin\Rules\Set;
class A03 extends BaseRule {
public const NAME = 'New device and new country';
public const DESCRIPTION = 'User logged in with new device from new location, which can be a sign of account takeover.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$eventNewDeviceNewCountry = false;
if ($params['eup_device_count'] > 1 && count(array_unique($params['eip_country_id'])) > 1) {
foreach (array_keys($params['event_device']) as $idx) {
if (\Utils\Rules::eventDeviceIsNew($params, $idx) && \Utils\Rules::countryIsNewByIpId($params, $params['event_ip'][$idx])) {
$eventNewDeviceNewCountry = true;
break;
}
}
}
$params['event_new_device_and_new_country'] = $eventNewDeviceNewCountry;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_new_device_and_new_country']->equalTo(true),
);
}
}

31
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/A04.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
namespace Controllers\Admin\Rules\Set;
class A04 extends BaseRule {
public const NAME = 'New device and new subnet';
public const DESCRIPTION = 'User logged in with new device from new subnet, which can be a sign of account takeover.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$eventNewDeviceNewCidr = false;
if ($params['eup_device_count'] > 1 && $params['eip_unique_cidrs'] > 1) {
foreach (array_keys($params['event_device']) as $idx) {
if (\Utils\Rules::eventDeviceIsNew($params, $idx) && \Utils\Rules::cidrIsNewByIpId($params, $params['event_ip'][$idx])) {
$eventNewDeviceNewCidr = true;
break;
}
}
}
$params['event_new_device_and_new_cidr'] = $eventNewDeviceNewCidr;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_new_device_and_new_cidr']->equalTo(true),
);
}
}

33
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/A05.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
namespace Controllers\Admin\Rules\Set;
class A05 extends BaseRule {
public const NAME = 'Password change on new device';
public const DESCRIPTION = 'User changed their password on new device, which can be a sign of account takeover.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$passwordChangeOnNewDevice = false;
$passwordChange = \Utils\Constants::get('ACCOUNT_PASSWORD_CHANGE_EVENT_TYPE_ID');
if ($params['eup_device_count'] > 1) {
foreach (array_keys($params['event_device']) as $idx) {
if ($params['event_type'][$idx] === $passwordChange && \Utils\Rules::eventDeviceIsNew($params, $idx)) {
$passwordChangeOnNewDevice = true;
break;
}
}
}
$params['event_password_change_on_new_device'] = $passwordChangeOnNewDevice;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_password_change_on_new_device']->equalTo(true),
);
}
}

35
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/A06.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
namespace Controllers\Admin\Rules\Set;
class A06 extends BaseRule {
public const NAME = 'Password change in new country';
public const DESCRIPTION = 'User changed their password in new country, which can be a sign of account takeover.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$pwdChangeInNewCountry = false;
$pwdChange = \Utils\Constants::get('ACCOUNT_PASSWORD_CHANGE_EVENT_TYPE_ID');
if (count(array_unique($params['eip_country_id'])) > 1) {
foreach ($params['event_type'] as $idx => $event) {
if ($event === $pwdChange) {
if (\Utils\Rules::countryIsNewByIpId($params, $params['event_ip'][$idx])) {
$pwdChangeInNewCountry = true;
break;
}
}
}
}
$params['event_password_change_in_new_country'] = $pwdChangeInNewCountry;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_password_change_in_new_country']->equalTo(true),
);
}
}

33
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/A07.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
namespace Controllers\Admin\Rules\Set;
class A07 extends BaseRule {
public const NAME = 'Password change in new subnet';
public const DESCRIPTION = 'User changed their password in new subnet, which can be a sign of account takeover.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$passwordChangeInNewCidr = false;
$passwordChange = \Utils\Constants::get('ACCOUNT_PASSWORD_CHANGE_EVENT_TYPE_ID');
if ($params['eip_unique_cidrs'] > 1) {
foreach ($params['event_type'] as $idx => $event) {
if ($event === $passwordChange && \Utils\Rules::cidrIsNewByIpId($params, $params['event_ip'][$idx])) {
$passwordChangeInNewCidr = true;
break;
}
}
}
$params['event_password_change_in_new_cidr'] = $passwordChangeInNewCidr;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_password_change_in_new_cidr']->equalTo(true),
);
}
}

42
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/A08.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
namespace Controllers\Admin\Rules\Set;
class A08 extends BaseRule {
public const NAME = 'Browser language changed';
public const DESCRIPTION = 'User accessed the account with new browser language, which can be a sign of account takeover.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$newBrowserLanguage = false;
// $item ?? '' because `lang` can be null, which we should process as an empty string
$langs = array_map(function ($item) {
return strtoupper(explode('-', preg_replace('/;.*$/', '', trim(explode(',', $item ?? '')[0])))[0]);
}, $params['eup_lang']);
$langCount = array_count_values($langs);
if ($params['eup_device_count'] > 1 && count($langCount) > 1) {
foreach ($params['event_device'] as $idx => $deviceId) {
if (\Utils\Rules::eventDeviceIsNew($params, $idx)) {
$innerId = array_search($deviceId, $params['eup_device_id']);
$lang = strtoupper(explode('-', preg_replace('/;.*$/', '', trim(explode(',', $params['eup_lang'][$innerId] ?? '')[0])))[0]);
if ($langCount[$lang] === 1) {
$newBrowserLanguage = true;
break;
}
}
}
}
$params['event_new_browser_language'] = $newBrowserLanguage;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_new_browser_language']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B01.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B01 extends BaseRule {
public const NAME = 'Multiple countries';
public const DESCRIPTION = 'IP addresses are located in diverse countries, which is a rare behaviour for regular users.';
public const ATTRIBUTES = ['ip'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_total_country']->greaterThan(3),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B02.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B02 extends BaseRule {
public const NAME = 'User has changed a password';
public const DESCRIPTION = 'The user has changed their password.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_password_changed']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B03.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B03 extends BaseRule {
public const NAME = 'User has changed an email';
public const DESCRIPTION = 'The user has changed their email.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_email_changed']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B04.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B04 extends BaseRule {
public const NAME = 'Multiple 5xx errors';
public const DESCRIPTION = 'The user made multiple requests which evoked internal server error.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_multiple_5xx_http']->greaterThan(\Utils\Constants::get('RULE_MAXIMUM_NUMBER_OF_500_CODES')),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B05.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B05 extends BaseRule {
public const NAME = 'Multiple 4xx errors';
public const DESCRIPTION = 'The user made multiple requests which cannot be fulfilled.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_multiple_4xx_http']->greaterThanOrEqualTo(\Utils\Constants::get('RULE_MAXIMUM_NUMBER_OF_404_CODES')),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B06.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B06 extends BaseRule {
public const NAME = 'Potentially vulnerable URL';
public const DESCRIPTION = 'The user made a request to suspicious URL.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_vulnerable_url']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B07.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B07 extends BaseRule {
public const NAME = 'User\'s full name contains digits';
public const DESCRIPTION = 'Full name contains digits, which is a rare behaviour for regular users.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_fullname_has_numbers']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B08.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B08 extends BaseRule {
public const NAME = 'Dormant account (30 days)';
public const DESCRIPTION = 'The account has been inactive for 30 days.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_last_visit']->greaterThan(30),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B09.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B09 extends BaseRule {
public const NAME = 'Dormant account (90 days)';
public const DESCRIPTION = 'The account has been inactive for 90 days.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_last_visit']->greaterThan(90),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B10.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B10 extends BaseRule {
public const NAME = 'Dormant account (1 year)';
public const DESCRIPTION = 'The account has been inactive for a year.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_last_visit']->greaterThan(365),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B11.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B11 extends BaseRule {
public const NAME = 'New account (1 day)';
public const DESCRIPTION = 'The account has been created today.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_account_creation']->notEqualTo(-1),
$this->rb['ea_days_since_account_creation']->lessThan(1),
);
}
}

17
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B12.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B12 extends BaseRule {
public const NAME = 'New account (1 week)';
public const DESCRIPTION = 'The account has been created this week.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_account_creation']->notEqualTo(-1),
$this->rb['ea_days_since_account_creation']->lessThan(7),
$this->rb['ea_days_since_account_creation']->greaterThanOrEqualTo(1),
);
}
}

17
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B13.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B13 extends BaseRule {
public const NAME = 'New account (1 month)';
public const DESCRIPTION = 'The account has been created this month.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_account_creation']->notEqualTo(-1),
$this->rb['ea_days_since_account_creation']->lessThan(30),
$this->rb['ea_days_since_account_creation']->greaterThanOrEqualTo(7),
);
}
}

17
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B14.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B14 extends BaseRule {
public const NAME = 'Aged account (>30 days)';
public const DESCRIPTION = 'The account has been created over 30 days ago.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_account_creation']->notEqualTo(-1),
$this->rb['ea_days_since_account_creation']->lessThan(90),
$this->rb['ea_days_since_account_creation']->greaterThanOrEqualTo(30),
);
}
}

17
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B15.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B15 extends BaseRule {
public const NAME = 'Aged account (>90 days)';
public const DESCRIPTION = 'The account has been created over 90 days ago.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_account_creation']->notEqualTo(-1),
$this->rb['ea_days_since_account_creation']->lessThan(180),
$this->rb['ea_days_since_account_creation']->greaterThanOrEqualTo(90),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B16.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B16 extends BaseRule {
public const NAME = 'Aged account (>180 days)';
public const DESCRIPTION = 'The account has been created over 180 days ago.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_days_since_account_creation']->notEqualTo(-1),
$this->rb['ea_days_since_account_creation']->greaterThanOrEqualTo(180),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B17.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B17 extends BaseRule {
public const NAME = 'Single country';
public const DESCRIPTION = 'IP addresses are located in a single country.';
public const ATTRIBUTES = ['ip'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_total_country']->equalTo(1),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B18.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B18 extends BaseRule {
public const NAME = 'HEAD request';
public const DESCRIPTION = 'HTTP request HEAD method is oftenly used by bots.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_http_method_head']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B19.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B19 extends BaseRule {
public const NAME = 'Night time requests';
public const DESCRIPTION = 'User was active from midnight till 5 a. m.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_session_night_time']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B20.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B20 extends BaseRule {
public const NAME = 'Multiple countries in one session';
public const DESCRIPTION = 'User\'s country was changed in less than 30 minutes.';
public const ATTRIBUTES = ['ip'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_session_multiple_country']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B21.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B21 extends BaseRule {
public const NAME = 'Multiple devices in one session';
public const DESCRIPTION = 'User\'s device was changed in less than 30 minutes.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_session_multiple_device']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B22.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B22 extends BaseRule {
public const NAME = 'Multiple IP addresses in one session';
public const DESCRIPTION = 'User\'s IP address was changed in less than 30 minutes.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_session_multiple_ip']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B23.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B23 extends BaseRule {
public const NAME = 'User\'s full name contains space or hyphen';
public const DESCRIPTION = 'Full name contains space or hyphen, which is a rare behaviour for regular users.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_fullname_has_spaces_hyphens']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B24.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B24 extends BaseRule {
public const NAME = 'Empty referer';
public const DESCRIPTION = 'The user made a request without a referer.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['event_empty_referer']->equalTo(true),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/B25.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class B25 extends BaseRule {
public const NAME = 'Unauthorized request';
public const DESCRIPTION = 'The user made a successful request without authorization.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_userid']->equalTo(\Utils\Constants::get('UNAUTHORIZED_USERID')),
$this->rb['event_2xx_http']->equalTo(true),
);
}
}

51
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/BaseRule.php Normal file
View File

@@ -0,0 +1,51 @@
<?php
/**
* Tirreno ~ Open source user analytics
* Copyright (c) Tirreno Technologies Sàrl (https://www.tirreno.com)
*
* Licensed under GNU Affero General Public License version 3 of the or any later version.
* For full copyright and license information, please see the LICENSE
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Tirreno Technologies Sàrl (https://www.tirreno.com)
* @license https://opensource.org/licenses/AGPL-3.0 AGPL License
* @link https://www.tirreno.com Tirreno(tm)
*/
namespace Controllers\Admin\Rules\Set;
abstract class BaseRule {
protected $rb;
protected $context;
protected $params;
protected $condition;
public $uid;
public function __construct(?\Ruler\RuleBuilder $rb = null, array $params = []) {
$this->uid = end(explode('\\', get_class($this)));
$this->rb = $rb ? $rb : (new \Ruler\RuleBuilder());
$this->params = $params;
}
abstract protected function defineCondition();
protected function prepareParams(array $params): array {
return $params;
}
public function execute(): bool {
$this->context = $this->buildContext();
$this->condition = $this->defineCondition();
return $this->rb->create($this->condition)->evaluate($this->context);
}
private function buildContext(): \Ruler\Context {
return new \Ruler\Context($this->prepareParams($this->params));
}
public function updateParams(array $params): void {
$this->params = $params;
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C01.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C01 extends BaseRule {
public const NAME = 'Nigeria IP address';
public const DESCRIPTION = 'IP address located in Nigeria. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_NIGERIA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C02.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C02 extends BaseRule {
public const NAME = 'India IP address';
public const DESCRIPTION = 'IP address located in India. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_INDIA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C03.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C03 extends BaseRule {
public const NAME = 'China IP address';
public const DESCRIPTION = 'IP address located in China. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_CHINA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C04.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C04 extends BaseRule {
public const NAME = 'Brazil IP address';
public const DESCRIPTION = 'IP address located in Brazil. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_BRAZIL'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C05.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C05 extends BaseRule {
public const NAME = 'Pakistan IP address';
public const DESCRIPTION = 'IP address located in Pakistan. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_PAKISTAN'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C06.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C06 extends BaseRule {
public const NAME = 'Indonesia IP address';
public const DESCRIPTION = 'IP address located in Indonesia. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_INDONESIA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C07.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C07 extends BaseRule {
public const NAME = 'Venezuela IP address';
public const DESCRIPTION = 'IP address located in Venezuela. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_VENEZUELA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C08.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C08 extends BaseRule {
public const NAME = 'South Africa IP address';
public const DESCRIPTION = 'IP address located in South Africa. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_SOUTH_AFRICA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C09.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C09 extends BaseRule {
public const NAME = 'Philippines IP address';
public const DESCRIPTION = 'IP address located in Philippines. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_PHILIPPINES'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C10.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C10 extends BaseRule {
public const NAME = 'Romania IP address';
public const DESCRIPTION = 'IP address located in Romania. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_ROMANIA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C11.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C11 extends BaseRule {
public const NAME = 'Russia IP address';
public const DESCRIPTION = 'IP address located in Russia. This region is associated with a higher risk.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_RUSSIA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

22
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C12.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C12 extends BaseRule {
public const NAME = 'European IP address';
public const DESCRIPTION = 'IP address located in Europe Union.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$common = array_intersect(\Utils\Constants::get('COUNTRY_CODES_EUROPE'), $params['eip_country_id']);
$params['eip_has_specific_country'] = (bool) count($common);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

22
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C13.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C13 extends BaseRule {
public const NAME = 'North America IP address';
public const DESCRIPTION = 'IP address located in Canada or USA.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$common = array_intersect(\Utils\Constants::get('COUNTRY_CODES_NORTH_AMERICA'), $params['eip_country_id']);
$params['eip_has_specific_country'] = (bool) count($common);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C14.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C14 extends BaseRule {
public const NAME = 'Australia IP address';
public const DESCRIPTION = 'IP address located in Australia.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_AUSTRALIA'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C15.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C15 extends BaseRule {
public const NAME = 'UAE IP address';
public const DESCRIPTION = 'IP address located in United Arab Emirates.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_UAE'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/C16.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class C16 extends BaseRule {
public const NAME = 'Japan IP address';
public const DESCRIPTION = 'IP address located in Japan.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_has_specific_country'] = in_array(\Utils\Constants::get('COUNTRY_CODE_JAPAN'), $params['eip_country_id']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_has_specific_country']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D01.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D01 extends BaseRule {
public const NAME = 'Device is unknown';
public const DESCRIPTION = 'User has manipulated the device information, so it is not recognized.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$params['eup_has_unknown_devices'] = in_array(null, $params['eup_device']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_has_unknown_devices']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D02.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D02 extends BaseRule {
public const NAME = 'Device is Linux';
public const DESCRIPTION = 'Linux OS is not used by avarage users, increased risk of crawler bot.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$params['eup_has_linux_system'] = in_array('GNU/Linux', $params['eup_os_name']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_has_linux_system']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D03.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D03 extends BaseRule {
public const NAME = 'Device is bot';
public const DESCRIPTION = 'The user may be using a device with a user agent that is identified as a bot.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$params['eup_has_bot_devices'] = in_array('bot', $params['eup_device']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_has_bot_devices']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D04.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D04 extends BaseRule {
public const NAME = 'Rare browser device';
public const DESCRIPTION = 'User operates device with uncommon browser.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_has_rare_browser']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D05.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D05 extends BaseRule {
public const NAME = 'Rare OS device';
public const DESCRIPTION = 'User operates device with uncommon OS.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_has_rare_os']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D06.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D06 extends BaseRule {
public const NAME = 'Multiple devices per user';
public const DESCRIPTION = 'User accesses the account using multiple devices. Account may be used by different people.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ea_total_device']->greaterThan(4),
);
}
}

34
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D07.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D07 extends BaseRule {
public const NAME = 'Several desktop devices';
public const DESCRIPTION = 'User accesses the account using different OS desktop devices. Account may be shared between different people.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$desktopDevicesWithDifferentOS = false;
$firstDesktopOS = '';
for ($i = 0; $i < $params['eup_device_count']; ++$i) {
if ($params['eup_device'][$i] === 'desktop') {
if ($firstDesktopOS === '') {
$firstDesktopOS = $params['eup_os_name'][$i];
} elseif ($firstDesktopOS !== $params['eup_os_name'][$i]) {
$desktopDevicesWithDifferentOS = true;
break;
}
}
}
$params['eup_desktop_devices_with_different_os'] = $desktopDevicesWithDifferentOS;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_desktop_devices_with_different_os']->equalTo(true),
);
}
}

28
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D08.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D08 extends BaseRule {
public const NAME = 'Two or more phone devices';
public const DESCRIPTION = 'User accesses the account using numerous phone devices, which is not standard behaviour for regular users. Account may be shared between different people.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$smartphoneCount = 0;
foreach ($params['eup_device'] as $device) {
if ($device === 'smartphone') {
++$smartphoneCount;
}
}
$params['eup_phone_devices_count'] = $smartphoneCount;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_phone_devices_count']->greaterThan(1),
);
}
}

37
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D09.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D09 extends BaseRule {
public const NAME = 'Old browser';
public const DESCRIPTION = 'User accesses the account using an old versioned browser.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$minVersion = null;
$browserVersion = '';
$oldBrowser = false;
$iters = count($params['eup_browser_name']);
for ($i = 0; $i < $iters; ++$i) {
$minVersion = \Utils\Constants::get('RULE_REGULAR_BROWSER_NAMES')[$params['eup_browser_name'][$i]] ?? null;
if ($minVersion !== null) {
$browserVersion = explode('.', $params['eup_browser_version'][$i] ?? '')[0];
if (ctype_digit($browserVersion) && intval($browserVersion) < $minVersion) {
$oldBrowser = true;
break;
}
}
}
$params['eup_old_browser'] = $oldBrowser;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_old_browser']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/D10.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class D10 extends BaseRule {
public const NAME = 'Potentially vulnerable User-Agent';
public const DESCRIPTION = 'The user made a request with potentially vulnerable User-Agent.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eup_vulnerable_ua']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E01.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E01 extends BaseRule {
public const NAME = 'Invalid email format';
public const DESCRIPTION = 'Invalid email format. Should be \'username@domain.com\'.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_is_invalid']->equalTo(true),
);
}
}

19
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E02.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E02 extends BaseRule {
public const NAME = 'New domain and no breaches';
public const DESCRIPTION = 'Email belongs to recently created domain name and it doesn\'t appear in data breaches. Increased risk due to lack of authenticity.';
public const ATTRIBUTES = ['email', 'domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_days_since_domain_creation']->notEqualTo(-1),
$this->rb['ld_days_since_domain_creation']->lessThan(30),
//$this->rb['le_has_no_profiles']->equalTo(true),
$this->rb['le_has_no_data_breaches']->equalTo(true),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E03.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E03 extends BaseRule {
public const NAME = 'Suspicious words in email';
public const DESCRIPTION = 'Email contains word parts that usually found in automatically generated mailboxes.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_has_suspicious_str']->equalTo(true),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E04.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E04 extends BaseRule {
public const NAME = 'Numeric email name';
public const DESCRIPTION = 'The email\'s username consists entirely of numbers, which is uncommon for typical email addresses.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_has_numeric_only_local_part']->equalTo(true),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E05.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E05 extends BaseRule {
public const NAME = 'Special characters in email';
public const DESCRIPTION = 'The email address features an unusually high number of special characters, which is atypical for standard email addresses.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_email_has_consec_s_chars']->equalTo(true),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E06.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E06 extends BaseRule {
public const NAME = 'Consecutive digits in email';
public const DESCRIPTION = 'The email address includes at least two consecutive digits, which is a characteristic sometimes associated with temporary or fake email accounts.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_email_has_consec_nums']->equalTo(true),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E07.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E07 extends BaseRule {
public const NAME = 'Long email username';
public const DESCRIPTION = 'The email\'s username exceeds the average length, which could suggest it\'s a temporary email address.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_with_long_local_part_length']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E08.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E08 extends BaseRule {
public const NAME = 'Long domain name';
public const DESCRIPTION = 'Email\'s domain name is too long. Long domain names are cheaply registered and rarely used for email addresses by regular users.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_with_long_domain_length']->equalTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E09.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E09 extends BaseRule {
public const NAME = 'Free email provider';
public const DESCRIPTION = 'Email belongs to free provider. These mailboxes are the easiest to create.';
public const ATTRIBUTES = ['domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_domain_free_email_provider']->equalTo(true),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E10.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E10 extends BaseRule {
public const NAME = 'The website is unavailable';
public const DESCRIPTION = 'Domain\'s website seems to be inactive, which could be a sign of fake mailbox.';
public const ATTRIBUTES = ['domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_website_is_disabled']->equalTo(true),
$this->rb['ld_domain_free_email_provider']->notEqualTo(true),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E11.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E11 extends BaseRule {
public const NAME = 'Disposable email';
public const DESCRIPTION = 'Disposable email addresses are temporary email addresses that users can create and use for a short period. They might use create fake accounts.';
public const ATTRIBUTES = ['email'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_is_disposable']->equalTo(true),
);
}
}

17
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E12.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E12 extends BaseRule {
public const NAME = 'Free email and no breaches';
public const DESCRIPTION = 'Email belongs to free provider and it doesn\'t appear in data breaches. It may be a sign of a throwaway mailbox.';
public const ATTRIBUTES = ['email'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_domain_free_email_provider']->equalTo(true),
//$this->rb['le_has_no_profiles']->equalTo(true),
$this->rb['le_has_no_data_breaches']->equalTo(true),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E13.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E13 extends BaseRule {
public const NAME = 'New domain';
public const DESCRIPTION = 'Domain name was registered recently, which is rare for average users.';
public const ATTRIBUTES = ['domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_days_since_domain_creation']->notEqualTo(-1),
$this->rb['ld_days_since_domain_creation']->lessThan(90),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E14.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E14 extends BaseRule {
public const NAME = 'No MX record';
public const DESCRIPTION = 'Email\'s domain name has no MX record, so domain is not able to have any mailboxes. It is a sign of fake mailbox.';
public const ATTRIBUTES = ['domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_domain_without_mx_record']->equalTo(true),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E15.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E15 extends BaseRule {
public const NAME = 'No breaches for email';
public const DESCRIPTION = 'The email was not involved in any data breaches, which could suggest it\'s a newly created or less frequently used mailbox.';
public const ATTRIBUTES = ['email'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_has_no_data_breaches']->equalTo(true),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E16.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E16 extends BaseRule {
public const NAME = 'Domain appears in spam lists';
public const DESCRIPTION = 'Email appears in spam lists, so the user may have spammed before.';
public const ATTRIBUTES = ['domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_from_blockdomains']->equalTo(true),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E17.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E17 extends BaseRule {
public const NAME = 'Free email and spam';
public const DESCRIPTION = 'Email appears in spam lists and registered by free provider. Increased risk of spamming.';
public const ATTRIBUTES = ['email', 'domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_domain_free_email_provider']->equalTo(true),
$this->rb['le_email_in_blockemails']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E19.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E19 extends BaseRule {
public const NAME = 'Multiple emails changed';
public const DESCRIPTION = 'User has changed their email.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$params['ee_email_count'] = count($params['ee_email']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ee_email_count']->greaterThan(1),
);
}
}

18
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E20.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E20 extends BaseRule {
public const NAME = 'Established domain (> 3 year old)';
public const DESCRIPTION = 'Email belongs to long-established domain name registered at least 3 years ago.';
public const ATTRIBUTES = ['domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_days_since_domain_creation']->notEqualTo(-1),
$this->rb['ld_days_since_domain_creation']->greaterThan(365 * 3),
$this->rb['ld_disposable_domains']->notEqualTo(true),
$this->rb['ld_free_email_provider']->notEqualTo(true),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E21.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E21 extends BaseRule {
public const NAME = 'No vowels in email';
public const DESCRIPTION = 'Email username does not contain any vowels.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_email_has_vowels']->equalTo(false),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E22.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E22 extends BaseRule {
public const NAME = 'No consonants in email';
public const DESCRIPTION = 'Email username does not contain any consonants.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_email_has_consonants']->equalTo(false),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

29
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E23.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E23 extends BaseRule {
public const NAME = 'Educational domain (.edu)';
public const DESCRIPTION = 'Email belongs to educational domain.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$emailHasEdu = false;
foreach ($params['ee_email'] as $email) {
if (str_ends_with($email, '.edu')) {
$emailHasEdu = true;
break;
}
}
$params['ee_has_edu'] = $emailHasEdu;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ee_has_edu']->equalTo(true),
);
}
}

29
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E24.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E24 extends BaseRule {
public const NAME = 'Government domain (.gov)';
public const DESCRIPTION = 'Email belongs to government domain.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$emailHasGov = false;
foreach ($params['ee_email'] as $email) {
if (str_ends_with($email, '.gov')) {
$emailHasGov = true;
break;
}
}
$params['ee_has_gov'] = $emailHasGov;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ee_has_gov']->equalTo(true),
);
}
}

29
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E25.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E25 extends BaseRule {
public const NAME = 'Military domain (.mil)';
public const DESCRIPTION = 'Email belongs to military domain.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$emailHasMil = false;
foreach ($params['ee_email'] as $email) {
if (str_ends_with($email, '.mil')) {
$emailHasMil = true;
break;
}
}
$params['ee_has_mil'] = $emailHasMil;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ee_has_mil']->equalTo(true),
);
}
}

29
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E26.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E26 extends BaseRule {
public const NAME = 'iCloud mailbox';
public const DESCRIPTION = 'Email belongs to Apple domains icloud.com, me.com or mac.com.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$emailHasApple = false;
foreach ($params['ee_email'] as $email) {
if (str_ends_with($email, '@icloud.com') || str_ends_with($email, '@me.com') || str_ends_with($email, '@mac.com')) {
$emailHasApple = true;
break;
}
}
$params['ee_has_apple'] = $emailHasApple;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ee_has_apple']->equalTo(true),
);
}
}

17
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E27.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E27 extends BaseRule {
public const NAME = 'Email breaches';
public const DESCRIPTION = 'Email appears in data breaches.';
public const ATTRIBUTES = ['email'];
protected function defineCondition() {
return $this->rb->logicalAnd(
//$this->rb['le_has_no_profiles']->equalTo(false),
// do not trigger if le_data_breach is null,
$this->rb['le_data_breach']->equalTo(true),
);
}
}

16
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E28.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E28 extends BaseRule {
public const NAME = 'No digits in email';
public const DESCRIPTION = 'The email address does not include digits.';
public const ATTRIBUTES = [];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['le_email_has_no_digits']->equalTo(true),
$this->rb['le_local_part_len']->greaterThan(0),
);
}
}

15
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E29.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E29 extends BaseRule {
public const NAME = 'Old breach (>3 years)';
public const DESCRIPTION = 'The earliest data breach associated with the email appeared more than 3 years ago. Can be used as sign of aged email.';
public const ATTRIBUTES = ['email'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ee_days_since_first_breach']->greaterThan(365 * 3),
);
}
}

17
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/E30.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace Controllers\Admin\Rules\Set;
class E30 extends BaseRule {
public const NAME = 'Domain with average rank';
public const DESCRIPTION = 'Email domain has tranco rank between 100.000 and 4.000.000';
public const ATTRIBUTES = ['domain'];
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['ld_tranco_rank']->greaterThan(100000),
$this->rb['ld_tranco_rank']->lessThan(4000000),
$this->rb['ld_domain_free_email_provider']->notEqualTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/I01.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class I01 extends BaseRule {
public const NAME = 'IP belongs to TOR';
public const DESCRIPTION = 'IP address is assigned to The Onion Router network. Very few people use TOR, mainly used for anonymization and accessing censored resources.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_tor'] = in_array(true, $params['eip_tor']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_tor']->equalTo(true),
);
}
}

25
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/I02.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace Controllers\Admin\Rules\Set;
class I02 extends BaseRule {
public const NAME = 'IP hosting domain';
public const DESCRIPTION = 'Higher risk of crawler bot. Such IP addresses are used only for hosting and are not provided to regular users by ISP.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$arrWithPositiveDomainsCounts = array_filter($params['eip_domains_count_len'], static function ($value): bool {
return $value > 0;
});
$params['eip_domains_count_len'] = count($arrWithPositiveDomainsCounts) > 0;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_domains_count_len']->greaterThan(0),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/I03.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class I03 extends BaseRule {
public const NAME = 'IP appears in spam list';
public const DESCRIPTION = 'User may have exhibited unwanted activity before at other web services.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_blocklist'] = in_array(true, $params['eip_blocklist']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_blocklist']->equalTo(true),
);
}
}

25
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/I04.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace Controllers\Admin\Rules\Set;
class I04 extends BaseRule {
public const NAME = 'Shared IP';
public const DESCRIPTION = 'Multiple users detected on the same IP address. High risk of multi-accounting.';
public const ATTRIBUTES = [];
protected function prepareParams(array $params): array {
$arrWithPositiveSharedIps = array_filter($params['eip_shared'], function ($item) {
return $item > 1;
});
$params['eip_shared'] = count($arrWithPositiveSharedIps) > 0;
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_shared']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/I05.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class I05 extends BaseRule {
public const NAME = 'IP belongs to commercial VPN';
public const DESCRIPTION = 'User tries to hide their real location or bypass regional blocking.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_vpn'] = in_array(true, $params['eip_vpn']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_vpn']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/I06.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class I06 extends BaseRule {
public const NAME = 'IP belongs to datacenter';
public const DESCRIPTION = 'The user is utilizing an ISP datacenter, which highly suggests the use of a VPN, script, or privacy software.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_data_center'] = in_array(true, $params['eip_data_center']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_data_center']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/I07.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class I07 extends BaseRule {
public const NAME = 'IP belongs to Apple Relay';
public const DESCRIPTION = 'IP address belongs to iCloud Private Relay, part of an iCloud+ subscription.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_relay'] = in_array(true, $params['eip_relay']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_relay']->equalTo(true),
);
}
}

21
CloudronStack/output/CloudronPackages-Artifacts/tirreno/app/Controllers/Admin/Rules/Set/I08.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace Controllers\Admin\Rules\Set;
class I08 extends BaseRule {
public const NAME = 'IP belongs to Starlink';
public const DESCRIPTION = 'IP address belongs to SpaceX satellite network.';
public const ATTRIBUTES = ['ip'];
protected function prepareParams(array $params): array {
$params['eip_starlink'] = in_array(true, $params['eip_starlink']);
return $params;
}
protected function defineCondition() {
return $this->rb->logicalAnd(
$this->rb['eip_starlink']->equalTo(true),
);
}
}

Some files were not shown because too many files have changed in this diff Show More