add redis and memcached connection checks

mobula9 · mobula9 · commit 35b6e9fb70c4 · 2020-12-22T10:59:31.000+01:00
diff --git a/inc/admin/advanced-settings.php b/inc/admin/advanced-settings.php
@@ -1,5 +1,6 @@
 <?php
 
+use CrowdSecBouncer\BouncerException;
 use CrowdSecBouncer\Constants;
 
 function adminAdvancedSettings()
@@ -53,31 +54,82 @@ function adminAdvancedSettings()
 <?php
     }, 'crowdsec_advanced_settings');
 
+    // Field "crowdsec_redis_dsn"
+    addFieldString('crowdsec_redis_dsn', 'Redis DSN<br>(if applicable)', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_cache', function ($input) {
+        // TODO P1 block remove if cache set to redis
+        // TODO P1 Display an error in all sections (settings and advanced) when a cache config can not work.
+        return $input;
+    }, '<p>Fill in this field only if you have chosen the Redis cache.<br>Example of DSN: redis://localhost:6379.', 'redis://...', '');
+
+    // Field "crowdsec_memcached_dsn"
+    addFieldString('crowdsec_memcached_dsn', 'Memcached DSN<br>(if applicable)', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_cache', function ($input) {
+        // TODO P1 block remove if cache set to memcached
+        // TODO P1 Display an error in all sections (settings and advanced) when a cache config can not work.
+        return $input;
+    }, '<p>Fill in this field only if you have chosen the Memcached cache.<br>Example of DSN: memcached://localhost:11211.', 'memcached://...', '');
+
     // Field "crowdsec_cache_system"
     addFieldSelect('crowdsec_cache_system', 'Technology', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_cache', function ($input) {
         if (!in_array($input, [CROWDSEC_CACHE_SYSTEM_PHPFS, CROWDSEC_CACHE_SYSTEM_REDIS, CROWDSEC_CACHE_SYSTEM_MEMCACHED])) {
             $input = CROWDSEC_CACHE_SYSTEM_PHPFS;
             add_settings_error('Technology', 'crowdsec_error', 'Technology: Incorrect cache technology selected.');
         }
 
-        
         try {
             $bouncer = getBouncerInstance();
-            $bouncer->clearCache();
+            try {
+                $bouncer->clearCache();
+            } catch (BouncerException $e) {
+                $cacheSystem = esc_attr(get_option('crowdsec_cache_system'));
+                switch ($cacheSystem) {
+                    case CROWDSEC_CACHE_SYSTEM_MEMCACHED:
+                        throw new WordpressCrowdSecBouncerException('Unable to connect Memcached.'.
+                            ' Please fix the Memcached DSN or select another cache technology.');
+                        break;
+
+                    case CROWDSEC_CACHE_SYSTEM_REDIS:
+                        throw new WordpressCrowdSecBouncerException('Unable to connect Redis.'.
+                            ' Please fix the Redis DSN or select another cache technology.');
+                    default:
+                    throw new WordpressCrowdSecBouncerException('Unable to connect the cache system: '.$e->getMessage());
+                }
+            }
+
             $message = __('Cache system changed. Previous cache data has been cleared.');
+        } catch (WordpressCrowdSecBouncerException $e) {
+        }
 
-            // Update wp-cron schedule if stream mode is enabled
-            if ((bool) get_option('crowdsec_stream_mode')) {
-                $bouncer = getBouncerInstance($input); // Reload bouncer instance with the new cache system
-                $result = $bouncer->warmBlocklistCacheUp();
-                $message .= __(' As the stream mode is enabled, the cache has just been warmed up, '.($result > 0 ? 'there are now '.$result.' decisions' : 'there is now '.$result.' decision').' in cache.');
-                scheduleBlocklistRefresh();
+        try {
+            // Reload bouncer instance with the new cache system and so test if dsn is correct.
+            getCacheAdapterInstance($input);
+            try {
+                // Try the adapter connection (Redis or Memcached will crash if the connection is incorrect)
+                $bouncer = getBouncerInstance($input);
+                $bouncer->testConnection();
+            } catch (BouncerException $e) {
+                throw new WordpressCrowdSecBouncerException($e->getMessage());
             }
-            AdminNotice::displaySuccess($message);
         } catch (WordpressCrowdSecBouncerException $e) {
             AdminNotice::displayError($e->getMessage());
         }
 
+        try {
+            try {
+                //Update wp-cron schedule if stream mode is enabled
+                if ((bool) get_option('crowdsec_stream_mode')) {
+                    $bouncer = getBouncerInstance($input); // Reload bouncer instance with the new cache system
+                    $result = $bouncer->warmBlocklistCacheUp();
+                    $message = __('As the stream mode is enabled, the cache has just been warmed up, '.($result > 0 ? 'there are now '.$result.' decisions' : 'there is now '.$result.' decision').' in cache.');
+                    AdminNotice::displaySuccess($message);
+                    scheduleBlocklistRefresh();
+                }
+            } catch (WordpressCrowdSecBouncerException $e) {
+                AdminNotice::displayError($e->getMessage());
+            }
+        } catch (BouncerException $e) {
+            AdminNotice::displayError($e->getMessage());
+        }
+
         return $input;
     }, ((CROWDSEC_CACHE_SYSTEM_PHPFS === get_option('crowdsec_cache_system')) ?
         '<input style="margin-right:10px" type="button" value="Prune now" class="button button-secondary" onclick="document.getElementById(\'crowdsec_ation_prune_cache\').submit();">' : '').
@@ -87,20 +139,6 @@ function adminAdvancedSettings()
         CROWDSEC_CACHE_SYSTEM_MEMCACHED => 'Memcached',
     ]);
 
-    // Field "crowdsec_redis_dsn"
-    addFieldString('crowdsec_redis_dsn', 'Redis DSN<br>(if applicable)', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_cache', function ($input) {
-        // TODO P1 block remove if cache set to redis
-        // TODO P1 Display an error in all sections (settings and advanced) when a cache config can not work.
-        return $input;
-    }, '<p>Fill in this field only if you have chosen the Redis cache.<br>Example of DSN: redis://localhost:6379.', 'redis://...', '');
-
-    // Field "crowdsec_memcached_dsn"
-    addFieldString('crowdsec_memcached_dsn', 'Memcached DSN<br>(if applicable)', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_cache', function ($input) {
-        // TODO P1 block remove if cache set to memcached
-        // TODO P1 Display an error in all sections (settings and advanced) when a cache config can not work.
-        return $input;
-    }, '<p>Fill in this field only if you have chosen the Memcached cache.<br>Example of DSN: memcached://localhost:11211.', 'memcached://...', '');
-
     // Field "crowdsec_clean_ip_cache_duration"
     addFieldString('crowdsec_clean_ip_cache_duration', 'Recheck clean IPs each', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_cache', function ($input) {
         if ((int) $input <= 0) {
diff --git a/inc/admin/init.php b/inc/admin/init.php
@@ -20,12 +20,6 @@ function wrapBlockingErrorMessage(string $errorMessage)
     '<br>Important: Until you fix this problem, <strong>the website will not be protected against attacks</strong>.';
     }
 
-    if (false) {
-        // TODO P1
-        $message = wrapBlockingErrorMessage('Please fill the Redis DSN or select another cache technology.');
-        AdminNotice::displayError($message);
-    }
-
     function clearBouncerCacheInAdminPage()
     {
         try {
diff --git a/inc/bouncer-instance.php b/inc/bouncer-instance.php
@@ -1,13 +1,15 @@
 <?php
 
 use CrowdSecBouncer\Bouncer;
+use CrowdSecBouncer\BouncerException;
 use CrowdSecBouncer\Constants;
 use Monolog\Handler\RotatingFileHandler;
 use Monolog\Logger;
 use Symfony\Component\Cache\Adapter\AbstractAdapter;
 use Symfony\Component\Cache\Adapter\MemcachedAdapter;
 use Symfony\Component\Cache\Adapter\PhpFilesAdapter;
 use Symfony\Component\Cache\Adapter\RedisAdapter;
+use Symfony\Component\Cache\Exception\InvalidArgumentException;
 
 /** @var Logger|null */
 $crowdSecLogger = null;
@@ -71,9 +73,18 @@ function getCacheAdapterInstance(string $forcedCacheSystem = null): AbstractAdap
                 ' Please set a Redis DSN or select another cache technology.');
             }
 
-            $crowdSecCacheAdapterInstance = new RedisAdapter(RedisAdapter::createConnection($redisDsn));
+            try {
+                $crowdSecCacheAdapterInstance = new RedisAdapter(RedisAdapter::createConnection($redisDsn));
+            } catch (InvalidArgumentException $e) {
+                throw new WordpressCrowdSecBouncerException('Error when connecting to Redis.'.
+                ' Please fix the Redis DSN or select another cache technology.');
+            }
+
             break;
+        default:
+            throw new WordpressCrowdSecBouncerException('Unknow selected cache technology.');
     }
+
     return $crowdSecCacheAdapterInstance;
 }
 
@@ -131,8 +142,10 @@ function getBouncerInstance(string $forcedCacheSystem = null): Bouncer
     } catch (Symfony\Component\Cache\Exception\InvalidArgumentException $e) {
         throw new WordpressCrowdSecBouncerException($e->getMessage());
     }
-    $bouncer = new Bouncer($cacheAdapter, $logger);
-    $bouncer->configure([
+
+    try {
+        $bouncer = new Bouncer($cacheAdapter, $logger);
+        $bouncer->configure([
         'api_key' => $apiKey,
         'api_url' => $apiUrl,
         'api_user_agent' => CROWDSEC_BOUNCER_USER_AGENT,
@@ -142,6 +155,9 @@ function getBouncerInstance(string $forcedCacheSystem = null): Bouncer
         'cache_expiration_for_clean_ip' => $cleanIpCacheDuration,
         'cache_expiration_for_bad_ip' => $badIpCacheDuration,
     ], $cacheAdapter);
+    } catch (BouncerException $e) {
+        throw new WordpressCrowdSecBouncerException($e->getMessage());
+    }
 
     return $bouncer;
 }
diff --git a/inc/templates/advanced-settings.php b/inc/templates/advanced-settings.php
@@ -1,5 +1,33 @@
 <div class="wrap">
 	<h1>CrowdSec Advanced Settings</h1>
+	<script type="text/javascript">
+
+	jQuery(() => {
+		const $cacheTechno = jQuery('[name=crowdsec_cache_system]');
+		const $cacheTechnoDiv = $cacheTechno.parent().parent();
+		const $redisDsnDiv = jQuery('[name=crowdsec_redis_dsn]').parent().parent();
+		const $memcachedDsnDiv = jQuery('[name=crowdsec_memcached_dsn]').parent().parent();
+		$cacheTechnoDiv.insertBefore($redisDsnDiv);
+
+		function updateDsnDisplay () {
+			switch ($cacheTechno.val()) {
+				case 'redis':
+					$redisDsnDiv.show();
+					$memcachedDsnDiv.hide();
+					break;
+				case 'memcached':
+					$redisDsnDiv.hide();
+					$memcachedDsnDiv.show();
+					break;
+				default:
+					$redisDsnDiv.hide();
+					$memcachedDsnDiv.hide();
+			}
+		}
+		updateDsnDisplay();
+		$cacheTechno.change(updateDsnDisplay);
+	});
+	</script>
 	<?php settings_errors(); ?>
 	<div class="tab-content">
 		<div id="tab-1" class="tab-pane active">

Original file line number	Diff line number	Diff line change
`@@ -20,12 +20,6 @@ function wrapBlockingErrorMessage(string $errorMessage)`
`20`	`20`	`'<br>Important: Until you fix this problem, <strong>the website will not be protected against attacks</strong>.';`
`21`	`21`	`}`
`22`	`22`
`23`		`- if (false) {`
`24`		`- // TODO P1`
`25`		`- $message = wrapBlockingErrorMessage('Please fill the Redis DSN or select another cache technology.');`
`26`		`- AdminNotice::displayError($message);`
`27`		`- }`
`28`		`-`
`29`	`23`	`function clearBouncerCacheInAdminPage()`
`30`	`24`	`{`
`31`	`25`	`try {`