New security suite layer

Api/RestrictInterface.php

@@ -22,8 +22,8 @@
 
 interface RestrictInterface
 {
-    const XML_PATH_ENABLED = 'msp_securitysuite/adminrestriction/enabled';
-    const XML_PATH_AUTHORIZED_RANGES = 'msp_securitysuite/adminrestriction/authorized_ranges';
+    const XML_PATH_ENABLED = 'msp_securitysuite_adminrestriction/general/enabled';
+    const XML_PATH_AUTHORIZED_RANGES = 'msp_securitysuite_adminrestriction/general/authorized_ranges';
 
     /**
      * Return true if current user is allowed to access backend

Plugin/AppInterfacePlugin.php

@@ -24,6 +24,7 @@
 use Magento\Framework\AppInterface;
 use Magento\Framework\App\RequestInterface;
 use Magento\Framework\App\Response\Http;
+use Magento\Framework\ObjectManagerInterface;
 use Magento\Framework\UrlInterface;
 use MSP\AdminRestriction\Api\RestrictInterface;
 use MSP\SecuritySuiteCommon\Api\LogManagementInterface;
@@ -61,11 +62,16 @@ class AppInterfacePlugin
      * @var RestrictInterface
      */
     private $restrict;
+
     /**
      * @var UtilsInterface
      */
     private $utils;
 
+    /**
+     * @var ObjectManagerInterface
+     */
+    private $objectManager;
 
     public function __construct(
         RequestInterface $request,
@@ -74,7 +80,8 @@ public function __construct(
         State $state,
         EventInterface $event,
         RestrictInterface $restrict,
-        UtilsInterface $utils
+        UtilsInterface $utils,
+        ObjectManagerInterface $objectManager
     ) {
         $this->request = $request;
         $this->http = $http;
@@ -83,6 +90,7 @@ public function __construct(
         $this->restrict = $restrict;
         $this->event = $event;
         $this->utils = $utils;
+        $this->objectManager = $objectManager;
     }
 
     public function aroundLaunch(AppInterface $subject, \Closure $proceed)
@@ -95,9 +103,12 @@ public function aroundLaunch(AppInterface $subject, \Closure $proceed)
                 ]);
 
                 $this->state->setAreaCode('frontend');
-                $this->http->setRedirect($this->url->getUrl('msp_security_suite/stop', [
-                    'reason' => 'Unauthorized access attempt',
-                ]));
+
+                // Must use object manager because a session cannot be activated before setting area
+                $this->objectManager->get('MSP\SecuritySuiteCommon\Api\SessionInterface')
+                    ->setEmergencyStopMessage(__('Unauthorized access attempt'));
+
+                $this->http->setRedirect($this->url->getUrl('msp_security_suite/stop'));
                 return $this->http;
             }
         }

Setup/UpgradeData.php

@@ -0,0 +1,68 @@
+<?php
+/**
+ * MageSpecialist
+ *
+ * NOTICE OF LICENSE
+ *
+ * This source file is subject to the Open Software License (OSL 3.0)
+ * that is bundled with this package in the file LICENSE.txt.
+ * It is also available through the world-wide-web at this URL:
+ * http://opensource.org/licenses/osl-3.0.php
+ * If you did not receive a copy of the license and are unable to
+ * obtain it through the world-wide-web, please send an email
+ * to [email protected] so we can send you a copy immediately.
+ *
+ * @category   MSP
+ * @package    MSP_AdminRestriction
+ * @copyright  Copyright (c) 2017 Skeeller srl (http://www.magespecialist.it)
+ * @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
+ */
+
+namespace MSP\AdminRestriction\Setup;
+
+use Magento\Framework\Setup\ModuleContextInterface;
+use Magento\Framework\Setup\ModuleDataSetupInterface;
+use Magento\Framework\Setup\UpgradeDataInterface;
+use MSP\SecuritySuiteCommon\Model\ConfigMigration;
+
+class UpgradeData implements UpgradeDataInterface
+{
+    /**
+     * @var ConfigMigration
+     */
+    private $configMigration;
+
+    public function __construct(
+        ConfigMigration $configMigration
+    )
+    {
+        $this->configMigration = $configMigration;
+    }
+
+    protected function upgradeTo010200(ModuleDataSetupInterface $setup)
+    {
+        $this->configMigration->doConfigMigration(
+            $setup,
+            'msp_securitysuite/adminrestriction',
+            'msp_securitysuite_adminrestriction/general'
+        );
+    }
+
+    /**
+     * Upgrades data for a module
+     *
+     * @param ModuleDataSetupInterface $setup
+     * @param ModuleContextInterface $context
+     * @return void
+     */
+    public function upgrade(ModuleDataSetupInterface $setup, ModuleContextInterface $context)
+    {
+        $setup->startSetup();
+
+        if (version_compare($context->getVersion(), '1.2.0') < 0) {
+            $this->upgradeTo010200($setup);
+        }
+
+        $setup->endSetup();
+    }
+}

composer.json

@@ -3,9 +3,7 @@
     "description": "Magento2 Admin IP based restriction - Member of MageSpecialist SecuritySuite",
     "require": {
         "php": "~7.0.0",
-        "msp/common": "*",
-        "msp/security-suite-common": ">=1.0.3",
-
+        "msp/security-suite-common": "^1.2",
         "magento/magento-composer-installer": "*"
     },
     "suggest": {

etc/adminhtml/system.xml

@@ -22,9 +22,21 @@
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Config:etc/system_file.xsd">
     <system>
-        <section id="msp_securitysuite">
-            <group id="adminrestriction" translate="label" type="text" sortOrder="10" showInDefault="1" showInWebsite="0" showInStore="0">
-                <label>Backend IP Restriction</label>
+
+        <section id="msp_securitysuite_adminrestriction" translate="label" type="text" sortOrder="20" showInDefault="1" showInWebsite="1" showInStore="1">
+            <class>separator-top</class>
+            <label>Backend IP restriction</label>
+            <tab>msp_securitysuite</tab>
+            <resource>MSP_SecuritySuite::config</resource>
+
+            <group id="general" translate="label" type="text" sortOrder="0" showInDefault="1" showInWebsite="1" showInStore="1">
+                <label>General</label>
+                <comment><![CDATA[
+                    <div class="msp_securitysuite-comment">
+                        This module is a memeber of <strong><a target="_blank" href="https://github.com/magespecialist/m2-MSP_Security_Suite">MageSpecialist Security Suite</a></strong>. <a target="_blank" href="https://github.com/magespecialist/m2-MSP_Security_Suite">Click here</a> to see all the Security Suite modules.<br />
+                        Source code, installation and configuration guide: <a target="_blank" href="https://github.com/magespecialist/m2-MSP_Security_Suite">https://github.com/magespecialist/m2-MSP_Security_Suite</a>.
+                    </div>
+                ]]></comment>
                 <field id="enabled" translate="label" type="select" sortOrder="10" showInDefault="1" showInWebsite="0" showInStore="0">
                     <label>Enabled</label>
                     <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>

etc/config.xml

@@ -22,10 +22,10 @@
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Store:etc/config.xsd">
     <default>
-        <msp_securitysuite>
-            <adminrestriction>
+        <msp_securitysuite_adminrestriction>
+            <general>
                 <enabled>0</enabled>
-            </adminrestriction>
-        </msp_securitysuite>
+            </general>
+        </msp_securitysuite_adminrestriction>
     </default>
 </config>

etc/module.xml

@@ -21,9 +21,8 @@
 -->
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:noNamespaceSchemaLocation="urn:magento:framework:Module/etc/module.xsd">
-    <module name="MSP_AdminRestriction" setup_version="1.0.1">
+    <module name="MSP_AdminRestriction" setup_version="1.2.0">
         <sequence>
-            <module name="MSP_Common"/>
             <module name="MSP_SecuritySuiteCommon"/>
         </sequence>
     </module>