protected boolean isAllowed()

in plugin-core/plugin/src/main/groovy/grails/plugin/springsecurity/web/filter/IpAddressFilter.groovy [104:134]

• 27 lines of code
• 11 McCabe index (conditional complexity)

	protected boolean isAllowed(HttpServletRequest request) {
		String ip = request.remoteAddr
		if (allowLocalhost && (IPV4_LOOPBACK == ip || IPV6_LOOPBACK == ip)) {
			return true
		}

		String uri = request.getAttribute(WebUtils.FORWARD_REQUEST_URI_ATTRIBUTE)
		if (!uri) {
			uri = request.requestURI
			String contextPath = request.contextPath
			if (contextPath != '/' && uri.startsWith(contextPath)) {
				uri = uri.substring(contextPath.length())
			}
		}

		List<InterceptedUrl> matching = findMatchingRules(uri)
		if (!matching) {
			return true
		}

		for (InterceptedUrl iu in matching) {
			for (ConfigAttribute ipPattern in iu.configAttributes) {
				if (new IpAddressMatcher(ipPattern.attribute).matches(request)) {
					return true
				}
			}
		}

		log.warn 'disallowed request {} from {}', uri, ip
		false
	}