protected boolean isAccessAllowed()

in web/src/main/java/org/apache/shiro/web/filter/authz/IpFilter.java [113:138]

• 26 lines of code
• 9 McCabe index (conditional complexity)

    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
        String remoteIp = getHostFromRequest(request);
        for (IpAddressMatcher matcher : deniedIpMatchers) {
            if (matcher.matches(remoteIp)) {
                return false;
            }
        }
        for (String ip : ipSource.getDeniedIps()) {
            IpAddressMatcher matcher = new IpAddressMatcher(ip);
            if (matcher.matches(remoteIp)) {
                return false;
            }
        }
        for (IpAddressMatcher matcher : authorizedIpMatchers) {
            if (matcher.matches(remoteIp)) {
                return true;
            }
        }
        for (String ip : ipSource.getAuthorizedIps()) {
            IpAddressMatcher matcher = new IpAddressMatcher(ip);
            if (matcher.matches(remoteIp)) {
                return true;
            }
        }
        return false;
    }