protected function saveSettings(array $post = []) : bool
{
$filterName = '\\Airship\\Cabin\\' . CABIN_NAME . '\\AirshipFilter';
if (\class_exists($filterName)) {
$filter = new $filterName();
$post = $filter($post);
}
$twigEnv = \Airship\configWriter(ROOT . '/config/templates');
$csp = [];
foreach ($post['content_security_policy'] as $dir => $rules) {
if ($dir === 'upgrade-insecure-requests') {
continue;
}
if (empty($rules['allow'])) {
$csp[$dir]['allow'] = [];
} else {
$csp[$dir]['allow'] = [];
foreach ($rules['allow'] as $url) {
if (!empty($url) && \is_string($url)) {
$csp[$dir]['allow'][] = $url;
}
}
}
if (isset($rules['disable-security'])) {
$csp[$dir]['allow'][] = '*';
}
if ($dir === 'script-src') {
$csp[$dir]['unsafe-inline'] = !empty($rules['unsafe-inline']);
$csp[$dir]['unsafe-eval'] = !empty($rules['unsafe-eval']);
} elseif ($dir === 'style-src') {
$csp[$dir]['unsafe-inline'] = !empty($rules['unsafe-inline']);
} elseif ($dir !== 'plugin-types') {
$csp[$dir]['self'] = !empty($rules['self']);
$csp[$dir]['data'] = !empty($rules['data']);
}
}
$csp['upgrade-insecure-requests'] = !empty($post['content_security_policy']['upgrade-insecure-requests']);
if (isset($csp['inherit'])) {
unset($csp['inherit']);
}
if ($post['universal']['ledger']['driver'] === 'database') {
if (empty($post['universal']['ledger']['table'])) {
// Table name must be provided.
return false;
}
}
// Save CSP
\Airship\saveJSON(ROOT . '/config/content_security_policy.json', $csp);
if (empty($post['universal']['guest_groups'])) {
$post['universal']['guest_groups'] = [];
} else {
foreach ($post['universal']['guest_groups'] as $i => $g) {
$post['universal']['guest_groups'][$i] = (int) $g;
}
}
// Save universal config
return \file_put_contents(ROOT . '/config/universal.json', $twigEnv->render('universal.twig', ['universal' => $post['universal']])) !== false;
}