Protect: Add IP block and allow list toggles (#38265)

* Add individual controls for toggling the IP block and allow lists.

* Add block and allow list toggles

* Remove missed export

* Disable save when lists haven't changed

* Unify styling

* Add changelog entry

* Add handling for when WAF is disabled

* Fix tests

* Add changelog

* Optimize

* Remove is_enabled check that is no longer necessary

* Revert test changes

* Revert WAF changes

* changelog

* Remove WAF changelog

* Adjustments

* Remove block list disable useEffect and ensure consistency of lists in disabled state

---------

Co-authored-by: Nate Weller <[email protected]>

projects/plugins/protect/changelog/add-protect-ip-block-and-allow-list-toggles

@@ -0,0 +1,4 @@
+Significance: minor
+Type: added
+
+Adds dedicated WAF allow and block list toggles

projects/plugins/protect/src/js/components/firewall-header/index.jsx

@@ -98,17 +98,19 @@ const FirewallSubheadingContent = ( { className, text = '', popover = false, chi
 };
 
 const FirewallSubheading = ( {
+	jetpackWafIpBlockListEnabled,
+	jetpackWafIpAllowListEnabled,
 	hasRequiredPlan,
 	automaticRulesAvailable,
-	jetpackWafIpList,
 	jetpackWafAutomaticRules,
 	bruteForceProtectionIsEnabled,
 	wafSupported,
 } ) => {
-	const allRules = wafSupported && jetpackWafAutomaticRules && jetpackWafIpList;
-	const automaticRules = wafSupported && jetpackWafAutomaticRules && ! jetpackWafIpList;
-	const manualRules = wafSupported && ! jetpackWafAutomaticRules && jetpackWafIpList;
-	const noRules = wafSupported && ! jetpackWafAutomaticRules && ! jetpackWafIpList;
+	const allowOrBlockListEnabled = jetpackWafIpBlockListEnabled || jetpackWafIpAllowListEnabled;
+	const allRules = wafSupported && jetpackWafAutomaticRules && allowOrBlockListEnabled;
+	const automaticRules = wafSupported && jetpackWafAutomaticRules && ! allowOrBlockListEnabled;
+	const manualRules = wafSupported && ! jetpackWafAutomaticRules && allowOrBlockListEnabled;
+	const noRules = wafSupported && ! jetpackWafAutomaticRules && ! allowOrBlockListEnabled;
 
 	return (
 		<>
@@ -157,7 +159,8 @@ const FirewallHeader = ( {
 	hasRequiredPlan,
 	automaticRulesEnabled,
 	automaticRulesAvailable,
-	jetpackWafIpList,
+	jetpackWafIpBlockListEnabled,
+	jetpackWafIpAllowListEnabled,
 	jetpackWafAutomaticRules,
 	bruteForceProtectionIsEnabled,
 	wafSupported,
@@ -193,7 +196,8 @@ const FirewallHeader = ( {
 										  ) ) }
 							</H3>
 							<FirewallSubheading
-								jetpackWafIpList={ jetpackWafIpList }
+								jetpackWafIpBlockListEnabled={ jetpackWafIpBlockListEnabled }
+								jetpackWafIpAllowListEnabled={ jetpackWafIpAllowListEnabled }
 								jetpackWafAutomaticRules={ jetpackWafAutomaticRules }
 								bruteForceProtectionIsEnabled={ bruteForceProtectionIsEnabled }
 								hasRequiredPlan={ hasRequiredPlan }
@@ -217,7 +221,8 @@ const FirewallHeader = ( {
 										  ) ) }
 							</H3>
 							<FirewallSubheading
-								jetpackWafIpList={ jetpackWafIpList }
+								jetpackWafIpBlockListEnabled={ jetpackWafIpBlockListEnabled }
+								jetpackWafIpAllowListEnabled={ jetpackWafIpAllowListEnabled }
 								jetpackWafAutomaticRules={ jetpackWafAutomaticRules }
 								bruteForceProtectionIsEnabled={ bruteForceProtectionIsEnabled }
 								hasRequiredPlan={ hasRequiredPlan }
@@ -250,7 +255,8 @@ const ConnectedFirewallHeader = () => {
 	const {
 		config: {
 			jetpackWafAutomaticRules,
-			jetpackWafIpList,
+			jetpackWafIpBlockListEnabled,
+			jetpackWafIpAllowListEnabled,
 			standaloneMode,
 			automaticRulesAvailable,
 			bruteForceProtection,
@@ -269,7 +275,8 @@ const ConnectedFirewallHeader = () => {
 			hasRequiredPlan={ hasRequiredPlan }
 			automaticRulesEnabled={ jetpackWafAutomaticRules }
 			automaticRulesAvailable={ automaticRulesAvailable }
-			jetpackWafIpList={ jetpackWafIpList }
+			jetpackWafIpBlockListEnabled={ jetpackWafIpBlockListEnabled }
+			jetpackWafIpAllowListEnabled={ jetpackWafIpAllowListEnabled }
 			jetpackWafAutomaticRules={ jetpackWafAutomaticRules }
 			bruteForceProtectionIsEnabled={ bruteForceProtection }
 			wafSupported={ wafSupported }

projects/plugins/protect/src/js/hooks/use-waf-data/index.jsx

@@ -74,16 +74,32 @@ const useWafData = () => {
 	}, [ ensureModuleIsEnabled, refreshWaf, setWafIsUpdating, waf.config.jetpackWafAutomaticRules ] );
 
 	/**
-	 * Toggle Manual Rules
+	 * Toggle IP Allow List
 	 *
-	 * Flips the switch on the WAF IP list feature, and then refreshes the data.
+	 * Flips the switch on the WAF IP allow list feature, and then refreshes the data.
 	 */
-	const toggleManualRules = useCallback( () => {
+	const toggleIpAllowList = useCallback( () => {
 		setWafIsUpdating( true );
-		return API.updateWaf( { jetpack_waf_ip_list: ! waf.config.jetpackWafIpList } )
+		return API.updateWaf( {
+			jetpack_waf_ip_allow_list_enabled: ! waf.config.jetpackWafIpAllowListEnabled,
+		} )
 			.then( refreshWaf )
 			.finally( () => setWafIsUpdating( false ) );
-	}, [ refreshWaf, setWafIsUpdating, waf.config.jetpackWafIpList ] );
+	}, [ refreshWaf, setWafIsUpdating, waf.config.jetpackWafIpAllowListEnabled ] );
+
+	/**
+	 * Toggle IP Block List
+	 *
+	 * Flips the switch on the WAF IP block list feature, and then refreshes the data.
+	 */
+	const toggleIpBlockList = useCallback( () => {
+		setWafIsUpdating( true );
+		return API.updateWaf( {
+			jetpack_waf_ip_block_list_enabled: ! waf.config.jetpackWafIpBlockListEnabled,
+		} )
+			.then( refreshWaf )
+			.finally( () => setWafIsUpdating( false ) );
+	}, [ refreshWaf, setWafIsUpdating, waf.config.jetpackWafIpBlockListEnabled ] );
 
 	/**
 	 * Toggle Brute Force Protection
@@ -152,7 +168,8 @@ const useWafData = () => {
 		refreshWaf,
 		toggleWaf,
 		toggleAutomaticRules,
-		toggleManualRules,
+		toggleIpAllowList,
+		toggleIpBlockList,
 		toggleBruteForceProtection,
 		toggleShareData,
 		toggleShareDebugData,