CleanTalk · Glomberg · Dec 7, 2023 · Dec 5, 2023
diff --git a/lib/CleantalkSP/Security/Firewall.php b/lib/CleantalkSP/Security/Firewall.php
@@ -174,19 +174,19 @@ private function reduceFirewallResultsByPriority(array $firewall_results)
             )
         );
 
-        foreach ( $firewall_results as $firewall_result__current ) {
-            if ($this->excludeResultFromCalculation($firewall_result__current, $firewall_result__final)) {
-                continue;
-            }
+        // 1) Select only personal listed results
+        $priority_firewall_results = $this->filterResultsByLists($firewall_results);
 
-            // if ip is passed as SKIPPED_NETWORK (status 99) set this result as final and proceed next db result
+        foreach ( $priority_firewall_results as $firewall_result__current ) {
+            // 2) If ip is passed as SKIPPED_NETWORK (status 99) set this result as final and proceed next db result
             if ( $firewall_result__current->status === 'PASS_AS_SKIPPED_NETWORK' ) {
                 //set status to passed to let other modules check this ip
                 $firewall_result__current->status = 'PASSED';
                 $firewall_result__final = $firewall_result__current;
                 continue;
             }
 
+            // 3) Calculate priority by masks and statuses
             $priority_current = $this->calculatePriorityForFirewallResult($firewall_result__current);
 
             if ( $priority_current >= $priority_final ) {
@@ -198,6 +198,24 @@ private function reduceFirewallResultsByPriority(array $firewall_results)
         return $firewall_result__final;
     }
 
+    /**
+     * Selected only personal listed results its are provided in the results array.
+     *
+     * @param Result[] $firewall_results
+     *
+     * @return Result[]
+     */
+    private function filterResultsByLists(array $firewall_results)
+    {
+        $priority_results = [];
+        foreach ( $firewall_results as $firewall_result__current ) {
+            if ( (int) $firewall_result__current->is_personal === 1 ) {
+                $priority_results[] = $firewall_result__current;
+            }
+        }
+        return count($priority_results) ? $priority_results : $firewall_results;
+    }
+
     /**
      * Calculates the priority of the passed Firewall Result
      *
@@ -208,13 +226,13 @@ private function reduceFirewallResultsByPriority(array $firewall_results)
     private function calculatePriorityForFirewallResult(Result $firewall_result)
     {
         $point_for_status           = array_search($firewall_result->status, $this->statuses_priority, true);
-        $points_for_personal_list   = $firewall_result->is_personal ? 113 : 0;
         $points_for_trusted_network = $firewall_result->status === 'PASS_BY_TRUSTED_NETWORK' ? 100 : 0;
+        $points_for_mask = $firewall_result->mask;
 
         return
             $point_for_status +
-            $points_for_personal_list +
-            $points_for_trusted_network;
+            $points_for_trusted_network +
+            $points_for_mask;
     }
 
     /**
@@ -255,21 +273,4 @@ private function isWhitelisted($results)
     public function updateLog(Result $fw_result)
     {
     }
-
-    /**
-     * Pick the result with the smallest network.
-     * Don't count priority if fires.
-     *
-     * @param $firewall_result__current
-     * @param $firewall_result__final
-     *
-     * @return bool
-     */
-    private function excludeResultFromCalculation($firewall_result__current, $firewall_result__final)
-    {
-        return ! empty($firewall_result__current->mask) && ! empty($firewall_result__final->mask) && // The mask are not empty
-               $firewall_result__current->mask !== $firewall_result__final->mask &&                  // The masks are not equal
-               $firewall_result__current->mask < $firewall_result__final->mask &&
-               $firewall_result__current->is_personal === 0;
-    }
 }