FIX: when adding an IP to the spammer list, check the broader ban list

first

FEATURE: allow admins to search users using IP ranges
This commit is contained in:
Régis Hanol 2014-11-21 18:16:06 +01:00
parent 0847cb5ea7
commit 0398ab7514
5 changed files with 32 additions and 18 deletions

View file

@ -1,4 +1,5 @@
require_dependency 'screening_model' require_dependency 'screening_model'
require_dependency 'ip_addr'
# A ScreenedIpAddress record represents an IP address or subnet that is being watched, # A ScreenedIpAddress record represents an IP address or subnet that is being watched,
# and possibly blocked from creating accounts. # and possibly blocked from creating accounts.
@ -47,18 +48,8 @@ class ScreenedIpAddress < ActiveRecord::Base
end end
# Return a string with the ip address and mask in standard format. e.g., "127.0.0.0/8". # Return a string with the ip address and mask in standard format. e.g., "127.0.0.0/8".
# Ruby's IPAddr class has no method for getting this.
def ip_address_with_mask def ip_address_with_mask
if ip_address ip_address.try(:to_cidr_s)
mask = ip_address.instance_variable_get(:@mask_addr).to_s(2).count('1')
if mask == 32
ip_address.to_s
else
"#{ip_address}/#{ip_address.instance_variable_get(:@mask_addr).to_s(2).count('1')}"
end
else
nil
end
end end
def self.match_for_ip_address(ip_address) def self.match_for_ip_address(ip_address)

View file

@ -1,3 +1,5 @@
require_dependency 'ip_addr'
# Responsible for destroying a User record # Responsible for destroying a User record
class UserDestroyer class UserDestroyer
@ -45,16 +47,21 @@ class UserDestroyer
user.destroy.tap do |u| user.destroy.tap do |u|
if u if u
if opts[:block_email] if opts[:block_email]
b = ScreenedEmail.block(u.email, ip_address: u.ip_address) b = ScreenedEmail.block(u.email, ip_address: u.ip_address)
b.record_match! if b b.record_match! if b
end end
if opts[:block_ip] && u.ip_address if opts[:block_ip] && u.ip_address
b.record_match! if b = ScreenedIpAddress.watch(u.ip_address) b = ScreenedIpAddress.watch(u.ip_address)
b.record_match! if b
if u.registration_ip_address && u.ip_address != u.registration_ip_address if u.registration_ip_address && u.ip_address != u.registration_ip_address
b.record_match! if b = ScreenedIpAddress.watch(u.registration_ip_address) b = ScreenedIpAddress.watch(u.registration_ip_address)
b.record_match! if b
end end
end end
Post.with_deleted.where(user_id: user.id).update_all("user_id = NULL") Post.with_deleted.where(user_id: user.id).update_all("user_id = NULL")
# If this user created categories, fix those up: # If this user created categories, fix those up:

View file

@ -42,8 +42,8 @@ class AdminUserIndexQuery
def filter_by_search def filter_by_search
if params[:filter].present? if params[:filter].present?
if params[:filter] =~ Resolv::IPv4::Regex || params[:filter] =~ Resolv::IPv6::Regex if ip = IPAddr.new(params[:filter]) rescue nil
@query.where('ip_address = :ip OR registration_ip_address = :ip', ip: params[:filter]) @query.where('ip_address <<= :ip OR registration_ip_address <<= :ip', ip: ip.to_cidr_s)
else else
@query.where('username_lower ILIKE :filter OR email ILIKE :filter', filter: "%#{params[:filter]}%") @query.where('username_lower ILIKE :filter OR email ILIKE :filter', filter: "%#{params[:filter]}%")
end end

16
lib/ip_addr.rb Normal file
View file

@ -0,0 +1,16 @@
class IPAddr
def to_cidr_s
if @addr
mask = @mask_addr.to_s(2).count('1')
if mask == 32
to_s
else
"#{to_s}/#{mask}"
end
else
nil
end
end
end

View file

@ -4,21 +4,21 @@ class SpamHandler
return false if SiteSetting.max_new_accounts_per_registration_ip <= 0 return false if SiteSetting.max_new_accounts_per_registration_ip <= 0
tl2_plus_accounts_with_same_ip = User.where("trust_level >= ?", TrustLevel[2]) tl2_plus_accounts_with_same_ip = User.where("trust_level >= ?", TrustLevel[2])
.where("ip_address = ?", ip_address.to_s) .where(ip_address: ip_address.to_s)
.count .count
return false if tl2_plus_accounts_with_same_ip > 0 return false if tl2_plus_accounts_with_same_ip > 0
staff_user_ids = Group[:staff].user_ids - [-1] staff_user_ids = Group[:staff].user_ids - [-1]
staff_members_with_same_ip = User.where(id: staff_user_ids) staff_members_with_same_ip = User.where(id: staff_user_ids)
.where("ip_address = ?", ip_address.to_s) .where(ip_address: ip_address.to_s)
.count .count
return false if staff_members_with_same_ip > 0 return false if staff_members_with_same_ip > 0
tl0_accounts_with_same_ip = User.unscoped tl0_accounts_with_same_ip = User.unscoped
.where(trust_level: TrustLevel[0]) .where(trust_level: TrustLevel[0])
.where("ip_address = ?", ip_address.to_s) .where(ip_address: ip_address.to_s)
.count .count
tl0_accounts_with_same_ip >= SiteSetting.max_new_accounts_per_registration_ip tl0_accounts_with_same_ip >= SiteSetting.max_new_accounts_per_registration_ip