codeninjasllc/discourse
1
0
Fork 0
mirror of https://github.com/codeninjasllc/discourse.git synced 2024-11-27 09:36:19 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

FIX: rate limit do/undo on post actions

Browse source
This commit is contained in:
Sam 2016-03-06 09:51:30 +11:00
parent 332e05b73d
commit 3e018c2588
2 changed files with 28 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
app/models/post_action.rb
View file

@ -241,7 +241,14 @@ SQL
PostCreator.new(user, opts).create.try(:id) PostCreator.new(user, opts).create.try(:id)
end end
def self.limit_action!(user,post,post_action_type_id)
RateLimiter.new(user, "post_action-#{post.id}_#{post_action_type_id}", 4, 1.minute).performed!
end
def self.act(user, post, post_action_type_id, opts = {}) def self.act(user, post, post_action_type_id, opts = {})
limit_action!(user,post,post_action_type_id)
related_post_id = create_message_for_post_action(user, post, post_action_type_id, opts) related_post_id = create_message_for_post_action(user, post, post_action_type_id, opts)
staff_took_action = opts[:take_action] || false staff_took_action = opts[:take_action] || false
@ -296,6 +303,9 @@ SQL
end end
def self.remove_act(user, post, post_action_type_id) def self.remove_act(user, post, post_action_type_id)
limit_action!(user,post,post_action_type_id)
finder = PostAction.where(post_id: post.id, user_id: user.id, post_action_type_id: post_action_type_id) finder = PostAction.where(post_id: post.id, user_id: user.id, post_action_type_id: post_action_type_id)
finder = finder.with_deleted.includes(:post) if user.try(:staff?) finder = finder.with_deleted.includes(:post) if user.try(:staff?)
if action = finder.first if action = finder.first

20
spec/models/post_action_spec.rb
View file

@ -12,6 +12,24 @@ describe PostAction do
let(:second_post) { Fabricate(:post, topic_id: post.topic_id) } let(:second_post) { Fabricate(:post, topic_id: post.topic_id) }
let(:bookmark) { PostAction.new(user_id: post.user_id, post_action_type_id: PostActionType.types[:bookmark] , post_id: post.id) } let(:bookmark) { PostAction.new(user_id: post.user_id, post_action_type_id: PostActionType.types[:bookmark] , post_id: post.id) }
describe "rate limits" do
it "limits redo/undo" do
RateLimiter.stubs(:disabled?).returns(false)
PostAction.act(eviltrout, post, PostActionType.types[:like])
PostAction.remove_act(eviltrout, post, PostActionType.types[:like])
PostAction.act(eviltrout, post, PostActionType.types[:like])
PostAction.remove_act(eviltrout, post, PostActionType.types[:like])
expect {
PostAction.act(eviltrout, post, PostActionType.types[:like])
}.to raise_error
end
end
describe "messaging" do describe "messaging" do
it "doesn't generate title longer than 255 characters" do it "doesn't generate title longer than 255 characters" do
@ -464,8 +482,6 @@ describe PostAction do
end end
it "prevents user to act twice at the same time" do it "prevents user to act twice at the same time" do
post = Fabricate(:post)
# flags are already being tested # flags are already being tested
all_types_except_flags = PostActionType.types.except(PostActionType.flag_types) all_types_except_flags = PostActionType.types.except(PostActionType.flag_types)
all_types_except_flags.values.each do |action| all_types_except_flags.values.each do |action|