From 5e751ce90a2803ca34a93bb5f1d1306e29eb4da0 Mon Sep 17 00:00:00 2001
From: Arpit Jalan <arpit@techapj.com>
Date: Tue, 20 Jan 2015 00:20:01 +0530
Subject: [PATCH] FEATURE: :gift: rate limit invites for non-staff users

---
 app/models/invite.rb         | 9 +++++++++
 config/locales/client.en.yml | 2 +-
 config/locales/server.en.yml | 1 +
 config/site_settings.yml     | 1 +
 spec/models/invite_spec.rb   | 2 ++
 5 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/app/models/invite.rb b/app/models/invite.rb
index 28fb95526d4..36194915ede 100644
--- a/app/models/invite.rb
+++ b/app/models/invite.rb
@@ -1,6 +1,11 @@
+require_dependency 'rate_limiter'
+
 class Invite < ActiveRecord::Base
+  include RateLimiter::OnCreateRecord
   include Trashable
 
+  rate_limit :limit_invites_per_day
+
   belongs_to :user
   belongs_to :topic
   belongs_to :invited_by, class_name: 'User'
@@ -184,6 +189,10 @@ class Invite < ActiveRecord::Base
     Jobs.enqueue(:invite_email, invite_id: self.id)
   end
 
+  def limit_invites_per_day
+    RateLimiter.new(invited_by, "invites-per-day:#{Date.today}", SiteSetting.max_invites_per_day, 1.day.to_i)
+  end
+
   def self.base_directory
     File.join(Rails.root, "public", "uploads", "csv", RailsMultisite::ConnectionManagement.current_db)
   end
diff --git a/config/locales/client.en.yml b/config/locales/client.en.yml
index a9686319ee6..95c269f0b5b 100644
--- a/config/locales/client.en.yml
+++ b/config/locales/client.en.yml
@@ -1018,7 +1018,7 @@ en:
 
         email_placeholder: 'name@example.com'
         success: "We mailed out an invitation to <b>{{email}}</b>. We'll notify you when the invitation is redeemed. Check the invitations tab on your user page to keep track of your invites."
-        error: "Sorry, we couldn't invite that person. Perhaps they are already a user?"
+        error: "Sorry, we couldn't invite that person. Perhaps they are already a user? (Invites are rate limited)"
 
       login_reply: 'Log In to Reply'
 
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index eb81c147129..9c6f113686a 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -831,6 +831,7 @@ en:
     max_edits_per_day: "Maximum number of edits per user per day."
     max_topics_per_day: "Maximum number of topics a user can create per day."
     max_private_messages_per_day: "Maximum number of private messages users can create per day."
+    max_invites_per_day: "Maximum number of invites a user can send per day."
 
     suggested_topics: "Number of suggested topics shown at the bottom of a topic."
     limit_suggested_to_category: "Only show topics from the current category in suggested topics."
diff --git a/config/site_settings.yml b/config/site_settings.yml
index 2f22e397b23..c9b02b60580 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -611,6 +611,7 @@ rate_limits:
   max_bookmarks_per_day: 20
   max_flags_per_day: 20
   max_edits_per_day: 30
+  max_invites_per_day: 10
   max_topics_in_first_day: 5
   max_replies_in_first_day: 10
 
diff --git a/spec/models/invite_spec.rb b/spec/models/invite_spec.rb
index c64beed0fde..a7a1b02a2ba 100644
--- a/spec/models/invite_spec.rb
+++ b/spec/models/invite_spec.rb
@@ -4,6 +4,8 @@ describe Invite do
 
   it { is_expected.to validate_presence_of :invited_by_id }
 
+  it { is_expected.to rate_limit }
+
   let(:iceking) { 'iceking@adventuretime.ooo' }
 
   context 'user validators' do