diff --git a/app/models/topic.rb b/app/models/topic.rb index 7d99d075efc..102f4593de5 100644 --- a/app/models/topic.rb +++ b/app/models/topic.rb @@ -804,6 +804,7 @@ SQL end if target_user && private_message? && topic_allowed_users.create!(user_id: target_user.id) + rate_limit_topic_invitation(invited_by) add_small_action(invited_by, "invited_user", target_user.username) create_invite_notification!( @@ -814,9 +815,9 @@ SQL true elsif username_or_email =~ /^.+@.+$/ && guardian.can_invite_via_email?(self) - rate_limit_topic_invitation(invited_by) if target_user + rate_limit_topic_invitation(invited_by) Invite.extend_permissions(self, target_user, invited_by) create_invite_notification!( diff --git a/spec/models/topic_spec.rb b/spec/models/topic_spec.rb index 939cb8810ac..a1e60727b0b 100644 --- a/spec/models/topic_spec.rb +++ b/spec/models/topic_spec.rb @@ -471,7 +471,7 @@ describe Topic do context 'rate limits' do before do - SiteSetting.max_topic_invitations_per_day = 2 + SiteSetting.max_topic_invitations_per_day = 1 RateLimiter.enable end @@ -481,7 +481,6 @@ describe Topic do end it "rate limits topic invitations" do - start = Time.now.tomorrow.beginning_of_day freeze_time(start) @@ -489,10 +488,23 @@ describe Topic do topic = Fabricate(:topic, user: trust_level_2) topic.invite(topic.user, user.username) - topic.invite(topic.user, "walter@white.com") expect { - topic.invite(topic.user, "user@example.com") + topic.invite(topic.user, another_user.username) + }.to raise_error(RateLimiter::LimitExceeded) + end + + it "rate limits PM invitations" do + start = Time.now.tomorrow.beginning_of_day + freeze_time(start) + + trust_level_2 = Fabricate(:user, trust_level: 2) + topic = Fabricate(:private_message_topic, user: trust_level_2) + + topic.invite(topic.user, user.username) + + expect { + topic.invite(topic.user, another_user.username) }.to raise_error(RateLimiter::LimitExceeded) end end