FEATURE: new settings to control posts deletions rate limit

This commit is contained in:
Arpit Jalan 2018-06-28 17:03:37 +05:30
parent c352f8eb15
commit a6d50d1ff7
3 changed files with 12 additions and 3 deletions

View File

@ -267,8 +267,8 @@ class PostsController < ApplicationController
def destroy
post = find_post_from_params
unless current_user.staff?
RateLimiter.new(current_user, "delete_post", 3, 1.minute).performed!
RateLimiter.new(current_user, "delete_post", 50, 1.day).performed!
RateLimiter.new(current_user, "delete_post", SiteSetting.max_post_deletions_per_minute, 1.minute).performed!
RateLimiter.new(current_user, "delete_post", SiteSetting.max_post_deletions_per_day, 1.day).performed!
end
guardian.ensure_can_delete!(post)

View File

@ -1312,6 +1312,9 @@ en:
max_logins_per_ip_per_hour: "Maximum number of logins allowed per IP address per hour"
max_logins_per_ip_per_minute: "Maximum number of logins allowed per IP address per minute"
max_post_deletions_per_minute: "Maximum number of posts a user can delete per minute."
max_post_deletions_per_day: "Maximum number of posts a user can delete per day."
alert_admins_if_errors_per_minute: "Number of errors per minute in order to trigger an admin alert. A value of 0 disables this feature. NOTE: requires restart."
alert_admins_if_errors_per_hour: "Number of errors per hour in order to trigger an admin alert. A value of 0 disables this feature. NOTE: requires restart."

View File

@ -1187,6 +1187,12 @@ rate_limits:
max_logins_per_ip_per_minute:
min: 1
default: 6
max_post_deletions_per_minute:
min: 1
default: 3
max_post_deletions_per_day:
min: 1
default: 50
developer:
force_hostname: