From e0a4a7a9cdc3ed426a871d485a94980a2b224d5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9gis=20Hanol?= Date: Fri, 21 Nov 2014 00:25:44 +0100 Subject: [PATCH] FEATURE: don't limit registration from an IP address if a staff member has that IP address --- config/locales/server.en.yml | 2 +- lib/spam_handler.rb | 7 +++++++ spec/components/spam_handler_spec.rb | 17 +++++++++++++++-- 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml index ad5d9e1224d..09e542ca8f8 100644 --- a/config/locales/server.en.yml +++ b/config/locales/server.en.yml @@ -941,7 +941,7 @@ en: staff_like_weight: "How much extra weighting factor to give staff likes." levenshtein_distance_spammer_emails: "When matching spammer emails, number of characters difference that will still allow a fuzzy match." - max_new_accounts_per_registration_ip: "If there are already (n) trust level 0 accounts from this IP (and none at TL2 or higher), stop accepting new signups from that IP." + max_new_accounts_per_registration_ip: "If there are already (n) trust level 0 accounts from this IP (and none is a staff member or at TL2 or higher), stop accepting new signups from that IP." reply_by_email_enabled: "Enable replying to topics via email." reply_by_email_address: "Template for reply by email incoming email address, for example: %{reply_key}@reply.example.com or replies+%{reply_key}@example.com" diff --git a/lib/spam_handler.rb b/lib/spam_handler.rb index e6bfdf34193..1df501babd1 100644 --- a/lib/spam_handler.rb +++ b/lib/spam_handler.rb @@ -9,6 +9,13 @@ class SpamHandler return false if tl2_plus_accounts_with_same_ip > 0 + staff_user_ids = Group[:staff].user_ids - [-1] + staff_members_with_same_ip = User.where(id: staff_user_ids) + .where("ip_address = ?", ip_address.to_s) + .count + + return false if staff_members_with_same_ip > 0 + tl0_accounts_with_same_ip = User.unscoped .where(trust_level: TrustLevel[0]) .where("ip_address = ?", ip_address.to_s) diff --git a/spec/components/spam_handler_spec.rb b/spec/components/spam_handler_spec.rb index 532eda07237..1f6c02770ba 100644 --- a/spec/components/spam_handler_spec.rb +++ b/spec/components/spam_handler_spec.rb @@ -22,13 +22,26 @@ describe SpamHandler do -> { Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0]) }.should raise_error(ActiveRecord::RecordInvalid) end - it "only limit new registrations from an IP if *all* the users from that IP are TL1 or TL0" do + it "doesn't limit registrations since there is a TL2+ user with that IP" do # setup SiteSetting.stubs(:max_new_accounts_per_registration_ip).returns(0) Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0]) Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[2]) - # should not limit registrations since there is a TL2 user with that IP + # should not limit registration + SiteSetting.stubs(:max_new_accounts_per_registration_ip).returns(1) + Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0]) + end + + it "doesn't limit registrations since there is a staff member with that IP" do + # setup + SiteSetting.stubs(:max_new_accounts_per_registration_ip).returns(0) + Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0]) + Fabricate(:moderator, ip_address: "42.42.42.42", trust_level: TrustLevel[0]) + + Group.refresh_automatic_groups!(:staff) + + # should not limit registration SiteSetting.stubs(:max_new_accounts_per_registration_ip).returns(1) Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0]) end