Add rate limit for editing (#17728)

This commit is contained in:
Eugen Rochko 2022-03-09 20:06:51 +01:00 committed by GitHub
parent 803f536cdd
commit b2cd34474b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 11 additions and 5 deletions

View File

@ -10,6 +10,7 @@ class Api::V1::StatusesController < Api::BaseController
before_action :set_thread, only: [:create] before_action :set_thread, only: [:create]
override_rate_limit_headers :create, family: :statuses override_rate_limit_headers :create, family: :statuses
override_rate_limit_headers :update, family: :statuses
# This API was originally unlimited, pagination cannot be introduced without # This API was originally unlimited, pagination cannot be introduced without
# breaking backwards-compatibility. Arbitrarily high number to cover most # breaking backwards-compatibility. Arbitrarily high number to cover most

View File

@ -212,7 +212,7 @@ class Status < ApplicationRecord
public_visibility? || unlisted_visibility? public_visibility? || unlisted_visibility?
end end
def snapshot!(account_id: nil, at_time: nil) def snapshot!(account_id: nil, at_time: nil, rate_limit: true)
edits.create!( edits.create!(
text: text, text: text,
spoiler_text: spoiler_text, spoiler_text: spoiler_text,
@ -221,7 +221,8 @@ class Status < ApplicationRecord
media_descriptions: ordered_media_attachments.map(&:description), media_descriptions: ordered_media_attachments.map(&:description),
poll_options: preloadable_poll&.options, poll_options: preloadable_poll&.options,
account_id: account_id || self.account_id, account_id: account_id || self.account_id,
created_at: at_time || edited_at created_at: at_time || edited_at,
rate_limit: rate_limit
) )
end end

View File

@ -17,6 +17,8 @@
# #
class StatusEdit < ApplicationRecord class StatusEdit < ApplicationRecord
include RateLimitable
self.ignored_columns = %w( self.ignored_columns = %w(
media_attachments_changed media_attachments_changed
) )
@ -26,6 +28,8 @@ class StatusEdit < ApplicationRecord
delegate :id, :type, :url, :preview_url, :remote_url, :preview_remote_url, :text_url, :meta, :blurhash, to: :media_attachment delegate :id, :type, :url, :preview_url, :remote_url, :preview_remote_url, :text_url, :meta, :blurhash, to: :media_attachment
end end
rate_limit by: :account, family: :statuses
belongs_to :status belongs_to :status
belongs_to :account, optional: true belongs_to :account, optional: true

View File

@ -216,13 +216,13 @@ class ActivityPub::ProcessStatusUpdateService < BaseService
return if @status.edits.any? return if @status.edits.any?
@status.snapshot!(at_time: @status.created_at) @status.snapshot!(at_time: @status.created_at, rate_limit: false)
end end
def create_edit! def create_edit!
return unless significant_changes? return unless significant_changes?
@status.snapshot!(account_id: @account.id) @status.snapshot!(account_id: @account.id, rate_limit: false)
end end
def skip_download? def skip_download?

View File

@ -131,7 +131,7 @@ class UpdateStatusService < BaseService
return if @status.edits.any? return if @status.edits.any?
@status.snapshot!(at_time: @status.created_at) @status.snapshot!(at_time: @status.created_at, rate_limit: false)
end end
def create_edit! def create_edit!