diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b50be78e1d5d33ec323449d026a5da4dbfcb7d00..cea2c7e32d2fa15b02c787bc8792e47fad50b3cc 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,7 +2,7 @@ image: docker:19.03.12
variables:
DOCKER_TLS_CERTDIR: "/certs"
- IMAGE_VER: 1.8.4
+ IMAGE_VER: 1.9.0
services:
- docker:19.03.12-dind
diff --git a/cf.conf b/cf.conf
index 6e087628971ae0a44ac5c672e4015c7389dfa84c..268c99631949ff54da4a0c51b5e326388831cb04 100644
--- a/cf.conf
+++ b/cf.conf
@@ -7,4 +7,7 @@
jitsi_room => 'cf2021',
jitsi_token_secret => 'UtfkxQEpudmCh2MKLXrRmHAXoQwg5twF',
jitsi_token_lifetime => 300,
+ limit_post_count => 64,
+ limit_post_add_rate => 1,
+ limit_post_edit_rate => 4,
}
diff --git a/lib/CF.pm b/lib/CF.pm
index fae3ee9f9318ec5acc38d104e7b3187fed6920fc..a703d0ad06f707b47f896c562fcf081b7a656089 100644
--- a/lib/CF.pm
+++ b/lib/CF.pm
@@ -46,7 +46,7 @@ sub startup {
plugins => [qw(+SpecRenderer +Cors +Security)],
render_specification => 1,
render_specification_for_paths => 1,
- default_response_codes => [400, 401, 403, 404, 500, 501],
+ default_response_codes => [400, 401, 403, 404, 429, 500, 501],
security => {
Bearer => sub {
diff --git a/lib/CF/Controller/Posts.pm b/lib/CF/Controller/Posts.pm
index a59f38188e8a02060e5b591f099645d2a4a4f555..18a2d5ca9a2f47f14d469cf9b8e0ee9b99f05849 100644
--- a/lib/CF/Controller/Posts.pm
+++ b/lib/CF/Controller/Posts.pm
@@ -31,6 +31,26 @@ sub create ($c) {
return $c->error(403, 'Debate closed');
}
+ # limit poctu prispevku jedneho uzivatele k jednemu bodu
+ my $limit = $c->schema->resultset('Post')->count({
+ program_entry_id => $program_entry->id,
+ user_id => $c->user->{id},
+ });
+
+ if ( $limit > $c->cfg->{limit_post_count}) {
+ return $c->error(429, 'Too many post from user');
+ }
+
+ # limit poctu prispevku za minutu
+ $limit = $c->schema->resultset('Post')->count({
+ user_id => $c->user->{id},
+ datetime => { '>' => \"now()-'1 min'::interval" },
+ });
+
+ if ( $limit >= $c->cfg->{limit_post_add_rate}) {
+ return $c->error(429, 'Too many posts per minute');
+ }
+
my $post = $program_entry->add_to_posts({
user_id => $c->user->{id},
type => $args->{type},
@@ -159,6 +179,17 @@ sub update ($c) {
my $post = $c->schema->resultset('Post')->find($c->stash->{id});
return $c->error(404, 'Post not found') if ! $post;
+ # limit poctu prispevku za minutu
+ my $limit = $c->schema->resultset('PostHistory')->count({
+ user_id => $c->user->{id},
+ post_id => $post->id,
+ datetime => { '>' => \"now()-'1 min'::interval" },
+ });
+
+ if ( $limit >= $c->cfg->{limit_post_edit_rate}) {
+ return $c->error(429, 'Too many posts changes per minute');
+ }
+
if ( ! $c->user_roles->{chairman} ) {
if ( $post->user_id != $c->user->{id} ) {
return $c->error(403, 'Access deined');
@@ -254,6 +285,11 @@ sub ranking ($c) {
my $post = $c->schema->resultset('Post')->find($c->stash->{id});
return $c->error(404, 'Post not found') if ! $post;
+ if ( $post->type == 0 and ! $c->user_roles->{member} ) {
+ $c->render(status => 403, text => '');
+ return;
+ }
+
my $user_ranking = $post->rankings({
user_id => $c->user->{id},
})->first;
@@ -312,4 +348,8 @@ sub ranking ($c) {
$c->render(status => 204, text => '');
}
+
+
+
+
1;