Esempio n. 1
0
    def testNeedCaptcha_AuthUserLifetimeExcessiveActivityException(self):
        action = actionlimit.ISSUE_COMMENT
        user = user_pb2.User()
        life_max = actionlimit.ACTION_LIMITS[action][3]

        for _i in range(0, life_max):
            actionlimit.CountAction(user, action)

        self.assertRaises(actionlimit.ExcessiveActivityException,
                          actionlimit.NeedCaptcha, user, action)
Esempio n. 2
0
    def testNeedCaptcha_AuthUserHardLimitExcessiveActivityException(self):
        action = actionlimit.ISSUE_COMMENT
        user = user_pb2.User()
        (_period, _soft_limit, hard_limit,
         _life_max) = actionlimit.ACTION_LIMITS[action]

        for _i in range(0, hard_limit):
            actionlimit.CountAction(user, action)

        self.assertRaises(actionlimit.ExcessiveActivityException,
                          actionlimit.NeedCaptcha, user, action)
Esempio n. 3
0
    def testCountAction_IncrementsRecentCount(self):
        action = actionlimit.ISSUE_COMMENT
        user = user_pb2.User()
        (_period, soft_limit, _hard_limit,
         _life_max) = actionlimit.ACTION_LIMITS[action]

        for i in range(1, soft_limit):
            actionlimit.CountAction(user, action)
            limit = actionlimit.GetLimitPB(user, action)
            self.assertEqual(i, limit.recent_count)
            self.assertEqual(i, limit.lifetime_count)
Esempio n. 4
0
    def testCountAction_PeriodExpiration(self):
        action = actionlimit.ISSUE_COMMENT
        user = user_pb2.User()
        (period, soft_limit, _hard_limit,
         _life_max) = actionlimit.ACTION_LIMITS[action]
        now = int(time.time())
        later = now + period + 1  # a future in which our timestamp is expired

        for i in range(1, soft_limit):
            actionlimit.CountAction(user, action, now=now)
            limit = actionlimit.GetLimitPB(user, action)
            self.assertEqual(i, limit.recent_count)
            self.assertEqual(i, limit.lifetime_count)

        actionlimit.CountAction(user, action, now=now)
        self.assertEqual(soft_limit, limit.recent_count)
        self.assertEqual(soft_limit, limit.lifetime_count)

        actionlimit.CountAction(user, action, now=later)
        self.assertEqual(1, limit.recent_count)
        self.assertEqual(soft_limit + 1, limit.lifetime_count)
Esempio n. 5
0
    def testNeedCaptcha_AuthUserHardLimitRespectsTimeout(self):
        action = actionlimit.ISSUE_COMMENT
        user = user_pb2.User()
        (period, _soft_limit, hard_limit,
         _life_max) = actionlimit.ACTION_LIMITS[action]
        now = int(time.time())
        later = now + period + 1  # a future in which our timestamp is expired

        for _i in range(0, hard_limit):
            actionlimit.CountAction(user, action, now=now)

        self.assertRaises(actionlimit.ExcessiveActivityException,
                          actionlimit.NeedCaptcha, user, action)
        # if we didn't pass later, we'd get an exception
        self.assertFalse(actionlimit.NeedCaptcha(user, action, now=later))
Esempio n. 6
0
    def testNeedCaptcha_AuthUserLifetimeIgnoresTimeout(self):
        action = actionlimit.ISSUE_COMMENT
        user = user_pb2.User()
        (period, _soft_limit, _hard_limit,
         life_max) = actionlimit.ACTION_LIMITS[action]
        now = int(time.time())
        later = now + period + 1  # a future in which our timestamp is expired

        for _i in range(0, life_max):
            actionlimit.CountAction(user, action, now=now)

        self.assertRaises(actionlimit.ExcessiveActivityException,
                          actionlimit.NeedCaptcha,
                          user,
                          action,
                          now=later)
Esempio n. 7
0
  def increment_request_limit(self, request, client_id, client_email):
    """Check whether the requester has exceeded API quotas limit,
    and increment request count in DB and ts_mon.
    """
    mar = self.mar_factory(request)
    # soft_limit == hard_limit for api_request, so this function either
    # returns False if under limit, or raise ExcessiveActivityException
    if not actionlimit.NeedCaptcha(
        mar.auth.user_pb, actionlimit.API_REQUEST, skip_lifetime_check=True):
      actionlimit.CountAction(
          mar.auth.user_pb, actionlimit.API_REQUEST, delta=1)
      self._services.user.UpdateUser(
          mar.cnxn, mar.auth.user_id, mar.auth.user_pb)

    # Avoid value explosision and protect PII info
    if not framework_helpers.IsServiceAccount(client_email):
      client_email = '*****@*****.**'
    self.api_requests.increment_by(
        1, {'client_id': client_id, 'client_email': client_email})
Esempio n. 8
0
    def CountRateLimitedActions(self, mr, action_counts):
        """Count attempted actions against non-member's action limits.

    Note that users can take any number of actions in their own projects.

    Args:
      mr: commonly used info parsed from the request.
      action_counts: {action_type: delta, ... }
        a dictionary mapping action type constants to the number of times
        that action was performed during the current request (usually 1).
    """
        if (mr.project and framework_bizobj.UserIsInProject(
                mr.project, mr.auth.effective_ids)):
            # Don't count a user's actions within their own projects...
            return

        for action_type in action_counts:
            actionlimit.CountAction(mr.auth.user_pb,
                                    action_type,
                                    delta=action_counts[action_type])

        self.services.user.UpdateUser(mr.cnxn, mr.auth.user_id,
                                      mr.auth.user_pb)