def run (self):
key = "VDelay-%s-%s" % (self.category, request.ip)
prev_violations = g.cache.get(key)
if prev_violations:
time = utils.timeuntil(prev_violations["expire_time"])
if prev_violations["expire_time"] > datetime.now(g.tz):
self.set_error(errors.RATELIMIT, {'time': time},
field='vdelay')
def POST_site_admin(self, res, name ='', sr = None, **kw):
res._update('status', innerHTML = '')
redir = False
kw = dict((k, v) for k, v in kw.iteritems()
if v is not None
and k in ('name', 'title', 'description', 'firsttext',
'static_path', 'ad_file', 'over_18',
'type', 'header', 'lang', 'stylesheet'))
#if a user is banned, return rate-limit errors
if c.user._spam:
time = timeuntil(datetime.now(g.tz) + timedelta(seconds=600))
c.errors.add(errors.RATELIMIT, {'time': time})
if not sr and res._chk_error(errors.RATELIMIT):
pass
elif not sr and res._chk_errors((errors.SUBREDDIT_EXISTS,
errors.BAD_SR_NAME)):
res._hide('example_name')
res._focus('name')
elif res._chk_errors((errors.NO_TITLE, errors.TITLE_TOO_LONG)):
res._hide('example_title')
res._focus('title')
elif res._chk_error(errors.INVALID_SUBREDDIT_TYPE):
pass
elif res._chk_error(errors.DESC_TOO_LONG):
res._focus('description')
if not sr and not res.error:
#sending kw is ok because it was sanitized above
sr = Subreddit._new(name = name, **kw)
Subreddit.subscribe_defaults(c.user)
# make sure this user is on the admin list of that site!
if sr.add_subscriber(c.user):
sr._incr('_ups', 1)
sr.add_moderator(c.user)
sr.add_contributor(c.user)
redir = sr.path + "about/edit/"
if not c.user_is_admin:
VRatelimit.ratelimit(rate_user=True,
rate_ip = True,
prefix = "create_reddit_")
if not res.error:
#assume sr existed, or was just built
for k, v in kw.iteritems():
setattr(sr, k, v)
sr._commit()
# flag search indexer that something has changed
tc.changed(sr)
if redir:
res._redirect(redir)
def run (self):
to_check = []
if self.rate_user and c.user_is_loggedin:
to_check.append('user' + str(c.user._id36))
if self.rate_ip:
to_check.append('ip' + str(request.ip))
r = cache.get_multi(to_check, self.prefix)
if r:
expire_time = max(r.values())
time = utils.timeuntil(expire_time)
c.errors.add(errors.RATELIMIT, {'time': time})
def run(self):
to_check = []
if self.rate_user and c.user_is_loggedin:
to_check.append('user' + str(c.user._id36))
if self.rate_ip:
to_check.append('ip' + str(request.ip))
r = cache.get_multi(to_check, self.prefix)
if r:
expire_time = max(r.values())
time = utils.timeuntil(expire_time)
c.errors.add(errors.RATELIMIT, {'time': time})
def _has_exceeded_ratelimit(self, form, room):
# grab the ratelimit (as average events per second) for the room's
# current level, using the highest level configured that's not bigger
# than the room. e.g. if ratelimits are defined for levels 1, 2, and 4
# and the room is level 3, this will give us the ratelimit specified
# for 2.
desired_avg_per_sec = 1
by_level = g.live_config.get("robin_ratelimit_avg_per_sec", {})
for level, avg_per_sec in sorted(by_level.items(),
key=lambda (x, y): int(x)):
if int(level) > room.level:
break
desired_avg_per_sec = avg_per_sec
# now figure out how many events per window that means
window_size = g.live_config.get("robin_ratelimit_window", 10)
allowed_events_per_window = int(desired_avg_per_sec * window_size)
try:
# now figure out how much they've actually used
ratelimit_key = "robin/{}".format(c.user._id36)
time_slice = ratelimit.get_timeslice(window_size)
usage = ratelimit.get_usage(ratelimit_key, time_slice)
# ratelimit them if too much
if usage >= allowed_events_per_window:
g.stats.simple_event("robin.ratelimit.exceeded")
period_end = datetime.datetime.utcfromtimestamp(time_slice.end)
period_end_utc = period_end.replace(tzinfo=pytz.UTC)
until_reset = utils.timeuntil(period_end_utc)
c.errors.add(errors.RATELIMIT, {"time": until_reset},
field="ratelimit",
code=429)
form.has_errors("ratelimit", errors.RATELIMIT)
return True
# or record the usage and move on
ratelimit.record_usage(ratelimit_key, time_slice)
except ratelimit.RatelimitError as exc:
g.log.warning("ratelimit error: %s", exc)
return False
def _has_exceeded_ratelimit(self, form, room):
# grab the ratelimit (as average events per second) for the room's
# current level, using the highest level configured that's not bigger
# than the room. e.g. if ratelimits are defined for levels 1, 2, and 4
# and the room is level 3, this will give us the ratelimit specified
# for 2.
desired_avg_per_sec = 1
by_level = g.live_config.get("robin_ratelimit_avg_per_sec", {})
for level, avg_per_sec in sorted(by_level.items(), key=lambda (x,y): int(x)):
if int(level) > room.level:
break
desired_avg_per_sec = avg_per_sec
# now figure out how many events per window that means
window_size = g.live_config.get("robin_ratelimit_window", 10)
allowed_events_per_window = int(desired_avg_per_sec * window_size)
try:
# now figure out how much they've actually used
ratelimit_key = "robin/{}".format(c.user._id36)
time_slice = ratelimit.get_timeslice(window_size)
usage = ratelimit.get_usage(ratelimit_key, time_slice)
# ratelimit them if too much
if usage >= allowed_events_per_window:
g.stats.simple_event("robin.ratelimit.exceeded")
period_end = datetime.datetime.utcfromtimestamp(time_slice.end)
period_end_utc = period_end.replace(tzinfo=pytz.UTC)
until_reset = utils.timeuntil(period_end_utc)
c.errors.add(errors.RATELIMIT, {"time": until_reset},
field="ratelimit", code=429)
form.has_errors("ratelimit", errors.RATELIMIT)
return True
# or record the usage and move on
ratelimit.record_usage(ratelimit_key, time_slice)
except ratelimit.RatelimitError as exc:
g.log.warning("ratelimit error: %s", exc)
return False
def run (self):
to_check = []
if self.rate_user and c.user_is_loggedin:
to_check.append('user' + str(c.user._id36))
if self.rate_ip:
to_check.append('ip' + str(request.ip))
r = g.cache.get_multi(to_check, self.prefix)
if r:
expire_time = max(r.values())
time = utils.timeuntil(expire_time)
g.log.debug("rate-limiting %s from %s" % (self.prefix, r.keys()))
# when errors have associated field parameters, we'll need
# to add that here
if self.error == errors.RATELIMIT:
self.set_error(errors.RATELIMIT, {'time': time},
field = 'ratelimit')
else:
self.set_error(self.error)
def timeuntil(): time = scheduled_at() return utils.timeuntil(time, resultion = 2) if time is not None else ""