def testNeedCaptcha_NoLifetimeLimit(self): action = actionlimit.ISSUE_COMMENT user = user_pb2.User() life_max = actionlimit.ACTION_LIMITS[action][3] actionlimit.GetLimitPB(user, action).lifetime_count = life_max + 1 self.assertRaises(actionlimit.ExcessiveActivityException, actionlimit.NeedCaptcha, user, action, skip_lifetime_check=False) self.assertFalse( actionlimit.NeedCaptcha(user, action, skip_lifetime_check=True)) actionlimit.GetLimitPB(user, action).recent_count = 1 actionlimit.GetLimitPB(user, action).reset_timestamp = int(time.time()) + 5 self.assertFalse( actionlimit.NeedCaptcha(user, action, skip_lifetime_check=True))
def GatherCaptchaData(self, mr): """If this page needs a captcha, return captcha info for use in EZT.""" if (mr.project and framework_bizobj.UserIsInProject( mr.project, mr.auth.effective_ids)): # Don't show users CAPTCHAs within their own projects. return {'show_captcha': ezt.boolean(False)} show_captcha = any( actionlimit.NeedCaptcha(mr.auth.user_pb, action_type) for action_type in self._CAPTCHA_ACTION_TYPES) logging.info('show_captcha: %r', show_captcha) return {'show_captcha': ezt.boolean(show_captcha)}
def testNeedCaptcha_AuthUserHardLimitRespectsTimeout(self): action = actionlimit.ISSUE_COMMENT user = user_pb2.User() (period, _soft_limit, hard_limit, _life_max) = actionlimit.ACTION_LIMITS[action] now = int(time.time()) later = now + period + 1 # a future in which our timestamp is expired for _i in range(0, hard_limit): actionlimit.CountAction(user, action, now=now) self.assertRaises(actionlimit.ExcessiveActivityException, actionlimit.NeedCaptcha, user, action) # if we didn't pass later, we'd get an exception self.assertFalse(actionlimit.NeedCaptcha(user, action, now=later))
def increment_request_limit(self, request, client_id, client_email): """Check whether the requester has exceeded API quotas limit, and increment request count in DB and ts_mon. """ mar = self.mar_factory(request) # soft_limit == hard_limit for api_request, so this function either # returns False if under limit, or raise ExcessiveActivityException if not actionlimit.NeedCaptcha( mar.auth.user_pb, actionlimit.API_REQUEST, skip_lifetime_check=True): actionlimit.CountAction( mar.auth.user_pb, actionlimit.API_REQUEST, delta=1) self._services.user.UpdateUser( mar.cnxn, mar.auth.user_id, mar.auth.user_pb) # Avoid value explosision and protect PII info if not framework_helpers.IsServiceAccount(client_email): client_email = '*****@*****.**' self.api_requests.increment_by( 1, {'client_id': client_id, 'client_email': client_email})
def CheckCaptcha(self, mr, post_data): """Check the provided CAPTCHA solution and add an error if it is wrong.""" if (mr.project and framework_bizobj.UserIsInProject( mr.project, mr.auth.effective_ids)): logging.info('Project member is exempt from CAPTCHA') return # Don't check a user's actions within their own projects. if not any( actionlimit.NeedCaptcha(mr.auth.user_pb, action_type) for action_type in self._CAPTCHA_ACTION_TYPES): logging.info('No CAPTCHA was required') return # no captcha was needed. remote_ip = mr.request.remote_addr captcha_response = post_data.get('g-recaptcha-response') correct, _msg = captcha.Verify(remote_ip, captcha_response) if correct: logging.info('CAPTCHA was solved') else: logging.info('BZzzz! Bad captcha solution.') mr.errors.captcha = 'Captcha check failed.'
def testNeedCaptcha_AuthUserNoPreviousActions(self): action = actionlimit.ISSUE_COMMENT user = user_pb2.User() # TODO(jrobbins): change back to True after CAPTCHA are more robust. self.assertFalse(actionlimit.NeedCaptcha(user, action))
def testNeedCaptcha_NoUser(self): action = actionlimit.ISSUE_COMMENT self.assertFalse(actionlimit.NeedCaptcha(None, action))