3 changed files with 19 additions and 5 deletions
Unified View
Diff Options
-
+12 -3backend/app/controllers/users_controller.rb
-
+3 -1backend/app/models/ip_address.rb
-
+4 -1backend/app/models/user.rb
+ 12
- 3
backend/app/controllers/users_controller.rb
View File
| @@ -1,9 +1,9 @@ | |||||
| class UsersController < ApplicationController | class UsersController < ApplicationController | ||||
| def create | def create | ||||
| return head :unprocessable_entity if request.remote_ip.blank? | return head :unprocessable_entity if request.remote_ip.blank? | ||||
| return head :forbidden if ip_address_banned? | |||||
| user = nil | user = nil | ||||
| User.transaction do | User.transaction do | ||||
| user = User.create!(inheritance_code: SecureRandom.uuid, role: :guest) | user = User.create!(inheritance_code: SecureRandom.uuid, role: :guest) | ||||
| attach_ip_address!(user) | attach_ip_address!(user) | ||||
| @@ -15,10 +15,12 @@ class UsersController < ApplicationController | |||||
| end | end | ||||
| def verify | def verify | ||||
| return head :unprocessable_entity if request.remote_ip.blank? | |||||
| return head :forbidden if ip_address_banned? | |||||
| user = User.find_by(inheritance_code: params[:code]) | user = User.find_by(inheritance_code: params[:code]) | ||||
| return render json: { valid: false } unless user | return render json: { valid: false } unless user | ||||
| return head :unprocessable_entity if request.remote_ip.blank? | |||||
| return head :forbidden if user.banned? | |||||
| attach_ip_address!(user) | attach_ip_address!(user) | ||||
| @@ -63,4 +65,11 @@ class UsersController < ApplicationController | |||||
| UserIp.create_or_find_by!(user:, ip_address:) | UserIp.create_or_find_by!(user:, ip_address:) | ||||
| end | end | ||||
| def ip_address_banned? | |||||
| ip_address = IpAddress.find_by(ip_address: IPAddr.new(request.remote_ip).hton) | |||||
| return false unless ip_address | |||||
| ip_address.banned? | |||||
| end | |||||
| end | end | ||||
+ 3
- 1
backend/app/models/ip_address.rb
View File
| @@ -1,7 +1,9 @@ | |||||
| class IpAddress < ApplicationRecord | class IpAddress < ApplicationRecord | ||||
| validates :ip_address, presence: true, length: { maximum: 16 } | validates :ip_address, presence: true, length: { maximum: 16 } | ||||
| validates :banned, inclusion: { in: [true, false] } | |||||
| has_many :user_ips, dependent: :destroy | has_many :user_ips, dependent: :destroy | ||||
| has_many :users, through: :user_ips | has_many :users, through: :user_ips | ||||
| def banned? = banned_at.present? | |||||
| def ban! = update!(banned_at: Time.current) | |||||
| end | end | ||||
+ 4
- 1
backend/app/models/user.rb
View File
| @@ -4,7 +4,6 @@ class User < ApplicationRecord | |||||
| validates :name, length: { maximum: 255 } | validates :name, length: { maximum: 255 } | ||||
| validates :inheritance_code, presence: true, length: { maximum: 64 } | validates :inheritance_code, presence: true, length: { maximum: 64 } | ||||
| validates :role, presence: true, inclusion: { in: roles.keys } | validates :role, presence: true, inclusion: { in: roles.keys } | ||||
| validates :banned, inclusion: { in: [true, false] } | |||||
| has_many :created_posts, | has_many :created_posts, | ||||
| class_name: 'Post', foreign_key: :uploaded_user_id, dependent: :nullify | class_name: 'Post', foreign_key: :uploaded_user_id, dependent: :nullify | ||||
| @@ -19,5 +18,9 @@ class User < ApplicationRecord | |||||
| class_name: 'WikiPage', foreign_key: :updated_user_id, dependent: :nullify | class_name: 'WikiPage', foreign_key: :updated_user_id, dependent: :nullify | ||||
| def viewed?(post) = user_post_views.exists?(post_id: post.id) | def viewed?(post) = user_post_views.exists?(post_id: post.id) | ||||
| def gte_member? = member? || admin? | def gte_member? = member? || admin? | ||||
| def banned? = banned_at.present? | |||||
| def ban! = update!(banned_at: Time.current) | |||||
| end | end | ||||