mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-14 02:42:40 +01:00
847b7977c1
Summary:
This adds a system which basically keeps a record of recent actions, who took them, and how many "points" they were worth, like:
epriestley email.add 1 1233989813
epriestley email.add 1 1234298239
epriestley email.add 1 1238293981
We can use this to rate-limit actions by examining how many actions the user has taken in the past hour (i.e., their total score) and comparing that to an allowed limit.
One major thing I want to use this for is to limit the amount of error email we'll send to an email address. A big concern I have with sending more error email is that we'll end up in loops. We have some protections against this in headers already, but hard-limiting the system so it won't send more than a few errors to a particular address per hour should provide a reasonable secondary layer of protection.
This use case (where the "actor" needs to be an email address) is why the table uses strings + hashes instead of PHIDs. For external users, it might be appropriate to rate limit by cookies or IPs, too.
To prove it works, I rate limited adding email addresses. This is a very, very low-risk security thing where a user with an account can enumerate addresses (by checking if they get an error) and sort of spam/annoy people (by adding their address over and over again). Limiting them to 6 actions / hour should satisfy all real users while preventing these behaviors.
Test Plan:
This dialog is uggos but I'll fix that in a sec:
{F137406}
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D8683
|
||
|---|---|---|
| .. | ||
| 20140104.harbormastercmd.sql | ||
| 20140106.macromailkey.1.sql | ||
| 20140106.macromailkey.2.php | ||
| 20140108.ddbpname.1.sql | ||
| 20140108.ddbpname.2.php | ||
| 20140109.ddxactions.sql | ||
| 20140109.projectcolumnsdates.sql | ||
| 20140113.legalpadsig.1.sql | ||
| 20140113.legalpadsig.2.php | ||
| 20140115.auth.1.id.sql | ||
| 20140115.auth.2.expires.sql | ||
| 20140115.auth.3.unlimit.php | ||
| 20140115.legalpadsigkey.sql | ||
| 20140116.reporefcursor.sql | ||
| 20140126.diff.1.parentrevisionid.sql | ||
| 20140126.diff.2.repositoryphid.sql | ||
| 20140130.dash.1.board.sql | ||
| 20140130.dash.2.panel.sql | ||
| 20140130.dash.3.boardxaction.sql | ||
| 20140130.dash.4.panelxaction.sql | ||
| 20140130.mail.1.retry.sql | ||
| 20140130.mail.2.next.sql | ||
| 20140201.gc.1.mailsent.sql | ||
| 20140201.gc.2.mailreceived.sql | ||
| 20140205.cal.1.rename.sql | ||
| 20140205.cal.2.phid-col.sql | ||
| 20140205.cal.3.phid-mig.php | ||
| 20140205.cal.4.phid-key.sql | ||
| 20140210.herald.rule-condition-mig.php | ||
| 20140210.projcfield.1.blurb.php | ||
| 20140210.projcfield.2.piccol.sql | ||
| 20140210.projcfield.3.picmig.sql | ||
| 20140210.projcfield.4.memmig.sql | ||
| 20140211.dx.1.nullablechangesetid.sql | ||
| 20140211.dx.2.migcommenttext.php | ||
| 20140211.dx.3.migsubscriptions.sql | ||
| 20140212.dx.1.armageddon.php | ||
| 20140218.differentialdraft.sql | ||
| 20140218.passwords.1.extend.sql | ||
| 20140218.passwords.2.prefix.sql | ||
| 20140218.passwords.3.vcsextend.sql | ||
| 20140218.passwords.4.vcs.php | ||
| 20140223.bigutf8scratch.sql | ||
| 20140224.dxclean.1.datecommitted.sql | ||
| 20140226.dxcustom.1.fielddata.php | ||
| 20140228.dxcomment.1.sql | ||
| 20140305.diviner.1.slugcol.sql | ||
| 20140305.diviner.2.slugkey.sql | ||
| 20140311.mdroplegacy.sql | ||
| 20140314.projectcolumn.1.statuscol.sql | ||
| 20140314.projectcolumn.2.statuskey.sql | ||
| 20140317.mupdatedkey.sql | ||
| 20140321.harbor.1.bxaction.sql | ||
| 20140321.mstatus.1.col.sql | ||
| 20140321.mstatus.2.mig.php | ||
| 20140323.harbor.1.renames.php | ||
| 20140323.harbor.2.message.sql | ||
| 20140325.push.1.event.sql | ||
| 20140325.push.2.eventphid.sql | ||
| 20140325.push.3.groups.php | ||
| 20140325.push.4.prune.sql | ||
| 20140326.project.1.colxaction.sql | ||
| 20140328.releeph.1.productxaction.sql | ||
| 20140330.flagtext.sql | ||
| 20140402.actionlog.sql | ||