IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: rate limit resend invites

Browse Source
This commit is contained in:
Arpit Jalan
2016-06-07 01:06:59 +05:30
parent 35337cd687
commit a9c6df198c
3 changed files with 19 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/controllers/invites_controller.rb
View File

@@ -1,3 +1,5 @@
require_dependency 'rate_limiter'
class InvitesController < ApplicationController
# TODO tighten this, why skip check on everything?
@@ -127,19 +129,26 @@ class InvitesController < ApplicationController
def resend_invite
params.require(:email)
RateLimiter.new(current_user, "resend-invite-per-hour", 10, 1.hour).performed!
invite = Invite.find_by(invited_by_id: current_user.id, email: params[:email])
raise Discourse::InvalidParameters.new(:email) if invite.blank?
invite.resend_invite
render nothing: true
rescue RateLimiter::LimitExceeded
render_json_error(I18n.t("rate_limiter.slow_down"))
end
def resend_all_invites
guardian.ensure_can_invite_to_forum!
RateLimiter.new(current_user, "resend-all-invites-per-day", 1, 1.day).performed!
Invite.resend_all_invites_from(current_user.id)
render nothing: true
rescue RateLimiter::LimitExceeded
render_json_error(I18n.t("rate_limiter.slow_down"))
end
def check_csv_chunk