submissions: rate limit submit
This commit is contained in:
parent
21b6903943
commit
5d259e20f2
GPG Key ID:
D0DF5964F79AC131
pkg/service
@ -27,12 +27,16 @@ var(
|
||||
model.MapfixStatusValidating,
|
||||
model.MapfixStatusAccepted,
|
||||
}
|
||||
// Allow 5 mapfixes every 10 minutes
|
||||
CreateMapfixRateLimit int64 = 5
|
||||
CreateMapfixRecencyWindow = time.Second*600
|
||||
)
|
||||
|
||||
var (
|
||||
ErrCreationPhaseMapfixesLimit = errors.New("Active mapfixes limited to 20")
|
||||
ErrActiveMapfixSameTargetAssetID = errors.New("There is an active mapfix with the same TargetAssetID")
|
||||
ErrAcceptOwnMapfix = fmt.Errorf("%w: You cannot accept your own mapfix as the submitter", ErrPermissionDenied)
|
||||
ErrCreateMapfixRateLimit = errors.New("You must not create more than 5 mapfixes every 10 minutes")
|
||||
)
|
||||
|
||||
// POST /mapfixes
|
||||
@ -76,6 +80,21 @@ func (svc *Service) CreateMapfix(ctx context.Context, request *api.MapfixTrigger
|
||||
}
|
||||
}
|
||||
|
||||
// Check if too many operations have been created recently
|
||||
{
|
||||
count, err := svc.DB.Operations().CountSince(ctx,
|
||||
int64(userId),
|
||||
time.Now().Add(-CreateMapfixRecencyWindow).Unix(),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if CreateMapfixRateLimit < count {
|
||||
return nil, ErrCreateMapfixRateLimit
|
||||
}
|
||||
}
|
||||
|
||||
operation, err := svc.DB.Operations().Create(ctx, model.Operation{
|
||||
Owner: int64(userId),
|
||||
StatusID: model.OperationStatusCreated,
|
||||
|
||||
@ -27,6 +27,9 @@ var(
|
||||
model.SubmissionStatusValidating,
|
||||
model.SubmissionStatusAcceptedUnvalidated,
|
||||
}
|
||||
// Allow 5 submissions every 10 minutes
|
||||
CreateSubmissionRateLimit int64 = 5
|
||||
CreateSubmissionRecencyWindow = time.Second*600
|
||||
)
|
||||
|
||||
var (
|
||||
@ -35,6 +38,7 @@ var (
|
||||
ErrReleaseInvalidStatus = errors.New("Only submissions with Uploaded status can be released")
|
||||
ErrReleaseNoUploadedAssetID = errors.New("Only submissions with a UploadedAssetID can be released")
|
||||
ErrAcceptOwnSubmission = fmt.Errorf("%w: You cannot accept your own submission as the submitter", ErrPermissionDenied)
|
||||
ErrCreateSubmissionRateLimit = errors.New("You must not create more than 5 submissions every 10 minutes")
|
||||
)
|
||||
|
||||
// POST /submissions
|
||||
@ -66,6 +70,22 @@ func (svc *Service) CreateSubmission(ctx context.Context, request *api.Submissio
|
||||
return nil, ErrCreationPhaseSubmissionsLimit
|
||||
}
|
||||
}
|
||||
|
||||
// Check if too many operations have been created recently
|
||||
{
|
||||
count, err := svc.DB.Operations().CountSince(ctx,
|
||||
int64(userId),
|
||||
time.Now().Add(-CreateSubmissionRecencyWindow).Unix(),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if CreateSubmissionRateLimit < count {
|
||||
return nil, ErrCreateSubmissionRateLimit
|
||||
}
|
||||
}
|
||||
|
||||
operation, err := svc.DB.Operations().Create(ctx, model.Operation{
|
||||
Owner: int64(userId),
|
||||
StatusID: model.OperationStatusCreated,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user