Skip to content

Commit

Permalink
Block tipline users when they send more than X messages in 24 hours.
Browse files Browse the repository at this point in the history
"X" is defined by a configuration key but has a default value.

Reference: CV2-3860.
  • Loading branch information
caiosba committed Oct 17, 2023
1 parent 9b2a90d commit d53b015
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 0 deletions.
12 changes: 12 additions & 0 deletions app/models/tipline_message.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ class TiplineMessage < ApplicationRecord
validates_presence_of :team, :uid, :platform, :language, :direction, :sent_at, :payload, :state
validates_inclusion_of :state, in: ['sent', 'received', 'delivered']

after_commit :verify_user_rate_limit, on: :create

def save_ignoring_duplicate!
begin
self.save!
Expand All @@ -29,6 +31,16 @@ def media_url
media_url || payload['mediaUrl']
end

private

def verify_user_rate_limit
rate_limit = CheckConfig.get('tipline_user_max_messages_per_day', 1500, :integer)
# Block tipline user when they have sent more than X messages in 24 hours
if self.state == 'received' && TiplineMessage.where(uid: self.uid, created_at: Time.now.ago(1.day)..Time.now, state: 'received').count > rate_limit
Bot::Smooch.block_user(self.uid)
end
end

class << self
def from_smooch_payload(msg, payload, event = nil, language = nil)
msg = msg.with_indifferent_access
Expand Down
7 changes: 7 additions & 0 deletions config/config.yml.example
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,13 @@ development: &default
otel_traces_sampler:
otel_custom_sampling_rate:

# Rate limit for tipline submissions, tipline users are blocked after reaching this limit
#
# OPTIONAL
# When not set, a default number will be used.
#
tipline_user_max_messages_per_day: 1500

test:
<<: *default
checkdesk_base_url_private: http://api:3000
Expand Down
22 changes: 22 additions & 0 deletions test/models/tipline_message_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -223,4 +223,26 @@ def setup
assert_equal url, create_tipline_message(direction: 'incoming', payload: incoming_payload).media_url
assert_equal url, create_tipline_message(direction: 'outgoing', payload: outgoing_payload).media_url
end

test "should block user when rate limit is reached" do
uid = random_string
assert !Bot::Smooch.user_blocked?(uid)
stub_configs({ 'tipline_user_max_messages_per_day' => 2 }) do
# User sent a message
create_tipline_message uid: uid, state: 'received'
assert !Bot::Smooch.user_blocked?(uid)
# User sent a message
create_tipline_message uid: uid, state: 'received'
assert !Bot::Smooch.user_blocked?(uid)
# Another user sent a message
create_tipline_message state: 'received'
assert !Bot::Smooch.user_blocked?(uid)
# User received a message
create_tipline_message uid: uid, state: 'delivered'
assert !Bot::Smooch.user_blocked?(uid)
# User sent a message and is now over rate limit, so should be blocked
create_tipline_message uid: uid, state: 'received'
assert Bot::Smooch.user_blocked?(uid)
end
end
end

0 comments on commit d53b015

Please sign in to comment.