Welcome to mirror list, hosted at ThFree Co, Russian Federation.

spam_action_service.rb « spam « services « app - gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/services/spam/spam_action_service.rb
blob: f0a4aff444398c64171cc0a1f337d3309469664d (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

# frozen_string_literal: true

module Spam
  class SpamActionService
    include SpamConstants

    attr_accessor :target, :request, :options
    attr_reader :spam_log

    def initialize(spammable:, request:)
      @target = spammable
      @request = request
      @options = {}

      if @request
        @options[:ip_address] = @request.env['action_dispatch.remote_ip'].to_s
        @options[:user_agent] = @request.env['HTTP_USER_AGENT']
        @options[:referrer] = @request.env['HTTP_REFERRER']
      else
        @options[:ip_address] = @target.ip_address
        @options[:user_agent] = @target.user_agent
      end
    end

    def execute(api: false, recaptcha_verified:, spam_log_id:, user:)
      if recaptcha_verified
        # If it's a request which is already verified through reCAPTCHA,
        # update the spam log accordingly.
        SpamLog.verify_recaptcha!(user_id: user.id, id: spam_log_id)
      else
        return if allowlisted?(user)
        return unless request
        return unless check_for_spam?

        perform_spam_service_check(api)
      end
    end

    delegate :check_for_spam?, to: :target

    private

    def allowlisted?(user)
      user.respond_to?(:gitlab_employee) && user.gitlab_employee?
    end

    def perform_spam_service_check(api)
      # since we can check for spam, and recaptcha is not verified,
      # ask the SpamVerdictService what to do with the target.
      spam_verdict_service.execute.tap do |result|
        case result
        when REQUIRE_RECAPTCHA
          create_spam_log(api)

          break if target.allow_possible_spam?

          target.needs_recaptcha!
        when DISALLOW
          # TODO: remove `unless target.allow_possible_spam?` once this flag has been passed to `SpamVerdictService`
          # https://gitlab.com/gitlab-org/gitlab/-/issues/214739
          target.spam! unless target.allow_possible_spam?
          create_spam_log(api)
        when ALLOW
          target.clear_spam_flags!
        end
      end
    end

    def create_spam_log(api)
      @spam_log = SpamLog.create!(
        {
          user_id: target.author_id,
          title: target.spam_title,
          description: target.spam_description,
          source_ip: options[:ip_address],
          user_agent: options[:user_agent],
          noteable_type: target.class.to_s,
          via_api: api
        }
      )

      target.spam_log = spam_log
    end

    def spam_verdict_service
      SpamVerdictService.new(target: target,
                             request: @request,
                             options: options)
    end
  end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 19:20:35 +0300