From 8aaf4e949668a0d463b011e81fc6798f169cd4a9 Mon Sep 17 00:00:00 2001 From: Sebastian Wagner Date: Tue, 12 Feb 2019 21:57:47 +0100 Subject: [PATCH 1/6] Hotfix: Disable spam discard and automatic blocks --- inyoka/locale/de_CH/LC_MESSAGES/django.po | 4 ++-- inyoka/locale/de_DE/LC_MESSAGES/django.po | 4 ++-- inyoka/locale/django.pot | 2 +- inyoka/utils/spam.py | 13 +++---------- 4 files changed, 8 insertions(+), 15 deletions(-) diff --git a/inyoka/locale/de_CH/LC_MESSAGES/django.po b/inyoka/locale/de_CH/LC_MESSAGES/django.po index 91aa63d14..c97b490e2 100644 --- a/inyoka/locale/de_CH/LC_MESSAGES/django.po +++ b/inyoka/locale/de_CH/LC_MESSAGES/django.po @@ -99,8 +99,8 @@ msgid "Your signature is too long, only %(length)s characters allowed" msgstr "Dini Signatur isch z läng, nur %(length)s Zeichä sy erloubt" #, python-format -msgid "Your text is considered spam and needs approval from one of the administrators. Please be patient, we will get to it as soon as possible. You have %(left)d attempts left before your account will be blocked." -msgstr "Di Post isch aus SPAM markiert wordä und mues zersch vomänä Administrator beguätachtet und dürägwunkä wärdä. Bitte heb Geduld, mir luägä das so baud as müglech ah. Du hesch no %(left)d Versüech bis Di Account gsperrt wird." +msgid "Your text is considered spam and needs approval from one of the administrators. Please be patient, we will get to it as soon as possible." +msgstr "Di Post isch aus SPAM markiert wordä und mues zersch vomänä Administrator beguätachtet und dürägwunkä wärdä. Bitte heb Geduld, mir luägä das so baud as müglech ah." msgid "counting..." msgstr "Zeuä ..." diff --git a/inyoka/locale/de_DE/LC_MESSAGES/django.po b/inyoka/locale/de_DE/LC_MESSAGES/django.po index 40c2fbdd1..983a150a6 100644 --- a/inyoka/locale/de_DE/LC_MESSAGES/django.po +++ b/inyoka/locale/de_DE/LC_MESSAGES/django.po @@ -100,8 +100,8 @@ msgid "Your signature is too long, only %(length)s characters allowed" msgstr "Deine Signatur ist zu lang. Es sind maximal %(length)s Zeichen erlaubt" #, python-format -msgid "Your text is considered spam and needs approval from one of the administrators. Please be patient, we will get to it as soon as possible. You have %(left)d attempts left before your account will be blocked." -msgstr "Dein Beitrag wurde als Spam klassifiziert und muss von einem Moderator freigeschaltet werden. Bitte habe etwas Geduld, wir werden uns sobald wie möglich darum kümmern. Du hast %(left)d verbleibende Versuche bevor dein Konto gesperrt wird." +msgid "Your text is considered spam and needs approval from one of the administrators. Please be patient, we will get to it as soon as possible." +msgstr "Dein Beitrag wurde als Spam klassifiziert und muss von einem Moderator freigeschaltet werden. Bitte habe etwas Geduld, wir werden uns sobald wie möglich darum kümmern." msgid "counting..." msgstr "Zähle..." diff --git a/inyoka/locale/django.pot b/inyoka/locale/django.pot index e23867479..76f895209 100644 --- a/inyoka/locale/django.pot +++ b/inyoka/locale/django.pot @@ -99,7 +99,7 @@ msgid "Your signature is too long, only %(length)s characters allowed" msgstr "" #, python-format -msgid "Your text is considered spam and needs approval from one of the administrators. Please be patient, we will get to it as soon as possible. You have %(left)d attempts left before your account will be blocked." +msgid "Your text is considered spam and needs approval from one of the administrators. Please be patient, we will get to it as soon as possible." msgstr "" msgid "counting..." diff --git a/inyoka/utils/spam.py b/inyoka/utils/spam.py index 715474c0d..1515912fb 100644 --- a/inyoka/utils/spam.py +++ b/inyoka/utils/spam.py @@ -143,19 +143,12 @@ def check_form_field(form, text_field, needs_check, request, content_type): if needs_check: form._spam, form._spam_discard = is_spam(text, content_type) if form._spam: - attempts_left = block_user_if_spammer(request.user) msg = _( 'Your text is considered spam and needs approval from one of ' 'the administrators. Please be patient, we will get to it as ' - 'soon as possible. You have %(left)d attempts left before your ' - 'account will be blocked.' - ) % { - 'left': attempts_left, - } - if form._spam_discard: - raise ValidationError(msg) - else: - messages.info(request, msg) + 'soon as possible.' + ) + messages.info(request, msg) return text From 9f2525a33e00a05032195c705fed0f611fb252e6 Mon Sep 17 00:00:00 2001 From: Christoph Volkert Date: Sun, 24 Feb 2019 18:43:48 +0100 Subject: [PATCH 2/6] Fix tests --- tests/apps/forum/test_views.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/apps/forum/test_views.py b/tests/apps/forum/test_views.py index 6448c3966..e7c39ed7d 100644 --- a/tests/apps/forum/test_views.py +++ b/tests/apps/forum/test_views.py @@ -605,8 +605,7 @@ def test_newtopic_user_spam(self): response = self.client.get('/topic/newpost-title/') self.assertInHTML('
Your text is considered spam ' 'and needs approval from one of the administrators. ' - 'Please be patient, we will get to it as soon as possible. ' - 'You have 4 attempts left before your account will be blocked.
', + 'Please be patient, we will get to it as soon as possible.', response.content, count=1) self.assertInHTML('

You do not have permissions to access this page.

', response.content, count=1) @@ -891,8 +890,7 @@ def test_new_post_user_spam(self): response = self.client.get('/topic/%s/' % topic.slug) self.assertInHTML('
Your text is considered spam ' 'and needs approval from one of the administrators. ' - 'Please be patient, we will get to it as soon as possible. ' - 'You have 4 attempts left before your account will be blocked.
', + 'Please be patient, we will get to it as soon as possible. ', response.content, count=1) self.assertInHTML('

newpost text

', response.content, count=1) From e06e781d1371b4fb8c4bb70a0fc067ffb4294c4c Mon Sep 17 00:00:00 2001 From: Christoph Volkert Date: Sun, 24 Feb 2019 19:01:26 +0100 Subject: [PATCH 3/6] Remove not used lines of code The method `block_user_if_spammer` is not used anymore. Thus, the used cache-key should not to be deleted in the forum model. --- inyoka/forum/models.py | 2 -- inyoka/utils/spam.py | 33 +++------------------------------ 2 files changed, 3 insertions(+), 32 deletions(-) diff --git a/inyoka/forum/models.py b/inyoka/forum/models.py index 3f59a861d..dbadaf902 100644 --- a/inyoka/forum/models.py +++ b/inyoka/forum/models.py @@ -1090,8 +1090,6 @@ def mark_ham(self): self.hidden = False self.save(update_fields=['hidden']) - cache.delete(u'spam/user/{}'.format(self.author.pk)) - def mark_spam(self, report=True, update_akismet=True): if update_akismet: mark_spam(self, self.get_text(), 'forum-post') diff --git a/inyoka/utils/spam.py b/inyoka/utils/spam.py index 1515912fb..7584c5b46 100644 --- a/inyoka/utils/spam.py +++ b/inyoka/utils/spam.py @@ -11,8 +11,6 @@ import requests from django.conf import settings from django.contrib import messages -from django.core.cache import cache -from django.forms import ValidationError from django.utils.translation import ugettext_lazy as _ from inyoka.utils.logger import logger @@ -139,10 +137,10 @@ def mark_spam(obj, comment_content, comment_type): def check_form_field(form, text_field, needs_check, request, content_type): text = form.cleaned_data.get(text_field) - form._spam, form._spam_discard = False, False + if needs_check: - form._spam, form._spam_discard = is_spam(text, content_type) - if form._spam: + _spam, _spam_discard = is_spam(text, content_type) + if _spam: msg = _( 'Your text is considered spam and needs approval from one of ' 'the administrators. Please be patient, we will get to it as ' @@ -150,28 +148,3 @@ def check_form_field(form, text_field, needs_check, request, content_type): ) messages.info(request, msg) return text - - -def block_user_if_spammer(user): - cache_key = 'spam/user/%d' % user.pk - spam_hits = cache.get(cache_key, 0) + 1 - if spam_hits >= settings.INYOKA_SPAM_COUNTER_MAX: - user.status = user.STATUS_BANNED - user.save(update_fields=['status']) - logger.info( - u'User %s (%d) hit spam counter maximum of %d. Blocked!' % ( - user.username, user.pk, settings.INYOKA_SPAM_COUNTER_MAX, - ) - ) - else: - cache.set( - cache_key, spam_hits, - timeout=settings.INYOKA_SPAM_COUNTER_TIMEOUT - ) - logger.info( - u'User %s (%d) tried to spam. Counter at %d of %d.' % ( - user.username, user.pk, spam_hits, - settings.INYOKA_SPAM_COUNTER_MAX - ) - ) - return settings.INYOKA_SPAM_COUNTER_MAX - spam_hits From 3b2858755d85e5cd5a424816cf96f5cd1cba91cf Mon Sep 17 00:00:00 2001 From: Christoph Volkert Date: Sun, 24 Feb 2019 20:50:18 +0100 Subject: [PATCH 4/6] Reintroduce form._spam in check_form_field I oversaw, that it is used in the views, the tests saved it. --- inyoka/utils/spam.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/inyoka/utils/spam.py b/inyoka/utils/spam.py index 05fd7594b..9e390ff62 100644 --- a/inyoka/utils/spam.py +++ b/inyoka/utils/spam.py @@ -137,10 +137,11 @@ def mark_spam(obj, comment_content, comment_type): def check_form_field(form, text_field, needs_check, request, content_type): text = form.cleaned_data.get(text_field) + form._spam, form._spam_discard = False, False if needs_check: - _spam, _spam_discard = is_spam(text, content_type) - if _spam: + form._spam, form._spam_discard = is_spam(text, content_type) + if form._spam: msg = _( 'Your text is considered spam and needs approval from one of ' 'the administrators. Please be patient, we will get to it as ' From 4fd0c042a36cc3cb7156a5c6b592c28565bfcc67 Mon Sep 17 00:00:00 2001 From: Christoph Volkert Date: Sun, 24 Feb 2019 23:35:58 +0100 Subject: [PATCH 5/6] Remove obsolete setting-variables --- inyoka/default_settings.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/inyoka/default_settings.py b/inyoka/default_settings.py index b15ff8c29..61cce985e 100644 --- a/inyoka/default_settings.py +++ b/inyoka/default_settings.py @@ -93,8 +93,6 @@ INYOKA_AKISMET_KEY = None INYOKA_AKISMET_URL = None INYOKA_AKISMET_DEFAULT_IS_SPAM = False -INYOKA_SPAM_COUNTER_TIMEOUT = 60 * 5 # seconds -INYOKA_SPAM_COUNTER_MAX = 5 INYOKA_SPAM_DETECT_LIMIT = 100 # restrictions for user avatar images From 73c4452377eedbe364a19bf23ea45f71bc453e3d Mon Sep 17 00:00:00 2001 From: Sebastian Wagner Date: Fri, 15 Mar 2019 20:45:31 +0100 Subject: [PATCH 6/6] spam detection: remove discard variuable from view form._spam_discard is no longer used --- inyoka/forum/views.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/inyoka/forum/views.py b/inyoka/forum/views.py index e24b2f43b..9f8184c83 100644 --- a/inyoka/forum/views.py +++ b/inyoka/forum/views.py @@ -617,8 +617,6 @@ def edit(request, forum_slug=None, topic_slug=None, post_id=None, if 'send' in request.POST and form.is_valid(): d = form.cleaned_data - is_spam_post = form._spam and not form._spam_discard - if not post: # not when editing an existing post doublepost = Post.objects \ .filter(author=request.user, text=d['text'], @@ -678,10 +676,10 @@ def edit(request, forum_slug=None, topic_slug=None, post_id=None, post.edit(d['text']) - if is_spam_post: + if form._spam: post.mark_spam(report=True, update_akismet=False) - if not is_spam_post: + if not form._spam: if newtopic: send_newtopic_notifications(request.user, post, topic, forum) elif not post_id: @@ -691,10 +689,10 @@ def edit(request, forum_slug=None, topic_slug=None, post_id=None, # page and send notifications. page.topic = topic page.save() - if not is_spam_post: + if not form._spam: send_discussion_notification(request.user, page) - if not is_spam_post: + if not form._spam: subscribed = Subscription.objects.user_subscribed(request.user, topic) if request.user.settings.get('autosubscribe', True) and not subscribed and not post_id: subscription = Subscription(user=request.user, content_object=topic)