feat: register the same domain name twice with limited mode

maelgangloff · Aug 4, 2024 · de79b2a · de79b2a
1 parent c89cd6c
commit de79b2a
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 2 deletions.
diff --git a/assets/components/tracking/WatchlistForm.tsx b/assets/components/tracking/WatchlistForm.tsx
@@ -71,6 +71,7 @@ export function WatchlistForm({form, connectors, onCreateWatchlist}: {
             <Input placeholder={t`Watchlist Name`}
                    title={t`Naming the Watchlist makes it easier to find in the list below.`}
                    autoComplete='off'
+                   autoFocus
             />
         </Form.Item>
         <Form.List

diff --git a/src/Controller/DomainRefreshController.php b/src/Controller/DomainRefreshController.php
@@ -62,7 +62,7 @@ public function __invoke(string $ldhName, KernelInterface $kernel): ?Domain
             return $domain;
         }
 
-        if (false === $kernel->isDebug()) {
+        if (false === $kernel->isDebug() && true === $this->getParameter('limited_features')) {
             $limiter = $this->authenticatedApiLimiter->create($userId);
             if (false === $limiter->consume()->isAccepted()) {
                 $this->logger->warning('User {username} was rate limited by the API.', [

diff --git a/src/Controller/WatchListController.php b/src/Controller/WatchListController.php
@@ -30,6 +30,7 @@
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\Routing\Attribute\Route;
 use Symfony\Component\Serializer\SerializerInterface;
 
@@ -58,12 +59,35 @@ public function __construct(
     public function createWatchList(Request $request): WatchList
     {
         $watchList = $this->serializer->deserialize($request->getContent(), WatchList::class, 'json', ['groups' => 'watchlist:create']);
+
         /** @var User $user */
         $user = $this->getUser();
         $watchList->setUser($user);
 
-        $this->logger->info('User {username} register a Watchlist.', [
+        /*
+         * In the limited version, we do not want a user to be able to register the same domain more than once in their watchlists.
+         * This policy guarantees the equal probability of obtaining a domain name if it is requested by several users.
+         */
+        if ($this->getParameter('limited_features')) {
+            /** @var Domain[] $trackedDomains */
+            $trackedDomains = $user->getWatchLists()->reduce(fn (array $acc, WatchList $watchList) => [...$acc, ...$watchList->getDomains()->toArray()], []);
+
+            /** @var Domain $domain */
+            foreach ($watchList->getDomains()->getIterator() as $domain) {
+                if (in_array($domain, $trackedDomains)) {
+                    $this->logger->notice('User {username} tried to create a watchlist with domain name {ldhName}. However, it is forbidden to register the same domain name twice with limited mode.', [
+                        'username' => $user->getUserIdentifier(),
+                        'ldhName' => $domain->getLdhName(),
+                    ]);
+
+                    throw new AccessDeniedHttpException('It is forbidden to register the same domain name twice in your watchlists with limited mode.');
+                }
+            }
+        }
+
+        $this->logger->info('User {username} register a Watchlist ({token}).', [
             'username' => $user->getUserIdentifier(),
+            'token' => $watchList->getToken(),
         ]);
 
         $this->em->persist($watchList);