From de79b2a3adf3f9e7c45f1bae20f8e7a5c46871e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ma=C3=ABl=20Gangloff?= Date: Sun, 4 Aug 2024 22:00:20 +0200 Subject: [PATCH] feat: register the same domain name twice with limited mode --- assets/components/tracking/WatchlistForm.tsx | 1 + src/Controller/DomainRefreshController.php | 2 +- src/Controller/WatchListController.php | 26 +++++++++++++++++++- 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/assets/components/tracking/WatchlistForm.tsx b/assets/components/tracking/WatchlistForm.tsx index d68b521..1b76c5c 100644 --- a/assets/components/tracking/WatchlistForm.tsx +++ b/assets/components/tracking/WatchlistForm.tsx @@ -71,6 +71,7 @@ export function WatchlistForm({form, connectors, onCreateWatchlist}: { isDebug()) { + if (false === $kernel->isDebug() && true === $this->getParameter('limited_features')) { $limiter = $this->authenticatedApiLimiter->create($userId); if (false === $limiter->consume()->isAccepted()) { $this->logger->warning('User {username} was rate limited by the API.', [ diff --git a/src/Controller/WatchListController.php b/src/Controller/WatchListController.php index 4bbbb1a..4287859 100644 --- a/src/Controller/WatchListController.php +++ b/src/Controller/WatchListController.php @@ -30,6 +30,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Symfony\Component\Routing\Attribute\Route; use Symfony\Component\Serializer\SerializerInterface; @@ -58,12 +59,35 @@ public function __construct( public function createWatchList(Request $request): WatchList { $watchList = $this->serializer->deserialize($request->getContent(), WatchList::class, 'json', ['groups' => 'watchlist:create']); + /** @var User $user */ $user = $this->getUser(); $watchList->setUser($user); - $this->logger->info('User {username} register a Watchlist.', [ + /* + * In the limited version, we do not want a user to be able to register the same domain more than once in their watchlists. + * This policy guarantees the equal probability of obtaining a domain name if it is requested by several users. + */ + if ($this->getParameter('limited_features')) { + /** @var Domain[] $trackedDomains */ + $trackedDomains = $user->getWatchLists()->reduce(fn (array $acc, WatchList $watchList) => [...$acc, ...$watchList->getDomains()->toArray()], []); + + /** @var Domain $domain */ + foreach ($watchList->getDomains()->getIterator() as $domain) { + if (in_array($domain, $trackedDomains)) { + $this->logger->notice('User {username} tried to create a watchlist with domain name {ldhName}. However, it is forbidden to register the same domain name twice with limited mode.', [ + 'username' => $user->getUserIdentifier(), + 'ldhName' => $domain->getLdhName(), + ]); + + throw new AccessDeniedHttpException('It is forbidden to register the same domain name twice in your watchlists with limited mode.'); + } + } + } + + $this->logger->info('User {username} register a Watchlist ({token}).', [ 'username' => $user->getUserIdentifier(), + 'token' => $watchList->getToken(), ]); $this->em->persist($watchList);