Add rate limit for reporting (#13390)

author: Eugen Rochko <eugen@zeonfederated.com> 2020-04-05 14:40:08 +0200
committer: GitHub <noreply@github.com> 2020-04-05 14:40:08 +0200
commit: c9efb400b429696d1ee5464931f7f62e38edf1d6 (patch)
tree: 9c38b0e2b1ea36c45815c9895cfc8ae351dca827
parent: eea0cd8fadf55e59829f2b7cd9eb027e569c0a2e (diff)
3 files changed, 8 insertions, 3 deletions
diff --git a/app/controllers/api/v1/reports_controller.rb b/app/controllers/api/v1/reports_controller.rb
index 66c40f6f4..e10083d45 100644
--- a/app/controllers/api/v1/reports_controller.rb
+++ b/app/controllers/api/v1/reports_controller.rb
@@ -4,6 +4,8 @@ class Api::V1::ReportsController < Api::BaseController
   before_action -> { doorkeeper_authorize! :write, :'write:reports' }, only: [:create]
   before_action :require_user!
 
+  override_rate_limit_headers :create, family: :reports
+
   def create
     @report = ReportService.new.call(
       current_account,
diff --git a/app/lib/rate_limiter.rb b/app/lib/rate_limiter.rb
index 68dae9add..0e2c9a894 100644
--- a/app/lib/rate_limiter.rb
+++ b/app/lib/rate_limiter.rb
@@ -14,9 +14,9 @@ class RateLimiter
       period: 3.hours.freeze,
     }.freeze,
 
-    media: {
-      limit: 30,
-      period: 30.minutes.freeze,
+    reports: {
+      limit: 400,
+      period: 24.hours.freeze,
     }.freeze,
   }.freeze
 
diff --git a/app/models/report.rb b/app/models/report.rb
index 356c23d68..f31bcfd2e 100644
--- a/app/models/report.rb
+++ b/app/models/report.rb
@@ -18,6 +18,9 @@
 
 class Report < ApplicationRecord
   include Paginable
+  include RateLimitable
+
+  rate_limit by: :account, family: :reports
 
   belongs_to :account
   belongs_to :target_account, class_name: 'Account'
author	Eugen Rochko <eugen@zeonfederated.com>	2020-04-05 14:40:08 +0200
committer	GitHub <noreply@github.com>	2020-04-05 14:40:08 +0200
commit	c9efb400b429696d1ee5464931f7f62e38edf1d6 (patch)
tree	9c38b0e2b1ea36c45815c9895cfc8ae351dca827
parent	eea0cd8fadf55e59829f2b7cd9eb027e569c0a2e (diff)