about summary refs log tree commit diff
path: root/app/controllers
diff options
context:
space:
mode:
authorThibG <thib@sitedethib.com>2019-03-11 00:50:31 +0100
committerEugen Rochko <eugen@zeonfederated.com>2019-03-11 00:50:31 +0100
commit5506b9406db7847ffd0892a0cda1c042b3157a6a (patch)
tree54e841080c5df9c569d4b9363b5d48212309356f /app/controllers
parent3a92885a860df12b12d8356faf179a3fc63be6f2 (diff)
Avoid race conditions when creating backups (#10234)
Under load, multiple backups for a single user could be planned, which
is very expensive.
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/settings/exports_controller.rb18
1 files changed, 16 insertions, 2 deletions
diff --git a/app/controllers/settings/exports_controller.rb b/app/controllers/settings/exports_controller.rb
index 0135f2189..3012fbf77 100644
--- a/app/controllers/settings/exports_controller.rb
+++ b/app/controllers/settings/exports_controller.rb
@@ -13,11 +13,25 @@ class Settings::ExportsController < Settings::BaseController
   end
 
   def create
-    authorize :backup, :create?
+    raise Mastodon::NotPermittedError unless user_signed_in?
+
+    backup = nil
+
+    RedisLock.acquire(lock_options) do |lock|
+      if lock.acquired?
+        authorize :backup, :create?
+        backup = current_user.backups.create!
+      else
+        raise Mastodon::RaceConditionError
+      end
+    end
 
-    backup = current_user.backups.create!
     BackupWorker.perform_async(backup.id)
 
     redirect_to settings_export_path
   end
+
+  def lock_options
+    { redis: Redis.current, key: "backup:#{current_user.id}" }
+  end
 end