eBooru/app/models/ip_ban.rb

# frozen_string_literal: true

class IpBan < ApplicationRecord
  belongs_to_creator
  validates :reason, :ip_addr, presence: true
  validates :ip_addr, uniqueness: true
  validate :validate_ip_addr
  after_create do |rec|
    ModAction.log(:ip_ban_create, { ip_addr: rec.subnetted_ip, reason: rec.reason })
  end
  after_destroy do |rec|
    ModAction.log(:ip_ban_delete, { ip_addr: rec.subnetted_ip, reason: rec.reason })
  end

  def self.is_banned?(ip_addr)
    where("ip_addr >>= ?", ip_addr).exists?
  end

  def self.search(params)
    q = super

    if params[:ip_addr].present?
      q = q.where("ip_addr >>= ?", params[:ip_addr])
    end

    q = q.where_user(:creator_id, :banner, params)

    q = q.attribute_matches(:reason, params[:reason])

    q.apply_basic_order(params)
  end

  def validate_ip_addr
    if ip_addr.blank?
      errors.add(:ip_addr, "is invalid")
    elsif ip_addr.ipv4? && ip_addr.prefix < 24
      errors.add(:ip_addr, "may not have a subnet bigger than /24")
    elsif ip_addr.ipv6? && ip_addr.prefix < 64
      errors.add(:ip_addr, "may not have a subnet bigger than /64")
    elsif ip_addr.private? || ip_addr.loopback? || ip_addr.link_local?
      errors.add(:ip_addr, "must be a public address")
    end
  end

  def has_subnet?
    (ip_addr.ipv4? && ip_addr.prefix < 32) || (ip_addr.ipv6? && ip_addr.prefix < 128)
  end

  def subnetted_ip
    str = ip_addr.to_s
    str += "/#{ip_addr.prefix}" if has_subnet?
    str
  end
end
[RuboCop] Enable `Style/FrozenStringLiteralComment` This reduces allocations on the posts page by about 5%, from basic testing 2024-02-25 12:15:55 -05:00			`# frozen_string_literal: true`

Inherit models from ApplicationRecord instead of ActiveRecord::Base. 2017-06-14 22:27:53 -04:00			`class IpBan < ApplicationRecord`
Raise error on unpermitted params. Fail loudly if we forget to whitelist a param instead of silently ignoring it. misc models: convert to strong params. artist commentaries: convert to strong params. * Disallow changing or setting post_id to a nonexistent post. artists: convert to strong params. * Disallow setting `is_banned` in create/update actions. Changing it this way instead of with the ban/unban actions would leave the artist in a partially banned state. bans: convert to strong params. * Disallow changing the user_id after the ban has been created. comments: convert to strong params. favorite groups: convert to strong params. news updates: convert to strong params. post appeals: convert to strong params. post flags: convert to strong params. * Disallow users from setting the `is_deleted` / `is_resolved` flags. ip bans: convert to strong params. user feedbacks: convert to strong params. * Disallow users from setting `disable_dmail_notification` when creating feedbacks. * Disallow changing the user_id after the feedback has been created. notes: convert to strong params. wiki pages: convert to strong params. * Also fix non-Builders being able to delete wiki pages. saved searches: convert to strong params. pools: convert to strong params. * Disallow setting `post_count` or `is_deleted` in create/update actions. janitor trials: convert to strong params. post disapprovals: convert to strong params. * Factor out quick-mod bar to shared partial. * Fix quick-mod bar to use `Post#is_approvable?` to determine visibility of Approve button. dmail filters: convert to strong params. password resets: convert to strong params. user name change requests: convert to strong params. posts: convert to strong params. users: convert to strong params. * Disallow setting password_hash, last_logged_in_at, last_forum_read_at, has_mail, and dmail_filter_attributes[user_id]. * Remove initialize_default_image_size (dead code). uploads: convert to strong params. * Remove `initialize_status` because status already defaults to pending in the database. tag aliases/implications: convert to strong params. tags: convert to strong params. forum posts: convert to strong params. * Disallow changing the topic_id after creating the post. * Disallow setting is_deleted (destroy/undelete actions should be used instead). * Remove is_sticky / is_locked (nonexistent attributes). forum topics: convert to strong params. * merges https://github.com/evazion/danbooru/tree/wip-rails-5.1 * lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4) * switch to factorybot and change all references Co-authored-by: r888888888 <r888888888@gmail.com> Co-authored-by: evazion <noizave@gmail.com> add diffs 2018-04-02 13:51:26 -04:00			`belongs_to_creator`
Update validations to use new syntax 2019-09-05 08:59:51 -04:00			`validates :reason, :ip_addr, presence: true`
			`validates :ip_addr, uniqueness: true`
[IpBans] Add back missing validation 2022-04-13 02:24:44 -04:00			`validate :validate_ip_addr`
implement token bucket rate limiting 2017-01-06 18:40:49 -05:00			`after_create do \|rec\|`
[ModActions] Display ip ban subnet and reason 2023-04-06 09:49:46 -04:00			`ModAction.log(:ip_ban_create, { ip_addr: rec.subnetted_ip, reason: rec.reason })`
add additional mod actions 2017-01-03 19:02:36 -05:00			`end`
implement token bucket rate limiting 2017-01-06 18:40:49 -05:00			`after_destroy do \|rec\|`
[ModActions] Display ip ban subnet and reason 2023-04-06 09:49:46 -04:00			`ModAction.log(:ip_ban_delete, { ip_addr: rec.subnetted_ip, reason: rec.reason })`
add additional mod actions 2017-01-03 19:02:36 -05:00			`end`
Kill trailing whitespace in ruby files 2013-03-19 08:10:10 -04:00
separated out ip ban logic from regular bans, users can no longer register if an ip ban is in place 2010-03-18 17:55:57 -04:00			`def self.is_banned?(ip_addr)`
Fix #4106: Allow moderators to IP ban subnets. 2019-08-12 03:12:56 -04:00			`where("ip_addr >>= ?", ip_addr).exists?`
separated out ip ban logic from regular bans, users can no longer register if an ip ban is in place 2010-03-18 17:55:57 -04:00			`end`
Kill trailing whitespace in ruby files 2013-03-19 08:10:10 -04:00
refactored search 2013-01-10 17:45:52 -05:00			`def self.search(params)`
/janitor_trials, /ip_bans: fix default ordering. 2018-02-04 17:46:42 -05:00			`q = super`
Kill trailing whitespace in ruby files 2013-03-19 08:10:10 -04:00
more robust validation for ip bans 2013-02-23 11:16:23 -05:00			`if params[:ip_addr].present?`
[Admin] Expose and improve ip ban search 2023-03-01 13:25:19 -05:00			`q = q.where("ip_addr >>= ?", params[:ip_addr])`
refactored search 2013-01-10 17:45:52 -05:00			`end`
Kill trailing whitespace in ruby files 2013-03-19 08:10:10 -04:00
[Search] Unify user lookup There was lots of duplication between id/name searching, with a plethora of different approaches. Now it's all in one place. A few places that didn't have name/id search previously now do. 2023-08-03 16:01:53 -04:00			`q = q.where_user(:creator_id, :banner, params)`
[Admin] Expose and improve ip ban search 2023-03-01 13:25:19 -05:00
			`q = q.attribute_matches(:reason, params[:reason])`

[Search] Allow ascending order for IDs 2023-07-07 08:32:57 -04:00			`q.apply_basic_order(params)`
refactored search 2013-01-10 17:45:52 -05:00			`end`
Fix #4106: Allow moderators to IP ban subnets. 2019-08-12 03:12:56 -04:00
			`def validate_ip_addr`
			`if ip_addr.blank?`
[Rails] More deprecation warnings 2021-02-07 21:56:22 -05:00			`errors.add(:ip_addr, "is invalid")`
Fix #4106: Allow moderators to IP ban subnets. 2019-08-12 03:12:56 -04:00			`elsif ip_addr.ipv4? && ip_addr.prefix < 24`
[Rails] More deprecation warnings 2021-02-07 21:56:22 -05:00			`errors.add(:ip_addr, "may not have a subnet bigger than /24")`
Fix #4106: Allow moderators to IP ban subnets. 2019-08-12 03:12:56 -04:00			`elsif ip_addr.ipv6? && ip_addr.prefix < 64`
[Rails] More deprecation warnings 2021-02-07 21:56:22 -05:00			`errors.add(:ip_addr, "may not have a subnet bigger than /64")`
Fix #4106: Allow moderators to IP ban subnets. 2019-08-12 03:12:56 -04:00			`elsif ip_addr.private? \|\| ip_addr.loopback? \|\| ip_addr.link_local?`
[Rails] More deprecation warnings 2021-02-07 21:56:22 -05:00			`errors.add(:ip_addr, "must be a public address")`
Fix #4106: Allow moderators to IP ban subnets. 2019-08-12 03:12:56 -04:00			`end`
			`end`

			`def has_subnet?`
			`(ip_addr.ipv4? && ip_addr.prefix < 32) \|\| (ip_addr.ipv6? && ip_addr.prefix < 128)`
			`end`

			`def subnetted_ip`
			`str = ip_addr.to_s`
[Admin] Expose and improve ip ban search 2023-03-01 13:25:19 -05:00			`str += "/#{ip_addr.prefix}" if has_subnet?`
Fix #4106: Allow moderators to IP ban subnets. 2019-08-12 03:12:56 -04:00			`str`
			`end`
separated out ip ban logic from regular bans, users can no longer register if an ip ban is in place 2010-03-18 17:55:57 -04:00			`end`