Bug 1183975 - limit the number of accounts a new user can add to any multi-user field

author: Byron Jones <glob@mozilla.com> 2015-07-15 09:02:19 +0200
committer: Byron Jones <glob@mozilla.com> 2015-07-15 09:02:19 +0200
commit: e2635d9f405ec8b6f22b58d2ec1ec72c22d91df2 (patch)
tree: c502cfb9479ee53c811d0e0cb5dd0e590ea7ce94 /extensions/AntiSpam/Extension.pm
parent: 7a87266845224adb56547f775ddbb01914a73d7f (diff)
download: bugzilla-e2635d9f405ec8b6f22b58d2ec1ec72c22d91df2.tar.gz
bugzilla-e2635d9f405ec8b6f22b58d2ec1ec72c22d91df2.tar.xz
1 files changed, 20 insertions, 7 deletions
diff --git a/extensions/AntiSpam/Extension.pm b/extensions/AntiSpam/Extension.pm
index d8981071c..ad8914bd0 100644
--- a/extensions/AntiSpam/Extension.pm
+++ b/extensions/AntiSpam/Extension.pm
@@ -126,9 +126,13 @@ sub _ip_blocking {
 }
 
 #
-# cc count restrictions
+# cc/flag/etc count restrictions
 #
 
+sub _is_limited_user {
+    return Bugzilla->user->creation_age < Bugzilla->params->{antispam_multi_user_limit_age};
+}
+
 sub bug_before_create {
     my ($self, $args) = @_;
     $self->_cc_limit($args->{params}, 'cc');
@@ -141,15 +145,12 @@ sub bug_start_of_set_all {
 
 sub _cc_limit {
     my ($self, $params, $cc_field) = @_;
+    return unless _is_limited_user();
     return unless exists $params->{$cc_field};
 
-    my $user = Bugzilla->user;
     my $cc_count = ref($params->{$cc_field}) ? scalar(@{ $params->{$cc_field} }) : 1;
-    my $limit_count = Bugzilla->params->{antispam_cc_limit_count};
-    my $limit_age = Bugzilla->params->{antispam_cc_limit_age};
-
-    if ($cc_count > $limit_count && $user->creation_age < $limit_age) {
-        _syslog(sprintf("[audit] blocked <%s> from CC'ing %s users", $user->login, $cc_count));
+    if ($cc_count > Bugzilla->params->{antispam_multi_user_limit_count}) {
+        _syslog(sprintf("[audit] blocked <%s> from CC'ing %s users", Bugzilla->user->login, $cc_count));
         delete $params->{$cc_field};
         if (exists $params->{cc} && exists $params->{cc}->{add}) {
             delete $params->{cc}->{add};
@@ -157,6 +158,18 @@ sub _cc_limit {
     }
 }
 
+sub bug_set_flags {
+    my ($self, $args) = @_;
+    return unless _is_limited_user();
+
+    my $flag_count = @{ $args->{new_flags} };
+    if ($flag_count > Bugzilla->params->{antispam_multi_user_limit_count}) {
+        _syslog(sprintf("[audit] blocked <%s> from flaging %s users", Bugzilla->user->login, $flag_count));
+        # empty the arrayref
+        $#{ $args->{new_flags} } = -1;
+    }
+}
+
 #
 # spam user disabling
 #
author	Byron Jones <glob@mozilla.com>	2015-07-15 09:02:19 +0200
committer	Byron Jones <glob@mozilla.com>	2015-07-15 09:02:19 +0200
commit	e2635d9f405ec8b6f22b58d2ec1ec72c22d91df2 (patch)
tree	c502cfb9479ee53c811d0e0cb5dd0e590ea7ce94 /extensions/AntiSpam/Extension.pm
parent	7a87266845224adb56547f775ddbb01914a73d7f (diff)
download	bugzilla-e2635d9f405ec8b6f22b58d2ec1ec72c22d91df2.tar.gz bugzilla-e2635d9f405ec8b6f22b58d2ec1ec72c22d91df2.tar.xz