From 4c565b443e878b923839122a36dcffe7db5fa54d Mon Sep 17 00:00:00 2001
From: r888888888 <r888888888@gmail.com>
Date: Fri, 15 Sep 2017 15:13:01 -0700
Subject: [PATCH] add 24 hour window for repeating an ip addr for account
 creation (ref #3301)

---
 app/models/user.rb     | 14 +++++---------
 test/unit/user_test.rb | 14 ++++++++++++++
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index e055dd37c..b3c1e75fa 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -64,6 +64,7 @@ class User < ApplicationRecord
   validates_presence_of :email, :if => lambda {|rec| rec.new_record? && Danbooru.config.enable_email_verification?}
   validates_presence_of :comment_threshold
   validate :validate_ip_addr_is_not_banned, :on => :create
+  validate :validate_sock_puppets, :on => :create
   before_validation :normalize_blacklisted_tags
   before_validation :set_per_page
   before_validation :normalize_email
@@ -884,15 +885,10 @@ class User < ApplicationRecord
     end
   end
 
-  module SockPuppetMethods
-    def notify_sock_puppets
-      sock_puppet_suspects.each do |user|
-      end
-    end
-
-    def sock_puppet_suspects
-      if last_ip_addr.present?
-        User.where(:last_ip_addr => last_ip_addr)
+  concerning :SockPuppetMethods do
+    def validate_sock_puppets
+      if User.where(last_ip_addr: CurrentUser.ip_addr).where("created_at > ?", 1.day.ago).exists?
+        errors.add(:last_ip_addr, "was used recently for another account and cannot be reused for another day")
       end
     end
   end
diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
index 1ef2320e6..8cd53246e 100644
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@@ -298,6 +298,20 @@ class UserTest < ActiveSupport::TestCase
       end
     end
 
+    context "that might be a sock puppet" do
+      setup do
+        @user = FactoryGirl.create(:user, last_ip_addr: "127.0.0.2")
+      end
+
+      should "not validate" do
+        CurrentUser.scoped(nil, "127.0.0.2") do
+          @user = FactoryGirl.build(:user)
+          @user.save
+          assert_equal(["Last ip addr was used recently for another account and cannot be reused for another day"], @user.errors.full_messages)
+        end
+      end
+    end
+
     context "when searched by name" do
       should "match wildcards" do
         user1 = FactoryGirl.create(:user, :name => "foo")