diff --git a/app/models/dmail.rb b/app/models/dmail.rb index dafdc9f47..3a5f78c89 100644 --- a/app/models/dmail.rb +++ b/app/models/dmail.rb @@ -1,6 +1,7 @@ require 'digest/sha1' class Dmail < ApplicationRecord + validate :validate_sender_is_not_limited, on: :create validates_presence_of :title, :body, on: :create belongs_to :owner, :class_name => "User" @@ -153,6 +154,14 @@ class Dmail < ApplicationRecord owner == to end + def validate_sender_is_not_limited + return if from.is_gold? + + if from.dmails.where("created_at > ?", 1.hour.ago).group(:to).reorder(nil).count.size >= 10 + errors[:base] << "You can't send dmails to more than 10 users per hour" + end + end + def autoreport_spam if is_recipient? && SpamDetector.new(self).spam? self.is_deleted = true diff --git a/test/unit/dmail_test.rb b/test/unit/dmail_test.rb index 716b02867..141fd8fee 100644 --- a/test/unit/dmail_test.rb +++ b/test/unit/dmail_test.rb @@ -69,7 +69,7 @@ class DmailTest < ActiveSupport::TestCase should "create a copy for each user" do @new_user = FactoryBot.create(:user) assert_difference("Dmail.count", 2) do - Dmail.create_split(from: CurrentUser.user, creator_ip_addr: "127.0.0.1", to_id: @new_user.id, title: "foo", body: "foo") + Dmail.create_split(from: CurrentUser.user, creator_ip_addr: "127.0.0.1", to: @new_user, title: "foo", body: "foo") end end @@ -104,6 +104,21 @@ class DmailTest < ActiveSupport::TestCase end end + context "sending a dmail" do + should "fail if the user has sent too many dmails recently" do + 10.times do + Dmail.create_split(from: @user, to: create(:user), title: "blah", body: "blah", creator_ip_addr: "127.0.0.1") + end + + assert_no_difference("Dmail.count") do + @dmail = Dmail.create_split(from: @user, to: create(:user), title: "blah", body: "blah", creator_ip_addr: "127.0.0.1") + + assert_equal(false, @dmail.valid?) + assert_equal(["You can't send dmails to more than 10 users per hour"], @dmail.errors[:base]) + end + end + end + context "destroying a dmail" do setup do @recipient = create(:user)