From b708f5ea036b4fb9d91ee122c77cb3359a3c47b6 Mon Sep 17 00:00:00 2001 From: Toks Date: Thu, 22 Oct 2015 20:14:43 -0400 Subject: [PATCH] Don't allow banned ip addresses to make changes Previously banned ip addresses couldn't make new accounts, but if they get an account somehow the ip ban wouldn't prevent them from making edits. --- app/controllers/application_controller.rb | 2 +- app/logical/anonymous_user.rb | 4 ++++ app/models/user.rb | 4 ++++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 7b329fb07..c43ae964b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -118,7 +118,7 @@ protected %w(member banned builder gold platinum janitor moderator admin).each do |level| define_method("#{level}_only") do - if !CurrentUser.user.is_banned? && CurrentUser.user.__send__("is_#{level}?") + if !CurrentUser.user.is_banned_or_ip_banned? && CurrentUser.user.__send__("is_#{level}?") true else access_denied() diff --git a/app/logical/anonymous_user.rb b/app/logical/anonymous_user.rb index 752999fc4..accfadd24 100644 --- a/app/logical/anonymous_user.rb +++ b/app/logical/anonymous_user.rb @@ -40,6 +40,10 @@ class AnonymousUser false end + def is_banned_or_ip_banned? + false + end + def has_mail? false end diff --git a/app/models/user.rb b/app/models/user.rb index a2a8065ca..ba94c6d49 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -75,6 +75,10 @@ class User < ActiveRecord::Base accepts_nested_attributes_for :dmail_filter module BanMethods + def is_banned_or_ip_banned? + return is_banned? || IpBan.is_banned?(CurrentUser.ip_addr) + end + def validate_ip_addr_is_not_banned if IpBan.is_banned?(CurrentUser.ip_addr) self.errors[:base] << "IP address is banned"